Search code examples
amazon-web-servicesnetwork-programmingamazon-ec2sshterraform

I created an aws ec2 Instance with the terraform, now im not able to ssh into the machine

I created an aws ec2 Instance with the terraform, now im not able to ssh into the machine this is the terraform code i used, regions i think are correct

resource "aws_key_pair" "test-terraform" {
  key_name   = "test-terraform"
  public_key = file("~/Documents/key-pairs/test-terraform.pub")
}

resource "aws_vpc" "main" {
  cidr_block       = "10.0.0.0/16"
  instance_tenancy = "default"

  tags = {
    Name = "main"
  }
}

resource "aws_subnet" "main_subnet" {
  vpc_id     = aws_vpc.main.id         # reference the related VPC id here
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1a"     # optional

  tags = {
    Name = "main_subnet"
  }
}

resource "aws_security_group" "main_security_group" {

  name = "main-security-group"
  description = "Security group for ec2 instances"
  vpc_id = aws_vpc.main.id     # reference the related VPC id 

  tags = {
    Name = "main_security_group"
  }

  # Allow all outbound traffic
  egress {
    from_port = 0
    to_port   = 0
    protocol = "-1"              
    cidr_blocks = ["0.0.0.0/0"]
  }

  # Allow SSH inbound traffic
  ingress {
    from_port = 0
    to_port   = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"] # You can restrict this to specific IP addresses for better security
  }

}

resource "aws_instance" "web_server" {
  ami           = "ami-080e1f13689e07408" # Update with your desired AMI ID
  instance_type = "t2.micro"

  vpc_security_group_ids = [aws_security_group.main_security_group.id]
  subnet_id = aws_subnet.main_subnet.id  # Associate with the public subnet
  associate_public_ip_address = true  # Allocate a public IP address to the instance
  key_name = aws_key_pair.test-terraform.key_name  # ti add jkey from referencing it, key must be generated locally and the public key must be referenced check the block below

  # Optional but good security measure
#   metadata_options {
#     http_tokens     = "required"  # Require the use of IMDSv2
#     http_put_response_hop_limit = 1  # Ensure only one hop for HTTP PUT requests
#   }

  # Add tags (optional)
  tags = {
    Name = "Web Server Instance"
  }
}

output "public_ip" {
  value = aws_instance.web_server.public_ip
}

I checked the networking seems to be fine, Even the Aws console is unable to connect that tells me key is not the problem. this might be silly mistake but looking forward to an solution

Solution

  • Your Terraform template is missing a couple of things that are needed for inbound and outbound network traffic, and they are:

    1. an Internet Gateway (IGW)
    2. a route table entry for your public subnets with a default route to the IGW

    You can easily add them, something like this:

    resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id
 
  tags = {
    Name = "VPC IGW"
  }
}

resource "aws_route_table" "rtb2" {
  vpc_id = aws_vpc.main.id
 
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }
 
  tags = {
    Name = "Route Table 2 for IGW"
  }
}