Module to create a single EC2 instance.
Here's what using the module will look like
module "ec2-pet" {
for_each = local.ec2_pets
source = "rhythmictech/ec2-single/aws"
version = "1.2.0"
name = each.key
ami_id = lookup(each.value, "ami_id", data.aws_ami.rce_amzn2.id)
create_sg = false
create_ssm = false
env = "ops"
instance_type = each.value.instance_type
security_groups = concat(try(split(",", each.value.security_groups), []), [module.sg-pet["base"].security_group_id, try(module.sg-pet[each.value.role].security_group_id, null)])
route53_record = each.key
route53_zone_id = data.terraform_remote_state.network.outputs.external_zone_id
ssm_access_arn = data.terraform_remote_state.account.outputs.base_instance_arn
subnet_id = try(local.private_subnet_ids[each.value.subnet], local.private_subnet_ids[0])
volume_size = each.value.volume_size
volume_type = each.value.volume_type
vpc = data.terraform_remote_state.network.outputs.vpc_id
tags = merge(
local.tags,
{
"Role" = each.value.role,
"Location" = "use1",
"Env" = "ops"
}
)
}| Name | Version |
|---|---|
| terraform | >= 0.12.26 |
| aws | >= 2.45.0 |
| tls | >= 3.1.0 |
| Name | Version |
|---|---|
| aws | 3.38.0 |
| tls | 3.1.0 |
No modules.
| Name | Type |
|---|---|
| aws_iam_instance_profile.instance | resource |
| aws_iam_policy.instance_tags | resource |
| aws_iam_policy.ssm_access | resource |
| aws_iam_role.instance | resource |
| aws_iam_role_policy.instance | resource |
| aws_iam_role_policy_attachment.instance_tags | resource |
| aws_iam_role_policy_attachment.ssm_access | resource |
| aws_iam_role_policy_attachment.ssm_access_arn | resource |
| aws_instance.instance | resource |
| aws_key_pair.instance_root | resource |
| aws_route53_record.route53_record | resource |
| aws_secretsmanager_secret.instance_root_key | resource |
| aws_secretsmanager_secret_version.instance_root_key_value | resource |
| aws_security_group.instance | resource |
| tls_private_key.instance_root | resource |
| aws_iam_policy_document.instance_sts_assume_role | data source |
| aws_iam_policy_document.instance_tags | data source |
| aws_iam_policy_document.ssm_access | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ami_id | ID of the AMI to use when creating this instance. | string |
n/a | yes |
| create | Whether or not this instance should be created. Unfortunately needed for TF < 0.13. | bool |
true |
no |
| create_keypair | Whether or not to associate an SSH Keypair with this instance. If this is false and no external_keypair is defined, no key will be associated with the instance. | bool |
false |
no |
| create_sg | Whether or not to create and associate a security group for the instance. | bool |
true |
no |
| create_ssm | Whether or not to create and associate an IAM managed policy to allow SSM access to the instance. | bool |
true |
no |
| ebs_block_device | Additional EBS block devices to attach to the instance | list(map(string)) |
[] |
no |
| env | Name of the environment the Instance will be in. | string |
n/a | yes |
| external_keypair | Name of an external SSH Keypair to associate with this instance. If create_keypair is false and this is left null, no keypair will be associated with the instance. | string |
null |
no |
| instance_ip | Private IP to assign to the instance, if desired. | string |
null |
no |
| instance_type | AWS Instance type, i.e. t3.small. | string |
n/a | yes |
| name | Moniker to apply to all resources in the module. | string |
n/a | yes |
| route53_record | Route53 record to point to EC2 instance. | string |
"" |
no |
| route53_zone_id | Route53 zone ID for the route53_record. | string |
"" |
no |
| security_groups | Security Group IDs to attach to the instance. | list(string) |
n/a | yes |
| ssm_access_arn | Whether or not to associate a pre-created IAM managed policy to allow SSM access to the instance. | string |
"" |
no |
| subnet_id | ID of the subnet in which to create the instance. | string |
n/a | yes |
| tags | User-Defined tags. | map(string) |
{} |
no |
| userdata_script | Userdata script to execute when provisioning the instance. | string |
null |
no |
| volume_iops | IOPS to allocate to the instance's base drive. Only applicable when volume_type is io1, io2 or gp3. | number |
null |
no |
| volume_kms_key_id | ID of the KMS Key to attach to the Root EBS volume | string |
null |
no |
| volume_size | Size of the attached volume for this instance. | number |
n/a | yes |
| volume_throughput | Value in MiB/s for throughput on instance volume. Only applicable when volume_type is gp3. | number |
null |
no |
| volume_type | Type of storage for the instance attached volume. | string |
n/a | yes |
| vpc | VPC ID to create the instance in. | string |
n/a | yes |
| Name | Description |
|---|---|
| iam_role_arn | ARN of the IAM Role generated for this instance |
| iam_role_name | Name of the IAM Role generated for this instance |
| instance_id | ID of the instance created |
| instance_sg_id | ID of the instance created |
| private_ip | private ip assigned to this instance |