Use your GitHub SSH key with AWS EC2 (via Terraform)
Like most people I have too many credentials in my life. Passwords, passphrases and key files seem to grow in number almost without bound. So, in an act of laziness, I decided to try and remove one of them. In this case it’s my AWS EC2 SSH key and instead reuse my GitHub public key when setting up my base AWS infrastructure.
Once you start using EC2 on Amazon Web Services you’ll need to create, or supply an existing, SSH key pair to allow you to log in to the Linux hosts. While this is an easy enough process to click through I decided to automate the whole thing and use an existing key, one of those I use for GitHub. One of its lesser known features is that GitHub exposes a users SSH public keys. This is available from everywhere, without authenticating against anything and so seemed like a prime candidate for reuse.
The terraform code to do this was a lot quicker to write than the
README
. As this is for my own use I could use a newer version of
0.10.*
and harness the locals
functionality to keep the actual resources
simpler to read by hiding all the variable composing in a single place.
You can find the results of this, the
terraform-aws-github-ssh-keys module
on GitHub, and see an example of its usage here:
module "github-ssh-keys" {
source = "deanwilson/github-ssh-keys/aws"
# fetch the ssh key from this user name
github_user = "deanwilson"
# create the key with a specific name in AWS
aws_key_pair_name = "deanwilson-from-github"
}
I currently use this for my own test AWS accounts. The common baseline setup of these doesn’t get run that often in comparison to the services running in the environment so I’m only tied to GitHub being available occasionally. Once the key’s created it has a long life span and has no external network dependencies.
After the module was (quite fittingly) available on GitHub I decided to go a step further and publish it to the Terraform Module Registry. I’ve never used it before so after a brief read about the module format requirements, which all seem quite sensible, I decided to blunder my way through and see how easy it was. The Answer? Very.
The process was pleasantly straight forward. You sign in using your GitHub account, select your Terraform modules from a drop down and then you’re live. You can see how github-ssh-keys looks as an example. Adding a module was quick, easy to follow, and well worth finishing off your modules with.