rename module variables to aws_ssh_...

4 months ago · 82a6ac7fe5
parent 31375ad2ba
commit 82a6ac7fe5
9 changed files with 51 additions and 56 deletions
--- a/enos/enos-modules.hcl
+++ b/enos/enos-modules.hcl
@ -23,7 +23,6 @@ module "aws_boundary" {

  alb_listener_api_port = var.alb_listener_api_port
  boundary_binary_name  = var.boundary_binary_name
-  ssh_aws_keypair       = var.aws_ssh_keypair_name
 }

 module "aws_worker" {
@ -35,8 +34,6 @@ module "aws_worker" {
    "Enos User" : var.enos_user,
    "Environment" : var.environment
  }
-
-  ssh_aws_keypair = var.aws_ssh_keypair_name
 }

 module "aws_bucket" {
@ -146,8 +143,6 @@ module "vault" {
    "Enos User" : var.enos_user,
    "Environment" : var.environment
  }
-
-  ssh_aws_keypair = var.aws_ssh_keypair_name
 }

 module "test_e2e" {
--- a/enos/enos-scenario-e2e-aws-base.hcl
+++ b/enos/enos-scenario-e2e-aws-base.hcl
@ -108,8 +108,8 @@ scenario "e2e_aws_base" {
      worker_count             = var.worker_count
      worker_instance_type     = var.worker_instance_type
      aws_region               = var.aws_region
-      ssh_aws_keypair          = step.generate_ssh_key.key_pair_name
-      ssh_private_key          = step.generate_ssh_key.private_key_pem
+      aws_ssh_keypair_name     = step.generate_ssh_key.key_pair_name
+      aws_ssh_private_key      = step.generate_ssh_key.private_key_pem
    }
  }

@ -123,7 +123,7 @@ scenario "e2e_aws_base" {
    variables {
      ami_id               = step.create_base_infra.ami_ids["ubuntu"]["amd64"]
      aws_ssh_keypair_name = step.generate_ssh_key.key_pair_name
-      ssh_private_key      = step.generate_ssh_key.private_key_pem
+      aws_ssh_private_key  = step.generate_ssh_key.private_key_pem
      enos_user            = var.enos_user
      instance_type        = var.target_instance_type
      vpc_id               = step.create_base_infra.vpc_id
--- a/enos/enos-scenario-e2e-aws-rdp-base.hcl
+++ b/enos/enos-scenario-e2e-aws-rdp-base.hcl
@ -154,9 +154,9 @@ scenario "e2e_aws_rdp_base" {
        version = var.vault_version
        edition = "oss"
      }
-      vpc_id          = step.create_base_infra.vpc_id
-      ssh_aws_keypair = step.generate_ssh_key.key_pair_name
-      ssh_private_key = step.generate_ssh_key.private_key_pem
+      vpc_id               = step.create_base_infra.vpc_id
+      aws_ssh_keypair_name = step.generate_ssh_key.key_pair_name
+      aws_ssh_private_key  = step.generate_ssh_key.private_key_pem
    }
  }

@ -211,8 +211,8 @@ scenario "e2e_aws_rdp_base" {
      ip_version                  = local.ip_version
      recording_storage_path      = "/recording"
      alb_sg_additional_ips       = step.create_windows_client.public_ip_list
-      ssh_aws_keypair             = step.generate_ssh_key.key_pair_name
-      ssh_private_key             = step.generate_ssh_key.private_key_pem
+      aws_ssh_keypair_name        = step.generate_ssh_key.key_pair_name
+      aws_ssh_private_key         = step.generate_ssh_key.private_key_pem
    }
  }

--- a/enos/modules/aws_boundary/boundary-instances.tf
+++ b/enos/modules/aws_boundary/boundary-instances.tf
@ -12,7 +12,7 @@ resource "aws_instance" "controller" {
    aws_security_group.boundary_aux_sg.id,
  ]
  subnet_id            = tolist(data.aws_subnets.infra.ids)[count.index % length(data.aws_subnets.infra.ids)]
-  key_name             = var.ssh_aws_keypair
+  key_name             = var.aws_ssh_keypair_name
  iam_instance_profile = aws_iam_instance_profile.boundary_profile.name
  monitoring           = var.controller_monitoring
  ipv6_address_count   = local.network_stack[var.ip_version].ipv6_address_count
@ -45,7 +45,7 @@ resource "aws_instance" "worker" {
  instance_type          = var.worker_instance_type
  vpc_security_group_ids = [aws_security_group.boundary_sg.id]
  subnet_id              = tolist(data.aws_subnets.infra.ids)[count.index % length(data.aws_subnets.infra.ids)]
-  key_name               = var.ssh_aws_keypair
+  key_name               = var.aws_ssh_keypair_name
  iam_instance_profile   = aws_iam_instance_profile.boundary_profile.name
  monitoring             = var.worker_monitoring
  ipv6_address_count     = local.network_stack[var.ip_version].ipv6_address_count
@ -84,7 +84,7 @@ resource "enos_bundle_install" "controller" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.controller[tonumber(each.value)].ipv6_addresses[0] : aws_instance.controller[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -102,7 +102,7 @@ resource "enos_remote_exec" "update_path_controller" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.controller[tonumber(each.value)].ipv6_addresses[0] : aws_instance.controller[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -141,7 +141,7 @@ resource "enos_file" "controller_config" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.controller[tonumber(each.value)].ipv6_addresses[0] : aws_instance.controller[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -157,7 +157,7 @@ resource "enos_boundary_init" "controller" {
  transport = {
    ssh = {
      host        = try(var.ip_version == "6" ? aws_instance.controller[0].ipv6_addresses[0] : aws_instance.controller[0].public_ip, null)
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }

@ -175,7 +175,7 @@ resource "enos_boundary_start" "controller_start" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.controller[tonumber(each.value)].ipv6_addresses[0] : aws_instance.controller[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }

@ -201,7 +201,7 @@ resource "enos_remote_exec" "create_controller_audit_log_dir" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.controller[tonumber(each.value)].ipv6_addresses[0] : aws_instance.controller[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -219,7 +219,7 @@ resource "enos_bundle_install" "worker" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -237,7 +237,7 @@ resource "enos_remote_exec" "update_path_worker" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -266,7 +266,7 @@ resource "enos_file" "worker_config" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -284,7 +284,7 @@ resource "enos_boundary_start" "worker_start" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -305,7 +305,7 @@ resource "enos_remote_exec" "create_worker_audit_log_dir" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -326,7 +326,7 @@ resource "enos_remote_exec" "create_worker_auth_storage_dir" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -339,7 +339,7 @@ resource "enos_remote_exec" "get_worker_token" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.worker[tonumber(each.value)].ipv6_addresses[0] : aws_instance.worker[tonumber(each.value)].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
--- a/enos/modules/aws_boundary/variables.tf
+++ b/enos/modules/aws_boundary/variables.tf
@ -110,12 +110,12 @@ variable "ssh_user" {
  default     = "ubuntu"
 }

-variable "ssh_aws_keypair" {
+variable "aws_ssh_keypair_name" {
  description = "SSH keypair used to connect to EC2 instances"
  type        = string
 }

-variable "ssh_private_key" {
+variable "aws_ssh_private_key" {
  description = "SSH private key content for connecting to instances"
  type        = string
  sensitive   = true
--- a/enos/modules/aws_target/main.tf
+++ b/enos/modules/aws_target/main.tf
@ -17,7 +17,7 @@ variable "environment" {}
 variable "project_name" {}
 variable "instance_type" {}
 variable "aws_ssh_keypair_name" {}
-variable "ssh_private_key" {}
+variable "aws_ssh_private_key" {}
 variable "enos_user" {}
 variable "additional_tags" {
  default = {}
@ -151,7 +151,7 @@ resource "enos_remote_exec" "wait" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.target[each.key].ipv6_addresses[0] : aws_instance.target[each.key].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
--- a/enos/modules/aws_vault/variables.tf
+++ b/enos/modules/aws_vault/variables.tf
@ -118,12 +118,12 @@ variable "sg_additional_ipv6_ips" {
  default     = []
 }

-variable "ssh_aws_keypair" {
+variable "aws_ssh_keypair_name" {
  description = "SSH keypair used to connect to EC2 instances"
  type        = string
 }

-variable "ssh_private_key" {
+variable "aws_ssh_private_key" {
  description = "SSH private key content for connecting to instances"
  type        = string
  sensitive   = true
--- a/enos/modules/aws_vault/vault-instances.tf
+++ b/enos/modules/aws_vault/vault-instances.tf
@ -7,7 +7,7 @@ resource "aws_instance" "vault_instance" {
  instance_type          = var.instance_type
  vpc_security_group_ids = [aws_security_group.enos_vault_sg[0].id]
  subnet_id              = tolist(data.aws_subnets.infra.ids)[each.key % length(data.aws_subnets.infra.ids)]
-  key_name               = var.ssh_aws_keypair
+  key_name               = var.aws_ssh_keypair_name
  iam_instance_profile   = aws_iam_instance_profile.vault_profile[0].name
  ipv6_address_count     = local.network_stack[var.ip_version].ipv6_address_count
  tags = merge(
@ -42,7 +42,7 @@ resource "enos_remote_exec" "install_dependencies" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.value].ipv6_addresses[0] : aws_instance.vault_instance[each.value].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -59,7 +59,7 @@ resource "enos_bundle_install" "consul" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? each.value.ipv6_addresses[0] : each.value.public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -75,7 +75,7 @@ resource "enos_bundle_install" "vault" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? each.value.ipv6_addresses[0] : each.value.public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -102,7 +102,7 @@ resource "enos_consul_start" "consul" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.key].ipv6_addresses[0] : aws_instance.vault_instance[each.key].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -145,7 +145,7 @@ resource "enos_vault_start" "leader" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.key].ipv6_addresses[0] : aws_instance.vault_instance[each.key].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -187,7 +187,7 @@ resource "enos_vault_start" "followers" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.key].ipv6_addresses[0] : aws_instance.vault_instance[each.key].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -211,7 +211,7 @@ resource "enos_vault_init" "leader" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[0].ipv6_addresses[0] : aws_instance.vault_instance[0].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -230,7 +230,7 @@ resource "enos_vault_unseal" "leader" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[0].ipv6_addresses[0] : aws_instance.vault_instance[0].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -256,7 +256,7 @@ resource "enos_remote_exec" "create_audit_log_dir" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.value].ipv6_addresses[0] : aws_instance.vault_instance[each.value].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -286,7 +286,7 @@ resource "enos_remote_exec" "init_audit_device" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.key].ipv6_addresses[0] : aws_instance.vault_instance[each.key].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -310,7 +310,7 @@ resource "enos_vault_unseal" "followers" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[0].ipv6_addresses[0] : aws_instance.vault_instance[0].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -337,7 +337,7 @@ resource "enos_vault_unseal" "when_vault_unseal_when_no_init_is_set" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[each.key].ipv6_addresses[0] : aws_instance.vault_instance[each.key].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -358,7 +358,7 @@ resource "enos_remote_exec" "vault_write_license" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[0].ipv6_addresses[0] : aws_instance.vault_instance[0].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
@ -378,7 +378,7 @@ resource "enos_remote_exec" "vault_kms_policy" {
  transport = {
    ssh = {
      host        = var.ip_version == "6" ? aws_instance.vault_instance[0].ipv6_addresses[0] : aws_instance.vault_instance[0].public_ip
-      private_key = var.ssh_private_key
+      private_key = var.aws_ssh_private_key
    }
  }
 }
--- a/enos/modules/test_e2e/main.tf
+++ b/enos/modules/test_e2e/main.tf
@ -51,11 +51,12 @@ variable "target_user" {
  type        = string
  default     = ""
 }
+
 variable "aws_ssh_private_key_path" {
-  description = "Local Path to key used to SSH onto created hosts"
+  description = "Path to the private key used to SSH into AWS instances"
  type        = string
-  default     = ""
 }
+
 variable "target_address" {
  description = "Address of target"
  type        = string
@ -258,10 +259,9 @@ variable "ip_version" {
 }

 locals {
-  aws_ssh_private_key_path = abspath(var.aws_ssh_private_key_path)
-  aws_host_set_ips1        = jsonencode(var.aws_host_set_ips1)
-  aws_host_set_ips2        = jsonencode(var.aws_host_set_ips2)
-  package_name             = reverse(split("/", var.test_package))[0]
+  aws_host_set_ips1 = jsonencode(var.aws_host_set_ips1)
+  aws_host_set_ips2 = jsonencode(var.aws_host_set_ips2)
+  package_name      = reverse(split("/", var.test_package))[0]
 }

 resource "enos_local_exec" "run_e2e_test" {
@ -275,7 +275,7 @@ resource "enos_local_exec" "run_e2e_test" {
    E2E_TARGET_ADDRESS                           = var.target_address
    E2E_TARGET_PORT                              = var.target_port
    E2E_SSH_USER                                 = var.target_user
-    E2E_SSH_KEY_PATH                             = local.aws_ssh_private_key_path
+    E2E_SSH_KEY_PATH                             = var.aws_ssh_private_key_path
    E2E_SSH_CA_KEY                               = ""
    VAULT_ADDR                                   = var.vault_addr_public
    VAULT_TOKEN                                  = var.vault_root_token