Merge branch 'develop' into multitenancy

Author: chpy04

.ebextensions/03_ssh_keys.config

@@ -0,0 +1,30 @@
+files:
+  "/tmp/add_authorized_keys.sh":
+    mode: "000755"
+    owner: root
+    group: root
+    content: |
+      #!/bin/bash
+      AUTHORIZED_KEYS="/home/ec2-user/.ssh/authorized_keys"
+      mkdir -p /home/ec2-user/.ssh
+      touch "$AUTHORIZED_KEYS"
+      chown ec2-user:ec2-user /home/ec2-user/.ssh
+      chmod 700 /home/ec2-user/.ssh
+
+      add_key() {
+        local key="$1"
+        if ! grep -qF "$key" "$AUTHORIZED_KEYS"; then
+          echo "$key" >> "$AUTHORIZED_KEYS"
+        fi
+      }
+
+      # Chris Pyle
+      add_key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMqV5gwot3utGLPGpAPWr8znU1cjMn1RE7jN8htvaOMt aws-eb"
+
+      chown ec2-user:ec2-user "$AUTHORIZED_KEYS"
+      chmod 600 "$AUTHORIZED_KEYS"
+
+commands:
+  add_authorized_keys:
+    command: "/tmp/add_authorized_keys.sh"
+    ignoreErrors: false

infrastructure/modules/elasticbeanstalk/variables.tf

@@ -14,7 +14,7 @@ variable "solution_stack_name" {
   description = "Elastic Beanstalk solution stack name"
   type        = string
   # Find the latest: aws elasticbeanstalk list-available-solution-stacks
-  default     = "64bit Amazon Linux 2023 v4.7.4 running Docker"
+  default     = "64bit Amazon Linux 2023 v4.11.0 running Docker"
 }
 
 variable "vpc_id" {

infrastructure/modules/monitoring/main.tf

@@ -357,6 +357,10 @@ resource "aws_cloudwatch_metric_alarm" "eb_memory_high" {
     Environment = var.environment
     Project     = var.project_name
   }
+
+  lifecycle {
+    ignore_changes = [metric_query]
+  }
 }
 
 #############

infrastructure/modules/network/main.tf

@@ -164,6 +164,14 @@ resource "aws_security_group" "eb_instance" {
     security_groups = [aws_security_group.alb.id]
   }
 
+  ingress {
+    description = "SSH access"
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
   egress {
     description = "Allow all outbound traffic"
     from_port   = 0