Skip to content

Terraform AWS EC2 Instance

Terraform module which creates EC2 instance(s) on AWS with comprehensive features including spot instances, IAM instance profiles, security groups, EBS volumes, and elastic IPs.

Implemented Controls

The following compliance controls are implemented in this module.

Compliance.tf registry endpoints

module "ec2_instance" {
  source  = "acscessentialeight.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "acscism2023.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "awscontroltower.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "awsgenai.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "awswellarchitected.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cccsmedium.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cfrpart11.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cis.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cisv500.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cisv600.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cisv80ig1.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "cisacyberessentials.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "eugmpannex11.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "fedramplow.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "fedrampmoderate.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "ffiec.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "gdpr.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "hipaa.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "iso27001.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "nist800171.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "nist80053.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "nistcsf.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "nydfs23.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "pcidss.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "rbicybersecurity.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "rbiitfnbfc.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}
module "ec2_instance" {
  source  = "soc2.compliance.tf/terraform-aws-modules/ec2-instance/aws"
  version = "<version>"

  # ... your arguments here
}

See the Technical Usage Guide to get started and read the Features section for more details on how to customize the module for your requirements.

Mapped compliance frameworks

CT-1.0.1: 1.0.1 - Disallow launch of EC2 instance types that are not EBS-optimized

CT-1.0.3: 1.0.3 - Enable encryption for EBS volumes attached to EC2 instances

2.2.1: Ensure EBS volume encryption is enabled

1.17 Ensure IAM instance roles are used for AWS resource access from instances

5.7 Ensure that the EC2 Metadata Service only allows IMDSv2

2.17 Ensure IAM instance roles are used for AWS resource access from instances

6.7 Ensure that the EC2 Metadata Service only allows IMDSv2