Skip to content

Add support for IAM instance profiles #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
JonRoma merged 3 commits into from
Jul 22, 2025
Merged

Add support for IAM instance profiles #28

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d1cd696
Eliminated instance type default
JonRoma Jul 18, 2025
a68b85a
Ignore AMI changes
JonRoma Jul 18, 2025
f5890c9
Add support for IAM instance profiles
JonRoma Jul 18, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,9 @@ to the EC2 instance.

* `eip` – (Optional) An [eip](#eip) block used to create or look up an Elastic IP to attach to the EC2 instance. To omit the Elastic IP entirely, do not specify an `eip` block.

* `instance_type` - (Optional) EC2 instance type. Default: t2.nano.
* `iam_instance_profile` - (Optional) IAM instance profile for this EC2 instance.

* `instance_type` - (Required) EC2 instance type.

* `key_name` - (Optional) SSH key (if any) to assign to EC2 instance.

Expand Down
19 changes: 19 additions & 0 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,20 @@
resource "aws_iam_instance_profile" "default" {
for_each = toset(var.iam_instance_profile != null ? [var.iam_instance_profile] : [])

name = each.key
role = each.key
tags = local.tags
}

locals {
iam_instance_profile_name = try(aws_iam_instance_profile.default[var.iam_instance_profile].name, null)
}

resource "aws_instance" "default" {
ami = data.aws_ami.selected.id
associate_public_ip_address = var.associate_public_ip_address
availability_zone = local.availability_zone
iam_instance_profile = local.iam_instance_profile_name
instance_type = var.instance_type
key_name = var.key_name
private_ip = var.private_ip
Expand All @@ -27,6 +40,12 @@ resource "aws_instance" "default" {
volume_type = root_block_device.value.volume_type
}
}

# Suppress destruction and re-creation of resource when new AMIs
# are released.
lifecycle {
ignore_changes = [ami]
}
}

# Add tags to elastic network interface.
Expand Down
4 changes: 4 additions & 0 deletions outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ output "availability_zone" {
value = local.availability_zone
}

output "iam_instance_profile" {
value = aws_instance.default.iam_instance_profile
}

output "private_dns" {
value = aws_instance.default.private_dns
}
Expand Down
6 changes: 5 additions & 1 deletion variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,13 @@ variable "eip" {
default = {}
}

variable "iam_instance_profile" {
description = "IAM instance profile for this EC2 instance"
default = null
}

variable "instance_type" {
description = "EC2 instance type"
default = "t2.nano"
}

variable "key_name" {
Expand Down