added ec2 / mongodb atlas user / vpc peering

aws/ec2/README.md

@@ -0,0 +1,101 @@
+# GENERIC/EC2_INSTANCE module
+
+Used to provision a simple ec2 instance
+
+## Required variables
+
+- `name` - instance name
+- `key_pair` -  object containing key `name` and `public_key` of a `key_pair` used to access the instance
+- `resources_prefix` - prefix used on module created resources
+- `vpc_id` - vpc to create the instance into
+
+## Optional variables
+
+- `os_type` - defaults to `linux`. Choosing `windows` changes the hanling of the `user_data` input var
+- `win_admin_user` - windows instance admin user
+  - `name`
+  - `password`
+- `ebs` - object specifying a volume to attach to the instance:
+  - `size`
+  - `device_name`
+  - `az`
+  - `type`
+  - `tags`
+- `ami_filter` - object specifying a filter in order to search for a ami to create the instance from. Takes precedence over `ami_id`
+  - `name` - name pattern to search
+  - `owner` - search for name patter on this owner
+- `ami_id` - base the instance creation on this ami
+- `type` - EBS volume type
+- `associate_public_ip_address` - Whether to associate a public address to the created instance. The instance must be on a public network
+- `subnet_id` - Creates the instance on this subnet
+- `user_data` - user data script to run at the instance first boot. Either Shell or Powershell (if `os_type = "windows"`).
+- `tags` - instance tags
+- `ssh_trusted_cidrs` - list of cidr range blocks able to connect to the ssh port 22
+- `http_trusted_cidrs` - list of cidr range blocks able to send http requests to the instance
+- `http_port` - http traffic port
+- `allow_https` - enable https inbound traffic
+- `attach_eip` - create and attach an eip to the instance
+- `availability_zone` - AZ to boot the instance in. Must match `ebs.az`. Matching by subnet az is also possible.
+- `root_volume_size` - size in GiB
+- `root_volume_type` - one of standard, gp2, gp3, io1, io2, sc1, or st1. Defaults to gp2
+- `security_groups_ids` - List of extra security groups to put the instance into
+- `private_ip` - instance's private ip
+- `user_data_obj` - Same as `user_data` ([`cloud-init` format](https://cloudinit.readthedocs.io/en/latest/topics/examples.html)) but as a terraform object. All attributes are allowed. `user_data` takes priority if for some reason both are provided.
+
+## Scope of this module
+
+`aws_ebs_volume`
+
+`aws_key_pair`
+
+`aws_instance`
+
+`aws_volume_attachment`
+
+`aws_security_group`
+
+`aws_security_group_rule`
+
+## Examples
+
+```terraform
+data "aws_vpc" "default" {
+  default = true
+}
+
+module "instance" {
+  source = "../.."
+
+  vpc_id = data.aws_vpc.default.id
+
+  resources_prefix   = "test-instance"
+  ssh_trusted_cidrs  = ["0.0.0.0/0"]
+  http_trusted_cidrs = ["0.0.0.0/0"]
+
+  name                        = "test-instance"
+  type                        = "t2.micro"
+  associate_public_ip_address = true
+
+  tags = {
+    Environment = "Testing"
+  }
+
+  key_pair = {
+    name       = "test-instance"
+    public_key = file("files/testkey.pub")
+  }
+
+  ami_filter = {
+    owner = "amazon"
+    name  = "amzn2-ami-hvm-2.0.20211001.1-x86_64-gp2"
+  }
+}
+```
+
+## Outputs
+
+`this` - Created instance attributes as described on https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#attributes-reference
+
+`ebs` - Created ebs volumme attributes as described on https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume#attributes-reference
+
+`sg` - instance security group attributes as described on https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group#attributes-reference

aws/ec2/ami.tf

@@ -0,0 +1,14 @@
+data "aws_ami" "this" {
+  count = var.ami_filter != null ? 1 : 0
+
+  most_recent = true
+  owners      = [var.ami_filter.owner]
+
+  filter {
+    name = "name"
+
+    values = [
+      var.ami_filter.name
+    ]
+  }
+}

aws/ec2/ebs.tf

@@ -0,0 +1,19 @@
+resource "aws_ebs_volume" "this" {
+  count = var.ebs != null ? 1 : 0
+
+  size              = var.ebs.size
+  tags              = var.ebs.tags
+  availability_zone = var.ebs.az
+  type              = var.ebs.type
+}
+
+resource "aws_volume_attachment" "this" {
+  count = var.ebs != null ? 1 : 0
+
+  volume_id   = aws_ebs_volume.this[0].id
+  instance_id = aws_instance.this.id
+
+  device_name = var.ebs.device_name
+
+  stop_instance_before_detaching = true
+}

aws/ec2/eip.tf

@@ -0,0 +1,5 @@
+resource "aws_eip" "this" {
+  count = var.attach_eip ? 1 : 0
+
+  instance = aws_instance.this.id
+}

aws/ec2/examples/big_cidrs_trusted_list_on_http/main.tf

@@ -0,0 +1,40 @@
+provider "aws" {
+  region = "us-west-2"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+module "instance" {
+  source = "../.."
+
+  vpc_id = data.aws_vpc.default.id
+
+  resources_prefix  = "test-instance"
+  ssh_trusted_cidrs = ["0.0.0.0/0"]
+  http_trusted_cidrs = [
+    "127.0.0.1/32",
+    "127.0.1.1/32",
+    "127.1.1.1/32"
+  ]
+
+  name                        = "test-instance"
+  type                        = "t2.micro"
+  associate_public_ip_address = true
+  root_volume_size            = 20
+  root_volume_type            = "gp2"
+
+  tags = {
+    Environment = "Testing"
+  }
+
+  ami_filter = {
+    owner = "amazon"
+    name  = "amzn2-ami-hvm-2.0.20211001.1-x86_64-gp2"
+  }
+}
+
+output "this" {
+  value = module.instance
+}

aws/ec2/examples/default/files/testkey

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQAAAJhkEI8iZBCP
+IgAAAAtzc2gtZWQyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQ
+AAAEBV479lBUduhaG95mzln8yOLO7BdTEeZsYFh2CeWsEgZ/PXz0nZcw/FDyz5HdXv7zdr
+WkFUramxDEvQPpdEB+ltAAAAEXRlc3RAdHJhZHJhcGkuY29tAQIDBA==
+-----END OPENSSH PRIVATE KEY-----

aws/ec2/examples/default/files/testkey.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPXz0nZcw/FDyz5HdXv7zdrWkFUramxDEvQPpdEB+lt [email protected]

aws/ec2/examples/default/main.tf

@@ -0,0 +1,36 @@
+provider "aws" {
+  region = "us-west-2"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+module "instance" {
+  source = "../.."
+
+  vpc_id = data.aws_vpc.default.id
+
+  resources_prefix   = "test-instance"
+  ssh_trusted_cidrs  = ["0.0.0.0/0"]
+  http_trusted_cidrs = ["0.0.0.0/0"]
+
+  name                        = "test-instance"
+  type                        = "t2.micro"
+  associate_public_ip_address = true
+  root_volume_size            = 20
+  root_volume_type            = "gp2"
+
+  tags = {
+    Environment = "Testing"
+  }
+
+  ami_filter = {
+    owner = "amazon"
+    name  = "amzn2-ami-hvm-2.0.20211001.1-x86_64-gp2"
+  }
+}
+
+output "this" {
+  value = module.instance
+}

aws/ec2/examples/ebs/files/testkey

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQAAAJhkEI8iZBCP
+IgAAAAtzc2gtZWQyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQ
+AAAEBV479lBUduhaG95mzln8yOLO7BdTEeZsYFh2CeWsEgZ/PXz0nZcw/FDyz5HdXv7zdr
+WkFUramxDEvQPpdEB+ltAAAAEXRlc3RAdHJhZHJhcGkuY29tAQIDBA==
+-----END OPENSSH PRIVATE KEY-----

aws/ec2/examples/ebs/files/testkey.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPXz0nZcw/FDyz5HdXv7zdrWkFUramxDEvQPpdEB+lt [email protected]

aws/ec2/examples/ebs/main.tf

@@ -0,0 +1,48 @@
+provider "aws" {
+  region = "us-west-2"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+module "instance" {
+  source = "../.."
+
+  vpc_id = data.aws_vpc.default.id
+
+  resources_prefix   = "test-instance"
+  ssh_trusted_cidrs  = ["0.0.0.0/0"]
+  http_trusted_cidrs = ["0.0.0.0/0"]
+  availability_zone  = "us-west-2a"
+
+  name                        = "test-instance"
+  type                        = "t2.micro"
+  associate_public_ip_address = true
+
+  tags = {
+    Environment = "Testing"
+  }
+
+  key_pair = {
+    name       = "test-instance"
+    public_key = file("files/testkey.pub")
+  }
+
+  ami_filter = {
+    owner = "amazon"
+    name  = "amzn2-ami-hvm-2.0.20211001.1-x86_64-gp2"
+  }
+
+  ebs = {
+    az          = "us-west-2a"
+    device_name = "/dev/xvdf"
+    type        = "gp2"
+    size        = 10
+    tags        = {}
+  }
+}
+
+output "this" {
+  value = module.instance
+}

aws/ec2/examples/eip_https/files/testkey

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQAAAJhkEI8iZBCP
+IgAAAAtzc2gtZWQyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQ
+AAAEBV479lBUduhaG95mzln8yOLO7BdTEeZsYFh2CeWsEgZ/PXz0nZcw/FDyz5HdXv7zdr
+WkFUramxDEvQPpdEB+ltAAAAEXRlc3RAdHJhZHJhcGkuY29tAQIDBA==
+-----END OPENSSH PRIVATE KEY-----

aws/ec2/examples/eip_https/files/testkey.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPXz0nZcw/FDyz5HdXv7zdrWkFUramxDEvQPpdEB+lt [email protected]

aws/ec2/examples/eip_https/main.tf

@@ -0,0 +1,37 @@
+provider "aws" {
+  region = "us-west-2"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+module "instance" {
+  source = "../.."
+
+  vpc_id = data.aws_vpc.default.id
+
+  resources_prefix   = "test-instance"
+  ssh_trusted_cidrs  = ["0.0.0.0/0"]
+  http_trusted_cidrs = ["0.0.0.0/0"]
+
+  attach_eip  = true
+  allow_https = true
+
+  name                        = "test-instance"
+  type                        = "t2.micro"
+  associate_public_ip_address = true
+
+  tags = {
+    Environment = "Testing"
+  }
+
+  ami_filter = {
+    owner = "amazon"
+    name  = "amzn2-ami-hvm-2.0.20211001.1-x86_64-gp2"
+  }
+}
+
+output "this" {
+  value = module.instance
+}

aws/ec2/examples/key_pair/files/testkey

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQAAAJhkEI8iZBCP
+IgAAAAtzc2gtZWQyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQ
+AAAEBV479lBUduhaG95mzln8yOLO7BdTEeZsYFh2CeWsEgZ/PXz0nZcw/FDyz5HdXv7zdr
+WkFUramxDEvQPpdEB+ltAAAAEXRlc3RAdHJhZHJhcGkuY29tAQIDBA==
+-----END OPENSSH PRIVATE KEY-----

aws/ec2/examples/key_pair/files/testkey.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPXz0nZcw/FDyz5HdXv7zdrWkFUramxDEvQPpdEB+lt [email protected]

aws/ec2/examples/key_pair/main.tf

@@ -0,0 +1,39 @@
+provider "aws" {
+  region = "us-west-2"
+}
+
+data "aws_vpc" "default" {
+  default = true
+}
+
+module "instance" {
+  source = "../.."
+
+  vpc_id = data.aws_vpc.default.id
+
+  resources_prefix   = "test-instance"
+  ssh_trusted_cidrs  = ["0.0.0.0/0"]
+  http_trusted_cidrs = ["0.0.0.0/0"]
+
+  name                        = "test-instance"
+  type                        = "t2.micro"
+  associate_public_ip_address = true
+
+  tags = {
+    Environment = "Testing"
+  }
+
+  key_pair = {
+    name       = "test-instance"
+    public_key = file("files/testkey.pub")
+  }
+
+  ami_filter = {
+    owner = "amazon"
+    name  = "amzn2-ami-hvm-2.0.20211001.1-x86_64-gp2"
+  }
+}
+
+output "this" {
+  value = module.instance
+}

aws/ec2/examples/user_data_obj_usage/files/testkey

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQAAAJhkEI8iZBCP
+IgAAAAtzc2gtZWQyNTUxOQAAACDz189J2XMPxQ8s+R3V7+83a1pBVK2psQxL0D6XRAfpbQ
+AAAEBV479lBUduhaG95mzln8yOLO7BdTEeZsYFh2CeWsEgZ/PXz0nZcw/FDyz5HdXv7zdr
+WkFUramxDEvQPpdEB+ltAAAAEXRlc3RAdHJhZHJhcGkuY29tAQIDBA==
+-----END OPENSSH PRIVATE KEY-----

aws/ec2/examples/user_data_obj_usage/files/testkey.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPXz0nZcw/FDyz5HdXv7zdrWkFUramxDEvQPpdEB+lt [email protected]