Creating an EC2 and spot instance module

[qburst-praven]

Pls find the plan for the same (Removing the VPC section of the plan)

Terraform will perform the following actions:

  # module.ec2-private.aws_ebs_volume.default[0] will be created
  + resource "aws_ebs_volume" "default" {
      + arn                  = (known after apply)
      + availability_zone    = (known after apply)
      + encrypted            = true
      + final_snapshot       = false
      + id                   = (known after apply)
      + iops                 = 0
      + kms_key_id           = (known after apply)
      + multi_attach_enabled = false
      + size                 = 30
      + snapshot_id          = (known after apply)
      + tags                 = {
          + "Name" = "ec2-private-0-ebs-volume"
        }
      + tags_all             = {
          + "Environment" = "Test"
          + "Name"        = "ec2-private-0-ebs-volume"
          + "Project"     = "QBurst"
        }
      + throughput           = (known after apply)
      + type                 = "gp2"
    }

  # module.ec2-private.aws_instance.default[0] will be created
  + resource "aws_instance" "default" {
      + ami                                  = "ami-099b3d23e336c2e83"
      + arn                                  = (known after apply)
      + associate_public_ip_address          = false
      + availability_zone                    = (known after apply)
      + cpu_core_count                       = (known after apply)
      + cpu_threads_per_core                 = (known after apply)
      + disable_api_stop                     = (known after apply)
      + disable_api_termination              = false
      + ebs_optimized                        = false
      + get_password_data                    = false
      + host_id                              = (known after apply)
      + host_resource_group_arn              = (known after apply)
      + iam_instance_profile                 = (known after apply)
      + id                                   = (known after apply)
      + instance_initiated_shutdown_behavior = (known after apply)
      + instance_lifecycle                   = (known after apply)
      + instance_state                       = (known after apply)
      + instance_type                        = "t2.nano"
      + ipv6_address_count                   = (known after apply)
      + ipv6_addresses                       = (sensitive value)
      + key_name                             = "ec2-private"
      + monitoring                           = false
      + outpost_arn                          = (known after apply)
      + password_data                        = (known after apply)
      + placement_group                      = (known after apply)
      + placement_partition_number           = (known after apply)
      + primary_network_interface_id         = (known after apply)
      + private_dns                          = (known after apply)
      + private_ip                           = (known after apply)
      + public_dns                           = (known after apply)
      + public_ip                            = (known after apply)
      + secondary_private_ips                = (known after apply)
      + security_groups                      = (known after apply)
      + source_dest_check                    = true
      + spot_instance_request_id             = (known after apply)
      + subnet_id                            = (known after apply)
      + tags                                 = {
          + "Name" = "ec2-private-0"
        }
      + tags_all                             = {
          + "Environment" = "Test"
          + "Name"        = "ec2-private-0"
          + "Project"     = "QBurst"
        }
      + tenancy                              = "default"
      + user_data                            = "b0f3be9595a47178000e5e62edea7bffbc262f39"
      + user_data_base64                     = (known after apply)
      + user_data_replace_on_change          = false
      + vpc_security_group_ids               = (known after apply)

      + root_block_device {
          + delete_on_termination = true
          + device_name           = (known after apply)
          + encrypted             = true
          + iops                  = (known after apply)
          + kms_key_id            = (known after apply)
          + tags                  = {
              + "Name" = "ec2-private-0-root-volume"
            }
          + throughput            = (known after apply)
          + volume_id             = (known after apply)
          + volume_size           = 15
          + volume_type           = "gp2"
        }
    }

  # module.ec2-private.aws_key_pair.default[0] will be created
  + resource "aws_key_pair" "default" {
      + arn             = (known after apply)
      + fingerprint     = (known after apply)
      + id              = (known after apply)
      + key_name        = "ec2-private"
      + key_name_prefix = (known after apply)
      + key_pair_id     = (known after apply)
      + key_type        = (known after apply)
      + public_key      = (known after apply)
      + tags            = {
          + "Name" = "ec2-private-key"
        }
      + tags_all        = {
          + "Environment" = "Test"
          + "Name"        = "ec2-private-key"
          + "Project"     = "QBurst"
        }
    }

  # module.ec2-private.aws_kms_alias.default[0] will be created
  + resource "aws_kms_alias" "default" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + name           = "alias/ec2-private"
      + name_prefix    = (known after apply)
      + target_key_arn = (known after apply)
      + target_key_id  = (known after apply)
    }

  # module.ec2-private.aws_kms_key.default[0] will be created
  + resource "aws_kms_key" "default" {
      + arn                                = (known after apply)
      + bypass_policy_lockout_safety_check = false
      + customer_master_key_spec           = "SYMMETRIC_DEFAULT"
      + deletion_window_in_days            = 7
      + description                        = "KMS master key"
      + enable_key_rotation                = true
      + id                                 = (known after apply)
      + is_enabled                         = true
      + key_id                             = (known after apply)
      + key_usage                          = "ENCRYPT_DECRYPT"
      + multi_region                       = false
      + policy                             = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "kms:*"
                      + Effect    = "Allow"
                      + Principal = {
                          + AWS = "arn:aws:iam::062427305583:root"
                        }
                      + Resource  = "*"
                      + Sid       = "Enable IAM User Permissions"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + tags                               = {
          + "Name" = "ec2-private-kms-key"
        }
      + tags_all                           = {
          + "Environment" = "Test"
          + "Name"        = "ec2-private-kms-key"
          + "Project"     = "QBurst"
        }
    }

  # module.ec2-private.aws_security_group.default[0] will be created
  + resource "aws_security_group" "default" {
      + arn                    = (known after apply)
      + description            = "Instance default security group (only egress access is allowed)."
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "ec2-private-sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "Name" = "ec2-private-sg"
        }
      + tags_all               = {
          + "Environment" = "Test"
          + "Name"        = "ec2-private-sg"
          + "Project"     = "QBurst"
        }
      + vpc_id                 = (sensitive value)
    }

  # module.ec2-private.aws_security_group_rule.egress_ipv4[0] will be created
  + resource "aws_security_group_rule" "egress_ipv4" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the rule."
      + from_port                = 0
      + id                       = (known after apply)
      + protocol                 = "-1"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 65535
      + type                     = "egress"
    }

  # module.ec2-private.aws_security_group_rule.egress_ipv6[0] will be created
  + resource "aws_security_group_rule" "egress_ipv6" {
      + description              = "Description of the rule."
      + from_port                = 0
      + id                       = (known after apply)
      + ipv6_cidr_blocks         = [
          + "::/0",
        ]
      + protocol                 = "-1"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 65535
      + type                     = "egress"
    }

  # module.ec2-private.aws_security_group_rule.ingress[0] will be created
  + resource "aws_security_group_rule" "ingress" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the ingress rule use elasticache."
      + from_port                = 80
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 80
      + type                     = "ingress"
    }

  # module.ec2-private.aws_security_group_rule.ingress[1] will be created
  + resource "aws_security_group_rule" "ingress" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the ingress rule use elasticache."
      + from_port                = 443
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 443
      + type                     = "ingress"
    }

  # module.ec2-private.aws_security_group_rule.ssh_ingress[0] will be created
  + resource "aws_security_group_rule" "ssh_ingress" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the ingress rule use elasticache."
      + from_port                = 22
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 22
      + type                     = "ingress"
    }

  # module.ec2-private.aws_volume_attachment.default[0] will be created
  + resource "aws_volume_attachment" "default" {
      + device_name = "/dev/xvdb"
      + id          = (known after apply)
      + instance_id = (known after apply)
      + volume_id   = (known after apply)
    }

  # module.ec2-private.tls_private_key.default[0] will be created
  + resource "tls_private_key" "default" {
      + algorithm                     = "RSA"
      + ecdsa_curve                   = "P224"
      + id                            = (known after apply)
      + private_key_openssh           = (sensitive value)
      + private_key_pem               = (sensitive value)
      + private_key_pem_pkcs8         = (sensitive value)
      + public_key_fingerprint_md5    = (known after apply)
      + public_key_fingerprint_sha256 = (known after apply)
      + public_key_openssh            = (known after apply)
      + public_key_pem                = (known after apply)
      + rsa_bits                      = 4096
    }

  # module.ec2-public.aws_eip.default[0] will be created
  + resource "aws_eip" "default" {
      + allocation_id        = (known after apply)
      + association_id       = (known after apply)
      + carrier_ip           = (known after apply)
      + customer_owned_ip    = (known after apply)
      + domain               = (known after apply)
      + id                   = (known after apply)
      + instance             = (known after apply)
      + network_border_group = (known after apply)
      + network_interface    = (known after apply)
      + private_dns          = (known after apply)
      + private_ip           = (known after apply)
      + public_dns           = (known after apply)
      + public_ip            = (known after apply)
      + public_ipv4_pool     = (known after apply)
      + tags                 = {
          + "Name" = "ec2-public-0-eip"
        }
      + tags_all             = {
          + "Environment" = "Test"
          + "Name"        = "ec2-public-0-eip"
          + "Project"     = "QBurst"
        }
      + vpc                  = (known after apply)
    }

  # module.ec2-public.aws_instance.default[0] will be created
  + resource "aws_instance" "default" {
      + ami                                  = "ami-0d906b8d7a7fbf25f"
      + arn                                  = (known after apply)
      + associate_public_ip_address          = false
      + availability_zone                    = (known after apply)
      + cpu_core_count                       = (known after apply)
      + cpu_threads_per_core                 = (known after apply)
      + disable_api_stop                     = (known after apply)
      + disable_api_termination              = false
      + ebs_optimized                        = false
      + get_password_data                    = false
      + host_id                              = (known after apply)
      + host_resource_group_arn              = (known after apply)
      + iam_instance_profile                 = (known after apply)
      + id                                   = (known after apply)
      + instance_initiated_shutdown_behavior = (known after apply)
      + instance_lifecycle                   = (known after apply)
      + instance_state                       = (known after apply)
      + instance_type                        = "t2.micro"
      + ipv6_address_count                   = (known after apply)
      + ipv6_addresses                       = (sensitive value)
      + key_name                             = "ec2-public"
      + monitoring                           = false
      + outpost_arn                          = (known after apply)
      + password_data                        = (known after apply)
      + placement_group                      = (known after apply)
      + placement_partition_number           = (known after apply)
      + primary_network_interface_id         = (known after apply)
      + private_dns                          = (known after apply)
      + private_ip                           = (known after apply)
      + public_dns                           = (known after apply)
      + public_ip                            = (known after apply)
      + secondary_private_ips                = (known after apply)
      + security_groups                      = (known after apply)
      + source_dest_check                    = true
      + spot_instance_request_id             = (known after apply)
      + subnet_id                            = (known after apply)
      + tags                                 = {
          + "Name" = "ec2-public-0"
        }
      + tags_all                             = {
          + "Environment" = "Test"
          + "Name"        = "ec2-public-0"
          + "Project"     = "QBurst"
        }
      + tenancy                              = "default"
      + user_data_base64                     = (known after apply)
      + user_data_replace_on_change          = false
      + vpc_security_group_ids               = (known after apply)
    }

  # module.ec2-public.aws_key_pair.default[0] will be created
  + resource "aws_key_pair" "default" {
      + arn             = (known after apply)
      + fingerprint     = (known after apply)
      + id              = (known after apply)
      + key_name        = "ec2-public"
      + key_name_prefix = (known after apply)
      + key_pair_id     = (known after apply)
      + key_type        = (known after apply)
      + public_key      = (known after apply)
      + tags            = {
          + "Name" = "ec2-public-key"
        }
      + tags_all        = {
          + "Environment" = "Test"
          + "Name"        = "ec2-public-key"
          + "Project"     = "QBurst"
        }
    }

  # module.ec2-public.aws_kms_alias.default[0] will be created
  + resource "aws_kms_alias" "default" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + name           = "alias/ec2-public"
      + name_prefix    = (known after apply)
      + target_key_arn = (known after apply)
      + target_key_id  = (known after apply)
    }

  # module.ec2-public.aws_kms_key.default[0] will be created
  + resource "aws_kms_key" "default" {
      + arn                                = (known after apply)
      + bypass_policy_lockout_safety_check = false
      + customer_master_key_spec           = "SYMMETRIC_DEFAULT"
      + deletion_window_in_days            = 7
      + description                        = "KMS master key"
      + enable_key_rotation                = true
      + id                                 = (known after apply)
      + is_enabled                         = true
      + key_id                             = (known after apply)
      + key_usage                          = "ENCRYPT_DECRYPT"
      + multi_region                       = false
      + policy                             = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "kms:*"
                      + Effect    = "Allow"
                      + Principal = {
                          + AWS = "arn:aws:iam::062427305583:root"
                        }
                      + Resource  = "*"
                      + Sid       = "Enable IAM User Permissions"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + tags                               = {
          + "Name" = "ec2-public-kms-key"
        }
      + tags_all                           = {
          + "Environment" = "Test"
          + "Name"        = "ec2-public-kms-key"
          + "Project"     = "QBurst"
        }
    }

  # module.ec2-public.aws_security_group.default[0] will be created
  + resource "aws_security_group" "default" {
      + arn                    = (known after apply)
      + description            = "Instance default security group (only egress access is allowed)."
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = "ec2-public-sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "Name" = "ec2-public-sg"
        }
      + tags_all               = {
          + "Environment" = "Test"
          + "Name"        = "ec2-public-sg"
          + "Project"     = "QBurst"
        }
      + vpc_id                 = (sensitive value)
    }

  # module.ec2-public.aws_security_group_rule.egress_ipv4[0] will be created
  + resource "aws_security_group_rule" "egress_ipv4" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the rule."
      + from_port                = 0
      + id                       = (known after apply)
      + protocol                 = "-1"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 65535
      + type                     = "egress"
    }

  # module.ec2-public.aws_security_group_rule.egress_ipv6[0] will be created
  + resource "aws_security_group_rule" "egress_ipv6" {
      + description              = "Description of the rule."
      + from_port                = 0
      + id                       = (known after apply)
      + ipv6_cidr_blocks         = [
          + "::/0",
        ]
      + protocol                 = "-1"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 65535
      + type                     = "egress"
    }

  # module.ec2-public.aws_security_group_rule.ingress[0] will be created
  + resource "aws_security_group_rule" "ingress" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the ingress rule use elasticache."
      + from_port                = 80
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 80
      + type                     = "ingress"
    }

  # module.ec2-public.aws_security_group_rule.ingress[1] will be created
  + resource "aws_security_group_rule" "ingress" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the ingress rule use elasticache."
      + from_port                = 443
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 443
      + type                     = "ingress"
    }

  # module.ec2-public.aws_security_group_rule.ssh_ingress[0] will be created
  + resource "aws_security_group_rule" "ssh_ingress" {
      + cidr_blocks              = [
          + "0.0.0.0/0",
        ]
      + description              = "Description of the ingress rule use elasticache."
      + from_port                = 8443
      + id                       = (known after apply)
      + protocol                 = "tcp"
      + security_group_id        = (known after apply)
      + security_group_rule_id   = (known after apply)
      + self                     = false
      + source_security_group_id = (known after apply)
      + to_port                  = 8443
      + type                     = "ingress"
    }

  # module.ec2-public.tls_private_key.default[0] will be created
  + resource "tls_private_key" "default" {
      + algorithm                     = "RSA"
      + ecdsa_curve                   = "P224"
      + id                            = (known after apply)
      + private_key_openssh           = (sensitive value)
      + private_key_pem               = (sensitive value)
      + private_key_pem_pkcs8         = (sensitive value)
      + public_key_fingerprint_md5    = (known after apply)
      + public_key_fingerprint_sha256 = (known after apply)
      + public_key_openssh            = (known after apply)
      + public_key_pem                = (known after apply)
      + rsa_bits                      = 4096
    }
.
.
.
Plan: 41 to add, 0 to change, 0 to destroy.