Terraform AWS EC2 + EBS Module Documentation

Overview

This Terraform project provisions an AWS VPC, public subnet, security group, EC2 instance, and an encrypted EBS volume attached to the instance. The configuration is modular, using separate modules for networking and security

Folder Structure

terraform-aws-ec2-ebs/
├── main.tf
├── variables.tf
├── outputs.tf
├── versions.tf
├── locals.tf
├── networking/
│   ├── main.tf
│   ├── output.tf
│   └── variables.tf
└── security/
    ├── main.tf
    ├── outputs..tf
    ├── security_note
    └── variables.tf

Modules

Networking Module

• Creates: VPC, public subnet, internet gateway, route table, and associations.
• Inputs: VPC CIDR, subnet CIDR, availability zone, tags, project name, environment.
• Outputs: VPC ID, public subnet ID.

Security Module

• Creates: Security group(s) for EC2 instance.
• Inputs: VPC ID, project name, environment, tags.
• Outputs: Security group ID(s).

Root Module Resources

• aws_instance.web_server: EC2 instance in public subnet.
• aws_ebs_volume.data_volume: Encrypted EBS volume in same AZ as instance.
• aws_volume_attachment.data: Attaches EBS volume to EC2 instance.

Usage

1. Configure AWS Credentials

Set your AWS credentials as environment variables or in your AWS CLI config.

2. Initialize Terraform

terraform init 

3. Review and Customize Variables

Edit variables.tf or use -var CLI flags to override defaults.

4. Plan

terraform plan 

5. Apply

terraform apply 

6. Destroy

terraform destroy 

---

Notes

• Tagging: All resources are tagged with common tags from locals.tf .
• EBS Volume: Encrypted by default. Size/type validated.
• Availability Zone: If not set, uses the first available AZ in the region.
• Security: Security group allows SSH from allowed_ssh_cidr .

Extending

• More modules for private subnets, NAT gateways, etc will be added .
• Add outputs can be added for more resource attributes.
• To integrate with other AWS services as needed.