search

terraform-google-modules / terraform-google-bastion-host

Generates a bastion host VM compatible with OS Login and IAP Tunneling that can be used to access internal VMs
https://registry.terraform.io/modules/terraform-google-modules/bastion-host/google
Apache License 2.0
124 stars 90 forks source link

Deploy bastion without IAP #166

Closed antoinetran closed 6 months ago

antoinetran commented 10 months ago

TL;DR

It seems impossible to deploy this terraform module without IAP? IAP is a paid option and I would like to just deploy a bastion with one external IP and firewal rules.

Terraform Resources

No response

Detailed design

No response

Additional information

No response

antoinetran commented 10 months ago

This code https://github.com/terraform-google-modules/terraform-google-bastion-host/blob/v6.0.0/modules/iap-tunneling/main.tf#L36C42-L36C42 enables IAP and is not an option. Thus I get this error:

 Error retrieving IAM policy for iap tunnelinstance "projects/XXX/iap_tunnel/zones/XXX/instances/bastion-vm": googleapi: Error 403: Cloud Identity-Aware Proxy API has not been used in project XXX before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/iap.googleapis.com/overview?project=XXX then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry
github-actions[bot] commented 8 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

antoinetran commented 8 months ago

up?

github-actions[bot] commented 6 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days