AWS Instance with multiple SSH Key support.
module "bastion" {
source = "github.com/opszero/terraform-aws-bastion"
ssh_keys = [ "ssh-rsa ..." ]
users = {
"username" = {
ssh-keys = [
"ssh-rs ..."
]
}
}
}
- Use MrMgr to setup IAM access to the Bastion
pip3 install pip3 install ec2instanceconnectclimssh --profile awsprofile ubuntu@i-1234566
terraform init
terraform plan
terraform apply -auto-approve
terraform destroy -auto-approve
opsZero provides support for our modules including:
- Email support
- Zoom Calls
- Implementation Guidance
| Name |
Description |
Type |
Default |
Required |
| ami_id |
The AMI ID of the bastion host |
string |
null |
no |
| efs_mounts |
EFS multiple mounts |
map |
{} |
no |
| ingress_cidrs |
Configuration block for ingress rules |
any |
n/a |
yes |
| instance_type |
EC2 Instance Type of the bastion host |
string |
"t3.micro" |
no |
| name |
The name of the bastion host |
string |
n/a |
yes |
| security_group_ids |
A list of security group names to associate with. |
list(any) |
[] |
no |
| ssh_keys |
SSH public keys to add to the image |
list(any) |
[] |
no |
| subnet_id |
The VPC subnet ID to launch in EC2 bastion host |
string |
n/a |
yes |
| tags |
A map of tags to assign to the resource |
map(any) |
{} |
no |
| ubuntu_version |
Ubuntu Server Version |
string |
"20.04" |
no |
| user_data |
User data to provide when launching the instance |
string |
"" |
no |
| user_data_replace_on_change |
To recreate the instance when user_data is changed |
bool |
false |
no |
| userdata |
User data to provide when launching the instance |
string |
"" |
no |
| users |
Custom user accounts of the instance |
map |
{
"retool": {
"ssh-keys": []
}
} |
no |
| volume_size |
Size of the volume in gibibytes (GiB) |
number |
20 |
no |
| vpc_id |
The VPC ID to create security group for bastion host |
string |
n/a |
yes |
