added ssh key path as optional variable

.header.md

@@ -105,11 +105,11 @@ module "ec2-sgw" {
   name                 = "my-storage-gateway"
   availability_zone    = data.aws_availability_zones.available.names[0]
   aws_region           = var.aws_region
-  ssh_public_key_path  = var.ssh_public_key_path
+  ssh_public_key_path  = var.ssh_public_key_path //optional
 }
 ```
 
-Note that the ssh_public_key_path takes the absolute path to your public key. To create a public key for Amazon EC2, follow this procedure using ssh-keygen. Example path “/Users/user/.ssh/id_rsa.pub”.
+Note that the ssh_public_key_path is an optional attribute which takes the absolute path to your public key. The ssh key allows you to administer your Storage Gateway appliance. To create a public key for Amazon EC2, follow this procedure using ssh-keygen. Example path “/Users/user/.ssh/id_rsa.pub”.
 
 ### [Storage Gateway Module](modules/aws-sgw/)
 

README.md

@@ -105,11 +105,11 @@ module "ec2-sgw" {
   name                 = "my-storage-gateway"
   availability_zone    = data.aws_availability_zones.available.names[0]
   aws_region           = var.aws_region
-  ssh_public_key_path  = var.ssh_public_key_path
+  ssh_public_key_path  = var.ssh_public_key_path //optional
 }
 ```
 
-Note that the ssh\_public\_key\_path takes the absolute path to your public key. To create a public key for Amazon EC2, follow this procedure using ssh-keygen. Example path “/Users/user/.ssh/id\_rsa.pub”.
+Note that the ssh\_public\_key\_path is an optional attribute which takes the absolute path to your public key. The ssh key allows you to administer your Storage Gateway appliance. To create a public key for Amazon EC2, follow this procedure using ssh-keygen. Example path “/Users/user/.ssh/id\_rsa.pub”.
 
 ### [Storage Gateway Module](modules/aws-sgw/)
 

examples/s3-nfs-filegateway-ec2/README.md

@@ -13,8 +13,8 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.0 |
-| <a name="provider_random"></a> [random](#provider\_random) | >=3.4.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.8.0 |
+| <a name="provider_random"></a> [random](#provider\_random) | 3.5.1 |
 
 ## Modules
 
@@ -52,7 +52,7 @@
 | <a name="input_ingress_cidr_block_activation"></a> [ingress\_cidr\_block\_activation](#input\_ingress\_cidr\_block\_activation) | The CIDR block to allow ingress port 80 into your File Gateway instance for activation. For multiple CIDR blocks, please separate with comma | `string` | n/a | yes |
 | <a name="input_ingress_cidr_blocks"></a> [ingress\_cidr\_blocks](#input\_ingress\_cidr\_blocks) | The CIDR blocks to allow ingress into your File Gateway instance for NFS and SMB client access. For multiple CIDR blocks, please separate with comma | `string` | `"10.0.0.0/16"` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of the storage gateway instance that will be created in EC2 | `string` | `"aws-storage-gateway"` | no |
-| <a name="input_ssh_public_key_path"></a> [ssh\_public\_key\_path](#input\_ssh\_public\_key\_path) | Absolute file path to the the public key for the EC2 Key pair | `string` | n/a | yes |
+| <a name="input_ssh_public_key_path"></a> [ssh\_public\_key\_path](#input\_ssh\_public\_key\_path) | Absolute file path to the the public key for the EC2 Key pair | `string` | `""` | no |
 | <a name="input_subnet-count"></a> [subnet-count](#input\_subnet-count) | Number of sunbets per type | `number` | `1` | no |
 | <a name="input_vpc_cidr_block"></a> [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | VPC CIDR block for the creation of example VPC and subnets | `string` | `"10.0.0.0/16"` | no |
 

examples/s3-nfs-filegateway-ec2/main.tf

@@ -42,7 +42,7 @@ module "ec2-sgw" {
   name                = "${random_pet.name.id}-gateway"
   availability_zone   = data.aws_availability_zones.available.names[0]
   aws_region          = var.aws_region
-  ssh_public_key_path = var.ssh_public_key_path
+  ssh_public_key_path = var.ssh_public_key_path //optional
 
   #If create security_group = true , define ingress cidr blocks, if not use security_group_id
   create_security_group         = true

examples/s3-nfs-filegateway-ec2/variables.tf

@@ -9,12 +9,6 @@ variable "aws_region" {
   description = "Region for AWS Resources"
 }
 
-# variable "availability_zone" {
-#   type        = string
-#   description = "Availability zone for the Gateway Ec2 Instance."
-#   default     = ""
-# }
-
 variable "allow_unverified_ssl" {
   type        = bool
   description = "Boolean that can be set to true to disable SSL certificate verification."
@@ -48,10 +42,10 @@ variable "ingress_cidr_blocks" {
 variable "ingress_cidr_block_activation" {
   type        = string
   description = "The CIDR block to allow ingress port 80 into your File Gateway instance for activation. For multiple CIDR blocks, please separate with comma"
-  # default     = "0.0.0.0/0"
 }
 
 variable "ssh_public_key_path" {
   type        = string
   description = "Absolute file path to the the public key for the EC2 Key pair"
+  default     = ""
 }

modules/ec2-sgw/README.md

@@ -43,7 +43,7 @@ No modules.
 | <a name="input_root_block_device"></a> [root\_block\_device](#input\_root\_block\_device) | Customize details about the root block device of the instance. See Block Devices below for details | `map(any)` | <pre>{<br>  "disk_size": 80,<br>  "kms_key_id": null,<br>  "volume_type": "gp3"<br>}</pre> | no |
 | <a name="input_security_group_id"></a> [security\_group\_id](#input\_security\_group\_id) | Optionally provide an existing Security Group ID to associate with EC2 Storage Gateway appliance. Variable create\_security\_group should be set to false to use an existing Security Group | `string` | `null` | no |
 | <a name="input_ssh_key_name"></a> [ssh\_key\_name](#input\_ssh\_key\_name) | The name of EC2 Key pair for SSH access to the EC2 Storage Gateway appliance | `string` | `"ec2-sgw-key-pair"` | no |
-| <a name="input_ssh_public_key_path"></a> [ssh\_public\_key\_path](#input\_ssh\_public\_key\_path) | Absolute file path to the the public key for the EC2 Key pair | `string` | n/a | yes |
+| <a name="input_ssh_public_key_path"></a> [ssh\_public\_key\_path](#input\_ssh\_public\_key\_path) | Absolute file path to the the public key for the EC2 Key pair | `string` | `""` | no |
 | <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | VPC Subnet ID to launch in the EC2 Instance | `string` | n/a | yes |
 | <a name="input_timezone"></a> [timezone](#input\_timezone) | Time zone for the gateway. The time zone is of the format GMT, GMT-hr:mm, or GMT+hr:mm.For example, GMT-4:00 indicates the time is 4 hours behind GMT. Avoid prefixing with 0 | `string` | `"GMT"` | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | The VPC ID in which the Storage Gateway security group will be created in | `string` | n/a | yes |

modules/ec2-sgw/main.tf

@@ -2,12 +2,17 @@
 ## Create EC2 Instance ##
 ##########################
 
+locals {
+  key_name               = length(var.ssh_public_key_path) > 0 ? aws_key_pair.ec2_sgw_key_pair["ec2_sgw_key_pair"].key_name : null
+  vpc_security_group_ids = var.create_security_group ? [aws_security_group.ec2_sg["ec2_sg"].id] : [var.security_group_id]
+}
+
 resource "aws_instance" "ec2-sgw" {
   ami                    = data.aws_ami.sgw-ami.id
-  vpc_security_group_ids = var.create_security_group ? [aws_security_group.ec2_sg["ec2_sg"].id] : [var.security_group_id]
+  vpc_security_group_ids = local.vpc_security_group_ids
   subnet_id              = var.subnet_id
   instance_type          = var.instance_type
-  key_name               = aws_key_pair.ec2_sgw_key_pair.key_name
+  key_name               = local.key_name
   ebs_optimized          = true
   availability_zone      = var.availability_zone
 
@@ -54,6 +59,9 @@ resource "aws_eip_association" "eip_assoc" {
 }
 
 resource "aws_key_pair" "ec2_sgw_key_pair" {
+
+  for_each = length(var.ssh_public_key_path) > 0 ? toset(["ec2_sgw_key_pair"]) : toset([])
+
   key_name   = var.ssh_key_name
   public_key = file(var.ssh_public_key_path)
 }

modules/ec2-sgw/variables.tf

@@ -72,6 +72,7 @@ variable "ssh_key_name" {
 variable "ssh_public_key_path" {
   type        = string
   description = "Absolute file path to the the public key for the EC2 Key pair"
+  default     = ""
 }
 
 variable "root_block_device" {