Red Instance

Requirements:

1. Terraform 1.13.5
2. Trivy >= 0.67.2

Trivy can be installed via Homebrew on macOS with the command:

brew install aquasecurity/trivy/trivy

A EC2 module module designed to be practical for casual use.

Features

1. Gives to ability for create a EC2 Instance
2. EC2 is already setup for SSM Agent to be installed
3. Creates Key for SSH Access
4. Dynamically Create Ingress Security Rules
5. Optionally create all network infrastructure needed for public access
6. Optionally create public DNS record for the Red Instance
7. Optionally pass user data into instance creation
8. Optionally enabled S3 Bucket IAM Role Access

Contains a useful script for setting up AWS CLI and updating OS packages for both SUSE and Ubuntu Linux.

Requirements

Name	Version
terraform	1.13.5
aws	6.20.0

Providers

Name	Version
aws	6.20.0
local	n/a
tls	n/a

Modules

No modules.

Resources

Name	Type
aws_eip.red_instance_eip	resource
aws_iam_instance_profile.red_instance_profile	resource
aws_iam_role.red_role	resource
aws_iam_role_policy.s3_bucket_policy	resource
aws_iam_role_policy_attachment.red_ssm_policy_attachment	resource
aws_instance.red-instance	resource
aws_internet_gateway.igw	resource
aws_key_pair.red_key	resource
aws_route53_record.red_instance_dns	resource
aws_route_table.public	resource
aws_route_table_association.public	resource
aws_security_group.red_sg	resource
aws_subnet.public	resource
aws_vpc.main	resource
local_file.red_private_key_file	resource
tls_private_key.red_private_key	resource
aws_ami.red_ami	data source
aws_route53_zone.zone	data source

Inputs

Name	Description	Type	Default	Required
additional_tags	Additional tags to apply to the resources	map(string)	{}	no
allocate_eip	Controls whether an Elastic IP should be allocated	bool	true	no
ami_name	The name of the AMI to use for the instance	string	"ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-20250610"	no
ami_owner	The owner of the AMI to use for the instance	string	"099720109477"	no
apex_domain	The apex domain to use for the public DNS record	string	""	no
availability_zone	The availability zone to use for the subnet. Leave empty to use the default behavior.	string	""	no
create_ec2_key_pair	Controls whether an EC2 key pair should be created	bool	false	no
create_vpc	Controls whether networking resources should be created for public exposed server	bool	true	no
disable_api_stop	Controls whether API stop is disabled	bool	false	no
disable_api_termination	Controls whether API termination is disabled	bool	false	no
dns_name	The DNS name to use for the public DNS record	string	""	no
enable_public_dns	Controls whether a public DNS record should be created	bool	false	no
enable_s3_bucket_policy	Controls whether an S3 bucket policy should be attached to the instance role	bool	false	no
ingress_rules	List of ingress rules	list(object({ description = string from_port = number to_port = number protocol = string cidr_blocks = list(string) }))	n/a	yes
instance_name	The name of the instance	string	n/a	yes
instance_type	The instance type to use for the instance	string	"t4g.small"	no
project_name	Set the project name.	string	n/a	yes
region	Set the appropriate AWS region.	string	n/a	yes
s3_bucket_name	The name of the S3 bucket to use for the instance	string	""	no
subnet_id	The ID of the subnet to use for the instance	string	""	no
user_data_script_path	The path to the user data script	string	""	no
volume_size	The size of the root volume in GB	number	30	no
vpc_id	The ID of the VPC to use for the instance	string	""	no

Outputs

Name	Description
key_fingerprint	The fingerprint of the key pair
key_name	The name of the key pair
private_key_path	The path to the private key file
public_dns	The public DNS name of the instance
public_ip	The public IP address of the instance
subnet_id	The ID of the created subnet
vpc_id	The ID of the created VPC