diff --git a/README.md b/README.md
index e3ee700..b9342ca 100644
--- a/README.md
+++ b/README.md
@@ -1,163 +1,3 @@
-# AWS EC2 Instance Terraform module
-
-Terraform module which creates an EC2 instance on AWS.
-
-[](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)
-
-## Usage
-
-### Single EC2 Instance
-
-```hcl
-module "ec2_instance" {
- source = "terraform-aws-modules/ec2-instance/aws"
-
- name = "single-instance"
-
- instance_type = "t2.micro"
- key_name = "user1"
- monitoring = true
- vpc_security_group_ids = ["sg-12345678"]
- subnet_id = "subnet-eddcdzz4"
-
- tags = {
- Terraform = "true"
- Environment = "dev"
- }
-}
-```
-
-### Multiple EC2 Instance
-
-```hcl
-module "ec2_instance" {
- source = "terraform-aws-modules/ec2-instance/aws"
-
- for_each = toset(["one", "two", "three"])
-
- name = "instance-${each.key}"
-
- instance_type = "t2.micro"
- key_name = "user1"
- monitoring = true
- vpc_security_group_ids = ["sg-12345678"]
- subnet_id = "subnet-eddcdzz4"
-
- tags = {
- Terraform = "true"
- Environment = "dev"
- }
-}
-```
-
-### Spot EC2 Instance
-
-```hcl
-module "ec2_instance" {
- source = "terraform-aws-modules/ec2-instance/aws"
-
- name = "spot-instance"
-
- create_spot_instance = true
- spot_price = "0.60"
- spot_type = "persistent"
-
- instance_type = "t2.micro"
- key_name = "user1"
- monitoring = true
- vpc_security_group_ids = ["sg-12345678"]
- subnet_id = "subnet-eddcdzz4"
-
- tags = {
- Terraform = "true"
- Environment = "dev"
- }
-}
-```
-
-## Module wrappers
-
-Users of this Terraform module can create multiple similar resources by using [`for_each` meta-argument within `module` block](https://www.terraform.io/language/meta-arguments/for_each) which became available in Terraform 0.13.
-
-Users of Terragrunt can achieve similar results by using modules provided in the [wrappers](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/wrappers) directory, if they prefer to reduce amount of configuration files.
-
-## Examples
-
-- [Complete EC2 instance](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/complete)
-- [EC2 instance w/ private network access via Session Manager](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/session-manager)
-- [EC2 instance with EBS volume attachment](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/volume-attachment)
-
-## Make an encrypted AMI for use
-
-This module does not support encrypted AMI's out of the box however it is easy enough for you to generate one for use
-
-This example creates an encrypted image from the latest ubuntu 16.04 base image.
-
-```hcl
-provider "aws" {
- region = "us-west-2"
-}
-
-data "aws_ami" "ubuntu" {
- most_recent = true
- owners = ["679593333241"]
-
- filter {
- name = "name"
- values = ["ubuntu-minimal/images/hvm-ssd/ubuntu-focal-20.04-*"]
- }
-
- filter {
- name = "virtualization-type"
- values = ["hvm"]
- }
-}
-
-resource "aws_ami_copy" "ubuntu_encrypted_ami" {
- name = "ubuntu-encrypted-ami"
- description = "An encrypted root ami based off ${data.aws_ami.ubuntu.id}"
- source_ami_id = data.aws_ami.ubuntu.id
- source_ami_region = "eu-west-2"
- encrypted = true
-
- tags = { Name = "ubuntu-encrypted-ami" }
-}
-
-data "aws_ami" "encrypted-ami" {
- most_recent = true
-
- filter {
- name = "name"
- values = [aws_ami_copy.ubuntu_encrypted_ami.id]
- }
-
- owners = ["self"]
-}
-```
-
-## Conditional creation
-
-The following combinations are supported to conditionally create resources:
-
-- Disable resource creation (no resources created):
-
-```hcl
- create = false
-```
-
-- Create spot instance:
-
-```hcl
- create_spot_instance = true
-```
-
-## Notes
-
-- `network_interface` can't be specified together with `vpc_security_group_ids`, `associate_public_ip_address`, `subnet_id`. See [complete example](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/complete) for details.
-- Changes in `ebs_block_device` argument will be ignored. Use [aws_volume_attachment](https://www.terraform.io/docs/providers/aws/r/volume_attachment.html) resource to attach and detach volumes from AWS EC2 instances. See [this example](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/volume-attachment).
-- In regards to spot instances, you must grant the `AWSServiceRoleForEC2Spot` service-linked role access to any custom KMS keys, otherwise your spot request and instances will fail with `bad parameters`. You can see more details about why the request failed by using the awscli and `aws ec2 describe-spot-instance-requests`
-
-
## Requirements
| Name | Version |
@@ -173,7 +13,9 @@ The following combinations are supported to conditionally create resources:
## Modules
-No modules.
+| Name | Source | Version |
+|------|--------|---------|
+| [key-pair](#module\_key-pair) | app.terraform.io/sccm/key-pair-creation/aws | 0.0.4 |
## Resources
@@ -186,6 +28,8 @@ No modules.
| [aws_instance.ignore_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |
| [aws_instance.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |
| [aws_spot_instance_request.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/spot_instance_request) | resource |
+| [aws_ami.selected](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
+| [aws_ami.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
| [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
| [aws_ssm_parameter.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
@@ -195,7 +39,9 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [ami](#input\_ami) | ID of AMI to use for the instance | `string` | `null` | no |
+| [ami\_os](#input\_ami\_os) | value | `string` | `"override"` | no |
| [ami\_ssm\_parameter](#input\_ami\_ssm\_parameter) | SSM parameter name for the AMI ID. For Amazon Linux AMI SSM parameters see [reference](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-public-parameters-ami.html) | `string` | `"/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"` | no |
+| [application](#input\_application) | Identifier to be added to the resources created which represents the application they belong to | `string` | n/a | yes |
| [associate\_public\_ip\_address](#input\_associate\_public\_ip\_address) | Whether to associate a public IP address with an instance in a VPC | `bool` | `null` | no |
| [availability\_zone](#input\_availability\_zone) | AZ to start the instance in | `string` | `null` | no |
| [capacity\_reservation\_specification](#input\_capacity\_reservation\_specification) | Describes an instance's Capacity Reservation targeting option | `any` | `{}` | no |
@@ -215,11 +61,12 @@ No modules.
| [eip\_tags](#input\_eip\_tags) | A map of additional tags to add to the eip | `map(string)` | `{}` | no |
| [enable\_volume\_tags](#input\_enable\_volume\_tags) | Whether to enable volume tags (if enabled it conflicts with root\_block\_device tags) | `bool` | `true` | no |
| [enclave\_options\_enabled](#input\_enclave\_options\_enabled) | Whether Nitro Enclaves will be enabled on the instance. Defaults to `false` | `bool` | `null` | no |
+| [environment](#input\_environment) | Application environment (dev, qa, stg, uat, prod) | `string` | n/a | yes |
| [ephemeral\_block\_device](#input\_ephemeral\_block\_device) | Customize Ephemeral (also known as Instance Store) volumes on the instance | `list(map(string))` | `[]` | no |
| [get\_password\_data](#input\_get\_password\_data) | If true, wait for password data to become available and retrieve it | `bool` | `null` | no |
| [hibernation](#input\_hibernation) | If true, the launched EC2 instance will support hibernation | `bool` | `null` | no |
| [host\_id](#input\_host\_id) | ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host | `string` | `null` | no |
-| [iam\_instance\_profile](#input\_iam\_instance\_profile) | IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile | `string` | `null` | no |
+| [iam\_instance\_profile](#input\_iam\_instance\_profile) | IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile | `string` | `"EC2DefaultProfile"` | no |
| [iam\_role\_description](#input\_iam\_role\_description) | Description of the role | `string` | `null` | no |
| [iam\_role\_name](#input\_iam\_role\_name) | Name to use on IAM role created | `string` | `null` | no |
| [iam\_role\_path](#input\_iam\_role\_path) | IAM role path | `string` | `null` | no |
@@ -229,6 +76,7 @@ No modules.
| [iam\_role\_use\_name\_prefix](#input\_iam\_role\_use\_name\_prefix) | Determines whether the IAM role name (`iam_role_name` or `name`) is used as a prefix | `bool` | `true` | no |
| [ignore\_ami\_changes](#input\_ignore\_ami\_changes) | Whether changes to the AMI ID changes should be ignored by Terraform. Note - changing this value will result in the replacement of the instance | `bool` | `false` | no |
| [instance\_initiated\_shutdown\_behavior](#input\_instance\_initiated\_shutdown\_behavior) | Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instance | `string` | `null` | no |
+| [instance\_number](#input\_instance\_number) | This is an identifier, not a count | `string` | `"01"` | no |
| [instance\_tags](#input\_instance\_tags) | Additional tags for the instance | `map(string)` | `{}` | no |
| [instance\_type](#input\_instance\_type) | The type of instance to start | `string` | `"t3.micro"` | no |
| [ipv6\_address\_count](#input\_ipv6\_address\_count) | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet | `number` | `null` | no |
@@ -238,13 +86,13 @@ No modules.
| [maintenance\_options](#input\_maintenance\_options) | The maintenance options for the instance | `any` | `{}` | no |
| [metadata\_options](#input\_metadata\_options) | Customize the metadata options of the instance | `map(string)` | {
"http_endpoint": "enabled",
"http_put_response_hop_limit": 1,
"http_tokens": "optional"
} | no |
| [monitoring](#input\_monitoring) | If true, the launched EC2 instance will have detailed monitoring enabled | `bool` | `null` | no |
-| [name](#input\_name) | Name to be used on EC2 instance created | `string` | `""` | no |
| [network\_interface](#input\_network\_interface) | Customize network interfaces to be attached at instance boot time | `list(map(string))` | `[]` | no |
+| [org](#input\_org) | n/a | `string` | `"sccm"` | no |
| [placement\_group](#input\_placement\_group) | The Placement Group to start the instance in | `string` | `null` | no |
| [private\_dns\_name\_options](#input\_private\_dns\_name\_options) | Customize the private DNS name options of the instance | `map(string)` | `{}` | no |
| [private\_ip](#input\_private\_ip) | Private IP address to associate with the instance in a VPC | `string` | `null` | no |
| [putin\_khuylo](#input\_putin\_khuylo) | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | `bool` | `true` | no |
-| [root\_block\_device](#input\_root\_block\_device) | Customize details about the root block device of the instance. See [Block Devices](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#ebs-ephemeral-and-root-block-devices) for details | `list(any)` | `[]` | no |
+| [root\_block\_device](#input\_root\_block\_device) | Customize details about the root block device of the instance. See Block Devices below for details | `list(any)` | `[]` | no |
| [secondary\_private\_ips](#input\_secondary\_private\_ips) | A list of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e. referenced in a `network_interface block` | `list(string)` | `null` | no |
| [source\_dest\_check](#input\_source\_dest\_check) | Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs | `bool` | `null` | no |
| [spot\_block\_duration\_minutes](#input\_spot\_block\_duration\_minutes) | The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360) | `number` | `null` | no |
@@ -296,18 +144,3 @@ No modules.
| [spot\_instance\_id](#output\_spot\_instance\_id) | The Instance ID (if any) that is currently fulfilling the Spot Instance request |
| [spot\_request\_state](#output\_spot\_request\_state) | The current request state of the Spot Instance Request |
| [tags\_all](#output\_tags\_all) | A map of tags assigned to the resource, including those inherited from the provider default\_tags configuration block |
-
-
-## Authors
-
-Module is maintained by [Anton Babenko](https://github.com/antonbabenko) with help from [these awesome contributors](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/graphs/contributors).
-
-## License
-
-Apache 2 Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/LICENSE) for full details.
-
-## Additional information for users from Russia and Belarus
-
-* Russia has [illegally annexed Crimea in 2014](https://en.wikipedia.org/wiki/Annexation_of_Crimea_by_the_Russian_Federation) and [brought the war in Donbas](https://en.wikipedia.org/wiki/War_in_Donbas) followed by [full-scale invasion of Ukraine in 2022](https://en.wikipedia.org/wiki/2022_Russian_invasion_of_Ukraine).
-* Russia has brought sorrow and devastations to millions of Ukrainians, killed hundreds of innocent people, damaged thousands of buildings, and forced several million people to flee.
-* [Putin khuylo!](https://en.wikipedia.org/wiki/Putin_khuylo!)
diff --git a/data.tf b/data.tf
new file mode 100644
index 0000000..3cd0159
--- /dev/null
+++ b/data.tf
@@ -0,0 +1,35 @@
+data "aws_ami" "this" {
+ count = var.ami == null ? 0 : 1
+ filter {
+ name = "image-id"
+ values = [var.ami]
+ }
+}
+
+data "aws_partition" "current" {}
+
+data "aws_ssm_parameter" "this" {
+ count = local.create && var.ami == null ? 1 : 0
+
+ name = var.ami_ssm_parameter
+}
+
+data "aws_ami" "selected" {
+ count = var.ami_os != "override" ? 1 : 0
+
+ most_recent = true
+ owners = ["amazon"]
+ filter {
+ name = "name"
+ values = [local.os_search]
+ }
+ filter {
+ name = "root-device-type"
+ values = ["ebs"]
+ }
+
+ filter {
+ name = "virtualization-type"
+ values = ["hvm"]
+ }
+}
\ No newline at end of file
diff --git a/examples/customizations/README.md b/examples/customizations/README.md
new file mode 100644
index 0000000..8af4a04
--- /dev/null
+++ b/examples/customizations/README.md
@@ -0,0 +1,30 @@
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.66 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [instance](#module\_instance) | ../../ | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+
\ No newline at end of file
diff --git a/examples/customizations/main.tf b/examples/customizations/main.tf
new file mode 100644
index 0000000..5d51e2e
--- /dev/null
+++ b/examples/customizations/main.tf
@@ -0,0 +1,18 @@
+module "instance" {
+ source = "../../"
+
+ application = "exampleapp"
+ environment = "dev"
+ ami_os = "Amazon_Linux"
+ instance_type = "r5.large"
+ key_name = "example_key"
+ vpc_security_group_ids = ["sg-07b4edce8a1a6eb24"]
+ subnet_id = "subnet-067f45f707b2dc297"
+ root_block_device = [
+ {
+ encrypted = true
+ kms_key_id = "arn:aws:kms:us-east-1:521938783116:key/e3203821-6efd-4848-9a8c-50a9990e06cd"
+ }
+ ]
+}
+
diff --git a/examples/customizations/versions.tf b/examples/customizations/versions.tf
new file mode 100644
index 0000000..db7a12c
--- /dev/null
+++ b/examples/customizations/versions.tf
@@ -0,0 +1,14 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.66"
+ }
+ }
+}
+
+provider "aws" {
+ region = "us-east-1"
+}
\ No newline at end of file
diff --git a/key-pair.tf b/key-pair.tf
new file mode 100644
index 0000000..bee2610
--- /dev/null
+++ b/key-pair.tf
@@ -0,0 +1,6 @@
+module "key-pair" {
+ source = "app.terraform.io/sccm/key-pair-creation/aws"
+ version = "0.0.4"
+
+ key_pair_name = var.key_name
+}
diff --git a/locals.tf b/locals.tf
new file mode 100644
index 0000000..a12e712
--- /dev/null
+++ b/locals.tf
@@ -0,0 +1,40 @@
+locals {
+ create = var.create && var.putin_khuylo
+ is_t_instance_type = replace(var.instance_type, "/^t(2|3|3a|4g){1}\\..*$/", "1") == "1" ? true : false
+ ami = try(coalesce(var.ami, try(data.aws_ami.selected[0].id, null), try(nonsensitive(data.aws_ssm_parameter.this[0].value), null)), null)
+ name = "${var.org}_${var.application}_${local.os_abv}_${var.instance_number}${local.env_abv}"
+ windows_instance = var.ami != null && var.ami_os == "override" ? (data.aws_ami.this[0].platform != "" ? "WIN" : "LX") : "ovr"
+ env_abv = lookup(
+ {
+ dev = "D",
+ qa = "Q",
+ stg = "S",
+ uat = "U",
+ prod = "P"
+ },
+ var.environment,
+ var.environment
+ )
+ os_abv = lookup(
+ {
+ Windows = "WIN",
+ Amazon_Linux = "AL",
+ RHEL = "RHEL",
+ Ubuntu = "UB",
+ override = local.windows_instance
+ },
+ var.ami_os,
+ var.ami_os
+ )
+ os_search = lookup(
+ {
+ Windows = "Windows_Server-2025-English-Full-Base-*"
+ Amazon_Linux = "amzn2-ami-kernel-5.10-hvm-*",
+ RHEL = "RHEL-9.5.0_HVM-*",
+ Ubuntu = "ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-amd64-server-*",
+ override = ""
+ },
+ var.ami_os
+ )
+}
+
diff --git a/main.tf b/main.tf
index 749e67d..31f29ec 100644
--- a/main.tf
+++ b/main.tf
@@ -1,19 +1,3 @@
-data "aws_partition" "current" {}
-
-locals {
- create = var.create && var.putin_khuylo
-
- is_t_instance_type = replace(var.instance_type, "/^t(2|3|3a|4g){1}\\..*$/", "1") == "1" ? true : false
-
- ami = try(coalesce(var.ami, try(nonsensitive(data.aws_ssm_parameter.this[0].value), null)), null)
-}
-
-data "aws_ssm_parameter" "this" {
- count = local.create && var.ami == null ? 1 : 0
-
- name = var.ami_ssm_parameter
-}
-
################################################################################
# Instance
################################################################################
@@ -35,7 +19,7 @@ resource "aws_instance" "this" {
subnet_id = var.subnet_id
vpc_security_group_ids = var.vpc_security_group_ids
- key_name = var.key_name
+ key_name = module.key-pair.key_pair_name
monitoring = var.monitoring
get_password_data = var.get_password_data
iam_instance_profile = var.create_iam_instance_profile ? aws_iam_instance_profile.this[0].name : var.iam_instance_profile
@@ -188,8 +172,8 @@ resource "aws_instance" "this" {
delete = try(var.timeouts.delete, null)
}
- tags = merge({ "Name" = var.name }, var.instance_tags, var.tags)
- volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null
+ tags = merge({ "Name" = local.name }, var.instance_tags, var.tags)
+ volume_tags = var.enable_volume_tags ? merge({ "Name" = local.name }, var.volume_tags) : null
}
################################################################################
@@ -213,7 +197,7 @@ resource "aws_instance" "ignore_ami" {
subnet_id = var.subnet_id
vpc_security_group_ids = var.vpc_security_group_ids
- key_name = var.key_name
+ key_name = module.key-pair.key_pair_name
monitoring = var.monitoring
get_password_data = var.get_password_data
iam_instance_profile = var.create_iam_instance_profile ? aws_iam_instance_profile.this[0].name : var.iam_instance_profile
@@ -366,8 +350,8 @@ resource "aws_instance" "ignore_ami" {
delete = try(var.timeouts.delete, null)
}
- tags = merge({ "Name" = var.name }, var.instance_tags, var.tags)
- volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null
+ tags = merge({ "Name" = local.name }, var.instance_tags, var.tags)
+ volume_tags = var.enable_volume_tags ? merge({ "Name" = local.name }, var.volume_tags) : null
lifecycle {
ignore_changes = [
@@ -397,7 +381,7 @@ resource "aws_spot_instance_request" "this" {
subnet_id = var.subnet_id
vpc_security_group_ids = var.vpc_security_group_ids
- key_name = var.key_name
+ key_name = module.key-pair.key_pair_name
monitoring = var.monitoring
get_password_data = var.get_password_data
iam_instance_profile = var.create_iam_instance_profile ? aws_iam_instance_profile.this[0].name : var.iam_instance_profile
@@ -540,8 +524,8 @@ resource "aws_spot_instance_request" "this" {
delete = try(var.timeouts.delete, null)
}
- tags = merge({ "Name" = var.name }, var.instance_tags, var.tags)
- volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null
+ tags = merge({ "Name" = local.name }, var.instance_tags, var.tags)
+ volume_tags = var.enable_volume_tags ? merge({ "Name" = local.name }, var.volume_tags) : null
}
################################################################################
@@ -549,7 +533,7 @@ resource "aws_spot_instance_request" "this" {
################################################################################
locals {
- iam_role_name = try(coalesce(var.iam_role_name, var.name), "")
+ iam_role_name = try(coalesce(var.iam_role_name, local.name), "")
}
data "aws_iam_policy_document" "assume_role_policy" {
diff --git a/variables.tf b/variables.tf
index 38a1b5b..d4f39b1 100644
--- a/variables.tf
+++ b/variables.tf
@@ -4,10 +4,29 @@ variable "create" {
default = true
}
-variable "name" {
- description = "Name to be used on EC2 instance created"
+variable "instance_number" {
type = string
- default = ""
+ default = "01"
+ description = "This is an identifier, not a count"
+}
+
+variable "org" {
+ type = string
+ default = "sccm"
+}
+
+variable "application" {
+ description = "Identifier to be added to the resources created which represents the application they belong to"
+ type = string
+}
+
+variable "environment" {
+ type = string
+ description = "Application environment (dev, qa, stg, uat, prod)"
+ validation {
+ condition = contains(["dev", "qa", "stg", "uat", "prod"], var.environment)
+ error_message = "Valid values for environment: dev, qa, stg, uat, prod"
+ }
}
variable "ami_ssm_parameter" {
@@ -16,6 +35,16 @@ variable "ami_ssm_parameter" {
default = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
}
+variable "ami_os" {
+ description = "value"
+ type = string
+ default = "override"
+ validation {
+ condition = contains(["Windows", "Amazon_Linux", "RHEL", "Ubuntu", "override"], var.ami_os)
+ error_message = "Valid values for ami_os: Windows, Amazon_Linux, RHEL, Ubuntu, override. If you select override, provide a value for ami variable"
+ }
+}
+
variable "ami" {
description = "ID of AMI to use for the instance"
type = string
@@ -109,7 +138,7 @@ variable "host_id" {
variable "iam_instance_profile" {
description = "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile"
type = string
- default = null
+ default = "EC2DefaultProfile"
}
variable "instance_initiated_shutdown_behavior" {
@@ -430,3 +459,4 @@ variable "eip_tags" {
type = map(string)
default = {}
}
+