Added user_data_base64 (fixed terraform-aws-modules#117) (terraform-a…

…ws-modules#137)
Sebor · Nov 19, 2019 · e67836e · e67836e
1 parent 1948e81
commit e67836e
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -124,7 +124,8 @@ data "aws_ami" "ubuntu-xenial" {
 | tags | A mapping of tags to assign to the resource | map(string) | `{}` | no |
 | tenancy | The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host. | string | `"default"` | no |
 | use\_num\_suffix | Always append numerical suffix to instance name, even if instance_count is 1 | bool | `"false"` | no |
-| user\_data | The user data to provide when launching the instance | string | `""` | no |
+| user\_data | The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead. | string | `"null"` | no |
+| user\_data\_base64 | Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. | string | `"null"` | no |
 | volume\_tags | A mapping of tags to assign to the devices created by the instance at launch time | map(string) | `{}` | no |
 | vpc\_security\_group\_ids | A list of security group IDs to associate with | list(string) | `"null"` | no |
 

diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -2,6 +2,13 @@ provider "aws" {
   region = "eu-west-1"
 }
 
+locals {
+  user_data = <<EOF
+#!/bin/bash
+echo "Hello Terraform!"
+EOF
+}
+
 ##################################################################
 # Data sources to get VPC, subnet, security group and AMI details
 ##################################################################
@@ -70,7 +77,7 @@ resource "aws_network_interface" "this" {
 module "ec2" {
   source = "../../"
 
-  instance_count = 2
+  instance_count = 1
 
   name          = "example-normal"
   ami           = data.aws_ami.amazon_linux.id
@@ -81,6 +88,8 @@ module "ec2" {
   associate_public_ip_address = true
   placement_group             = aws_placement_group.web.id
 
+  user_data_base64 = base64encode(local.user_data)
+
   root_block_device = [
     {
       volume_type = "gp2"

diff --git a/main.tf b/main.tf
@@ -5,9 +5,10 @@ locals {
 resource "aws_instance" "this" {
   count = var.instance_count
 
-  ami           = var.ami
-  instance_type = var.instance_type
-  user_data     = var.user_data
+  ami              = var.ami
+  instance_type    = var.instance_type
+  user_data        = var.user_data
+  user_data_base64 = var.user_data_base64
   subnet_id = length(var.network_interface) > 0 ? null : element(
     distinct(compact(concat([var.subnet_id], var.subnet_ids))),
     count.index,

diff --git a/variables.tf b/variables.tf
@@ -110,9 +110,15 @@ variable "source_dest_check" {
 }
 
 variable "user_data" {
-  description = "The user data to provide when launching the instance"
+  description = "The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead."
   type        = string
-  default     = ""
+  default     = null
+}
+
+variable "user_data_base64" {
+  description = "Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption."
+  type        = string
+  default     = null
 }
 
 variable "iam_instance_profile" {