Add the EC2 instance in the private subnet and gitignore file

diff --git a/assessment/.gitignore b/assessment/.gitignore
new file mode 100644 (file)
index 0000000..626270d
--- /dev/null
+++ b/assessment/.gitignore
@@ -0,0 +1,9 @@
+# Docs and files generated by Terraform
+.terraform/
+*.tfstate
+*.tfstate.*
+crash.log
+
+# Sensible variables
+*.tfvars
+*.tfvars.json

diff --git a/assessment/terraform/main.tf b/assessment/terraform/main.tf
index 8003c7fb07e073818e50c7de11f5db08f744bd0c..33092c5be35e9e2c6dc22c6c363069910f80eb8d 100644 (file)
--- a/assessment/terraform/main.tf
+++ b/assessment/terraform/main.tf
@@ -157,3 +157,20 @@ resource "aws_iam_instance_profile" "ec2_ssm_profile" {
   role = aws_iam_role.ec2_ssm_role.name
 }
 
+# -------------------------------------------------------
+
+# EC2 instance
+resource "aws_instance" "wazuh" {
+  ami                    = var.ami_id
+  instance_type          = "t3.xlarge"
+  subnet_id              = aws_subnet.private[0].id
+  vpc_security_group_ids = [aws_security_group.wazuh_ec2.id]
+  iam_instance_profile   = aws_iam_instance_profile.ec2_ssm_profile.name
+
+  associate_public_ip_address = false
+
+  tags = {
+    Name = "wazuh-ec2"
+  }
+}
+

diff --git a/assessment/terraform/variables.tf b/assessment/terraform/variables.tf
index 1a4b05280d6cf4e2707f36ad7ce7c90cc5315e49..21ded167034b7a8b8fd3f80a0f9d52873a270750 100644 (file)
--- a/assessment/terraform/variables.tf
+++ b/assessment/terraform/variables.tf
@@ -24,3 +24,8 @@ variable "availability_zones" {
   default = ["us-east-1a", "us-east-1b"]
 }
 
+# AMI var
+variable "ami_id" {
+  description = "AMI ID for EC2 instance"
+  type        = string
+}