AWS SSH keys are private secret keys used for various access related things in AWS. These can be used for resources such as EC2 instances, IAM accounts. etc. Terraform can be used for easy and direct creation of SSH key in AWS. Let’s see how we can create SSH Key using Terraform.

Primary Components Of SSH Key with Terraform

• Terraform: It is Infrastructure as an infrastructure-as-a-service tool that allows the deployment of resources to multiple cloud providers through code.
• AWS SSH Key: It is a set of public and private key used for accessing a resource in AWS.
• IaaC: Infrastructure as a Code allows to representation of cloud infrastructure in the form of code.

Steps To Create SSH Key Using Terraform

Step 1: Set Up Terraform

• Download the Terraform zip from the installation page of the Terraform website.
• Extract and paste the terraform folder to the required location and add the path to runnable in environment variables.

Step 2: Set Up AWS CLI

• Download the AWS CLI setup from official website.
• Run the installer and follow the steps to install.

Step 3: Configure AWS CLI

• Copy or create an AWS access key from the AWS console it is required in the next step.
• Open the terminal or cmd and run the below command to configure the credentials of AWS as it will be required for Terraform.

aws configure

• Provide access keys copied in the previous step and also give default region if different.

Step 4: Create Terraform Code

• Goto your project folder and create main.tf file.
• Add terraform block to code with aws as required provider with latest version. You can find the latest version at hashicorp registry.

• Terraform block should look like below. You can add required version to avoid invalidation.

terraform {
  required_providers {
    aws = {
        source = "hashicorp/aws"
        version = "5.37.0"
    }
  }
  required_version = ">= 1.2.0"
}

• Now add provider as aws like below. Specify other details as required.

provider "aws" {
  region = "us-east-1"
}

• Add configuration for SSH Key. For this article we will create AWS IAM user SSH key. Similar procedure can be followed for other keys.

resource "aws_iam_user_ssh_key" "user1_ssh" {
  username   = <YOUR USERNAME>
  encoding   = "SSH"
  public_key = <YOUR SSH PUBLIC KEY>
}

• We have specified username for IAM user. We have added encoding as SSH.
• add your own PUBLIC SSH KEY at the place.
• The complete code will look like below.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.37.0"
    }
  }
  required_version = ">= 1.2.0"
}

provider "aws" {
  region = "us-east-1"
}

resource "aws_iam_user_ssh_key" "user1_ssh" {
  username   = <YOUR USERNAME>
  encoding   = "SSH"
  public_key = <YOUR PUBLIC SSH KEY>
}

Step 5: Apply The Terraform Code

• Once the code is ready you can apply it.
• First init the terraform by running below command in project folder where main.tf is present.

terraform init

• After successful output apply the changes using below command.

terrraform apply

• After verifying type “yes” to confirm and apply.

• Terraform will start creating ssh keys.

• You can also verify creation of ssh key on users overview page under ssh keys.

Conclusion

We have successfully ssh key for iam user with the help of terraform in this article. The configuration described can be further modified to make changes to create other keys in aws. This is how terraform allows reusable and modifiable configuration of infrastructure.

How to create an SSH key in Terraform? – FAQ’s

Q. Why do I need an SSH key pair in AWS?

An SSH key pair is required to securely access and authenticate with AWS EC2 instances. The public key is added to the EC2 instance, while the private key is used for authentication when connecting to the instance.

Q. How can I create an SSH key pair in AWS using Terraform?

You can use Terraform’s aws_key_pair resource to create an SSH key pair in AWS. This resource generates the key pair and allows you to specify the key name.

Q. What are the required parameters for creating an SSH key pair in Terraform?

When creating an SSH key pair with Terraform, you typically need to specify the key_name parameter, which is the name of the key pair. Optionally, you can also specify the public_key parameter if you want to use a specific public key.

Q. Can I delete an SSH key pair created with Terraform?

Yes, you can delete an SSH key pair using Terraform by removing the corresponding aws_key_pair resource from your Terraform configuration and applying the changes.

Q. Can I automate the creation of SSH key pairs for multiple environments with Terraform?

Yes, Terraform allows you to automate the creation of SSH key pairs for multiple environments by defining the necessary resources in your Terraform configuration files and using variables to customize the key names.