Provisioner sections in EC2 creation causing Terraform apply to fail

2
votes

I'm running Terraform from my local machine, going through a bastion machine, to create an Amazon Linux EC2.

The problem occurs when I include provisioner entries in my "aws_instance" resource. Without provisioner, the creation completes successfully.

With a provisioner "file" section I get the error:

ssh: handshake failed: ssh: unable to authenticate, attempted methods [none], no supported methods remain

With a provisioner "remote-exec" section I get the following that just keeps repeating until timing out:

module.create_ami.aws_instance.ec2 (remote-exec): Connecting to remote host via SSH...
module.create_ami.aws_instance.ec2 (remote-exec):   Host: 99.999.999.99
module.create_ami.aws_instance.ec2 (remote-exec):   User: ec2-user
module.create_ami.aws_instance.ec2 (remote-exec):   Password: false
module.create_ami.aws_instance.ec2 (remote-exec):   Private key: false
module.create_ami.aws_instance.ec2 (remote-exec):   SSH Agent: false
module.create_ami.aws_instance.ec2 (remote-exec): Using configured bastion host...

Does anyone know why this would be happening or suggest things to investigate?

1
terraform
module.create_ami.aws_instance.ec2 (remote-exec): Host: 99.999.999.99 doesn't look like a valid IPOin
i've pseuomised it from its actual value for this post.Todd

1 Answers

1
votes

Remote-exec is not able to ssh into the target system, as the output says- Private key:false

I believe you do not need to go through the bastion host to create one ec2 machine, you can do it even connecting to the local machine.

If you want to use remote exec on the newly created machine which is having one public IP, you can connect to it directly and if the newly created machine does not have one public IP, then you can connect to it through the bastion host.