ajout de quelques fichiers de config

environments/dev/main.tf

@@ -0,0 +1,37 @@
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 6.0"
+    }
+  }
+}
+
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+
+module "network" {
+  source = "./modules/network"
+  
+  # Variables d'entrée
+  project_name = var.project_name
+  region      = var.region
+}
+
+module "iam" {
+  source = "./modules/iam"
+  
+  # Variables d'entrée
+  project_name = var.project_name
+  region      = var.region
+}
+
+module "compute" {
+  source = "./modules/compute"
+  
+  # Variables d'entrée
+  project_name = var.project_name
+  region      = var.region
+}

environments/dev/variables.tf

@@ -0,0 +1,12 @@
+variable "projet_id" {
+  description = "ID du projet GCP"
+  type        = string
+  default     = "automatisation-tp1"
+}
+
+variable "region" {
+  description = "region des vms"
+  type        = string
+  default     = "europe-west1-b"
+}
+

modules/network/main.tf

@@ -0,0 +1,75 @@
+resource "google_compute_network" "vpc" {
+  name                    = "vpc-terra"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "front" {
+  name          = "frontend"
+  network       = google_compute_network.vpc.id
+  ip_cidr_range = "10.0.1.0/24"
+  region        = "europe-west1-b"
+}
+
+resource "google_compute_subnetwork" "backend" {
+  name          = "backend"
+  network       = google_compute_network.vpc.id
+  ip_cidr_range = "10.0.2.0/24"
+  region        = "europe-west1-b"
+}
+
+resource "google_compute_subnetwork" "database" {
+  name          = "database"
+  network       = google_compute_network.vpc.id
+  ip_cidr_range = "10.0.3.0/24"
+  region        = "europe-west1"
+}
+
+resource "google_compute_firewall" "allow_http" {
+  name    = "allow-http"
+  network = google_compute_network.vpc.id
+
+  allow {
+    protocol = "tcp"
+    ports    = ["80", "443"]
+  }
+  target_tags   = ["frontend"]
+}
+
+resource "google_compute_firewall" "allow_ssh" {
+  name    = "allow-ssh"
+  network = google_compute_network.vpc.id
+
+  allow {
+    protocol = "tcp"
+    ports    = ["22"]
+  }
+source_ranges = [var.ssh_source_ranges]
+
+}
+
+
+resource "google_compute_firewall" "front-to-back" {
+  name    = "front-to-back"
+  network = google_compute_network.vpc.id
+
+  allow {
+    protocol = "tcp"
+    ports    = ["8000"]
+  }
+  source_ranges = [ var.frontend_cidr ]
+  target_tags   = ["backend"]
+}
+
+resource "google_compute_firewall" "back-to-data" {
+  name    = "back-to-data"
+  network = google_compute_network.vpc.id
+
+  allow {
+    protocol = "tcp"
+    ports    = ["3306"]
+  }
+  source_ranges = [ var.backend_cidr ]
+  target_tags   = ["database"]
+}
+
+

modules/network/variables.tf

@@ -0,0 +1,36 @@
+# modules/network/variables.tf
+
+variable "project_name" {
+  description = "Nom du projet Google Cloud"
+  type        = string
+  default     = "automatisation-tp1"
+}
+
+variable "region" {
+  description = "Région Google Cloud"
+  type        = string
+}
+
+variable "frontend_cidr" {
+  description = "Bloc CIDR pour le sous-réseau frontend"
+  type        = string
+  default     = "10.0.1.0/24"
+}
+
+variable "backend_cidr" {
+  description = "Bloc CIDR pour le sous-réseau backend"
+  type        = string
+  default     = "10.0.2.0/24"
+}
+
+variable "database_cidr" {
+  description = "Bloc CIDR pour le sous-réseau database"
+  type        = string
+  default     = "10.0.3.0/24"
+}
+
+variable "ssh_source_ranges" {
+  description = "source ranges"
+  type        = string
+  default     = "0.0.0.0/0"
+}