From 3e372f17a9fb0ff9f83532027473c172b39d3025 Mon Sep 17 00:00:00 2001 From: Steve Steiner Date: Thu, 29 Aug 2024 15:47:36 -0400 Subject: [PATCH 1/2] feat: adding ability to enable instance monitoring Signed-off-by: Steve Steiner --- modules/vmseries/main.tf | 2 +- modules/vmseries/variables.tf | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/vmseries/main.tf b/modules/vmseries/main.tf index e2a5cec2..7fd77732 100644 --- a/modules/vmseries/main.tf +++ b/modules/vmseries/main.tf @@ -76,7 +76,7 @@ resource "aws_instance" "this" { disable_api_termination = var.enable_instance_termination_protection ebs_optimized = true instance_initiated_shutdown_behavior = "stop" - monitoring = false + monitoring = var.enable_monitoring dynamic "metadata_options" { for_each = var.enable_imdsv2 ? [1] : [] diff --git a/modules/vmseries/variables.tf b/modules/vmseries/variables.tf index 8867af1b..6740464b 100644 --- a/modules/vmseries/variables.tf +++ b/modules/vmseries/variables.tf @@ -161,6 +161,12 @@ variable "enable_instance_termination_protection" { type = bool } +variable "enable_monitoring" { + description = "(Optional) If true, the launched EC2 instance will have detailed monitoring enabled." + default = false + type = bool +} + variable "eip_domain" { description = "Indicates if this EIP is for use in VPC" default = "vpc" From 99242b2480ea7b908e9ddfebee5125c6b700f98c Mon Sep 17 00:00:00 2001 From: Steve Steiner Date: Thu, 29 Aug 2024 15:59:10 -0400 Subject: [PATCH 2/2] pre-commit Signed-off-by: Steve Steiner --- modules/vmseries/README.md | 1 + modules/vmseries/variables.tf | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/vmseries/README.md b/modules/vmseries/README.md index 78230c8a..81e89030 100644 --- a/modules/vmseries/README.md +++ b/modules/vmseries/README.md @@ -52,6 +52,7 @@ No modules. | [eip\_domain](#input\_eip\_domain) | Indicates if this EIP is for use in VPC | `string` | `"vpc"` | no | | [enable\_imdsv2](#input\_enable\_imdsv2) | Whether to enable IMDSv2 on the EC2 instance.
Support for this feature has been added in VM-Series Plugin [3.0.0](https://docs.paloaltonetworks.com/plugins/vm-series-and-panorama-plugins-release-notes/vm-series-plugin/vm-series-plugin-30/vm-series-plugin-300#id126d0957-95d7-4b29-9147-fff20027986e), which in turn requires VM-Series version 10.2.0 at minimum. | `string` | `false` | no | | [enable\_instance\_termination\_protection](#input\_enable\_instance\_termination\_protection) | Whether to enable termination protection on the EC2 instance. | `bool` | `false` | no | +| [enable\_monitoring](#input\_enable\_monitoring) | (Optional) If true, the launched EC2 instance will have detailed monitoring enabled. | `bool` | `false` | no | | [iam\_instance\_profile](#input\_iam\_instance\_profile) | IAM instance profile. | `string` | `null` | no | | [include\_deprecated\_ami](#input\_include\_deprecated\_ami) | In certain scenarios, customers may deploy a VM-Series instance through the marketplace,
only to later discover that the ami has been deprecated, resulting in pipeline failures.
Setting the specified parameter to `true` will enable the continued use of deprecated AMIs,
mitigating this issue. | `bool` | `false` | no | | [instance\_type](#input\_instance\_type) | EC2 instance type. | `string` | `"m5.xlarge"` | no | diff --git a/modules/vmseries/variables.tf b/modules/vmseries/variables.tf index 6740464b..b9ce3476 100644 --- a/modules/vmseries/variables.tf +++ b/modules/vmseries/variables.tf @@ -163,8 +163,8 @@ variable "enable_instance_termination_protection" { variable "enable_monitoring" { description = "(Optional) If true, the launched EC2 instance will have detailed monitoring enabled." - default = false - type = bool + default = false + type = bool } variable "eip_domain" {