diff --git a/README.md b/README.md
index 8877782..28e3b66 100644
--- a/README.md
+++ b/README.md
@@ -82,12 +82,6 @@ Description: A list of private subnet IDs into which Vault and Consul will be pr
Type: `list(string)`
-### [ssh\_keys](#input\_ssh\_keys)
-
-Description: A list of public ssh keys to add to authorized\_keys files.
-
-Type: `list(string)`
-
### [ssh\_security\_group\_id](#input\_ssh\_security\_group\_id)
Description: Security group ID of a bastion (or other EC2 instance) from which you will be allowed to ssh into Vault and Consul.
@@ -144,6 +138,22 @@ Type: `string`
Default: `""`
+### [ssh\_user](#input\_ssh\_user)
+
+Description: User name used for SSH-connections.
+
+Type: `string`
+
+Default: `"ubuntu"`
+
+### [ssh\_keys](#input\_ssh\_keys)
+
+Description: A list of public ssh keys to add to authorized\_keys files.
+
+Type: `list(string)`
+
+Default: `[]`
+
### [consul\_instance\_type](#input\_consul\_instance\_type)
Description: The type of EC2 Instance to run in the Consul ASG
diff --git a/data.tf b/data.tf
index aba8a26..2502393 100644
--- a/data.tf
+++ b/data.tf
@@ -1,5 +1 @@
data "aws_region" "current" {}
-
-data "aws_elb" "vault_elb" {
- name = module.vault_elb.name
-}
diff --git a/main.tf b/main.tf
index 3d036a5..3c983c6 100644
--- a/main.tf
+++ b/main.tf
@@ -13,7 +13,7 @@ module "vault_cluster" {
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_val
ssh_keys = join("\n", var.ssh_keys)
- ssh_user = "ubuntu"
+ ssh_user = var.ssh_user
}))
vpc_id = var.vpc_id
@@ -71,7 +71,7 @@ module "vault_elb" {
resource "aws_autoscaling_attachment" "vault" {
autoscaling_group_name = module.vault_cluster.asg_name
- elb = data.aws_elb.vault_elb.id
+ elb = module.vault_elb.id
}
module "consul_cluster" {
@@ -86,7 +86,7 @@ module "consul_cluster" {
consul_cluster_tag_key = local.consul_cluster_tag_key
consul_cluster_tag_value = local.consul_cluster_tag_val
ssh_keys = join("\n", var.ssh_keys)
- ssh_user = "ubuntu"
+ ssh_user = var.ssh_user
}))
vpc_id = var.vpc_id
diff --git a/modules/consul-cluster/README.md b/modules/consul-cluster/README.md
index 61659ec..560bcda 100644
--- a/modules/consul-cluster/README.md
+++ b/modules/consul-cluster/README.md
@@ -31,9 +31,9 @@ rules.
| Name | Source | Version |
|------|--------|---------|
-| [attach\_security\_group](#module\_attach\_security\_group) | terraform-aws-modules/security-group/aws | 5.1.0 |
+| [attach\_security\_group](#module\_attach\_security\_group) | terraform-aws-modules/security-group/aws | 5.2.0 |
| [iam\_policies](#module\_iam\_policies) | github.com/hashicorp/terraform-aws-consul//modules/consul-iam-policies | v0.11.0 |
-| [lc\_security\_group](#module\_lc\_security\_group) | terraform-aws-modules/security-group/aws | 5.1.0 |
+| [lc\_security\_group](#module\_lc\_security\_group) | terraform-aws-modules/security-group/aws | 5.2.0 |
## Resources
diff --git a/modules/consul-cluster/main.tf b/modules/consul-cluster/main.tf
index 8b6e2c1..9a5be0c 100644
--- a/modules/consul-cluster/main.tf
+++ b/modules/consul-cluster/main.tf
@@ -71,7 +71,7 @@ resource "aws_launch_template" "launch_template" {
block_device_mappings {
device_name = "/dev/sda1"
ebs {
- volume_size = var.root_volume_size
+ volume_size = var.root_volume_size
delete_on_termination = var.root_volume_delete_on_termination
volume_type = var.root_volume_type
}
diff --git a/modules/consul-cluster/security-groups.tf b/modules/consul-cluster/security-groups.tf
index 4bd085a..cac44e0 100644
--- a/modules/consul-cluster/security-groups.tf
+++ b/modules/consul-cluster/security-groups.tf
@@ -1,6 +1,6 @@
module "attach_security_group" {
source = "terraform-aws-modules/security-group/aws"
- version = "5.1.0"
+ version = "5.2.0"
name = "${var.cluster_name}-att"
description = "Null Placeholder security group for other instances to use as destination to access ${var.cluster_name}"
@@ -38,7 +38,7 @@ module "attach_security_group" {
module "lc_security_group" {
source = "terraform-aws-modules/security-group/aws"
- version = "5.1.0"
+ version = "5.2.0"
name = var.cluster_name
description = "Security group for the ${var.cluster_name} launch configuration"
diff --git a/modules/vault-cluster/README.md b/modules/vault-cluster/README.md
index 1d62025..354b415 100644
--- a/modules/vault-cluster/README.md
+++ b/modules/vault-cluster/README.md
@@ -51,8 +51,8 @@ machines.
| Name | Source | Version |
|------|--------|---------|
-| [attach\_security\_group](#module\_attach\_security\_group) | terraform-aws-modules/security-group/aws | 5.1.0 |
-| [lc\_security\_group](#module\_lc\_security\_group) | terraform-aws-modules/security-group/aws | 5.1.0 |
+| [attach\_security\_group](#module\_attach\_security\_group) | terraform-aws-modules/security-group/aws | 5.2.0 |
+| [lc\_security\_group](#module\_lc\_security\_group) | terraform-aws-modules/security-group/aws | 5.2.0 |
## Resources
diff --git a/modules/vault-cluster/main.tf b/modules/vault-cluster/main.tf
index 50cec40..febb332 100644
--- a/modules/vault-cluster/main.tf
+++ b/modules/vault-cluster/main.tf
@@ -67,7 +67,7 @@ resource "aws_launch_template" "launch_template" {
block_device_mappings {
device_name = "/dev/sda1"
ebs {
- volume_size = var.root_volume_size
+ volume_size = var.root_volume_size
delete_on_termination = var.root_volume_delete_on_termination
volume_type = var.root_volume_type
}
diff --git a/modules/vault-cluster/security-groups.tf b/modules/vault-cluster/security-groups.tf
index 991a2ff..50d779a 100644
--- a/modules/vault-cluster/security-groups.tf
+++ b/modules/vault-cluster/security-groups.tf
@@ -1,6 +1,6 @@
module "attach_security_group" {
source = "terraform-aws-modules/security-group/aws"
- version = "5.1.0"
+ version = "5.2.0"
name = "${var.cluster_name}-att"
description = "Null Placeholder security group for other instances to use as destination to access ${var.cluster_name}"
@@ -38,7 +38,7 @@ module "attach_security_group" {
module "lc_security_group" {
source = "terraform-aws-modules/security-group/aws"
- version = "5.1.0"
+ version = "5.2.0"
name = var.cluster_name
description = "Security group for the ${var.cluster_name} launch configuration"
diff --git a/user-data/consul.sh.tftpl b/user-data/consul.sh.tftpl
index 4c69e8a..3c3a968 100755
--- a/user-data/consul.sh.tftpl
+++ b/user-data/consul.sh.tftpl
@@ -12,7 +12,7 @@ set -x
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
# Add SSH keys
-printf "${ssh_keys}\n" > "/home/${ssh_user}/.ssh/authorized_keys"
+printf "${ssh_keys}\n" >> "/home/${ssh_user}/.ssh/authorized_keys"
chmod 600 "/home/${ssh_user}/.ssh/authorized_keys"
chown ${ssh_user}:${ssh_user} "/home/${ssh_user}/.ssh/authorized_keys"
diff --git a/user-data/vault.sh.tftpl b/user-data/vault.sh.tftpl
index 28f8371..07e67ca 100755
--- a/user-data/vault.sh.tftpl
+++ b/user-data/vault.sh.tftpl
@@ -13,7 +13,7 @@ set -x
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
# Add SSH keys
-printf "${ssh_keys}\n" > "/home/${ssh_user}/.ssh/authorized_keys"
+printf "${ssh_keys}\n" >> "/home/${ssh_user}/.ssh/authorized_keys"
chmod 600 "/home/${ssh_user}/.ssh/authorized_keys"
chown ${ssh_user}:${ssh_user} "/home/${ssh_user}/.ssh/authorized_keys"
diff --git a/variables.tf b/variables.tf
index d978adf..9ce4e5d 100644
--- a/variables.tf
+++ b/variables.tf
@@ -43,9 +43,16 @@ variable "vault_route53_public_dns_name" {
type = string
}
+variable "ssh_user" {
+ description = "User name used for SSH-connections."
+ type = string
+ default = "ubuntu"
+}
+
variable "ssh_keys" {
description = "A list of public ssh keys to add to authorized_keys files."
type = list(string)
+ default = []
}
variable "consul_instance_type" {