provider "aws" { region = var.region } resource "aws_security_group" "web_server_sg_tf" { name = "web-server-sg-tf" description = "Allow HTTP to web server" vpc_id = module.vpc.vpc_id ingress { description = "HTTP ingress" from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { description = "HTTPS ingress" from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } resource "aws_instance" "test_ami" { ami = var.ami_id instance_type = "t3.micro" associate_public_ip_address = true subnet_id = module.vpc.public_subnets[0] vpc_security_group_ids = [aws_security_group.web_server_sg_tf.id] }