Block use of project-wide SSH keys on VM instance

Question

Block use of project-wide SSH keys on VM instance

kostacasa opened this issue 3 years ago · 2 comments

Hi,

We are using this module with great success, thank you for putting it together! In order to harden the configuration as much as possible, I was wondering if it would be possible to disable use of project-wide of SSH keys on the provisioned VM instance. Right now it's enabled by default and I did not see a way to turn the blocking on. If you don't think that would be a reasonable default, it would still be helpful to expose it as an additional input variable so that users can choose whether that makes sense for them:

resource "google_compute_instance" "default" {
  name         = "bastion-vm"
  metadata = {
+     block-project-ssh-keys = var.block-project-ssh-keys
  }
}

Answer 1 · 2021-04-09T01:36:09.000Z

Thanks for bringing this issue up. We are fairly resource constrained at the moment, but if you would like to make a PR, someone will be able to review it soon.

Answer 2 · 2021-06-08T23:10:49.000Z

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days