Skip to content

Latest commit

 

History

History
189 lines (145 loc) · 13.1 KB

README.md

File metadata and controls

189 lines (145 loc) · 13.1 KB

AWS EC2 Instance Terraform module

Terraform module which creates EC2 instance(s) on AWS.

These types of resources are supported:

Terraform versions

Terraform 0.12. Pin module version to ~> v2.0. Submit pull-requests to master branch.

Terraform 0.11. Pin module version to ~> v1.0. Submit pull-requests to terraform011 branch.

Usage

module "ec2_cluster" {
  source                 = "terraform-aws-modules/ec2-instance/aws"
  version                = "~> 2.0"

  name                   = "my-cluster"
  instance_count         = 5

  ami                    = "ami-ebd02392"
  instance_type          = "t2.micro"
  key_name               = "user1"
  monitoring             = true
  vpc_security_group_ids = ["sg-12345678"]
  subnet_id              = "subnet-eddcdzz4"

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Examples

Make an encrypted AMI for use

This module does not support encrypted AMI's out of the box however it is easy enough for you to generate one for use

This example creates an encrypted image from the latest ubuntu 16.04 base image.

resource "aws_ami_copy" "ubuntu-xenial-encrypted-ami" {
  name              = "ubuntu-xenial-encrypted-ami"
  description       = "An encrypted root ami based off ${data.aws_ami.ubuntu-xenial.id}"
  source_ami_id     = "${data.aws_ami.ubuntu-xenial.id}"
  source_ami_region = "eu-west-2"
  encrypted         = "true"

  tags {
    Name = "ubuntu-xenial-encrypted-ami"
  }
}

data "aws_ami" "encrypted-ami" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu-xenial-encrypted"]
  }

  owners = ["self"]
}

data "aws_ami" "ubuntu-xenial" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"]
  }

  owners      = ["099720109477"]
}

Notes

  • network_interface can't be specified together with vpc_security_group_ids, associate_public_ip_address, subnet_id. See basic example for details.
  • Changes in ebs_block_device argument will be ignored. Use aws_volume_attachment resource to attach and detach volumes from AWS EC2 instances. See this example.
  • One of subnet_id or subnet_ids is required. If both are provided, the value of subnet_id is prepended to the value of subnet_ids.

Requirements

No requirements.

Providers

Name Version
aws n/a

Modules

No modules.

Resources

Name Type
aws_instance.this resource

Inputs

Name Description Type Default Required
ami ID of AMI to use for the instance string n/a yes
associate_public_ip_address If true, the EC2 instance will have associated public IP address bool null no
cpu_credits The credit option for CPU usage (unlimited or standard) string "standard" no
disable_api_termination If true, enables EC2 Instance Termination Protection bool false no
ebs_block_device Additional EBS block devices to attach to the instance list(map(string)) [] no
ebs_optimized If true, the launched EC2 instance will be EBS-optimized bool false no
ephemeral_block_device Customize Ephemeral (also known as Instance Store) volumes on the instance list(map(string)) [] no
format_fqdn format FQDN tag or use it as is bool true no
fqdn Value for FQDN instance tag with fully qualified domain name string "" no
get_password_data If true, wait for password data to become available and retrieve it. bool false no
iam_instance_profile The IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. string "" no
instance_count Number of instances to launch number 1 no
instance_initiated_shutdown_behavior Shutdown behavior for the instance string "" no
instance_type The type of instance to start string n/a yes
ipv6_address_count A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. number null no
ipv6_addresses Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface list(string) null no
key_name The key name to use for the instance string "" no
metadata_options Customize the metadata options of the instance map(string)
{
"http_endpoint": "enabled",
"http_put_response_hop_limit": 1,
"http_tokens": "optional"
}
no
monitoring If true, the launched EC2 instance will have detailed monitoring enabled bool false no
name Name to be used on all resources as prefix string n/a yes
network_interface Customize network interfaces to be attached at instance boot time list(map(string)) [] no
placement_group The Placement Group to start the instance in string "" no
private_ip Private IP address to associate with the instance in a VPC string null no
private_ips A list of private IP address to associate with the instance in a VPC. Should match the number of instances. list(string) [] no
root_block_device Customize details about the root block device of the instance. See Block Devices below for details list(map(string)) [] no
source_dest_check Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. bool true no
subnet_id The VPC Subnet ID to launch in string "" no
subnet_ids A list of VPC Subnet IDs to launch in list(string) [] no
tags A mapping of tags to assign to the resource map(string) {} no
tenancy The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host. string "default" no
use_num_suffix Always append numerical suffix to instance name, even if instance_count is 1 bool false no
user_data The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead. string null no
user_data_base64 Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. string null no
volume_tags A mapping of tags to assign to the devices created by the instance at launch time map(string) {} no
vpc_security_group_ids A list of security group IDs to associate with list(string) null no

Outputs

Name Description
arn List of ARNs of instances
availability_zone List of availability zones of instances
credit_specification List of credit specification of instances
ebs_block_device_volume_ids List of volume IDs of EBS block devices of instances
id List of IDs of instances
instance_count Number of instances to launch specified as argument to this module
instance_state List of instance states of instances
ipv6_addresses List of assigned IPv6 addresses of instances
key_name List of key names of instances
password_data List of Base-64 encoded encrypted password data for the instance
placement_group List of placement groups of instances
primary_network_interface_id List of IDs of the primary network interface of instances
private_dns List of private DNS names assigned to the instances. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC
private_ip List of private IP addresses assigned to the instances
public_dns List of public DNS names assigned to the instances. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC
public_ip List of public IP addresses assigned to the instances, if applicable
root_block_device_volume_ids List of volume IDs of root block devices of instances
security_groups List of associated security groups of instances
subnet_id List of IDs of VPC subnets of instances
tags List of tags of instances
volume_tags List of tags of volumes of instances
vpc_security_group_ids List of associated security groups of instances, if running in non-default VPC

Authors

Module managed by Anton Babenko.

License

Apache 2 Licensed. See LICENSE for full details.