-
Notifications
You must be signed in to change notification settings - Fork 0
/
bastion.tf
67 lines (55 loc) · 1.82 KB
/
bastion.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
resource "google_compute_instance" "bastion" {
name = "bastion"
machine_type = "n1-standard-1"
zone = "us-central1-a"
tags = ["jump-server", "bastion"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-8"
}
}
// Local SSD disk
scratch_disk {
}
network_interface {
/*
Error creating network interfaces: exactly one of network or subnetwork must be provided
*/
#network = "default"
subnetwork = "${google_compute_subnetwork.subnet-1.self_link}"
access_config {
// Ephemeral IP
}
}
metadata {
/*do not want the VM to get recreated when it changes */
startup-script = "${file(var.startup_script)}"
node = "bastion"
sshKeys = "${var.gce_ssh_user}:${file(var.gce_ssh_pub_key_file)}"
}
/* If you want the VM to get recreated when it changes */
#metadata_startup_script = "${file(var.startup_script)}"
service_account {
scopes = ["userinfo-email", "compute-ro", "storage-ro"]
}
}
output "Bastion Internal IP" {
value = "${google_compute_instance.bastion.network_interface.0.address}"
description = "The internal ip address of the instance, either manually or dynamically assigned."
}
output "instance_id" {
value = "${google_compute_instance.bastion.name}"
description = "The server-assigned unique identifier of this instance."
}
output "metadata_fingerprint" {
value = "${google_compute_instance.bastion.metadata_fingerprint}"
description = "The unique fingerprint of the metadata."
}
output "self_link " {
value = "${google_compute_instance.bastion.self_link}"
description = "The URL of the created instance"
}
output "Bastion External IP" {
value = "${google_compute_instance.bastion.network_interface.0.access_config.0.assigned_nat_ip}"
description = "External IP of the bastion server"
}