intel · kevinbleckmann · Aug 24, 2023 · Aug 24, 2023 · Aug 24, 2023
diff --git a/examples/amazon-ec2-rhel-default-vpc/README.md b/examples/amazon-ec2-rhel-default-vpc/README.md
@@ -0,0 +1,104 @@
+<p align="center">
+  <img src="https://github.com/intel/terraform-intel-aws-vm/blob/main/images/logo-classicblue-800px.png?raw=true" alt="Intel Logo" width="250"/>
+</p>
+
+# Intel Cloud Optimization Modules for Terraform
+
+© Copyright 2022, Intel Corporation
+
+## Terraform Intel AWS VM - Red Hat RHEL VM in Default VPC
+
+This example creates an AWS Red Hat Enterprise Linux (RHEL) EC2 instance on a 4th Generation Intel® Xeon® Scalable Processor (Sapphire Rapids) in the default VPC. It is configured to create the EC2 instance in US-East-1 region. The region is provided in variables.tf in this example folder.
+
+This example also creates an EC2 key pair. It associates the public key with the EC2 instance. The private key is created in the local system where terraform apply is done. It also creates a new scurity group to open up the SSH port 22 to a specific IP CIDR block. This example requires RHEL SSM Parameter name for the ami_ssm_parameter in the variables file. More information can be found on [Red Hat Enterprise Linux Images Available on Amazon Web Services Documentation](<https://access.redhat.com/solutions/15356>)
+
+In this example, the tags Name, Owner and Duration are added to the EC2 instance when it is created.
+
+## Usage
+
+**See examples folder ./examples/amazon-linux-ec2-default-vpc**
+
+variables.tf
+
+```hcl
+variable "region" {
+  description = "Target AWS region to deploy EC2 in."
+  type        = string
+  default     = "us-east-1"
+}
+
+variable "ami_ssm_parameter" {
+  description = "SSM parameter name for the AMI ID. For Red Hat Enterprise Image Documentation see [reference] (https://access.redhat.com/solutions/15356)."
+  type        = string
+  default     = "/aws/service/RHEL-9.0 0_HVM-20220513-x86_64-0-Hourly2-GP2"
+}
+```
+main.tf
+```hcl
+resource "random_id" "rid" {
+  byte_length = 5
+}
+
+# RSA key of size 4096 bits
+resource "tls_private_key" "rsa" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "aws_key_pair" "TF_key" {
+  key_name   = "TF_key-${random_id.rid.dec}"
+  public_key = tls_private_key.rsa.public_key_openssh
+}
+
+resource "local_file" "TF_private_key" {
+  content  = tls_private_key.rsa.private_key_pem
+  filename = "tfkey.private"
+}
+
+resource "aws_security_group" "ssh_security_group" {
+  description = "security group to configure ports for ssh"
+  ingress {
+    from_port = 22
+    to_port   = 22
+    protocol  = "tcp"
+
+    ## CHANGE THE IP CIDR BLOCK BELOW TO ALL YOUR OWN SSH PORT ##
+    cidr_blocks = ["a.b.c.d/x"]
+  }
+}
+
+resource "aws_network_interface_sg_attachment" "sg_attachment" {
+  security_group_id    = aws_security_group.ssh_security_group.id
+  network_interface_id = module.ec2-vm.primary_network_interface_id
+}
+
+module "ec2-vm" {
+  source   = "intel/aws-vm/intel"
+  key_name = aws_key_pair.TF_key.key_name
+  ami      = "ami-0c41531b8d18cc72b"
+  tags = {
+    Name     = "my-test-vm-${random_id.rid.dec}"
+    Owner    = "OwnerName-${random_id.rid.dec}",
+    Duration = "2"
+  }
+}
+```
+
+
+
+Run Terraform
+Replace the line below with you own IPV4 CIDR range before running the example.
+
+```hcl
+cidr_blocks = ["a.b.c.d/x"]
+```
+
+Run the following terraform commands
+```hcl
+terraform init  
+terraform plan
+terraform apply  
+```
+## Considerations
+- The AWS region where this example is run should have a default VPC
+- It is important to change the ami_ssm_parameter variable in the variables.tf file to the correct name for the module to sucessfully run. Make sure to view the Red Hat documentation to make sure the name matches the correct AMI and region. More details can be found here: https://access.redhat.com/solutions/15356
diff --git a/examples/amazon-ec2-rhel-default-vpc/main.tf b/examples/amazon-ec2-rhel-default-vpc/main.tf
@@ -0,0 +1,56 @@
+# Provision EC2 Instance on Icelake on Amazon Linux OS in default vpc. It is configured to create the EC2 in
+# US-East-1 region. The region is provided in variables.tf in this example folder.
+
+# This example also create an EC2 key pair. Associate the public key with the EC2 instance. Create the private key
+# in the local system where terraform apply is done. Create a new scurity group to open up the SSH port 
+# 22 to a specific IP CIDR block
+
+######### PLEASE NOTE TO CHANGE THE IP CIDR BLOCK TO ALLOW SSH FROM YOUR OWN ALLOWED IP ADDRESS FOR SSH #########
+
+resource "random_id" "rid" {
+  byte_length = 5
+}
+
+# RSA key of size 4096 bits
+resource "tls_private_key" "rsa" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "aws_key_pair" "TF_key" {
+  key_name   = "TF_key-${random_id.rid.dec}"
+  public_key = tls_private_key.rsa.public_key_openssh
+}
+
+resource "local_file" "TF_private_key" {
+  content  = tls_private_key.rsa.private_key_pem
+  filename = "tfkey.private"
+}
+
+resource "aws_security_group" "ssh_security_group" {
+  description = "security group to configure ports for ssh"
+  ingress {
+    from_port = 22
+    to_port   = 22
+    protocol  = "tcp"
+
+    ## CHANGE THE IP CIDR BLOCK BELOW TO ALL YOUR OWN SSH PORT ##
+    cidr_blocks = ["a.b.c.d/x"]
+  }
+}
+
+resource "aws_network_interface_sg_attachment" "sg_attachment" {
+  security_group_id    = aws_security_group.ssh_security_group.id
+  network_interface_id = module.ec2-vm.primary_network_interface_id
+}
+
+module "ec2-vm" {
+  source            = "intel/aws-vm/intel"
+  key_name          = aws_key_pair.TF_key.key_name
+  ami               = "ami-0c41531b8d18cc72b"
+  tags = {
+    Name     = "my-test-vm-${random_id.rid.dec}"
+    Owner    = "OwnerName-${random_id.rid.dec}",
+    Duration = "2"
+  }
+}
diff --git a/examples/amazon-ec2-rhel-default-vpc/outputs.tf b/examples/amazon-ec2-rhel-default-vpc/outputs.tf
@@ -0,0 +1,113 @@
+output "id" {
+  description = "The ID of the instance"
+  value       = try(module.ec2-vm.id, module.ec2-vm.id, "")
+}
+
+output "arn" {
+  description = "The ARN of the instance"
+  value       = try(module.ec2-vm.arn, "")
+}
+
+output "capacity_reservation_specification" {
+  description = "Capacity reservation specification of the instance"
+  value       = try(module.ec2-vm.capacity_reservation_specification, "")
+}
+
+output "instance_state" {
+  description = "The state of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`"
+  value       = try(module.ec2-vm.instance_state, "")
+}
+
+output "outpost_arn" {
+  description = "The ARN of the Outpost the instance is assigned to"
+  value       = try(module.ec2-vm.outpost_arn, "")
+}
+
+output "password_data" {
+  description = "Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true"
+  value       = try(module.ec2-vm.password_data, "")
+}
+
+output "primary_network_interface_id" {
+  description = "The ID of the instance's primary network interface"
+  value       = try(module.ec2-vm.primary_network_interface_id, "")
+}
+
+output "private_dns" {
+  description = "The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC"
+  value       = try(module.ec2-vm.private_dns, "")
+}
+
+output "public_dns" {
+  description = "The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC"
+  value       = try(module.ec2-vm.public_dns, "")
+}
+
+output "public_ip" {
+  description = "The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached"
+  value       = try(module.ec2-vm.public_ip, "")
+}
+
+output "private_ip" {
+  description = "The private IP address assigned to the instance."
+  value       = try(module.ec2-vm.private_ip, "")
+}
+
+output "ipv6_addresses" {
+  description = "The IPv6 address assigned to the instance, if applicable."
+  value       = try(module.ec2-vm.ipv6_addresses, [])
+}
+
+output "tags_all" {
+  description = "A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block"
+  value       = try(module.ec2-vm.tags_all, {})
+}
+
+output "spot_bid_status" {
+  description = "The current bid status of the Spot Instance Request"
+  value       = try(module.ec2-vm.spot_bid_status, "")
+}
+
+output "spot_request_state" {
+  description = "The current request state of the Spot Instance Request"
+  value       = try(module.ec2-vm.spot_request_state, "")
+}
+
+output "spot_instance_id" {
+  description = "The Instance ID (if any) that is currently fulfilling the Spot Instance request"
+  value       = try(module.ec2-vm.spot_instance_id, "")
+}
+
+################################################################################
+# IAM Role / Instance Profile
+################################################################################
+
+output "iam_role_name" {
+  description = "The name of the IAM role"
+  value       = try(module.ec2-vm.aws_iam_role.name, null)
+}
+
+output "iam_role_arn" {
+  description = "The Amazon Resource Name (ARN) specifying the IAM role"
+  value       = try(module.ec2-vm.aws_iam_role.arn, null)
+}
+
+output "iam_role_unique_id" {
+  description = "Stable and unique string identifying the IAM role"
+  value       = try(module.ec2-vm.aws_iam_role.unique_id, null)
+}
+
+output "iam_instance_profile_arn" {
+  description = "ARN assigned by AWS to the instance profile"
+  value       = try(module.ec2-vm.aws_iam_instance_profile.arn, null)
+}
+
+output "iam_instance_profile_id" {
+  description = "Instance profile's ID"
+  value       = try(module.ec2-vm.aws_iam_instance_profile.id, null)
+}
+
+output "iam_instance_profile_unique" {
+  description = "Stable and unique string identifying the IAM instance profile"
+  value       = try(module.ec2-vm.aws_iam_instance_profile.unique_id, null)
+}
diff --git a/examples/amazon-ec2-rhel-default-vpc/providers.tf b/examples/amazon-ec2-rhel-default-vpc/providers.tf
@@ -0,0 +1,4 @@
+provider "aws" {
+  # Environment Variables used for Authentication
+  region = var.region
+}
diff --git a/examples/amazon-ec2-rhel-default-vpc/variables.tf b/examples/amazon-ec2-rhel-default-vpc/variables.tf
@@ -0,0 +1,12 @@
+variable "region" {
+  description = "Target AWS region to deploy EC2 in."
+  type        = string
+  default     = "us-east-1"
+}
+variable "ami_ssm_parameter" {
+  description = "SSM parameter name for the AMI ID. For Red Hat Enterprise Image Documentation see [reference] (https://access.redhat.com/solutions/15356)."
+  type        = string
+  default     = "/aws/service/RHEL-9.0.0_HVM-20220513-x86_64-0-Hourly2-GP2"
+}
+
+
diff --git a/examples/amazon-ec2-rhel-default-vpc/versions.tf b/examples/amazon-ec2-rhel-default-vpc/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">=1.3.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.60.0"
+    }
+  }
+}