Skip to content

Commit de7daf8

Browse files
RussellGilmoreRussellGilmore
committed
Fixed issues where certain AZs did not support ARM instances
1 parent dbe0d53 commit de7daf8

File tree

4 files changed

+17
-7
lines changed

4 files changed

+17
-7
lines changed

README.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -65,12 +65,13 @@ No modules.
6565
| [aws_route53_record.red_instance_dns](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/route53_record) | resource |
6666
| [aws_route_table.public](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/route_table) | resource |
6767
| [aws_route_table_association.public](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/route_table_association) | resource |
68-
| [aws_security_group.allow_ssh](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/security_group) | resource |
68+
| [aws_security_group.red_sg](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/security_group) | resource |
6969
| [aws_subnet.public](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/subnet) | resource |
7070
| [aws_vpc.main](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/resources/vpc) | resource |
7171
| [local_file.red_private_key_file](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
7272
| [tls_private_key.red_private_key](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource |
7373
| [aws_ami.red_ami](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/data-sources/ami) | data source |
74+
| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/data-sources/availability_zones) | data source |
7475
| [aws_route53_zone.zone](https://registry.terraform.io/providers/hashicorp/aws/6.0.0/docs/data-sources/route53_zone) | data source |
7576

7677
## Inputs
@@ -79,7 +80,7 @@ No modules.
7980
|------|-------------|------|---------|:--------:|
8081
| <a name="input_additional_tags"></a> [additional\_tags](#input\_additional\_tags) | Additional tags to apply to the resources | `map(string)` | `{}` | no |
8182
| <a name="input_allocate_eip"></a> [allocate\_eip](#input\_allocate\_eip) | Controls whether an Elastic IP should be allocated | `bool` | `true` | no |
82-
| <a name="input_ami_name"></a> [ami\_name](#input\_ami\_name) | The name of the AMI to use for the instance | `string` | `"ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-20250305"` | no |
83+
| <a name="input_ami_name"></a> [ami\_name](#input\_ami\_name) | The name of the AMI to use for the instance | `string` | `"ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-20250610"` | no |
8384
| <a name="input_ami_owner"></a> [ami\_owner](#input\_ami\_owner) | The owner of the AMI to use for the instance | `string` | `"099720109477"` | no |
8485
| <a name="input_apex_domain"></a> [apex\_domain](#input\_apex\_domain) | The apex domain to use for the public DNS record | `string` | `""` | no |
8586
| <a name="input_create_ec2_key_pair"></a> [create\_ec2\_key\_pair](#input\_create\_ec2\_key\_pair) | Controls whether an EC2 key pair should be created | `bool` | `false` | no |

red-instance/main.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ provider "aws" {
1515

1616
# Data source to get the Red Instance AMI
1717
data "aws_ami" "red_ami" {
18-
most_recent = true
18+
most_recent = true
1919
include_deprecated = true
2020

2121
filter {

red-instance/public_vpc.tf

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,14 @@
11
# This file creates a VPC, a public subnet, an internet gateway, a route table, and associates the route table with the subnet.
22

3+
# Data source to get available AZs that support the instance type
4+
data "aws_availability_zones" "available" {
5+
count = var.create_vpc ? 1 : 0
6+
state = "available"
7+
8+
# Filter to exclude AZs that typically don't support ARM instances
9+
exclude_names = ["us-east-1e"] # Add other problematic AZs as needed
10+
}
11+
312
# The resources are created conditionally based on the value of the create_vpc variable.
413
# Justification: This is for development purposes, Flow Logs and other features are not required for a red instance.
514
# trivy:ignore:AVD-AWS-0178
@@ -18,7 +27,7 @@ resource "aws_vpc" "main" {
1827
)
1928
}
2029

21-
# Create a public subnet
30+
# Create a public subnet with explicit AZ
2231
# Justification: This is a public subnet for the red instance
2332
# trivy:ignore:AVD-AWS-0164
2433
resource "aws_subnet" "public" {
@@ -27,6 +36,9 @@ resource "aws_subnet" "public" {
2736
cidr_block = "10.0.1.0/24"
2837
map_public_ip_on_launch = true
2938

39+
# Use the first available AZ that supports ARM instances
40+
availability_zone = data.aws_availability_zones.available[0].names[0]
41+
3042
tags = merge(
3143
{
3244
Name = "${lower(var.instance_name)}-red-instance-public-subnet"

tests/manual/disabled/README.md

Lines changed: 0 additions & 3 deletions
This file was deleted.

0 commit comments

Comments
 (0)