provider "aws" { region = local.aws_region } resource "random_pet" "name" {} data "http" "myip" { url = "http://ipv4.icanhazip.com" } module "vpc" { source = "terraform-aws-modules/vpc/aws" name = "social-vpc" cidr = "10.42.0.0/16" azs = [ "${local.aws_region}a" ] # XXX probably a better way to pick AZs private_subnets = [ "10.42.0.0/20" ] public_subnets = [ "10.42.16.0/20" ] enable_nat_gateway = false # nat gateways cost money and who has any of that? enable_vpn_gateway = false } resource "aws_iam_role" "social" { name = "social_role" assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json path = "/" description = "instance role for social server" } resource "aws_iam_instance_profile" "social" { name = "social_profile" role = aws_iam_role.social.name path = "/" } resource "aws_instance" "social" { ami = data.aws_ami.ubuntu.id instance_type = local.instance_type subnet_id = module.vpc.public_subnets.0 key_name = aws_key_pair.key.key_name iam_instance_profile = aws_iam_instance_profile.social.name vpc_security_group_ids = [ module.sg.security_group_id ] user_data = <