From 7de7949dd3566e3a1f3e001e5c218961a089eb2e Mon Sep 17 00:00:00 2001 From: =?utf8?q?C=C3=A1ssio=20Gabriel?= Date: Sat, 24 Jan 2026 12:59:07 -0300 Subject: [PATCH] Create the Network infra The following was created: 1. VPC 2. Subnets 3. IGW 4. NAT 5. Route tables --- assessment/terraform/main.tf | 104 ++++++++++++++++++++++++++++++ assessment/terraform/variables.tf | 21 ++++++ 2 files changed, 125 insertions(+) diff --git a/assessment/terraform/main.tf b/assessment/terraform/main.tf index e69de29..16ad0ea 100644 --- a/assessment/terraform/main.tf +++ b/assessment/terraform/main.tf @@ -0,0 +1,104 @@ +# VPC +resource "aws_vpc" "this" { + cidr_block = var.vpc_cidr + enable_dns_support = true + enable_dns_hostnames = true + + tags = { + Name = "security-assessment-vpc" + } +} + +# Public subnets +resource "aws_subnet" "public" { + count = length(var.public_subnets_cidr) + vpc_id = aws_vpc.this.id + cidr_block = var.public_subnets_cidr[count.index] + availability_zone = var.availability_zones[count.index] + map_public_ip_on_launch = true + + tags = { + Name = "public-subnet-${count.index + 1}" + } +} + +# Private subnets +resource "aws_subnet" "private" { + count = length(var.private_subnets_cidr) + vpc_id = aws_vpc.this.id + cidr_block = var.private_subnets_cidr[count.index] + availability_zone = var.availability_zones[count.index] + + tags = { + Name = "private-subnet-${count.index + 1}" + } +} + +# IGW +resource "aws_internet_gateway" "this" { + vpc_id = aws_vpc.this.id + + tags = { + Name = "security-assessment-igw" + } +} + +# Elastic IP +resource "aws_eip" "nat" { + domain = "vpc" +} + +# NAT Gateway attached to the public subnet +resource "aws_nat_gateway" "this" { + allocation_id = aws_eip.nat.id + subnet_id = aws_subnet.public[0].id + + tags = { + Name = "security-assessment-nat" + } + + depends_on = [aws_internet_gateway.this] +} + +# Public route table +resource "aws_route_table" "public" { + vpc_id = aws_vpc.this.id + + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.this.id + } + + tags = { + Name = "public-rt" + } +} + +# Associate public subnets +resource "aws_route_table_association" "public" { + count = length(aws_subnet.public) + subnet_id = aws_subnet.public[count.index].id + route_table_id = aws_route_table.public.id +} + +# Private route table +resource "aws_route_table" "private" { + vpc_id = aws_vpc.this.id + + route { + cidr_block = "0.0.0.0/0" + nat_gateway_id = aws_nat_gateway.this.id + } + + tags = { + Name = "private-rt" + } +} + +# Associate private subnets +resource "aws_route_table_association" "private" { + count = length(aws_subnet.private) + subnet_id = aws_subnet.private[count.index].id + route_table_id = aws_route_table.private.id +} + diff --git a/assessment/terraform/variables.tf b/assessment/terraform/variables.tf index ae60318..1a4b052 100644 --- a/assessment/terraform/variables.tf +++ b/assessment/terraform/variables.tf @@ -3,3 +3,24 @@ variable "aws_region" { type = string default = "us-east-1" } + +variable "vpc_cidr" { + type = string + default = "10.0.0.0/16" +} + +variable "public_subnets_cidr" { + type = list(string) + default = ["10.0.1.0/24", "10.0.2.0/24"] +} + +variable "private_subnets_cidr" { + type = list(string) + default = ["10.0.101.0/24", "10.0.102.0/24"] +} + +variable "availability_zones" { + type = list(string) + default = ["us-east-1a", "us-east-1b"] +} + -- 2.34.1