Fixing ami id, porting to debian

2024-02-29 19:29:13 +01:00 · 2024-02-29 19:29:13 +01:00 · de3cfa42a7
parent ffd6c5b400
commit de3cfa42a7
5 changed files with 14 additions and 5 deletions
--- a/ec2-bastion.tf
+++ b/ec2-bastion.tf
@ -4,7 +4,7 @@
 resource "aws_instance" "bastion" {
  count = var.operator_mode ? 1 : 0

-  ami = var.use_lastest_ami ? data.aws_ssm_parameter.latest_ami.value : "ami-0323c3dd2da7fb37d"
+  ami = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
  instance_type = "t2.micro"
  key_name = var.ec2_key_pair_name
  vpc_security_group_ids = [aws_security_group.bastion.id]
--- a/ec2-data.tf
+++ b/ec2-data.tf
@ -1,5 +1,5 @@
 # EC2 Data

 data "aws_ssm_parameter" "latest_ami" {
-  name = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
+  name = "/aws/service/debian/release/11/latest/amd64"
 }
--- a/ec2-launch-template.tf
+++ b/ec2-launch-template.tf
@ -1,7 +1,7 @@
 # EC2 Launch Template
 resource "aws_launch_template" "vault_instance" {
  name_prefix = "${var.main_project_tag}-lt-"
-  image_id = var.use_lastest_ami ? data.aws_ssm_parameter.latest_ami.value : "ami-0323c3dd2da7fb37d"
+  image_id = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
  instance_type = var.vault_instance_type
  key_name = var.ec2_key_pair_name
  vpc_security_group_ids = [aws_security_group.vault_instance.id]
--- a/terraform.tfvars.example
+++ b/terraform.tfvars.example
@ -8,6 +8,9 @@ ec2_key_pair_name = "vault_key_pair"

 ### OPTIONAL VARIABLES

+# Use latest ami id
+# use_latest_ami = false
+
 # Version 
 # vault_version = "1.15.5"

--- a/variables.tf
+++ b/variables.tf
@ -152,12 +152,18 @@ variable "vault_instance_count" {

 # EC2 - AMI

-variable "use_lastest_ami" {
-  description = "Whether or not to use the latest version of Amazon Linux 2.  Defaults to false and uses a version that is known to work with this deployment."
+variable "use_latest_ami" {
+  description = "Whether or not to use the latest version.  Defaults to false and uses a version that is known to work with this deployment."
  type = bool
  default = false
 }

+variable "ami_id" {
+  description = "The AMI ID to use for the Vault instances. Defaults to Debian 11 x86_64."
+  type = string
+  default = "ami-0506d6d51f1916a96"
+}
+
 # DynamoDB

 variable "dynamodb_table_name" {