aws.ec2-launch-template resource¶
Description¶
LaunchTemplate is an EC2 launch template: a named, versioned object holding the configuration to launch instances from. Each change to the instance configuration is an immutable new version (CreateLaunchTemplateVersion), and the template's default version is set by a separate call (ModifyLaunchTemplate) rather than by editing a version in place. The template name is fixed at creation, so a change to it replaces the template; everything else lives under the data block and is reconciled by building a fresh version. The data block is built whole from the declared inputs each time, so a removed sub-block is simply absent from the next version, not cleared with a sentinel.
Several niche or legacy members of the SDK launch-template data are deliberately not modeled: kernel-id and ram-disk-id (legacy paravirtual fields), secondary-interfaces (a recent multi-interface block), and instance-requirements (the attribute-based instance-type selection tree). With instance-requirements absent, instance-type is a plain optional field.
Source: internal/service/ec2/launch_template_rsrc.go:35
Example usage:
imports: {
aws: 'github.com/cloudboss/unobin-library-aws'
}
resources: {
example: aws.ec2-launch-template {
# Set input fields here.
}
}
Inputs¶
name
string
version-description
optional(string)
default-version
optional(integer)
update-default-version
optional(boolean)
tags
map(string)
data
object
object({
image-id: optional(string)
instance-type: optional(string)
key-name: optional(string)
user-data: optional(string)
ebs-optimized: optional(boolean)
disable-api-stop: optional(boolean)
disable-api-termination: optional(boolean)
instance-initiated-shutdown-behavior: optional(string)
security-group-ids: optional(list(string))
security-groups: optional(list(string))
block-device-mappings: optional(
list(
object({
device-name: optional(string)
no-device: optional(string)
virtual-name: optional(string)
ebs: optional(
object({
delete-on-termination: optional(boolean)
encrypted: optional(boolean)
iops: optional(integer)
kms-key-id: optional(string)
snapshot-id: optional(string)
throughput: optional(integer)
volume-initialization-rate: optional(integer)
volume-size: optional(integer)
volume-type: optional(string)
})
)
})
)
)
network-interfaces: optional(
list(
object({
associate-carrier-ip-address: optional(boolean)
associate-public-ip-address: optional(boolean)
delete-on-termination: optional(boolean)
description: optional(string)
device-index: optional(integer)
interface-type: optional(string)
ipv4-prefix-count: optional(integer)
ipv4-prefixes: optional(list(string))
ipv6-address-count: optional(integer)
ipv6-addresses: optional(list(string))
ipv6-prefix-count: optional(integer)
ipv6-prefixes: optional(list(string))
network-card-index: optional(integer)
network-interface-id: optional(string)
primary-ipv6: optional(boolean)
private-ip-address: optional(string)
ipv4-addresses: optional(list(string))
ipv4-address-count: optional(integer)
subnet-id: optional(string)
groups: optional(list(string))
ena-srd-specification: optional(
object({
ena-srd-enabled: optional(boolean)
ena-srd-udp-specification: optional(
object({
ena-srd-udp-enabled: optional(boolean)
})
)
})
)
connection-tracking-specification: optional(
object({
tcp-established-timeout: optional(integer)
udp-stream-timeout: optional(integer)
udp-timeout: optional(integer)
})
)
})
)
)
iam-instance-profile: optional(
object({
arn: optional(string)
name: optional(string)
})
)
monitoring: optional(
object({
enabled: optional(boolean)
})
)
metadata-options: optional(
object({
http-endpoint: optional(string)
http-protocol-ipv6: optional(string)
http-put-response-hop-limit: optional(integer)
http-tokens: optional(string)
instance-metadata-tags: optional(string)
})
)
placement: optional(
object({
affinity: optional(string)
availability-zone: optional(string)
availability-zone-id: optional(string)
group-id: optional(string)
group-name: optional(string)
host-id: optional(string)
host-resource-group-arn: optional(string)
partition-number: optional(integer)
spread-domain: optional(string)
tenancy: optional(string)
})
)
tag-specifications: optional(
list(
object({
resource-type: optional(string)
tags: map(string)
})
)
)
credit-specification: optional(
object({
cpu-credits: optional(string)
})
)
cpu-options: optional(
object({
amd-sev-snp: optional(string)
core-count: optional(integer)
nested-virtualization: optional(string)
threads-per-core: optional(integer)
})
)
enclave-options: optional(
object({
enabled: optional(boolean)
})
)
hibernation-options: optional(
object({
configured: optional(boolean)
})
)
private-dns-name-options: optional(
object({
enable-resource-name-dns-aaaa-record: optional(boolean)
enable-resource-name-dns-a-record: optional(boolean)
hostname-type: optional(string)
})
)
maintenance-options: optional(
object({
auto-recovery: optional(string)
})
)
license-specifications: optional(
list(
object({
license-configuration-arn: optional(string)
})
)
)
instance-market-options: optional(
object({
market-type: optional(string)
spot-options: optional(
object({
block-duration-minutes: optional(integer)
instance-interruption-behavior: optional(string)
max-price: optional(string)
spot-instance-type: optional(string)
valid-until: optional(string)
})
)
})
)
capacity-reservation-specification: optional(
object({
capacity-reservation-preference: optional(string)
capacity-reservation-target: optional(
object({
capacity-reservation-id: optional(string)
capacity-reservation-resource-group-arn: optional(string)
})
)
})
)
network-performance-options: optional(
object({
bandwidth-weighting: optional(string)
})
)
})Input Constraints¶
Field combinations
At most one of default-version or update-default-version.
Data rules
At most one of data.security-groups or data.security-group-ids.
At most one of data.iam-instance-profile.arn or data.iam-instance-profile.name.
At most one of data.placement.group-id or data.placement.group-name.
At most one of data.placement.host-resource-group-arn or data.placement.host-id.
At most one of data.capacity-reservation-specification.capacity-reservation-target.capacity-reservation-id or data.capacity-reservation-specification.capacity-reservation-target.capacity-reservation-resource-group-arn.
capacity-reservation-preference must be capacity-reservations-only, open, or none.
Rule logic
- When
input.data.capacity-reservation-specification.capacity-reservation-preference != null- Require
input.data.capacity-reservation-specification.capacity-reservation-preference == 'capacity-reservations-only'
|| input.data.capacity-reservation-specification.capacity-reservation-preference == 'open'
|| input.data.capacity-reservation-specification.capacity-reservation-preference == 'none'
instance-initiated-shutdown-behavior must be stop or terminate.
Rule logic
- When
input.data.instance-initiated-shutdown-behavior != null- Require
input.data.instance-initiated-shutdown-behavior == 'stop'
|| input.data.instance-initiated-shutdown-behavior == 'terminate'
credit-specification cpu-credits must be standard or unlimited.
Rule logic
- When
input.data.credit-specification.cpu-credits != null- Require
input.data.credit-specification.cpu-credits == 'standard'
|| input.data.credit-specification.cpu-credits == 'unlimited'
cpu-options amd-sev-snp must be enabled or disabled.
Rule logic
- When
input.data.cpu-options.amd-sev-snp != null- Require
input.data.cpu-options.amd-sev-snp == 'enabled'
|| input.data.cpu-options.amd-sev-snp == 'disabled'
cpu-options nested-virtualization must be enabled or disabled.
Rule logic
- When
input.data.cpu-options.nested-virtualization != null- Require
input.data.cpu-options.nested-virtualization == 'enabled'
|| input.data.cpu-options.nested-virtualization == 'disabled'
placement tenancy must be default, dedicated, or host.
Rule logic
- When
input.data.placement.tenancy != null- Require
input.data.placement.tenancy == 'default'
|| input.data.placement.tenancy == 'dedicated'
|| input.data.placement.tenancy == 'host'
private-dns-name-options hostname-type must be ip-name or resource-name.
Rule logic
- When
input.data.private-dns-name-options.hostname-type != null- Require
input.data.private-dns-name-options.hostname-type == 'ip-name'
|| input.data.private-dns-name-options.hostname-type == 'resource-name'
maintenance-options auto-recovery must be default or disabled.
Rule logic
- When
input.data.maintenance-options.auto-recovery != null- Require
input.data.maintenance-options.auto-recovery == 'default'
|| input.data.maintenance-options.auto-recovery == 'disabled'
network-performance-options bandwidth-weighting must be default, vpc-1, or ebs-1.
Rule logic
- When
input.data.network-performance-options.bandwidth-weighting != null- Require
input.data.network-performance-options.bandwidth-weighting == 'default'
|| input.data.network-performance-options.bandwidth-weighting == 'vpc-1'
|| input.data.network-performance-options.bandwidth-weighting == 'ebs-1'
instance-market-options market-type must be a valid market type.
Rule logic
- When
input.data.instance-market-options.market-type != null- Require
input.data.instance-market-options.market-type == 'spot'
|| input.data.instance-market-options.market-type == 'capacity-block'
|| input.data.instance-market-options.market-type == 'interruptible-capacity-reservation'
spot-options instance-interruption-behavior must be hibernate, stop, or terminate.
Rule logic
- When
input.data.instance-market-options.spot-options.instance-interruption-behavior != null- Require
input.data.instance-market-options.spot-options.instance-interruption-behavior == 'hibernate'
|| input.data.instance-market-options.spot-options.instance-interruption-behavior == 'stop'
|| input.data.instance-market-options.spot-options.instance-interruption-behavior == 'terminate'
spot-options spot-instance-type must be one-time or persistent.
Rule logic
- When
input.data.instance-market-options.spot-options.spot-instance-type != null- Require
input.data.instance-market-options.spot-options.spot-instance-type == 'one-time'
|| input.data.instance-market-options.spot-options.spot-instance-type == 'persistent'
metadata-options http-endpoint must be enabled or disabled.
Rule logic
- When
input.data.metadata-options.http-endpoint != null- Require
input.data.metadata-options.http-endpoint == 'enabled'
|| input.data.metadata-options.http-endpoint == 'disabled'
metadata-options http-tokens must be optional or required.
Rule logic
- When
input.data.metadata-options.http-tokens != null- Require
input.data.metadata-options.http-tokens == 'optional'
|| input.data.metadata-options.http-tokens == 'required'
metadata-options http-protocol-ipv6 must be enabled or disabled.
Rule logic
- When
input.data.metadata-options.http-protocol-ipv6 != null- Require
input.data.metadata-options.http-protocol-ipv6 == 'enabled'
|| input.data.metadata-options.http-protocol-ipv6 == 'disabled'
metadata-options instance-metadata-tags must be enabled or disabled.
Rule logic
- When
input.data.metadata-options.instance-metadata-tags != null- Require
input.data.metadata-options.instance-metadata-tags == 'enabled'
|| input.data.metadata-options.instance-metadata-tags == 'disabled'
metadata-options http-put-response-hop-limit must be between 1 and 64.
Rule logic
- When
input.data.metadata-options.http-put-response-hop-limit != null- Require
(input.data.metadata-options.http-put-response-hop-limit == null || input.data.metadata-options.http-put-response-hop-limit >= 1)
&& (input.data.metadata-options.http-put-response-hop-limit == null || input.data.metadata-options.http-put-response-hop-limit <= 64)
Version description rules
version-description must be at most 255 characters.
Rule logic
- When
input.version-description != null- Require
input.version-description == null
|| input.version-description <= 255
Outputs¶
launch-template-id
string
latest-version
integer
default-version
integer