Skip to content
This repository has been archived by the owner on Jan 25, 2023. It is now read-only.

Add encrypted option for root block device and add ebs specifications #161

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add encrypted option for root block device and add ebs specifications #161

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions modules/consul-cluster/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,10 +75,19 @@ resource "aws_launch_configuration" "launch_configuration" {

ebs_optimized = var.root_volume_ebs_optimized

ebs_block_device {
device_name = var.ebs_device_name
volume_size = var.ebs_volume_size
volume_type = var.ebs_volume_type
delete_on_termination = var.ebs_volume_delete_on_termination
encrypted = var.ebs_volume_encrypted
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not always add an EBS block device. Instead, add a new ebs_block_devices input variable, which contains a list of objects, and use that as the value with for_each. The default will be an empty list to maintain backwards compatibility, but now you can override the list to add one or more EBS volumes.


root_block_device {
volume_type = var.root_volume_type
volume_size = var.root_volume_size
delete_on_termination = var.root_volume_delete_on_termination
encrypted = var.root_volume_encrypted
}

# Important note: whenever using a launch configuration with an auto scaling group, you must set
Expand Down
36 changes: 36 additions & 0 deletions modules/consul-cluster/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,42 @@ variable "root_volume_delete_on_termination" {
default = true
}

variable "root_volume_encrypted" {
description = "If true, the root volume will be encrypted."
type = bool
default = false
}

variable "ebs_device_name" {
description = "The name of the ebs volume. For example /dev/sdb"
type = bool
default = "/dev/sdb"
}

variable "ebs_volume_size" {
description = "The size, in GB, of the ebs EBS volume."
type = bool
default = number
}

variable "ebs_volume_type" {
description = "The type of volume. Must be one of: standard, gp2, or io1.."
type = string
default = "standard"
}

variable "ebs_volume_delete_on_termination" {
description = "Whether the volume should be destroyed on instance termination."
type = bool
default = true
}

variable "ebs_volume_encrypted" {
description = "If true, the root volume will be encrypted."
type = bool
default = false
}

variable "wait_for_capacity_timeout" {
description = "A maximum duration that Terraform should wait for ASG instances to be healthy before timing out. Setting this to '0' causes Terraform to skip all Capacity Waiting behavior."
type = string
Expand Down