Terraform module to create an AWS EC2 running a full Solana validator node with RPC.
- You want to run a Solana Validator in the AWS public cloud
- You've created an AWS Virtual Private Cloud (VPC) and public subnets where you intend to put the Solana validator resources.
For security reasons port 22 is not open for SSH, in the firewall.
Instead, the module leverage AWS SSM.
Use session manager
to access the instance.
Use you AWS User or assumed role, with sufficient permissions, to access the node.
Find the INSTANCE_ID
in the AWS console, or via cli.
aws ssm start-session --target ${INSTANCE_ID}
# open bash shell and switch to sol user
sudo bash && su - sol
To open port 22, set var.enable_ssh
to true
.
resource "tls_private_key" "this" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "aws_key_pair" "this" {
key_name = format("%s-key", var.name)
public_key = tls_private_key.this.public_key_openssh
}
module "validator_node" {
source = "github.com/solanium-io/aws-solana-validator?ref=v1.0.0"
# meta
environment = "dev"
tags = merge(local.tags, { Name = "SolanaValidatorNode" })
# network
vpc_id = module.vpc.vpc_id
subnet_id = module.vpc.public_subnets[1]
# security
whitelist_ips = var.whitelist_ips
enable_ssh = false
# machine
ami = "ami-0a8e758f5e873d1c1" # ubuntu 20.04
instance_type = "m5ad.8xlarge"
key_name = aws_key_pair.this.key_name
}
Name | Version |
---|---|
terraform | >= 0.15 |
aws | 3.38.0 |
Name | Version |
---|---|
aws | 3.38.0 |
No modules.
Name | Type |
---|---|
aws_iam_instance_profile.this | resource |
aws_iam_policy_attachment.this | resource |
aws_iam_role.this | resource |
aws_instance.this | resource |
aws_kms_alias.this | resource |
aws_kms_key.this | resource |
aws_security_group.this | resource |
aws_ami.this | data source |
aws_caller_identity.this | data source |
aws_iam_policy_document.assume_role | data source |
aws_iam_policy_document.kms | data source |
aws_region.this | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
ami | AMI to be used in EC2, leave empty to use the newest | string |
"" |
no |
enable_ssh | Open port 22 in the security group | bool |
false |
no |
environment | Environment for the deployment | string |
n/a | yes |
instance_type | Instance type to be used in EC2 | string |
"m5ad.8xlarge" |
no |
key_name | SSH Keyname | string |
null |
no |
name | Name (prefix) of to assign to the stack | string |
"validator-node" |
no |
subnet_id | Subnet to deploy the EC2 | string |
n/a | yes |
tags | tags to attach to resources | map(string) |
{} |
no |
volume_size_gb | Size of block device in GB | number |
2048 |
no |
vpc_id | ID of VPC to deploy resources in | string |
n/a | yes |
whitelist_ips | List of IPs that are whitelisted to the security group | list(string) |
n/a | yes |
Name | Description |
---|---|
instance_id | Instance ID of the created EC2 |
public_ip | Instance ID of the created EC2 |