locals { ssh_user_home = "/home/ec2-user" } provider "aws" { profile = "superuser" region = "ap-southeast-2" } resource "aws_security_group" "allow_tls" { name = "allow_tls" description = "Allow TLS inbound traffic plys ssh" ingress { description = "TLS from VPC" from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } ingress { description = "TLS from VPC" from_port = 8000 to_port = 8999 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } tags = { Name = "allow_tls" } } resource "aws_instance" "test-box" { ami = "ami-00ffa321011c2611f" instance_type = "t2.micro" key_name = "debin" vpc_security_group_ids = [ aws_security_group.allow_tls.id ] connection { type = "ssh" user = "ec2-user" host = self.public_ip private_key = file(pathexpand("~/.ssh/debin.pem")) } provisioner "file" { source = "scripts" destination = "${local.ssh_user_home}/scripts" } provisioner "remote-exec" { inline = [ "chmod +x ${local.ssh_user_home}/scripts/01-install-docker.sh", "${local.ssh_user_home}/scripts/01-install-docker.sh", ] } provisioner "file" { source = "compose-app" destination = "${local.ssh_user_home}/" } provisioner "remote-exec" { inline = [ "cd ${local.ssh_user_home}/compose-app", "docker-compose up -d", ] } tags = { Name = "terragenerated-simple-ec2" } } output "test-instance-url" { value = aws_instance.test-box.public_dns }