github.com/terraform-modules-krish/terratest@v0.29.0/examples/terraform-ssh-example/main.tf (about) 1 # --------------------------------------------------------------------------------------------------------------------- 2 # PIN TERRAFORM VERSION TO >= 0.12 3 # The examples have been upgraded to 0.12 syntax 4 # --------------------------------------------------------------------------------------------------------------------- 5 6 terraform { 7 required_version = ">= 0.12" 8 } 9 10 # --------------------------------------------------------------------------------------------------------------------- 11 # DEPLOY TWO EC2 INSTANCES THAT ALLOWS CONNECTIONS VIA SSH 12 # See test/terraform_ssh_example.go for how to write automated tests for this code. 13 # --------------------------------------------------------------------------------------------------------------------- 14 15 provider "aws" { 16 region = var.aws_region 17 } 18 19 # --------------------------------------------------------------------------------------------------------------------- 20 # DEPLOY THE EC2 INSTANCE WITH A PUBLIC IP 21 # --------------------------------------------------------------------------------------------------------------------- 22 23 resource "aws_instance" "example_public" { 24 ami = data.aws_ami.ubuntu.id 25 instance_type = "t2.micro" 26 vpc_security_group_ids = [aws_security_group.example.id] 27 key_name = var.key_pair_name 28 29 # This EC2 Instance has a public IP and will be accessible directly from the public Internet 30 associate_public_ip_address = true 31 32 tags = { 33 Name = "${var.instance_name}-public" 34 } 35 } 36 37 # --------------------------------------------------------------------------------------------------------------------- 38 # DEPLOY THE EC2 INSTANCE WITH A PRIVATE IP 39 # --------------------------------------------------------------------------------------------------------------------- 40 41 resource "aws_instance" "example_private" { 42 ami = data.aws_ami.ubuntu.id 43 instance_type = "t2.micro" 44 vpc_security_group_ids = [aws_security_group.example.id] 45 key_name = var.key_pair_name 46 47 # This EC2 Instance has a private IP and will be accessible only from within the VPC 48 associate_public_ip_address = false 49 50 tags = { 51 Name = "${var.instance_name}-private" 52 } 53 } 54 55 # --------------------------------------------------------------------------------------------------------------------- 56 # CREATE A SECURITY GROUP TO CONTROL WHAT REQUESTS CAN GO IN AND OUT OF THE EC2 INSTANCES 57 # --------------------------------------------------------------------------------------------------------------------- 58 59 resource "aws_security_group" "example" { 60 name = var.instance_name 61 62 egress { 63 from_port = 0 64 to_port = 0 65 protocol = "-1" 66 cidr_blocks = ["0.0.0.0/0"] 67 } 68 69 ingress { 70 from_port = var.ssh_port 71 to_port = var.ssh_port 72 protocol = "tcp" 73 74 # To keep this example simple, we allow incoming SSH requests from any IP. In real-world usage, you should only 75 # allow SSH requests from trusted servers, such as a bastion host or VPN server. 76 cidr_blocks = ["0.0.0.0/0"] 77 } 78 } 79 80 # --------------------------------------------------------------------------------------------------------------------- 81 # LOOK UP THE LATEST UBUNTU AMI 82 # --------------------------------------------------------------------------------------------------------------------- 83 84 data "aws_ami" "ubuntu" { 85 most_recent = true 86 owners = ["099720109477"] # Canonical 87 88 filter { 89 name = "virtualization-type" 90 values = ["hvm"] 91 } 92 93 filter { 94 name = "architecture" 95 values = ["x86_64"] 96 } 97 98 filter { 99 name = "image-type" 100 values = ["machine"] 101 } 102 103 filter { 104 name = "name" 105 values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"] 106 } 107 } 108