73 lines
2.0 KiB
Terraform
73 lines
2.0 KiB
Terraform
# resource "aws_instance" "Test" {
|
|
# ami = data.aws_ami.this.id
|
|
# instance_type = "t4g.large"
|
|
#
|
|
# tags = {
|
|
# Name : "TestInstance001"
|
|
# }
|
|
# }
|
|
|
|
module "TestInstance" {
|
|
source = "terraform-aws-modules/ec2-instance/aws"
|
|
version = "6.2.0"
|
|
|
|
ami = data.aws_ami.this.id
|
|
associate_public_ip_address = false
|
|
create_eip = false
|
|
name = "TestInstance001"
|
|
instance_type = "t4g.large"
|
|
subnet_id = data.terraform_remote_state.vpc.outputs.private_subnets[0]
|
|
create_security_group = false
|
|
vpc_security_group_ids = [module.TestSg.id]
|
|
root_block_device = {
|
|
device_name = "/dev/xvda"
|
|
type = "gp3"
|
|
size = 20
|
|
delete_on_termination = true
|
|
kms_key_id = module.KmsKeys.cmks["allpurpose"].arn
|
|
}
|
|
metadata_options = {
|
|
http_put_response_hop_limit = 2
|
|
http_tokens = "required"
|
|
}
|
|
}
|
|
|
|
data "aws_ami" "this" {
|
|
most_recent = true
|
|
name_regex = "^al2023-ami-2023.*-kernel-6.1-arm64"
|
|
owners = ["amazon"]
|
|
}
|
|
|
|
resource "random_pet" "this" {
|
|
length = 1
|
|
}
|
|
|
|
module "KmsKeys" {
|
|
source = "../../../modules/security_identity_compliance/CustomerManagedKmsKeys"
|
|
|
|
create-allpurpose-key = true
|
|
create-backup-key = false
|
|
create-database-key = false
|
|
create-eksebs-key = false
|
|
create-log-key = false
|
|
create-notify-key = false
|
|
create-secret-key = false
|
|
create-storage-key = false
|
|
deletion_window_in_days = 7
|
|
}
|
|
|
|
|
|
module "TestSg" {
|
|
source = "../../../modules/compute/security_group"
|
|
name = "example-sg"
|
|
description = "SG of EC2 bastion instances"
|
|
vpc-id = data.terraform_remote_state.vpc.outputs.vpc_id
|
|
ingress = {
|
|
r1 = "tcp,4750,4750,1.2.3.4/32,Patch Management Tool"
|
|
r2 = "tcp,22,22,1.2.3.4/32,Patch Management Tool"
|
|
}
|
|
egress = {
|
|
r1 = "-1,-1,-1,0.0.0.0/0,Allow egress ipv4"
|
|
r2 = "-1,-1,-1,::/0,Allow egress ipv6"
|
|
}
|
|
} |