AWS Instance with multiple SSH Key support.
module "bastion" {
source = "github.com/opszero/terraform-aws-bastion"
ssh_keys = [ "ssh-rsa ..." ]
users = {
"username" = {
ssh-keys = [
"ssh-rs ..."
]
}
}
}
- Use MrMgr to setup IAM access to the Bastion
pip3 install pip3 install ec2instanceconnectcli
mssh --profile awsprofile ubuntu@i-1234566
terraform init
terraform plan
terraform apply -auto-approve
terraform destroy -auto-approve
![](https://camo.githubusercontent.com/3bf1189500c13e072a11bcc408dd242c7f3d9445227608ffe9769d53f0495649/68747470733a2f2f6173736574732e6f70737a65726f2e636f6d2f696d616765732f6f70737a65726f5f31315f32395f323031362e706e67)
opsZero provides support for our modules including:
- Email support
- Zoom Calls
- Implementation Guidance
Name |
Description |
Type |
Default |
Required |
ami_id |
The AMI ID of the bastion host |
string |
null |
no |
efs_mounts |
EFS multiple mounts |
map |
{} |
no |
ingress_cidrs |
Configuration block for ingress rules |
any |
n/a |
yes |
instance_type |
EC2 Instance Type of the bastion host |
string |
"t3.micro" |
no |
name |
The name of the bastion host |
string |
n/a |
yes |
security_group_ids |
A list of security group names to associate with. |
list(any) |
[] |
no |
ssh_keys |
SSH public keys to add to the image |
list(any) |
[] |
no |
subnet_id |
The VPC subnet ID to launch in EC2 bastion host |
string |
n/a |
yes |
tags |
A map of tags to assign to the resource |
map(any) |
{} |
no |
ubuntu_version |
Ubuntu Server Version |
string |
"20.04" |
no |
user_data |
User data to provide when launching the instance |
string |
"" |
no |
user_data_replace_on_change |
To recreate the instance when user_data is changed |
bool |
false |
no |
userdata |
User data to provide when launching the instance |
string |
"" |
no |
users |
Custom user accounts of the instance |
map |
{ "retool": { "ssh-keys": [] } } |
no |
volume_size |
Size of the volume in gibibytes (GiB) |
number |
20 |
no |
vpc_id |
The VPC ID to create security group for bastion host |
string |
n/a |
yes |