aws-ec2-public-ip¶
EC2 instance should not have public IP.
Examples¶
Insecure Example
resource "aws_instance" "web" {
ami = data.aws_ami.ubuntu.id
instance_type = "t3.micro"
associate_public_ip_address = true
}
resource "aws_launch_template" "pass_ec2_launch_template" {
image_id = "data.aws_ami.ubuntu.id"
instance_type = "t3.micro"
associate_public_ip_address = true
key_name = "test key name"
}
AWSTemplateFormatVersion: "2010-09-09"
Resources:
EC2InstanceResource0:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-123
NetworkInterfaces:
- AssociatePublicIpAddress: true
DeviceIndex: "0"
GroupSet:
- "myGroup"
SubnetId: "PublicSubnet"
AWSTemplateFormatVersion: "2010-09-09"
Resources:
EC2LaunchTemplateResource0:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateData:
ImageId: ami-123
NetworkInterfaces:
- AssociatePublicIpAddress: true
DeviceIndex: "0"
Groups:
- "myGroup"
SubnetId: "PublicSubnet"
Secure Example
resource "aws_instance" "web" {
ami = data.aws_ami.ubuntu.id
instance_type = "t3.micro"
associate_public_ip_address = false
key_name = "test key name"
}
resource "aws_launch_template" "pass_ec2_launch_template" {
image_id = "data.aws_ami.ubuntu.id"
instance_type = "t3.micro"
associate_public_ip_address = false
}
AWSTemplateFormatVersion: "2010-09-09"
Resources:
EC2InstanceResource0:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-123
NetworkInterfaces:
- AssociatePublicIpAddress: false
DeviceIndex: "0"
GroupSet:
- "myGroup"
SubnetId: "PublicSubnet"
AWSTemplateFormatVersion: "2010-09-09"
Resources:
EC2LaunchTemplateResource0:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateData:
ImageId: ami-123
NetworkInterfaces:
- AssociatePublicIpAddress: false
DeviceIndex: "0"
Groups:
- "myGroup"
SubnetId: "PublicSubnet"