https://github.com/opszero/terraform-aws-instance
https://github.com/opszero/terraform-aws-instance
Last synced: 10 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/opszero/terraform-aws-instance
- Owner: opszero
- License: other
- Created: 2022-04-25T16:35:25.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2025-11-06T12:43:06.000Z (3 months ago)
- Last Synced: 2025-11-06T14:28:28.374Z (3 months ago)
- Language: HCL
- Homepage: https://opszero.com
- Size: 156 KB
- Stars: 0
- Watchers: 1
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Support: SUPPORT
Awesome Lists containing this project
README
# Instance (AWS)
AWS Instance with multiple SSH Key support.
## Usage
``` sh
ssh-keygen -t rsa
```
``` sh
module "bastion" {
source = "github.com/opszero/terraform-aws-bastion"
ssh_keys = [ "ssh-rsa ..." ]
users = {
"username" = {
ssh-keys = [
"ssh-rs ..."
]
}
}
}
```
## Connect
- Use [MrMgr](https://github.com/opszero/terraform-aws-bastion) to setup IAM access to the Bastion
- `pip3 install pip3 install ec2instanceconnectcli`
- `mssh --profile awsprofile ubuntu@i-1234566`
## Deployment
```sh
terraform init
terraform plan
terraform apply -auto-approve
```
## Teardown
```sh
terraform destroy -auto-approve
```
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | n/a |
| [cloudinit](#provider\_cloudinit) | n/a |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [ami\_id](#input\_ami\_id) | The AMI ID of the bastion host | `string` | `null` | no |
| [efs\_mounts](#input\_efs\_mounts) | EFS multiple mounts | `map` | `{}` | no |
| [ingress\_cidrs](#input\_ingress\_cidrs) | Configuration block for ingress rules | `any` | n/a | yes |
| [instance\_profile](#input\_instance\_profile) | n/a |
object({
role_name = string
assume_role_service = string
policy_arns = list(string)
}) | `null` | no |
| [instance\_type](#input\_instance\_type) | EC2 Instance Type of the bastion host | `string` | `"t3.micro"` | no |
| [name](#input\_name) | The name of the bastion host | `string` | n/a | yes |
| [security\_group\_ids](#input\_security\_group\_ids) | A list of security group names to associate with. | `list(any)` | `[]` | no |
| [ssh\_keys](#input\_ssh\_keys) | SSH public keys to add to the image | `list(any)` | `[]` | no |
| [subnet\_id](#input\_subnet\_id) | The VPC subnet ID to launch in EC2 bastion host | `string` | n/a | yes |
| [tags](#input\_tags) | A map of tags to assign to the resource | `map(any)` | `{}` | no |
| [ubuntu\_version](#input\_ubuntu\_version) | Ubuntu Server Version | `string` | `"24.04"` | no |
| [user\_data](#input\_user\_data) | User data to provide when launching the instance | `string` | `""` | no |
| [user\_data\_replace\_on\_change](#input\_user\_data\_replace\_on\_change) | To recreate the instance when user\_data is changed | `bool` | `false` | no |
| [userdata](#input\_userdata) | User data to provide when launching the instance | `string` | `""` | no |
| [users](#input\_users) | Custom user accounts of the instance | `map` | {
"retool": {
"ssh-keys": []
}
} | no |
| [volume\_size](#input\_volume\_size) | Size of the volume in gibibytes (GiB) | `number` | `20` | no |
| [vpc\_id](#input\_vpc\_id) | The VPC ID to create security group for bastion host | `string` | n/a | yes |
## Resources
| Name | Type |
|------|------|
| [aws_cloudwatch_metric_alarm.aws_bastion_cpu_threshold](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
| [aws_eip.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip) | resource |
| [aws_iam_instance_profile.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_instance.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |
| [aws_security_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_ssm_parameter.ubuntu](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
| [cloudinit_config.config](https://registry.terraform.io/providers/hashicorp/cloudinit/latest/docs/data-sources/config) | data source |
## Outputs
| Name | Description |
|------|-------------|
| [instance\_id](#output\_instance\_id) | n/a |
| [public\_ip](#output\_public\_ip) | n/a |
# 🚀 Built by opsZero!
[opsZero](https://opszero.com) provides software and consulting for Cloud + AI. With our decade plus of experience scaling some of the world’s most innovative companies we have developed deep expertise in Kubernetes, DevOps, FinOps, and Compliance.
Our software and consulting solutions enable organizations to:
- migrate workloads to the Cloud
- setup compliance frameworks including SOC2, HIPAA, PCI-DSS, ITAR, FedRamp, CMMC, and more.
- FinOps solutions to reduce the cost of running Cloud workloads
- Kubernetes optimized for web scale and AI workloads
- finding underutilized Cloud resources
- setting up custom AI training and delivery
- building data integrations and scrapers
- modernizing onto modern ARM based processors
We do this with a high-touch support model where you:
- Get access to us on Slack, Microsoft Teams or Email
- Get 24/7 coverage of your infrastructure
- Get an accelerated migration to Kubernetes
Please [schedule a call](https://calendly.com/opszero-llc/discovery) if you need support.
