1
# pub2 , pri2 , nat 2 -> pub2, pri2, pridb2, nat2


cat <<EOF > provider.tf
provider "aws" {
  region  = "ap-northeast-2"
}

resource "aws_vpc" "main" {
  cidr_block       = "10.0.0.0/20"

  tags = {
    Name = "terraform-101"
  }
}

resource "aws_subnet" "pub1" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.0.0/23"

  availability_zone = "ap-northeast-2a"

  tags = {
    Name = "101subnet-1"
  }
}


resource "aws_subnet" "pub2" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.2.0/23"

  availability_zone = "ap-northeast-2c"

  tags = {
    Name = "101subnet-2"
  }
}

resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id

  tags = {
    Name = "main"
  }
}

# default route 


resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }
    tags = {
    Name = "main-public"
  }
}

resource "aws_route_table_association" "public_association_1" {
  subnet_id      = aws_subnet.pub1.id
  route_table_id = aws_route_table.public.id
}

resource "aws_route_table_association" "public_association_2" {
  subnet_id      = aws_subnet.pub2.id
  route_table_id = aws_route_table.public.id
}

resource "aws_subnet" "pri1" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.4.0/23"

  availability_zone = "ap-northeast-2a"

  tags = {
    Name = "101subnet-private-1"
  }
}

resource "aws_subnet" "pri2" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.6.0/23"

  availability_zone = "ap-northeast-2c"

  tags = {
    Name = "101subnet-private-2"
  }
}


# nat
resource "aws_eip" "nat_1" {
  vpc   = true

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_eip" "nat_2" {
  vpc   = true

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_nat_gateway" "nat_gateway_1" {
  allocation_id = aws_eip.nat_1.id

  # Private subnet이 아니라 public subnet을 연결하셔야 합니다.
  subnet_id = aws_subnet.pub1.id

  tags = {
    Name = "NAT-GW-1"
  }
}

resource "aws_nat_gateway" "nat_gateway_2" {
  allocation_id = aws_eip.nat_2.id

  subnet_id = aws_subnet.pub2.id

  tags = {
    Name = "NAT-GW-2"
  }
}

# private route table add
resource "aws_route_table" "public_private_1" {
  vpc_id = aws_vpc.main.id

  tags = {
    Name = "main-private-1"
  }
}

resource "aws_route_table" "public_private_2" {
  vpc_id = aws_vpc.main.id

  tags = {
    Name = "main-private-2"
  }
}

resource "aws_route_table_association" "public_association_private_1" {
  subnet_id      = aws_subnet.pri1.id
  route_table_id = aws_route_table.public_private_1.id
}

resource "aws_route_table_association" "public_association_private_2" {
  subnet_id      = aws_subnet.pri2.id
  route_table_id = aws_route_table.public_private_2.id
}

resource "aws_route" "private_nat_1" {
  route_table_id              = aws_route_table.public_private_1.id
  destination_cidr_block      = "0.0.0.0/0"
  nat_gateway_id              = aws_nat_gateway.nat_gateway_1.id
}

resource "aws_route" "private_nat_2" {
  route_table_id              = aws_route_table.public_private_2.id
  destination_cidr_block      = "0.0.0.0/0"
  nat_gateway_id              = aws_nat_gateway.nat_gateway_2.id
}
EOF

terraform init
terraform plan
terraform apply -auto-approve


2
 terraform destroy -auto-approve