Problems creating simple terraform script to spin up an AWS EC2 instance

1
votes

I am trying to deploy an EC2 instance on Amazon Web Services using Terraform. I have AWS CLI installed and working on a linux box. Using terraform I would like to mimic the action of the command line instruction below (though hopefully with a little bit of improvement):

aws ec2 run-instances --image-id ami-0127d62154efde733 --count 1 --instance-type t3a.nano --key-name aws-key --security-group-ids launch-wizard-13 --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=test}]'

This will create an instance in eu-west-1c (though this is not defined, and my account is selected as being in eu-west-1) and I can ssh in no problem.

  • I'd like to have a simple .tf file to mimic the behaviour of the above command line.
  • I would like to define the region where the server is being deployed, e.g. being able to spin up a server in the US would be nice.
  • The image I'm wanting to use is the most recent ubuntu server, so wild carding for the image type would be preferable to using an id (I believe there may be different id's for different regions, but on that I'm not sure).
  • The security group (launch-wizard-13) is defined in my account, in the Network and Security settings.

I've tried looking at the official documentation, blogs and github repositories but can't get a simple .tf file to work for the above case. Usually it's the security group that's the problem, but if I leave that section out from the command line above, then I can't ssh in. Please help.

edit:

In repsonse to @Marcin, the full .tf I'm presently running (terraform apply) is

provider "aws" {
  region = "eu-west-2"
}

resource "aws_instance" "myEc2" {
  ami           = "ami-0127d62154efde733"
  instance_type = "t3a.nano"
  key_name      = "aws-key"
  security_groups = [
    "launch-wizard-13"
  ]

  tags = {
    Name = "test"
  }
}

which results in the error,

aws_instance.myEc2: Creating...

Error: Error launching instance, possible mismatch of Security Group IDs and Names. See AWS Instance docs here: https://terraform.io/docs/providers/aws/r/instance.html.

        AWS Error: InvalidParameterValue: Value () for parameter groupId is invalid. The value cannot be empty
        status code: 400, request id: 22b572d8-d0d3-4e2e-ba1b-3db91d2e05f6

  on terraform-ec2.tf line 5, in resource "aws_instance" "myEc2":
   5: resource "aws_instance" "myEc2" {
2
amazon-web-servicesamazon-ec2terraform

2 Answers

1
votes

I tried to verify your terrform code, after adapting it to my account, but I haven't found any issue with it. It worked.

The only way I think group_id would be required is if you run the code in a non-default vpc (I tested in default vpc).

Thus if you run the code in non-default VPC and want to use security group by name (not id), you can try the following:

# get the details of existing launch-wizard-13 security group

data "aws_security_group" "selected" {
  name = "launch-wizard-13"
}

then use the group id in your resource:

# in your aws_instance resources

vpc_security_group_ids = [
  data.aws_security_group.selected.id
]

But your code you've posted does not include any information about custom VPC. Thus, I don't see a reason why you would get problems with groupId.

UPDATE

Fully working code. I tested it us-east-1 region with my key-pair. You need to change it to your region:

provider "aws" {
  # your data
}


resource "aws_security_group" "allow_ssh" {

  description = "Allow ssh inbound traffic"

  ingress {
    description = "ssh"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

}


resource "aws_instance" "myEc2" {
  ami           = "ami-02354e95b39ca8dec" # "ami-0127d62154efde733"
  instance_type =  "t2.micro" # "t3a.nano"
  key_name      = "MyKey" # "<aws-key>"
  
  vpc_security_group_ids = [
   aws_security_group.allow_ssh.id
  ]

  tags = {
    Name = "test"
  }
}
0
votes

You can refer to the EC2 section from the terraform documentation

create a file .tf with something like

provider "aws" {
  region = "eu-west-1c"
}

resource "aws_instance" "myEc2" {
  ami           = "ami-0127d62154efde733"
  instance_type = "t3.nano"
  key_name      = "<aws-key>"
  vpc_security_group_ids = [
    "launch-wizard-13"
  ]

  tags = {
    Name = "test"
  }
}