Hi,
I am new here, sorry if this topic is already created.
I am trying to create role, policy, ec2 instance profile from terraform(2 .json
files includes access to ec2), below is the .tf
file, please advise where am I doing wrong.
iamroles.tf
resource "aws_iam_role_policy" "ec2_policy" {
name = "ec2_policy"
role = "aws_iam_role.javahome_ec2_role.id"
policy = file("ec2-policy.json")
}
resource "aws_iam_role" "javahome_ec2_role" {
name = "javahome_ec2_role"
assume_role_policy = file("ec2-assume-policy.json")
}
resource "aws_iam_instance_profile" "ec2_profile" {
name = "javahome_ec2_profile"
role = "aws_iam_role.javahome_ec2_role.name"
}
ec2-machines.tf
provider "aws" {
region = var.region
}
resource "aws_instance" "web" {
ami = var.ami[var.region]
instance_type = "t2.micro"
iam_instance_profile = "aws_iam_instance_profile.ec2_profile.name"
tags = {
Name = "HelloWorld"
}
}
variables.tf
variable "region" {
default = "us-west-2"
}
variable "ami" {
type = map
default = {
us-west-2 = "ami-0b1e2eeb33ce3d66f" # US West (Oregon)
}
description = "have only added one region"
}
Receiving the below 3 error messages while running terraform apply -
Error launching source instance: InvalidParameterValue: Value (aws_iam_instance_profile.ec2_profile.name) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name
status code: 400, request id: 36f38b3b-b348-4a59-9d7b-970592af897a
on ec2-machines.tf line 5, in resource "aws_instance" "web":
5: resource "aws_instance" "web" {
Error putting IAM role policy ec2_policy: NoSuchEntity: The role with name aws_iam_role.javahome_ec2_role.id cannot be found.
status code: 404, request id: 727c6477-0e7a-45cf-ae0b-232df92725eb
on iamroles.tf line 1, in resource "aws_iam_role_policy" "ec2_policy":
1: resource "aws_iam_role_policy" "ec2_policy" {
Error adding role aws_iam_role.javahome_ec2_role.name to IAM instance profile javahome_ec2_profile: Error adding IAM Role aws_iam_role.javahome_ec2_role.name to Instance Profile javahome_ec2_profile: NoSuchEntity: The role with name aws_iam_role.javahome_ec2_role.name cannot be found.
status code: 404, request id: 02fe931e-a00b-4233-b20b-9045883ac1bc
on iamroles.tf line 12, in resource "aws_iam_instance_profile" "ec2_profile":
12: resource "aws_iam_instance_profile" "ec2_profile" {
Requesting someone to please help me on this.