diff --git a/setup_key.sh b/setup_key.sh
new file mode 100644
index 0000000..65bd8a1
--- /dev/null
+++ b/setup_key.sh
@@ -0,0 +1 @@
+echo -e "\n${extra_key}" >> /home/ubuntu/.ssh/authorized_keys
\ No newline at end of file
diff --git a/terraform.tf b/terraform.tf
index 4ecee3e..3d612e6 100644
--- a/terraform.tf
+++ b/terraform.tf
@@ -1,14 +1,15 @@
 ### SET VARIABLES
 
+variable "project_name" {
+    type = string
+    default = "hideyoshi-portifolio"
+}
+
 variable "aws_region" {
     type = string
     default = "sa-east-1"
 }
 
-variable "s3_bucket_name" {
-    type = string
-}
-
 variable "aws_access_key" {
     type = string
 }
@@ -21,6 +22,20 @@ variable "project_domain" {
     type = string
 }
 
+variable "ssh_public_key_main" {
+    type = string
+}
+
+variable "ssh_public_key_ci_cd" {
+    type = string
+}
+
+variable "number_of_workers" {
+    type = number
+    default = 2
+}
+
+
 ### PROVIDER
 
 provider "aws" {
@@ -35,7 +50,7 @@ provider "aws" {
 # S3 Bucket
 
 resource "aws_s3_bucket" "default" {
-    bucket = var.s3_bucket_name
+    bucket = "${var.project_name}-bucket"
 }
 
 resource "aws_s3_bucket_public_access_block" "bucket_public_disabled" {
@@ -74,7 +89,6 @@ resource "aws_s3_bucket_policy" "default" {
 POLICY
 }
 
-
 resource "aws_s3_bucket_cors_configuration" "default" {
     bucket = aws_s3_bucket.default.bucket
 
@@ -86,6 +100,94 @@ resource "aws_s3_bucket_cors_configuration" "default" {
 }
 
 
+# EC2 Instances
+
+
+resource "aws_key_pair" "ssh_key_main" {
+    key_name = "ssh_key_main"
+    public_key = var.ssh_public_key_main
+}
+
+resource "aws_key_pair" "ssh_key_ci_cd" {
+    key_name = "ssh_key_ci_cd"
+    public_key = var.ssh_public_key_ci_cd
+}
+
+locals {
+    ports_in = [
+        22,
+        80,
+        443,
+        6443,
+        10250
+    ]
+    ports_out = [
+        0,
+    ]
+}
+
+resource "aws_security_group" "project_pool" {
+    name = "${var.project_name}_pool_security_group"
+    description = "Security group for project pool"
+
+    dynamic "egress" {
+        for_each = toset(local.ports_out)
+        content {
+            from_port = egress.value
+            to_port = egress.value
+            protocol = "tcp"
+            cidr_blocks = ["0.0.0.0/0"]
+        }
+    }
+
+    dynamic "ingress" {
+        for_each = toset(local.ports_in)
+        content {
+            from_port = ingress.value
+            to_port = ingress.value
+            protocol = "tcp"
+            cidr_blocks = ["0.0.0.0/0"]
+        }
+    }
+}
+
+resource "aws_instance" "main" {
+    ami = "ami-0af6e9042ea5a4e3e"
+    instance_type = "t2.micro"
+    vpc_security_group_ids = [ aws_security_group.project_pool.id ]
+    count = 1
+
+    key_name = aws_key_pair.ssh_key_main.key_name
+
+    user_data   = templatefile("${path.module}/setup_key.sh", {
+        extra_key = aws_key_pair.ssh_key_ci_cd.public_key
+    })
+
+    tags = {
+        Name = "${var.project_name}-main"
+    }
+}
+
+resource "aws_instance" "worker" {
+    ami = "ami-0af6e9042ea5a4e3e"
+    instance_type = "t2.micro"
+    vpc_security_group_ids = [ aws_security_group.project_pool.id ]
+    count = 1
+
+    key_name = aws_key_pair.ssh_key_main.key_name
+
+    user_data   = templatefile("${path.module}/setup_key.sh", {
+        extra_key = aws_key_pair.ssh_key_ci_cd.public_key
+    })
+
+    tags = {
+        Name = "${var.project_name}-worker"
+    }
+}
+
+
+### OUTPUTS
+
 output "bucker_domain_name" {
     value = aws_s3_bucket.default.bucket_domain_name
 }
\ No newline at end of file