/terraform-aws-ec2

Terraform module to create an EC2 resource on AWS with Elastic IP Addresses and Elastic Block Store.

Primary LanguageHCLApache License 2.0Apache-2.0

Terraform AWS EC2

Terraform module to create an EC2 resource on AWS with ElasticC IP Addresses and Elastic Block Store.

Terraform Licence tfsec static-checks


We eat, drink, sleep and most importantly love DevOps. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy Bigger problems are always solved by breaking them into smaller manageable problems. Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller connected yet manageable pieces within the infrastructure.

This module is basically combination of Terraform open source and includes automatation tests and examples. It also helps to create and improve your infrastructure with minimalistic code instead of maintaining the whole infrastructure code yourself.

We have fifty plus terraform modules. A few of them are comepleted and are available for open source usage while a few others are in progress.

Prerequisites

This module has a few dependencies:

Examples

IMPORTANT: Since the master branch used in source varies based on new modifications, we suggest that you use the release versions here.

Here is examples of how you can use this module in your inventory structure:

Basic Example

    module "ec2" {
  source        = "clouddrove/ec2/aws"

    name        = "ec2"
    environment = "test"
    label_order = ["name", "environment"]

    #instance
    instance_enabled = true
    instance_count   = 2
    ami              = "ami-08d658f84a6d84a80"
    instance_type    = "t2.nano"
    monitoring       = false
    tenancy          = "default"

    #Networking
    vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids]
    subnet_ids                  = tolist(module.public_subnets.public_subnet_id)
    assign_eip_address          = true
    associate_public_ip_address = true

    #Keypair
    key_name = module.keypair.name

    #IAM
    instance_profile_enabled = true
    iam_instance_profile     = module.iam-role.name

    #Root Volume
    root_block_device = [
      {
        volume_type           = "gp2"
        volume_size           = 15
        delete_on_termination = true
        kms_key_id            = module.kms_key.key_arn
      }
    ]

    #EBS Volume
    ebs_optimized      = false
    ebs_volume_enabled = false
    ebs_volume_type    = "gp2"
    ebs_volume_size    = 30

    #DNS
    dns_enabled = false
    dns_zone_id = "Z1XJD7SSBKXLC1"
    hostname    = "ec2"

    #Tags
    instance_tags = { "snapshot" = true }

    # Metadata
    metadata_http_tokens_required        = "optional"
    metadata_http_endpoint_enabled       = "enabled"
    metadata_http_put_response_hop_limit = 2
    }

ebs_mount

    module "ec2" {
    source        = "clouddrove/ec2/aws"
    name          = "ec2"
    environment   = "test"
    label_order   = ["name", "environment"]

    #Instance
    instance_enabled = true
    instance_count   = 2
    ami              = "ami-08d658f84a6d84a80"
    instance_type    = "t2.nano"
    monitoring       = false
    tenancy          = "default"

    #Keypair
    key_name = module.keypair.name

    #Networking
    vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids]
    subnet_ids                  = tolist(module.public_subnets.public_subnet_id)
    assign_eip_address          = true
    associate_public_ip_address = true

    #IAM
    instance_profile_enabled = true
    iam_instance_profile     = module.iam-role.name

    #Root Volume
    root_block_device = [
      {
        volume_type           = "gp2"
        volume_size           = 15
        delete_on_termination = true
        kms_key_id            = module.kms_key.key_arn
      }
    ]

    #EBS Volume
    ebs_optimized      = false
    ebs_volume_enabled = true
    ebs_volume_type    = "gp2"
    ebs_volume_size    = 30

    #DNS
    dns_enabled = false
    dns_zone_id = "Z1XJD7SSBKXLC1"
    hostname    = "ec2"

    #Tags
    instance_tags = { "snapshot" = true }

    # Metadata
    metadata_http_tokens_required        = "optional"
    metadata_http_endpoint_enabled       = "enabled"
    metadata_http_put_response_hop_limit = 2

    #Mount EBS With User Data
    user_data = file("user-data.sh")
  }

Inputs

Name Description Type Default Required
ami The AMI to use for the instance. string "" no
assign_eip_address Assign an Elastic IP address to the instance. bool false no
associate_public_ip_address Associate a public IP address with the instance. bool true no
attributes Additional attributes (e.g. 1). list(any) [] no
availability_zone Availability Zone the instance is launched in. If not set, will be launched in the first AZ of the region. list(any) [] no
cpu_core_count Sets the number of CPU cores for an instance. string null no
cpu_credits The credit option for CPU usage. Can be standard or unlimited. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default. string "standard" no
delimiter Delimiter to be used between organization, environment, name and attributes. string "-" no
disable_api_termination If true, enables EC2 Instance Termination Protection. bool false no
dns_enabled Flag to control the dns_enable. bool false no
dns_zone_id The Zone ID of Route53. string "" no
ebs_block_device Additional EBS block devices to attach to the instance. list(any) [] no
ebs_device_name Name of the EBS device to mount. list(string)
[
"/dev/xvdb",
"/dev/xvdc",
"/dev/xvdd",
"/dev/xvde",
"/dev/xvdf",
"/dev/xvdg",
"/dev/xvdh",
"/dev/xvdi",
"/dev/xvdj",
"/dev/xvdk",
"/dev/xvdl",
"/dev/xvdm",
"/dev/xvdn",
"/dev/xvdo",
"/dev/xvdp",
"/dev/xvdq",
"/dev/xvdr",
"/dev/xvds",
"/dev/xvdt",
"/dev/xvdu",
"/dev/xvdv",
"/dev/xvdw",
"/dev/xvdx",
"/dev/xvdy",
"/dev/xvdz"
]
no
ebs_iops Amount of provisioned IOPS. This must be set with a volume_type of io1. number 0 no
ebs_optimized If true, the launched EC2 instance will be EBS-optimized. bool true no
ebs_volume_enabled Flag to control the ebs creation. bool false no
ebs_volume_size Size of the EBS volume in gigabytes. number 30 no
ebs_volume_type The type of EBS volume. Can be standard, gp2 or io1. string "gp2" no
environment Environment (e.g. prod, dev, staging). string "" no
ephemeral_block_device Customize Ephemeral (also known as Instance Store) volumes on the instance. list(any) [] no
host_id The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host. string null no
hostname DNS records to create. string "" no
iam_instance_profile The IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. string "" no
instance_count Number of instances to launch. number 1 no
instance_enabled Flag to control the instance creation. bool true no
instance_initiated_shutdown_behavior n/a string "terminate" no
instance_profile_enabled Flag to control the instance profile creation. bool false no
instance_tags Instance tags. map(any) {} no
instance_type The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance. string n/a yes
ipv6_address_count Number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. number null no
ipv6_addresses List of IPv6 addresses from the range of the subnet to associate with the primary network interface. list(any) null no
key_name The key name to use for the instance. string "" no
kms_key_id The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true. string "" no
label_order Label order, e.g. name,application. list(any) [] no
managedby ManagedBy, eg 'CloudDrove'. string "hello@clouddrove.com" no
metadata_http_endpoint_enabled Whether the metadata service is available. Valid values include enabled or disabled. Defaults to enabled. string "enabled" no
metadata_http_put_response_hop_limit The desired HTTP PUT response hop limit (between 1 and 64) for instance metadata requests. number 2 no
metadata_http_tokens_required Whether or not the metadata service requires session tokens, also referred to as Instance Metadata Service Version 2 (IMDSv2). Valid values include optional or required. Defaults to optional. string "optional" no
monitoring If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0). bool true no
name Name (e.g. app or cluster). string "" no
network_interface Customize network interfaces to be attached at instance boot time list(map(string)) [] no
placement_group The Placement Group to start the instance in. string "" no
repository Terraform current module repo string "https://github.com/clouddrove/terraform-aws-ec2" no
root_block_device Customize details about the root block device of the instance. See Block Devices below for details. list(any) [] no
source_dest_check Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. bool true no
subnet VPC Subnet ID the instance is launched in. string null no
subnet_ids A list of VPC Subnet IDs to launch in. list(string) [] no
tags Additional tags (e.g. map(BusinessUnit,XYZ). map(any) {} no
tenancy The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command. string "default" no
ttl The TTL of the record to add to the DNS zone to complete certificate validation. string "300" no
type Type of DNS records to create. string "CNAME" no
user_data (Optional) A string of the desired User Data for the ec2. string "" no
vpc_security_group_ids_list A list of security group IDs to associate with. list(string) [] no

Outputs

Name Description
arn The ARN of the instance.
az The availability zone of the instance.
instance_count The count of instances.
instance_id The instance ID.
ipv6_addresses A list of assigned IPv6 addresses.
key_name The key name of the instance.
placement_group The placement group of the instance.
private_ip Private IP of instance.
public_ip Public IP of instance (or EIP).
subnet_id The EC2 subnet ID.
tags The instance ID.
vpc_security_group_ids The associated security groups in non-default VPC.

Testing

In this module testing is performed with terratest and it creates a small piece of infrastructure, matches the output like ARN, ID and Tags name etc and destroy infrastructure in your AWS account. This testing is written in GO, so you need a GO environment in your system.

You need to run the following command in the testing folder:

  go test -run Test

Feedback

If you come accross a bug or have any feedback, please log it in our issue tracker, or feel free to drop us an email at hello@clouddrove.com.

If you have found it worth your time, go ahead and give us a ★ on our GitHub!

About us

At CloudDrove, we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering.

We are The Cloud Experts!


We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.