45 lines
1.3 KiB
HCL
45 lines
1.3 KiB
HCL
# EC2 Launch Template
|
|
resource "aws_launch_template" "vault_instance" {
|
|
name_prefix = "${var.main_project_tag}-lt-"
|
|
image_id = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
|
|
instance_type = var.vault_instance_type
|
|
key_name = var.ec2_key_pair_name
|
|
vpc_security_group_ids = [aws_security_group.vault_instance.id]
|
|
|
|
iam_instance_profile {
|
|
arn = aws_iam_instance_profile.vault_instance_profile.arn
|
|
}
|
|
|
|
tag_specifications {
|
|
resource_type = "instance"
|
|
|
|
tags = merge(
|
|
{ "Name" = "${var.main_project_tag}-instance" },
|
|
{ "Project" = var.main_project_tag }
|
|
)
|
|
}
|
|
|
|
tag_specifications {
|
|
resource_type = "volume"
|
|
|
|
tags = merge(
|
|
{ "Name" = "${var.main_project_tag}-volume" },
|
|
{ "Project" = var.main_project_tag }
|
|
)
|
|
}
|
|
|
|
tags = merge(
|
|
{ "Name" = "${var.main_project_tag}-lt" },
|
|
{ "Project" = var.main_project_tag }
|
|
)
|
|
|
|
user_data = base64encode(templatefile("${path.module}/files/userdata_template.sh", {
|
|
VAULT_VERSION = var.vault_version
|
|
VAULT_CLUSTER_NAME = var.main_project_tag
|
|
VAULT_DNS = var.domain_name
|
|
VAULT_KMS_KEY_ID = aws_kms_key.seal.key_id
|
|
VAULT_CLUSTER_REGION = data.aws_region.current.name
|
|
VAULT_DYNAMODB_TABLE = var.dynamodb_table_name # dynamodb resource doesn't return name....
|
|
VAULT_S3_BUCKET_NAME = aws_s3_bucket.vault_data.id
|
|
}))
|
|
} |