August 16, 2016 17:56 · August 19, 2016 22:00 · August 23, 2016 19:23 · August 30, 2016 23:28 · September 2, 2016 17:20 · September 7, 2016 21:42
 package main

 import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"net/http"
 	"os"
 )
 var child_process = require('child_process');

 exports.handler = function(event, context) {

       	// print out output of the received event
       	console.log("\nREQUEST RECEIVED:\n", JSON.stringify(event));

       	// since this is a vpc lambda function we need to export proxy variable
       	var command = event.command;
       	if (!command) {
 diff --git a/modules/vpc/inputs.tf b/modules/vpc/inputs.tf
 index 31a8acd..d6c144b 100644
 --- a/modules/vpc/inputs.tf
 +++ b/modules/vpc/inputs.tf
 @@ -82,6 +82,10 @@ variable enable_vpn {
 variable enable_nat {
 }
 
 +variable enable_user_management {
 +    default = 1
 # Generated by confd {{ datetime }}
 ---
 nubis_users::user:
    # global-admins{{ range $dir := lsdir "/global-admins" }}{{ if exists (print "/global-admins/" $dir "/sshPublicKey") }}
    {{ getv (print "/global-admins/" $dir "/uid") }}:
        groups:
            - wheel
            - users
        ssh_keys: | {{ $pubkey := getv (print "/global-admins/" $dir "/sshPublicKey") }}
            {{ replace $pubkey "\n" "\n\t\t" -1 }}
 package main

 import (
 	"bytes"
 	"flag"
 	"fmt"
 	"log"
 	"os/exec"
 )
 package main

 import (
       	"fmt"
       	"github.com/aws/aws-sdk-go/aws"
       	"github.com/aws/aws-sdk-go/aws/session"
       	"github.com/aws/aws-sdk-go/service/iam"
       	"log"
 )
 {
  "variables": {
    "aws_vault_profile": "nubis-training-2016-admin",
    "aws_region": "us-west-2",
    "ami_regions": "us-west-2"
  }
 }
 function aws-vault() {
    local aws_vault_cmd=$(which aws-vault)

    if [ -z "${aws_vault_cmd}" ]; then
        echo "aws-vault is not on your path you do not have it installed"
        exit 1
    fi

    case "$1" in
        exec)
 +resource "null_resource" "user_management_credstash" {
 +    count = "${var.enabled * var.enable_user_management * length(split(",", var.environments))}"
 +
 +    lifecycle {
 +        create_before_destroy = true
 +    }
 +
 +    triggers {
 +        region                  = "${var.aws_region}"
 +        environment             = "${element(split(",", var.environments))}"
 environments/stage/global/nubis-users/global-admins/elim/sshPublicKey
 environments/stage/global/nubis-users/global-admins/elim/uid
 environments/stage/global/nubis-users/global-admins/jcrowe/sshPublicKey
 environments/stage/global/nubis-users/global-admins/jcrowe/uid
 environments/stage/global/nubis-users/global-admins/pchiasson/sshPublicKey
 environments/stage/global/nubis-users/global-admins/pchiasson/uid
 environments/stage/global/nubis-users/sudo-users/riweiss/sshPublicKey
 environments/stage/global/nubis-users/sudo-users/riweiss/uid
 environments/stage/global/nubis-users/sudo-users/rtucker/sshPublicKey
 environments/stage/global/nubis-users/sudo-users/rtucker/uid
	package main

	import (
	"encoding/json"
	"fmt"
	"io/ioutil"
	"net/http"
	"os"
	)
	var child_process = require('child_process');

	exports.handler = function(event, context) {

	// print out output of the received event
	console.log("\nREQUEST RECEIVED:\n", JSON.stringify(event));

	// since this is a vpc lambda function we need to export proxy variable
	var command = event.command;
	if (!command) {
	diff --git a/modules/vpc/inputs.tf b/modules/vpc/inputs.tf
	index 31a8acd..d6c144b 100644
	--- a/modules/vpc/inputs.tf
	+++ b/modules/vpc/inputs.tf
	@@ -82,6 +82,10 @@ variable enable_vpn {
	variable enable_nat {
	}

	+variable enable_user_management {
	+ default = 1
	# Generated by confd {{ datetime }}
	---
	nubis_users::user:
	# global-admins{{ range $dir := lsdir "/global-admins" }}{{ if exists (print "/global-admins/" $dir "/sshPublicKey") }}
	{{ getv (print "/global-admins/" $dir "/uid") }}:
	groups:
	- wheel
	- users
	ssh_keys: \| {{ $pubkey := getv (print "/global-admins/" $dir "/sshPublicKey") }}
	{{ replace $pubkey "\n" "\n\t\t" -1 }}
	{
	"variables": {
	"aws_vault_profile": "nubis-training-2016-admin",
	"aws_region": "us-west-2",
	"ami_regions": "us-west-2"
	}
	}
	function aws-vault() {
	local aws_vault_cmd=$(which aws-vault)

	if [ -z "${aws_vault_cmd}" ]; then
	echo "aws-vault is not on your path you do not have it installed"
	exit 1
	fi

	case "$1" in
	exec)
	+resource "null_resource" "user_management_credstash" {
	+ count = "${var.enabled * var.enable_user_management * length(split(",", var.environments))}"
	+
	+ lifecycle {
	+ create_before_destroy = true
	+ }
	+
	+ triggers {
	+ region = "${var.aws_region}"
	+ environment = "${element(split(",", var.environments))}"
	environments/stage/global/nubis-users/global-admins/elim/sshPublicKey
	environments/stage/global/nubis-users/global-admins/elim/uid
	environments/stage/global/nubis-users/global-admins/jcrowe/sshPublicKey
	environments/stage/global/nubis-users/global-admins/jcrowe/uid
	environments/stage/global/nubis-users/global-admins/pchiasson/sshPublicKey
	environments/stage/global/nubis-users/global-admins/pchiasson/uid
	environments/stage/global/nubis-users/sudo-users/riweiss/sshPublicKey
	environments/stage/global/nubis-users/sudo-users/riweiss/uid
	environments/stage/global/nubis-users/sudo-users/rtucker/sshPublicKey
	environments/stage/global/nubis-users/sudo-users/rtucker/uid