Skip to content

T
terraform-aws-ec2-instance
Commit a327acd9 authored by Anton Babenko's avatar Anton Babenko Committed by GitHub
Browse files
Options

Add encrypted and kms_key_id arguments to the ebs_* and root_* block (#124) 

* Add encrypted and kms_key_id arguments to the ebs_* and root_* block device configuration blocks

This commit resolves #6

* Updated example to include volume encryption settings
parent dc4cc78b
Hide whitespace changes
Inline Side-by-side
Showing with 17 additions and 1 deletion
examples/basic/main.tf
View file @ a327acd9
......@@ -58,10 +58,13 @@ resource "aws_placement_group" "web" {
strategy = "cluster"
}
resource "aws_kms_key" "this" {
}
module "ec2" {
source = "../../"
instance_count = 2
instance_count = 1
name = "example-normal"
ami = data.aws_ami.amazon_linux.id
......@@ -79,6 +82,16 @@ module "ec2" {
},
]
ebs_block_device = [
{
device_name = "/dev/sdf"
volume_type = "gp2"
volume_size = 5
encrypted = true
kms_key_id = aws_kms_key.this.arn
}
]
tags = {
"Env" = "Private"
"Location" = "Secret"
......
main.tf
View file @ a327acd9
......@@ -32,7 +32,9 @@ resource "aws_instance" "this" {
for_each = var.root_block_device
content {
delete_on_termination = lookup(root_block_device.value, "delete_on_termination", null)
encrypted = lookup(root_block_device.value, "encrypted", null)
iops = lookup(root_block_device.value, "iops", null)
kms_key_id = lookup(root_block_device.value, "kms_key_id", null)
volume_size = lookup(root_block_device.value, "volume_size", null)
volume_type = lookup(root_block_device.value, "volume_type", null)
}
......@@ -45,6 +47,7 @@ resource "aws_instance" "this" {
device_name = ebs_block_device.value.device_name
encrypted = lookup(ebs_block_device.value, "encrypted", null)
iops = lookup(ebs_block_device.value, "iops", null)
kms_key_id = lookup(ebs_block_device.value, "kms_key_id", null)
snapshot_id = lookup(ebs_block_device.value, "snapshot_id", null)
volume_size = lookup(ebs_block_device.value, "volume_size", null)
volume_type = lookup(ebs_block_device.value, "volume_type", null)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment