Skip to content

Latest commit

 

History

History
192 lines (160 loc) · 27.4 KB

README.md

File metadata and controls

192 lines (160 loc) · 27.4 KB
Raw

EC2-Image-Builder

Terraform module that creates and manages an Amazon Machine Image (AMI) with EC2 Image Builder service.

⚠️ The module initially only manages the creation of AMIs and not Container Image.

Usage

Simple workspace with local run mode

module "imagebuilder" {
  source = "../../"

  name = var.name

  components = [
    {
      "data" = yamlencode({
        phases = [
          {
            name = "build"
            steps = [
              {
                action = "ExecuteBash"
                inputs = {
                  commands = ["echo 'hello world'"]
                }
                name      = "helloworld"
                onFailure = "Continue"
              }
            ]
          }
        ]
        schemaVersion = 1.0
      }),
      "name"        = "hello world",
      "description" = "component hello world",
      "version"     = "1.0.0"
    }
  ]

  component_external_arns = ["arn:aws:imagebuilder:${var.region}:aws:component/amazon-cloudwatch-agent-linux/1.0.1/1"]

  image_recipe_parent_image = "arn:${data.aws_partition.current.partition}:imagebuilder:${var.region}:aws:image/ubuntu-server-20-lts-x86/2022.3.8"
  image_recipe_version      = "1.0.0"

  block_device_mapping = [
    {
      device_name           = "/dev/sda"
      delete_on_termination = true
      volume_size           = 10
      volume_type           = "gp3"
    }
  ]

  infrastructure_configuration_instance_profile_name = aws_iam_instance_profile.istance_profile.name
  infrastructure_configuration_instance_types        = ["t3.nano"]

  infrastructure_configuration_s3_logs_enabled = false
  infrastructure_configuration_s3_bucket_name  = aws_s3_bucket.bucket_logs.bucket

  enable_resource_tags = true
  resource_tags        = local.common_tags


  distribution_configuration_region = var.region

  ami_distribution_configuration = {
    name = var.name

    ami_tags = {
      CostCenter = "IT"
    }

  }

  launch_permission = {
    user_ids = var.user_ids
  }

  launch_template_configuration = [
    {
      launch_template_id = var.launch_template_id_1
      account_id         = var.account_id
    },
    {
      launch_template_id = var.launch_template_id_2
      account_id         = var.account_id
    }
  ]

  image_tests_configuration_schedule_enabled    = true
  image_tests_configuration_schedule_expression = "cron(0 0 * * ? *)"
}

Examples

Requirements

Name Version
terraform >= 1.1.0
aws >= 4.20

Providers

Name Version
aws >= 4.20

Modules

No modules.

Resources

Name Type
aws_imagebuilder_component.this resource
aws_imagebuilder_image_recipe.this resource
aws_imagebuilder_infrastructure_configuration.this resource
aws_imagebuilder_distribution_configurations.this resource
aws_imagebuilder_image_pipeline.this resource

Inputs

Name Description Type Default Required
name Generic resource name string n/a yes
components Image Builder Component any {} no
create_image_recipe Controls whether resources should be created bool true no
image_recipe_parent_image Platform of the image recip string n/a yes
image_recipe_version Version of the image recipe string n/a yes
block_device_mapping Configuration block(s) with block device mappings for the image recipe. Detailed below list(map(string)) [] no
component_external_arns Components created externally list(string) [] no
ebs Configuration block with Elastic Block Storage (EBS) block device mapping settings list(map(string)) [] no
enable_resource_tags Whether to enable resource tags bool false no
resource_tags Key-value map of resource tags to assign to infrastructure created by the configuration map(string) {} no
create_infrastructure_configuration Controls whether resources should be created bool true no
infrastructure_configuration_description Description for the configuration string null no
infrastructure_configuration_instance_profile_name Name of IAM Instance Profile string n/a yes
infrastructure_configuration_instance_types EC2 Instance Types list(string) ["t3.nano", "t3.micro"] no
infrastructure_configuration_key_pair Name of EC2 Key Pair string null no
infrastructure_configuration_security_group_ids EC2 Security Group identifiers list(string) null no
infrastructure_configuration_sns_topic_arn Amazon Resource Name (ARN) of SNS Topic string null no
infrastructure_configuration_subnet_id EC2 Subnet identifier. Also requires security_group_ids argument string null no
infrastructure_configuration_terminate_instance_on_failure Enable if the instance should be terminated when the pipeline fails bool false no
infrastructure_configuration_s3_logs_enabled Whether to enable s3 logs bool false no
infrastructure_configuration_s3_bucket_name" Name of the S3 Bucket string null no
infrastructure_configuration_s3_key_prefix Prefix to use for S3 logs string null no
create_distribution_configuration Controls whether resources should be created bool true no
distribution_configuration_description Description of the distribution configuration string null no
distribution_configuration_kms_key_id Amazon Resource Name (ARN) of the Key Management Service (KMS) Key used to encrypt the distribution configuration string null no
distribution_configuration_region AWS Region for the distribution string n/a yes
ami_distribution_configuration Configuration block with Amazon Machine Image (AMI) distribution settings any {} no
launch_permission Configuration block of EC2 launch permissions to apply to the distributed AMI map(list(string)) {} no
fast_launch_configuration Set of Windows faster-launching configurations to use for AMI distribution map(string) {} no
launch_template Configuration block for the launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots map(string) null no
launch_template_configuratio Set of launch template configuration settings that apply to image distribution list(map(string)) [] no
image_pipeline Controls whether resources should be created bool true no
image_pipeline_description Description of the image pipeline string null no
image_pipeline_enhanced_image_metadata_enabled Whether additional information about the image being created is collected bool true no
image_pipeline_status Status of the image pipeline,Valid values are DISABLED and ENABLED string ENABLED no
image_tests_configuration Configuration block with image tests configuration map(string) {} no
image_tests_configuration_schedule_enabled Whether to enable schedule expression bool false no
image_tests_configuration_schedule_expression Cron expression of how often the pipeline start condition is evaluated string null no
image_recipe_arn Amazon Resource Name (ARN) of the image recipe string n/a no
infrastructure_configuration_arn Amazon Resource Name (ARN) of the Image Builder Infrastructure Configuration string n/a no
distribution_configuration_arn Amazon Resource Name (ARN) of the Image Builder Distribution string n/a no
tags A mapping of tags to assign to the resource map(string) {} no

Outputs

Name Description
component Map of Component
component_name List of Name of the component
component_arn List of Arn of the component
image_recipe_name Name of the image recipe
image_recipe_component Name of the image recipe
image_recipe_arn Amazon Resource Name (ARN) of the image recipe
image_recipe_owner Owner of the image recipe
infrastructure_configuration_name Name of the infrastructure configuration
infrastructure_configuration_arn Arn of the infrastructure configuratio
infrastructure_configuration_instance_profile_name Instance Profile name of the infrastructure configuration
infrastructure_configuration_instance_types Instance Types of the infrastructure configuration
distribution_configuration_name Name of the distribution configuration
image_pipeline_name Name of the image pipeline
image_pipeline_arn Arn of the image pipeline