From b75f3facd68152bd1a3766c6c284c2413444c0fc Mon Sep 17 00:00:00 2001
From: matthieu42morin <matthieu.bernard.morin@gmail.com>
Date: Thu, 29 Feb 2024 18:52:54 +0100
Subject: [PATCH 1/5] FIX: Error: failed to get shared config profile

---
 providers.tf | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/providers.tf b/providers.tf
index 52fa9e7..d79515e 100644
--- a/providers.tf
+++ b/providers.tf
@@ -1,4 +1,20 @@
-provider "aws" {
-  region = var.aws_default_region
-  profile = var.aws_profile 
+terraform {
+    required_version = ">= 1.0"
+    required_providers {
+        aws = {
+            source  = "hashicorp/aws"
+            version = "~> 3.0"
+        }
+        random = {
+            source  = "hashicorp/random"
+            version = "~> 3.5"
+        }
+    }
 }
+provider "aws" {
+    region = var.aws_default_region
+    profile = var.aws_profile
+}
+
+provider "random" {
+}
\ No newline at end of file

From ffd6c5b400322307f30f5e5ffbac1f67cc462e35 Mon Sep 17 00:00:00 2001
From: matthieu42morin <matthieu.bernard.morin@gmail.com>
Date: Thu, 29 Feb 2024 18:55:55 +0100
Subject: [PATCH 2/5] version aws upgrade

---
 providers.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/providers.tf b/providers.tf
index d79515e..8877fe4 100644
--- a/providers.tf
+++ b/providers.tf
@@ -3,7 +3,7 @@ terraform {
     required_providers {
         aws = {
             source  = "hashicorp/aws"
-            version = "~> 3.0"
+            version = "~> 5.38.0"
         }
         random = {
             source  = "hashicorp/random"

From de3cfa42a79fb207a0135c87d848bed0d7fb2f19 Mon Sep 17 00:00:00 2001
From: matthieu42morin <matthieu.bernard.morin@gmail.com>
Date: Thu, 29 Feb 2024 19:29:13 +0100
Subject: [PATCH 3/5] Fixing ami id, porting to debian

---
 ec2-bastion.tf           |  2 +-
 ec2-data.tf              |  2 +-
 ec2-launch-template.tf   |  2 +-
 terraform.tfvars.example |  3 +++
 variables.tf             | 10 ++++++++--
 5 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/ec2-bastion.tf b/ec2-bastion.tf
index 76ffbd5..9f52c19 100644
--- a/ec2-bastion.tf
+++ b/ec2-bastion.tf
@@ -4,7 +4,7 @@
 resource "aws_instance" "bastion" {
   count = var.operator_mode ? 1 : 0
 
-  ami = var.use_lastest_ami ? data.aws_ssm_parameter.latest_ami.value : "ami-0323c3dd2da7fb37d"
+  ami = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
   instance_type = "t2.micro"
   key_name = var.ec2_key_pair_name
   vpc_security_group_ids = [aws_security_group.bastion.id]
diff --git a/ec2-data.tf b/ec2-data.tf
index 55e4d97..2bb2fea 100644
--- a/ec2-data.tf
+++ b/ec2-data.tf
@@ -1,5 +1,5 @@
 # EC2 Data
 
 data "aws_ssm_parameter" "latest_ami" {
-  name = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
+  name = "/aws/service/debian/release/11/latest/amd64"
 }
\ No newline at end of file
diff --git a/ec2-launch-template.tf b/ec2-launch-template.tf
index 53329fc..9b5bf48 100644
--- a/ec2-launch-template.tf
+++ b/ec2-launch-template.tf
@@ -1,7 +1,7 @@
 # EC2 Launch Template
 resource "aws_launch_template" "vault_instance" {
   name_prefix = "${var.main_project_tag}-lt-"
-  image_id = var.use_lastest_ami ? data.aws_ssm_parameter.latest_ami.value : "ami-0323c3dd2da7fb37d"
+  image_id = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
   instance_type = var.vault_instance_type
   key_name = var.ec2_key_pair_name
   vpc_security_group_ids = [aws_security_group.vault_instance.id]
diff --git a/terraform.tfvars.example b/terraform.tfvars.example
index 0b4eff4..5aa4249 100644
--- a/terraform.tfvars.example
+++ b/terraform.tfvars.example
@@ -8,6 +8,9 @@ ec2_key_pair_name = "vault_key_pair"
 
 ### OPTIONAL VARIABLES
 
+# Use latest ami id
+# use_latest_ami = false
+
 # Version 
 # vault_version = "1.15.5"
 
diff --git a/variables.tf b/variables.tf
index da9ad34..a1789b1 100644
--- a/variables.tf
+++ b/variables.tf
@@ -152,12 +152,18 @@ variable "vault_instance_count" {
 
 # EC2 - AMI
 
-variable "use_lastest_ami" {
-  description = "Whether or not to use the latest version of Amazon Linux 2.  Defaults to false and uses a version that is known to work with this deployment."
+variable "use_latest_ami" {
+  description = "Whether or not to use the latest version.  Defaults to false and uses a version that is known to work with this deployment."
   type = bool
   default = false
 }
 
+variable "ami_id" {
+  description = "The AMI ID to use for the Vault instances. Defaults to Debian 11 x86_64."
+  type = string
+  default = "ami-0506d6d51f1916a96"
+}
+
 # DynamoDB
 
 variable "dynamodb_table_name" {

From 478bdd30daebac241883c97a49edd6d6b31655a0 Mon Sep 17 00:00:00 2001
From: matthieu42morin <matthieu.bernard.morin@gmail.com>
Date: Thu, 29 Feb 2024 19:40:39 +0100
Subject: [PATCH 4/5] debian 12 not 11 :facepalm:

---
 ec2-data.tf  | 2 +-
 variables.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ec2-data.tf b/ec2-data.tf
index 2bb2fea..df6b650 100644
--- a/ec2-data.tf
+++ b/ec2-data.tf
@@ -1,5 +1,5 @@
 # EC2 Data
 
 data "aws_ssm_parameter" "latest_ami" {
-  name = "/aws/service/debian/release/11/latest/amd64"
+  name = "/aws/service/debian/release/12/latest/amd64"
 }
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index a1789b1..38e7e27 100644
--- a/variables.tf
+++ b/variables.tf
@@ -159,7 +159,7 @@ variable "use_latest_ami" {
 }
 
 variable "ami_id" {
-  description = "The AMI ID to use for the Vault instances. Defaults to Debian 11 x86_64."
+  description = "The AMI ID to use for the Vault instances. Defaults to Debian 12 x86_64."
   type = string
   default = "ami-0506d6d51f1916a96"
 }

From 69714163f86f24c5fff88a62e2af4b5d39a40b9c Mon Sep 17 00:00:00 2001
From: matthieu42morin <matthieu.bernard.morin@gmail.com>
Date: Thu, 29 Feb 2024 20:05:35 +0100
Subject: [PATCH 5/5] Bastion instance type to variable, defaulting t3.micro

---
 ec2-bastion.tf | 2 +-
 variables.tf   | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/ec2-bastion.tf b/ec2-bastion.tf
index 9f52c19..18a3db6 100644
--- a/ec2-bastion.tf
+++ b/ec2-bastion.tf
@@ -5,7 +5,7 @@ resource "aws_instance" "bastion" {
   count = var.operator_mode ? 1 : 0
 
   ami = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
-  instance_type = "t2.micro"
+  instance_type = var.bastion_instance_type
   key_name = var.ec2_key_pair_name
   vpc_security_group_ids = [aws_security_group.bastion.id]
   subnet_id = aws_subnet.public[0].id
diff --git a/variables.tf b/variables.tf
index 38e7e27..0683f66 100644
--- a/variables.tf
+++ b/variables.tf
@@ -46,6 +46,12 @@ variable "vault_version" {
   default = "1.15.5"
 }
 
+variable "bastion_instance_type" {
+  description = "The EC2 instance size of the bastion server."
+  type = string
+  default = "t3.micro"
+}
+
 # Operator Mode
 ## Turning this on will enable NAT and Bastion to access the Vault Instances