Merge pull request #73 from answerdigital/TERRA-53

robg-test · web-flow · commit cbfa7a8729fa · 2023-07-17T12:30:06.000+01:00
Added abillity to provide own SSH Key for EC2 module
diff --git a/modules/aws/ec2/README.md b/modules/aws/ec2/README.md
@@ -37,6 +37,7 @@ This Terraform module will produce an EC2 instance which can be accessed via ssh
 | <a name="input_ami_id"></a> [ami\_id](#input\_ami\_id) | This is the id of the ami image used for the ec2 instance. | `string` | n/a | yes |
 | <a name="input_associate_public_ip_address"></a> [associate\_public\_ip\_address](#input\_associate\_public\_ip\_address) | This is a boolean value indicating if a public IP address should be associated with the EC2 instance. | `bool` | `true` | no |
 | <a name="input_availability_zone"></a> [availability\_zone](#input\_availability\_zone) | This is the availability zone you want the ec2 instance to be created in. | `string` | n/a | yes |
+| <a name="input_custom_key_name"></a> [custom\_key\_name](#input\_custom\_key\_name) | Provide the name of an EC2 key pair to use your own key. By default the SSH key will be managed by this module. | `string` | `""` | no |
 | <a name="input_ec2_instance_type"></a> [ec2\_instance\_type](#input\_ec2\_instance\_type) | This is the type of EC2 instance you want. | `string` | `"t2.micro"` | no |
 | <a name="input_needs_elastic_ip"></a> [needs\_elastic\_ip](#input\_needs\_elastic\_ip) | This is a boolean value indicating whether an elastic IP should be generated and associated with the EC2 instance. | `bool` | `false` | no |
 | <a name="input_owner"></a> [owner](#input\_owner) | This is used to specify the owner of the resources in this module. | `string` | n/a | yes |
@@ -52,7 +53,7 @@ This Terraform module will produce an EC2 instance which can be accessed via ssh
 |------|-------------|
 | <a name="output_instance_id"></a> [instance\_id](#output\_instance\_id) | This outputs the unique ID of the EC2 instance. |
 | <a name="output_instance_public_ip_address"></a> [instance\_public\_ip\_address](#output\_instance\_public\_ip\_address) | This outputs the public IP associated with the EC2 instance. Note that this output will be the same as the elastic IP if `needs_elastic_ip` is set to `true`. This output is of type `string`. |
-| <a name="output_private_key"></a> [private\_key](#output\_private\_key) | This outputs the private key. |
+| <a name="output_private_key"></a> [private\_key](#output\_private\_key) | This outputs the self-generated private key - This will not be populated if you provide your own key |
 <!-- END_TF_DOCS -->
 
 # Example Usage
diff --git a/modules/aws/ec2/examples/README.md b/modules/aws/ec2/examples/README.md
@@ -26,6 +26,6 @@
 
 | Name | Description |
 |------|-------------|
+| <a name="output_generated_private_key"></a> [generated\_private\_key](#output\_generated\_private\_key) | n/a |
 | <a name="output_ip"></a> [ip](#output\_ip) | n/a |
-| <a name="output_private_key"></a> [private\_key](#output\_private\_key) | n/a |
 <!-- END_TF_DOCS -->
diff --git a/modules/aws/ec2/examples/output.tf b/modules/aws/ec2/examples/output.tf
@@ -2,7 +2,7 @@ output "ip" {
   value = module.ec2_instance_setup.instance_public_ip_address
 }
 
-output "private_key" {
+output "generated_private_key" {
   value     = module.ec2_instance_setup.private_key
   sensitive = true
 }
diff --git a/modules/aws/ec2/main.tf b/modules/aws/ec2/main.tf
@@ -46,18 +46,20 @@ resource "aws_iam_role_policy_attachment" "instance_role" {
 }
 
 resource "tls_private_key" "private_key" {
+  count     = var.custom_key_name == "" ? 1 : 0
   algorithm = "RSA"
   rsa_bits  = 4096
 }
 
 resource "aws_key_pair" "key_pair" {
+  count      = var.custom_key_name == "" ? 1 : 0
   key_name   = "${var.project_name}-key-pair"
-  public_key = tls_private_key.private_key.public_key_openssh
+  public_key = tls_private_key.private_key[0].public_key_openssh
 }
 
 resource "aws_instance" "ec2" {
   instance_type = var.ec2_instance_type
-  key_name      = aws_key_pair.key_pair.key_name
+  key_name      = var.custom_key_name == "" ? aws_key_pair.key_pair[0].key_name : var.custom_key_name
   ami           = var.ami_id
   metadata_options {
     http_endpoint = "enabled"
diff --git a/modules/aws/ec2/output.tf b/modules/aws/ec2/output.tf
@@ -9,7 +9,7 @@ output "instance_id" {
 }
 
 output "private_key" {
-  value       = tls_private_key.private_key.private_key_pem
-  description = "This outputs the private key."
+  value       = tls_private_key.private_key[0].private_key_pem
+  description = "This outputs the self-generated private key - This will not be populated if you provide your own key"
   sensitive   = true
 }
diff --git a/modules/aws/ec2/variables.tf b/modules/aws/ec2/variables.tf
@@ -63,3 +63,9 @@ variable "user_data_replace_on_change" {
   default     = true
   description = "This value indicates whether changes to the `user_data` value triggers a rebuild of the EC2 instance."
 }
+
+variable "custom_key_name" {
+  type        = string
+  description = "Provide the name of an EC2 key pair to use your own key. By default the SSH key will be managed by this module."
+  default     = ""
+}

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ output "ip" {`
`2`	`2`	`value = module.ec2_instance_setup.instance_public_ip_address`
`3`	`3`	`}`
`4`	`4`
`5`		`-output "private_key" {`
	`5`	`+output "generated_private_key" {`
`6`	`6`	`value = module.ec2_instance_setup.private_key`
`7`	`7`	`sensitive = true`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ output "instance_id" {`
`9`	`9`	`}`
`10`	`10`
`11`	`11`	`output "private_key" {`
`12`		`- value = tls_private_key.private_key.private_key_pem`
`13`		`- description = "This outputs the private key."`
	`12`	`+ value = tls_private_key.private_key[0].private_key_pem`
	`13`	`+ description = "This outputs the self-generated private key - This will not be populated if you provide your own key"`
`14`	`14`	`sensitive = true`
`15`	`15`	`}`