diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index 2d719b82..5ec96e11 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -36,7 +36,6 @@ Terraform input variables can be set in the following ways: | :--- | :--- | :--- | :--- | :--- | | prefix | A prefix used in the name of all the AWS resources created by this script | string | | The prefix string must start with a lowercase letter and can contain only lowercase alphanumeric characters and dashes (-), but cannot end with a dash. | | location | The AWS Region with which to provision all resources in this script | string | "us-east-1" | | -| ssh_public_key | Name of file with public SSH key for VMs | string | "~/.ssh/id_rsa.pub" | Value is required in order to access your VMs. | ### AWS Authentication @@ -202,6 +201,7 @@ Custom policy: | jump_rwx_filestore_path | File store mount point on jump VM | string | "/viya-share" | This location cannot include "/mnt" as its root location. This disk is ephemeral on Ubuntu, which is the operating system being used for the jump VM and NFS servers. | | tags | Map of common tags to be placed on all AWS resources created by this script | map | { project_name = "viya" } | | | autoscaling_enabled | Enable cluster autoscaling | bool | true | | +| ssh_public_key | File name of public ssh key for jump and nfs VM | string | "~/.ssh/id_rsa.pub" | Required with `create_jump_vm=true` or `storage_type=standard` | ## Node Pools diff --git a/examples/sample-input-byo.tfvars b/examples/sample-input-byo.tfvars index be110cff..63d8ffd9 100644 --- a/examples/sample-input-byo.tfvars +++ b/examples/sample-input-byo.tfvars @@ -6,7 +6,6 @@ # These required variables' values MUST be provided by the User prefix = "" location = "" # e.g., "us-east-1" -ssh_public_key = "~/.ssh/id_rsa.pub" # **************** REQUIRED VARIABLES **************** # Bring your own existing resources @@ -23,7 +22,8 @@ security_group_id = "" # only needed if using pre-ex # to your cluster will be blocked by default. # ************** RECOMMENDED VARIABLES *************** -default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +ssh_public_key = "~/.ssh/id_rsa.pub" # ************** RECOMMENDED VARIABLES *************** # Tags for all tagable items in your cluster. diff --git a/examples/sample-input-custom-data.tfvars b/examples/sample-input-custom-data.tfvars index 1d760c23..7c9ef1df 100644 --- a/examples/sample-input-custom-data.tfvars +++ b/examples/sample-input-custom-data.tfvars @@ -6,14 +6,14 @@ # These required variables' values MUST be provided by the User prefix = "" location = "" # e.g., "us-east-1" -ssh_public_key = "~/.ssh/id_rsa.pub" # **************** REQUIRED VARIABLES **************** # !NOTE! - Without specifying your CIDR block access rules, ingress traffic # to your cluster will be blocked by default. # ************** RECOMMENDED VARIABLES *************** -default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +ssh_public_key = "~/.ssh/id_rsa.pub" # ************** RECOMMENDED VARIABLES *************** # Tags for all tagable items in your cluster. diff --git a/examples/sample-input-defaults.tfvars b/examples/sample-input-defaults.tfvars index 66cd0d18..c848ef58 100644 --- a/examples/sample-input-defaults.tfvars +++ b/examples/sample-input-defaults.tfvars @@ -6,14 +6,14 @@ # These required variables' values MUST be provided by the User prefix = "" location = "" # e.g., "us-east-1" -ssh_public_key = "~/.ssh/id_rsa.pub" # **************** REQUIRED VARIABLES **************** # !NOTE! - Without specifying your CIDR block access rules, ingress traffic # to your cluster will be blocked by default. # ************** RECOMMENDED VARIABLES *************** -default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +ssh_public_key = "~/.ssh/id_rsa.pub" # ************** RECOMMENDED VARIABLES *************** # Tags for all tagable items in your cluster. diff --git a/examples/sample-input-ha.tfvars b/examples/sample-input-ha.tfvars index 75b8b2a2..fe1576fa 100644 --- a/examples/sample-input-ha.tfvars +++ b/examples/sample-input-ha.tfvars @@ -6,14 +6,14 @@ # These required variables' values MUST be provided by the User prefix = "" location = "" # e.g., "us-east-1" -ssh_public_key = "~/.ssh/id_rsa.pub" # **************** REQUIRED VARIABLES **************** # !NOTE! - Without specifying your CIDR block access rules, ingress traffic # to your cluster will be blocked by default. # ************** RECOMMENDED VARIABLES *************** -default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +ssh_public_key = "~/.ssh/id_rsa.pub" # ************** RECOMMENDED VARIABLES *************** # Tags for all tagable items in your cluster. diff --git a/examples/sample-input-minimal.tfvars b/examples/sample-input-minimal.tfvars index 783452d9..a1b82bd0 100644 --- a/examples/sample-input-minimal.tfvars +++ b/examples/sample-input-minimal.tfvars @@ -6,14 +6,14 @@ # These required variables' values MUST be provided by the User prefix = "" location = "" # e.g., "us-east-1" -ssh_public_key = "~/.ssh/id_rsa.pub" # **************** REQUIRED VARIABLES **************** # !NOTE! - Without specifying your CIDR block access rules, ingress traffic # to your cluster will be blocked by default. # ************** RECOMMENDED VARIABLES *************** -default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +ssh_public_key = "~/.ssh/id_rsa.pub" # ************** RECOMMENDED VARIABLES *************** # Tags for all tagable items in your cluster. diff --git a/examples/sample-input.tfvars b/examples/sample-input.tfvars index 9f33fe84..1cb12224 100644 --- a/examples/sample-input.tfvars +++ b/examples/sample-input.tfvars @@ -6,14 +6,14 @@ # These required variables' values MUST be provided by the User prefix = "" location = "" # e.g., "us-east-1" -ssh_public_key = "~/.ssh/id_rsa.pub" # **************** REQUIRED VARIABLES **************** # !NOTE! - Without specifying your CIDR block access rules, ingress traffic # to your cluster will be blocked by default. # ************** RECOMMENDED VARIABLES *************** -default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"] +ssh_public_key = "~/.ssh/id_rsa.pub" # ************** RECOMMENDED VARIABLES *************** # Tags for all tagable items in your cluster. diff --git a/locals.tf b/locals.tf index 5529a445..0b6e2644 100644 --- a/locals.tf +++ b/locals.tf @@ -27,6 +27,12 @@ locals { nfs_vm_subnet = local.create_nfs_public_ip ? module.vpc.public_subnets[0] : module.vpc.private_subnets[0] nfs_vm_subnet_az = local.create_nfs_public_ip ? module.vpc.public_subnet_azs[0] : module.vpc.private_subnet_azs[0] + ssh_public_key = ( var.create_jump_vm || var.storage_type == "standard" + ? file(var.ssh_public_key) + : null + ) + + # Kubernetes kubeconfig_filename = "${local.cluster_name}-kubeconfig.conf" kubeconfig_path = var.iac_tooling == "docker" ? "/workspace/${local.kubeconfig_filename}" : local.kubeconfig_filename diff --git a/vms.tf b/vms.tf index 32043f2e..bf3370e9 100644 --- a/vms.tf +++ b/vms.tf @@ -81,7 +81,7 @@ module "jump" { vm_type = var.jump_vm_type vm_admin = var.jump_vm_admin - ssh_public_key = file(var.ssh_public_key) + ssh_public_key = local.ssh_public_key cloud_init = data.template_cloudinit_config.jump.0.rendered @@ -137,8 +137,8 @@ module "nfs" { vm_type = var.nfs_vm_type vm_admin = var.nfs_vm_admin - ssh_public_key = file(var.ssh_public_key) + ssh_public_key = local.ssh_public_key - cloud_init = var.storage_type == "standard" ? data.template_cloudinit_config.nfs.0.rendered : null + cloud_init = data.template_cloudinit_config.nfs.0.rendered }