Creates a pipeline for EC2 Image Builder.
module "image_builder_infrastructure_configuration" {
source = "dod-iac/image-builder-infrastructure-configuration/aws"
version = "1.0.0"
iam_instance_profile_name = aws_iam_instance_profile.image_builder_instance_role.name
logging_bucket = var.logging_bucket
name = format("app-%s-%s", var.application, var.environment)
subnet_id = coalesce(var.subnet_ids...)
vpc_id = var.vpc_id
}
module "image_builder_pipeline" {
source = "dod-iac/image-builder-pipeline/aws"
ami_name = format(app-%s-%s-{{ imagebuilder:buildDate }}", var.application, var.environment)
ami_regions = [data.aws_region.current.name]
ami_tags = {
"Automation" : "Terraform",
"Project" : var.project,
"Application" : var.application,
"Environment" : var.environment,
}
base_image = format(
"arn:%s:imagebuilder:%s:aws:image/red-hat-enterprise-linux-7-x86/x.x.x",
data.aws_partition.current.partition,
data.aws_region.current.name
)
components = flatten([
[
{
arn = format(
"arn:%s:imagebuilder:%s:aws:component/aws-cli-version-2-linux/1.0.3/1",
data.aws_partition.current.partition,
data.aws_region.current.name
)
}
],
[
{
arn = module.image_builder_component.arn
}
]
])
name = format("app-%s-%s", var.application, var.environment)
infrastructure_configuration = module.image_builder_infrastructure_configuration.arn
}Terraform 0.13. Pin module version to ~> 1.0.0 . Submit pull-requests to main branch.
Terraform 0.11 and 0.12 are not supported.
This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC § 105. However, because the project utilizes code licensed from contributors and other third parties, it therefore is licensed under the MIT License. See LICENSE file for more information.
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| aws | >= 3.0, < 5.0 |
| Name | Version |
|---|---|
| aws | >= 3.0, < 5.0 |
No modules.
| Name | Type |
|---|---|
| aws_imagebuilder_distribution_configuration.main | resource |
| aws_imagebuilder_image_pipeline.main | resource |
| aws_imagebuilder_image_recipe.main | resource |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ami_description | The description applied to the distributed AMI. | string |
"An Amazon Machine Image (AMI) built with EC2 Image Builder." |
no |
| ami_name | The name of the distributed AMI. Defaults to the name of the pipeline appended with "-{{ imagebuilder:buildDate }}". | string |
"" |
no |
| ami_regions | A list of regions where the AMI will be distributed. Defaults to current region. | list(string) |
[] |
no |
| ami_tags | The tags for the distributed AMI. | map(string) |
{} |
no |
| base_image | The ARN of the base image of the recipe. | string |
n/a | yes |
| check_dependencies | Only run pipeline at the scheduled time if components were updated. | bool |
false |
no |
| components | The ordered components of the recipe. | list(object({ |
n/a | yes |
| description | The description of the pipeline. | string |
"A pipeline for EC2 Image Builder." |
no |
| enabled | Is the pipeline enabled. | bool |
true |
no |
| infrastructure_configuration | The ARN of the infrastructure configuration to use with this pipeline. | string |
n/a | yes |
| name | The name of the pipeline. | string |
n/a | yes |
| recipe_name | The name of the recipe. Defaults to the name of the pipeline. | string |
"" |
no |
| recipe_version | The version of the EC2 Image Builder recipe. | string |
"1.0.0" |
no |
| schedule_expression | Cron expression of how often the pipeline is executed. | string |
"" |
no |
| tags | The tags applied to the recipe and pipeline. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| arn | The ARN of the EC2 Image Builder pipeline. |