DEV Community

Cover image for [Terraform] Deploy EC2 Instance in Minutes

[Terraform] Deploy EC2 Instance in Minutes

Artem on April 19, 2020

Everyone using AWS knows that navigating the console could be a major pain. Luckily there is a number of tools aiming to simplify this burden. One ...
Collapse
 
jisbruzzi profile image
José Ignacio Sbruzzi

This article doesn't cover exposing the instance to the internet. Just wasted 2 hours trying to ssh into the instance I just created :(

A more complete article can be found here: medium.com/@hmalgewatta/setting-up...

Collapse
 
secure_daily profile image
Artem • Edited

Good catch! I forgot to associate security group with the instance. This should be added to instance resource:

    vpc_security_group_ids = [
        aws_security_group.ubuntu.id
    ]
Enter fullscreen mode Exit fullscreen mode

I fixed the article too!

Collapse
 
tadeubernacchi profile image
Tadeu Bernacchi

How do I set in the security group section my public_ip? Like curl ifconfig.me?
I just want to allow SSH from my IP.
Do you have any idea how can I accomplished that?

Collapse
 
secure_daily profile image
Artem

In you aws_security_group resource, you can specify allowed IPs using cidr_block. For example:

resource "aws_security_group" "ubuntu" {
  name        = "ubuntu-security-group"
  description = "Allow SSH only for 1.1.1.1"

  ingress {
    description = "SSH"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["1.1.1.1/32"]
  }
}
Enter fullscreen mode Exit fullscreen mode
Collapse
 
tadeubernacchi profile image
Tadeu Bernacchi • Edited

I was thinking in somehow my .tf files execute and save the value of a command to accomplish that, I'd to replace the ["1.1.1.1/32"] to 'curl ifconfig.me'.

Thread Thread
 
secure_daily profile image
Artem • Edited

i see. i have not tested it, but theoretically you can do something like that:

  1. create a bash script to get ip:
#!/usr/bin/env bash
echo '{"result":"'$(curl ifconfig.me)'"}'
Enter fullscreen mode Exit fullscreen mode
  1. use the script as data source in tf file:
data "external" "script" {
  program = ["bash", "./get_ip.sh"] // get_ip.sh is your script name
}

resource "aws_security_group" "ubuntu" {
  name        = "ubuntu-security-group"
  description = "Allow SSH only for 1.1.1.1"

  ingress {
    description = "SSH"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["${data.external.script.result}/32"]
  }
}

Enter fullscreen mode Exit fullscreen mode
Thread Thread
 
tadeubernacchi profile image
Tadeu Bernacchi

WOW - That's nice, I'm going try it! Thank you!!!

Collapse
 
nilesh_b_ profile image
Nilesh B

Hello,

Great blog on deploying EC2 instances with Terraform! For those interested in automated deployment processes, you might also find our detailed guide on using Azure DevOps for automated application deployment helpful. It covers best practices and step-by-step instructions to streamline your deployment pipeline:

blog.piraiinfo.com/Azure-Devops-Au...

Happy deploying!

For more resources and insights, feel free to explore on piraiinfo.com/ .

Collapse
 
tadeubernacchi profile image
Tadeu Bernacchi

Nice article!

Collapse
 
amritmatti_19 profile image
Amritmatti

why VM getting automatically stopped after successfully launched?

Collapse
 
tdsan profile image
tdsan

I am curious why did the VM stop after it was successfully launched. Also, why not just enter the IP address as opposed to using this customization.

Todd