Skip to content

FriendsOfTerraform/aws-ec2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
_common.tf
_common.tf
 
 
ebs-volume.tf
ebs-volume.tf
 
 
iam-instance-profile.tf
iam-instance-profile.tf
 
 
instance.tf
instance.tf
 
 
network-interface.tf
network-interface.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

EC2 Module

This module will build and configure an EC2 instance

This repository is a READ-ONLY sub-tree split. See https://github.com/FriendsOfTerraform/modules to create issues or submit pull requests.

Table of Contents

Example Usage

Basic Usage

module "demo_ec2" {
  source = "github.com/FriendsOfTerraform/aws-ec2.git?ref=v1.0.0"

  name          = "demo-ec2"
  ami_id        = "ami-06d4b7182ac3480fa" # Amazon Linux 2003
  key_pair_name = "teamA-keypair"

  ebs_volume = {
    size        = 100
    volume_type = "gp3"
  }

  network_interface = {
    security_group_ids = ["sg-0d9f1fb631babcdef0"]
    subnet_id          = "subnet-0645cf5ad5abcdef0"
  }
}

Additional Storage And Network Interfaces

This example demonstrates how to add additonal network interfaces (ENIs) and ebs volumes to the instance. These resources are managed with the instance as a whole and sharing the same lifecycle. If you need to retain those resources beyond the instance's lifecycle, you may create them separately and then attach them to the instance.

module "demo_ec2" {
  source = "github.com/FriendsOfTerraform/aws-ec2.git?ref=v1.0.0"

  name          = "demo-ec2"
  ami_id        = "ami-06d4b7182ac3480fa" # Amazon Linux 2003
  key_pair_name = "teamA-keypair"

  ebs_volume = {
    size        = 100
    volume_type = "gp3"
  }

  network_interface = {
    security_group_ids = ["sg-0d9f1fb631babcdef0"]
    subnet_id          = "subnet-0645cf5ad5abcdef0"
  }

  # Manages multiple additional EBS volumes attached to this instance
  additional_ebs_volumes = {
    # The key of the map will be the name of the volume
    data = {
      device_name = "/dev/sdf"
      size        = 50
      volume_type = "gp3"
    }
    backup = {
      device_name = "/dev/sdg"
      size        = 100
      volume_type = "gp3"
    }
  }

  # Manages multiple additional ENIs attached to this instance
  additional_network_interfaces = {
    # The key of the map will be the name of the ENI
    "backup-eni" = {
      device_index       = 1
      security_group_ids = ["sg-083ef10e81abcdef0"]
      subnet_id          = "subnet-0c7b976f59abcdef0"
      description        = "ENI connected to the backup network"
    }
  }
}

Argument Reference

Mandatory

  • (string) ami_id [since v1.0.0]

    Specify the ID of the AMI used to launch the instance

  • (object) ebs_volume [since v1.0.0]

    Configures the root EBS volume

    • (number) size [since v1.0.0]

      The size of the EBS volume, in GiB

    • (string) volume_type [since v1.0.0]

      Specify the volume type. Valid values are "standard", "gp2", "gp3", "io1", "io2", "sc1", "st1"

    • (map(string)) additional_tags = {} [since v1.0.0]

      Additional tags for the EBS volume

    • (bool) delete_on_termination = true [since v1.0.0]

      Whether the volume should be destroyed on instance termination

    • (string) kms_key_id = null [since v1.0.0]

      ARN of the KMS Key to use to encrypt the volume

    • (number) provisioned_iops = null [since v1.0.0]

      Specify the amount of provisioned IOPS. Only valid for volume_type of "io1", "io2" or "gp3".

    • (number) throughput = null [since v1.0.0]

      Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for volume_type of "gp3"

  • (string) key_pair_name [since v1.0.0]

    Specify the name of the Key Pair to use for the instance

  • (string) name [since v1.0.0]

    The name of the EC2 instance. All associated resources will also have their name prefixed with this value

  • (object) network_interface [since v1.0.0]

    Configures the primary network interface

    • (list(string)) security_group_ids [since v1.0.0]

      List of security group IDs attached to this ENI

    • (string) subnet_id [since v1.0.0]

      Specify the subnet ID this ENI is created on

    • (map(string)) additional_tags = {} [since v1.0.0]

      Additional tags for the ENI

    • (string) description = null [since v1.0.0]

      Specify the description of the ENI

    • (bool) enable_elastic_fabric_adapter = false [since v1.0.0]

      Enables elastic fabric adapter

    • (bool) enable_source_destination_checking = true [since v1.0.0]

      Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs

    • (object) private_ip_addresses = null [since v1.0.0]

      Configures custom private IP addresses for the ENI.

      • (list(string)) ipv4 = null [since v1.0.0]

        List of private IPv4 addresses to assign to the ENI, the first address will be used as the primary IP address

    • (object) prefix_delegation = null [since v1.0.0]

      Assigns a private CIDR range, either automatically or manually, to the ENI. By assigning prefixes, you scale and simplify the management of applications, including container and networking applications that require multiple IP addresses on an instance. Network interfaces with prefixes are supported with instances built on the Nitro System.

      • (object) ipv4 = null [since v1.0.0]

        Configures prefix delegation for IPV4

        • (number) auto_assign_count = null [since v1.0.0]

          Sepcify the number of prefixes AWS chooses from your VPC subnet’s IPv4 CIDR block and assigns it to your network interface. Mutually exclusive to custom_prefixes

        • (list(string)) custom_prefixes = null [since v1.0.0]

          Specify the prefixes from your VPC subnet’s CIDR block to assign it to your network interface. Mutually exclusive to auto_assign_count

Optional

  • (map(object)) additional_ebs_volumes = {} [since v1.0.0]

    Configures additional EBS volumes attached to this instance. See example

    • (string) device_name [since v1.0.0]

      Specify the name of the device this EBS volume is mounted to. Please refer to the following documentations for valid values. Windows, Linux

    • (number) size [since v1.0.0]

      The size of the EBS volume, in GiB

    • (string) volume_type [since v1.0.0]

      Specify the volume type. Valid values are "standard", "gp2", "gp3", "io1", "io2", "sc1", "st1"

    • (map(string)) additional_tags = {} [since v1.0.0]

      Additional tags for the EBS volume

    • (bool) delete_on_termination = true [since v1.0.0]

      Whether the volume should be destroyed on instance termination

    • (bool) final_snapshot = false [since v1.0.0]

      Whether a final snapshot should be taken when the volume is being destroyed

    • (string) kms_key_id = null [since v1.0.0]

      ARN of the KMS Key to use to encrypt the volume

    • (number) provisioned_iops = null [since v1.0.0]

      Specify the amount of provisioned IOPS. Only valid for volume_type of "io1", "io2" or "gp3".

    • (string) snapshot_id = null [since v1.0.0]

      Specify the snapshot ID this volume is created from

    • (number) throughput = null [since v1.0.0]

      Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for volume_type of "gp3"

  • (map(object)) additional_network_interfaces = {} [since v1.0.0]

    Configures additional ENIs attached to this instance. See example

    • (number) device_index [since v1.0.0]

      Specify the device index this ENI mounted on

    • (list(string)) security_group_ids [since v1.0.0]

      List of security group IDs attached to this ENI

    • (string) subnet_id [since v1.0.0]

      Specify the subnet ID this ENI is created on

    • (map(string)) additional_tags = {} [since v1.0.0]

      Additional tags for the ENI

    • (string) description = null [since v1.0.0]

      Specify the description of the ENI

    • (bool) enable_elastic_fabric_adapter = false [since v1.0.0]

      Enables elastic fabric adapter

    • (bool) enable_source_destination_checking = true [since v1.0.0]

      Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs

    • (object) private_ip_addresses = null [since v1.0.0]

      Configures custom private IP addresses for the ENI.

      • (list(string)) ipv4 = null [since v1.0.0]

        List of private IPv4 addresses to assign to the ENI, the first address will be used as the primary IP address

    • (object) prefix_delegation = null [since v1.0.0]

      Assigns a private CIDR range, either automatically or manually, to the ENI. By assigning prefixes, you scale and simplify the management of applications, including container and networking applications that require multiple IP addresses on an instance. Network interfaces with prefixes are supported with instances built on the Nitro System.

      • (object) ipv4 = null [since v1.0.0]

        Configures prefix delegation for IPV4

        • (number) auto_assign_count = null [since v1.0.0]

          Sepcify the number of prefixes AWS chooses from your VPC subnet’s IPv4 CIDR block and assigns it to your network interface. Mutually exclusive to custom_prefixes

        • (list(string)) custom_prefixes = null [since v1.0.0]

          Specify the prefixes from your VPC subnet’s CIDR block to assign it to your network interface. Mutually exclusive to auto_assign_count

  • (map(string)) additional_tags = {} [since v1.0.0]

    Additional tags for the EC2 instance

  • (map(string)) additional_tags_all = {} [since v1.0.0]

    Additional tags for all resources deployed with this module

  • (string) cpu_credit_specification = "standard" [since v1.0.0]

    Credit option for CPU usage. Valid values are "standard", "unlimited". Only applicable to the T family. Please refer to these documentations for more information on standard and unlimited mode.

  • (bool) enable_auto_recovery = true [since v1.0.0]

    Enables EC2 auto recovery

  • (bool) enable_detailed_monitoring = false [since v1.0.0]

    Enables detailed monitoring

  • (bool) enable_instance_hibernation = false [since v1.0.0]

    Enables instance hibernation. Changing this option after the instance launched will result in replacement.

  • (bool) enable_instance_termination_protection = false [since v1.0.0]

    Enables instance termination protection

  • (bool) enable_instance_stop_protection = false [since v1.0.0]

    Enables instance stop protection

  • (bool) get_windows_password = false [since v1.0.0]

    Retrieves the encrypted administrator password for a running Windows instance. The values will be exported to the password_data output

  • (string) iam_role_name = null [since v1.0.0]

    The name of the IAM role to attach to the instance. Please refer to this documentation for more information.

  • (object) instance_metadata_options = null [since v1.0.0]

    Configures the metadata options of the instance.

    • (bool) enable_instance_metadata_service = true [since v1.0.0]

      Whether the instance metadata service is turned on

    • (bool) requires_imdsv2 = true [since v1.0.0]

      Requires the use of IMDSv2 when requesting instance metadata

    • (bool) allow_tags_in_instance_metadata = false [since v1.0.0]

      Whether instance tags are retrivable from instance metadata

  • (string) instance_type = "t2.micro" [since v1.0.0]

    Specify the instance type of instance

  • (object) resource_based_naming_options = null [since v1.0.0]

    Configures the resource based naming options of the instance.

    • (bool) use_resource_based_naming_as_os_hostname = false [since v1.0.0]

      Whether the "EC2 instance ID" is included in the hostname of the instance. For example: i-0123456789abcdef.ec2.internal If false, the "private IPv4 address" of the instance is included in the hostname instead. For example: ip-10-24-34-0.ec2.internal

    • (bool) answer_dns_hostname_ipv4_request = false [since v1.0.0]

      whether requests to your resource name resolve to the private IPv4 address (A record) of this EC2 instance

  • (object) user_data_config = null [since v1.0.0]

    Configures the user data of the instance.

    • (string) user_data = null [since v1.0.0]

      User data document in clear text. Mutually exclusive to user_data_base64

    • (string) user_data_base64 = null [since v1.0.0]

      User data document in base64. Mutually exclusive to user_data

Outputs

  • (string) instance_arn [since v1.0.0]

    The ARN of the EC2 instance

  • (string) instance_password_data [since v1.0.0]

    Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if get_windows_password = true

  • (string) instance_primary_network_interface_id [since v1.0.0]

    ID of the instance's primary network interface

  • (string) instance_private_dns [since v1.1.0]

    Private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC

  • (string) instance_public_dns [since v1.1.0]

    Public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC.

About

Terraform module for AWS EC2

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Dec 14, 2023

Packages

 
 
 

Languages