From e0bc48e2215ae5419f5df3efffcdf1ed86911e7f Mon Sep 17 00:00:00 2001
From: Kapil Thangavelu <kapilt@gmail.com>
Date: Wed, 21 Feb 2024 09:34:12 -0500
Subject: [PATCH 1/2] add new ec2 instance

---
 policies/cost.yaml | 19 +++++++++++++++++++
 root-module/ec2.tf | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 51 insertions(+)
 create mode 100644 policies/cost.yaml
 create mode 100644 root-module/ec2.tf

diff --git a/policies/cost.yaml b/policies/cost.yaml
new file mode 100644
index 0000000..06424d9
--- /dev/null
+++ b/policies/cost.yaml
@@ -0,0 +1,19 @@
+policies:
+  - name: check-ebs-volume-type
+    description: "use gp3 volumes for better cost and performance over gp2"
+    resource: terraform.aws_instance
+    metadata:
+      severity: low
+      categories: [cost]
+    filters:
+      - or:
+          - type: value
+            key: root_block_device.volume_type
+            value: gp2
+          - type: value
+            key: ebs_block_device.volume_type
+            value: gp2
+#          - type: list-item
+#            key: ebs_block_device
+#            attrs:
+#              - volume_type: gp2
diff --git a/root-module/ec2.tf b/root-module/ec2.tf
new file mode 100644
index 0000000..f0f952e
--- /dev/null
+++ b/root-module/ec2.tf
@@ -0,0 +1,32 @@
+data "aws_ami" "ubuntu" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = ["099720109477"] # Canonical
+}
+
+resource "aws_instance" "web" {
+  ami           = data.aws_ami.ubuntu.id
+  instance_type = "m6g.large"
+
+  ebs_block_device {
+    device_name = "/dev/sdf"
+    volume_type = "gp2"
+    volume_size = "30"
+  }
+  
+  tags = {
+    Name = "HelloWorld"
+    Env  = "Dev"
+  }
+
+}

From bd4da7588f10a0031acd1bd5ffc8931aed276b31 Mon Sep 17 00:00:00 2001
From: Kapil Thangavelu <kapilt@gmail.com>
Date: Wed, 21 Feb 2024 09:34:38 -0500
Subject: [PATCH 2/2] update python version

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8582722..c8d53dc 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,7 +17,7 @@ jobs:
           terraform_wrapper: false
       - uses: actions/setup-python@v3
         with:
-          python-version: "3.10"
+          python-version: "3.11"
       - name: Install Custodian
         run: |
           pip install c7n_left