provider/aws: add aws_lightsail_key_pair
This commit is contained in:
parent
0101f12958
commit
86bb969087
|
@ -286,6 +286,7 @@ func Provider() terraform.ResourceProvider {
|
|||
"aws_lambda_permission": resourceAwsLambdaPermission(),
|
||||
"aws_launch_configuration": resourceAwsLaunchConfiguration(),
|
||||
"aws_lightsail_instance": resourceAwsLightsailInstance(),
|
||||
"aws_lightsail_key_pair": resourceAwsLightsailKeyPair(),
|
||||
"aws_lb_cookie_stickiness_policy": resourceAwsLBCookieStickinessPolicy(),
|
||||
"aws_load_balancer_policy": resourceAwsLoadBalancerPolicy(),
|
||||
"aws_load_balancer_backend_server_policy": resourceAwsLoadBalancerBackendServerPolicies(),
|
||||
|
|
|
@ -6,6 +6,8 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"regexp"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
|
@ -15,7 +17,6 @@ import (
|
|||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
"github.com/hashicorp/vault/helper/pgpkeys"
|
||||
"regexp"
|
||||
)
|
||||
|
||||
func TestAccAWSUserLoginProfile_basic(t *testing.T) {
|
||||
|
|
|
@ -141,7 +141,7 @@ func resourceAwsLightsailInstanceCreate(d *schema.ResourceData, meta interface{}
|
|||
stateConf := &resource.StateChangeConf{
|
||||
Pending: []string{"Started"},
|
||||
Target: []string{"Completed", "Succeeded"},
|
||||
Refresh: resourceAwsLightsailInstanceOperationRefreshFunc(op.Id, meta),
|
||||
Refresh: resourceAwsLightsailOperationRefreshFunc(op.Id, meta),
|
||||
Timeout: 10 * time.Minute,
|
||||
Delay: 5 * time.Second,
|
||||
MinTimeout: 3 * time.Second,
|
||||
|
@ -217,7 +217,7 @@ func resourceAwsLightsailInstanceDelete(d *schema.ResourceData, meta interface{}
|
|||
stateConf := &resource.StateChangeConf{
|
||||
Pending: []string{"Started"},
|
||||
Target: []string{"Completed", "Succeeded"},
|
||||
Refresh: resourceAwsLightsailInstanceOperationRefreshFunc(op.Id, meta),
|
||||
Refresh: resourceAwsLightsailOperationRefreshFunc(op.Id, meta),
|
||||
Timeout: 10 * time.Minute,
|
||||
Delay: 5 * time.Second,
|
||||
MinTimeout: 3 * time.Second,
|
||||
|
@ -242,11 +242,11 @@ func resourceAwsLightsailInstanceDelete(d *schema.ResourceData, meta interface{}
|
|||
// - Failed
|
||||
// - Completed
|
||||
// - Succeeded (not documented?)
|
||||
func resourceAwsLightsailInstanceOperationRefreshFunc(
|
||||
func resourceAwsLightsailOperationRefreshFunc(
|
||||
oid *string, meta interface{}) resource.StateRefreshFunc {
|
||||
return func() (interface{}, string, error) {
|
||||
conn := meta.(*AWSClient).lightsailconn
|
||||
log.Printf("[DEBUG] Checking if Lightsail Instance Operation (%s) is Completed", *oid)
|
||||
log.Printf("[DEBUG] Checking if Lightsail Operation (%s) is Completed", *oid)
|
||||
o, err := conn.GetOperation(&lightsail.GetOperationInput{
|
||||
OperationId: oid,
|
||||
})
|
||||
|
@ -258,7 +258,7 @@ func resourceAwsLightsailInstanceOperationRefreshFunc(
|
|||
return nil, "Failed", fmt.Errorf("[ERR] Error retrieving Operation info for operation (%s)", *oid)
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] Lightsail Instance Operation (%s) is currently %q", *oid, *o.Operation.Status)
|
||||
log.Printf("[DEBUG] Lightsail Operation (%s) is currently %q", *oid, *o.Operation.Status)
|
||||
return o, *o.Operation.Status, nil
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,214 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/service/lightsail"
|
||||
"github.com/hashicorp/terraform/helper/encryption"
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
)
|
||||
|
||||
func resourceAwsLightsailKeyPair() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceAwsLightsailKeyPairCreate,
|
||||
Read: resourceAwsLightsailKeyPairRead,
|
||||
Delete: resourceAwsLightsailKeyPairDelete,
|
||||
|
||||
Schema: map[string]*schema.Schema{
|
||||
"name": {
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
"name_prefix": {
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
// optional fields
|
||||
"pgp_key": {
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
// additional info returned from the API
|
||||
"arn": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
|
||||
// fields returned from CreateKey
|
||||
"fingerprint": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
"public_key": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
"private_key": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
|
||||
// encrypted fields if pgp_key is given
|
||||
"encrypted_fingerprint": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
"encrypted_private_key": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceAwsLightsailKeyPairCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).lightsailconn
|
||||
|
||||
kName := d.Get("name").(string)
|
||||
var pubKey string
|
||||
var op *lightsail.Operation
|
||||
if pubKeyInterface, ok := d.GetOk("public_key"); ok {
|
||||
pubKey = pubKeyInterface.(string)
|
||||
}
|
||||
|
||||
if pubKey == "" {
|
||||
// creating new key
|
||||
resp, err := conn.CreateKeyPair(&lightsail.CreateKeyPairInput{
|
||||
KeyPairName: aws.String(kName),
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if resp.Operation == nil {
|
||||
return fmt.Errorf("[ERR] No operation found for CreateKeyPair response")
|
||||
}
|
||||
if resp.KeyPair == nil {
|
||||
return fmt.Errorf("[ERR] No KeyPair information found for CreateKeyPair response")
|
||||
}
|
||||
d.SetId(kName)
|
||||
|
||||
// private_key and public_key are only available in the response from
|
||||
// CreateKey pair. Here we set the public_key, and encrypt the private_key
|
||||
// if a pgp_key is given, else we store the private_key in state
|
||||
d.Set("public_key", resp.PublicKeyBase64)
|
||||
|
||||
// encrypt private key if pgp_key is given
|
||||
pgpKey, err := encryption.RetrieveGPGKey(d.Get("pgp_key").(string))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if pgpKey != "" {
|
||||
fingerprint, encrypted, err := encryption.EncryptValue(pgpKey, *resp.PrivateKeyBase64, "Lightsail Private Key")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.Set("encrypted_fingerprint", fingerprint)
|
||||
d.Set("encrypted_private_key", encrypted)
|
||||
} else {
|
||||
d.Set("private_key", resp.PrivateKeyBase64)
|
||||
}
|
||||
|
||||
op = resp.Operation
|
||||
} else {
|
||||
// importing key
|
||||
resp, err := conn.ImportKeyPair(&lightsail.ImportKeyPairInput{
|
||||
KeyPairName: aws.String(kName),
|
||||
PublicKeyBase64: aws.String(pubKey),
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
log.Printf("[ERR] Error importing key: %s", err)
|
||||
return err
|
||||
}
|
||||
d.SetId(kName)
|
||||
|
||||
op = resp.Operation
|
||||
}
|
||||
|
||||
stateConf := &resource.StateChangeConf{
|
||||
Pending: []string{"Started"},
|
||||
Target: []string{"Completed", "Succeeded"},
|
||||
Refresh: resourceAwsLightsailOperationRefreshFunc(op.Id, meta),
|
||||
Timeout: 10 * time.Minute,
|
||||
Delay: 5 * time.Second,
|
||||
MinTimeout: 3 * time.Second,
|
||||
}
|
||||
|
||||
_, err := stateConf.WaitForState()
|
||||
if err != nil {
|
||||
// We don't return an error here because the Create call succeded
|
||||
log.Printf("[ERR] Error waiting for KeyPair (%s) to become ready: %s", d.Id(), err)
|
||||
}
|
||||
|
||||
return resourceAwsLightsailKeyPairRead(d, meta)
|
||||
}
|
||||
|
||||
func resourceAwsLightsailKeyPairRead(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).lightsailconn
|
||||
|
||||
resp, err := conn.GetKeyPair(&lightsail.GetKeyPairInput{
|
||||
KeyPairName: aws.String(d.Get("name").(string)),
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
log.Printf("[WARN] Error getting KeyPair (%s): %s", d.Id(), err)
|
||||
// check for known not found error
|
||||
if awsErr, ok := err.(awserr.Error); ok {
|
||||
if awsErr.Code() == "NotFoundException" {
|
||||
log.Printf("[WARN] Lightsail KeyPair (%s) not found, removing from state", d.Id())
|
||||
d.SetId("")
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
d.Set("arn", resp.KeyPair.Arn)
|
||||
d.Set("fingerprint", resp.KeyPair.Fingerprint)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceAwsLightsailKeyPairDelete(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).lightsailconn
|
||||
resp, err := conn.DeleteKeyPair(&lightsail.DeleteKeyPairInput{
|
||||
KeyPairName: aws.String(d.Id()),
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
op := resp.Operation
|
||||
stateConf := &resource.StateChangeConf{
|
||||
Pending: []string{"Started"},
|
||||
Target: []string{"Completed", "Succeeded"},
|
||||
Refresh: resourceAwsLightsailOperationRefreshFunc(op.Id, meta),
|
||||
Timeout: 10 * time.Minute,
|
||||
Delay: 5 * time.Second,
|
||||
MinTimeout: 3 * time.Second,
|
||||
}
|
||||
|
||||
_, err = stateConf.WaitForState()
|
||||
if err != nil {
|
||||
return fmt.Errorf(
|
||||
"Error waiting for KeyPair (%s) to become destroyed: %s",
|
||||
d.Id(), err)
|
||||
}
|
||||
|
||||
d.SetId("")
|
||||
return nil
|
||||
}
|
|
@ -0,0 +1,214 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/service/lightsail"
|
||||
"github.com/hashicorp/terraform/helper/acctest"
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
||||
func TestAccAWSLightsailKeyPair_basic(t *testing.T) {
|
||||
var conf lightsail.KeyPair
|
||||
lightsailName := fmt.Sprintf("tf-test-lightsail-%d", acctest.RandInt())
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckAWSLightsailKeyPairDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccAWSLightsailKeyPairConfig_basic(lightsailName),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
testAccCheckAWSLightsailKeyPairExists("aws_lightsail_key_pair.lightsail_key_pair_test", &conf),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "arn"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "fingerprint"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "public_key"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "private_key"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccAWSLightsailKeyPair_imported(t *testing.T) {
|
||||
var conf lightsail.KeyPair
|
||||
lightsailName := fmt.Sprintf("tf-test-lightsail-%d", acctest.RandInt())
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckAWSLightsailKeyPairDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccAWSLightsailKeyPairConfig_imported(lightsailName, testLightsailKeyPairPubKey1),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
testAccCheckAWSLightsailKeyPairExists("aws_lightsail_key_pair.lightsail_key_pair_test", &conf),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "arn"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "fingerprint"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "public_key"),
|
||||
resource.TestCheckResourceAttr("aws_lightsail_key_pair.lightsail_key_pair_test", "encrypted_fingerprint", ""),
|
||||
resource.TestCheckResourceAttr("aws_lightsail_key_pair.lightsail_key_pair_test", "encrypted_private_key", ""),
|
||||
resource.TestCheckResourceAttr("aws_lightsail_key_pair.lightsail_key_pair_test", "private_key", ""),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccAWSLightsailKeyPair_encrypted(t *testing.T) {
|
||||
var conf lightsail.KeyPair
|
||||
lightsailName := fmt.Sprintf("tf-test-lightsail-%d", acctest.RandInt())
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckAWSLightsailKeyPairDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccAWSLightsailKeyPairConfig_encrypted(lightsailName, testLightsailKeyPairPubKey1),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
testAccCheckAWSLightsailKeyPairExists("aws_lightsail_key_pair.lightsail_key_pair_test", &conf),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "arn"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "fingerprint"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "encrypted_fingerprint"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "encrypted_private_key"),
|
||||
resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "public_key"),
|
||||
resource.TestCheckResourceAttr("aws_lightsail_key_pair.lightsail_key_pair_test", "private_key", ""),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckAWSLightsailKeyPairExists(n string, res *lightsail.KeyPair) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
rs, ok := s.RootModule().Resources[n]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", n)
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return errors.New("No LightsailKeyPair set")
|
||||
}
|
||||
|
||||
conn := testAccProvider.Meta().(*AWSClient).lightsailconn
|
||||
|
||||
respKeyPair, err := conn.GetKeyPair(&lightsail.GetKeyPairInput{
|
||||
KeyPairName: aws.String(rs.Primary.Attributes["name"]),
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if respKeyPair == nil || respKeyPair.KeyPair == nil {
|
||||
return fmt.Errorf("KeyPair (%s) not found", rs.Primary.Attributes["name"])
|
||||
}
|
||||
*res = *respKeyPair.KeyPair
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func testAccCheckAWSLightsailKeyPairDestroy(s *terraform.State) error {
|
||||
|
||||
for _, rs := range s.RootModule().Resources {
|
||||
if rs.Type != "aws_lightsail_key_pair" {
|
||||
continue
|
||||
}
|
||||
|
||||
conn := testAccProvider.Meta().(*AWSClient).lightsailconn
|
||||
|
||||
respKeyPair, err := conn.GetKeyPair(&lightsail.GetKeyPairInput{
|
||||
KeyPairName: aws.String(rs.Primary.Attributes["name"]),
|
||||
})
|
||||
|
||||
if err == nil {
|
||||
if respKeyPair.KeyPair != nil {
|
||||
return fmt.Errorf("LightsailKeyPair %q still exists", rs.Primary.ID)
|
||||
}
|
||||
}
|
||||
|
||||
// Verify the error
|
||||
if awsErr, ok := err.(awserr.Error); ok {
|
||||
if awsErr.Code() == "NotFoundException" {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func testAccAWSLightsailKeyPairConfig_basic(lightsailName string) string {
|
||||
return fmt.Sprintf(`
|
||||
provider "aws" {
|
||||
region = "us-east-1"
|
||||
}
|
||||
resource "aws_lightsail_key_pair" "lightsail_key_pair_test" {
|
||||
name = "%s"
|
||||
}
|
||||
`, lightsailName)
|
||||
}
|
||||
|
||||
func testAccAWSLightsailKeyPairConfig_imported(lightsailName, key string) string {
|
||||
return fmt.Sprintf(`
|
||||
provider "aws" {
|
||||
region = "us-east-1"
|
||||
}
|
||||
resource "aws_lightsail_key_pair" "lightsail_key_pair_test" {
|
||||
name = "%s"
|
||||
|
||||
public_key = "%s"
|
||||
}
|
||||
`, lightsailName, lightsailPubKey)
|
||||
}
|
||||
|
||||
func testAccAWSLightsailKeyPairConfig_encrypted(lightsailName, key string) string {
|
||||
return fmt.Sprintf(`
|
||||
provider "aws" {
|
||||
region = "us-east-1"
|
||||
}
|
||||
resource "aws_lightsail_key_pair" "lightsail_key_pair_test" {
|
||||
name = "%s"
|
||||
|
||||
pgp_key = <<EOF
|
||||
%s
|
||||
EOF
|
||||
}
|
||||
`, lightsailName, key)
|
||||
}
|
||||
|
||||
const lightsailPubKey = `ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 phodgson@thoughtworks.com`
|
||||
const testLightsailKeyPairPubKey1 = `mQENBFXbjPUBCADjNjCUQwfxKL+RR2GA6pv/1K+zJZ8UWIF9S0lk7cVIEfJiprzzwiMwBS5cD0da
|
||||
rGin1FHvIWOZxujA7oW0O2TUuatqI3aAYDTfRYurh6iKLC+VS+F7H+/mhfFvKmgr0Y5kDCF1j0T/
|
||||
063QZ84IRGucR/X43IY7kAtmxGXH0dYOCzOe5UBX1fTn3mXGe2ImCDWBH7gOViynXmb6XNvXkP0f
|
||||
sF5St9jhO7mbZU9EFkv9O3t3EaURfHopsCVDOlCkFCw5ArY+DUORHRzoMX0PnkyQb5OzibkChzpg
|
||||
8hQssKeVGpuskTdz5Q7PtdW71jXd4fFVzoNH8fYwRpziD2xNvi6HABEBAAG0EFZhdWx0IFRlc3Qg
|
||||
S2V5IDGJATgEEwECACIFAlXbjPUCGy8GCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOfLr44B
|
||||
HbeTo+sH/i7bapIgPnZsJ81hmxPj4W12uvunksGJiC7d4hIHsG7kmJRTJfjECi+AuTGeDwBy84TD
|
||||
cRaOB6e79fj65Fg6HgSahDUtKJbGxj/lWzmaBuTzlN3CEe8cMwIPqPT2kajJVdOyrvkyuFOdPFOE
|
||||
A7bdCH0MqgIdM2SdF8t40k/ATfuD2K1ZmumJ508I3gF39jgTnPzD4C8quswrMQ3bzfvKC3klXRlB
|
||||
C0yoArn+0QA3cf2B9T4zJ2qnvgotVbeK/b1OJRNj6Poeo+SsWNc/A5mw7lGScnDgL3yfwCm1gQXa
|
||||
QKfOt5x+7GqhWDw10q+bJpJlI10FfzAnhMF9etSqSeURBRW5AQ0EVduM9QEIAL53hJ5bZJ7oEDCn
|
||||
aY+SCzt9QsAfnFTAnZJQrvkvusJzrTQ088eUQmAjvxkfRqnv981fFwGnh2+I1Ktm698UAZS9Jt8y
|
||||
jak9wWUICKQO5QUt5k8cHwldQXNXVXFa+TpQWQR5yW1a9okjh5o/3d4cBt1yZPUJJyLKY43Wvptb
|
||||
6EuEsScO2DnRkh5wSMDQ7dTooddJCmaq3LTjOleRFQbu9ij386Do6jzK69mJU56TfdcydkxkWF5N
|
||||
ZLGnED3lq+hQNbe+8UI5tD2oP/3r5tXKgMy1R/XPvR/zbfwvx4FAKFOP01awLq4P3d/2xOkMu4Lu
|
||||
9p315E87DOleYwxk+FoTqXEAEQEAAYkCPgQYAQIACQUCVduM9QIbLgEpCRDny6+OAR23k8BdIAQZ
|
||||
AQIABgUCVduM9QAKCRAID0JGyHtSGmqYB/4m4rJbbWa7dBJ8VqRU7ZKnNRDR9CVhEGipBmpDGRYu
|
||||
lEimOPzLUX/ZXZmTZzgemeXLBaJJlWnopVUWuAsyjQuZAfdd8nHkGRHG0/DGum0l4sKTta3OPGHN
|
||||
C1z1dAcQ1RCr9bTD3PxjLBczdGqhzw71trkQRBRdtPiUchltPMIyjUHqVJ0xmg0hPqFic0fICsr0
|
||||
YwKoz3h9+QEcZHvsjSZjgydKvfLYcm+4DDMCCqcHuJrbXJKUWmJcXR0y/+HQONGrGJ5xWdO+6eJi
|
||||
oPn2jVMnXCm4EKc7fcLFrz/LKmJ8seXhxjM3EdFtylBGCrx3xdK0f+JDNQaC/rhUb5V2XuX6VwoH
|
||||
/AtY+XsKVYRfNIupLOUcf/srsm3IXT4SXWVomOc9hjGQiJ3rraIbADsc+6bCAr4XNZS7moViAAcI
|
||||
PXFv3m3WfUlnG/om78UjQqyVACRZqqAGmuPq+TSkRUCpt9h+A39LQWkojHqyob3cyLgy6z9Q557O
|
||||
9uK3lQozbw2gH9zC0RqnePl+rsWIUU/ga16fH6pWc1uJiEBt8UZGypQ/E56/343epmYAe0a87sHx
|
||||
8iDV+dNtDVKfPRENiLOOc19MmS+phmUyrbHqI91c0pmysYcJZCD3a502X1gpjFbPZcRtiTmGnUKd
|
||||
OIu60YPNE4+h7u2CfYyFPu3AlUaGNMBlvy6PEpU=`
|
|
@ -0,0 +1,77 @@
|
|||
---
|
||||
layout: "aws"
|
||||
page_title: "AWS: aws_lightsail_key_pair"
|
||||
sidebar_current: "docs-aws-resource-lightsail-key-pair"
|
||||
description: |-
|
||||
Provides an Lightsail Key Pair
|
||||
---
|
||||
|
||||
# aws\_lightsail\_key\_pair
|
||||
|
||||
Provides a Lightsail Key Pair, for use with Lightsail Instances. These key pairs
|
||||
are seperate from EC2 Key Pairs, and must be created or imported for use with
|
||||
Lightsail.
|
||||
|
||||
~> **Note:** Lightsail is currently only supported in `us-east-1` region.
|
||||
|
||||
## Example Usage, creating a new Key Pair
|
||||
|
||||
```
|
||||
# Create a new Lightsail Key Pair
|
||||
resource "aws_lightsail_key_pair" "lg_key_pair" {
|
||||
name = "lg_key_pair"
|
||||
}
|
||||
```
|
||||
|
||||
## Create new Key Pair, encrypting the private key with a PGP Key
|
||||
|
||||
```
|
||||
resource "aws_lightsail_key_pair" "lg_key_pair" {
|
||||
name = "lg_key_pair"
|
||||
pgp_key = "keybase:keybaseusername"
|
||||
}
|
||||
```
|
||||
|
||||
## Import an existing public key
|
||||
|
||||
```
|
||||
resource "aws_lightsail_key_pair" "lg_key_pair" {
|
||||
name = "importing"
|
||||
public_key = "${file("~/.ssh/id_rsa.pub")}"
|
||||
}
|
||||
```
|
||||
|
||||
## Argument Reference
|
||||
|
||||
The following arguments are supported:
|
||||
|
||||
* `name` - (Required) The name of the Lightsail Key Pair
|
||||
* `pgp_key` – (Optional) An optional PGP key to encrypt the resulting private
|
||||
key material. Only used when creating a new key pair
|
||||
* `public_key` - (Required) The public key material. This public key will be
|
||||
imported into Lightsail
|
||||
|
||||
~> **NOTE:** a PGP key is not required, however it is strongly encouraged.
|
||||
Without a PGP key, the private key material will be stored in state unencrypted.
|
||||
`pgp_key` is ignored if `public_key` is supplied.
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
The following attributes are exported in addition to the arguments listed above:
|
||||
|
||||
* `id` - The name used for this key pair
|
||||
* `arn` - The ARN of the Lightsail key pair
|
||||
* `fingerprint` - The MD5 public key fingerprint as specified in section 4 of RFC 4716.
|
||||
* `public_key` - the public key, base64 encoded
|
||||
* `private_key` - the private key, base64 encoded. This is only populated
|
||||
when creating a new key, and when no `pgp_key` is provided
|
||||
* `encrypted_private_key` – the private key material, base 64 encoded and
|
||||
encrypted with the given `pgp_key`. This is only populated when creating a new
|
||||
key and `pgp_key` is supplied
|
||||
* `encrypted_fingerprint` - The MD5 public key fingerprint for the encrypted
|
||||
private key
|
||||
|
||||
## Import
|
||||
|
||||
Lightsail Key Pairs cannot be imported, because the private and public key are
|
||||
only available on initial creation.
|
|
@ -689,6 +689,21 @@
|
|||
</ul>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current(/^docs-aws-resource-lightsail/) %>>
|
||||
<a href="#">Lightsail Resources</a>
|
||||
<ul class="nav nav-visible">
|
||||
|
||||
<li<%= sidebar_current("docs-aws-resource-lightsail-instance") %>>
|
||||
<a href="/docs/providers/aws/r/lightsail_instance.html">aws_lightsail_instance</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-aws-resource-lightsail-key-pair") %>>
|
||||
<a href="/docs/providers/aws/r/lightsail_key_pair.html">aws_lightsail_key_pair</a>
|
||||
</li>
|
||||
|
||||
</ul>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current(/^docs-aws-resource-opsworks/) %>>
|
||||
<a href="#">OpsWorks Resources</a>
|
||||
<ul class="nav nav-visible">
|
||||
|
|
Loading…
Reference in New Issue