#!/bin/bash
# ==========================================
# 1. Terraform 환경변수 설정 (원하는 값으로 수정하세요)
# ==========================================
# 리전 및 가용 영역 설정 (2개)
export TF_VAR_aws_region="ap-northeast-2"
export TF_VAR_azs='["ap-northeast-2a", "ap-northeast-2c"]'
# [App VPC] 기본 설정
export TF_VAR_app_vpc_cidr="10.0.0.0/16"
export TF_VAR_app_vpc_name="WorldPay-App-VPC"
# [App VPC] 퍼블릭 서브넷 (ALB용) CIDR 및 이름
export TF_VAR_app_public_subnets='["10.0.1.0/24", "10.0.2.0/24"]'
export TF_VAR_app_public_subnet_names='["WorldPay-App-Public-2a", "WorldPay-App-Public-2c"]'
# [App VPC] 프라이빗 서브넷 (EC2용) CIDR 및 이름
export TF_VAR_app_private_subnets='["10.0.3.0/24", "10.0.4.0/24"]'
export TF_VAR_app_private_subnet_names='["WorldPay-App-Private-2a", "WorldPay-App-Private-2c"]'
# [DB VPC] 기본 설정
export TF_VAR_db_vpc_cidr="10.1.0.0/16"
export TF_VAR_db_vpc_name="WorldPay-DB-VPC"
# [DB VPC] 프라이빗 서브넷 (RDS용) CIDR 및 이름
export TF_VAR_db_private_subnets='["10.1.1.0/24", "10.1.2.0/24"]'
export TF_VAR_db_private_subnet_names='["WorldPay-DB-Private-2a", "WorldPay-DB-Private-2c"]'
# VPC Peering 이름 지정
export TF_VAR_peering_name="WorldPay-App-DB-Peering"
echo "✅ 환경변수 설정 완료"
# ==========================================
# 2. variables.tf 파일 생성
# ==========================================
cat << 'EOF' > variables.tf
variable "aws_region" { type = string }
variable "azs" { type = list(string) }
variable "app_vpc_cidr" { type = string }
variable "app_vpc_name" { type = string }
variable "app_public_subnets" { type = list(string) }
variable "app_public_subnet_names" { type = list(string) }
variable "app_private_subnets" { type = list(string) }
variable "app_private_subnet_names" { type = list(string) }
variable "db_vpc_cidr" { type = string }
variable "db_vpc_name" { type = string }
variable "db_private_subnets" { type = list(string) }
variable "db_private_subnet_names" { type = list(string) }
variable "peering_name" { type = string }
EOF
echo "✅ variables.tf 생성 완료"
# ==========================================
# 3. main.tf 파일 생성
# ==========================================
cat << 'EOF' > main.tf
provider "aws" {
region = var.aws_region
}
# ------------------------------------------
# [1] App VPC & Subnets (ALB, EC2)
# ------------------------------------------
resource "aws_vpc" "app_vpc" {
cidr_block = var.app_vpc_cidr
enable_dns_support = true
enable_dns_hostnames = true
tags = { Name = var.app_vpc_name }
}
resource "aws_internet_gateway" "app_igw" {
vpc_id = aws_vpc.app_vpc.id
tags = { Name = "${var.app_vpc_name}-IGW" }
}
# App 퍼블릭 서브넷 (이름 변수 적용)
resource "aws_subnet" "app_public" {
count = length(var.app_public_subnets)
vpc_id = aws_vpc.app_vpc.id
cidr_block = var.app_public_subnets[count.index]
availability_zone = var.azs[count.index]
map_public_ip_on_launch = true
tags = { Name = var.app_public_subnet_names[count.index] }
}
# App 프라이빗 서브넷 (이름 변수 적용)
resource "aws_subnet" "app_private" {
count = length(var.app_private_subnets)
vpc_id = aws_vpc.app_vpc.id
cidr_block = var.app_private_subnets[count.index]
availability_zone = var.azs[count.index]
tags = { Name = var.app_private_subnet_names[count.index] }
}
resource "aws_eip" "nat_eip" {
domain = "vpc"
tags = { Name = "${var.app_vpc_name}-NAT-EIP" }
}
resource "aws_nat_gateway" "app_nat" {
allocation_id = aws_eip.nat_eip.id
subnet_id = aws_subnet.app_public[0].id
tags = { Name = "${var.app_vpc_name}-NAT" }
depends_on = [aws_internet_gateway.app_igw]
}
# App 라우팅 테이블
resource "aws_route_table" "app_public_rt" {
vpc_id = aws_vpc.app_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.app_igw.id
}
tags = { Name = "${var.app_vpc_name}-Public-RT" }
}
resource "aws_route_table" "app_private_rt" {
vpc_id = aws_vpc.app_vpc.id
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = aws_nat_gateway.app_nat.id
}
tags = { Name = "${var.app_vpc_name}-Private-RT" }
}
resource "aws_route_table_association" "app_public_assoc" {
count = length(var.app_public_subnets)
subnet_id = aws_subnet.app_public[count.index].id
route_table_id = aws_route_table.app_public_rt.id
}
resource "aws_route_table_association" "app_private_assoc" {
count = length(var.app_private_subnets)
subnet_id = aws_subnet.app_private[count.index].id
route_table_id = aws_route_table.app_private_rt.id
}
# ------------------------------------------
# [2] DB VPC & Subnets (RDS)
# ------------------------------------------
resource "aws_vpc" "db_vpc" {
cidr_block = var.db_vpc_cidr
enable_dns_support = true
enable_dns_hostnames = true
tags = { Name = var.db_vpc_name }
}
# DB 프라이빗 서브넷 (이름 변수 적용)
resource "aws_subnet" "db_private" {
count = length(var.db_private_subnets)
vpc_id = aws_vpc.db_vpc.id
cidr_block = var.db_private_subnets[count.index]
availability_zone = var.azs[count.index]
tags = { Name = var.db_private_subnet_names[count.index] }
}
resource "aws_route_table" "db_private_rt" {
vpc_id = aws_vpc.db_vpc.id
tags = { Name = "${var.db_vpc_name}-Private-RT" }
}
resource "aws_route_table_association" "db_private_assoc" {
count = length(var.db_private_subnets)
subnet_id = aws_subnet.db_private[count.index].id
route_table_id = aws_route_table.db_private_rt.id
}
# ------------------------------------------
# [3] VPC Peering
# ------------------------------------------
resource "aws_vpc_peering_connection" "app_to_db" {
vpc_id = aws_vpc.app_vpc.id
peer_vpc_id = aws_vpc.db_vpc.id
auto_accept = true
tags = { Name = var.peering_name }
}
resource "aws_route" "app_to_db_peering_route" {
route_table_id = aws_route_table.app_private_rt.id
destination_cidr_block = aws_vpc.db_vpc.cidr_block
vpc_peering_connection_id = aws_vpc_peering_connection.app_to_db.id
}
resource "aws_route" "db_to_app_peering_route" {
route_table_id = aws_route_table.db_private_rt.id
destination_cidr_block = aws_vpc.app_vpc.cidr_block
vpc_peering_connection_id = aws_vpc_peering_connection.app_to_db.id
}
EOF
echo "✅ main.tf 생성 완료"
# ==========================================
# 4. Terraform 초기화 및 자동 배포
# ==========================================
echo "🚀 Terraform 초기화 및 배포를 시작합니다..."
terraform init
terraform apply -auto-approve
echo "🎉 모든 인프라 배포가 성공적으로 끝났습니다!"