chore: Add db access instance

[jongwooo]

This pull request introduces a new EC2 module to provision a spot instance for database access and updates the security group configurations to support this instance. The changes include defining the necessary resources, variables, and outputs, as well as integrating the new module into the main infrastructure configuration.

EC2 Module Implementation:

• Added a new aws_instance resource in Modules/EC2/main.tf to create a spot instance using the latest Amazon Linux 2 AMI. This instance is tagged as dummy-db-access-instance and is associated with a public IP. ([Modules/EC2/main.tfR1-R29](https://github.com/dutymate/infrastructure/pull/3/files#diff-55692756cb1a298134c71fccdd03f55f2eed57b252432187ba7dc59e88aaa580R1-R29))
• Defined new variables public_subnets and sg_db_access_instance_id in Modules/EC2/variables.tf to parameterize the subnet and security group for the instance. ([Modules/EC2/variables.tfR1-R7](https://github.com/dutymate/infrastructure/pull/3/files#diff-12f99cff164434fad4c8bd4ff5cb61328cf5231842fc4fbaff4475415c76b3f6R1-R7))

Security Group Updates:

• Added a new security group sg_db_access_instance in Modules/SecurityGroup/main.tf to allow SSH ingress from any IP and unrestricted egress. ([Modules/SecurityGroup/main.tfR157-R175](https://github.com/dutymate/infrastructure/pull/3/files#diff-29818b55ae9cc398e9749b8de85a02e76cee370b675117076252b8ab335a6bb3R157-R175))
• Updated existing security groups (sg_mysql, sg_valkey, sg_mongodb) to include sg_db_access_instance for secure communication with the new instance. ([[1]](https://github.com/dutymate/infrastructure/pull/3/files#diff-29818b55ae9cc398e9749b8de85a02e76cee370b675117076252b8ab335a6bb3L97-R97), [[2]](https://github.com/dutymate/infrastructure/pull/3/files#diff-29818b55ae9cc398e9749b8de85a02e76cee370b675117076252b8ab335a6bb3L120-R120), [[3]](https://github.com/dutymate/infrastructure/pull/3/files#diff-29818b55ae9cc398e9749b8de85a02e76cee370b675117076252b8ab335a6bb3L143-R143))

Outputs and Integration:

• Added an output sg_db_access_instance_id in Modules/SecurityGroup/outputs.tf to expose the new security group ID. ([Modules/SecurityGroup/outputs.tfR5-R8](https://github.com/dutymate/infrastructure/pull/3/files#diff-20aa32128be1843d003a3b4ffad1da7c7c12a6b6bbd2e438f4ee21284c39eb7eR5-R8))
• Integrated the new EC2 module into the main main.tf file, passing the required subnet and security group as inputs. ([main.tfR55-R60](https://github.com/dutymate/infrastructure/pull/3/files#diff-dc46acf24afd63ef8c556b77c126ccc6e578bc87e3aa09a931f33d9bf2532fbbR55-R60))

[Copilot]

Pull Request Overview

This PR introduces a dedicated EC2 spot instance for database access and updates security group configurations to accommodate it.

• Adds a new ec2 module with variables and a spot instance resource
• Creates and exposes a sg_db_access_instance security group; updates existing groups to allow access
• Integrates the new module into main.tf

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
main.tf	Integrated the new ec2 module
Modules/SecurityGroup/main.tf	Added sg_db_access_instance SG and updated egress/ingress
Modules/SecurityGroup/outputs.tf	Added output for sg_db_access_instance_id
Modules/EC2/variables.tf	Defined inputs for public subnets and SG ID
Modules/EC2/main.tf	Implemented the spot instance resource

Comments suppressed due to low confidence (1)

main.tf:55

• The new EC2 module and its security group interactions should have automated tests (e.g., using Terratest or similar) to verify provisioning and connectivity.

module "ec2" {