19 lines
569 B
HCL
19 lines
569 B
HCL
# Bastion Server
|
|
# Only active if operator mode is turned on. Use this to SSH into
|
|
|
|
resource "aws_instance" "bastion" {
|
|
count = var.operator_mode ? 1 : 0
|
|
|
|
ami = var.use_latest_ami ? data.aws_ssm_parameter.latest_ami.value : var.ami_id
|
|
instance_type = var.bastion_instance_type
|
|
key_name = var.ec2_key_pair_name
|
|
vpc_security_group_ids = [aws_security_group.bastion.id]
|
|
subnet_id = aws_subnet.public[0].id
|
|
associate_public_ip_address = true
|
|
|
|
tags = merge(
|
|
{ "Name" = "${var.main_project_tag}-bastion"},
|
|
{ "Project" = var.main_project_tag }
|
|
)
|
|
}
|