diff --git a/examples/basic/main.tf b/examples/basic/main.tf index b8a3cdca..05276a93 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -58,10 +58,13 @@ resource "aws_placement_group" "web" { strategy = "cluster" } +resource "aws_kms_key" "this" { +} + module "ec2" { source = "../../" - instance_count = 2 + instance_count = 1 name = "example-normal" ami = data.aws_ami.amazon_linux.id @@ -79,6 +82,16 @@ module "ec2" { }, ] + ebs_block_device = [ + { + device_name = "/dev/sdf" + volume_type = "gp2" + volume_size = 5 + encrypted = true + kms_key_id = aws_kms_key.this.arn + } + ] + tags = { "Env" = "Private" "Location" = "Secret" diff --git a/main.tf b/main.tf index 560fb2e1..afdd5364 100644 --- a/main.tf +++ b/main.tf @@ -32,7 +32,9 @@ resource "aws_instance" "this" { for_each = var.root_block_device content { delete_on_termination = lookup(root_block_device.value, "delete_on_termination", null) + encrypted = lookup(root_block_device.value, "encrypted", null) iops = lookup(root_block_device.value, "iops", null) + kms_key_id = lookup(root_block_device.value, "kms_key_id", null) volume_size = lookup(root_block_device.value, "volume_size", null) volume_type = lookup(root_block_device.value, "volume_type", null) } @@ -45,6 +47,7 @@ resource "aws_instance" "this" { device_name = ebs_block_device.value.device_name encrypted = lookup(ebs_block_device.value, "encrypted", null) iops = lookup(ebs_block_device.value, "iops", null) + kms_key_id = lookup(ebs_block_device.value, "kms_key_id", null) snapshot_id = lookup(ebs_block_device.value, "snapshot_id", null) volume_size = lookup(ebs_block_device.value, "volume_size", null) volume_type = lookup(ebs_block_device.value, "volume_type", null)