{"id":13505628,"url":"https://github.com/terraform-aws-modules/terraform-aws-ec2-instance","last_synced_at":"2026-01-08T21:16:34.585Z","repository":{"id":37706281,"uuid":"103173578","full_name":"terraform-aws-modules/terraform-aws-ec2-instance","owner":"terraform-aws-modules","description":"Terraform module to create AWS EC2 instance(s) resources πŸ‡ΊπŸ‡¦","archived":false,"fork":false,"pushed_at":"2025-03-30T19:59:04.000Z","size":268,"stargazers_count":775,"open_issues_count":2,"forks_count":1918,"subscribers_count":24,"default_branch":"master","last_synced_at":"2025-04-10T16:48:08.333Z","etag":null,"topics":["aws","aws-ec2","ec2-instance","terraform-module"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/terraform-aws-modules/ec2-instance/aws","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/terraform-aws-modules.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["antonbabenko"],"custom":"https://www.paypal.me/antonbabenko"}},"created_at":"2017-09-11T18:36:09.000Z","updated_at":"2025-04-05T07:31:05.000Z","dependencies_parsed_at":"2023-01-31T23:31:16.352Z","dependency_job_id":"1bac5f62-25e9-4d47-a8ff-be2e8701c048","html_url":"https://github.com/terraform-aws-modules/terraform-aws-ec2-instance","commit_stats":{"total_commits":168,"total_committers":43,"mean_commits":"3.9069767441860463","dds":0.6011904761904762,"last_synced_commit":"28b2c723dc5168d48b2a31214b2c26e88094c5fa"},"previous_names":[],"tags_count":86,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-ec2-instance","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-ec2-instance/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-ec2-instance/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/terraform-aws-modules%2Fterraform-aws-ec2-instance/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/terraform-aws-modules","download_url":"https://codeload.github.com/terraform-aws-modules/terraform-aws-ec2-instance/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254052674,"owners_count":22006716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-ec2","ec2-instance","terraform-module"],"created_at":"2024-08-01T00:01:10.842Z","updated_at":"2026-01-08T21:16:34.578Z","avatar_url":"https://github.com/terraform-aws-modules.png","language":"HCL","funding_links":["https://github.com/sponsors/antonbabenko","https://www.paypal.me/antonbabenko"],"categories":["HCL","Community Modules"],"sub_categories":["Miscellaneous"],"readme":"# AWS EC2 Instance Terraform module\n\nTerraform module which creates an EC2 instance on AWS.\n\n[![SWUbanner](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-direct.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)\n\n## Usage\n\n### Single EC2 Instance\n\n```hcl\nmodule \"ec2_instance\" {\n source = \"terraform-aws-modules/ec2-instance/aws\"\n\n name = \"single-instance\"\n\n instance_type = \"t3.micro\"\n key_name = \"user1\"\n monitoring = true\n subnet_id = \"subnet-eddcdzz4\"\n\n tags = {\n Terraform = \"true\"\n Environment = \"dev\"\n }\n}\n```\n\n### Multiple EC2 Instance\n\n```hcl\nmodule \"ec2_instance\" {\n source = \"terraform-aws-modules/ec2-instance/aws\"\n\n for_each = toset([\"one\", \"two\", \"three\"])\n\n name = \"instance-${each.key}\"\n\n instance_type = \"t3.micro\"\n key_name = \"user1\"\n monitoring = true\n subnet_id = \"subnet-eddcdzz4\"\n\n tags = {\n Terraform = \"true\"\n Environment = \"dev\"\n }\n}\n```\n\n### Spot EC2 Instance\n\n```hcl\nmodule \"ec2_instance\" {\n source = \"terraform-aws-modules/ec2-instance/aws\"\n\n name = \"spot-instance\"\n\n create_spot_instance = true\n spot_price = \"0.60\"\n spot_type = \"persistent\"\n\n instance_type = \"t3.micro\"\n key_name = \"user1\"\n monitoring = true\n subnet_id = \"subnet-eddcdzz4\"\n\n tags = {\n Terraform = \"true\"\n Environment = \"dev\"\n }\n}\n```\n\n## Examples\n\n- [Complete EC2 instance](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/complete)\n- [EC2 instance w/ private network access via Session Manager](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/session-manager)\n\n## Make an encrypted AMI for use\n\nThis module does not support encrypted AMI's out of the box however it is easy enough for you to generate one for use\n\nThis example creates an encrypted image from the latest ubuntu 20.04 base image.\n\n```hcl\nprovider \"aws\" {\n region = \"us-west-2\"\n}\n\ndata \"aws_ami\" \"ubuntu\" {\n most_recent = true\n owners = [\"679593333241\"]\n\n filter {\n name = \"name\"\n values = [\"ubuntu-minimal/images/hvm-ssd/ubuntu-focal-20.04-*\"]\n }\n\n filter {\n name = \"virtualization-type\"\n values = [\"hvm\"]\n }\n}\n\nresource \"aws_ami_copy\" \"ubuntu_encrypted_ami\" {\n name = \"ubuntu-encrypted-ami\"\n description = \"An encrypted root ami based off ${data.aws_ami.ubuntu.id}\"\n source_ami_id = data.aws_ami.ubuntu.id\n source_ami_region = \"eu-west-2\"\n encrypted = true\n\n tags = { Name = \"ubuntu-encrypted-ami\" }\n}\n\ndata \"aws_ami\" \"encrypted-ami\" {\n most_recent = true\n\n filter {\n name = \"name\"\n values = [aws_ami_copy.ubuntu_encrypted_ami.id]\n }\n\n owners = [\"self\"]\n}\n```\n\n## Conditional creation\n\nThe following combinations are supported to conditionally create resources:\n\n```hcl\nmodule \"ec2_instance\" {\n source = \"terraform-aws-modules/ec2-instance/aws\"\n\n # Disable creation of EC2 and all resources\n create = false\n\n # Enable creation of spot instance\n create_spot_instance = true\n\n # Enable creation of EC2 IAM instance profile\n create_iam_instance_profile = true\n\n # Disable creation of security group\n create_security_group = false\n\n # Enable creation of elastic IP\n create_eip = true\n\n # ... omitted\n}\n```\n\n## Notes\n\n- `network_interface` can't be specified together with `vpc_security_group_ids`, `associate_public_ip_address`, `subnet_id`. See [complete example](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/examples/complete) for details.\n- In regards to spot instances, you must grant the `AWSServiceRoleForEC2Spot` service-linked role access to any custom KMS keys, otherwise your spot request and instances will fail with `bad parameters`. You can see more details about why the request failed by using the awscli and `aws ec2 describe-spot-instance-requests`\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 1.5.7 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | \u003e= 6.28 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | \u003e= 6.28 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [aws_ebs_volume.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume) | resource |\n| [aws_ec2_tag.spot_instance](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag) | resource |\n| [aws_eip.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |\n| [aws_iam_instance_profile.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |\n| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_instance.ignore_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |\n| [aws_instance.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |\n| [aws_security_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_spot_instance_request.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/spot_instance_request) | resource |\n| [aws_volume_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/volume_attachment) | resource |\n| [aws_vpc_security_group_egress_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_egress_rule) | resource |\n| [aws_vpc_security_group_ingress_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource |\n| [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |\n| [aws_ssm_parameter.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |\n| [aws_subnet.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_ami\"\u003e\u003c/a\u003e [ami](#input\\_ami) | ID of AMI to use for the instance | `string` | `null` | no |\n| \u003ca name=\"input_ami_ssm_parameter\"\u003e\u003c/a\u003e [ami\\_ssm\\_parameter](#input\\_ami\\_ssm\\_parameter) | SSM parameter name for the AMI ID. For Amazon Linux AMI SSM parameters see [reference](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-public-parameters-ami.html) | `string` | `\"/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64\"` | no |\n| \u003ca name=\"input_associate_public_ip_address\"\u003e\u003c/a\u003e [associate\\_public\\_ip\\_address](#input\\_associate\\_public\\_ip\\_address) | Whether to associate a public IP address with an instance in a VPC | `bool` | `null` | no |\n| \u003ca name=\"input_availability_zone\"\u003e\u003c/a\u003e [availability\\_zone](#input\\_availability\\_zone) | AZ to start the instance in | `string` | `null` | no |\n| \u003ca name=\"input_capacity_reservation_specification\"\u003e\u003c/a\u003e [capacity\\_reservation\\_specification](#input\\_capacity\\_reservation\\_specification) | Describes an instance's Capacity Reservation targeting option | \u003cpre\u003eobject({\u003cbr/\u003e capacity_reservation_preference = optional(string)\u003cbr/\u003e capacity_reservation_target = optional(object({\u003cbr/\u003e capacity_reservation_id = optional(string)\u003cbr/\u003e capacity_reservation_resource_group_arn = optional(string)\u003cbr/\u003e }))\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_cpu_credits\"\u003e\u003c/a\u003e [cpu\\_credits](#input\\_cpu\\_credits) | The credit option for CPU usage (unlimited or standard) | `string` | `null` | no |\n| \u003ca name=\"input_cpu_options\"\u003e\u003c/a\u003e [cpu\\_options](#input\\_cpu\\_options) | Defines CPU options to apply to the instance at launch time. | \u003cpre\u003eobject({\u003cbr/\u003e amd_sev_snp = optional(string)\u003cbr/\u003e core_count = optional(number)\u003cbr/\u003e threads_per_core = optional(number)\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_create\"\u003e\u003c/a\u003e [create](#input\\_create) | Whether to create an instance | `bool` | `true` | no |\n| \u003ca name=\"input_create_eip\"\u003e\u003c/a\u003e [create\\_eip](#input\\_create\\_eip) | Determines whether a public EIP will be created and associated with the instance. | `bool` | `false` | no |\n| \u003ca name=\"input_create_iam_instance_profile\"\u003e\u003c/a\u003e [create\\_iam\\_instance\\_profile](#input\\_create\\_iam\\_instance\\_profile) | Determines whether an IAM instance profile is created or to use an existing IAM instance profile | `bool` | `false` | no |\n| \u003ca name=\"input_create_security_group\"\u003e\u003c/a\u003e [create\\_security\\_group](#input\\_create\\_security\\_group) | Determines whether a security group will be created | `bool` | `true` | no |\n| \u003ca name=\"input_create_spot_instance\"\u003e\u003c/a\u003e [create\\_spot\\_instance](#input\\_create\\_spot\\_instance) | Depicts if the instance is a spot instance | `bool` | `false` | no |\n| \u003ca name=\"input_disable_api_stop\"\u003e\u003c/a\u003e [disable\\_api\\_stop](#input\\_disable\\_api\\_stop) | If true, enables EC2 Instance Stop Protection | `bool` | `null` | no |\n| \u003ca name=\"input_disable_api_termination\"\u003e\u003c/a\u003e [disable\\_api\\_termination](#input\\_disable\\_api\\_termination) | If true, enables EC2 Instance Termination Protection | `bool` | `null` | no |\n| \u003ca name=\"input_ebs_optimized\"\u003e\u003c/a\u003e [ebs\\_optimized](#input\\_ebs\\_optimized) | If true, the launched EC2 instance will be EBS-optimized | `bool` | `null` | no |\n| \u003ca name=\"input_ebs_volumes\"\u003e\u003c/a\u003e [ebs\\_volumes](#input\\_ebs\\_volumes) | Additional EBS volumes to attach to the instance | \u003cpre\u003emap(object({\u003cbr/\u003e encrypted = optional(bool)\u003cbr/\u003e final_snapshot = optional(bool)\u003cbr/\u003e iops = optional(number)\u003cbr/\u003e kms_key_id = optional(string)\u003cbr/\u003e multi_attach_enabled = optional(bool)\u003cbr/\u003e outpost_arn = optional(string)\u003cbr/\u003e size = optional(number)\u003cbr/\u003e snapshot_id = optional(string)\u003cbr/\u003e tags = optional(map(string), {})\u003cbr/\u003e throughput = optional(number)\u003cbr/\u003e type = optional(string, \"gp3\")\u003cbr/\u003e # Attachment\u003cbr/\u003e device_name = optional(string) # Will fall back to use map key as device name\u003cbr/\u003e force_detach = optional(bool)\u003cbr/\u003e skip_destroy = optional(bool)\u003cbr/\u003e stop_instance_before_detaching = optional(bool)\u003cbr/\u003e }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_eip_domain\"\u003e\u003c/a\u003e [eip\\_domain](#input\\_eip\\_domain) | Indicates if this EIP is for use in VPC | `string` | `\"vpc\"` | no |\n| \u003ca name=\"input_eip_tags\"\u003e\u003c/a\u003e [eip\\_tags](#input\\_eip\\_tags) | A map of additional tags to add to the eip | `map(string)` | `{}` | no |\n| \u003ca name=\"input_enable_primary_ipv6\"\u003e\u003c/a\u003e [enable\\_primary\\_ipv6](#input\\_enable\\_primary\\_ipv6) | Whether to assign a primary IPv6 Global Unicast Address (GUA) to the instance when launched in a dual-stack or IPv6-only subnet | `bool` | `null` | no |\n| \u003ca name=\"input_enable_volume_tags\"\u003e\u003c/a\u003e [enable\\_volume\\_tags](#input\\_enable\\_volume\\_tags) | Whether to enable volume tags (if enabled it conflicts with root\\_block\\_device tags) | `bool` | `true` | no |\n| \u003ca name=\"input_enclave_options_enabled\"\u003e\u003c/a\u003e [enclave\\_options\\_enabled](#input\\_enclave\\_options\\_enabled) | Whether Nitro Enclaves will be enabled on the instance. Defaults to `false` | `bool` | `null` | no |\n| \u003ca name=\"input_ephemeral_block_device\"\u003e\u003c/a\u003e [ephemeral\\_block\\_device](#input\\_ephemeral\\_block\\_device) | Customize Ephemeral (also known as Instance Store) volumes on the instance | \u003cpre\u003emap(object({\u003cbr/\u003e device_name = string\u003cbr/\u003e no_device = optional(bool)\u003cbr/\u003e virtual_name = optional(string)\u003cbr/\u003e }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_get_password_data\"\u003e\u003c/a\u003e [get\\_password\\_data](#input\\_get\\_password\\_data) | If true, wait for password data to become available and retrieve it | `bool` | `null` | no |\n| \u003ca name=\"input_hibernation\"\u003e\u003c/a\u003e [hibernation](#input\\_hibernation) | If true, the launched EC2 instance will support hibernation | `bool` | `null` | no |\n| \u003ca name=\"input_host_id\"\u003e\u003c/a\u003e [host\\_id](#input\\_host\\_id) | ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host | `string` | `null` | no |\n| \u003ca name=\"input_host_resource_group_arn\"\u003e\u003c/a\u003e [host\\_resource\\_group\\_arn](#input\\_host\\_resource\\_group\\_arn) | ARN of the host resource group in which to launch the instances. If you specify an ARN, omit the `tenancy` parameter or set it to `host` | `string` | `null` | no |\n| \u003ca name=\"input_iam_instance_profile\"\u003e\u003c/a\u003e [iam\\_instance\\_profile](#input\\_iam\\_instance\\_profile) | IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile | `string` | `null` | no |\n| \u003ca name=\"input_iam_role_description\"\u003e\u003c/a\u003e [iam\\_role\\_description](#input\\_iam\\_role\\_description) | Description of the role | `string` | `null` | no |\n| \u003ca name=\"input_iam_role_name\"\u003e\u003c/a\u003e [iam\\_role\\_name](#input\\_iam\\_role\\_name) | Name to use on IAM role created | `string` | `null` | no |\n| \u003ca name=\"input_iam_role_path\"\u003e\u003c/a\u003e [iam\\_role\\_path](#input\\_iam\\_role\\_path) | IAM role path | `string` | `null` | no |\n| \u003ca name=\"input_iam_role_permissions_boundary\"\u003e\u003c/a\u003e [iam\\_role\\_permissions\\_boundary](#input\\_iam\\_role\\_permissions\\_boundary) | ARN of the policy that is used to set the permissions boundary for the IAM role | `string` | `null` | no |\n| \u003ca name=\"input_iam_role_policies\"\u003e\u003c/a\u003e [iam\\_role\\_policies](#input\\_iam\\_role\\_policies) | Policies attached to the IAM role | `map(string)` | `{}` | no |\n| \u003ca name=\"input_iam_role_tags\"\u003e\u003c/a\u003e [iam\\_role\\_tags](#input\\_iam\\_role\\_tags) | A map of additional tags to add to the IAM role/profile created | `map(string)` | `{}` | no |\n| \u003ca name=\"input_iam_role_use_name_prefix\"\u003e\u003c/a\u003e [iam\\_role\\_use\\_name\\_prefix](#input\\_iam\\_role\\_use\\_name\\_prefix) | Determines whether the IAM role name (`iam_role_name` or `name`) is used as a prefix | `bool` | `true` | no |\n| \u003ca name=\"input_ignore_ami_changes\"\u003e\u003c/a\u003e [ignore\\_ami\\_changes](#input\\_ignore\\_ami\\_changes) | Whether changes to the AMI ID changes should be ignored by Terraform. Note - changing this value will result in the replacement of the instance | `bool` | `false` | no |\n| \u003ca name=\"input_instance_initiated_shutdown_behavior\"\u003e\u003c/a\u003e [instance\\_initiated\\_shutdown\\_behavior](#input\\_instance\\_initiated\\_shutdown\\_behavior) | Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instance | `string` | `null` | no |\n| \u003ca name=\"input_instance_market_options\"\u003e\u003c/a\u003e [instance\\_market\\_options](#input\\_instance\\_market\\_options) | The market (purchasing) option for the instance. If set, overrides the `create_spot_instance` variable | \u003cpre\u003eobject({\u003cbr/\u003e market_type = optional(string)\u003cbr/\u003e spot_options = optional(object({\u003cbr/\u003e instance_interruption_behavior = optional(string)\u003cbr/\u003e max_price = optional(string)\u003cbr/\u003e spot_instance_type = optional(string)\u003cbr/\u003e valid_until = optional(string)\u003cbr/\u003e }))\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_instance_tags\"\u003e\u003c/a\u003e [instance\\_tags](#input\\_instance\\_tags) | Additional tags for the instance | `map(string)` | `{}` | no |\n| \u003ca name=\"input_instance_type\"\u003e\u003c/a\u003e [instance\\_type](#input\\_instance\\_type) | The type of instance to start | `string` | `\"t3.micro\"` | no |\n| \u003ca name=\"input_ipv6_address_count\"\u003e\u003c/a\u003e [ipv6\\_address\\_count](#input\\_ipv6\\_address\\_count) | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet | `number` | `null` | no |\n| \u003ca name=\"input_ipv6_addresses\"\u003e\u003c/a\u003e [ipv6\\_addresses](#input\\_ipv6\\_addresses) | Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface | `list(string)` | `null` | no |\n| \u003ca name=\"input_key_name\"\u003e\u003c/a\u003e [key\\_name](#input\\_key\\_name) | Key name of the Key Pair to use for the instance; which can be managed using the `aws_key_pair` resource | `string` | `null` | no |\n| \u003ca name=\"input_launch_template\"\u003e\u003c/a\u003e [launch\\_template](#input\\_launch\\_template) | Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template | \u003cpre\u003eobject({\u003cbr/\u003e id = optional(string)\u003cbr/\u003e name = optional(string)\u003cbr/\u003e version = optional(string)\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_maintenance_options\"\u003e\u003c/a\u003e [maintenance\\_options](#input\\_maintenance\\_options) | The maintenance options for the instance | \u003cpre\u003eobject({\u003cbr/\u003e auto_recovery = optional(string)\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_metadata_options\"\u003e\u003c/a\u003e [metadata\\_options](#input\\_metadata\\_options) | Customize the metadata options of the instance | \u003cpre\u003eobject({\u003cbr/\u003e http_endpoint = optional(string, \"enabled\")\u003cbr/\u003e http_protocol_ipv6 = optional(string)\u003cbr/\u003e http_put_response_hop_limit = optional(number, 1)\u003cbr/\u003e http_tokens = optional(string, \"required\")\u003cbr/\u003e instance_metadata_tags = optional(string)\u003cbr/\u003e })\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"http_endpoint\": \"enabled\",\u003cbr/\u003e \"http_put_response_hop_limit\": 1,\u003cbr/\u003e \"http_tokens\": \"required\"\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_monitoring\"\u003e\u003c/a\u003e [monitoring](#input\\_monitoring) | If true, the launched EC2 instance will have detailed monitoring enabled | `bool` | `null` | no |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | Name to be used on EC2 instance created | `string` | `\"\"` | no |\n| \u003ca name=\"input_network_interface\"\u003e\u003c/a\u003e [network\\_interface](#input\\_network\\_interface) | Customize network interfaces to be attached at instance boot time | \u003cpre\u003emap(object({\u003cbr/\u003e delete_on_termination = optional(bool)\u003cbr/\u003e device_index = optional(number) # Will fall back to use map key as device index\u003cbr/\u003e network_card_index = optional(number)\u003cbr/\u003e network_interface_id = string\u003cbr/\u003e }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_placement_group\"\u003e\u003c/a\u003e [placement\\_group](#input\\_placement\\_group) | The Placement Group to start the instance in | `string` | `null` | no |\n| \u003ca name=\"input_placement_partition_number\"\u003e\u003c/a\u003e [placement\\_partition\\_number](#input\\_placement\\_partition\\_number) | Number of the partition the instance is in. Valid only if the `aws_placement_group` resource's `strategy` argument is set to `partition` | `number` | `null` | no |\n| \u003ca name=\"input_private_dns_name_options\"\u003e\u003c/a\u003e [private\\_dns\\_name\\_options](#input\\_private\\_dns\\_name\\_options) | Customize the private DNS name options of the instance | \u003cpre\u003eobject({\u003cbr/\u003e enable_resource_name_dns_a_record = optional(bool)\u003cbr/\u003e enable_resource_name_dns_aaaa_record = optional(bool)\u003cbr/\u003e hostname_type = optional(string)\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_private_ip\"\u003e\u003c/a\u003e [private\\_ip](#input\\_private\\_ip) | Private IP address to associate with the instance in a VPC | `string` | `null` | no |\n| \u003ca name=\"input_putin_khuylo\"\u003e\u003c/a\u003e [putin\\_khuylo](#input\\_putin\\_khuylo) | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | `bool` | `true` | no |\n| \u003ca name=\"input_region\"\u003e\u003c/a\u003e [region](#input\\_region) | Region where the resource(s) will be managed. Defaults to the Region set in the provider configuration | `string` | `null` | no |\n| \u003ca name=\"input_root_block_device\"\u003e\u003c/a\u003e [root\\_block\\_device](#input\\_root\\_block\\_device) | Customize details about the root block device of the instance. See Block Devices below for details | \u003cpre\u003eobject({\u003cbr/\u003e delete_on_termination = optional(bool)\u003cbr/\u003e encrypted = optional(bool)\u003cbr/\u003e iops = optional(number)\u003cbr/\u003e kms_key_id = optional(string)\u003cbr/\u003e tags = optional(map(string))\u003cbr/\u003e throughput = optional(number)\u003cbr/\u003e size = optional(number)\u003cbr/\u003e type = optional(string)\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_secondary_private_ips\"\u003e\u003c/a\u003e [secondary\\_private\\_ips](#input\\_secondary\\_private\\_ips) | A list of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e. referenced in a `network_interface block` | `list(string)` | `null` | no |\n| \u003ca name=\"input_security_group_description\"\u003e\u003c/a\u003e [security\\_group\\_description](#input\\_security\\_group\\_description) | Description of the security group | `string` | `null` | no |\n| \u003ca name=\"input_security_group_egress_rules\"\u003e\u003c/a\u003e [security\\_group\\_egress\\_rules](#input\\_security\\_group\\_egress\\_rules) | Egress rules to add to the security group | \u003cpre\u003emap(object({\u003cbr/\u003e cidr_ipv4 = optional(string)\u003cbr/\u003e cidr_ipv6 = optional(string)\u003cbr/\u003e description = optional(string)\u003cbr/\u003e from_port = optional(number)\u003cbr/\u003e ip_protocol = optional(string, \"tcp\")\u003cbr/\u003e prefix_list_id = optional(string)\u003cbr/\u003e referenced_security_group_id = optional(string)\u003cbr/\u003e tags = optional(map(string), {})\u003cbr/\u003e to_port = optional(number)\u003cbr/\u003e }))\u003c/pre\u003e | \u003cpre\u003e{\u003cbr/\u003e \"ipv4_default\": {\u003cbr/\u003e \"cidr_ipv4\": \"0.0.0.0/0\",\u003cbr/\u003e \"description\": \"Allow all IPv4 traffic\",\u003cbr/\u003e \"ip_protocol\": \"-1\"\u003cbr/\u003e },\u003cbr/\u003e \"ipv6_default\": {\u003cbr/\u003e \"cidr_ipv6\": \"::/0\",\u003cbr/\u003e \"description\": \"Allow all IPv6 traffic\",\u003cbr/\u003e \"ip_protocol\": \"-1\"\u003cbr/\u003e }\u003cbr/\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_security_group_ingress_rules\"\u003e\u003c/a\u003e [security\\_group\\_ingress\\_rules](#input\\_security\\_group\\_ingress\\_rules) | Ingress rules to add to the security group | \u003cpre\u003emap(object({\u003cbr/\u003e cidr_ipv4 = optional(string)\u003cbr/\u003e cidr_ipv6 = optional(string)\u003cbr/\u003e description = optional(string)\u003cbr/\u003e from_port = optional(number)\u003cbr/\u003e ip_protocol = optional(string, \"tcp\")\u003cbr/\u003e prefix_list_id = optional(string)\u003cbr/\u003e referenced_security_group_id = optional(string)\u003cbr/\u003e tags = optional(map(string), {})\u003cbr/\u003e to_port = optional(number)\u003cbr/\u003e }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_security_group_name\"\u003e\u003c/a\u003e [security\\_group\\_name](#input\\_security\\_group\\_name) | Name to use on security group created | `string` | `null` | no |\n| \u003ca name=\"input_security_group_tags\"\u003e\u003c/a\u003e [security\\_group\\_tags](#input\\_security\\_group\\_tags) | A map of additional tags to add to the security group created | `map(string)` | `{}` | no |\n| \u003ca name=\"input_security_group_use_name_prefix\"\u003e\u003c/a\u003e [security\\_group\\_use\\_name\\_prefix](#input\\_security\\_group\\_use\\_name\\_prefix) | Determines whether the security group name (`security_group_name` or `name`) is used as a prefix | `bool` | `true` | no |\n| \u003ca name=\"input_security_group_vpc_id\"\u003e\u003c/a\u003e [security\\_group\\_vpc\\_id](#input\\_security\\_group\\_vpc\\_id) | VPC ID to create the security group in. If not set, the security group will be created in the default VPC | `string` | `null` | no |\n| \u003ca name=\"input_source_dest_check\"\u003e\u003c/a\u003e [source\\_dest\\_check](#input\\_source\\_dest\\_check) | Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs | `bool` | `null` | no |\n| \u003ca name=\"input_spot_instance_interruption_behavior\"\u003e\u003c/a\u003e [spot\\_instance\\_interruption\\_behavior](#input\\_spot\\_instance\\_interruption\\_behavior) | Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate` | `string` | `null` | no |\n| \u003ca name=\"input_spot_launch_group\"\u003e\u003c/a\u003e [spot\\_launch\\_group](#input\\_spot\\_launch\\_group) | A launch group is a group of spot instances that launch together and terminate together. If left empty instances are launched and terminated individually | `string` | `null` | no |\n| \u003ca name=\"input_spot_price\"\u003e\u003c/a\u003e [spot\\_price](#input\\_spot\\_price) | The maximum price to request on the spot market. Defaults to on-demand price | `string` | `null` | no |\n| \u003ca name=\"input_spot_type\"\u003e\u003c/a\u003e [spot\\_type](#input\\_spot\\_type) | If set to one-time, after the instance is terminated, the spot request will be closed. Default `persistent` | `string` | `null` | no |\n| \u003ca name=\"input_spot_valid_from\"\u003e\u003c/a\u003e [spot\\_valid\\_from](#input\\_spot\\_valid\\_from) | The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) | `string` | `null` | no |\n| \u003ca name=\"input_spot_valid_until\"\u003e\u003c/a\u003e [spot\\_valid\\_until](#input\\_spot\\_valid\\_until) | The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) | `string` | `null` | no |\n| \u003ca name=\"input_spot_wait_for_fulfillment\"\u003e\u003c/a\u003e [spot\\_wait\\_for\\_fulfillment](#input\\_spot\\_wait\\_for\\_fulfillment) | If set, Terraform will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached | `bool` | `null` | no |\n| \u003ca name=\"input_subnet_id\"\u003e\u003c/a\u003e [subnet\\_id](#input\\_subnet\\_id) | The VPC Subnet ID to launch in | `string` | `null` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | A mapping of tags to assign to the resource | `map(string)` | `{}` | no |\n| \u003ca name=\"input_tenancy\"\u003e\u003c/a\u003e [tenancy](#input\\_tenancy) | The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host | `string` | `null` | no |\n| \u003ca name=\"input_timeouts\"\u003e\u003c/a\u003e [timeouts](#input\\_timeouts) | Define maximum timeout for creating, updating, and deleting EC2 instance resources | \u003cpre\u003eobject({\u003cbr/\u003e create = optional(string)\u003cbr/\u003e update = optional(string)\u003cbr/\u003e delete = optional(string)\u003cbr/\u003e })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_user_data\"\u003e\u003c/a\u003e [user\\_data](#input\\_user\\_data) | The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user\\_data\\_base64 instead | `string` | `null` | no |\n| \u003ca name=\"input_user_data_base64\"\u003e\u003c/a\u003e [user\\_data\\_base64](#input\\_user\\_data\\_base64) | Can be used instead of user\\_data to pass base64-encoded binary data directly. Use this instead of user\\_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption | `string` | `null` | no |\n| \u003ca name=\"input_user_data_replace_on_change\"\u003e\u003c/a\u003e [user\\_data\\_replace\\_on\\_change](#input\\_user\\_data\\_replace\\_on\\_change) | When used in combination with user\\_data or user\\_data\\_base64 will trigger a destroy and recreate when set to true. Defaults to false if not set | `bool` | `null` | no |\n| \u003ca name=\"input_volume_tags\"\u003e\u003c/a\u003e [volume\\_tags](#input\\_volume\\_tags) | A mapping of tags to assign to the devices created by the instance at launch time | `map(string)` | `{}` | no |\n| \u003ca name=\"input_vpc_security_group_ids\"\u003e\u003c/a\u003e [vpc\\_security\\_group\\_ids](#input\\_vpc\\_security\\_group\\_ids) | A list of security group IDs to associate with | `list(string)` | `[]` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_ami\"\u003e\u003c/a\u003e [ami](#output\\_ami) | AMI ID that was used to create the instance |\n| \u003ca name=\"output_arn\"\u003e\u003c/a\u003e [arn](#output\\_arn) | The ARN of the instance |\n| \u003ca name=\"output_availability_zone\"\u003e\u003c/a\u003e [availability\\_zone](#output\\_availability\\_zone) | The availability zone of the created instance |\n| \u003ca name=\"output_capacity_reservation_specification\"\u003e\u003c/a\u003e [capacity\\_reservation\\_specification](#output\\_capacity\\_reservation\\_specification) | Capacity reservation specification of the instance |\n| \u003ca name=\"output_ebs_block_device\"\u003e\u003c/a\u003e [ebs\\_block\\_device](#output\\_ebs\\_block\\_device) | EBS block device information |\n| \u003ca name=\"output_ebs_volumes\"\u003e\u003c/a\u003e [ebs\\_volumes](#output\\_ebs\\_volumes) | Map of EBS volumes created and their attributes |\n| \u003ca name=\"output_ephemeral_block_device\"\u003e\u003c/a\u003e [ephemeral\\_block\\_device](#output\\_ephemeral\\_block\\_device) | Ephemeral block device information |\n| \u003ca name=\"output_iam_instance_profile_arn\"\u003e\u003c/a\u003e [iam\\_instance\\_profile\\_arn](#output\\_iam\\_instance\\_profile\\_arn) | ARN assigned by AWS to the instance profile |\n| \u003ca name=\"output_iam_instance_profile_id\"\u003e\u003c/a\u003e [iam\\_instance\\_profile\\_id](#output\\_iam\\_instance\\_profile\\_id) | Instance profile's ID |\n| \u003ca name=\"output_iam_instance_profile_unique\"\u003e\u003c/a\u003e [iam\\_instance\\_profile\\_unique](#output\\_iam\\_instance\\_profile\\_unique) | Stable and unique string identifying the IAM instance profile |\n| \u003ca name=\"output_iam_role_arn\"\u003e\u003c/a\u003e [iam\\_role\\_arn](#output\\_iam\\_role\\_arn) | The Amazon Resource Name (ARN) specifying the IAM role |\n| \u003ca name=\"output_iam_role_name\"\u003e\u003c/a\u003e [iam\\_role\\_name](#output\\_iam\\_role\\_name) | The name of the IAM role |\n| \u003ca name=\"output_iam_role_unique_id\"\u003e\u003c/a\u003e [iam\\_role\\_unique\\_id](#output\\_iam\\_role\\_unique\\_id) | Stable and unique string identifying the IAM role |\n| \u003ca name=\"output_id\"\u003e\u003c/a\u003e [id](#output\\_id) | The ID of the instance |\n| \u003ca name=\"output_instance_state\"\u003e\u003c/a\u003e [instance\\_state](#output\\_instance\\_state) | The state of the instance |\n| \u003ca name=\"output_ipv6_addresses\"\u003e\u003c/a\u003e [ipv6\\_addresses](#output\\_ipv6\\_addresses) | The IPv6 address assigned to the instance, if applicable |\n| \u003ca name=\"output_outpost_arn\"\u003e\u003c/a\u003e [outpost\\_arn](#output\\_outpost\\_arn) | The ARN of the Outpost the instance is assigned to |\n| \u003ca name=\"output_password_data\"\u003e\u003c/a\u003e [password\\_data](#output\\_password\\_data) | Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true |\n| \u003ca name=\"output_primary_network_interface_id\"\u003e\u003c/a\u003e [primary\\_network\\_interface\\_id](#output\\_primary\\_network\\_interface\\_id) | The ID of the instance's primary network interface |\n| \u003ca name=\"output_private_dns\"\u003e\u003c/a\u003e [private\\_dns](#output\\_private\\_dns) | The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC |\n| \u003ca name=\"output_private_ip\"\u003e\u003c/a\u003e [private\\_ip](#output\\_private\\_ip) | The private IP address assigned to the instance |\n| \u003ca name=\"output_public_dns\"\u003e\u003c/a\u003e [public\\_dns](#output\\_public\\_dns) | The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC |\n| \u003ca name=\"output_public_ip\"\u003e\u003c/a\u003e [public\\_ip](#output\\_public\\_ip) | The public IP address assigned to the instance, if applicable. |\n| \u003ca name=\"output_root_block_device\"\u003e\u003c/a\u003e [root\\_block\\_device](#output\\_root\\_block\\_device) | Root block device information |\n| \u003ca name=\"output_security_group_arn\"\u003e\u003c/a\u003e [security\\_group\\_arn](#output\\_security\\_group\\_arn) | Amazon Resource Name (ARN) of the security group |\n| \u003ca name=\"output_security_group_id\"\u003e\u003c/a\u003e [security\\_group\\_id](#output\\_security\\_group\\_id) | ID of the security group |\n| \u003ca name=\"output_spot_bid_status\"\u003e\u003c/a\u003e [spot\\_bid\\_status](#output\\_spot\\_bid\\_status) | The current bid status of the Spot Instance Request |\n| \u003ca name=\"output_spot_instance_id\"\u003e\u003c/a\u003e [spot\\_instance\\_id](#output\\_spot\\_instance\\_id) | The Instance ID (if any) that is currently fulfilling the Spot Instance request |\n| \u003ca name=\"output_spot_request_state\"\u003e\u003c/a\u003e [spot\\_request\\_state](#output\\_spot\\_request\\_state) | The current request state of the Spot Instance Request |\n| \u003ca name=\"output_tags_all\"\u003e\u003c/a\u003e [tags\\_all](#output\\_tags\\_all) | A map of tags assigned to the resource, including those inherited from the provider default\\_tags configuration block |\n\u003c!-- END_TF_DOCS --\u003e\n\n## Authors\n\nModule is maintained by [Anton Babenko](https://github.com/antonbabenko) with help from [these awesome contributors](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/graphs/contributors).\n\n## License\n\nApache 2 Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/tree/master/LICENSE) for full details.\n\n## Additional information for users from Russia and Belarus\n\n* Russia has [illegally annexed Crimea in 2014](https://en.wikipedia.org/wiki/Annexation_of_Crimea_by_the_Russian_Federation) and [brought the war in Donbas](https://en.wikipedia.org/wiki/War_in_Donbas) followed by [full-scale invasion of Ukraine in 2022](https://en.wikipedia.org/wiki/2022_Russian_invasion_of_Ukraine).\n* Russia has brought sorrow and devastations to millions of Ukrainians, killed hundreds of innocent people, damaged thousands of buildings, and forced several million people to flee.\n* [Putin khuylo!](https://en.wikipedia.org/wiki/Putin_khuylo!)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-ec2-instance","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-ec2-instance","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fterraform-aws-modules%2Fterraform-aws-ec2-instance/lists"}