fix the examples and volumes part

Sohan · Sohan · commit aa59be92333b · 2021-07-08T13:05:48.000+05:30
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
@@ -52,4 +52,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
-        if: always()
+        if: always()
diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@
     Terraform AWS EC2
 </h1>
 
-<p align="center" style="font-size: 1.2rem;"> 
+<p align="center" style="font-size: 1.2rem;">
     Terraform module to create an EC2 resource on AWS with ElasticC IP Addresses and Elastic Block Store.
      </p>
 
@@ -38,7 +38,7 @@
 <hr>
 
 
-We eat, drink, sleep and most importantly love **DevOps**. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy <b>Bigger problems are always solved by breaking them into smaller manageable problems</b>. Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller <b>connected yet manageable pieces</b> within the infrastructure. 
+We eat, drink, sleep and most importantly love **DevOps**. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy <b>Bigger problems are always solved by breaking them into smaller manageable problems</b>. Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller <b>connected yet manageable pieces</b> within the infrastructure.
 
 This module is basically combination of [Terraform open source](https://www.terraform.io/) and includes automatation tests and examples. It also helps to create and improve your infrastructure with minimalistic code instead of maintaining the whole infrastructure code yourself.
 
@@ -49,7 +49,7 @@ We have [*fifty plus terraform modules*][terraform_modules]. A few of them are c
 
 ## Prerequisites
 
-This module has a few dependencies: 
+This module has a few dependencies:
 
 - [Terraform 0.13](https://learn.hashicorp.com/terraform/getting-started/install.html)
 - [Go](https://golang.org/doc/install)
@@ -214,7 +214,7 @@ Here is examples of how you can use this module in your inventory structure:
 
 
 ## Testing
-In this module testing is performed with [terratest](https://github.com/gruntwork-io/terratest) and it creates a small piece of infrastructure, matches the output like ARN, ID and Tags name etc and destroy infrastructure in your AWS account. This testing is written in GO, so you need a [GO environment](https://golang.org/doc/install) in your system. 
+In this module testing is performed with [terratest](https://github.com/gruntwork-io/terratest) and it creates a small piece of infrastructure, matches the output like ARN, ID and Tags name etc and destroy infrastructure in your AWS account. This testing is written in GO, so you need a [GO environment](https://golang.org/doc/install) in your system.
 
 You need to run the following command in the testing folder:
 ```hcl
@@ -223,7 +223,7 @@ You need to run the following command in the testing folder:
 
 
 
-## Feedback 
+## Feedback
 If you come accross a bug or have any feedback, please log it in our [issue tracker](https://github.com/clouddrove/terraform-aws-ec2/issues), or feel free to drop us an email at [hello@clouddrove.com](mailto:hello@clouddrove.com).
 
 If you have found it worth your time, go ahead and give us a ★ on [our GitHub](https://github.com/clouddrove/terraform-aws-ec2)!
diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf
@@ -76,7 +76,7 @@ module "kms_key" {
   description             = "KMS key for ec2"
   deletion_window_in_days = 7
   enable_key_rotation     = true
-  alias                   = "alias/ec2"
+  alias                   = "alias/ec2-instance"
   policy                  = data.aws_iam_policy_document.kms.json
 }
 
@@ -121,37 +121,56 @@ data "aws_iam_policy_document" "iam-policy" {
 }
 
 module "ec2" {
-  source = "./../../"
-
+  source      = "./../../"
   name        = "ec2"
   environment = "test"
   label_order = ["name", "environment"]
 
-  instance_count              = 1
-  ami                         = "ami-08d658f84a6d84a80"
-  instance_type               = "t2.nano"
-  monitoring                  = false
-  tenancy                     = "default"
+  #instance
+  instance_enabled = true
+  instance_count   = 2
+  ami              = "ami-08d658f84a6d84a80"
+  instance_type    = "t2.nano"
+  monitoring       = false
+  tenancy          = "default"
+
+  #Networking
   vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids]
   subnet_ids                  = tolist(module.public_subnets.public_subnet_id)
-
-  assign_eip_address                   = true
-  associate_public_ip_address          = true
-  instance_profile_enabled             = true
-  iam_instance_profile                 = module.iam-role.name
-  disk_size                            = 8
-  ebs_optimized                        = false
-  ebs_volume_enabled                   = true
-  ebs_volume_type                      = "gp2"
-  ebs_volume_size                      = 30
-  instance_tags                        = { "snapshot" = true }
-  dns_zone_id                          = "Z1XJD7SSBKXLC1"
-  hostname                             = "ec2"
-  kms_key_id                           = module.kms_key.key_arn
-  metadata_http_tokens_required        = true
-  metadata_http_endpoint_enabled       = true
-  metadata_http_put_response_hop_limit = "2"
-  delete_on_termination                = false
-  user_data                            = file("user-data.sh")
+  assign_eip_address          = true
+  associate_public_ip_address = true
+
+  #IAM
+  instance_profile_enabled = false
+  iam_instance_profile     = module.iam-role.name
+
+  #Root Volume
+  root_block_device = [
+    {
+      volume_type           = "gp2"
+      volume_size           = 15
+      delete_on_termination = true
+      kms_key_id            = module.kms_key.key_arn
+    }
+  ]
+
+  #EBS Volume
+  ebs_optimized      = false
+  ebs_volume_enabled = false
+  ebs_volume_type    = "gp2"
+  ebs_volume_size    = 30
+
+  #DNS
+  dns_enabled = false
+  dns_zone_id = "Z1XJD7SSBKXLC1"
+  hostname    = "ec2"
+
+  #Tags
+  instance_tags = { "snapshot" = true }
+
+  # Metadata
+  metadata_http_tokens_required        = "required"
+  metadata_http_endpoint_enabled       = "enabled"
+  metadata_http_put_response_hop_limit = 2
 
 }
diff --git a/_example/secure_example/example.tf b/_example/secure_example/example.tf
@@ -8,7 +8,7 @@ module "vpc" {
 
   name        = "vpc"
   environment = "test"
-  label_order = ["environment", "name"]
+  label_order = ["name", "environment"]
 
   cidr_block = "172.16.0.0/16"
 }
@@ -17,10 +17,9 @@ module "public_subnets" {
   source  = "clouddrove/subnet/aws"
   version = "0.15.0"
 
-
   name        = "public-subnet"
   environment = "test"
-  label_order = ["environment", "name"]
+  label_order = ["name", "environment"]
 
   availability_zones = ["eu-west-1b", "eu-west-1c"]
   vpc_id             = module.vpc.vpc_id
@@ -31,79 +30,51 @@ module "public_subnets" {
 }
 
 module "http-https" {
-  source  = "clouddrove/security-group/aws"
-  version = "0.15.0"
-
+  source      = "clouddrove/security-group/aws"
+  version     = "0.15.0"
   name        = "http-https"
   environment = "test"
-  label_order = ["environment", "name"]
+  label_order = ["name", "environment"]
 
   vpc_id        = module.vpc.vpc_id
   allowed_ip    = ["0.0.0.0/0"]
   allowed_ports = [80, 443]
 }
 
 module "ssh" {
-  source  = "clouddrove/security-group/aws"
-  version = "0.15.0"
-
+  source      = "clouddrove/security-group/aws"
+  version     = "0.15.0"
   name        = "ssh"
   environment = "test"
-  label_order = ["environment", "name"]
+  label_order = ["name", "environment"]
 
   vpc_id        = module.vpc.vpc_id
   allowed_ip    = [module.vpc.vpc_cidr_block, "0.0.0.0/0"]
   allowed_ports = [22]
 }
 
+module "keypair" {
+  source          = "clouddrove/keypair/aws"
+  version         = "0.15.0"
+  public_key      = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDc4AjHFctUATtd5of4u9bJtTgkh9bKogSDjxc9QqbylRORxUa422jO+t1ldTVdyqDRKltxQCJb4v23HZc2kssU5uROxpiF2fzgiHXRduL+RtyOtY2J+rNUdCRmHz4WQySblYpgteIJZpVo2smwdek8xSpjoHXhgxxa9hb4pQQwyjtVGEdH8vdYwtxgPZgPVaJgHVeJgVmhjTf2VGTATaeR9txzHsEPxhe/n1y34mQjX0ygEX8x0RZzlGziD1ih3KPaIHcpTVSYYk4LOoMK38vEI67SIMomskKn4yU043s+t9ZriJwk2V9+oU6tJU/5E1rd0SskXUhTypc3/Znc/rkYtLe8s6Uy26LOrBFzlhnCT7YH1XbCv3rEO+Nn184T4BSHeW2up8UJ1SOEd+WzzynXczdXoQcBN2kaz4dYFpRXchsAB6ejZrbEq7wyZvutf11OiS21XQ67+30lEL2WAO4i95e4sI8AdgwJgzrqVcicr3ImE+BRDkndMn5k1LhNGqwMD3Iuoel84xvinPAcElDLiFmL3BJVA/53bAlUmWqvUGW9SL5JpLUmZgE6kp+Tps7D9jpooGGJKmqgJLkJTzAmTSJh0gea/rT5KwI4j169TQD9xl6wFqns4BdQ4dMKHQCgDx8LbEd96l9F9ruWwQ8EAZBe4nIEKTV9ri+04JVhSQ== sohan@clouddrove.com"
+  key_name        = "devops"
+  environment     = "test"
+  enable_key_pair = true
+}
+
 module "iam-role" {
   source  = "clouddrove/iam-role/aws"
   version = "0.15.0"
 
-  name               = "iam-role-ec2"
+  name               = "iam-role"
   environment        = "test"
-  label_order        = ["environment", "name"]
+  label_order        = ["name", "environment"]
   assume_role_policy = data.aws_iam_policy_document.default.json
 
   policy_enabled = true
   policy         = data.aws_iam_policy_document.iam-policy.json
 }
 
-data "aws_iam_policy_document" "default" {
-  statement {
-    effect  = "Allow"
-    actions = ["sts:AssumeRole"]
-    principals {
-      type        = "Service"
-      identifiers = ["ec2.amazonaws.com"]
-    }
-  }
-}
-
-data "aws_iam_policy_document" "iam-policy" {
-  statement {
-    actions = [
-      "ssm:UpdateInstanceInformation",
-      "ssmmessages:CreateControlChannel",
-      "ssmmessages:CreateDataChannel",
-      "ssmmessages:OpenControlChannel",
-    "ssmmessages:OpenDataChannel"]
-    effect    = "Allow"
-    resources = ["*"]
-  }
-  statement {
-    actions = [
-    "kms:CreateGrant"]
-    effect    = "Allow"
-    resources = [module.kms_key.key_arn]
-    condition {
-      test     = "Bool"
-      values   = [true]
-      variable = "kms:GrantIsForAWSResource"
-    }
-  }
-}
-
 module "kms_key" {
   source                  = "clouddrove/kms/aws"
   version                 = "0.15.0"
@@ -114,10 +85,11 @@ module "kms_key" {
   description             = "KMS key for ec2"
   deletion_window_in_days = 7
   enable_key_rotation     = true
-  alias                   = "alias/ec2"
+  alias                   = "alias/ec2-instance"
   policy                  = data.aws_iam_policy_document.kms.json
 }
 
+
 data "aws_iam_policy_document" "kms" {
   version = "2012-10-17"
   statement {
@@ -133,39 +105,86 @@ data "aws_iam_policy_document" "kms" {
 
 }
 
-module "ec2" {
-  source = "./../../"
+data "aws_iam_policy_document" "default" {
+  statement {
+    effect  = "Allow"
+    actions = ["sts:AssumeRole"]
+    principals {
+      type        = "Service"
+      identifiers = ["ec2.amazonaws.com"]
+    }
+  }
+}
 
+data "aws_iam_policy_document" "iam-policy" {
+  statement {
+    actions = [
+      "ssm:UpdateInstanceInformation",
+      "ssmmessages:CreateControlChannel",
+      "ssmmessages:CreateDataChannel",
+      "ssmmessages:OpenControlChannel",
+    "ssmmessages:OpenDataChannel"]
+    effect    = "Allow"
+    resources = ["*"]
+  }
+}
+
+module "ec2" {
+  source      = "./../../"
   name        = "ec2"
   environment = "test"
   label_order = ["name", "environment"]
 
-  instance_count              = 2
-  ami                         = "ami-08d658f84a6d84a80"
-  instance_type               = "t2.nano"
-  monitoring                  = false
-  tenancy                     = "default"
+  #Instance
+  instance_enabled = true
+  instance_count   = 2
+  ami              = "ami-08d658f84a6d84a80"
+  instance_type    = "t2.nano"
+  monitoring       = false
+  tenancy          = "default"
+
+  #Keypair
+  key_name = module.keypair.name
+
+  #Networking
   vpc_security_group_ids_list = [module.ssh.security_group_ids, module.http-https.security_group_ids]
   subnet_ids                  = tolist(module.public_subnets.public_subnet_id)
-
   assign_eip_address          = true
   associate_public_ip_address = true
 
-  instance_profile_enabled = true
+  #IAM
+  instance_profile_enabled = false
   iam_instance_profile     = module.iam-role.name
 
-  disk_size                            = 8
-  ebs_optimized                        = false
-  ebs_volume_enabled                   = true
-  ebs_volume_type                      = "gp2"
-  ebs_volume_size                      = 30
-  kms_key_id                           = module.kms_key.key_arn
-  instance_tags                        = { "snapshot" = true }
-  dns_zone_id                          = "Z1XJD7SSBKXLC1"
-  hostname                             = "ec2"
-  metadata_http_tokens_required        = true
-  metadata_http_endpoint_enabled       = true
-  metadata_http_put_response_hop_limit = "2"
-  delete_on_termination                = false
-  user_data                            = file("user-data.sh")
+  #Root Volume
+  root_block_device = [
+    {
+      volume_type           = "gp2"
+      volume_size           = 15
+      delete_on_termination = true
+      kms_key_id            = module.kms_key.key_arn
+    }
+  ]
+
+  #EBS Volume
+  ebs_optimized      = false
+  ebs_volume_enabled = true
+  ebs_volume_type    = "gp2"
+  ebs_volume_size    = 30
+
+  #DNS
+  dns_enabled = false
+  dns_zone_id = "Z1XJD7SSBKXLC1"
+  hostname    = "ec2"
+
+  #Tags
+  instance_tags = { "snapshot" = true }
+
+  # Metadata
+  metadata_http_tokens_required        = "required"
+  metadata_http_endpoint_enabled       = "enabled"
+  metadata_http_put_response_hop_limit = 2
+
+  #Mount EBS With User Data
+  user_data = file("user-data.sh")
 }
diff --git a/main.tf b/main.tf
diff --git a/variables.tf b/variables.tf
