CODEWITHSUNDEEP
google-cloud-platformterraform-provider-gcp
Mia
Mia

Reputation: 448

How to Enable Block project-wide SSH keys in GCP using terraform

I am trying to Create a GCP VM with SSH_KEYS Enabled i.e block project-wide ssh keys must be selected using terraform, but unable to create a VM. Getting syntax error. I am using the latest Terraform version 15.

resource "google_compute_project_metadata" "ssh_keys" {
#sample ssh key
metadata = {
  "ssh-keys" = "user1:ssh-rsa 2g131231hxxxxxbhbh3b21hbasdsad3 abc@2213213"
}
}

resource "google_compute_instance" "sshEnable" {
name         = "sshEnable"
machine_type = "e2-xxxx"
zone         = "xxxx"
desired_status = "RUNNING"

tags = ["tag1", "value1"]

boot_disk {
 initialize_params {
  image = "debian-cloud/debian-xx"
 }
}

network_interface {
network = "default"

access_config {
  // Ephemeral IP
 }
}

shielded_instance_config {
 enable_secure_boot = true
 enable_integrity_monitoring = true
 enable_vtpm = true
 }

##Getting error below
metadata {
block-project-ssh-keys = true
} 
}

I have written this code in a single main.tf file. Any suggestions?

Upvotes: 1

Views: 1727

Answers (1)

Thomas Laporte
Thomas Laporte

Reputation: 363

The "metadata" argument should be declared as a map of key/value pairs (not as a block).

I've managed to run your exact code successfully with this change (+ the instance name which should be lowercase):

metadata = {
  block-project-ssh-keys = true
}

This has been tested with Terraform v1.0.0 and hashicorp/google v3.76.0

See the doc for reference: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance

Upvotes: 5

Related Questions