Hey there, I have a script I am running to start up a server on AWS with remote-exec as bootstrap scripts. With the remote-exec provisioner out, everything works fine, I can ssh into it via PuTTY (I’m on Windows 10), but as soon as I add the remote-exec, I can no longer ssh into the server which returns: “Permission denied (publickey,gssapi-keyex,gssapi-with-mic)”. This is only when I add the remote-exec provisioner. The only difference I can think of what I changed from what I did in the past was instead of using AWS website to make keys, I made them with ssh-keygen and then uploaded the public key to AWS via the CLI.
Here’s my code:
provider "aws" {
region = "us-east-1"
}
resource "aws_security_group" "allow_ssh" {
name = "allow_ssh"
description = "Allow SSH inbound traffic"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 25565
to_port = 25565
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "minecraftserver" {
ami = "ami-09d95fab7fff3776c"
instance_type = "t2.large"
associate_public_ip_address = true
key_name = "minecraftserver"
iam_instance_profile = "s3AdminAccess"
tags = {
Name = "minecraft"
}
vpc_security_group_ids = [aws_security_group.allow_ssh.id]
connection {
type = "ssh"
host = self.public_ip
user = "ec2-user"
private_key = file("C:/Users/henri/Documents/PEM/minecraftserver.pem")
}
provisioner "remote-exec" {
inline = [
"sudo yum update -y",
"aws s3 cp s3://minecraft-terraform-files/ . --recursive",
]
}
provisioner "remote-exec" {
when = destroy
inline = [
"aws s3 cp . s3://minecraft-terraform-files/ --recursive"
]
}
}
resource "aws_route53_record" "minecraft_record" {
zone_id =
name =
type = "A"
ttl = "30"
records = [aws_instance.minecraftserver.public_ip]
}
NOTE: I’m testing with Minecraft