terraform-aws-ec2-bastion-server icon indicating copy to clipboard operation
terraform-aws-ec2-bastion-server copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

Allow creation of CloudWatch logging, additional policy attachment, and KMS decryption

Open LawrenceWarren opened this issue 2 years ago • 3 comments

what

  • Allow optional creation of a CloudWatch logs natively within the module, as logging for Bastion nodes is a common requirement
  • Expand the user_data/amazon-linux.sh script to enable debug logging.
  • Allow optional attachment of additional IAM policies, via a list of provided policy ARNs, so that the bation can optionally have more access
  • Allow optional KMS decryption on the bastion

why

  • Simply, these all seem like sensible options to provide users, and are common use-cases that my company use on our internal fork.
  • These changes are not breaking.

LawrenceWarren avatar Sep 06 '23 11:09 LawrenceWarren

/terratest

LawrenceWarren avatar Sep 06 '23 11:09 LawrenceWarren

/terratest

hans-d avatar Mar 08 '24 11:03 hans-d

Thanks @LawrenceWarren for creating this pull request!

A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.

While you wait, make sure to review our contributor guidelines.

[!TIP]

Need help or want to ask for a PR review to be expedited?

Join us on Slack in the #pr-reviews channel.

mergify[bot] avatar Mar 09 '24 04:03 mergify[bot]