Closed felddy closed 4 years ago
It no longer makes sense to install certs from SSM. This is now done during instance creation using cloud-init.
See: https://github.com/cisagov/openvpn-server-tf-module
These files should be omitted entirely so that the server will fail to start if the cloud-init script does not install them correctly.
As it stands, the server will startup with these invalid certs, which is non-optimal.
It no longer makes sense to install certs from SSM. This is now done during instance creation using cloud-init.
See: https://github.com/cisagov/openvpn-server-tf-module
These files should be omitted entirely so that the server will fail to start if the cloud-init script does not install them correctly.
As it stands, the server will startup with these invalid certs, which is non-optimal.