From 242b1105b0fc5e8d7251af12d53c8a3ebae09a3c Mon Sep 17 00:00:00 2001 From: Peter ONeill Date: Tue, 8 Oct 2024 11:19:45 -0600 Subject: [PATCH 1/2] Two small fixes 1. Changes SSM tier to Advance to support new self hosted keys that are 4k+ in size. 2. Updates output of web address to use fqdn when ACM is disabled. --- examples/aws/terraform/ha-autoscale-cluster/outputs.tf | 2 +- examples/aws/terraform/ha-autoscale-cluster/ssm.tf | 1 + examples/aws/terraform/starter-cluster/outputs.tf | 2 +- examples/aws/terraform/starter-cluster/ssm.tf | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/examples/aws/terraform/ha-autoscale-cluster/outputs.tf b/examples/aws/terraform/ha-autoscale-cluster/outputs.tf index 1baaa66bd9541..5d59e18eaf6d5 100644 --- a/examples/aws/terraform/ha-autoscale-cluster/outputs.tf +++ b/examples/aws/terraform/ha-autoscale-cluster/outputs.tf @@ -38,7 +38,7 @@ output "cluster_name" { output "cluster_web_address" { description = "Web address to access the Teleport cluster" - value = "https://${var.use_acm ? aws_route53_record.proxy_acm[0].name : aws_route53_record.proxy[0].name}" + value = "https://${var.use_acm ? aws_route53_record.proxy_acm[0].name : aws_route53_record.proxy[0].fqdn}" } output "key_name" { diff --git a/examples/aws/terraform/ha-autoscale-cluster/ssm.tf b/examples/aws/terraform/ha-autoscale-cluster/ssm.tf index 6077e773a2273..cf4e29d55c82d 100644 --- a/examples/aws/terraform/ha-autoscale-cluster/ssm.tf +++ b/examples/aws/terraform/ha-autoscale-cluster/ssm.tf @@ -8,4 +8,5 @@ resource "aws_ssm_parameter" "license" { type = "SecureString" value = file(var.license_path) overwrite = true + tier = "Advanced" } diff --git a/examples/aws/terraform/starter-cluster/outputs.tf b/examples/aws/terraform/starter-cluster/outputs.tf index 9ae4a2722ecf1..9b077e316914f 100644 --- a/examples/aws/terraform/starter-cluster/outputs.tf +++ b/examples/aws/terraform/starter-cluster/outputs.tf @@ -10,7 +10,7 @@ output "cluster_name" { output "cluster_web_address" { description = "Web address to access the Teleport cluster" - value = "https://${var.use_acm ? aws_route53_record.cluster_acm[0].name : aws_route53_record.cluster[0].name}" + value = "https://${var.use_acm ? aws_route53_record.cluster_acm[0].name : aws_route53_record.cluster[0].fqdn}" } output "key_name" { diff --git a/examples/aws/terraform/starter-cluster/ssm.tf b/examples/aws/terraform/starter-cluster/ssm.tf index 499791e29b740..365b71910ed64 100644 --- a/examples/aws/terraform/starter-cluster/ssm.tf +++ b/examples/aws/terraform/starter-cluster/ssm.tf @@ -5,4 +5,5 @@ resource "aws_ssm_parameter" "license" { type = "SecureString" value = file(var.license_path) overwrite = true + tier = "Advanced" } From ef9b6fc806ac77aecd017d5833fd3f7f9ab3913c Mon Sep 17 00:00:00 2001 From: Peter ONeill Date: Tue, 8 Oct 2024 11:29:11 -0600 Subject: [PATCH 2/2] Use "Intelligent-Tiering" to allow Terraform to pick the necessary Tier. --- examples/aws/terraform/ha-autoscale-cluster/ssm.tf | 2 +- examples/aws/terraform/starter-cluster/ssm.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/aws/terraform/ha-autoscale-cluster/ssm.tf b/examples/aws/terraform/ha-autoscale-cluster/ssm.tf index cf4e29d55c82d..32f92391f22fe 100644 --- a/examples/aws/terraform/ha-autoscale-cluster/ssm.tf +++ b/examples/aws/terraform/ha-autoscale-cluster/ssm.tf @@ -8,5 +8,5 @@ resource "aws_ssm_parameter" "license" { type = "SecureString" value = file(var.license_path) overwrite = true - tier = "Advanced" + tier = "Intelligent-Tiering" } diff --git a/examples/aws/terraform/starter-cluster/ssm.tf b/examples/aws/terraform/starter-cluster/ssm.tf index 365b71910ed64..b6e1589c171ac 100644 --- a/examples/aws/terraform/starter-cluster/ssm.tf +++ b/examples/aws/terraform/starter-cluster/ssm.tf @@ -5,5 +5,5 @@ resource "aws_ssm_parameter" "license" { type = "SecureString" value = file(var.license_path) overwrite = true - tier = "Advanced" + tier = "Intelligent-Tiering" }