Amazon VPC, security group and SSH access

output

-- partial output of terraform show
 public_dns = ec2-52-91-147-187.compute-1.amazonaws.com
  public_ip = 52.91.147.187
  root_block_device.# = 1
  root_block_device.0.delete_on_termination = true
  root_block_device.0.iops = 100
  root_block_device.0.volume_size = 10
  root_block_device.0.volume_type = gp2
  security_groups.# = 0
  source_dest_check = true
  subnet_id = subnet-37c7080b
  tags.% = 1
  tags.sshUser = ec2-user
  tenancy = default
  vpc_security_group_ids.# = 1
  vpc_security_group_ids.814676736 = sg-e8d21295

vpc-with-instance.tf

resource "aws_vpc" "main" {
    cidr_block = "10.0.0.0/16"
    enable_dns_hostnames = true

    tags {
        Name = "My VPC"
    }
}

resource "aws_subnet" "main" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.1.0/24"

    tags {
        Name = "Main"
    }
}

resource "aws_security_group" "main" {
  name = "main"
  description = "Allow inbound ssh, http"
  vpc_id = "${aws_vpc.main.id}"
  ingress {
      from_port = 22
      to_port = 22
      protocol = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
      from_port = 80
      to_port = 80
      protocol = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

}

resource "aws_instance" "my_instance" {
    ami = "${var.ami}"
    instance_type = "t2.medium"
    key_name = "${var.key_name}"
    subnet_id = "${aws_subnet.main.id}"
    associate_public_ip_address = true
    vpc_security_group_ids = ["${aws_security_group.main.id}"]
  

    tags {
        sshUser = "ec2-user"
    }
}

I can't connect with ssh to the public ip of the instance... so probably something wrong with the security group config. What's the difference between security_groups and vpc_security_group_ids ?

you need to supply an internet gateway check out https://github.com/stack72/kcdc-terraform-demo