nmenant
commented
3 years ago Tracking this internally with INFRAANO-387
Closed yossi-r closed 3 years ago
nmenant
commented
3 years ago Tracking this internally with INFRAANO-387
RavinderReddyF5
commented
3 years ago @yossi-r made changes to module to accept ec2_keypair name as input to module, and it is required parameter. and added logic get the default authorised key attached to instance and post it through to set it for admin/bigipuser. these changes are available in latest master for new release
At first we only had an option to provision the module using an existing ssh key-pair. that's the recommended way to use a compute module. we've added the option for the module itself to create the key-pair. with a set of conditions https://github.com/f5devcentral/terraform-aws-bigip-module/blob/master/main.tf#L394
the use of the conditions is not properly documented. it also creates an issue when no ssh file is provided because the aws_key_pair resource is trying to create one without a condition. https://github.com/f5devcentral/terraform-aws-bigip-module/blob/master/main.tf#L382
i see that in the following fix - https://github.com/f5devcentral/terraform-aws-bigip-module/pull/42 we now expect an ssh file instead of a key-pair name. this is not the desired behavior.
Please change it back to only expect a key-pair that was provisioned outside of the module. this aligns with expectations, best practice of compute modules and simplifies our module.