Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

provider/aws: Add aws_iam_user_ssh_key resource #5774

Merged
merged 2 commits into from
Mar 22, 2016

Conversation

stack72
Copy link
Contributor

@stack72 stack72 commented Mar 22, 2016

As requested in #5744

make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUserSSHKey' 2>~/tf.log
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUserSSHKey -timeout 120m
=== RUN   TestAccAWSUserSSHKey_basic
--- PASS: TestAccAWSUserSSHKey_basic (8.61s)
=== RUN   TestAccAWSUserSSHKey_pemEncoding
--- PASS: TestAccAWSUserSSHKey_pemEncoding (8.62s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    17.255s

@jen20
Copy link
Contributor

jen20 commented Mar 22, 2016

👍 LGTM!

jen20 added a commit that referenced this pull request Mar 22, 2016
provider/aws: Add `aws_iam_user_ssh_key` resource
@jen20 jen20 merged commit 22a409e into hashicorp:master Mar 22, 2016
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 22, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output 
`git_ssh_key_id` which is the key id of the ssh key and the user that 
must be used when connecting to the codecommit git repo.

But terraform does not currently support upload ssh keys, although
the PR is in master and will be released soon:

hashicorp/terraform#5744
hashicorp/terraform#5774

To workaround this, we implemented the following workaround:
 1. One template_file which contains the public key. 
      If it changes, it will run a script `aws-upload-aws-key.sh` to upload the 
      SSH key to the user. The script takes care of duplicates.
     
 2. A template_file resource will read from a `id_rsa_key_id`, and execute a
      script to query the ID if the file has changed since last execution. 
      This ensures that the file is updated.
       We must commit a empty file to avoid terraform fail the first run.
 
 3. Another template_file which reads the previous  populated 
     `id_rsa_key_id` file. This allows read the file content and expose it as 
      a terraform output.

This workaround can be removed and replaced as the resource
`aws_iam_user_ssh_key` is supported and released in the official
terraform release.
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 23, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

But terraform does not currently support upload ssh keys, although
the PR is in master and will be released soon:

hashicorp/terraform#5744
hashicorp/terraform#5774

To workaround this, we implemented the following workaround:
 1. One template_file which contains the public key.
      If it changes, it will run a script `aws-upload-aws-key.sh` to upload the
      SSH key to the user. The script takes care of duplicates.

 2. A template_file resource will read from a `id_rsa_key_id`, and execute a
      script to query the ID if the file has changed since last execution.
      This ensures that the file is updated.
       We must commit a empty file to avoid terraform fail the first run.

 3. Another template_file which reads the previous  populated
     `id_rsa_key_id` file. This allows read the file content and expose it as
      a terraform output.

This workaround can be removed and replaced as the resource
`aws_iam_user_ssh_key` is supported and released in the official
terraform release.
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 23, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

We use the resource `aws_iam_user_ssh_key` which has been added in this
issue and PR:

hashicorp/terraform#5744
hashicorp/terraform#5774
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 23, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

We use the resource `aws_iam_user_ssh_key` which has been added in this
issue and PR:

hashicorp/terraform#5744
hashicorp/terraform#5774
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 23, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

We use the resource `aws_iam_user_ssh_key` which has been added in this
issue and PR:

hashicorp/terraform#5744
hashicorp/terraform#5774
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 23, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

We use the resource `aws_iam_user_ssh_key` which has been added in this
issue and PR:

hashicorp/terraform#5744
hashicorp/terraform#5774
keymon added a commit to alphagov/paas-cf that referenced this pull request Mar 23, 2016
In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

We use the resource `aws_iam_user_ssh_key` which has been added in this
issue and PR:

hashicorp/terraform#5744
hashicorp/terraform#5774
dcarley added a commit to alphagov/paas-docker-cloudfoundry-tools that referenced this pull request Apr 29, 2016
This isn't as big a jump as this individual commit suggests because we were
already using a pre-release version of 0.6.15 in 57cc1a9. We are upgrading
so that we no longer need to build from source to benefit from these fixes:

- hashicorp/terraform#5774
- hashicorp/terraform#5904

The CHANGELOG doesn't mention any backwards-incompatible changes. New
checksum has been taken from:

- https://releases.hashicorp.com/terraform/0.6.15/terraform_0.6.15_SHA256SUMS
dcarley added a commit to alphagov/paas-docker-cloudfoundry-tools that referenced this pull request Apr 29, 2016
This isn't as big a jump as this individual commit suggests because we were
already using a pre-release version of 0.6.15 in 57cc1a9. We are upgrading
so that we no longer need to build from source to benefit from these fixes:

- hashicorp/terraform#5774
- hashicorp/terraform#5904

The CHANGELOG doesn't mention any backwards-incompatible changes. New
checksum has been taken from:

- https://releases.hashicorp.com/terraform/0.6.15/terraform_0.6.15_SHA256SUMS
@ghost
Copy link

ghost commented Apr 27, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 27, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants