This module creates one or more autorecovery instances.
module "ar" {
source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-ec2_autorecovery//?ref=v0.12.18"
ec2_os = "amazon2"
subnets = module.vpc.private_subnets
name = "my_ar_instance"
security_groups = [module.sg.private_web_security_group_id]
}
Full working references are available at examples Note When using an existing EBS snapshot you can not use the encryption variable. The encryption must be set at the snapshot level._
Using aws-terraform-cloudwatch_alarm to create the following CloudWatch Alarms:
- status_check_failed_system_alarm_ticket
- status_check_failed_instance_alarm_reboot
- status_check_failed_system_alarm_recover
- status_check_failed_instance_alarm_ticket
- cpu_alarm_high
Several changes were required while adding terraform 0.12 compatibility. The following changes should
made when upgrading from a previous release to version 0.12.0 or higher.
The following module variables were updated to better meet current Rackspace style guides:
security_group_list
->security_groups
resource_name
->name
additional_tags
->tags
The following variables are no longer neccessary and were removed
additional_ssm_bootstrap_step_count
install_scaleft_agent
New variable ssm_bootstrap_list
was added to allow setting the SSM association steps using objects instead of strings, allowing easier linting and formatting of these lines. The additional_ssm_bootstrap_list
variable will continue to work, but will be deprecated in a future release.
Name | Version |
---|---|
terraform | >= 1.0.0 |
Name | Version |
---|---|
aws | n/a |
Name | Source | Version |
---|---|---|
cpu_alarm_high | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
status_check_failed_instance_alarm_ticket | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
status_check_failed_system_alarm_ticket | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
additional_ssm_bootstrap_list | A list of maps consisting of main step actions, to be appended to SSM associations. Please see usage.tf.example in this repo for examples. (DEPRECATED) This variable will be removed in future releases in favor of the ssm_bootstrap_list variable. |
list(map(string)) |
[] |
no |
backup_tag_value | Value of the 'Backup' tag, used to assign to the AWS Backup configuration | string |
"False" |
no |
cloudwatch_log_retention | The number of days to retain Cloudwatch Logs for this instance. | number |
30 |
no |
create_internal_route53 | Toggle for creation of internal Route 53 records for instannces. | bool |
false |
no |
creation_policy_timeout | Time to wait for the number of signals for the creation policy. H/M/S Hours/Minutes/Seconds | string |
"20m" |
no |
custom_cw_agent_config_ssm_param | SSM Parameter Store name that contains a custom CloudWatch agent configuration that you would like to use as an alternative to the default provided. | string |
"" |
no |
cw_cpu_high_evaluations | The number of periods over which data is compared to the specified threshold. | number |
15 |
no |
cw_cpu_high_operator | Math operator used by CloudWatch for alarms and triggers. | string |
"GreaterThanThreshold" |
no |
cw_cpu_high_period | Time the specified statistic is applied. Must be in seconds that is also a multiple of 60. | number |
60 |
no |
cw_cpu_high_threshold | The value against which the specified statistic is compared. | number |
90 |
no |
detailed_monitoring | Enable Detailed Monitoring? true or false | bool |
true |
no |
disable_api_termination | Specifies that an instance should not be able to be deleted via the API. true or false. This option must be toggled to false to allow Terraform to destroy the resource. | bool |
false |
no |
ebs_volume_tags | (Optional) A mapping of tags to assign to the devices created by the instance at launch time. | map(string) |
{} |
no |
ec2_os | Intended Operating System/Distribution of Instance. Valid inputs are amazon2 , centos7 , rhel7 , rhel8 , ubuntu18 , ubuntu20 , windows2012r2 , windows2016 , windows2019 |
string |
n/a | yes |
eip_allocation_id_count | A count of supplied eip allocation IDs in variable eip_allocation_id_list | number |
0 |
no |
eip_allocation_id_list | A list of Allocation IDs of the EIPs you want to associate with the instance(s). This is one per instance. e.g. if you specify 2 for instance_count then you must supply two allocation ids here. | list(string) |
[] |
no |
enable_ebs_optimization | Use EBS Optimized? true or false | bool |
false |
no |
enable_recovery_alarms | Boolean parameter controlling if auto-recovery alarms should be created. Recovery actions are not supported on all instance types and AMIs, especially those with ephemeral storage. This parameter should be set to false for those cases. | bool |
true |
no |
encrypt_primary_ebs_volume | Encrypt root EBS Volume? true or false | bool |
false |
no |
encrypt_primary_ebs_volume_kms_id | If encrypt_primary_ebs_volume is true you can optionally provide a KMS CMK ARN. |
string |
"" |
no |
encrypt_secondary_ebs_volume | Encrypt secondary EBS Volume? true or false | bool |
false |
no |
encrypt_secondary_ebs_volume_kms_id | If encrypt_secondary_ebs_volume is true you can optionally provide a KMS CMK ARN. |
string |
"" |
no |
environment | Application environment for which this network is being created. Preferred value are Development, Integration, PreProduction, Production, QA, Staging, or Test | string |
"Development" |
no |
final_userdata_commands | Commands to be given at the end of userdata for an instance. This should generally not include bootstrapping or ssm install. | string |
"" |
no |
image_id | The AMI ID to be used to build the EC2 Instance. If not provided, an AMI ID will be queried with an OS specified in variable ec2_os. | string |
"" |
no |
initial_userdata_commands | Commands to be given at the start of userdata for an instance. This should generally not include bootstrapping or ssm install. | string |
"" |
no |
install_codedeploy_agent | Install codedeploy agent on instance(s)? true or false | bool |
false |
no |
install_nfs | Install NFS service on instance(s)? true or false | bool |
false |
no |
instance_count | Number of identical instances to deploy | number |
1 |
no |
instance_profile_override | Optionally provide an instance profile. Any override profile should contain the permissions required for Rackspace support tooling to continue to function if required. | bool |
false |
no |
instance_profile_override_name | Provide an instance profile name. Any override profile should contain the permissions required for Rackspace support tooling to continue to function if required. To use this set instance_profile_override to true . |
string |
"" |
no |
instance_role_managed_policy_arn_count | The number of policy ARNs provided/set in variable 'instance_role_managed_policy_arns' | number |
0 |
no |
instance_role_managed_policy_arns | List of IAM policy ARNs for the InstanceRole IAM role. IAM ARNs can be found within the Policies section of the AWS IAM console. e.g. ['arn:aws:iam::aws:policy/AmazonEC2FullAccess', 'arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore', 'arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole'] | list(string) |
[] |
no |
instance_type | EC2 Instance Type e.g. 't2.micro' | string |
"t2.micro" |
no |
internal_zone_id | The Route53 Internal Hosted Zone ID | string |
"" |
no |
internal_zone_name | TLD for Internal Hosted Zone | string |
"" |
no |
key_pair | Name of an existing EC2 KeyPair to enable SSH access to the instances. | string |
"" |
no |
metadata_http_endpoint | Whether the metadata service is available. Valid values include enabled or disabled. | string |
"enabled" |
no |
metadata_http_put_response_hop_limit | Desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Valid values are integer from 1 to 64 | number |
1 |
no |
metadata_http_tokens | Whether or not the metadata service requires session tokens, also referred to as Instance Metadata Service Version 2 (IMDSv2). Valid values include optional or required. | string |
"optional" |
no |
metadata_instance_metadata_tags | Enables or disables access to instance tags from the instance metadata service. Valid values include enabled or disabled | string |
"disabled" |
no |
name | Name to be used for the provisioned EC2 instance(s) and other resources provisioned in this module | string |
n/a | yes |
notification_topic | SNS Topic ARN to notify if there are any alarms | string |
"" |
no |
perform_ssm_inventory_tag | Determines whether Instance is tracked via System Manager Inventory. | bool |
true |
no |
primary_ebs_volume_iops | Iops value required for use with io1 EBS volumes. This value should be 3 times the EBS volume size | number |
0 |
no |
primary_ebs_volume_size | EBS Volume Size in GB | number |
60 |
no |
primary_ebs_volume_type | EBS Volume Type. e.g. gp2, io1, st1, sc1 | string |
"gp2" |
no |
private_ip_address | A list of static private IP addresses to be configured on the instance. This IP should be in the assigned subnet and if the instance is replaced, a new IP would need to be assigned. If used, one private IP needs to be provided per instance. | list(string) |
[] |
no |
provide_custom_cw_agent_config | Set to true if a custom cloudwatch agent configuration has been provided in variable custom_cw_agent_config_ssm_param. | bool |
false |
no |
rackspace_managed | Boolean parameter controlling if instance will be fully managed by Rackspace support teams, created CloudWatch alarms that generate tickets, and utilize Rackspace managed SSM documents. | bool |
true |
no |
secondary_ebs_volume_existing_id | The Snapshot ID of an existing EBS volume you want to use for the secondary volume. i.e. snap-0ad8580e3ac34a9f1 | string |
"" |
no |
secondary_ebs_volume_iops | Iops value required for use with io1 EBS volumes. This value should be 3 times the EBS volume size | number |
0 |
no |
secondary_ebs_volume_size | EBS Volume Size in GB | string |
"" |
no |
secondary_ebs_volume_type | EBS Volume Type. e.g. gp2, io1, st1, sc1 | string |
"gp2" |
no |
security_groups | A list of security group IDs to assign to this resource. e.g. ['sg-00e88e6a', 'sg-0943cd61', 'sg-2f46c847'] | list(string) |
n/a | yes |
ssm_association_refresh_rate | A cron or rate pattern to define the SSM Association refresh schedule, defaulting to once per day. See https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-cron.html for more details. Schedule can be disabled by providing an empty string. | string |
"rate(1 day)" |
no |
ssm_bootstrap_list | A list of objects consisting of actions, to be appended to SSM associations. Please see usage.tf.example in this repo for examples. | any |
[] |
no |
ssm_patching_group | Group ID to be used by System Manager for Patching. This is the value to be used for tag 'Patch Group' | string |
"" |
no |
subnets | Subnet ID(s) for EC2 Instance(s). If multiple are provided, instances will be distributed amongst them. | list(string) |
[] |
no |
t2_unlimited_mode | Determines whether to enable the T2 Unlimited feature. Only applicable on instance classes that support burstable CPU. | string |
"standard" |
no |
tags | A map of tags to apply to all resources. | map(string) |
{} |
no |
tenancy | The placement tenancy for EC2 devices. e.g. host, default, dedicated | string |
"default" |
no |
Name | Description |
---|---|
ar_image_id | Image ID used for EC2 provisioning |
ar_instance_az_list | List of resulting Instance availability zones |
ar_instance_id_list | List of resulting Instance IDs |
ar_instance_ip_list | List of resulting Instance IP addresses |
ar_instance_r53_name_list | List of resulting Route 53 internal records |