provider "aws" {
  region = "us-east-1" # Change this to your preferred region
}

resource "aws_security_group" "ec2_sg" {
  name        = "pangolin-sg"
  description = "Allow SSH inbound traffic"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"] # Open to all, restrict this for security
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_instance" "ec2_vm" {
  ami           = "ami-05b10e08d247fb927" # Replace with a valid AMI ID for your region
  instance_type = "t2.micro" # Free tier eligible instance type
  security_groups = [aws_security_group.ec2_sg.name]
  key_name      = "theocorp" # Replace with your AWS key pair name

  tags = {
    Name = "pangolin"
  }
}

output "instance_public_ip" {
  description = "Public IP of the EC2 instance"
  value       = aws_instance.ec2_vm.public_ip
}