provider "aws" {
  region = "ap-south-1"
}

# EC2 instance
resource "aws_instance" "ec2_t2-micro" {
  ami                         = "ami-0861f4e788f5069dd" # Amazon Linux
  instance_type               = "t2.micro"
  key_name                    = "kshitij-personal-ed25519"
  subnet_id                   = "subnet-0f2515644bbe8e603"
  associate_public_ip_address = true
  vpc_security_group_ids      = [aws_security_group.ec2_ssh_security.id]

  tags = {
    Name = "Test-EC2"
  }
}

# Security group (firewall) for allowing incoming SSH connections
resource "aws_security_group" "ec2_ssh_security" {
  name = "allow_ssh"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["${var.ssh_ingress}"]
  }
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = -1
    cidr_blocks = ["0.0.0.0/0"]
  }
}