-
Notifications
You must be signed in to change notification settings - Fork 258
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Second ssh key cannot be added to a droplet via terraform #1068
Comments
Hi @vzuevsky, Terraform supports creating Droplets with multiple SSH keys. DigitalOcean (and Terraform in turn) does not currently support adding additional SSH keys to a Droplet via the API after it has been created. Can you explain in more detail what you mean by:
The error |
Thanks for quick reply @andrewsomething Terraform supports creating Droplets with multiple SSH keys: this is understood - I create a new droplet in existing project by adding resource definition (quoted above) to main.tf Original ssh key was never defined in main.tf, terraform pulled it from DO at first As per documentation I tried |
To clarify - I ask about a standard way to add ssh keys existing in DO to a new droplet via terraform:
How am I to break that viscous circle? |
In order to reference an imported resource, you must also write a resource configuration block.
See: https://developer.hashicorp.com/terraform/cli/import Say the SSH key resource "digitalocean_ssh_key" "example" {
name = "my-key"
public_key = file("/home/user/.ssh/id_rsa.pub")
}
resource "digitalocean_droplet" "example" {
image = "ubuntu-22-04-x64"
name = "example"
region = "nyc1"
size = "s-1vcpu-1gb"
ssh_keys = [
digitalocean_ssh_key.example.id
]
} Now you can run If you do not want to tie the lifecycle of the SSH key to the Terraform configuration, you might want to use the data source instead. No import is needed in this case. data "digitalocean_ssh_key" "example" {
name = "my-key"
}
resource "digitalocean_droplet" "example" {
image = "ubuntu-22-04-x64"
name = "example"
region = "nyc1"
size = "s-1vcpu-1gb"
ssh_keys = [
data.digitalocean_ssh_key.example.id
]
}
In this case, it sounds like the data source approach is the best fit for you. |
@andrewsomething neither of your kind suggestions would work in principle: The second option wouldn't work because a required parameter is missing:
The first option wouldn't work because there is no way to extract |
The second example is using the data source, not the resource. For the data source, only the |
@andrewsomething 🤦 I completely missed the |
Bug Report
Describe the bug
Official documentation: https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/ssh_key
Offers an option to import an ssh key from DO:
That cannot be done in practice because DO does not report correct IDs for ssh keys.
Affected Resource(s)
Expected Behavior
I should be able create droplets with Terraform with more than one key (I used at initialization) in its
authorized_keys
file e.g.,Actual Behavior
Second ssh_key cannot be imported or otherwise injected into main.tf.
Steps to Reproduce
terraform apply
--> initially okterraform apply
--> Error: Reference to undeclared resourceThe text was updated successfully, but these errors were encountered: