terraform-aws-modules · jmaguire-sc · Mar 10, 2025 · Mar 10, 2025 · Mar 10, 2025 · Mar 10, 2025
diff --git a/README.md b/README.md
diff --git a/data.tf b/data.tf
@@ -0,0 +1,35 @@
+data "aws_ami" "this" {
+  count = var.ami == null ? 0 : 1
+  filter {
+    name   = "image-id"
+    values = [var.ami]
+  }
+}
+
+data "aws_partition" "current" {}
+
+data "aws_ssm_parameter" "this" {
+  count = local.create && var.ami == null ? 1 : 0
+
+  name = var.ami_ssm_parameter
+}
+
+data "aws_ami" "selected" {
+  count = var.ami_os != "override" ? 1 : 0
+
+  most_recent = true
+  owners      = ["amazon"]
+  filter {
+    name   = "name"
+    values = [local.os_search]
+  }
+  filter {
+    name   = "root-device-type"
+    values = ["ebs"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+}
diff --git a/examples/customizations/README.md b/examples/customizations/README.md
@@ -0,0 +1,30 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.66 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_instance"></a> [instance](#module\_instance) | ../../ | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
diff --git a/examples/customizations/main.tf b/examples/customizations/main.tf
@@ -0,0 +1,18 @@
+module "instance" {
+  source = "../../"
+
+  application            = "exampleapp"
+  environment            = "dev"
+  ami_os                 = "Amazon_Linux"
+  instance_type          = "r5.large"
+  key_name               = "example_key"
+  vpc_security_group_ids = ["sg-07b4edce8a1a6eb24"]
+  subnet_id              = "subnet-067f45f707b2dc297"
+  root_block_device = [
+    {
+      encrypted  = true
+      kms_key_id = "arn:aws:kms:us-east-1:521938783116:key/e3203821-6efd-4848-9a8c-50a9990e06cd"
+    }
+  ]
+}
+
diff --git a/examples/customizations/versions.tf b/examples/customizations/versions.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.66"
+    }
+  }
+}
+
+provider "aws" {
+  region = "us-east-1"
+}
diff --git a/key-pair.tf b/key-pair.tf
@@ -0,0 +1,6 @@
+module "key-pair" {
+  source  = "app.terraform.io/sccm/key-pair-creation/aws"
+  version = "0.0.4"
+
+  key_pair_name = var.key_name
+}
diff --git a/locals.tf b/locals.tf
@@ -0,0 +1,40 @@
+locals {
+  create             = var.create && var.putin_khuylo
+  is_t_instance_type = replace(var.instance_type, "/^t(2|3|3a|4g){1}\\..*$/", "1") == "1" ? true : false
+  ami                = try(coalesce(var.ami, try(data.aws_ami.selected[0].id, null), try(nonsensitive(data.aws_ssm_parameter.this[0].value), null)), null)
+  name               = "${var.org}_${var.application}_${local.os_abv}_${var.instance_number}${local.env_abv}"
+  windows_instance   = var.ami != null && var.ami_os == "override" ? (data.aws_ami.this[0].platform != "" ? "WIN" : "LX") : "ovr"
+  env_abv = lookup(
+    {
+      dev  = "D",
+      qa   = "Q",
+      stg  = "S",
+      uat  = "U",
+      prod = "P"
+    },
+    var.environment,
+    var.environment
+  )
+  os_abv = lookup(
+    {
+      Windows      = "WIN",
+      Amazon_Linux = "AL",
+      RHEL         = "RHEL",
+      Ubuntu       = "UB",
+      override     = local.windows_instance
+    },
+    var.ami_os,
+    var.ami_os
+  )
+  os_search = lookup(
+    {
+      Windows      = "Windows_Server-2025-English-Full-Base-*"
+      Amazon_Linux = "amzn2-ami-kernel-5.10-hvm-*",
+      RHEL         = "RHEL-9.5.0_HVM-*",
+      Ubuntu       = "ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-amd64-server-*",
+      override     = ""
+    },
+    var.ami_os
+  )
+}
+
diff --git a/main.tf b/main.tf
@@ -1,19 +1,3 @@
-data "aws_partition" "current" {}
-
-locals {
-  create = var.create && var.putin_khuylo
-
-  is_t_instance_type = replace(var.instance_type, "/^t(2|3|3a|4g){1}\\..*$/", "1") == "1" ? true : false
-
-  ami = try(coalesce(var.ami, try(nonsensitive(data.aws_ssm_parameter.this[0].value), null)), null)
-}
-
-data "aws_ssm_parameter" "this" {
-  count = local.create && var.ami == null ? 1 : 0
-
-  name = var.ami_ssm_parameter
-}
-
 ################################################################################
 # Instance
 ################################################################################
@@ -35,7 +19,7 @@ resource "aws_instance" "this" {
   subnet_id              = var.subnet_id
   vpc_security_group_ids = var.vpc_security_group_ids
 
-  key_name             = var.key_name
+  key_name             = module.key-pair.key_pair_name
   monitoring           = var.monitoring
   get_password_data    = var.get_password_data
   iam_instance_profile = var.create_iam_instance_profile ? aws_iam_instance_profile.this[0].name : var.iam_instance_profile
@@ -188,8 +172,8 @@ resource "aws_instance" "this" {
     delete = try(var.timeouts.delete, null)
   }
 
-  tags        = merge({ "Name" = var.name }, var.instance_tags, var.tags)
-  volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null
+  tags        = merge({ "Name" = local.name }, var.instance_tags, var.tags)
+  volume_tags = var.enable_volume_tags ? merge({ "Name" = local.name }, var.volume_tags) : null
 }
 
 ################################################################################
@@ -213,7 +197,7 @@ resource "aws_instance" "ignore_ami" {
   subnet_id              = var.subnet_id
   vpc_security_group_ids = var.vpc_security_group_ids
 
-  key_name             = var.key_name
+  key_name             = module.key-pair.key_pair_name
   monitoring           = var.monitoring
   get_password_data    = var.get_password_data
   iam_instance_profile = var.create_iam_instance_profile ? aws_iam_instance_profile.this[0].name : var.iam_instance_profile
@@ -366,8 +350,8 @@ resource "aws_instance" "ignore_ami" {
     delete = try(var.timeouts.delete, null)
   }
 
-  tags        = merge({ "Name" = var.name }, var.instance_tags, var.tags)
-  volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null
+  tags        = merge({ "Name" = local.name }, var.instance_tags, var.tags)
+  volume_tags = var.enable_volume_tags ? merge({ "Name" = local.name }, var.volume_tags) : null
 
   lifecycle {
     ignore_changes = [
@@ -397,7 +381,7 @@ resource "aws_spot_instance_request" "this" {
   subnet_id              = var.subnet_id
   vpc_security_group_ids = var.vpc_security_group_ids
 
-  key_name             = var.key_name
+  key_name             = module.key-pair.key_pair_name
   monitoring           = var.monitoring
   get_password_data    = var.get_password_data
   iam_instance_profile = var.create_iam_instance_profile ? aws_iam_instance_profile.this[0].name : var.iam_instance_profile
@@ -540,16 +524,16 @@ resource "aws_spot_instance_request" "this" {
     delete = try(var.timeouts.delete, null)
   }
 
-  tags        = merge({ "Name" = var.name }, var.instance_tags, var.tags)
-  volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null
+  tags        = merge({ "Name" = local.name }, var.instance_tags, var.tags)
+  volume_tags = var.enable_volume_tags ? merge({ "Name" = local.name }, var.volume_tags) : null
 }
 
 ################################################################################
 # IAM Role / Instance Profile
 ################################################################################
 
 locals {
-  iam_role_name = try(coalesce(var.iam_role_name, var.name), "")
+  iam_role_name = try(coalesce(var.iam_role_name, local.name), "")
 }
 
 data "aws_iam_policy_document" "assume_role_policy" {

diff --git a/variables.tf b/variables.tf
@@ -4,10 +4,29 @@ variable "create" {
   default     = true
 }
 
-variable "name" {
-  description = "Name to be used on EC2 instance created"
+variable "instance_number" {
   type        = string
-  default     = ""
+  default     = "01"
+  description = "This is an identifier, not a count"
+}
+
+variable "org" {
+  type    = string
+  default = "sccm"
+}
+
+variable "application" {
+  description = "Identifier to be added to the resources created which represents the application they belong to"
+  type        = string
+}
+
+variable "environment" {
+  type        = string
+  description = "Application environment (dev, qa, stg, uat, prod)"
+  validation {
+    condition     = contains(["dev", "qa", "stg", "uat", "prod"], var.environment)
+    error_message = "Valid values for environment: dev, qa, stg, uat, prod"
+  }
 }
 
 variable "ami_ssm_parameter" {
@@ -16,6 +35,16 @@ variable "ami_ssm_parameter" {
   default     = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
 }
 
+variable "ami_os" {
+  description = "value"
+  type        = string
+  default     = "override"
+  validation {
+    condition     = contains(["Windows", "Amazon_Linux", "RHEL", "Ubuntu", "override"], var.ami_os)
+    error_message = "Valid values for ami_os: Windows, Amazon_Linux, RHEL, Ubuntu, override. If you select override, provide a value for ami variable"
+  }
+}
+
 variable "ami" {
   description = "ID of AMI to use for the instance"
   type        = string
@@ -109,7 +138,7 @@ variable "host_id" {
 variable "iam_instance_profile" {
   description = "IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile"
   type        = string
-  default     = null
+  default     = "EC2DefaultProfile"
 }
 
 variable "instance_initiated_shutdown_behavior" {
@@ -430,3 +459,4 @@ variable "eip_tags" {
   type        = map(string)
   default     = {}
 }
+