Added support for network_interface and arn (terraform-aws-modules#136)

Author: antonbabenko

README.md

@@ -87,8 +87,7 @@ data "aws_ami" "ubuntu-xenial" {
 
 ## Notes
 
-* `network_interface` can't be specified together with `associate_public_ip_address`, which makes `network_interface`
-  not configurable using this module at the moment
+* `network_interface` can't be specified together with `vpc_security_group_ids`, `associate_public_ip_address`, `subnet_id`. See [basic example](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/basic) for details. 
 * Changes in `ebs_block_device` argument will be ignored. Use [aws_volume_attachment](https://www.terraform.io/docs/providers/aws/r/volume_attachment.html) resource to attach and detach volumes from AWS EC2 instances. See [this example](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/volume-attachment).
 * One of `subnet_id` or `subnet_ids` is required. If both are provided, the value of `subnet_id` is prepended to the value of `subnet_ids`.
 
@@ -98,7 +97,7 @@ data "aws_ami" "ubuntu-xenial" {
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
 | ami | ID of AMI to use for the instance | string | n/a | yes |
-| associate\_public\_ip\_address | If true, the EC2 instance will have associated public IP address | bool | `"false"` | no |
+| associate\_public\_ip\_address | If true, the EC2 instance will have associated public IP address | bool | `"null"` | no |
 | cpu\_credits | The credit option for CPU usage (unlimited or standard) | string | `"standard"` | no |
 | disable\_api\_termination | If true, enables EC2 Instance Termination Protection | bool | `"false"` | no |
 | ebs\_block\_device | Additional EBS block devices to attach to the instance | list(map(string)) | `[]` | no |
@@ -109,14 +108,14 @@ data "aws_ami" "ubuntu-xenial" {
 | instance\_count | Number of instances to launch | number | `"1"` | no |
 | instance\_initiated\_shutdown\_behavior | Shutdown behavior for the instance | string | `""` | no |
 | instance\_type | The type of instance to start | string | n/a | yes |
-| ipv6\_address\_count | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. | number | `"0"` | no |
-| ipv6\_addresses | Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface | list(string) | `[]` | no |
+| ipv6\_address\_count | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. | number | `"null"` | no |
+| ipv6\_addresses | Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface | list(string) | `"null"` | no |
 | key\_name | The key name to use for the instance | string | `""` | no |
 | monitoring | If true, the launched EC2 instance will have detailed monitoring enabled | bool | `"false"` | no |
 | name | Name to be used on all resources as prefix | string | n/a | yes |
 | network\_interface | Customize network interfaces to be attached at instance boot time | list(map(string)) | `[]` | no |
 | placement\_group | The Placement Group to start the instance in | string | `""` | no |
-| private\_ip | Private IP address to associate with the instance in a VPC | string | `""` | no |
+| private\_ip | Private IP address to associate with the instance in a VPC | string | `"null"` | no |
 | private\_ips | A list of private IP address to associate with the instance in a VPC. Should match the number of instances. | list(string) | `[]` | no |
 | root\_block\_device | Customize details about the root block device of the instance. See Block Devices below for details | list(map(string)) | `[]` | no |
 | source\_dest\_check | Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. | bool | `"true"` | no |
@@ -127,15 +126,19 @@ data "aws_ami" "ubuntu-xenial" {
 | use\_num\_suffix | Always append numerical suffix to instance name, even if instance_count is 1 | bool | `"false"` | no |
 | user\_data | The user data to provide when launching the instance | string | `""` | no |
 | volume\_tags | A mapping of tags to assign to the devices created by the instance at launch time | map(string) | `{}` | no |
-| vpc\_security\_group\_ids | A list of security group IDs to associate with | list(string) | n/a | yes |
+| vpc\_security\_group\_ids | A list of security group IDs to associate with | list(string) | `"null"` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
+| arn | List of ARNs of instances |
 | availability\_zone | List of availability zones of instances |
 | credit\_specification | List of credit specification of instances |
+| ebs\_block\_device\_volume\_ids | List of volume IDs of EBS block devices of instances |
 | id | List of IDs of instances |
+| instance\_state | List of instance states of instances |
+| ipv6\_addresses | List of assigned IPv6 addresses of instances |
 | key\_name | List of key names of instances |
 | password\_data | List of Base-64 encoded encrypted password data for the instance |
 | placement\_group | List of placement groups of instances |
@@ -144,6 +147,7 @@ data "aws_ami" "ubuntu-xenial" {
 | private\_ip | List of private IP addresses assigned to the instances |
 | public\_dns | List of public DNS names assigned to the instances. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC |
 | public\_ip | List of public IP addresses assigned to the instances, if applicable |
+| root\_block\_device\_volume\_ids | List of volume IDs of root block devices of instances |
 | security\_groups | List of associated security groups of instances |
 | subnet\_id | List of IDs of VPC subnets of instances |
 | tags | List of tags of instances |

examples/basic/README.md

@@ -1,10 +1,6 @@
 # Basic EC2 instance
 
-Configuration in this directory creates EC2 instances with minimum set of arguments. It will also assign Elastic IP (EIP) to an instance.
-
-Unspecified arguments for security group id and subnet are inherited from the default VPC.
-
-This example outputs instance id and public DNS name as a single value and as a list.
+Configuration in this directory creates EC2 instances with different sets of arguments (with Elastic IP, with network interface attached, with credit specifications).
 
 ## Usage
 
@@ -25,12 +21,14 @@ Note that this example may create resources which can cost money. Run `terraform
 |------|-------------|
 | credit\_specification | Credit specification of EC2 instance (empty list for not t2 instance types) |
 | credit\_specification\_t2\_unlimited | Credit specification of t2-type EC2 instance |
+| ebs\_block\_device\_volume\_ids | List of volume IDs of EBS block devices of instances |
 | ids | List of IDs of instances |
 | ids\_t2 | List of IDs of t2-type instances |
 | instance\_id | EC2 instance ID |
 | instance\_public\_dns | Public DNS name assigned to the EC2 instance |
 | placement\_group | List of placement group |
 | public\_dns | List of public DNS names assigned to the instances |
+| root\_block\_device\_volume\_ids | List of volume IDs of root block devices of instances |
 | t2\_instance\_id | EC2 instance ID |
 | tags | List of tags |
 | vpc\_security\_group\_ids | List of VPC security group ids assigned to the instances |

examples/basic/main.tf

@@ -61,10 +61,16 @@ resource "aws_placement_group" "web" {
 resource "aws_kms_key" "this" {
 }
 
+resource "aws_network_interface" "this" {
+  count = 1
+
+  subnet_id = tolist(data.aws_subnet_ids.all.ids)[count.index]
+}
+
 module "ec2" {
   source = "../../"
 
-  instance_count = 1
+  instance_count = 2
 
   name          = "example-normal"
   ami           = data.aws_ami.amazon_linux.id
@@ -127,6 +133,25 @@ module "ec2_with_t3_unlimited" {
   associate_public_ip_address = true
 }
 
+module "ec2_with_network_interface" {
+  source = "../../"
+
+  instance_count = 1
+
+  name            = "example-network"
+  ami             = data.aws_ami.amazon_linux.id
+  instance_type   = "c5.large"
+  placement_group = aws_placement_group.web.id
+
+  network_interface = [
+    {
+      device_index          = 0
+      network_interface_id  = aws_network_interface.this[0].id
+      delete_on_termination = false
+    }
+  ]
+}
+
 # This instance won't be created
 module "ec2_zero" {
   source = "../../"

examples/basic/outputs.tf

@@ -18,6 +18,16 @@ output "vpc_security_group_ids" {
   value       = module.ec2.vpc_security_group_ids
 }
 
+output "root_block_device_volume_ids" {
+  description = "List of volume IDs of root block devices of instances"
+  value       = module.ec2.root_block_device_volume_ids
+}
+
+output "ebs_block_device_volume_ids" {
+  description = "List of volume IDs of EBS block devices of instances"
+  value       = module.ec2.ebs_block_device_volume_ids
+}
+
 output "tags" {
   description = "List of tags"
   value       = module.ec2.tags

main.tf

@@ -2,16 +2,13 @@ locals {
   is_t_instance_type = replace(var.instance_type, "/^t[23]{1}\\..*$/", "1") == "1" ? true : false
 }
 
-######
-# Note: network_interface can't be specified together with associate_public_ip_address
-######
 resource "aws_instance" "this" {
   count = var.instance_count
 
   ami           = var.ami
   instance_type = var.instance_type
   user_data     = var.user_data
-  subnet_id = element(
+  subnet_id = length(var.network_interface) > 0 ? null : element(
     distinct(compact(concat([var.subnet_id], var.subnet_ids))),
     count.index,
   )
@@ -63,7 +60,16 @@ resource "aws_instance" "this" {
     }
   }
 
-  source_dest_check                    = var.source_dest_check
+  dynamic "network_interface" {
+    for_each = var.network_interface
+    content {
+      device_index          = network_interface.value.device_index
+      network_interface_id  = lookup(network_interface.value, "network_interface_id", null)
+      delete_on_termination = lookup(network_interface.value, "delete_on_termination", false)
+    }
+  }
+
+  source_dest_check                    = length(var.network_interface) > 0 ? null : var.source_dest_check
   disable_api_termination              = var.disable_api_termination
   instance_initiated_shutdown_behavior = var.instance_initiated_shutdown_behavior
   placement_group                      = var.placement_group

outputs.tf

@@ -3,6 +3,11 @@ output "id" {
   value       = aws_instance.this.*.id
 }
 
+output "arn" {
+  description = "List of ARNs of instances"
+  value       = aws_instance.this.*.arn
+}
+
 output "availability_zone" {
   description = "List of availability zones of instances"
   value       = aws_instance.this.*.availability_zone
@@ -18,6 +23,11 @@ output "key_name" {
   value       = aws_instance.this.*.key_name
 }
 
+output "password_data" {
+  description = "List of Base-64 encoded encrypted password data for the instance"
+  value       = aws_instance.this.*.password_data
+}
+
 output "public_dns" {
   description = "List of public DNS names assigned to the instances. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC"
   value       = aws_instance.this.*.public_dns
@@ -28,6 +38,11 @@ output "public_ip" {
   value       = aws_instance.this.*.public_ip
 }
 
+output "ipv6_addresses" {
+  description = "List of assigned IPv6 addresses of instances"
+  value       = aws_instance.this.*.ipv6_addresses
+}
+
 output "primary_network_interface_id" {
   description = "List of IDs of the primary network interface of instances"
   value       = aws_instance.this.*.primary_network_interface_id
@@ -43,11 +58,6 @@ output "private_ip" {
   value       = aws_instance.this.*.private_ip
 }
 
-output "password_data" {
-  description = "List of Base-64 encoded encrypted password data for the instance"
-  value       = aws_instance.this.*.password_data
-}
-
 output "security_groups" {
   description = "List of associated security groups of instances"
   value       = aws_instance.this.*.security_groups
@@ -68,6 +78,21 @@ output "credit_specification" {
   value       = aws_instance.this.*.credit_specification
 }
 
+output "instance_state" {
+  description = "List of instance states of instances"
+  value       = aws_instance.this.*.instance_state
+}
+
+output "root_block_device_volume_ids" {
+  description = "List of volume IDs of root block devices of instances"
+  value       = [for device in aws_instance.this.*.root_block_device : device.*.volume_id]
+}
+
+output "ebs_block_device_volume_ids" {
+  description = "List of volume IDs of EBS block devices of instances"
+  value       = [for device in aws_instance.this.*.ebs_block_device : device.*.volume_id]
+}
+
 output "tags" {
   description = "List of tags of instances"
   value       = aws_instance.this.*.tags

variables.tf

@@ -70,6 +70,7 @@ variable "monitoring" {
 variable "vpc_security_group_ids" {
   description = "A list of security group IDs to associate with"
   type        = list(string)
+  default     = null
 }
 
 variable "subnet_id" {
@@ -87,13 +88,13 @@ variable "subnet_ids" {
 variable "associate_public_ip_address" {
   description = "If true, the EC2 instance will have associated public IP address"
   type        = bool
-  default     = false
+  default     = null
 }
 
 variable "private_ip" {
   description = "Private IP address to associate with the instance in a VPC"
   type        = string
-  default     = ""
+  default     = null
 }
 
 variable "private_ips" {
@@ -123,13 +124,13 @@ variable "iam_instance_profile" {
 variable "ipv6_address_count" {
   description = "A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet."
   type        = number
-  default     = 0
+  default     = null
 }
 
 variable "ipv6_addresses" {
   description = "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface"
   type        = list(string)
-  default     = []
+  default     = null
 }
 
 variable "tags" {