Launching Webpage on AWS using EFS Service

Task :-

1. Create Security group which allow the port 80.

What is EFS??

#provider
provider "aws" {
profile = "username"
region = "ap-south-1"
}
# vpc
resource “aws_vpc” “vpc” {
cidr_block = “10.0.0.0/16”
enable_dns_support = true
enable_dns_hostnames = true
tags= {
Name = “task2_vpc”
}
}
# subnet
resource “aws_subnet” “subnet” {
depends_on = [
aws_vpc.vpc
]
vpc_id = aws_vpc.vpc.id
availability_zone = “ap-south-1a”
cidr_block = “10.0.1.0/24”
map_public_ip_on_launch = true
tags= {
Name = “task2_subnet”
}
}
# internet gateway
resource “aws_internet_gateway” “ig” {
depends_on = [
aws_vpc.vpc
]
vpc_id = aws_vpc.vpc.id
tags = {
Name = “task2_ig”
}
}
# route table
resource “aws_route_table” “route” {
depends_on = [
aws_vpc.vpc
]
vpc_id = aws_vpc.vpc.id
route {
cidr_block = “0.0.0.0/0”
gateway_id = aws_internet_gateway.ig.id
}
tags = {
Name = “task2_route”
}
}
# route association
resource “aws_route_table_association” “association” {
depends_on = [
aws_subnet.subnet
]
subnet_id = aws_subnet.subnet.id
route_table_id = aws_route_table.route.id
}
#securitygroup
resource “aws_security_group” “sg1” {
name = “task2_sg”
description = “Communication-efs”
vpc_id = aws_vpc.vpc.id
ingress {
from_port = 0
to_port = 0
protocol = “-1”
cidr_blocks = [“0.0.0.0/0”]
}
egress {
from_port = 0
to_port = 0
protocol = “-1”
cidr_blocks = [“0.0.0.0/0”]
}
tags = {
Name = “task2_sg”
}
}
# create efs
resource “aws_efs_file_system” “efs” {
creation_token = “tf-EFS-task2”
tags = {
Name = “Tak2_EFS”
}
}
# mount efs
resource “aws_efs_mount_target” “mount” {
depends_on = [
aws_efs_file_system.efs,
aws_subnet.subnet,
aws_security_group.sg1
]
file_system_id = aws_efs_file_system.efs.id
subnet_id = aws_subnet.subnet.id
security_groups = [aws_security_group.sg1.id]
}
# access point efs
resource “aws_efs_access_point” “efs_access” {
depends_on = [
aws_efs_file_system.efs,
]
file_system_id = aws_efs_file_system.efs.id
}
#ec2 instance launch
resource “aws_instance” “task2_ec2_webserver” {
depends_on = [
aws_vpc.vpc,
aws_subnet.subnet,
aws_efs_file_system.efs,
]
ami = “ami-08706cb5f68222d09”
instance_type = “t2.micro”
subnet_id = aws_subnet.subnet.id
security_groups = [ aws_security_group.sg1.id ]
key_name = “mynewkey”

connection {
type = “ssh”
user = “ec2-user”
private_key = file(“C:/Users/Arifiya khan/Desktop/Cloud_Credentials/mynewkey.pem”)
host = aws_instance.task2_ec2_webserver.public_ip
}
provisioner “remote-exec” {
inline = [
“sudo su <<END”,
“yum install git php httpd amazon-efs-utils -y”,
“rm -rf /var/www/html/*”,
“/usr/sbin/httpd”,
“efs_id=${aws_efs_file_system.efs.id}”,
“mount -t efs $efs_id:/ /var/www/html”,
“git clone https://github.com/Arifiya-khan/terraform_task.git
/var/www/html/",
“END”,
]
}
tags = {
Name = “webserver”
}
}
# s3 bucket
resource “aws_s3_bucket” “tf_s3bucket” {
bucket = “task2-bucket-s3”
acl = “public-read”
tags = {
Name = “task2-bucket-s3”
}
}
# adding object to s3
resource “aws_s3_bucket_object” “S3_image_upload” {
depends_on = [
aws_s3_bucket.tf_s3bucket,
]
bucket = aws_s3_bucket.tf_s3bucket.bucket
key = “maxresdefault.jpg”
source = “C:/Users/Arifiya khan/Desktop/maxresdefault.jpg”
acl = “public-read”
}
# cloudfront variable
variable “oid” {
type = string
default = “S3-”
}
locals {
s3_origin_id = “${var.oid}${aws_s3_bucket.tf_s3bucket.id}”
}
# cloudfront distribution
resource “aws_cloudfront_distribution” “S3_distribution” {
depends_on = [
aws_s3_bucket_object.S3_image_upload,
]
origin {
domain_name = “${aws_s3_bucket.tf_s3bucket.bucket_regional_domain_name}”
origin_id = “${local.s3_origin_id}”
}
enabled = true
default_cache_behavior {
allowed_methods = [“DELETE”, “GET”, “HEAD”, “OPTIONS”, “PATCH”, “POST”, “PUT”]
cached_methods = [“GET”, “HEAD”]
target_origin_id = “${local.s3_origin_id}”
forwarded_values {
query_string = false
cookies {
forward = “none”
}
}
viewer_protocol_policy = “allow-all”
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
restrictions {
geo_restriction {
restriction_type = “none”
}
}
viewer_certificate {
cloudfront_default_certificate = true
}
connection {
type = “ssh”
user = “ec2-user”
private_key = file(“C:/Users/Arifiya khan/Desktop/Cloud_Credentials/mynewkey.pem”)
host = aws_instance.task2_ec2_webserver.public_ip
}
provisioner “remote-exec” {
inline = [
“sudo su <<END”,
“sudo echo \”<img src=’http://${aws_cloudfront_distribution.S3_distribution.domain_name}/${aws_s3_bucket_object.S3_image_upload.key}' height=’200' width=’200' >\” >> /var/www/html/index.php”,
“END”,
]
}
}
#opening via chrome
resource “null_resource” “website” {
depends_on = [
aws_cloudfront_distribution.S3_distribution,
]
provisioner “local-exec” {
command = “start chrome http://${aws_instance.task2_ec2_webserver.public_ip}/"
}
}
WebPage