feature #4 - add application load balancer to exchange rate service

Eugeniosales · Oct 16, 2022 · eb86107 · eb86107
1 parent ab69138
commit eb86107
Show file tree

Hide file tree

Showing 9 changed files with 123 additions and 8 deletions.
diff --git a/terraform/env/dev.tfvars b/terraform/env/dev.tfvars
@@ -1,2 +1,7 @@
 ENV = "dev"
-EXCHANGE_RATE_INTERNAL_URL="http://api.dev.sbf.exchangerate.internal.com"
+aws_profile = "dev"
+vpc_id = "vpc-0b1ae7a4fa0ec7d9d"
+SUB_NET_01 = "subnet-05d245e39491bb3d2"
+SUB_NET_02 = "subnet-06761316782230c98"
+base_url_internal = "http://exchangerate.internal.dev.sbf.com"
+route53_zone_host = "internal.dev.sbf.com"
diff --git a/terraform/env/hml.tfvars b/terraform/env/hml.tfvars
@@ -1,2 +1,7 @@
 ENV = "hml"
-EXCHANGE_RATE_INTERNAL_URL="http://api.hml.sbf.exchangerate.internal.com"
+aws_profile = "hml"
+vpc_id = "vpc-0b1ae7a4fa0ec7d9d"
+SUB_NET_01 = "subnet-05d245e39491bb3d2"
+SUB_NET_02 = "subnet-06761316782230c98"
+base_url_internal = "http://exchangerate.internal.dev.sbf.com"
+route53_zone_host = "internal.dev.sbf.com"
diff --git a/terraform/env/prd.tfvars b/terraform/env/prd.tfvars
@@ -1,2 +1,7 @@
 ENV = "prd"
-EXCHANGE_RATE_INTERNAL_URL="http://api.sbf.exchangerate.internal.com"
+aws_profile = "prd"
+vpc_id = "vpc-0b1ae7a4fa0ec7d9d"
+SUB_NET_01 = "subnet-05d245e39491bb3d2"
+SUB_NET_02 = "subnet-06761316782230c98"
+base_url_internal = "http://exchangerate.internal.dev.sbf.com"
+route53_zone_host = "internal.dev.sbf.com"
diff --git a/terraform/load-balance.tf b/terraform/load-balance.tf
@@ -0,0 +1,30 @@
+resource "aws_lb" "lb-sbf-exchangerate" {
+  name               = "sbf-exchangerate-${var.aws_profile}-lb"
+  internal           = true
+  load_balancer_type = "application"
+  security_groups    = [aws_security_group.lb.id]
+  subnets            = [var.SUB_NET_01, var.SUB_NET_02]
+
+  ip_address_type = "ipv4"
+
+  tags = {
+    service = "sbf-exchangerate",
+    stage = var.aws_profile
+  }
+}
+
+resource "aws_lb_listener" "http-lb-sbf-exchangerate" {
+  load_balancer_arn = aws_lb.lb-sbf-exchangerate.arn
+  port              = "80"
+  protocol          = "HTTP"
+
+  default_action {
+    type = "fixed-response"
+
+    fixed_response {
+      content_type = "text/plain"
+      message_body = "The resource can't be found."
+      status_code  = "404"
+    }
+  }
+}
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -22,4 +22,4 @@ terraform {
 
 provider "aws" {
   region = "us-east-1"
-}
+}
diff --git a/terraform/route53.tf b/terraform/route53.tf
@@ -0,0 +1,15 @@
+resource "aws_route53_record" "record-sbf-exchangerate" {
+  zone_id = data.aws_route53_zone.selected.zone_id
+  name    = "sbf-exchangerate"
+  type    = "A"
+
+  alias {
+    name                   = aws_lb.lb-sbf-exchangerate.dns_name
+    zone_id                = aws_lb.lb-sbf-exchangerate.zone_id
+    evaluate_target_health = true
+  }
+}
+
+output "route53_record" {
+  value = "${aws_route53_record.record-sbf-exchangerate.name}.${data.aws_route53_zone.selected.name}"
+}
diff --git a/terraform/security-group.tf b/terraform/security-group.tf
@@ -0,0 +1,24 @@
+resource "aws_security_group" "lb" {
+  name     = "sbf-exchangerate-${var.ENV}-alb-sg"
+  description = "Allow TLS inbound traffic"
+  vpc_id      = var.vpc_id
+
+  ingress {
+    description = "HTTP from ALL"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name = "allow_tls"
+  }
+}
diff --git a/terraform/ssm.tf b/terraform/ssm.tf
@@ -15,6 +15,6 @@ resource "aws_ssm_parameter" "exchange-rate-api-token-ssm" {
 resource "aws_ssm_parameter" "exchange-rate-internal-url-ssm" {
   name  = "/exchangerate/infra/alb/arn"
   type  = "String"
-  value = "${var.EXCHANGE_RATE_INTERNAL_URL}"
+  value = "${var.base_url_internal}"
   overwrite = true
-}
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -3,9 +3,40 @@ variable "ENV" {
   description = "Environment"
   default     = null
 }
+variable "vpc_id" {
+  type        = string
+  description = "VPC ID"
+}
 
-variable "EXCHANGE_RATE_INTERNAL_URL" {
+variable "SUB_NET_01" {
   type        = string
-  description = "Exchange rate microsservice internal url"
+  description = "sub net"
   default     = null
 }
+
+variable "SUB_NET_02" {
+  type        = string
+  description = "sub net"
+  default     = null
+}
+
+variable "base_url_internal" {
+  type = string
+  description = "base url internal for exchange rate microsservice"
+}
+
+variable "aws_profile" {
+  type = string
+  description = "AWS Profile"
+  default = null
+}
+
+variable "route53_zone_host" {
+  type = string
+  description = "Route53 Zone Host"
+}
+
+data "aws_route53_zone" "selected" {
+  name = var.route53_zone_host
+  private_zone = true
+}