{"id":22901737,"url":"https://github.com/eguven/terraform-aws-bastion-host","last_synced_at":"2026-05-03T02:43:06.237Z","repository":{"id":142197060,"uuid":"199918374","full_name":"eguven/terraform-aws-bastion-host","owner":"eguven","description":"Terraform module which creates a bastion host resource on AWS.","archived":false,"fork":false,"pushed_at":"2023-03-10T18:52:58.000Z","size":13,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-07T03:42:33.406Z","etag":null,"topics":["aws","aws-instance","bastion-host","jumphost","terraform-module"],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eguven.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-31T19:40:00.000Z","updated_at":"2023-03-10T15:29:09.000Z","dependencies_parsed_at":"2023-04-11T01:31:16.329Z","dependency_job_id":null,"html_url":"https://github.com/eguven/terraform-aws-bastion-host","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eguven%2Fterraform-aws-bastion-host","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eguven%2Fterraform-aws-bastion-host/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eguven%2Fterraform-aws-bastion-host/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eguven%2Fterraform-aws-bastion-host/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eguven","download_url":"https://codeload.github.com/eguven/terraform-aws-bastion-host/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246591808,"owners_count":20801985,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-instance","bastion-host","jumphost","terraform-module"],"created_at":"2024-12-14T01:40:42.773Z","updated_at":"2026-05-03T02:43:01.217Z","avatar_url":"https://github.com/eguven.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-bastion-host\n\nTerraform module which creates a bastion host resource on AWS. Requires Terraform \u003e= 0.12.\n\n## Minimal Example\n\nThe following will create a t3.nano instance in given VPC using latest Amazon Linux 2 AMI. When not provided:\n\n* keypair will be created from `~/.ssh/id_rsa.pub`\n* subnet will be discovered using `Tier = \"Public\"` tag\n* security group will allow SSH on the current ip\n\n```terraform\nmodule \"my_bastion_host\" {\n  source = \"git@github.com:eguven/terraform-aws-bastion-host.git?ref=master\"\n  # The only required attribute is vpc_id\n  vpc_id = \"vpc-1337ffff1337ffff0\"\n}\n```\n\n## Config Snippets\n\n```terraform\nmodule \"my_bastion_host\" {\n  source = \"git@github.com:eguven/terraform-aws-bastion-host.git?ref=master\"\n\n  vpc_id = \"vpc-1337ffff1337ffff0\"\n\n  # change name from bastion-host\n  name = \"jumphost\"\n\n  # ami and instance type\n  ami = \"ami-aaaaaaaa\"\n  instance_type = \"t3.large\"\n\n  # key_name can be provided and will take precedence\n  key_name = \"my-keypair-on-ec2\"\n\n  # or a new keypair can be created with given name and file\n  create_public_key = {\n    key_name = \"new-keyname-on-ec2\"\n    key_filename = \"~/.ssh/some_pubkey.pub\"\n  }\n\n  # subnet id can be provided and will take precedence\n  subnet_id = \"subnet-ffffff\"\n\n  # or subnet tags can be used to discover public subnets\n  subnet_tags = {\n    SubnetTierTag = \"Public\"\n  }\n\n  # ports can be extended\n  tcp_ports = [22, 12345]\n\n  # cidr blocks can be provided\n  cidr_blocks = [\"123.45.67.89/32\", \"111.22.33.44/30\"]\n}\n```\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|:----:|:-----:|:-----:|\n| allow\\_current\\_ip | If true, current IP (from https://ipv4.icanhazip.com/) will be allowed on var.tcp_ports, defaults to true. | string | `true` | no |\n| ami | AMI to launch, if not provided, default is Amazon Linux 2 AMI latest. | string | `\"\"` | no |\n| cidr\\_blocks | CIDR blocks to add to bastion host security group, defaults to []. | list | `[]` | no |\n| extra\\_security\\_group\\_ids | Additional SGs to attach to instance, defaults to []. | list | `[]` | no |\n| create\\_public\\_key | Map of public public key_name and key_filename to create an EC2 key from, eg. `{ key_name = 'foo', key_filename = '\u003csome-path\u003e' }`. Either this or 'key_name' variable is required. Last resort is using '~/.ssh/id_rsa.pub'. | map | `{}` | no |\n| extra\\_tags | Map of extra tags to add to resources, eg. `{ Environment = 'dev' }`. Defaults to {}. Terraform='true' and Name tags are added automatically. | map | `{}` | no |\n| instance\\_type | EC2 instance type, defaults to t3.nano. | string | `\"t3.nano\"` | no |\n| key\\_name | EC2 keypair name to start the instance with. Either this or 'create_public_key' variable is required. | string | `\"\"` | no |\n| name | Used in instance, security group, keypair naming, defaults to 'bastion-host' | string | `\"bastion-host\"` | no |\n| subnet\\_id | Subnet ID to launch bastion host in, if not provided, subnet_tags is used to discover. | string | `\"\"` | no |\n| subnet\\_tags | Mapping of tags to discover the public subnet, defaults to `{ Tier = 'Public' }`, see https://www.terraform.io/docs/providers/aws/d/subnet_ids.html#tags | map | `{ Tier = 'Public' }` | no |\n| tcp\\_ports | List of TCP ports to allow in security group, defaults to [22] | list | `[22]` | no |\n| vpc\\_id | VPC ID for the bastion host. | string | n/a | yes |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| instance | AWS Instance object, https://www.terraform.io/docs/providers/aws/r/instance.html |\n| private\\_ip | Private IP associated with the instance. |\n| public\\_ip | Public IP associated with the instance. |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feguven%2Fterraform-aws-bastion-host","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feguven%2Fterraform-aws-bastion-host","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feguven%2Fterraform-aws-bastion-host/lists"}