commit 6c10bacd90c438bb2218f1daa9c0cb248aa04d9f Author: Patrick de Ruiter Date: Wed Jun 24 11:30:14 2020 +0200 first commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..a9ba2dd --- /dev/null +++ b/README.md @@ -0,0 +1,98 @@ +# Terraform bastion module + +Module to create a bastion host (or stepping stone). The module let you enable this host once needed. Be default the host is not created. + +## Terraform version + +- Terraform 0.12: Pin module to `~> 2+`, submit pull request to branch `develop` +- Terraform 0.11: Pin module to `~> 1.x`, submit pull request to branch `terrafomr011` + + +## Example usages: +See also the [full examples](./examples). + +``` + +module "vpc" { + source = "git::https://github.com/philips-software/terraform-aws-vpc?ref=2.0.0" + + environment = var.environment + aws_region = var.aws_region +} + +# Default bastion +module "bastion" { + source = "git::https://github.com/philips-software/terraform-aws-bastion?ref=2.0.0" + enable_bastion = true + + environment = var.environment + project = var.project + + aws_region = var.aws_region + key_name = aws_key_pair.bastion_key[0].key_name + subnet_id = element(module.vpc.public_subnets, 0) + vpc_id = module.vpc.vpc_id + + // add additional tags + tags = { + my-tag = "my-new-tag" + } +} + +``` + +## Inputs + +| Name | Description | Type | Default | Required | +| ----------------------- | ------------------------------------------------------------------------------------------------------------ | :---------: | :-----------: | :------: | +| admin\_cidr | CIDR pattern to access the bastion host | string | `"0.0.0.0/0"` | no | +| amazon\_optimized\_amis | Map from region to AMI. By default the latest Amazon Linux is used. | map(string) | `` | no | +| aws\_region | The Amazon region. | string | n/a | yes | +| ebs\_optimized | If true, the launched EC2 instance will be EBS-optimized. | bool | `"false"` | no | +| enable\_bastion | If true the bastion will be created. Be default the bastion host is not running, needs explicit set to true. | bool | `"false"` | no | +| environment | Logical name of the environment. | string | n/a | yes | +| instance\_type | EC2 instance type. | string | `"t2.micro"` | no | +| key\_name | SSH key name for the environment. | string | n/a | yes | +| project | Name of the project. | string | n/a | yes | +| subnet\_id | Subnet in which the basion needs to be deployed. | string | n/a | yes | +| tags | Map of tags to apply on the resources | map(string) | `` | no | +| user\_data | Used data for bastion EC2 instance | string | `""` | no | +| vpc\_id | The VPC to launch the instance in (e.g. vpc-66ecaa02). | string | n/a | yes | + +## Outputs + +| Name | Description | +| ------------ | ---------------------------------- | +| instance\_id | Id of the created instance. | +| public\_ip | Public ip of the created instance. | + +## Automated checks +Currently the automated checks are limited. In CI the following checks are done for the root and each example. +- lint: `terraform validate` and `terraform fmt` +- basic init / get check: `terraform init -get -backend=false -input=false` + +## Generation variable documentation +A markdown table for variables can be generated as follow. Generation requires awk and terraform-docs installed. + +``` + .ci/bin/terraform-docs.sh markdown . +``` + +## Philips Forest + +This module is part of the Philips Forest. + +``` + ___ _ + / __\__ _ __ ___ ___| |_ + / _\/ _ \| '__/ _ \/ __| __| + / / | (_) | | | __/\__ \ |_ + \/ \___/|_| \___||___/\__| + + Infrastructure +``` + +Talk to the forestkeepers in the `forest`-channel on Slack. + +[![Slack](https://philips-software-slackin.now.sh/badge.svg)](https://philips-software-slackin.now.sh) +# terraform-aws-bastion