行业智能>> terraform-aws-bastion>> 返回
项目作者: philips-software

项目描述 :
Terraform module to create an AWS bastion host
高级语言: HCL
项目地址: git://github.com/philips-software/terraform-aws-bastion.git
创建时间: 2018-06-07T06:16:43Z
项目社区:https://github.com/philips-software/terraform-aws-bastion
开源协议:MIT License
下载


Terraform bastion module

Module to create a bastion host (or stepping stone). The module let you enable this host once needed. Be default the host is not created.

Terraform version

  • Terraform 0.12: Pin module to ~> 2+, submit pull request to branch develop
  • Terraform 0.11: Pin module to ~> 1.x, submit pull request to branch terrafomr011

Example usages:

See also the full examples.

  2. module "vpc" {
  3.   source = "git::https://github.com/philips-software/terraform-aws-vpc?ref=2.0.0"
  5.   environment = var.environment
  6.   aws_region  = var.aws_region
  7. }
  9. # Default bastion
  10. module "bastion" {
  11.   source = "git::https://github.com/philips-software/terraform-aws-bastion?ref=2.0.0"
  12.   enable_bastion = true
  14.   environment = var.environment
  15.   project     = var.project
  17.   aws_region = var.aws_region
  18.   key_name   = aws_key_pair.bastion_key[0].key_name
  19.   subnet_id  = element(module.vpc.public_subnets, 0)
  20.   vpc_id     = module.vpc.vpc_id
  22.   // add additional tags
  23.   tags = {
  24.     my-tag = "my-new-tag"
  25.   }
  26. }

Inputs

Name Description Type Default Required
admin_cidr CIDR pattern to access the bastion host string "0.0.0.0/0" no
amazon_optimized_amis Map from region to AMI. By default the latest Amazon Linux is used. map(string) <map> no
aws_region The Amazon region. string n/a yes
ebs_optimized If true, the launched EC2 instance will be EBS-optimized. bool "false" no
enable_bastion If true the bastion will be created. Be default the bastion host is not running, needs explicit set to true. bool "false" no
environment Logical name of the environment. string n/a yes
instance_type EC2 instance type. string "t2.micro" no
key_name SSH key name for the environment. string n/a yes
project Name of the project. string n/a yes
subnet_id Subnet in which the basion needs to be deployed. string n/a yes
tags Map of tags to apply on the resources map(string) <map> no
user_data Used data for bastion EC2 instance string "" no
vpc_id The VPC to launch the instance in (e.g. vpc-66ecaa02). string n/a yes

Outputs

Name Description
instance_id Id of the created instance.
public_ip Public ip of the created instance.

Automated checks

Currently the automated checks are limited. In CI the following checks are done for the root and each example.

  • lint: terraform validate and terraform fmt
  • basic init / get check: terraform init -get -backend=false -input=false

Generation variable documentation

A markdown table for variables can be generated as follow. Generation requires awk and terraform-docs installed.

  1.  .ci/bin/terraform-docs.sh markdown .

Philips Forest

This module is part of the Philips Forest.

  1.                                                      ___                   _
  2.                                                     / __\__  _ __ ___  ___| |_
  3.                                                    / _\/ _ \| '__/ _ \/ __| __|
  4.                                                   / / | (_) | | |  __/\__ \ |_
  5.                                                   \/   \___/|_|  \___||___/\__|  
  7.                                                                  Infrastructure

Talk to the forestkeepers in the forest-channel on Slack.

Slack