Add a flag to toggle use of SSH agent.

[jlucktay]

When the SSH private key has a passphrase, is managed by an SSH agent, and the agent flag in the SSH connection blocks of the two aws_instance resources are set to true, then setting private_key as well in the same block is counter-productive, as Terraform will follow the private_key value before checking with the SSH agent, load the encrypted key first, and subsequently fail with the following:

Error: Failed to parse ssh private key: ssh: cannot decode encrypted private keys

This is worked around with an override flag to toggle the behaviour appropriately.

Ref:

• https://github.com/hashicorp/terraform/issues/13734#issuecomment-295061898
• https://www.hashicorp.com/blog/terraform-0-12-conditional-operator-improvements/

[nikkelma]

This brings up the following underlying issues:

1. Only SSH keys without a password are currently supported.
2. Requiring users to provide the SSH key can increase the barrier to entry and overall complexity.

Could #78 be a possible alternative resolution to this PR? In summary, it would remove the SSH key requirement entirely by creating a key fully managed within Terraform.

[jlucktay]

Yeah, the tls_private_key resource looks like a great solution for this, nice one!