Terraform\u3092\u4f7f\u3063\u3066RDS\u3068Lambda\u306e\u74b0\u5883\u3092\u4f5c\u308b\u3053\u3068\u304c\u3042\u3063\u305f\u306e\u3067\u66f8\u3044\u3066\u307f\u307e\u3059\u3002<\/p>\n
\u6700\u7d42\u7684\u306b\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u74b0\u5883\u3092\u4f5c\u308b\u60f3\u5b9a\u3067\u3059\u3002<\/p>\n
\u307e\u305a\u306f\u30b5\u30d6\u30cd\u30c3\u30c8\u304b\u3089\u4f5c\u3063\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n
RDS\u306e\u30b5\u30d6\u30cd\u30c3\u30c8\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u308b\u306e\u306bprivate\u30b5\u30d6\u30cd\u30c3\u30c8\u30922\u3064\u7528\u610f\u3057\u307e\u3059\u3002<\/p>\n
resource "aws_vpc" "default" {\n cidr_block = "10.0.0.0\/16"\n enable_dns_hostnames = true\n tags {\n Name = "your_project"\n }\n}\n\nresource "aws_subnet" "private_a" {\n vpc_id = "${aws_vpc.default.id}"\n cidr_block = "10.0.1.0\/24"\n availability_zone = "ap-northeast-1a"\n\n tags {\n Name = "your_project_private_a"\n }\n}\n\nresource "aws_subnet" "private_c" {\n vpc_id = "${aws_vpc.default.id}"\n cidr_block = "10.0.2.0\/24"\n availability_zone = "ap-northeast-1c"\n\n tags {\n Name = "your_project_private_c"\n }\n}<\/code><\/pre>\nLambda\u3068EC2\u7528\u306bpublic\u30b5\u30d6\u30cd\u30c3\u30c8\u3082\u4f5c\u308a\u307e\u3059(Lambda\u306f\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u901a\u4fe1\u304c\u5fc5\u8981\u306a\u5b9f\u88c5\u3092\u3059\u308b\u60f3\u5b9a)\u3002<\/p>\n
resource "aws_subnet" "public_a" {\n vpc_id = "${aws_vpc.default.id}"\n cidr_block = "10.0.3.0\/24"\n availability_zone = "ap-northeast-1a"\n\n tags {\n Name = "your_project_public_a"\n }\n}\n\nresource "aws_subnet" "public_c" {\n vpc_id = "${aws_vpc.default.id}"\n cidr_block = "10.0.4.0\/24"\n availability_zone = "ap-northeast-1c"\n\n tags {\n Name = "your_project_public_c"\n }\n}<\/code><\/pre>\n<\/p>\n
resource "aws_internet_gateway" "default" {\n vpc_id = "${aws_vpc.default.id}"\n\n tags {\n Name = "your_project"\n }\n}\n\nresource "aws_route_table" "default" {\n vpc_id = "${aws_vpc.default.id}"\n\n route {\n cidr_block = "0.0.0.0\/0"\n gateway_id = "${aws_internet_gateway.default.id}"\n }\n\n tags {\n Name = "your_project"\n }\n}\n\nresource "aws_route_table_association" "public_a" {\n subnet_id = "${aws_subnet.public_a.id}"\n route_table_id = "${aws_route_table.default.id}"\n}\n\nresource "aws_route_table_association" "public_c" {\n subnet_id = "${aws_subnet.public_c.id}"\n route_table_id = "${aws_route_table.default.id}"\n}<\/code><\/pre>\nSecurity Group<\/h2>\n
\u6b21\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u308a\u307e\u3059\u3002EC2\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3067\u306f\u3001ssh\u63a5\u7d9a\u3092\u8a31\u53ef\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n
resource "aws_security_group" "ec2" {\n name = "your_project_ec2"\n vpc_id = "${aws_vpc.default.id}"\n\n ingress {\n from_port = 22\n to_port = 22\n protocol = "tcp"\n description = "Permit access from your custom IP"\n cidr_blocks = ["your_ip"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = "-1"\n cidr_blocks = ["0.0.0.0\/0"]\n }\n\n tags {\n Name = "your_project"\n }\n\n lifecycle {\n create_before_destroy = true\n }\n}\n\nresource "aws_security_group" "lambda" {\n name = "your_project_lambda"\n vpc_id = "${aws_vpc.default.id}"\n\n egress {\n from_port = 0\n to_port = 0\n protocol = "-1"\n cidr_blocks = ["0.0.0.0\/0"]\n }\n\n tags {\n Name = "your_project"\n }\n\n lifecycle {\n create_before_destroy = true\n }\n}<\/code><\/pre>\nRDS\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3067\u306f\u3001ingress\u306bLambda\u3068EC2\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3092\u6307\u5b9a\u3057\u3001\u305d\u306e\u63a5\u7d9a\u306e\u307f\u3092\u8a31\u53ef\u3057\u307e\u3059\u3002<\/p>\n
resource "aws_security_group" "rds" {\n name = "your_project_rds"\n vpc_id = "${aws_vpc.default.id}"\n\n ingress {\n from_port = 3306\n to_port = 3306\n protocol = "tcp"\n description = "Permit access from the security group of Lambda\/EC2."\n security_groups = ["${aws_security_group.lambda.id}", "${aws_security_group.ec2.id}"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = "-1"\n cidr_blocks = ["0.0.0.0\/0"]\n }\n\n tags {\n Name = "your_project"\n }\n\n lifecycle {\n create_before_destroy = true\n }\n}<\/code><\/pre>\nRDS\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9<\/h2>\n
\u6b21\u306bRDS\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002\u4eca\u56de\u306f\u30de\u30eb\u30c1AZ\u306f\u306a\u3057\u3067\u3001\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u307f\u5b9f\u65bd\u3057\u307e\u3059\u3002<\/p>\n
resource "aws_db_subnet_group" "default" {\n name = "your_project"\n subnet_ids = ["${aws_subnet.private_a.id}", "${aws_subnet.private_c.id}"]\n\n tags {\n Name = "your_project"\n }\n}\n\nresource "aws_db_instance" "default" {\n name = "your_project"\n identifier = "your-identifier"\n allocated_storage = 100\n engine = "mysql"\n engine_version = "5.7.21"\n instance_class = "db.t2.micro"\n storage_type = "gp2"\n username = "root"\n password = "your_password"\n maintenance_window = "Mon:19:00-Mon:20:00"\n backup_window = "17:00-18:00"\n backup_retention_period = "7"\n vpc_security_group_ids = ["${aws_security_group.rds.id}"]\n db_subnet_group_name = "${aws_db_subnet_group.default.id}"\n publicly_accessible = true\n}<\/code><\/pre>\n\u8e0f\u307f\u53f0EC2<\/h2>\n
\u6700\u5f8c\u306b\u3001\u30c7\u30d0\u30c3\u30b0\u6642\u3084RDS\u306b\u76f4\u63a5\u63a5\u7d9a\u3057\u305f\u3044\u3068\u304d\u306e\u305f\u3081\u306b\u8e0f\u307f\u518d\u30b5\u30fc\u30d0\u30fc\u3092\u7528\u610f\u3057\u307e\u3059\u3002<\/p>\n
resource "aws_key_pair" "default" {\n key_name = "your_key_name"\n public_key = "${file(your_public_key_path)}"\n}\n\nresource "aws_instance" "default" {\n\n ami = "ami-e99f4896" \/\/ Amazon Linux 2 AMI (HVM), SSD Volume Type\n instance_type = "t2.micro"\n associate_public_ip_address = "true"\n key_name = "${aws_key_pair.default.key_name}"\n subnet_id = "${aws_subnet.public_a.id}"\n vpc_security_group_ids = ["${aws_security_group.ec2.id}"]\n\n root_block_device {\n volume_type = "standard"\n volume_size = "50"\n delete_on_termination = "false"\n }\n\n tags {\n "Name" = "${var.name}"\n }\n}\n\ndata "aws_eip" "default" {\n id = "your_eip_id"\n}\n\nresource "aws_eip_association" "default" {\n instance_id = "${aws_instance.default.id}"\n allocation_id = "${data.aws_eip.default.id}"\n}<\/code><\/pre>\n\u4ee5\u4e0a\u3067\u3001\u4eca\u56de\u4f5c\u308a\u305f\u304b\u3063\u305f\u3082\u306e\u3092Terraform\u3067\u751f\u6210\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n