terraform-lab/aws-ec2-podman/main.tf


								terraform {

								  required_providers {

								    aws = {

								      source  = "hashicorp/aws"

								      version = "4.34.0"

								    }

								  }

								}


								provider "aws" {

								  region = "eu-west-3"

								}


								provider "aws" {

								  region = "us-east-1"

								  alias  = "aws-us"

								}


								data "aws_ami" "fedora" {

								  provider    = aws.aws-us

								  most_recent = true


								  filter {

								    name   = "name"

								    values = ["Fedora-Cloud-Base-36*x86_64-hvm-*-gp2-*"]

								  }


								  filter {

								    name   = "virtualization-type"

								    values = ["hvm"]

								  }


								  owners = ["125523088429"] # Fedora

								}


								resource "aws_ami_copy" "lab_ami" {

								  name              = "Fedora-Cloud-Base-36.x86_64-hvm-eu-west-3-gp2-0"

								  description       = "A copy of Fedora-Cloud-Base-36-20221013.0.x86_64-hvm-us-east-1-gp2-0"

								  source_ami_id     = data.aws_ami.fedora.id

								  source_ami_region = "us-east-1"


								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_vpc" "lab_vpc" {

								  cidr_block           = "172.16.0.0/16"

								  enable_dns_support   = true

								  enable_dns_hostnames = true


								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_subnet" "lab_subnet" {

								  vpc_id                  = aws_vpc.lab_vpc.id

								  cidr_block              = "172.16.10.0/24"

								  map_public_ip_on_launch = true


								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_route_table" "lab_route" {

								  vpc_id = aws_vpc.lab_vpc.id


								  route {

								    cidr_block = "0.0.0.0/0"

								    gateway_id = aws_internet_gateway.lab_gw.id

								  }


								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_route_table_association" "lab_rta" {

								  subnet_id      = aws_subnet.lab_subnet.id

								  route_table_id = aws_route_table.lab_route.id

								}


								resource "aws_security_group" "lab_podman" {

								  vpc_id = aws_vpc.lab_vpc.id


								  ingress {

								    description = "Incoming SSH connection"

								    from_port   = 22

								    to_port     = 22

								    protocol    = "tcp"

								    cidr_blocks = ["0.0.0.0/0"]

								  }


								  egress {

								    description = "Outgoing connections"

								    from_port   = 0

								    to_port     = 0

								    protocol    = -1

								    cidr_blocks = ["0.0.0.0/0"]

								  }


								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_internet_gateway" "lab_gw" {

								  vpc_id = aws_vpc.lab_vpc.id

								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_key_pair" "admin" {

								  key_name   = "lab-podman-nmasse@redhat.com"

								  public_key = file("~/.ssh/id_ed25519.pub")

								  tags = {

								    Name = "lab-podman"

								  }

								}


								resource "aws_instance" "lab_podman" {

								  ami                         = aws_ami_copy.lab_ami.id

								  instance_type               = "m5a.xlarge"

								  key_name                    = aws_key_pair.admin.key_name

								  subnet_id                   = aws_subnet.lab_subnet.id

								  depends_on                  = [aws_internet_gateway.lab_gw]

								  vpc_security_group_ids      = [aws_security_group.lab_podman.id]

								  user_data                   = filebase64("cloud-init/user-data.yaml.gz")

								  associate_public_ip_address = true


								  credit_specification {

								    cpu_credits = "unlimited"

								  }


								  tags = {

								    Name = "lab-podman"

								  }

								}


								output "public_ip" {

								  value = aws_instance.lab_podman.public_ip

								}