make ssh_public_key optional (#107)

docs/CONFIG-VARS.md

@@ -36,7 +36,6 @@ Terraform input variables can be set in the following ways:
 | :--- | :--- | :--- | :--- | :--- |
 | prefix | A prefix used in the name of all the AWS resources created by this script | string | | The prefix string must start with a lowercase letter and can contain only lowercase alphanumeric characters and dashes (-), but cannot end with a dash. |
 | location | The AWS Region with which to provision all resources in this script | string | "us-east-1" | |
-| ssh_public_key | Name of file with public SSH key for VMs | string | "~/.ssh/id_rsa.pub" | Value is required in order to access your VMs. |
 
 ### AWS Authentication
 
@@ -202,6 +201,7 @@ Custom policy:
 | jump_rwx_filestore_path | File store mount point on jump VM | string | "/viya-share" | This location cannot include "/mnt" as its root location. This disk is ephemeral on Ubuntu, which is the operating system being used for the jump VM and NFS servers. |
 | tags | Map of common tags to be placed on all AWS resources created by this script | map | { project_name = "viya" } | |
 | autoscaling_enabled | Enable cluster autoscaling | bool | true | |
+| ssh_public_key | File name of public ssh key for jump and nfs VM | string | "~/.ssh/id_rsa.pub" | Required with `create_jump_vm=true` or `storage_type=standard` |
 
 ## Node Pools
 

examples/sample-input-byo.tfvars

@@ -6,7 +6,6 @@
 # These required variables' values MUST be provided by the User
 prefix                                  = "<prefix-value>"
 location                                = "<aws-location-value>" # e.g., "us-east-1"
-ssh_public_key                          = "~/.ssh/id_rsa.pub"
 # ****************  REQUIRED VARIABLES  ****************
 
 # Bring your own existing resources
@@ -23,7 +22,8 @@ security_group_id = "<existing-security-group-id>" # only needed if using pre-ex
 #          to your cluster will be blocked by default.
 
 # **************  RECOMMENDED  VARIABLES  ***************
-default_public_access_cidrs             = []  # e.g., ["123.45.6.89/32"]
+default_public_access_cidrs = []  # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
 # **************  RECOMMENDED  VARIABLES  ***************
 
 # Tags for all tagable items in your cluster.

examples/sample-input-custom-data.tfvars

@@ -6,14 +6,14 @@
 # These required variables' values MUST be provided by the User
 prefix                                  = "<prefix-value>"
 location                                = "<aws-location-value>" # e.g., "us-east-1"
-ssh_public_key                          = "~/.ssh/id_rsa.pub"
 # ****************  REQUIRED VARIABLES  ****************
 
 # !NOTE! - Without specifying your CIDR block access rules, ingress traffic
 #          to your cluster will be blocked by default.
 
 # **************  RECOMMENDED  VARIABLES  ***************
-default_public_access_cidrs             = []  # e.g., ["123.45.6.89/32"]
+default_public_access_cidrs = []  # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
 # **************  RECOMMENDED  VARIABLES  ***************
 
 # Tags for all tagable items in your cluster.

examples/sample-input-defaults.tfvars

@@ -6,14 +6,14 @@
 # These required variables' values MUST be provided by the User
 prefix                                  = "<prefix-value>"
 location                                = "<aws-location-value>" # e.g., "us-east-1"
-ssh_public_key                          = "~/.ssh/id_rsa.pub"
 # ****************  REQUIRED VARIABLES  ****************
 
 # !NOTE! - Without specifying your CIDR block access rules, ingress traffic
 #          to your cluster will be blocked by default.
 
 # **************  RECOMMENDED  VARIABLES  ***************
-default_public_access_cidrs             = []  # e.g., ["123.45.6.89/32"]
+default_public_access_cidrs = []  # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
 # **************  RECOMMENDED  VARIABLES  ***************
 
 # Tags for all tagable items in your cluster.

examples/sample-input-ha.tfvars

@@ -6,14 +6,14 @@
 # These required variables' values MUST be provided by the User
 prefix                                  = "<prefix-value>"
 location                                = "<aws-location-value>" # e.g., "us-east-1"
-ssh_public_key                          = "~/.ssh/id_rsa.pub"
 # ****************  REQUIRED VARIABLES  ****************
 
 # !NOTE! - Without specifying your CIDR block access rules, ingress traffic
 #          to your cluster will be blocked by default.
 
 # **************  RECOMMENDED  VARIABLES  ***************
-default_public_access_cidrs             = []  # e.g., ["123.45.6.89/32"]
+default_public_access_cidrs = []  # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
 # **************  RECOMMENDED  VARIABLES  ***************
 
 # Tags for all tagable items in your cluster.

examples/sample-input-minimal.tfvars

@@ -6,14 +6,14 @@
 # These required variables' values MUST be provided by the User
 prefix                                  = "<prefix-value>"
 location                                = "<aws-location-value>" # e.g., "us-east-1"
-ssh_public_key                          = "~/.ssh/id_rsa.pub"
 # ****************  REQUIRED VARIABLES  ****************
 
 # !NOTE! - Without specifying your CIDR block access rules, ingress traffic
 #          to your cluster will be blocked by default.
 
 # **************  RECOMMENDED  VARIABLES  ***************
-default_public_access_cidrs             = []  # e.g., ["123.45.6.89/32"]
+default_public_access_cidrs = []  # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
 # **************  RECOMMENDED  VARIABLES  ***************
 
 # Tags for all tagable items in your cluster.

examples/sample-input.tfvars

@@ -6,14 +6,14 @@
 # These required variables' values MUST be provided by the User
 prefix                                  = "<prefix-value>"
 location                                = "<aws-location-value>" # e.g., "us-east-1"
-ssh_public_key                          = "~/.ssh/id_rsa.pub"
 # ****************  REQUIRED VARIABLES  ****************
 
 # !NOTE! - Without specifying your CIDR block access rules, ingress traffic
 #          to your cluster will be blocked by default.
 
 # **************  RECOMMENDED  VARIABLES  ***************
-default_public_access_cidrs             = []  # e.g., ["123.45.6.89/32"]
+default_public_access_cidrs = []  # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
 # **************  RECOMMENDED  VARIABLES  ***************
 
 # Tags for all tagable items in your cluster.

locals.tf

@@ -27,6 +27,12 @@ locals {
   nfs_vm_subnet                         = local.create_nfs_public_ip ? module.vpc.public_subnets[0] : module.vpc.private_subnets[0]
   nfs_vm_subnet_az                      = local.create_nfs_public_ip ? module.vpc.public_subnet_azs[0] : module.vpc.private_subnet_azs[0]
 
+  ssh_public_key = ( var.create_jump_vm || var.storage_type == "standard"
+                     ? file(var.ssh_public_key)
+                     : null
+                   )
+
+
   # Kubernetes
   kubeconfig_filename                   = "${local.cluster_name}-kubeconfig.conf"
   kubeconfig_path                       = var.iac_tooling == "docker" ? "/workspace/${local.kubeconfig_filename}" : local.kubeconfig_filename

vms.tf

@@ -81,7 +81,7 @@ module "jump" {
 
   vm_type        = var.jump_vm_type
   vm_admin       = var.jump_vm_admin
-  ssh_public_key = file(var.ssh_public_key)
+  ssh_public_key = local.ssh_public_key
 
   cloud_init = data.template_cloudinit_config.jump.0.rendered
 
@@ -137,8 +137,8 @@ module "nfs" {
 
   vm_type        = var.nfs_vm_type
   vm_admin       = var.nfs_vm_admin
-  ssh_public_key = file(var.ssh_public_key)
+  ssh_public_key = local.ssh_public_key
 
-  cloud_init = var.storage_type == "standard" ? data.template_cloudinit_config.nfs.0.rendered : null
+  cloud_init = data.template_cloudinit_config.nfs.0.rendered
 }