TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / ci / terraform / 45b953d3d425b7be72bcede47ca0bfea8256a725 / . / infra.tf
blob: b142def72e8cf8f6dbb06fe1a94dec83aa2c09a0 [file] [log] [blame]
Kelley Spoon45b953d2020-07-14 04:18:34 -0500[diff] [blame^]1# upstream AMIs
2data "aws_ami" "ubuntu" {
3 most_recent = true
4
5 filter {
6 name = "name"
7 values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"]
8 }
9
10 owners = ["099720109477"] # Official Canonical ID
11}
12
13# Production ------------
14# route53 - not currently managed by Systems terraform
15# roles - not currently managed by Systems terraform
16# server - not currently managed by Systems terraform
17
18# Staging --------------
19# route53
20resource "aws_route53_zone" "staging_zone" {
21 name = "staging.trustedfirmware.org"
22}
23
24resource "aws_route53_record" "staging-ns" {
25 zone_id = aws_route53_zone.staging_zone.zone_id
26 name = "staging.trustedfirmware.org"
27 type = "NS"
28 ttl = 30
29
30 records = [
31 aws_route53_zone.staging_zone.name_servers.0,
32 aws_route53_zone.staging_zone.name_servers.1,
33 aws_route53_zone.staging_zone.name_servers.2,
34 aws_route53_zone.staging_zone.name_servers.3,
35 ]
36}
37
38#servers
39resource "aws_instance" "staging-ci" {
40 ami = "ami-0286372f78291e588"
41 instance_type = "t3.large"
42 # hardcoding for the time being. In the future we may want
43 # to split staging off to its own subnet.
44 subnet_id = "subnet-a0d573af"
45 vpc_security_group_ids = [
46 "${aws_security_group.ci-sg.id}",
47 "${aws_security_group.flexnet-sg.id}",
48 ]
49 key_name = "systems-bot-ssh"
50 tags = {
51 Name = "staging-ci"
52 Environment = "staging"
53 }
54}
55
56resource "aws_route53_record" "ci-staging" {
57 zone_id = aws_route53_zone.staging_zone.zone_id
58 name = "ci"
59 type = "A"
60 ttl = "60"
61 records = [aws_instance.staging-ci.public_ip]
62}