duduribeiro/terraform_bastion.tf

## terraform_bastion.tf
data "aws_ami" "ubuntu" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  owners = ["099720109477"] # Canonical
}

resource "aws_instance" "test" {
  ami = "${data.aws_ami.ubuntu.id}"
  instance_type = "t2.micro"
  subnet_id     = "${module.networking.private_subnets_id[0]}"
  vpc_security_group_ids = ["${module.networking.default_sg_id}"]
  key_name      = "${var.key_name}"

  tags {
    Name = "test-private"
  }
}

resource "aws_security_group" "bastion" {
  vpc_id      = "${module.networking.vpc_id}"
  name        = "${var.environment}-bastion-host"
  description = "Allow SSH to bastion host"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 8
    to_port     = 0
    protocol    = "icmp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags {
    Name        = "${var.environment}-bastion-sg"
    Environment = "${var.environment}"
  }
}

resource "aws_instance" "bastion" {
  ami                         = "${data.aws_ami.ubuntu.id}"
  instance_type               = "t2.micro"
  key_name                    = "${var.key_name}"
  monitoring                  = true
  vpc_security_group_ids      = ["${aws_security_group.bastion.id}"]
  subnet_id                   = "${module.networking.public_subnets_id[0]}"
  associate_public_ip_address = true

  tags {
    Name        = "${var.environment}-bastion"
    Environment = "${var.environment}"
  }
}
	data "aws_ami" "ubuntu" {
	most_recent = true

	filter {
	name = "name"
	values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
	}

	filter {
	name = "virtualization-type"
	values = ["hvm"]
	}

	owners = ["099720109477"] # Canonical
	}

	resource "aws_instance" "test" {
	ami = "${data.aws_ami.ubuntu.id}"
	instance_type = "t2.micro"
	subnet_id = "${module.networking.private_subnets_id[0]}"
	vpc_security_group_ids = ["${module.networking.default_sg_id}"]
	key_name = "${var.key_name}"

	tags {
	Name = "test-private"
	}
	}

	resource "aws_security_group" "bastion" {
	vpc_id = "${module.networking.vpc_id}"
	name = "${var.environment}-bastion-host"
	description = "Allow SSH to bastion host"

	ingress {
	from_port = 22
	to_port = 22
	protocol = "tcp"
	cidr_blocks = ["0.0.0.0/0"]
	}

	egress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}

	ingress {
	from_port = 8
	to_port = 0
	protocol = "icmp"
	cidr_blocks = ["0.0.0.0/0"]
	}

	tags {
	Name = "${var.environment}-bastion-sg"
	Environment = "${var.environment}"
	}
	}

	resource "aws_instance" "bastion" {
	ami = "${data.aws_ami.ubuntu.id}"
	instance_type = "t2.micro"
	key_name = "${var.key_name}"
	monitoring = true
	vpc_security_group_ids = ["${aws_security_group.bastion.id}"]
	subnet_id = "${module.networking.public_subnets_id[0]}"
	associate_public_ip_address = true

	tags {
	Name = "${var.environment}-bastion"
	Environment = "${var.environment}"
	}
	}