AFS
/
xdr-terraform-modules


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
							resource "aws_placement_group" "interconnects" {
  # Distribute them
  name     = "interconnects"
  strategy = "spread"
}

resource "aws_network_interface" "interconnects" {
  count = var.interconnects_count
  subnet_id = var.subnet_id_map["untrusted"][count.index % 2]
  security_groups = [ aws_security_group.interconnects_sg.id ]
  source_dest_check = false
  private_ips_count = 0
  description = "XDR Interconnect ${count.index}"
  tags = {
    Name = "interconnect-${count.index}"
  }
}

resource "aws_eip" "interconnects" {
  count = var.interconnects_count
  vpc = true
  tags = {
    Name = "interconnect-${count.index}"
  }
}

resource "aws_eip_association" "interconnects" {
  count = var.interconnects_count
  network_interface_id = aws_network_interface.interconnects[count.index].id
  allocation_id = aws_eip.interconnects[count.index].id
}

output "ami" {
  value = var.default_ami
}

resource "aws_instance" "interconnects" {
  count = var.interconnects_count
  availability_zone = var.azs[count.index % 2]
  placement_group = aws_placement_group.interconnects.id
  tenancy = "default"
  ebs_optimized = true
  disable_api_termination = var.instance_termination_protection
  instance_initiated_shutdown_behavior = "stop"
  instance_type = var.interconnects_instance_type
  key_name = var.interconnects_key_name
  monitoring = false

  ami = var.default_ami
  lifecycle { ignore_changes = [ ami ] }

  tags = merge(
    var.standard_tags,
    var.tags,
    { 
      Name = "interconnect-${count.index}"
    }
  )

  root_block_device {
      volume_type = "gp2"
      #volume_size = "60"
      delete_on_termination = true
  }

  network_interface {
    device_index = 0
    network_interface_id = aws_network_interface.interconnects[count.index].id
  }

  user_data = data.template_cloudinit_config.cloud-init[count.index].rendered
  iam_instance_profile = "msoc-default-instance-profile"

  #lifecycle {
    # This might allow us to update/replace easier?
    #create_before_destroy = true
  #}
}

# DNS Records
resource "aws_route53_record" "interconnects" {
  count = var.interconnects_count
  name = "interconnect-${ var.environment }-${ count.index }"
  type = "A"
  ttl  = 300
  zone_id = var.dns_public["id"]
  records = [ aws_eip.interconnects[count.index].public_ip ]
  provider = aws.legacy
}

resource "aws_route53_record" "interconnects_pvt" {
  count = var.interconnects_count
  name = "interconnect-${ count.index }"
  type = "A"
  ttl  = 300
  zone_id = var.dns_private["id"]
  records = [ aws_instance.interconnects[count.index].private_ip ]
  provider = aws.legacy
}