Giter VIP home page Giter VIP logo

terraform-aws-ec2-instance's Introduction

AWS EC2 Instance Terraform module

Terraform module which creates an EC2 instance on AWS.

SWUbanner

Usage

Single EC2 Instance

module "ec2_instance" {
  source  = "terraform-aws-modules/ec2-instance/aws"

  name = "single-instance"

  instance_type          = "t2.micro"
  key_name               = "user1"
  monitoring             = true
  vpc_security_group_ids = ["sg-12345678"]
  subnet_id              = "subnet-eddcdzz4"

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Multiple EC2 Instance

module "ec2_instance" {
  source  = "terraform-aws-modules/ec2-instance/aws"

  for_each = toset(["one", "two", "three"])

  name = "instance-${each.key}"

  instance_type          = "t2.micro"
  key_name               = "user1"
  monitoring             = true
  vpc_security_group_ids = ["sg-12345678"]
  subnet_id              = "subnet-eddcdzz4"

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Spot EC2 Instance

module "ec2_instance" {
  source  = "terraform-aws-modules/ec2-instance/aws"

  name = "spot-instance"

  create_spot_instance = true
  spot_price           = "0.60"
  spot_type            = "persistent"

  instance_type          = "t2.micro"
  key_name               = "user1"
  monitoring             = true
  vpc_security_group_ids = ["sg-12345678"]
  subnet_id              = "subnet-eddcdzz4"

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Module wrappers

Users of this Terraform module can create multiple similar resources by using for_each meta-argument within module block which became available in Terraform 0.13.

Users of Terragrunt can achieve similar results by using modules provided in the wrappers directory, if they prefer to reduce amount of configuration files.

Examples

Make an encrypted AMI for use

This module does not support encrypted AMI's out of the box however it is easy enough for you to generate one for use

This example creates an encrypted image from the latest ubuntu 16.04 base image.

provider "aws" {
  region = "us-west-2"
}

data "aws_ami" "ubuntu" {
  most_recent = true
  owners      = ["679593333241"]

  filter {
    name   = "name"
    values = ["ubuntu-minimal/images/hvm-ssd/ubuntu-focal-20.04-*"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }
}

resource "aws_ami_copy" "ubuntu_encrypted_ami" {
  name              = "ubuntu-encrypted-ami"
  description       = "An encrypted root ami based off ${data.aws_ami.ubuntu.id}"
  source_ami_id     = data.aws_ami.ubuntu.id
  source_ami_region = "eu-west-2"
  encrypted         = true

  tags = { Name = "ubuntu-encrypted-ami" }
}

data "aws_ami" "encrypted-ami" {
  most_recent = true

  filter {
    name   = "name"
    values = [aws_ami_copy.ubuntu_encrypted_ami.id]
  }

  owners = ["self"]
}

Conditional creation

The following combinations are supported to conditionally create resources:

  • Disable resource creation (no resources created):
  create = false
  • Create spot instance:
  create_spot_instance = true

Notes

  • network_interface can't be specified together with vpc_security_group_ids, associate_public_ip_address, subnet_id. See complete example for details.
  • Changes in ebs_block_device argument will be ignored. Use aws_volume_attachment resource to attach and detach volumes from AWS EC2 instances. See this example.
  • In regards to spot instances, you must grant the AWSServiceRoleForEC2Spot service-linked role access to any custom KMS keys, otherwise your spot request and instances will fail with bad parameters. You can see more details about why the request failed by using the awscli and aws ec2 describe-spot-instance-requests

Requirements

Name Version
terraform >= 1.0
aws >= 4.66

Providers

Name Version
aws >= 4.66

Modules

No modules.

Resources

Name Type
aws_iam_instance_profile.this resource
aws_iam_role.this resource
aws_iam_role_policy_attachment.this resource
aws_instance.ignore_ami resource
aws_instance.this resource
aws_spot_instance_request.this resource
aws_iam_policy_document.assume_role_policy data source
aws_partition.current data source
aws_ssm_parameter.this data source

Inputs

Name Description Type Default Required
ami ID of AMI to use for the instance string null no
ami_ssm_parameter SSM parameter name for the AMI ID. For Amazon Linux AMI SSM parameters see reference string "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" no
associate_public_ip_address Whether to associate a public IP address with an instance in a VPC bool null no
availability_zone AZ to start the instance in string null no
capacity_reservation_specification Describes an instance's Capacity Reservation targeting option any {} no
cpu_core_count Sets the number of CPU cores for an instance number null no
cpu_credits The credit option for CPU usage (unlimited or standard) string null no
cpu_options Defines CPU options to apply to the instance at launch time. any {} no
cpu_threads_per_core Sets the number of CPU threads per core for an instance (has no effect unless cpu_core_count is also set) number null no
create Whether to create an instance bool true no
create_iam_instance_profile Determines whether an IAM instance profile is created or to use an existing IAM instance profile bool false no
create_spot_instance Depicts if the instance is a spot instance bool false no
disable_api_stop If true, enables EC2 Instance Stop Protection bool null no
disable_api_termination If true, enables EC2 Instance Termination Protection bool null no
ebs_block_device Additional EBS block devices to attach to the instance list(any) [] no
ebs_optimized If true, the launched EC2 instance will be EBS-optimized bool null no
enable_volume_tags Whether to enable volume tags (if enabled it conflicts with root_block_device tags) bool true no
enclave_options_enabled Whether Nitro Enclaves will be enabled on the instance. Defaults to false bool null no
ephemeral_block_device Customize Ephemeral (also known as Instance Store) volumes on the instance list(map(string)) [] no
get_password_data If true, wait for password data to become available and retrieve it bool null no
hibernation If true, the launched EC2 instance will support hibernation bool null no
host_id ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host string null no
iam_instance_profile IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile string null no
iam_role_description Description of the role string null no
iam_role_name Name to use on IAM role created string null no
iam_role_path IAM role path string null no
iam_role_permissions_boundary ARN of the policy that is used to set the permissions boundary for the IAM role string null no
iam_role_policies Policies attached to the IAM role map(string) {} no
iam_role_tags A map of additional tags to add to the IAM role/profile created map(string) {} no
iam_role_use_name_prefix Determines whether the IAM role name (iam_role_name or name) is used as a prefix bool true no
ignore_ami_changes Whether changes to the AMI ID changes should be ignored by Terraform. Note - changing this value will result in the replacement of the instance bool false no
instance_initiated_shutdown_behavior Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instance string null no
instance_tags Additional tags for the instance map(string) {} no
instance_type The type of instance to start string "t3.micro" no
ipv6_address_count A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet number null no
ipv6_addresses Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface list(string) null no
key_name Key name of the Key Pair to use for the instance; which can be managed using the aws_key_pair resource string null no
launch_template Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template map(string) {} no
maintenance_options The maintenance options for the instance any {} no
metadata_options Customize the metadata options of the instance map(string) 
{
  "http_endpoint": "enabled",
  "http_put_response_hop_limit": 1,
  "http_tokens": "optional"
}
 no
monitoring If true, the launched EC2 instance will have detailed monitoring enabled bool null no
name Name to be used on EC2 instance created string "" no
network_interface Customize network interfaces to be attached at instance boot time list(map(string)) [] no
placement_group The Placement Group to start the instance in string null no
private_dns_name_options Customize the private DNS name options of the instance map(string) {} no
private_ip Private IP address to associate with the instance in a VPC string null no
putin_khuylo Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! bool true no
root_block_device Customize details about the root block device of the instance. See Block Devices below for details list(any) [] no
secondary_private_ips A list of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e. referenced in a network_interface block list(string) null no
source_dest_check Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs bool null no
spot_block_duration_minutes The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360) number null no
spot_instance_interruption_behavior Indicates Spot instance behavior when it is interrupted. Valid values are terminate, stop, or hibernate string null no
spot_launch_group A launch group is a group of spot instances that launch together and terminate together. If left empty instances are launched and terminated individually string null no
spot_price The maximum price to request on the spot market. Defaults to on-demand price string null no
spot_type If set to one-time, after the instance is terminated, the spot request will be closed. Default persistent string null no
spot_valid_from The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) string null no
spot_valid_until The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) string null no
spot_wait_for_fulfillment If set, Terraform will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached bool null no
subnet_id The VPC Subnet ID to launch in string null no
tags A mapping of tags to assign to the resource map(string) {} no
tenancy The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host string null no
timeouts Define maximum timeout for creating, updating, and deleting EC2 instance resources map(string) {} no
user_data The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead string null no
user_data_base64 Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption string null no
user_data_replace_on_change When used in combination with user_data or user_data_base64 will trigger a destroy and recreate when set to true. Defaults to false if not set bool null no
volume_tags A mapping of tags to assign to the devices created by the instance at launch time map(string) {} no
vpc_security_group_ids A list of security group IDs to associate with list(string) null no

Outputs

Name Description
ami AMI ID that was used to create the instance
arn The ARN of the instance
availability_zone The availability zone of the created instance
capacity_reservation_specification Capacity reservation specification of the instance
ebs_block_device EBS block device information
ephemeral_block_device Ephemeral block device information
iam_instance_profile_arn ARN assigned by AWS to the instance profile
iam_instance_profile_id Instance profile's ID
iam_instance_profile_unique Stable and unique string identifying the IAM instance profile
iam_role_arn The Amazon Resource Name (ARN) specifying the IAM role
iam_role_name The name of the IAM role
iam_role_unique_id Stable and unique string identifying the IAM role
id The ID of the instance
instance_state The state of the instance
ipv6_addresses The IPv6 address assigned to the instance, if applicable
outpost_arn The ARN of the Outpost the instance is assigned to
password_data Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if get_password_data is true
primary_network_interface_id The ID of the instance's primary network interface
private_dns The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC
private_ip The private IP address assigned to the instance
public_dns The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC
public_ip The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use public_ip as this field will change after the EIP is attached
root_block_device Root block device information
spot_bid_status The current bid status of the Spot Instance Request
spot_instance_id The Instance ID (if any) that is currently fulfilling the Spot Instance request
spot_request_state The current request state of the Spot Instance Request
tags_all A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block

Authors

Module is maintained by Anton Babenko with help from these awesome contributors.

License

Apache 2 Licensed. See LICENSE for full details.

Additional information for users from Russia and Belarus

terraform-aws-ec2-instance's People

Contributors

angryhamsterx avatar antonbabenko avatar apparentlymart avatar betajobot avatar brad-alexander avatar bryantbiggs avatar danihodovic avatar den-is avatar deny-7 avatar dev-slatto avatar drfaust92 avatar fernandomiguel avatar jeremyciak avatar jjardon avatar jkrukoff-cb avatar karancode avatar lucasvuotto avatar luigidifraiawork avatar magreenbaum avatar mdbox avatar mhd999 avatar msharma24 avatar mustafa89 avatar otassetti avatar pnduati avatar robglarsen avatar schniber avatar semantic-release-bot avatar shawnsavour avatar sim1e097cd avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

cgriggs01 gangavh johnypony3 laurentkrishnathas fremindmm ryanhornbeck apparentlymart pjelar richardwlaub brinkmanjg umotif-wichura jherediacmp chrislovecnm renaudhager 2solt rastandy grem11n dhirenshumsher hmhco masterzion mhd999 adetalabi koutilyagowtham capg-naveen-kumar deepakmohanakrishnan07 sherrypai edsonbenites mohitepramod anhtv08 qafro1 vikaschenny normo hbangaru robby808 zakabluk rijwanjava2016 kira alisdair thachnv92 almeidaluis riverbaby garyshanes johnmouser osbilln roypeter gyoza suryatejadivi1234 rei-systems tickbox-smc dnarwani kitsunde djfill sunhy3887 jianchen2580 peshal2404 deepuashokan85 manyamshagapuram mael221090 tuapuikia dbaltazar randomtask2000 sanjshah2001 philldeakin dionis1030 pritpalp kishorekumark kidmam fabmorais jimethn yujunz acbharat akrishnamu21 jkrukoff-cb guangie88 doubletrade robomfeinberg goelashish prakasha4devops amashhour1974 martinssu imzerocool subratkprusty danihodovic fitness-lifestyle-group gowthaman-new ankitgupta21 rickdennis tirupathiogirala rops42 terrastackio abdul2 toneb30 dmai-apixio daringanitch francisv-ets haribangaru khudiakovsergey vaidyanath08 leoncaiau912 lavacat

terraform-aws-ec2-instance's Issues

Add placement_group to output

Thanks @tehmaspc for reporting this problem in this comment.

When this related issue is fixed in AWS provider we can add output to this module like this:

output "placement_group" {
  description = "List of placement groups of instances"
  value       = ["${element(concat(aws_instance.this.*.placement_group, list("")), 0)}"]
}

Custom tags where count.index is used (iteration)

I'm trying to generate various FQDN names that have different conventions.

I had a highly modified (from previous version) and I used the count and count.index to determine how many iterations to make and created the names accordingly.

Here are the variations:

  • ui.system.com
  • db01.ststem.com
  • db02.system.com
  • xyz001.xx.system.com
  • ax01.xyz001.system.com
  • ax01.xyz001.system.com

For example, the db and the ax are iterated on the host_name when count is greater than 1.

Here's what my tag block looked like inside the instance resource:

resource "aws_instance" "ec2_instance" {
  count = "${var.number_of_instances}"

...

  tags {
    Environment = "${var.track_environment}"
    Name        = "${var.number_of_instances > 1 ? "${var.host_name}${format("%02d", count.index + 1)}.${var.instance_name}" : "${var.instance_name}" }"
    Track       = "${var.track_name}"
    Desc        = "Instance for: ${var.number_of_instances > 1 ? "${var.host_name}${format("%02d", count.index + 1)}.${var.instance_name}" : "${var.instance_name}" }"
    LaunchGroup = "StartEC2Group${upper(substr(var.vpc_name,0,1))}${substr(var.vpc_name,1,-1)}"
    StopGroup   = "StopEC2atNight"
  }

I'm guessing, to keep this functionality, my only option is to modify this module; the main.tf file in resource "aws_instance" "this"

Thanks for any tips,
Chris.

Adding a Route53 private entry

I am pretty newt to TF, and have been using this module to create various instance types for myself. However, as part of the module, I wanted to add a DNS A record in route53. It works, kinda. Except if i create more than one instance, it assigns all the IPs to the first instance name [in the case below fp-1 gets the IPs for fp-1-3]
It would be awesome if the module had the option to create a private DNS entry based on the Name tag.... [or alternatively someone could help me figure out where I am banjaxing this]

module "ec2_fp" {
  source                 = "../../terraform_modules/terraform-aws-ec2-instance"
  name                   = "FP"
  ami                    = "${var.ami}"
  instance_type          = "${var.fp_instance_type}"
  instance_count         = "${var.fp_instances_number}"
  use_num_suffix         = "true"
  subnet_ids             = "${data.terraform_remote_state.vpc.public_subnets}"
  vpc_security_group_ids = ["${data.terraform_remote_state.secgrp.fp_sg}"]

  tags = {
    "NodeType"       = "FP"
    "ManagedBy"      = "TerraForm"
    "Tier_Placement" = "public"
  }
}

resource "aws_route53_record" "r53_fp" {
  zone_id = "${data.aws_route53_zone.selected.zone_id}"
  name    = "${lookup(module.ec2_fep.tags[0], "Name")}.${data.aws_route53_zone.selected.name}"
  type    = "A"
  ttl     = "300"
  records = ["${module.ec2_fp.private_ip}"]
}

Error launching source instance: Your requested instance type (t2.micro) not supported in your requested Availability Zone (us-west-2d).

Getting this error every now and then while I am running my test configurations. The point to note is, I haven't specified us-west-2d availability zone in any of my configurations. And when I get this error, I do a terraform destroy (to destroy created VPC, subnets, etc.), and then run terraform apply again. On the second time, it completes without any errors.

Not consistent instance naming if initial instance_count is 1 and than count is bumped

Currently if you create ec2 definition with initial instance_count = 1 it will have no numerical suffix -1

terraform-aws-ec2-instance/main.tf

Line 80 in c92e80c

tags = "${merge(map("Name", var.instance_count > 1 ? format("%s-%d", var.name, count.index+1) : var.name), var.tags)}" 

my-instance

If you later bump that instance count to at least 2 and apply you will get the second instance with -2 as numerical suffix, while first instance will of course have no suffix

my-instance
my-instance-2

Of course, if you know you instance count in advance or at least count is > 1 from the very beginning, you will get normal instance names

my-instance-1
my-instance-2
...

IMHO this is not mathematically consistent and is not aesthetic.

I would like to suggest next possible solution:

For example, allow optional flag use_num_suffix

map("Name", (var.instance_count > 1) || (use_num_suffix == "true") ? format("%s-%d", var.name, count.index+1) : var.name)

Not all cases can be covered by Auto Scalling group. It's clear that currently provided EC2 naming logic is not consistent.

spot-instances

hi everyone, wonderful work with the modules, ive used quite a number of them and they work very well.
i forked this repo to be the base of a spot instance module, the difference is so minuscule that imo it would be better for it to be maintained in this organization/project. my first push is available for viewing here: https://github.com/johnypony3/terraform-aws-ec2-instance
the name of the repo will need to be updated, and maybe some copy.

Missing output.instance_public_dns and output.instance_id blocking terraform destroy

Missing output.instance_public_dns and output.instance_id blocking terraform destroy, any tips? Thanks!

$ terraform destroy

Error: Error applying plan:

2 error(s) occurred:

* output.instance_public_dns: At column 24, line 1: list "module.ec2.public_dns" does not have any elements so cannot determine type. in:

${module.ec2.public_dns[0]}
* output.instance_id: At column 16, line 1: list "module.ec2.id" does not have any elements so cannot determine type. in:

${module.ec2.id[0]}

Once, even got this error.

Error: Error applying plan:

1 error(s) occurred:

* output.instance_id: At column 16, line 1: list "module.ec2.id" does not have any elements so cannot determine type. in:

${module.ec2.id[0]}

terraform-aws-ec2-instance v1.19.0
Terraform v0.11.11

non-idempotent ec2 module

Hi,
I deploy ec2 instance using terraform-aws-ec2-instance module. After that I run one more time terraform apply without changing any resources in code and this leads to destroying my ec2 instance and execution errors.

laptop-A018226:stage dhelios$ terraform apply
aws_vpc.this: Refreshing state... (ID: vpc-7972661f)
aws_db_parameter_group.this: Refreshing state... (ID: zabbix-db-20171127093848981500000001)
data.aws_ami.centos: Refreshing state...
aws_route_table.private[2]: Refreshing state... (ID: rtb-e64d1b9f)
aws_route_table.private[0]: Refreshing state... (ID: rtb-6c491f15)
aws_route_table.private[1]: Refreshing state... (ID: rtb-3f772146)
aws_internet_gateway.this: Refreshing state... (ID: igw-37534e50)
aws_subnet.public[1]: Refreshing state... (ID: subnet-66b2e000)
aws_subnet.public[2]: Refreshing state... (ID: subnet-943224cf)
aws_subnet.public[0]: Refreshing state... (ID: subnet-66b9cb2e)
aws_subnet.database[1]: Refreshing state... (ID: subnet-698fdd0f)
aws_subnet.database[0]: Refreshing state... (ID: subnet-36bfcd7e)
aws_route_table.public: Refreshing state... (ID: rtb-957620ec)
aws_security_group.this: Refreshing state... (ID: sg-881be5f4)
aws_security_group.this: Refreshing state... (ID: sg-121ae46e)
aws_security_group.this: Refreshing state... (ID: sg-731ae40f)
aws_security_group.this: Refreshing state... (ID: sg-9e1fe1e2)
aws_security_group.this: Refreshing state... (ID: sg-6f19e713)
aws_security_group.this: Refreshing state... (ID: sg-9c1ae4e0)
aws_security_group.this: Refreshing state... (ID: sg-371ce24b)
aws_route_table_association.database[1]: Refreshing state... (ID: rtbassoc-4a945c31)
aws_route_table_association.database[0]: Refreshing state... (ID: rtbassoc-e79e569c)
aws_route.public_internet_gateway: Refreshing state... (ID: r-rtb-957620ec1080289494)
aws_route_table_association.public[0]: Refreshing state... (ID: rtbassoc-e0945c9b)
aws_route_table_association.public[2]: Refreshing state... (ID: rtbassoc-49945c32)
aws_route_table_association.public[1]: Refreshing state... (ID: rtbassoc-9f9058e4)
aws_security_group_rule.ingress_rules[1]: Refreshing state... (ID: sgrule-3250443807)
aws_security_group_rule.ingress_rules[0]: Refreshing state... (ID: sgrule-2546528616)
aws_db_subnet_group.this: Refreshing state... (ID: zabbix-db-20171127093910910500000002)
aws_security_group_rule.egress_with_cidr_blocks: Refreshing state... (ID: sgrule-1642609883)
aws_security_group_rule.egress_with_cidr_blocks: Refreshing state... (ID: sgrule-3921041069)
aws_security_group_rule.ingress_rules: Refreshing state... (ID: sgrule-1762131498)
aws_security_group_rule.ingress_with_cidr_blocks[1]: Refreshing state... (ID: sgrule-452473216)
aws_security_group_rule.ingress_with_cidr_blocks[0]: Refreshing state... (ID: sgrule-3187152274)
aws_security_group_rule.ingress_rules: Refreshing state... (ID: sgrule-3615313137)
aws_security_group_rule.ingress_rules[0]: Refreshing state... (ID: sgrule-2145821040)
aws_security_group_rule.ingress_rules[1]: Refreshing state... (ID: sgrule-1660909378)
aws_elb.this: Refreshing state... (ID: zabbix-web-elb)
aws_elb.this: Refreshing state... (ID: zabbix-app-elb)
aws_db_instance.this: Refreshing state... (ID: zabbix-db)
data.template_file.zabbix_app_init: Refreshing state...
data.template_file.zabbix_web_init: Refreshing state...
aws_instance.this: Refreshing state... (ID: i-066ced77fc1428501)
aws_launch_configuration.this: Refreshing state... (ID: zabbix-web-lc-20171127094401928900000004)
aws_launch_configuration.this: Refreshing state... (ID: zabbix-app-lc-20171127094401919300000003)
aws_autoscaling_group.this: Refreshing state... (ID: zabbix-app-asg-20171127094404350700000005)
aws_autoscaling_group.this: Refreshing state... (ID: zabbix-web-asg-20171127094404350800000006)

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

-/+ module.bastion_ec2.aws_instance.this (new resource required)
      id:                                        "i-066ced77fc1428501" => <computed> (forces new resource)
      ami:                                       "ami-e535c59d" => "ami-e535c59d"
      associate_public_ip_address:               "true" => "true"
      availability_zone:                         "us-west-2a" => <computed> (forces new resource)
      disable_api_termination:                   "false" => "false"
      ebs_optimized:                             "false" => "false"
      instance_state:                            "running" => <computed>
      instance_type:                             "t2.nano" => "t2.nano"
      ipv6_address_count:                        "0" => "0"
      key_name:                                  "my-key" => "my-key"
      monitoring:                                "false" => "false"
      network_interface.#:                       "0" => <computed>
      network_interface_id:                      "eni-99d3dfaa" => <computed>
      placement_group:                           "" => <computed>
      primary_network_interface_id:              "eni-99d3dfaa" => <computed>
      private_dns:                               "ip-192-168-128-231.us-west-2.compute.internal" => <computed>
      private_ip:                                "192.168.128.231" => <computed> (forces new resource)
      public_dns:                                "" => <computed>
      public_ip:                                 "35.165.35.243" => <computed>
      root_block_device.#:                       "1" => "0"
      root_block_device.0.delete_on_termination: "false" => "true" (forces new resource)
      security_groups.#:                         "0" => <computed>
      source_dest_check:                         "true" => "true"
      subnet_id:                                 "subnet-66b9cb2e" => "subnet-66b9cb2e"
      tags.%:                                    "5" => "5"
      tags.Environment:                          "stage" => "stage"
      tags.Name:                                 "bastion-1" => "bastion-1"
      tags.Service:                              "bastion" => "bastion"
      tags.Subsystem:                            "sshd" => "sshd"
      tags.Terraform:                            "true" => "true"
      tenancy:                                   "default" => "default"
      user_data:                                 "da39a3ee5e6b4b0d3255bfef95601890afd80709" => "da39a3ee5e6b4b0d3255bfef95601890afd80709"
      volume_tags.%:                             "0" => <computed>
      vpc_security_group_ids.#:                  "2" => "2"
      vpc_security_group_ids.3396590673:         "sg-121ae46e" => "sg-121ae46e"
      vpc_security_group_ids.798409958:          "sg-9e1fe1e2" => "sg-9e1fe1e2"

  ~ module.zabbix_db.module.db_instance.aws_db_instance.this
      license_model:                             "general-public-license" => <computed>


Plan: 1 to add, 1 to change, 1 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

module.bastion_ec2.aws_instance.this: Destroying... (ID: i-066ced77fc1428501)
module.zabbix_db.module.db_instance.aws_db_instance.this: Modifying... (ID: zabbix-db)
  license_model: "general-public-license" => "<computed>"
module.zabbix_db.module.db_instance.aws_db_instance.this: Modifications complete after 3s (ID: zabbix-db)
module.bastion_ec2.aws_instance.this: Still destroying... (ID: i-066ced77fc1428501, 10s elapsed)
module.bastion_ec2.aws_instance.this: Still destroying... (ID: i-066ced77fc1428501, 20s elapsed)
module.bastion_ec2.aws_instance.this: Destruction complete after 25s

Error: Error applying plan:

1 error(s) occurred:

* module.bastion_ec2.aws_instance.this: aws_instance.this: diffs didn't match during apply. This is a bug with Terraform and should be reported as a GitHub Issue.

Please include the following information in your report:

    Terraform Version: 0.11.0
    Resource ID: aws_instance.this
    Mismatch reason: attribute mismatch: root_block_device.0.delete_on_termination
    Diff One (usually from plan): *terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{"root_block_device.0.delete_on_termination":*terraform.ResourceAttrDiff{Old:"false", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "monitoring":*terraform.ResourceAttrDiff{Old:"false", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "source_dest_check":*terraform.ResourceAttrDiff{Old:"true", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "ami":*terraform.ResourceAttrDiff{Old:"ami-e535c59d", New:"ami-e535c59d", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "vpc_security_group_ids.#":*terraform.ResourceAttrDiff{Old:"2", New:"2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Terraform":*terraform.ResourceAttrDiff{Old:"true", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Name":*terraform.ResourceAttrDiff{Old:"bastion-1", New:"bastion-1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "user_data":*terraform.ResourceAttrDiff{Old:"da39a3ee5e6b4b0d3255bfef95601890afd80709", New:"da39a3ee5e6b4b0d3255bfef95601890afd80709", NewComputed:false, NewRemoved:false, NewExtra:"", RequiresNew:false, Sensitive:false, Type:0x0}, "placement_group":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "private_ip":*terraform.ResourceAttrDiff{Old:"192.168.128.231", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "disable_api_termination":*terraform.ResourceAttrDiff{Old:"false", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "primary_network_interface_id":*terraform.ResourceAttrDiff{Old:"eni-99d3dfaa", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface_id":*terraform.ResourceAttrDiff{Old:"eni-99d3dfaa", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Subsystem":*terraform.ResourceAttrDiff{Old:"sshd", New:"sshd", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "ipv6_address_count":*terraform.ResourceAttrDiff{Old:"0", New:"0", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tenancy":*terraform.ResourceAttrDiff{Old:"default", New:"default", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.%":*terraform.ResourceAttrDiff{Old:"5", New:"5", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "public_dns":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Service":*terraform.ResourceAttrDiff{Old:"bastion", New:"bastion", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "instance_state":*terraform.ResourceAttrDiff{Old:"running", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "root_block_device.#":*terraform.ResourceAttrDiff{Old:"1", New:"0", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "public_ip":*terraform.ResourceAttrDiff{Old:"35.165.35.243", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Environment":*terraform.ResourceAttrDiff{Old:"stage", New:"stage", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "key_name":*terraform.ResourceAttrDiff{Old:"my-key", New:"my-key", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "instance_type":*terraform.ResourceAttrDiff{Old:"t2.nano", New:"t2.nano", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "vpc_security_group_ids.798409958":*terraform.ResourceAttrDiff{Old:"sg-9e1fe1e2", New:"sg-9e1fe1e2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "vpc_security_group_ids.3396590673":*terraform.ResourceAttrDiff{Old:"sg-121ae46e", New:"sg-121ae46e", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "availability_zone":*terraform.ResourceAttrDiff{Old:"us-west-2a", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "associate_public_ip_address":*terraform.ResourceAttrDiff{Old:"true", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.#":*terraform.ResourceAttrDiff{Old:"0", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "ebs_optimized":*terraform.ResourceAttrDiff{Old:"false", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "security_groups.#":*terraform.ResourceAttrDiff{Old:"0", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "private_dns":*terraform.ResourceAttrDiff{Old:"ip-192-168-128-231.us-west-2.compute.internal", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "subnet_id":*terraform.ResourceAttrDiff{Old:"subnet-66b9cb2e", New:"subnet-66b9cb2e", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "volume_tags.%":*terraform.ResourceAttrDiff{Old:"0", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)}
    Diff Two (usually from apply): *terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{"ipv6_address_count":*terraform.ResourceAttrDiff{Old:"", New:"0", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "source_dest_check":*terraform.ResourceAttrDiff{Old:"", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "private_dns":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "instance_type":*terraform.ResourceAttrDiff{Old:"", New:"t2.nano", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "key_name":*terraform.ResourceAttrDiff{Old:"", New:"my-key", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "tags.Name":*terraform.ResourceAttrDiff{Old:"", New:"bastion-1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface_id":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "ami":*terraform.ResourceAttrDiff{Old:"", New:"ami-e535c59d", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "user_data":*terraform.ResourceAttrDiff{Old:"", New:"da39a3ee5e6b4b0d3255bfef95601890afd80709", NewComputed:false, NewRemoved:false, NewExtra:"", RequiresNew:true, Sensitive:false, Type:0x0}, "vpc_security_group_ids.3396590673":*terraform.ResourceAttrDiff{Old:"", New:"sg-121ae46e", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "vpc_security_group_ids.#":*terraform.ResourceAttrDiff{Old:"", New:"2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "primary_network_interface_id":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tenancy":*terraform.ResourceAttrDiff{Old:"", New:"default", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "tags.Service":*terraform.ResourceAttrDiff{Old:"", New:"bastion", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "private_ip":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "public_ip":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Subsystem":*terraform.ResourceAttrDiff{Old:"", New:"sshd", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.#":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "security_groups.#":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "tags.%":*terraform.ResourceAttrDiff{Old:"", New:"5", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "monitoring":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "availability_zone":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "disable_api_termination":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.Terraform":*terraform.ResourceAttrDiff{Old:"", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "public_dns":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "vpc_security_group_ids.798409958":*terraform.ResourceAttrDiff{Old:"", New:"sg-9e1fe1e2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "placement_group":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "tags.Environment":*terraform.ResourceAttrDiff{Old:"", New:"stage", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "associate_public_ip_address":*terraform.ResourceAttrDiff{Old:"", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "volume_tags.%":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "ebs_optimized":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "instance_state":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "subnet_id":*terraform.ResourceAttrDiff{Old:"", New:"subnet-66b9cb2e", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)}

Also include as much context as you can about your config, state, and the steps you performed to trigger this error.


Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

terraform version

laptop-A018226:stage dhelios$ terraform -version
Terraform v0.11.0
+ provider.aws v1.3.1
+ provider.template v1.0.0

terraform code
zabbix_ex_v3.zip

multiple instances

Hi
Can you explain how I can lunch a group of ec2 instances with private ip per instance?
Also, Can you give an example of *.tfvars file
I'm trying to migrate from ansible to terraform and till now its hell

Count is not a valid argument

Using either module ec2_cluster or ec2-instance I cannot use count. When I try and use count I get
Error: module "ec2_cluster": "count" is not a valid argument.

Unable to launch instance.

Error: Error applying plan:

1 error(s) occurred:

  • aws_instance.InstancebyTerraform: 1 error(s) occurred:

  • aws_instance.InstancebyTerraform: Error launching source instance: MissingInput: No subnets found for the default VPC 'vpc-a14210c9'. Please specify a subnet.
    status code: 400, request id: acf72520-3e0b-40e7-b963-1857e2735efa

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

Extrapolating the instance name as part of the module

Im pretty new to TF, and was wondering if there is a way to extrapolate the name from the name tag as part of the module directive?
I want to add it under user data, but I am trying to avoid installing the aws-cli on all my instance.

So far I have been able to output it fine with a modification to outputs.tf:
` this_name = "${coalescelist(flatten(aws_instance.this..tags.Name), flatten(aws_instance.this_t2..tags.Name))}"
}

output "hostname" {
description = "Name of instances"
value = ["${local.this_name}"]
}`

However, I dont know how to do anything similar in the actual module part. If I add something like "hostnamectl set-hostname "${local.this_name}"" I get:
Error: module.ec2_bastion.var.user_data: local.this_name: no local value of this name has been declared

Or am i just going about this a$$ways? Basically i want to lookup the tag name as part of the module. Is it possible to grab an attribute from the resource itself somehow?

How do I get the value of the "Name" tag from the list of tags?

I am launching 2 instances using the module and the tags attached to the instances are:

instance_name = [
    {
        Name = test-1,
        Terraform = True
    },
   {
        Name = test-2,
        Terraform = True
    }
]

Here is how I am trying to get the value of the Name tag:

output "instance_name" {
  description = "EC2 instance Name"
  value       = "${module.ec2_cluster.tag[0].Name}"
}

When I do a terraform refresh I get this error:

outputs.tf: Error reading config for output instance_name: parse error at 1:28: expected "}" but found "."

How do I get the value of the Name tag out?

ipv6_address_count forces new resource

Question from email:

Hi Anton

I’m using the latest version of your EC2 module (1.5.0) from the Terraform Module Registry:
https://github.com/terraform-aws-modules/terraform-aws-ec2-instance
but am running into an issue after importing an existing EC2 resource and then doing a plan.

Specifically I get:

ipv6_address_count:    β€œβ€ => β€œ0” (forces new resource)

There doesn’t seem a way of continuing without destroying my existing resource.
Given that this instance is already built and we don’t want to reprovision it, is there any way round this issue?

All the best
Evgeniy

Govcloud: UnsupportedOperation: Specifying Unlimited mode for an instance is not supported in this region.

Upgraded the module today, and couldnt figure out why it kept trying to replace my existing instance. After finally relenting and allowing it to replace, it failed to launch with.

Error: Error applying plan:

1 error(s) occurred:

* module.mgmt_bastion.aws_instance.this_t2: 1 error(s) occurred:

* aws_instance.this_t2: Error launching source instance: UnsupportedOperation: Specifying Unlimited mode for an instance is not supported in this region.
	status code: 400, request id: 7609c797-a1a3-4b0b-bc28-e003951ea872

This feature is not available in govcloud, so the module no longer works in this region. I assume there is no workaround for this, until terraform supports passing in nulls.

Multi-zone EC2 instance implementation is not possible

I might be missing something but I'm trying to create a multizone setup using this odule but I can't wrap my head on how to do it as in your example it only show the first element in the VPC subnet:

subnet_id = "${element(data.aws_subnet_ids.all.ids, 0)}

Is there a way to implement a MZ setup with this module?

Change "count" variable name to permit future Terraform feature?

Hello!

This module defines a variable called count:

terraform-aws-ec2-instance/variables.tf

Lines 5 to 8 in 7a3aafb

variable "count" {
description = "Number of instances to launch"
default = 1
}

This is valid in current Terraform, but to implement hashicorp/terraform#953 will require this variable name to be reserved. We're currently hoping to make this name, along with for_each and lifecycle, reserved names that cannot be used for modules in preparation for them getting special meaning in a later release where that issue is implemented.

Would you be open to changing this variable name to be instance_count instead? Although we are not planning to implement count for modules immediately, we'd like to begin a deprecation cycle for use of this name as a variable so that the name is free for a change in a later release.

I noticed that terraform-aws-modules/rds/aws and terraform-aws-modules/elb/aws also have variables called count, for which I'd ask a similar question, but I didn't want to spam with loads of issues about the same thing.

Thanks!

Unable to provide sunbet_ids

As described in NOTES section :
One of subnet_id or subnet_ids is required. If both are provided, the value of subnet_id is prepended to the value of subnet_ids.

I try to use subnet_ids without subnet_id and get the following error.

Error: module "ec2_cluster": "subnet_ids" is not a valid argument
Error: module "ec2_cluster": missing required argument "subnet_id"

Also I am not able to find any variables called subnet_ids.

Using this module but elb not being able to read output of id 

 instances                   = [ "${module.frontend_api.id}" ]
  cross_zone_load_balancing   = true
  idle_timeout                = 400
  connection_draining         = true
  connection_draining_timeout = 400
}

module "frontend_api" 
{
  source = "terraform-aws-modules/ec2-instance/aws"
  name = "${var.environment}-app"
  count = 1
  ami                   = "ami-7f675e4f"
  instance_type          = "t2.micro"
  key_name               = "terraform_acc"
  monitoring             = true
  subnet_id              = "${aws_subnet.tf_test_subnet.id}"
  vpc_security_group_ids = ["${aws_security_group.default.id}"]
  disk_size         = 50 

#iam_instance_profile = 
  
  tags = {
    Terraform = "true"
    Environment = "dev"
  }
}

Everything else got launched. Even EC2 came up. But when I try to use instances inside elb and give it a value it gives the below:

screen shot 2018-01-16 at 8 18 17 pm

Can you please help? or is this a bug?

Error launching source instance: InvalidSubnetID.NotFound: The subnet ID 'subnet-ed4ddcb6' does not exist

Private Subnet id exist but still getting error. Any idea?
(replaced actual values with xxxxxx)
-----Here is the code to create EC2
module "ec2" {
source = "github.com/terraform-aws-modules/terraform-aws-ec2-instance/"
name = "${var.instance_name}"
ami = "${var.ami}"
key_name = "${var.key_name}"
instance_type = "${var.instance_type}"
subnet_id = "${var.subnet_id}"
vpc_security_group_ids = "${concat("${var.default_security_group_list}","${var.security_groups}")}"
associate_public_ip_address = "${var.associate_public_ip_address}"

tags = {
Environment = "${var.environment}"
}
}

----Here is the output of plan
module.ec2.module.ec2.aws_instance.this: Creating...
ami: "" => "ami-f2d3638a"
associate_public_ip_address: "" => "false"
availability_zone: "" => ""
disable_api_termination: "" => "false"
ebs_optimized: "" => "false"
instance_state: "" => ""
instance_type: "" => "t2.micro"
ipv6_address_count: "" => "0"
key_name: "" => "xxxxxx"
monitoring: "" => "false"
network_interface.#: "" => ""
network_interface_id: "" => ""
placement_group: "" => ""
primary_network_interface_id: "" => ""
private_dns: "" => ""
private_ip: "" => ""
public_dns: "" => ""
public_ip: "" => ""
security_groups.#: "" => ""
source_dest_check: "" => "true"
subnet_id: "" => "subnet-xxxxxx"
tags.%: "" => "2"
tags.Environment: "" => "xxxxxxx"
tags.Name: "" => "xxxxxx"
tenancy: "" => "default"
user_data: "" => "xxxxxxxxxxxx"
volume_tags.%: "" => ""
vpc_security_group_ids.#: "" => "1"
vpc_security_group_ids.1232750057: "" => "sg-xxxxxxx"

---Here is the Error

Error: Error applying plan:

1 error(s) occurred:

  • module.ec2.module.ec2.aws_instance.this: 1 error(s) occurred:

  • aws_instance.this: Error launching source instance: InvalidSubnetID.NotFound: The subnet ID 'subnet-xxxxxxx' does not exist
    status code: 400, request id: ca4746e1-0660-42ce-84de-84db8ca1769e

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

volume_tags overwrite aws_ebs_volume tags

When I create a new aws_volume_attachment to attach an aws_ebs_volume at the instance, the instance volume_tags overwrite the EBS tags.
On the second apply the aws_ebs_volume tag overwrite the incorrect tag but again on the next operation the instance volume_tags overwrite the EBS tags.

Question: What advantages does wrapping the vanilla aws_instance buy you?

I'm new to terraform and I've been trying to wrap my head around why you've written this module. From what I can tell, the pros & cons of using your module, instead of the aws_instance resource directly are:

Advantages

  • Name tag is generated for you (might be an advantage, it's debatable)

Disadvantages

  • Cannot use count in module. (i.e. if I wanted to customise other tags based on count.index when using your module, I wouldn't be able to.
  • Cannot use network_interface parameter
  • Cannot specify custom Name tag

This to me seems like a good reason not to use your module... which leaves me trying to understand why you wrote it and published it. I hope you can help me understand. Thanks!

Module keeps wanting to destroy/create instance 

resource "aws_eip" "openvnp_eip" {
  instance = "${module.openvpn.id[0]}"
  vpc      = true
}

module "openvpn" {
  source = "terraform-aws-modules/ec2-instance/aws"

  name                        = "${format("ec2-openvpn-%s-%s", var.customer, var.environment)}"
  count                       = 1
  ami                         = "${var.ec2_openvpn_ami}"
  instance_type               = "${var.ec2_openvpn_instance_type}"
  vpc_security_group_ids      = ["${module.openvpn_security_group.this_security_group_id}"]
  subnet_id                   = "${element(data.terraform_remote_state.network.vpc_public_subnets, 0)}"
  key_name                    = "${var.ec2_keyname}"
  user_data                   = "${data.template_file.openvpn_userdata.rendered}"
  associate_public_ip_address = false

  tags = {
    Owner       = "${var.owner}"
    Environment = "${var.environment}"
    Customer    = "${var.customer}"
    Project     = "${var.project}"
    Terraform   = true
    Name        = "${format("ec2-openvpn-%s-%s", var.customer, var.environment)}"
  }
}

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
~ update in-place
-/+ destroy and then create replacement

Terraform will perform the following actions:

  ~ aws_eip.openvnp_eip
      instance:                          "i-07e558f1240c1fe09" => "${module.openvpn.id[0]}"

-/+ module.openvpn.aws_instance.this (new resource required)
      id:                                "i-07e558f1240c1fe09" => <computed> (forces new resource)
      ami:                               "ami-8bb540f6" => "ami-8bb540f6"
      associate_public_ip_address:       "true" => "false" (forces new resource)
      availability_zone:                 "us-east-1a" => <computed>
      disable_api_termination:           "false" => "false"
      ebs_optimized:                     "false" => "false"
      instance_state:                    "running" => <computed>
      instance_type:                     "t2.medium" => "t2.medium"
      ipv6_address_count:                "0" => "0"
      key_name:                          "demo-account-prd" => "demo-account-prd"
      monitoring:                        "false" => "false"
      network_interface.#:               "0" => <computed>
      network_interface_id:              "eni-cb08534b" => <computed>
      placement_group:                   "" => <computed>
      primary_network_interface_id:      "eni-cb08534b" => <computed>
      private_dns:                       "ip-10-80-2-211.ec2.internal" => <computed>
      private_ip:                        "10.80.2.211" => <computed>
      public_dns:                        "" => <computed>
      public_ip:                         "35.172.50.102" => <computed>
      root_block_device.#:               "1" => "0"
      security_groups.#:                 "0" => <computed>
      source_dest_check:                 "true" => "true"
      subnet_id:                         "subnet-548cb430" => "subnet-548cb430"
      tags.%:                            "6" => "6"
      tags.Customer:                     "sample" => "sample"
      tags.Environment:                  "poc" => "poc"
      tags.Name:                         "ec2-openvpn-sample-poc-1" => "ec2-openvpn-sample-poc-1"
      tags.Owner:                        "Justin" => "Justin"
      tags.Project:                      "" => ""
      tags.Terraform:                    "1" => "1"
      tenancy:                           "default" => "default"
      user_data:                         "ae3c6f9a5f116622fa5d1dcccb1cca3a70265402" => "ae3c6f9a5f116622fa5d1dcccb1cca3a70265402"
      volume_tags.%:                     "0" => <computed>
      vpc_security_group_ids.#:          "1" => "1"
      vpc_security_group_ids.1650119659: "sg-cb7f8bbd" => "sg-cb7f8bbd"


Plan: 1 to add, 1 to change, 1 to destroy.

I am just wanting an instance to come up with a Elastic IP. I assume im doing something improper but I am not able to sort out what that is.

How can I put a list in the subnet_id?

Let's say I have a list of subnets defined in the variable [${module.vpc.private_subnets}]. I want to use this module like so:

module "instance" {
    source = "terraform-aws-modules/ec2-instance/aws"
    instance_count = 3
    subnet_id = "${element(module.vpc.private_subnets,count.index)}"
}

subnet_id expects a string, not a list, but if I try to use count.index terraform says "count variables are only valid within resources".

User_data change forces new resource.

My user data script file has changed and it is now forcing a new resource. Is there a way to ignore or update the hash? Changing the state file does not help.

instance count and volume attachement

Based on the attach volume example, how can you attach aws volumes to all instances that are created when instance_count is greater than 1?

  module "ec2" {
  source = "../../"

  instance_count = "${var.instances}" .  --> this is greater than 1

  name                        = "example-with-ebs"
  ami                         = "${data.aws_ami.amazon_linux.id}"
  instance_type               = "m4.large"
  subnet_id                   = "${element(data.aws_subnet_ids.all.ids, 0)}"
  vpc_security_group_ids      = ["${module.security_group.this_security_group_id}"]
  associate_public_ip_address = true
}

resource "aws_volume_attachment" "this_ec2" {

  device_name = "/dev/sdh"
  volume_id   = "${aws_ebs_volume.this.id}"

  # ================ ISSUE HERE
  count = "${length(module.ec2.id)}"
  instance_id =  "${element(module.ec2.id, count.index)}" 
  # ================ 
}

resource "aws_ebs_volume" "this" {
  availability_zone = "${module.ec2.availability_zone[0]}"
  size              = 1
}

adding aws_ebs_volume to instance

Two of my instance require an ebs volume and I'm trying to get it set up.

I tried using a block in the calling module, but it complains that should be type list, got map (see commented section below).

Is it best practice to create an aws_ebs_volume and then reference it in the calling module?

Thanks for any tips,
Chris.

# create the required volume
resource "aws_ebs_volume" "example1" {
    availability_zone = "us-west-2a"
    size = 40
    tags {
        Name = "HelloWorld"
    }
}

module "ec2_myinstance" {
  source = "terraform-aws-modules/ec2-instance/aws"

  name  = "my-instance"
  count = 5
  
  ami                    = "ami-ebd02392"
  instance_type          = "t2.micro"
  key_name               = "user1"
  monitoring             = true
  vpc_security_group_ids = ["sg-12345678"]

  # <==== set the ebs_block_device
  ebs_block_device = "${aws_ebs_volume.example1.id}"

  # tried this, did not work:
  # ebs_block_device = {
  #   volume_size = 40
  #   volume_type = "gp2"
  #   # delete_on_termination = false
  # }

  tags = {
    Terraform = "true"
    Environment = "dev"
  }
}

cpu_credits = "standard" results in "T2 Unlimited" 

module "wat" {
  source  = "terraform-aws-modules/ec2-instance/aws"
  version = "1.11.0"

  instance_count = 1

  name                        = "wat"
  ami                         = "ami-01945499792201081"
  instance_type               = "t3.large"
  cpu_credits                 = "standard"
  subnet_id                   = "${element(module.vpc.public_subnets, 0)}"
  vpc_security_group_ids      = ["${module.security_group.this_security_group_id}"]
  associate_public_ip_address = true
}

results in:

image 2018-10-05 at 5 09 00 pm

root_block_device - Not Accepting Variable Input

TF version

0.11.2 & 0.11.3

problem

module "ec2" {

[... ]

root_block_device = {

  volume_type                = "gp2"
  volume_size                 = "16"
  delete_on_termination = "true"

}

[... ]

}

**Terraform apply result: **

Terraform v0.11.3

Configuring remote state backend...
Initializing Terraform configuration...

Error: module.aws_instance.aws_instance.aws_instance: root_block_device: should be a list

I have managed to fix the problem by adding to my own fork of the module:

root_block_device      = ["${var.root_block_device}"]

I think this might actually be a bug in Terraform itself but wanted to see if this was an edge case I've introduced. Can anyone else confirm seeing this?

Cheers,
Steve

does not work with root_block_device type list

I have an issue with create custom size for root block device for EC2 instance

root_block_device = "${var.root_block_device}"

while root_block_device should be type map

root_block_device {
volume_type = "gp2"
volume_size = 100
delete_on_termination = true
}

maybe i am wrong because we might have another way to do it with current module code which i could not figure out.

I am happy with pushing a PR for fixing it.

main.tf

root_block_device {
volume_type = "${var.root_block_device.type}"
volume_size = "${var.root_block_device.size}"
delete_on_termination = "${var.root_block_device.delete_on_termination}"
}

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.