Merge pull request #563 from ministryofjustice/feature/1385-resolve-p…

…arameter-instead-of-ami Updated template to use dynamic resolution of SSM parameter store value
ministryofjustice · Oct 11, 2024 · 440a828 · 440a828
2 parents 72b6469 + 9b1804b
commit 440a828
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 18 deletions.
diff --git a/README.md b/README.md
@@ -140,7 +140,6 @@ In order to prevent older versions from being retained forever, in addition to t
 | [aws_security_group_rule.bastion_linux_egress_2](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [aws_security_group_rule.bastion_linux_egress_3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
 | [random_string.random6](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
-| [aws_ami.linux_2_image](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_iam_policy_document.bastion_assume_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.bastion_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

diff --git a/main.tf b/main.tf
@@ -379,22 +379,6 @@ resource "aws_iam_instance_profile" "bastion_profile" {
 }
 
 ## Bastion
-
-data "aws_ami" "linux_2_image" {
-  most_recent = true
-  owners      = ["amazon"]
-
-  filter {
-    name   = "name"
-    values = ["amzn2-ami-hvm*"]
-  }
-
-  filter {
-    name   = "virtualization-type"
-    values = ["hvm"]
-  }
-}
-
 resource "aws_launch_template" "bastion_linux_template" {
   name = "${var.instance_name}_template"
 
@@ -413,7 +397,7 @@ resource "aws_launch_template" "bastion_linux_template" {
     name = aws_iam_instance_profile.bastion_profile.id
   }
 
-  image_id                             = data.aws_ami.linux_2_image.id
+  image_id                             = "resolve:ssm:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
   instance_initiated_shutdown_behavior = "terminate"
   instance_type                        = "t3.micro"