ASG

resource "aws_autoscaling_group" "asg" { name = "web-skills-ap-stable" desired_capacity = 2 min_size = 2 max_size = 10 vpc_zone_identifier = [aws_subnet.private_a.id, aws_subnet.private_b.id, aws_subnet.private_c.id] target_group_arns = [aws_lb_target_group.alb-tf.arn] launch_template { id = aws_launch_template.asg.id version = "$Latest" } } resource "aws_autoscaling_policy" "asg" { name = "asg-policy" autoscaling_group_name = aws_autoscaling_group.asg.name policy_type = "TargetTrackingScaling" target_tracking_configuration { predefined_metric_specification { predefined_metric_type = "ASGAverageCPUUtilization" } target_value = 10.0 } } # AMI data "aws_ssm_parameter" "latest_ami" { name = "/aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-default-x86_64" } resource "aws_launch_template" "asg" { name = "web_test_lt" image_id = data.aws_ssm_parameter.latest_ami.value instance_type = "<Type>" key_name = aws_key_pair.keypair.key_name iam_instance_profile { arn = aws_iam_instance_profile.asg.arn } vpc_security_group_ids = [aws_security_group.asg.id] tag_specifications { resource_type = "instance" tags = { Name = "<env>" } } user_data = base64encode(<<EOF #!/bin/bash yum update -y EOF ) } resource "aws_security_group" "asg" { name = "<env>-ASG-SG" vpc_id = aws_vpc.main.id ingress { protocol = "tcp" from_port = "<Port>" to_port = "<Port>" security_groups = [aws_security_group.bastion.id] } egress { protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] from_port = "<Port>" to_port = "<Port>" } tags = { Name = "<env>-ASG-SG" } } resource "aws_iam_role" "asg" { name = "<env>-role-bastion" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [ { Action = "sts:AssumeRole" Effect = "Allow" Sid = "" Principal = { Service = "ec2.amazonaws.com" } } ] }) } resource "aws_iam_role_policy_attachment" "s3" { role = aws_iam_role.asg.name policy_arn = "arn:aws:iam::aws:policy/<Policy>" } resource "aws_iam_instance_profile" "asg" { name = "<env>-profile-asg" role = aws_iam_role.asg.name }