Integrated ICO by Densify recommendation the the EC2 ICO Example

examples/amazon-linux-ec2-default-vpc-ico-by-densify/README.md

@@ -0,0 +1,104 @@
+<p align="center">
+  <img src="https://github.com/intel/terraform-intel-aws-vm/blob/main/images/logo-classicblue-800px.png?raw=true" alt="Intel Logo" width="250"/>
+</p>
+
+# Intel® Optimized Cloud Modules for Terraform
+
+© Copyright 2022, Intel Corporation
+
+## Terraform Intel AWS VM - Linux VM in Default VPC
+<p align="center">
+  <img src="https://github.com/intel/terraform-intel-aws-mysql/blob/main/images/aws-ec2-ico.png?raw=true" alt="Intel + Densify Logo" width="250"/>
+</p>
+
+This example creates creates AWS EC2 instance on Linux Operating System in the default VPC using recommended instance from Intel Cloud Optimizer by Densify. Intel® Cloud Optimizer is a collaboration between Densify and Intel targeted at getting you the most from your cloud investment. Intel Cloud Optimizer by Densify helps customers optimize their cloud investments and ensure optimal performance for every workload. Using this example requires a densify_recommndations.auto.tfvars file. You are expected to generate this file so this is a sample file only. In this sample file we will use example of recommended instance type of db.m6i.xlarge.
+
+This example creates an  It is configured to create the EC2 instance in US-East-1 region. The region is provided in variables.tf in this example folder.
+
+This example also creates an EC2 key pair. It associates the public key with the EC2 instance. The private key is created in the local system where terraform apply is done. It also creates a new scurity group to open up the SSH port 22 to a specific IP CIDR block.
+
+In this example, the tags Name, Owner and Duration are added to the EC2 instance when it is created and with optional tags for Intel Cloud Optimizer by Densify.
+
+## Architecture Diagram
+<p align="center">
+  <img src="https://github.com/intel/terraform-intel-aws-vm/blob/main/images/amazon-ec2-default-vpc.png?raw=true" alt="amazon-ec2-default-vpc" width="750"/>
+</p>
+
+## Usage
+
+variables.tf
+
+```hcl
+variable "region" {
+  description = "Target AWS region to deploy EC2 in."
+  type        = string
+  default     = "us-east-1"
+}
+```
+main.tf
+```hcl
+resource "random_id" "rid" {
+  byte_length = 5
+}
+
+# RSA key of size 4096 bits
+resource "tls_private_key" "rsa" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "aws_key_pair" "TF_key" {
+  key_name   = "TF_key-${random_id.rid.dec}"
+  public_key = tls_private_key.rsa.public_key_openssh
+}
+
+resource "local_file" "TF_private_key" {
+  content  = tls_private_key.rsa.private_key_pem
+  filename = "tfkey.private"
+}
+
+resource "aws_security_group" "ssh_security_group" {
+  description = "security group to configure ports for ssh"
+  ingress {
+    from_port = 22
+    to_port   = 22
+    protocol  = "tcp"
+
+    ## CHANGE THE IP CIDR BLOCK BELOW TO ALL YOUR OWN SSH PORT ##
+    cidr_blocks = ["a.b.c.d/x"]
+  }
+}
+
+resource "aws_network_interface_sg_attachment" "sg_attachment" {
+  security_group_id    = aws_security_group.ssh_security_group.id
+  network_interface_id = module.ec2-vm.primary_network_interface_id
+}
+
+module "ec2-vm" {
+  source   = "intel/aws-vm/intel"
+  key_name = aws_key_pair.TF_key.key_name
+  tags = {
+    Name     = "my-test-vm-${random_id.rid.dec}"
+    Owner    = "OwnerName-${random_id.rid.dec}",
+    Duration = "2"
+  }
+}
+```
+
+
+
+Run Terraform
+Replace the line below with you own IPV4 CIDR range before running the example.
+
+```hcl
+cidr_blocks = ["a.b.c.d/x"]
+```
+
+Run the following terraform commands
+```hcl
+terraform init  
+terraform plan
+terraform apply  
+```
+## Considerations
+- The AWS region where this example is run should have a default VPC

examples/amazon-linux-ec2-default-vpc-ico-by-densify/densify_recommendations.auto.tfvars

@@ -0,0 +1,55 @@
+densify_recommendations = {
+
+  "mobile-app-user2" = {
+    currentType = "m4.xlarge"
+    recommendedType = "m6i.xlarge"
+    approvalType = "all"
+    predictedUptime = "80.61"
+    recommendationType = "Modernize"
+    powerState = "Running"
+    implementationMethod = "Self Optimization"
+    savingsEstimate = "47.076237"
+    effortEstimate = "Low"
+    densifyPolicy = "AWS (Mobile_Prod) B"
+  }
+
+  "ex-prepro-dvc-866" = {
+    currentType = "c4.2xlarge"
+    recommendedType = "r5a.large"
+    approvalType = "na"
+    predictedUptime = "92.42"
+    recommendationType = "Downsize - Optimal Family"
+    powerState = "Running"
+    implementationMethod = "Self Optimization"
+    savingsEstimate = "192.27982"
+    effortEstimate = "Low"
+    densifyPolicy = "AWS (Mobile_Prod) B"
+    deferRecommendation = "no"
+  }
+  "ex-prepro-fifo-420" = {
+    currentType = "m3.large"
+    recommendedType = "m3.medium"
+    approvalType = "na"
+    predictedUptime = "99.24"
+    recommendationType = "Downsize"
+    powerState = "Running"
+    implementationMethod = "Self Optimization"
+    savingsEstimate = "47.813828"
+    effortEstimate = "Low"
+    densifyPolicy = "AWS (Mobile_Prod) B"
+    deferRecommendation = "no"
+  }
+  "ex-prepro-jaws-317" = {
+    currentType = "m4.xlarge"
+    recommendedType = "m5a.xlarge"
+    approvalType = "na"
+    predictedUptime = "80.77"
+    recommendationType = "Modernize"
+    powerState = "Running"
+    implementationMethod = "Manual"
+    savingsEstimate = "16.50939"
+    effortEstimate = "Moderate"
+    densifyPolicy = "AWS (Mobile_Prod) B"
+    deferRecommendation = "no"
+  }
+}

examples/amazon-linux-ec2-default-vpc-ico-by-densify/main.tf

@@ -0,0 +1,72 @@
+# Provision EC2 Instance on Icelake on Amazon Linux OS in default vpc. It is configured to create the EC2 in
+# US-East-1 region. The region is provided in variables.tf in this example folder.
+
+# This example also create an EC2 key pair. Associate the public key with the EC2 instance. Create the private key
+# in the local system where terraform apply is done. Create a new scurity group to open up the SSH port 
+# 22 to a specific IP CIDR block
+
+######### PLEASE NOTE TO CHANGE THE IP CIDR BLOCK TO ALLOW SSH FROM YOUR OWN ALLOWED IP ADDRESS FOR SSH #########
+
+# Initialize Densify Module that will parse the densify_recommendations.auto.tfvars recommendation file
+module "densify" {
+  source  = "densify-dev/optimization-as-code/null"
+  densify_recommendations = var.densify_recommendations
+  densify_fallback        = var.densify_fallback
+  densify_unique_id       = var.name
+}
+
+resource "random_id" "rid" {
+  byte_length = 5
+}
+
+# RSA key of size 4096 bits
+resource "tls_private_key" "rsa" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "aws_key_pair" "TF_key" {
+  key_name   = "TF_key-${random_id.rid.dec}"
+  public_key = tls_private_key.rsa.public_key_openssh
+}
+
+resource "local_file" "TF_private_key" {
+  content  = tls_private_key.rsa.private_key_pem
+  filename = "tfkey.private"
+}
+
+resource "aws_security_group" "ssh_security_group" {
+  description = "security group to configure ports for ssh"
+  ingress {
+    from_port = 22
+    to_port   = 22
+    protocol  = "tcp"
+
+    ## CHANGE THE IP CIDR BLOCK BELOW TO ALL YOUR OWN SSH PORT ##
+    cidr_blocks = ["a.b.c.d/x"]
+
+  }
+}
+
+resource "aws_network_interface_sg_attachment" "sg_attachment" {
+  security_group_id    = aws_security_group.ssh_security_group.id
+  network_interface_id = module.ec2-vm.primary_network_interface_id
+}
+
+module "ec2-vm" {
+  source   = "intel/aws-vm/intel"
+  key_name = aws_key_pair.TF_key.key_name
+  instance_type = module.densify.recommended_type
+  # tag instance to make it Self-Aware these tags are optional and can set as few or as many as you like.
+  tags = {
+    Name                              = var.name
+    #Should match the densify_unique_id value as this is how Densify references the system as unique
+    "Provisioning ID"                 = var.name
+    "business-unit"                   = "Intel"
+    "application"                     = "BDC_Slc"
+    "environment"                     = "PRV-BDC_Slc"
+    Densify-optimal-instance-type     = module.densify.recommended_type
+    Owner    = "OwnerName-${random_id.rid.dec}",
+    Duration = "2"
+  }
+}

examples/amazon-linux-ec2-default-vpc-ico-by-densify/outputs.tf

@@ -0,0 +1,113 @@
+output "id" {
+  description = "The ID of the instance"
+  value       = try(module.ec2-vm.id, module.ec2-vm.id, "")
+}
+
+output "arn" {
+  description = "The ARN of the instance"
+  value       = try(module.ec2-vm.arn, "")
+}
+
+output "capacity_reservation_specification" {
+  description = "Capacity reservation specification of the instance"
+  value       = try(module.ec2-vm.capacity_reservation_specification, "")
+}
+
+output "instance_state" {
+  description = "The state of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`"
+  value       = try(module.ec2-vm.instance_state, "")
+}
+
+output "outpost_arn" {
+  description = "The ARN of the Outpost the instance is assigned to"
+  value       = try(module.ec2-vm.outpost_arn, "")
+}
+
+output "password_data" {
+  description = "Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true"
+  value       = try(module.ec2-vm.password_data, "")
+}
+
+output "primary_network_interface_id" {
+  description = "The ID of the instance's primary network interface"
+  value       = try(module.ec2-vm.primary_network_interface_id, "")
+}
+
+output "private_dns" {
+  description = "The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC"
+  value       = try(module.ec2-vm.private_dns, "")
+}
+
+output "public_dns" {
+  description = "The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC"
+  value       = try(module.ec2-vm.public_dns, "")
+}
+
+output "public_ip" {
+  description = "The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached"
+  value       = try(module.ec2-vm.public_ip, "")
+}
+
+output "private_ip" {
+  description = "The private IP address assigned to the instance."
+  value       = try(module.ec2-vm.private_ip, "")
+}
+
+output "ipv6_addresses" {
+  description = "The IPv6 address assigned to the instance, if applicable."
+  value       = try(module.ec2-vm.ipv6_addresses, [])
+}
+
+output "tags_all" {
+  description = "A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block"
+  value       = try(module.ec2-vm.tags_all, {})
+}
+
+output "spot_bid_status" {
+  description = "The current bid status of the Spot Instance Request"
+  value       = try(module.ec2-vm.spot_bid_status, "")
+}
+
+output "spot_request_state" {
+  description = "The current request state of the Spot Instance Request"
+  value       = try(module.ec2-vm.spot_request_state, "")
+}
+
+output "spot_instance_id" {
+  description = "The Instance ID (if any) that is currently fulfilling the Spot Instance request"
+  value       = try(module.ec2-vm.spot_instance_id, "")
+}
+
+################################################################################
+# IAM Role / Instance Profile
+################################################################################
+
+output "iam_role_name" {
+  description = "The name of the IAM role"
+  value       = try(module.ec2-vm.aws_iam_role.name, null)
+}
+
+output "iam_role_arn" {
+  description = "The Amazon Resource Name (ARN) specifying the IAM role"
+  value       = try(module.ec2-vm.aws_iam_role.arn, null)
+}
+
+output "iam_role_unique_id" {
+  description = "Stable and unique string identifying the IAM role"
+  value       = try(module.ec2-vm.aws_iam_role.unique_id, null)
+}
+
+output "iam_instance_profile_arn" {
+  description = "ARN assigned by AWS to the instance profile"
+  value       = try(module.ec2-vm.aws_iam_instance_profile.arn, null)
+}
+
+output "iam_instance_profile_id" {
+  description = "Instance profile's ID"
+  value       = try(module.ec2-vm.aws_iam_instance_profile.id, null)
+}
+
+output "iam_instance_profile_unique" {
+  description = "Stable and unique string identifying the IAM instance profile"
+  value       = try(module.ec2-vm.aws_iam_instance_profile.unique_id, null)
+}

examples/amazon-linux-ec2-default-vpc-ico-by-densify/providers.tf

@@ -0,0 +1,4 @@
+provider "aws" {
+  # Environment Variables used for Authentication
+  region = var.region
+}

examples/amazon-linux-ec2-default-vpc-ico-by-densify/variables.tf

@@ -0,0 +1,30 @@
+variable "region" {
+  description = "Target AWS region to deploy EC2 in."
+  type        = string
+  default     = "us-east-1"
+}
+
+#Name of the system.
+variable "name" {
+  # default = "my-app-ec2-instance"
+  # default = "test-web-instance"
+  default = "mobile-app-user2"
+}
+
+# Defaults this is used for fallback if the system name isn't found in the densify_recommendations. 
+# This shouldn't be used in most cases likely use would be if you were to create a new system that hasn't been analyzed by Densify yet.
+variable "densify_fallback" {
+  type = map(string)
+  default = {
+    recommendedType          = "m6i.large"
+    currentType              = "m5.2xlarge"
+    approvalType             = "all"
+    savingsEstimate          = "0"
+    predictedUptime          = "0"
+    reservedInstanceCoverage = "no"
+  }
+}
+
+variable "densify_recommendations" {
+  type = map(map(string))
+}

examples/amazon-linux-ec2-default-vpc-ico-by-densify/versions.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">=1.3.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.60.0"
+    }
+  }
+}