密钥文件中Terraform

Question

每当我添加key_name我的亚马逊资源，我从来没有真正连接到生成的实例：

provider "aws" { 
    "region" = "us-east-1" 
    "access_key" = "**" 
    "secret_key" = "****" 
} 

resource "aws_instance" "api_server" { 
    ami = "ami-013f1e6b" 
    instance_type = "t2.micro" 
    "key_name" = "po" 

    tags { 
     Name = "API_Server" 
    } 

} 

output "API IP" { 
    value = "${aws_instance.api_server.public_ip}" 
} 

当我做

ssh -i ~/Downloads/po.pem bitnami@IP

我只是一个空白行在我的终端中，好像我输入了一个错误的IP。但是，检查亚马逊控制台，我可以看到该实例正在运行。我在Terraform上也没有收到任何错误。

Answer 1

默认情况下，所有网络访问都是不允许的。您需要通过设置安全组来明确允许网络访问。

provider "aws" { 
    "region" = "us-east-1" 
    "access_key" = "**" 
    "secret_key" = "****" 
} 

resource "aws_instance" "api_server" { 
    ami = "ami-013f1e6b" 
    instance_type = "t2.micro" 
    key_name = "po" 
    security_groups = ["${aws_security_group.api_server.id}"] 

    tags { 
     Name = "API_Server" 
    } 

} 

resource "aws_security_group" "api_server" { 
    name  = "api_server" 

    ingress { 
    from_port = 22 
    to_port  = 22 
    protocol = "tcp" 
    cidr_blocks = ["XXX.XXX.XXX.XXX/32"] // Allow SSH from your global IP 
    } 

    egress { 
    from_port  = 0 
    to_port   = 0 
    protocol  = "-1" 
    cidr_blocks  = ["0.0.0.0/0"] 
    } 
} 


output "API IP" { 
    value = "${aws_instance.api_server.public_ip}" 
}