fixing the example to show both public and private instances

terraform/aws/examples/ec2/main.tf

@@ -1,21 +1,21 @@
 module "vpc" {
-  source                                  = "../../modules/vpc"
-  name_prefix                             = "qburst"
-  ipv4_primary_cidr_block                 = "10.16.0.0/16"
-  ipv4_additional_cidr_block_associations = ["10.20.0.0/16", "10.21.0.0/16"]
-  public_subnets_cidr                     = ["10.20.0.0/20", "10.20.16.0/20"]
-  private_subnets_cidr                    = ["10.21.0.0/20"]
-  availability_zones                      = ["ap-south-1a", "ap-south-1b"]
+  source                  = "../../modules/vpc"
+  name_prefix             = "qburst"
+  ipv4_primary_cidr_block = "10.16.0.0/16"
+  public_subnets_cidr     = ["10.16.1.0/24", "10.16.2.0/24"]
+  private_subnets_cidr    = ["10.16.12.0/24"]
+  availability_zones      = ["ap-south-1a", "ap-south-1b"]
 }
 
-module "ec2" {
+module "ec2-private" {
   source            = "../../modules/ec2"
+  instance_name     = "ec2-private"
   vpc_id            = module.vpc.vpc_id
   subnet_ids        = module.vpc.private_subnet_ids
   ssh_allowed_ip    = ["0.0.0.0/0"]
   ssh_allowed_ports = [22]
 
-  instance_count = 3
+  instance_count = 1
   ami            = "ami-099b3d23e336c2e83"
   instance_type  = "t2.nano"
 
@@ -33,3 +33,14 @@ module "ec2" {
 
   user_data = file("user-data.sh")
 }
+
+module "ec2-public" {
+  source            = "../../modules/ec2"
+  instance_name     = "ec2-public"
+  vpc_id            = module.vpc.vpc_id
+  subnet_ids        = module.vpc.public_subnet_ids
+  ssh_allowed_ip    = ["0.0.0.0/0"]
+  ssh_allowed_ports = ["8443"]
+
+  assign_eip_address = true
+}

terraform/aws/modules/ec2/ec2.tf

@@ -4,6 +4,7 @@ data "aws_ami" "ubuntu" {
     name   = "name"
     values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-*"]
   }
+  owners = ["099720109477"]
 }
 
 data "aws_caller_identity" "this" {}
@@ -63,7 +64,7 @@ resource "aws_instance" "default" {
   }
   lifecycle {
     ignore_changes = [
-      private_ip,
+      private_ip, associate_public_ip_address
     ]
   }
 }

terraform/aws/modules/ec2/outputs.tf

@@ -12,4 +12,14 @@ output "public_ip" {
 output "private_ip" {
   value       = aws_instance.default[*].private_ip
   description = "Private IP of instance."
-}
+}
+
+output "ssh_private_key" {
+  value     = tls_private_key.default[*].private_key_pem
+  sensitive = true
+}
+
+output "ssh_public_key" {
+  value     = tls_private_key.default[*].public_key_openssh
+  sensitive = true
+}

terraform/aws/modules/ec2/spot.tf

@@ -61,7 +61,7 @@ resource "aws_spot_instance_request" "default" {
   }
   lifecycle {
     ignore_changes = [
-      private_ip,
+      private_ip, associate_public_ip_address
     ]
   }
 }

terraform/aws/modules/ec2/variables.tf

@@ -24,7 +24,7 @@ variable "ebs_optimized" {
 
 variable "instance_type" {
   type        = string
-  default     = "t2-micro"
+  default     = "t2.micro"
   description = "The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance."
 }
 
@@ -66,7 +66,7 @@ variable "user_data" {
 
 variable "assign_eip_address" {
   type        = bool
-  default     = true
+  default     = false
   description = "Assign an Elastic IP address to the instance."
   sensitive   = true
 }
@@ -182,7 +182,7 @@ variable "kms_key" {
     enabled                 = true
     description             = "KMS master key" # The description of the key
     id                      = ""               # The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption.
-    alias                   = "alias/ec2-test" # The display name of the alias.
+    alias                   = null
     deletion_window_in_days = 7
     multi_region            = false # Indicates whether the key is a multi-Region (true) or regional (false) key
   }
@@ -444,4 +444,4 @@ variable "cpu_options" {
   description = "Defines CPU options to apply to the instance at launch time."
   type        = any
   default     = {}
-}
+}