This module makes it easy to deploy a single server--that is, a single EC2 instance (e.g. a bastion host, Jenkins
server) rather than an Auto Scaling Group or ECS Cluster--along with the all the resources it typically needs:
The EC2 instance itself.
An Elastic IP (EIP) address.
An optional DNS record pointing at the EIP.
IAM Role and IAM instance profile.
Security group.
How do you use this module?
See the root README for instructions on using Terraform modules.
public_ip: The public IP address of the server (via its EIP)
fqdn: The fully-qualified domain name of the server (e.g. jenkins.example.com) if you set the dns_zone_id and
dns_name variables.
How do I add custom security group rules?
One of the other important outputs of this module is the security_group_id, which is the id of the server's Security
Group. You can add custom rules to this Security Group using the aws_security_group_rule resource:
This module creates an IAM role for your EC2 instance and exports the id of that role as the output iam_role_id. You
can attach custom policies to this IAM role using the aws_iam_policy_attachment resource:
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"b210516f03c95b2a526a67150d18f6219f544aec"}]},{"name":".gitignore","path":".gitignore","sha":"6c4ebe4426586b7febbaba178294ef59b8272c05"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"7769a004705df41853017db41c273a1ae668fe49"},{"name":"LICENSE.txt","path":"LICENSE.txt","sha":"f4e3d9bd4717a044ed31ad847a300eee74371a78"},{"name":"README.md","path":"README.md","sha":"bb749b57c528b40496c43682f05a977340840644"},{"name":"examples","children":[{"name":"attach-eni","children":[{"name":"README.md","path":"examples/attach-eni/README.md","sha":"86ce148cc900ce48f3debc490ce771ff5cd9fded"},{"name":"main.tf","path":"examples/attach-eni/main.tf","sha":"624da18516f8eb9556025ab278d40e44554704a7"},{"name":"outputs.tf","path":"examples/attach-eni/outputs.tf","sha":"cf9472109a00b477ec4eb950e5b4e5ce9d21f4d1"},{"name":"packer","children":[{"name":"build.json","path":"examples/attach-eni/packer/build.json","sha":"289179e20edb0b228f886123ec890137f193e4a6"}]},{"name":"user-data","children":[{"name":"user-data-1.sh","path":"examples/attach-eni/user-data/user-data-1.sh","sha":"978ca952d47f3dcd84881deb3723614339edbd6f"},{"name":"user-data-2.sh","path":"examples/attach-eni/user-data/user-data-2.sh","sha":"898fd7a3c7179cc0c6d595b6ccbb4b92b1b2cedb"}]},{"name":"vars.tf","path":"examples/attach-eni/vars.tf","sha":"c8bd5aa7b155cf011bd03e3c6bf76a79fd1be4d5"}]},{"name":"bastion-host","children":[{"name":"README.md","path":"examples/bastion-host/README.md","sha":"29868dbc60695e2418906c568734eec22a411454"},{"name":"main.tf","path":"examples/bastion-host/main.tf","sha":"0705506a64c05e1def52aa4436c66004c1e68d72"},{"name":"outputs.tf","path":"examples/bastion-host/outputs.tf","sha":"5f0c2d739b9646c39e19bfd05cacb852c6080c0c"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/bastion-host/user-data/user-data.sh","sha":"1b42f0578f9db505bca7e5ae649a116818cd5592"}]},{"name":"vars.tf","path":"examples/bastion-host/vars.tf","sha":"3864d03b7a4035b0c6e41d35f8829b886790f282"}]},{"name":"persistent-ebs-volume","children":[{"name":"README.md","path":"examples/persistent-ebs-volume/README.md","sha":"7acf321a8a3183bfe4d7187be94208ed281bcd66"},{"name":"main.tf","path":"examples/persistent-ebs-volume/main.tf","sha":"4f63a52e643559cef221b6b0cee31f334da6f7bd"},{"name":"outputs.tf","path":"examples/persistent-ebs-volume/outputs.tf","sha":"54f33c96b796373b12b9702f46d30a1c85043f65"},{"name":"packer","children":[{"name":"build.json","path":"examples/persistent-ebs-volume/packer/build.json","sha":"2af311a5e22546182a61d3506c93648ddc9e2299"},{"name":"nvme_build.json","path":"examples/persistent-ebs-volume/packer/nvme_build.json","sha":"f67e4760622729ab762788408ef8a750dfead67c"}]},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/persistent-ebs-volume/user-data/user-data.sh","sha":"6793c2066296ff24917f6a86c43ad9674dd53624"}]},{"name":"vars.tf","path":"examples/persistent-ebs-volume/vars.tf","sha":"6f26667744846a28777af25bb3b311b1bf34a1bf"}]},{"name":"route53-helpers","children":[{"name":"README.md","path":"examples/route53-helpers/README.md","sha":"e302ef0f18f85a3a191105dea785005685b9522f"},{"name":"main.tf","path":"examples/route53-helpers/main.tf","sha":"63f89d02af52ada2ae60dd5696f83d0ce2c9df3a"},{"name":"outputs.tf","path":"examples/route53-helpers/outputs.tf","sha":"4c3c3ccccf964155ffbce7546fcbc9ef6e886de6"},{"name":"packer","children":[{"name":"build.json","path":"examples/route53-helpers/packer/build.json","sha":"b419e0ef86077ce8149908febbf7049c5e7eb659"}]},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/route53-helpers/user-data/user-data.sh","sha":"7f4de426ead32d966fe46d7091a1d293cb3ca099"}]},{"name":"vars.tf","path":"examples/route53-helpers/vars.tf","sha":"3c990b1e4ae4da54aac558cf24124e29cd362931"}]}]},{"name":"modules","children":[{"name":"attach-eni","children":[{"name":"README.md","path":"modules/attach-eni/README.md","sha":"baa975b1c3bf21ec9ed61792f983ae2cd889570e"},{"name":"bin","children":[{"name":"attach-eni","path":"modules/attach-eni/bin/attach-eni","sha":"451ce2e389f74b988a0a3bdc4a1ac28fd150a8e3"}]},{"name":"install.sh","path":"modules/attach-eni/install.sh","sha":"542cbd93ca08fd9cbe6f121f4d8fea2b1d76ca8b"}]},{"name":"persistent-ebs-volume","children":[{"name":"README.md","path":"modules/persistent-ebs-volume/README.md","sha":"d1c5af199f667269db707427f7aa4df745242a98"},{"name":"bin","children":[{"name":"mount-ebs-volume","path":"modules/persistent-ebs-volume/bin/mount-ebs-volume","sha":"46cc65171354b261affdccde92f846d43b39268a"},{"name":"unmount-ebs-volume","path":"modules/persistent-ebs-volume/bin/unmount-ebs-volume","sha":"2eddbccd97812577f68964e3903a46953611a270"}]},{"name":"install.sh","path":"modules/persistent-ebs-volume/install.sh","sha":"e0ce5862cd6975992dc011a6dfe94fdf14a9b607"}]},{"name":"route53-helpers","children":[{"name":"README.md","path":"modules/route53-helpers/README.md","sha":"5db9fd7c46f8ea3abdaf7b58da18a22a09762e9e"},{"name":"bin","children":[{"name":"add-dns-a-record","path":"modules/route53-helpers/bin/add-dns-a-record","sha":"7195a02479864ec79071cfae429bd545bf7d8d32"}]},{"name":"install.sh","path":"modules/route53-helpers/install.sh","sha":"535ed35d64611c5f12e9924b3cb8df0a77180ab8"}]},{"name":"single-server","children":[{"name":"README.md","path":"modules/single-server/README.md","sha":"e13edaea6a6642708e8225a236c5a5cd24f9210f","toggled":true},{"name":"main.tf","path":"modules/single-server/main.tf","sha":"fa5cfba31e449d322027940353c890dd61dafb17"},{"name":"outputs.tf","path":"modules/single-server/outputs.tf","sha":"d741f20d4df1b70b29f3261ef14b8636248c2738"},{"name":"vars.tf","path":"modules/single-server/vars.tf","sha":"15f8bf8f812eff41231df0be6a62930b17a59d39"}],"toggled":true}],"toggled":true},{"name":"test","children":[{"name":"Gopkg.lock","path":"test/Gopkg.lock","sha":"0fa4c35d5eadc7dfc6d357761de6573e1b22c5c5"},{"name":"Gopkg.toml","path":"test/Gopkg.toml","sha":"2d99de7b5a81ebd0fab05a6f77de4aa01d80b7a7"},{"name":"README.md","path":"test/README.md","sha":"ef26d3851db2fff0b36dfa61379724c0db9ff281"},{"name":"attach_eni_test.go","path":"test/attach_eni_test.go","sha":"9f09501b7854ae6853a96810042b1b0be794a997"},{"name":"bastion_host_test.go","path":"test/bastion_host_test.go","sha":"f3ab20153e5d5ce657e054a3fec6a647c914e645"},{"name":"persistent_ebs_volume_test.go","path":"test/persistent_ebs_volume_test.go","sha":"d03eab0c1940e15396b047e24d12b4ac8b0f54b1"},{"name":"route53_helpers_test.go","path":"test/route53_helpers_test.go","sha":"ec0f7a355075ff7d4362203b94abcc5fffaf0c4b"},{"name":"test_helpers.go","path":"test/test_helpers.go","sha":"8709fe4e7bd2d6112fe31a6ce58b62d76c8267fc"}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"single-server-module\">Single Server Module</h1><div class=\"preview__body--border\"></div><p>This module makes it easy to deploy a single server--that is, a single EC2 instance (e.g. a bastion host, Jenkins\nserver) rather than an Auto Scaling Group or ECS Cluster--along with the all the resources it typically needs:</p>\n<ol>\n<li>The EC2 instance itself.</li>\n<li>An Elastic IP (EIP) address.</li>\n<li>An optional DNS record pointing at the EIP.</li>\n<li>IAM Role and IAM instance profile.</li>\n<li>Security group.</li>\n</ol>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-use-this-module\">How do you use this module?</h2>\n<ul>\n<li>See the <a href=\"/repos/v0.7.7/module-server/README.md\" class=\"preview__body--description--blue\">root README</a> for instructions on using Terraform modules.</li>\n<li>See the <a href=\"/repos/v0.7.7/module-server/examples\" class=\"preview__body--description--blue\">examples</a> folder for example usage.</li>\n<li>See <a href=\"/repos/v0.7.7/module-server/modules/single-server/vars.tf\" class=\"preview__body--description--blue\">vars.tf</a> for all the variables you can set on this module.</li>\n</ul>\n<p>Here is an example of how you might deploy a single Jenkins server with this module:</p>\n<pre><span class=\"hljs-keyword\">module</span> <span class=\"hljs-string\">\"jenkins\"</span> {\n source = <span class=\"hljs-string\">\"git::git@github.com:gruntwork-io/module-server.git//modules/single-server?ref=v0.0.40\"</span>\n\n name = <span class=\"hljs-string\">\"jenkins\"</span>\n ami = <span class=\"hljs-string\">\"ami-123456\"</span>\n instance_type = <span class=\"hljs-string\">\"t2.medium\"</span>\n keypair_name = <span class=\"hljs-string\">\"jenkins-keypair\"</span>\n user_data = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${var.user_data}</span>\"</span>\n\n vpc_id = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${var.vpc_id}</span>\"</span>\n subnet_id = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${var.subnet_id}</span>\"</span>\n}\n</pre>\n<p>If you already have a <a href=\"http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/AboutHostedZones.html\" class=\"preview__body--description--blue\" target=\"_blank\">Route 53 Hosted Zone</a>\nsuch as example.com, you could run this instance on jenkins.example.com by adding two more parameters:</p>\n<pre><span class=\"hljs-comment\"># The id of the example.com hosted zone</span>\ndns_zone_id = <span class=\"hljs-string\">\"ABC12345\"</span>\n\n<span class=\"hljs-comment\"># The new DNS name to add</span>\ndns_name = <span class=\"hljs-string\">\"jenkins.example.com\"</span>\n</pre>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-i-see-the-server\">How do I see the server?</h2>\n<p>This module includes several <a href=\"https://www.terraform.io/intro/getting-started/outputs.html\" class=\"preview__body--description--blue\" target=\"_blank\">Terraform outputs</a>,\nincluding:</p>\n<ol>\n<li><code>public_ip</code>: The public IP address of the server (via its EIP)</li>\n<li><code>fqdn</code>: The fully-qualified domain name of the server (e.g. jenkins.example.com) if you set the <code>dns_zone_id</code> and\n<code>dns_name</code> variables.</li>\n</ol>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-i-add-custom-security-group-rules\">How do I add custom security group rules?</h2>\n<p>One of the other important outputs of this module is the <code>security_group_id</code>, which is the id of the server's Security\nGroup. You can add custom rules to this Security Group using the <code>aws_security_group_rule</code> resource:</p>\n<pre><span class=\"hljs-keyword\">module</span> <span class=\"hljs-string\">\"jenkins\"</span> {\n source = <span class=\"hljs-string\">\"git::git@github.com:gruntwork-io/module-server.git//modules/single-server?ref=v0.0.40\"</span>\n\n <span class=\"hljs-comment\"># (... options omitted...)</span>\n}\n\n<span class=\"hljs-comment\"># Custom rule to allow inbound HTTPS traffic from anywhere</span>\n<span class=\"hljs-keyword\">resource</span> <span class=\"hljs-string\">\"aws_security_group_rule\"</span> <span class=\"hljs-string\">\"allow_inbound_https_all\"</span> {\n type = <span class=\"hljs-string\">\"ingress\"</span>\n from_port = <span class=\"hljs-number\">443</span>\n to_port = <span class=\"hljs-number\">443</span>\n protocol = <span class=\"hljs-string\">\"tcp\"</span>\n cidr_blocks = [<span class=\"hljs-string\">\"0.0.0.0/0\"</span>]\n security_group_id = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${module.jenkins.security_group_id}</span>\"</span>\n}\n</pre>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-i-add-a-custom-iam-policy\">How do I add a custom IAM policy?</h2>\n<p>This module creates an IAM role for your EC2 instance and exports the id of that role as the output <code>iam_role_id</code>. You\ncan attach custom policies to this IAM role using the <code>aws_iam_policy_attachment</code> resource:</p>\n<pre>module <span class=\"hljs-string\">\"jenkins\"</span> {\n source = <span class=\"hljs-string\">\"git::git@github.com:gruntwork-io/module-server.git//modules/single-server?ref=v0.0.40\"</span>\n\n # (<span class=\"hljs-built_in\">..</span>. options omitted<span class=\"hljs-built_in\">..</span>.)\n}\n<span class=\"hljs-built_in\">\nresource </span><span class=\"hljs-string\">\"aws_iam_policy\"</span> <span class=\"hljs-string\">\"my_custom_policy\"</span> {\n name = <span class=\"hljs-string\">\"my-custom-policy\"</span>\n <span class=\"hljs-built_in\"> policy </span>= <span class=\"hljs-string\">\" (... omitted ...) \"</span>\n}\n<span class=\"hljs-built_in\">\nresource </span><span class=\"hljs-string\">\"aws_iam_policy_attachment\"</span> <span class=\"hljs-string\">\"attachment\"</span> {\n name = <span class=\"hljs-string\">\"example-attachment\"</span>\n roles = [<span class=\"hljs-string\">\"<span class=\"hljs-variable\">${module.jenkins.iam_role_id}</span>\"</span>]\n policy_arn = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${aws_iam_policy.my_custom_policy.arn}</span>\"</span>\n}\n</pre>\n","repoName":"module-server","repoRef":"v0.7.7","serviceDescriptor":{"serviceName":"Single EC2 Instance","serviceRepoName":"module-server","serviceRepoOrg":"gruntwork-io","cloudProviders":["aws"],"description":"Run a single EC2 instance for stateless or stateful apps. Supports IAM roles, EBS volumes, ENIs, and EIPs.","imageUrl":"single-service.png","licenseType":"subscriber","technologies":["Terraform","Bash"],"compliance":[],"tags":[""]},"serviceCategoryName":"Server orchestration","fileName":"README.md","filePath":"/modules/single-server","title":"Repo Browser: Single EC2 Instance","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}