X EC2 (or 1 ASG X:X); X external volumes; X network interfaces; KMS key for volumes; Key pair
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

131 lines
3.8KB

  1. ####
  2. # EC2
  3. ####
  4. locals {
  5. is_t_instance_type = replace(var.instance_type, "/^t[23]{1}\\..*$/", "1") == "1" ? "1" : "0"
  6. }
  7. resource "aws_instance" "this" {
  8. count = var.use_autoscaling_group ? 0 : 1
  9. ami = local.ami
  10. instance_type = var.instance_type
  11. user_data = var.user_data
  12. key_name = local.key_pair_name
  13. monitoring = var.monitoring
  14. host_id = var.host_id
  15. cpu_core_count = var.cpu_core_count
  16. cpu_threads_per_core = var.cpu_threads_per_core
  17. network_interface {
  18. device_index = 0
  19. network_interface_id = local.primary_eni_id
  20. }
  21. iam_instance_profile = local.iam_instance_profile_name
  22. ebs_optimized = var.ebs_optimized
  23. volume_tags = merge(
  24. {
  25. "Name" = format("%s%s", var.prefix, local.use_incremental_names ? format("%s-%0${var.num_suffix_digits}d", var.ec2_volume_name, count.index + (count.index * var.extra_volume_count) + local.num_suffix_starting_index) : var.ec2_volume_name)
  26. },
  27. var.tags,
  28. var.ec2_volume_tags,
  29. local.tags,
  30. )
  31. dynamic "root_block_device" {
  32. for_each = local.should_update_root_device ? [1] : []
  33. content {
  34. delete_on_termination = var.root_block_device_delete_on_termination
  35. encrypted = var.root_block_device_encrypted
  36. iops = var.root_block_device_iops
  37. volume_size = var.root_block_device_volume_size
  38. volume_type = var.root_block_device_volume_type
  39. kms_key_id = local.volume_kms_key_arn
  40. }
  41. }
  42. dynamic "ephemeral_block_device" {
  43. for_each = var.ephemeral_block_devices
  44. content {
  45. device_name = ephemeral_block_device.value.device_name
  46. no_device = lookup(ephemeral_block_device.value, "no_device", null)
  47. virtual_name = lookup(ephemeral_block_device.value, "virtual_name", null)
  48. }
  49. }
  50. disable_api_termination = var.disable_api_termination
  51. instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
  52. placement_group = var.placement_group
  53. tenancy = var.tenancy
  54. dynamic "credit_specification" {
  55. for_each = local.is_t_instance_type && var.cpu_credits != null ? [1] : []
  56. content {
  57. cpu_credits = var.cpu_credits
  58. }
  59. }
  60. tags = merge(
  61. {
  62. "Name" = format("%s%s", var.prefix, var.name)
  63. },
  64. var.tags,
  65. var.instance_tags,
  66. local.tags,
  67. )
  68. lifecycle {
  69. ignore_changes = [
  70. private_ip,
  71. root_block_device,
  72. volume_tags,
  73. ]
  74. }
  75. }
  76. locals {
  77. should_create_primary_eni = var.use_autoscaling_group == false && var.ec2_primary_network_interface_create
  78. primary_eni_id = local.should_create_primary_eni ? aws_network_interface.this_primary.*.id[0] : var.ec2_external_primary_network_interface_id
  79. }
  80. resource "aws_network_interface" "this_primary" {
  81. count = local.should_create_primary_eni ? 1 : 0
  82. description = format("%s%s", var.prefix, local.use_incremental_names ? "${format("%s-%0${var.num_suffix_digits}d", var.name, count.index + local.num_suffix_starting_index)} root network interface" : "${var.name} root network interface")
  83. subnet_id = local.subnet_ids[0]
  84. security_groups = local.security_group_ids
  85. private_ips_count = var.ipv4_address_count
  86. private_ips = concat(var.ec2_ipv6_addresses, var.ec2_ipv4_addresses)
  87. source_dest_check = var.ec2_source_dest_check
  88. tags = merge(
  89. {
  90. "Name" = format("%s%s", var.prefix, local.use_incremental_names ? format(
  91. "%s-%0${var.num_suffix_digits}d",
  92. var.primary_network_interface_name,
  93. count.index + (count.index * var.extra_network_interface_count) + local.num_suffix_starting_index
  94. ) : var.primary_network_interface_name)
  95. },
  96. var.tags,
  97. var.ec2_network_interface_tags,
  98. local.tags,
  99. )
  100. lifecycle {
  101. ignore_changes = [
  102. private_ips,
  103. private_ips_count
  104. ]
  105. }
  106. }