Closed dmytro closed 6 months ago
I've found, that I should use startup_script
argument. Unfortunately it's not documented on the https://registry.terraform.io/modules/terraform-google-modules/bastion-host/google/latest page.
I have to reopen the issue since I've found that using startup_script
argument gives the same result.
Below is full example of the code:
module "iap_bastion" {
source = "terraform-google-modules/bastion-host/google"
name = "bastion-host"
project = var.project_id
machine_type = "e2-medium"
zone = "${var.region}-a"
network = module.vpc.network_name
subnet = module.vpc.subnets_names[0]
image = "debian-11-bullseye-v20210817"
image_family = "debian-11"
image_project = "debian-cloud"
scopes = ["cloud-platform"]
version = "5.3.0"
members = [
"group:<REDACTED>@<REDACTED>",
"group:<REDACTED>@<REDACTED>",
"group:<REDACTED>@<REDACTED>",
]
random_role_id = false
startup_script = <<-EOF
#!/bin/bash
apt update
apt -y upgrade
apt -y install postgresql-client
apt -y install redis-server stunnel4 telnet
EOF
}
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days
TL;DR
When passing a metadata block with startup script to the instance other metadata don't work.
Expected behavior
According to the documentation additional metadata should be added.
Observed behavior
1) Below is a working terraform code WITHOUT startup script. We are using roles/user groups to authorize login to the host.
2) Following terraform code below is example of NOT WORKING code. The only difference is added
metadata
block withstartup-script
string.Problem:
metadata
block nobody is able login to the bastion-host;Terraform Configuration
Additional information
No response