Here we are going to implement how to dynamically get the latest AMI ID from AWS using Terraform Datasource concept and then create the EC2 Instance.
We will also create 2 resources which is nothing but VPC-SSH and VPC-Web security group resources so that those can be used to access the EC2 instances. . So using SSH you will be able to login to the Terminal of the EC2 instance and using VPC-Web security group, you will be able to access the web server.
We will also create 2 resources which is nothing but VPC-SSH and VPC-Web security group resources so that those can be used to access the EC2 instances. . So using SSH you will be able to login to the Terminal of the EC2 instance and using VPC-Web security group, you will be able to access the web server.
We will be having the variables.tf, ec2securitygroups.tf, ami-datasource.tf, ec2instance.tf, outputs.tf where the respective values will be defined
Variables.tf :
variable "aws_region" {
description = "Region in which AWS Resources to be created"
type = string
default = "us-east-1"
}
#AWS EC2Instance Type
variable "instance_type" {
description = "EC2 Instance Type"
type = string
default = "t2.micro"
}
#AWS EC2 Instance Key Pair
variable "instance_key_pair" {
description = "AWS EC2 Key Pair that need to be associated with EC2 instance"
type = string
default = "terraform"
}
Versions.tf :
# Terraform Block
terraform {
required_version = "~> 1.0.11"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
#Provider Block
provider "aws" {
region = var.aws_region
}
EC2securitygroups.tf :
resource "aws_security_group" "vpc-web" {
name = "vpc-web"
description = "Test VPC WEB"
ingress {
description = "allow port 80"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "allow port 443"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
description = "Allow IP and ports outbound"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "vpc-web"
}
}
ami-datasource.tf :
#Get latest AMI ID for Amazon Linux2 OS
data "aws_ami" "amzlinux2" {
most_recent = true
owners = ["amazon"]
filter {
name = "name"
values = ["amzn2-ami-kernel-5.10-hvm-*-gp2"]
}
filter {
name = "root-device-type"
values = ["ebs"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
filter {
name = "architecture"
values = ["x86_64"]
}
}
EC2instance.tf :
resource "aws_instance" "myec2vm" { ami = data.aws_ami.amzlinux2.id instance_type = var.instance_type key_name = var.instance_key_pair ##Now next thing in vpc_security group id vpc_security_group_ids = [aws_security_group.vpc-ssh.id, aws_security_group.vpc-web.id] provisioner "remote-exec" { inline = [ "sudo yum update -y", "sudo yum install -y httpd", "sudo systemctl enable httpd", "sudo service httpd start", "sudo echo 'Welcome to Infra Xpertzz - Apache-install
' | sudo tee /var/www/html/index.html", "sudo mkdir /var/www/html/webserver1", "sudo curl http://169.254.169.254/latest/dynamic/instance-identity/document -o /var/www/html/webserver1/metadata.html", ] connection { type = "ssh" user = "ec2-user" private_key = file("./terraform.pem") host = self.public_ip } } tags = { "Name" = "EC Demo 1" } }
outputs.tf :
# Terraform Output Values
#EC2 Instance Public IP
output "instance_publicip" {
description = "EC2 isntance Public IP"
value = aws_instance.myec2vm.public_ip
}
#EC2 Instance Public DNS
output "instance_publicdns" {
description = "EC2 isntance Public IP"
value = aws_instance.myec2vm.public_dns
}