If your remote LXD server (on Linode) is already exposed, you only have to exchange the client certificate between Terraform (on EC2) and the remote LXD server (on Linode). Otherwise, remote LXD server will not trust the incoming requests from EC2.
Are you running LXD on both EC2 and Linode?
If so, the easiest way is to generate a new certificate on the remote LXD server (Linode):
# Run on Linode
# Generate client cert for EC2. This will return you a fingerprint.
lxc config trust add --name ec2
Then add new remote LXD server (on EC2):
# Run on EC2
lxc remote add linode <fingerprint>
Finally, test if you can create an instance on Linode (from EC2):
# Run on EC2
lxc launch ubuntu:22.04 linode:test
If the above works, then you can try the same with Terraform:
provider "lxd" {}
resource "lxd_instance" "inst" {
name = "test2"
image = "ubuntu:22.04"
remote = "linode" # This remote will be imported from local LXD config.
}
If you don’t have LXD on EC2 instance, then you can generate the client certificate manually (on Linode) and import it into the remote LXD server (on EC2), as explained above.