Generic Bootstrap Instance on AWS EC2
module "ecc" {
source = "git::ssh://git@github.com/oozou/terraform-aws-ec2-instance.git?ref=<branch_or_version>"
prefix = "sbth"
environment = "dev"
name = "eks-bootstrap"
is_create_eip = true # Deafult is `false`
ami = "ami-055d15d9cfddf7bd3" # This value is ubuntu20.04
vpc_id = module.vpc.vpc_id
subnet_id = element(module.vpc.public_subnet_ids, 0)
is_batch_run = false # Default is `false`, If machine is need to be `terminated` with instance_initiated_shutdown_behavior
key_name = "big-ssh-key"
additional_sg_attacment_ids = ["sg-000da3cbe7e0d8713"] # The sg to associate with this instance
iam_instance_profile = null # Default is `null`
override_profile_policy = data.json
user_data = file("./script/install-pritunlvpn.sh")
security_group_ingress_rules = {
allow_to_db = {
port = "443"
cidr_blocks = ["1.1.1.1/32"]
}
allow_to_you = {
port = "22"
cidr_blocks = ["0.0.0.0/0"]
}
allow_with_sg = {
source_security_group_id = "sg-000daabcd7e0d2475"
}
}
tags = { "Workspace" = "O-labtop" }
}
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| aws | >= 4.00 |
| Name | Version |
|---|---|
| aws | 4.10.0 |
No modules.
| Name | Type |
|---|---|
| aws_eip.this | resource |
| aws_iam_instance_profile.this | resource |
| aws_iam_role.this | resource |
| aws_iam_role_policy.this | resource |
| aws_iam_role_policy_attachment.this | resource |
| aws_instance.this | resource |
| aws_security_group.this | resource |
| aws_security_group_rule.egress | resource |
| aws_security_group_rule.ingress | resource |
| aws_iam_policy_document.this | data source |
| aws_iam_policy_document.this_assume_role | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_profile_policy_arns | List of IAM policy arns that are attach to iam profile role | list(string) |
[] |
no |
| additional_sg_attacment_ids | (Optional) The ID of the security group. | list(string) |
[] |
no |
| ami | (Optional) AMI to use for the instance. Required unless launch_template is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting ami will override the AMI specified in the Launch Template | string |
n/a | yes |
| environment | Environment Variable used as a prefix | string |
n/a | yes |
| iam_instance_profile | (Optional) IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. It only affects when is_create_default_profile is false | string |
null |
no |
| instance_type | (Optional) The instance type to use for the instance. Updates to this field will trigger a stop/start of the EC2 instance. | string |
"t2.micro" |
no |
| is_batch_run | wherther to create and terminate instance when script change or not | bool |
false |
no |
| is_create_default_profile | (Optional) boolean flag for create instance profile and iam role to ec2 module | bool |
true |
no |
| is_create_eip | Whether to create EIP or not | bool |
false |
no |
| is_create_security_group | Determines whether to create security group for RDS cluster | bool |
true |
no |
| key_name | (Optional) Key name of the Key Pair to use for the instance; which can be managed using | string |
null |
no |
| name | name the purpose for the ec2 instance | string |
n/a | yes |
| override_profile_assume_role_policy | List of IAM policy documents that are merged together into the assume role policy | list(string) |
[] |
no |
| override_profile_policy | List of IAM policy documents that are merged together into the exported document | list(string) |
[] |
no |
| prefix | The prefix name of customer to be displayed in AWS console and resource | string |
n/a | yes |
| security_group_egress_rules | A map of security group egress rule defintions to add to the security group created | any |
{} |
no |
| security_group_ingress_rules | Map of ingress and any specific/overriding attributes to be created | any |
{} |
no |
| subnet_id | The ID of the subnet relate to VPC | string |
n/a | yes |
| tags | Tags to add more; default tags contian {terraform=true, environment=var.environment} | map(string) |
{} |
no |
| user_data | The ID of the subnet relate to VPC | string |
null |
no |
| vpc_id | The ID of the VPC | string |
n/a | yes |
| Name | Description |
|---|---|
| arn | The ARN of the instance. |
| capacity_reservation_specification | Capacity reservation specification of the instance. |
| outpost_arn | The ARN of the Outpost the instance is assigned to. |
| primary_network_interface_id | The ID of the instance's primary network interface. |
| private_dns | The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC. |
| private_ip | The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use public_ip as this field will change after the EIP is attached. |
| public_dns | The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC. |
| public_ip | The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use public_ip as this field will change after the EIP is attached. |
| security_group_arn | ARN of the security group associated to this ec2 |
| security_group_id | ID of the security group associated to this ec2 |