Skip to content

Latest commit

 

History

History
133 lines (115 loc) · 10.8 KB

README.md

File metadata and controls

133 lines (115 loc) · 10.8 KB
Raw

terraform-aws-ec2-single

Module to create a single EC2 instance.

tflint tfsec yamllint misspell pre-commit-check follow on Twitter

Example

Here's what using the module will look like

module "ec2-pet" {
  for_each = local.ec2_pets

  source          = "rhythmictech/ec2-single/aws"
  version         = "1.2.0"
  name            = each.key
  ami_id          = lookup(each.value, "ami_id", data.aws_ami.rce_amzn2.id)
  create_sg       = false
  create_ssm      = false
  env             = "ops"
  instance_type   = each.value.instance_type
  security_groups = concat(try(split(",", each.value.security_groups), []), [module.sg-pet["base"].security_group_id, try(module.sg-pet[each.value.role].security_group_id, null)])
  route53_record  = each.key
  route53_zone_id = data.terraform_remote_state.network.outputs.external_zone_id
  ssm_access_arn  = data.terraform_remote_state.account.outputs.base_instance_arn
  subnet_id       = try(local.private_subnet_ids[each.value.subnet], local.private_subnet_ids[0])
  volume_size     = each.value.volume_size
  volume_type     = each.value.volume_type
  vpc             = data.terraform_remote_state.network.outputs.vpc_id
  tags = merge(
    local.tags,
    {
      "Role"     = each.value.role,
      "Location" = "use1",
      "Env"      = "ops"
    }
  )
}

Requirements

Name Version
terraform >= 0.12.26
aws >= 2.45.0
tls >= 3.1.0

Providers

Name Version
aws 3.38.0
tls 3.1.0

Modules

No modules.

Resources

Name Type
aws_iam_instance_profile.instance resource
aws_iam_policy.instance_tags resource
aws_iam_policy.ssm_access resource
aws_iam_role.instance resource
aws_iam_role_policy.instance resource
aws_iam_role_policy_attachment.instance_tags resource
aws_iam_role_policy_attachment.ssm_access resource
aws_iam_role_policy_attachment.ssm_access_arn resource
aws_instance.instance resource
aws_key_pair.instance_root resource
aws_route53_record.route53_record resource
aws_secretsmanager_secret.instance_root_key resource
aws_secretsmanager_secret_version.instance_root_key_value resource
aws_security_group.instance resource
tls_private_key.instance_root resource
aws_iam_policy_document.instance_sts_assume_role data source
aws_iam_policy_document.instance_tags data source
aws_iam_policy_document.ssm_access data source

Inputs

Name Description Type Default Required
ami_id ID of the AMI to use when creating this instance. string n/a yes
create Whether or not this instance should be created. Unfortunately needed for TF < 0.13. bool true no
create_keypair Whether or not to associate an SSH Keypair with this instance. If this is false and no external_keypair is defined, no key will be associated with the instance. bool false no
create_sg Whether or not to create and associate a security group for the instance. bool true no
create_ssm Whether or not to create and associate an IAM managed policy to allow SSM access to the instance. bool true no
ebs_block_device Additional EBS block devices to attach to the instance list(map(string)) [] no
env Name of the environment the Instance will be in. string n/a yes
external_keypair Name of an external SSH Keypair to associate with this instance. If create_keypair is false and this is left null, no keypair will be associated with the instance. string null no
instance_ip Private IP to assign to the instance, if desired. string null no
instance_type AWS Instance type, i.e. t3.small. string n/a yes
name Moniker to apply to all resources in the module. string n/a yes
route53_record Route53 record to point to EC2 instance. string "" no
route53_zone_id Route53 zone ID for the route53_record. string "" no
security_groups Security Group IDs to attach to the instance. list(string) n/a yes
ssm_access_arn Whether or not to associate a pre-created IAM managed policy to allow SSM access to the instance. string "" no
subnet_id ID of the subnet in which to create the instance. string n/a yes
tags User-Defined tags. map(string) {} no
userdata_script Userdata script to execute when provisioning the instance. string null no
volume_iops IOPS to allocate to the instance's base drive. Only applicable when volume_type is io1, io2 or gp3. number null no
volume_kms_key_id ID of the KMS Key to attach to the Root EBS volume string null no
volume_size Size of the attached volume for this instance. number n/a yes
volume_throughput Value in MiB/s for throughput on instance volume. Only applicable when volume_type is gp3. number null no
volume_type Type of storage for the instance attached volume. string n/a yes
vpc VPC ID to create the instance in. string n/a yes

Outputs

Name Description
iam_role_arn ARN of the IAM Role generated for this instance
iam_role_name Name of the IAM Role generated for this instance
instance_id ID of the instance created
instance_sg_id ID of the instance created
private_ip private ip assigned to this instance

The Giants Underneath this Module