From 721ff492a3d3618b9275d8d2bbe2e3d8bf3fd666 Mon Sep 17 00:00:00 2001
From: Victor Cechinel <dev.victorcechinel@gmail.com>
Date: Tue, 2 Jan 2024 12:05:37 -0300
Subject: [PATCH] feat(add-eip-public): Create EIP association for EC2

---
 README.md                    |  7 +++++++
 examples/complete/README.md  |  1 +
 examples/complete/main.tf    |  2 ++
 examples/complete/outputs.tf |  5 +++++
 main.tf                      | 23 +++++++++++++++++++++++
 outputs.tf                   | 19 +++++++++++++++++++
 variables.tf                 | 22 ++++++++++++++++++++++
 wrappers/main.tf             |  3 +++
 8 files changed, 82 insertions(+)

diff --git a/README.md b/README.md
index 8f22cb7d..ffb8bc02 100644
--- a/README.md
+++ b/README.md
@@ -179,6 +179,7 @@ No modules.
 
 | Name | Type |
 |------|------|
+| [aws_eip.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |
 | [aws_iam_instance_profile.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
 | [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
@@ -203,12 +204,15 @@ No modules.
 | <a name="input_cpu_options"></a> [cpu\_options](#input\_cpu\_options) | Defines CPU options to apply to the instance at launch time. | `any` | `{}` | no |
 | <a name="input_cpu_threads_per_core"></a> [cpu\_threads\_per\_core](#input\_cpu\_threads\_per\_core) | Sets the number of CPU threads per core for an instance (has no effect unless cpu\_core\_count is also set) | `number` | `null` | no |
 | <a name="input_create"></a> [create](#input\_create) | Whether to create an instance | `bool` | `true` | no |
+| <a name="input_create_eip_public"></a> [create\_eip\_public](#input\_create\_eip\_public) | Determines whether a public EIP will be created and associated with the instance. | `bool` | `false` | no |
 | <a name="input_create_iam_instance_profile"></a> [create\_iam\_instance\_profile](#input\_create\_iam\_instance\_profile) | Determines whether an IAM instance profile is created or to use an existing IAM instance profile | `bool` | `false` | no |
 | <a name="input_create_spot_instance"></a> [create\_spot\_instance](#input\_create\_spot\_instance) | Depicts if the instance is a spot instance | `bool` | `false` | no |
 | <a name="input_disable_api_stop"></a> [disable\_api\_stop](#input\_disable\_api\_stop) | If true, enables EC2 Instance Stop Protection | `bool` | `null` | no |
 | <a name="input_disable_api_termination"></a> [disable\_api\_termination](#input\_disable\_api\_termination) | If true, enables EC2 Instance Termination Protection | `bool` | `null` | no |
 | <a name="input_ebs_block_device"></a> [ebs\_block\_device](#input\_ebs\_block\_device) | Additional EBS block devices to attach to the instance | `list(any)` | `[]` | no |
 | <a name="input_ebs_optimized"></a> [ebs\_optimized](#input\_ebs\_optimized) | If true, the launched EC2 instance will be EBS-optimized | `bool` | `null` | no |
+| <a name="input_eip_public_domain"></a> [eip\_public\_domain](#input\_eip\_public\_domain) | Indicates if this EIP is for use in VPC (vpc). | `string` | `"vpc"` | no |
+| <a name="input_eip_public_tags"></a> [eip\_public\_tags](#input\_eip\_public\_tags) | A map of additional tags to add to the Public EIP created | `map(string)` | `{}` | no |
 | <a name="input_enable_volume_tags"></a> [enable\_volume\_tags](#input\_enable\_volume\_tags) | Whether to enable volume tags (if enabled it conflicts with root\_block\_device tags) | `bool` | `true` | no |
 | <a name="input_enclave_options_enabled"></a> [enclave\_options\_enabled](#input\_enclave\_options\_enabled) | Whether Nitro Enclaves will be enabled on the instance. Defaults to `false` | `bool` | `null` | no |
 | <a name="input_ephemeral_block_device"></a> [ephemeral\_block\_device](#input\_ephemeral\_block\_device) | Customize Ephemeral (also known as Instance Store) volumes on the instance | `list(map(string))` | `[]` | no |
@@ -270,6 +274,9 @@ No modules.
 | <a name="output_availability_zone"></a> [availability\_zone](#output\_availability\_zone) | The availability zone of the created instance |
 | <a name="output_capacity_reservation_specification"></a> [capacity\_reservation\_specification](#output\_capacity\_reservation\_specification) | Capacity reservation specification of the instance |
 | <a name="output_ebs_block_device"></a> [ebs\_block\_device](#output\_ebs\_block\_device) | EBS block device information |
+| <a name="output_eip_public_dns"></a> [eip\_public\_dns](#output\_eip\_public\_dns) | Public DNS associated with the Elastic IP address |
+| <a name="output_eip_public_id"></a> [eip\_public\_id](#output\_eip\_public\_id) | Contains the EIP allocation ID |
+| <a name="output_eip_public_ip"></a> [eip\_public\_ip](#output\_eip\_public\_ip) | Contains the public IP address |
 | <a name="output_ephemeral_block_device"></a> [ephemeral\_block\_device](#output\_ephemeral\_block\_device) | Ephemeral block device information |
 | <a name="output_iam_instance_profile_arn"></a> [iam\_instance\_profile\_arn](#output\_iam\_instance\_profile\_arn) | ARN assigned by AWS to the instance profile |
 | <a name="output_iam_instance_profile_id"></a> [iam\_instance\_profile\_id](#output\_iam\_instance\_profile\_id) | Instance profile's ID |
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 5c0f17c7..68d5875d 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -84,6 +84,7 @@ No inputs.
 | <a name="output_ec2_complete_primary_network_interface_id"></a> [ec2\_complete\_primary\_network\_interface\_id](#output\_ec2\_complete\_primary\_network\_interface\_id) | The ID of the instance's primary network interface |
 | <a name="output_ec2_complete_private_dns"></a> [ec2\_complete\_private\_dns](#output\_ec2\_complete\_private\_dns) | The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC |
 | <a name="output_ec2_complete_public_dns"></a> [ec2\_complete\_public\_dns](#output\_ec2\_complete\_public\_dns) | The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC |
+| <a name="output_ec2_complete_public_eip"></a> [ec2\_complete\_public\_eip](#output\_ec2\_complete\_public\_eip) | The public Elastic IP address assigned to the instance, if applicable |
 | <a name="output_ec2_complete_public_ip"></a> [ec2\_complete\_public\_ip](#output\_ec2\_complete\_public\_ip) | The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws\_eip with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached |
 | <a name="output_ec2_complete_root_block_device"></a> [ec2\_complete\_root\_block\_device](#output\_ec2\_complete\_root\_block\_device) | Root block device information |
 | <a name="output_ec2_complete_tags_all"></a> [ec2\_complete\_tags\_all](#output\_ec2\_complete\_tags\_all) | A map of tags assigned to the resource, including those inherited from the provider default\_tags configuration block |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index f14dfd9a..8a730e36 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -85,6 +85,8 @@ module "ec2_complete" {
     }
   ]
 
+  create_eip_public = true
+
   tags = local.tags
 }
 
diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf
index cb32c4f3..9a42a628 100644
--- a/examples/complete/outputs.tf
+++ b/examples/complete/outputs.tf
@@ -39,6 +39,11 @@ output "ec2_complete_public_ip" {
   value       = module.ec2_complete.public_ip
 }
 
+output "ec2_complete_public_eip" {
+  description = "The public Elastic IP address assigned to the instance, if applicable"
+  value       = module.ec2_complete.eip_public_ip
+}
+
 output "ec2_complete_tags_all" {
   description = "A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block"
   value       = module.ec2_complete.tags_all
diff --git a/main.tf b/main.tf
index 2f291307..f25681f7 100644
--- a/main.tf
+++ b/main.tf
@@ -603,3 +603,26 @@ resource "aws_iam_instance_profile" "this" {
     create_before_destroy = true
   }
 }
+
+################################################################################
+# Elastic IP
+################################################################################
+
+resource "aws_eip" "public" {
+  count = local.create && var.create_eip_public && !var.create_spot_instance ? 1 : 0
+
+  instance = try(
+    aws_instance.this[0].id,
+    aws_instance.ignore_ami[0].id,
+    null,
+  )
+
+  domain = var.eip_public_domain
+
+  tags = merge(var.tags, var.eip_public_tags)
+
+  depends_on = [
+    aws_instance.this,
+    aws_instance.ignore_ami
+  ]
+}
diff --git a/outputs.tf b/outputs.tf
index b10773d4..8cd6f58d 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -229,3 +229,22 @@ output "ephemeral_block_device" {
     null
   )
 }
+
+################################################################################
+# Elastic IP
+################################################################################
+
+output "eip_public_id" {
+  description = "Contains the EIP allocation ID"
+  value       = try(aws_eip.public[0].id, null)
+}
+
+output "eip_public_dns" {
+  description = "Public DNS associated with the Elastic IP address"
+  value       = try(aws_eip.public[0].public_dns, null)
+}
+
+output "eip_public_ip" {
+  description = "Contains the public IP address"
+  value       = try(aws_eip.public[0].public_ip, null)
+}
diff --git a/variables.tf b/variables.tf
index d5b8bc0e..e3691689 100644
--- a/variables.tf
+++ b/variables.tf
@@ -408,3 +408,25 @@ variable "iam_role_tags" {
   type        = map(string)
   default     = {}
 }
+
+################################################################################
+# Elastic IP
+################################################################################
+
+variable "create_eip_public" {
+  description = "Determines whether a public EIP will be created and associated with the instance."
+  type        = bool
+  default     = false
+}
+
+variable "eip_public_domain" {
+  description = "Indicates if this EIP is for use in VPC (vpc)."
+  type        = string
+  default     = "vpc"
+}
+
+variable "eip_public_tags" {
+  description = "A map of additional tags to add to the Public EIP created"
+  type        = map(string)
+  default     = {}
+}
diff --git a/wrappers/main.tf b/wrappers/main.tf
index 494d2cbc..92f9ee81 100644
--- a/wrappers/main.tf
+++ b/wrappers/main.tf
@@ -13,12 +13,15 @@ module "wrapper" {
   cpu_options                          = try(each.value.cpu_options, var.defaults.cpu_options, {})
   cpu_threads_per_core                 = try(each.value.cpu_threads_per_core, var.defaults.cpu_threads_per_core, null)
   create                               = try(each.value.create, var.defaults.create, true)
+  create_eip_public                    = try(each.value.create_eip_public, var.defaults.create_eip_public, false)
   create_iam_instance_profile          = try(each.value.create_iam_instance_profile, var.defaults.create_iam_instance_profile, false)
   create_spot_instance                 = try(each.value.create_spot_instance, var.defaults.create_spot_instance, false)
   disable_api_stop                     = try(each.value.disable_api_stop, var.defaults.disable_api_stop, null)
   disable_api_termination              = try(each.value.disable_api_termination, var.defaults.disable_api_termination, null)
   ebs_block_device                     = try(each.value.ebs_block_device, var.defaults.ebs_block_device, [])
   ebs_optimized                        = try(each.value.ebs_optimized, var.defaults.ebs_optimized, null)
+  eip_public_domain                    = try(each.value.eip_public_domain, var.defaults.eip_public_domain, "vpc")
+  eip_public_tags                      = try(each.value.eip_public_tags, var.defaults.eip_public_tags, {})
   enable_volume_tags                   = try(each.value.enable_volume_tags, var.defaults.enable_volume_tags, true)
   enclave_options_enabled              = try(each.value.enclave_options_enabled, var.defaults.enclave_options_enabled, null)
   ephemeral_block_device               = try(each.value.ephemeral_block_device, var.defaults.ephemeral_block_device, [])