acsrujan/launch_bastion.tf

## launch_bastion.tf
#Read more on https://acsrujan.net/launch-bastion-aws

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.0"
    }
  }
}

provider "aws" {
  region = "<region>" #ex. us-east-1
}

resource "aws_instance" "bastion" {
  ami                         = "ami-00e782930f1c3dbc7"
  instance_type               = "t2.micro"
  associate_public_ip_address = true
  vpc_security_group_ids      = [aws_security_group.bastion-sg.id]
  key_name                    = "${private_key_name}"
  subnet_id                   = "${public_subnet}"
}

output "bastion_public_ip" {
  value = aws_instance.bastion.public_ip
}

output "bastion_instance_id" {
  value= aws_instance.bastion.id
}

resource "aws_security_group" "bastion-sg" {
  name   = "bastion-security-group"
  vpc_id = "${vpc_id}"

  ingress {
    protocol    = "tcp"
    from_port   = 22
    to_port     = 22
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    protocol    = "-1"
    from_port   = 0
    to_port     = 0
    cidr_blocks = ["0.0.0.0/0"]
  }
 }
	#Read more on https://acsrujan.net/launch-bastion-aws

	terraform {
	required_providers {
	aws = {
	source = "hashicorp/aws"
	version = "~> 3.0"
	}
	}
	}

	provider "aws" {
	region = "<region>" #ex. us-east-1
	}

	resource "aws_instance" "bastion" {
	ami = "ami-00e782930f1c3dbc7"
	instance_type = "t2.micro"
	associate_public_ip_address = true
	vpc_security_group_ids = [aws_security_group.bastion-sg.id]
	key_name = "${private_key_name}"
	subnet_id = "${public_subnet}"
	}

	output "bastion_public_ip" {
	value = aws_instance.bastion.public_ip
	}

	output "bastion_instance_id" {
	value= aws_instance.bastion.id
	}

	resource "aws_security_group" "bastion-sg" {
	name = "bastion-security-group"
	vpc_id = "${vpc_id}"

	ingress {
	protocol = "tcp"
	from_port = 22
	to_port = 22
	cidr_blocks = ["0.0.0.0/0"]
	}

	egress {
	protocol = "-1"
	from_port = 0
	to_port = 0
	cidr_blocks = ["0.0.0.0/0"]
	}
	}