Merge pull request #350 from ministryofjustice/custom-name-option

Allow a custom instance name
ministryofjustice · Feb 1, 2024 · 0bb6c93 · 0bb6c93
2 parents 122530a + 6087467
commit 0bb6c93
Show file tree

Hide file tree

Showing 9 changed files with 78 additions and 56 deletions.
diff --git a/.github/workflows/go-terratest.yml b/.github/workflows/go-terratest.yml
@@ -20,7 +20,7 @@ jobs:
           go-version: 1.18
       - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
         with:
-          terraform_version: ~1.3
+          terraform_version: ~1.5
           terraform_wrapper: false
       - name: Download Go Modules
         working-directory: test

diff --git a/README.md b/README.md
@@ -162,6 +162,7 @@ In order to prevent older versions from being retained forever, in addition to t
 | <a name="input_business_unit"></a> [business\_unit](#input\_business\_unit) | Fixed variable to specify business-unit for RAM shared subnets | `string` | n/a | yes |
 | <a name="input_environment"></a> [environment](#input\_environment) | application environment | `string` | n/a | yes |
 | <a name="input_extra_user_data_content"></a> [extra\_user\_data\_content](#input\_extra\_user\_data\_content) | Extra user data content for Bastion ec2 | `string` | `""` | no |
+| <a name="input_instance_name"></a> [instance\_name](#input\_instance\_name) | Name of instance | `string` | `"bastion_linux"` | no |
 | <a name="input_log_auto_clean"></a> [log\_auto\_clean](#input\_log\_auto\_clean) | Enable or not the lifecycle | `string` | n/a | yes |
 | <a name="input_log_expiry_days"></a> [log\_expiry\_days](#input\_log\_expiry\_days) | Number of days before logs expiration | `number` | n/a | yes |
 | <a name="input_log_glacier_days"></a> [log\_glacier\_days](#input\_log\_glacier\_days) | Number of days before moving logs to Glacier | `number` | n/a | yes |

diff --git a/main.tf b/main.tf
@@ -86,7 +86,7 @@ resource "aws_kms_key_policy" "bastion_s3" {
         ]
         Effect = "Allow"
         Principal = {
-          AWS = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/bastion_linux_ec2_role"
+          AWS = aws_iam_role.bastion_role.arn
         }
 
         Resource = aws_kms_key.bastion_s3.arn
@@ -159,7 +159,7 @@ module "s3-bucket" {
   tags = merge(
     var.tags_common,
     {
-      Name = "bastion-linux"
+      Name = var.instance_name
     },
   )
 }
@@ -200,21 +200,21 @@ resource "aws_s3_object" "user_public_keys" {
 # Security Groups
 resource "aws_security_group" "bastion_linux" {
   description = "Configure bastion access - ingress should be only from Systems Session Manager (SSM)"
-  name        = "bastion-linux-${var.app_name}"
+  name        = "${replace(var.instance_name, "_", "-")}-${var.app_name}"
   vpc_id      = data.aws_vpc.shared_vpc.id
 
   tags = merge(
     var.tags_common,
     {
-      Name = "bastion-linux-${var.app_name}"
+      Name = "${replace(var.instance_name, "_", "-")}-${var.app_name}"
     }
   )
 }
 
 resource "aws_security_group_rule" "bastion_linux_egress_1" {
   security_group_id = aws_security_group.bastion_linux.id
 
-  description = "bastion_linux_to_local_subnet_CIDRs"
+  description = "${var.instance_name}_to_local_subnet_CIDRs"
   type        = "egress"
   from_port   = "0"
   to_port     = "65535"
@@ -225,7 +225,7 @@ resource "aws_security_group_rule" "bastion_linux_egress_1" {
 resource "aws_security_group_rule" "bastion_linux_egress_2" {
   security_group_id = aws_security_group.bastion_linux.id
 
-  description              = "bastion_linux_egress_to_interface_endpoints"
+  description              = "${var.instance_name}_egress_to_interface_endpoints"
   type                     = "egress"
   from_port                = "443"
   to_port                  = "443"
@@ -236,7 +236,7 @@ resource "aws_security_group_rule" "bastion_linux_egress_2" {
 resource "aws_security_group_rule" "bastion_linux_egress_3" {
   security_group_id = aws_security_group.bastion_linux.id
 
-  description     = "bastion_linux_egress_to_s3_endpoint"
+  description     = "${var.instance_name}_egress_to_s3_endpoint"
   type            = "egress"
   from_port       = "443"
   to_port         = "443"
@@ -259,14 +259,14 @@ data "aws_iam_policy_document" "bastion_assume_policy_document" {
 }
 
 resource "aws_iam_role" "bastion_role" {
-  name               = "bastion_linux_ec2_role"
+  name               = "${var.instance_name}_ec2_role"
   path               = "/"
   assume_role_policy = data.aws_iam_policy_document.bastion_assume_policy_document.json
 
   tags = merge(
     var.tags_common,
     {
-      Name = "bastion_linux_ec2_role"
+      Name = "${var.instance_name}_ec2_role"
     },
   )
 }
@@ -318,7 +318,7 @@ data "aws_iam_policy_document" "bastion_policy_document" {
 }
 
 resource "aws_iam_policy" "bastion_policy" {
-  name   = "bastion"
+  name   = var.instance_name
   policy = data.aws_iam_policy_document.bastion_policy_document.json
 }
 
@@ -355,7 +355,7 @@ data "aws_iam_policy_document" "bastion_ssm_s3_policy_document" {
 }
 
 resource "aws_iam_policy" "bastion_ssm_s3_policy" {
-  name   = "bastion_ssm_s3"
+  name   = "${var.instance_name}_ssm_s3"
   policy = data.aws_iam_policy_document.bastion_ssm_s3_policy_document.json
 }
 
@@ -365,7 +365,7 @@ resource "aws_iam_role_policy_attachment" "bastion_host_ssm_s3" {
 }
 
 resource "aws_iam_instance_profile" "bastion_profile" {
-  name = "bastion-ec2-profile"
+  name = "${replace(var.instance_name, "_", "-")}-ec2-profile"
   role = aws_iam_role.bastion_role.name
   path = "/"
 }
@@ -388,7 +388,7 @@ data "aws_ami" "linux_2_image" {
 }
 
 resource "aws_launch_template" "bastion_linux_template" {
-  name = "bastion_linux_template"
+  name = "${var.instance_name}_template"
 
   block_device_mappings {
     device_name = "/dev/xvda"
@@ -437,7 +437,7 @@ resource "aws_launch_template" "bastion_linux_template" {
     tags = merge(
       var.tags_common,
       {
-        Name = "bastion_linux"
+        Name = var.instance_name
       }
     )
   }
@@ -461,7 +461,7 @@ resource "aws_autoscaling_group" "bastion_linux_daily" {
     version = "$Latest"
   }
   availability_zones        = ["${var.region}a"]
-  name                      = "bastion_linux_daily"
+  name                      = "${var.instance_name}_daily"
   max_size                  = 1
   min_size                  = 1
   health_check_grace_period = 300
@@ -471,7 +471,7 @@ resource "aws_autoscaling_group" "bastion_linux_daily" {
 
   tag {
     key                 = "Name"
-    value               = "bastion_linux"
+    value               = var.instance_name
     propagate_at_launch = true
   }
 
@@ -487,7 +487,7 @@ resource "aws_autoscaling_group" "bastion_linux_daily" {
 }
 
 resource "aws_autoscaling_schedule" "bastion_linux_scale_down" {
-  scheduled_action_name  = "bastion_linux_scale_down"
+  scheduled_action_name  = "${var.instance_name}_scale_down"
   min_size               = 0
   max_size               = 0
   desired_capacity       = 0
@@ -496,7 +496,7 @@ resource "aws_autoscaling_schedule" "bastion_linux_scale_down" {
 }
 
 resource "aws_autoscaling_schedule" "bastion_linux_scale_up" {
-  scheduled_action_name  = "bastion_linux_scale_up"
+  scheduled_action_name  = "${var.instance_name}_scale_up"
   min_size               = 1
   max_size               = 1
   desired_capacity       = 1

diff --git a/test/bastion_test.go b/test/bastion_test.go
@@ -19,14 +19,22 @@ func TestBastionCreation(t *testing.T) {
 	defer terraform.Destroy(t, terraformOptions)
 
 	terraform.InitAndApply(t, terraformOptions)
-	workspace := terraform.RunTerraformCommand(t, terraformOptions, "workspace", "show")
 
-	bastionSecurityGroup := terraform.Output(t, terraformOptions, "bastion_security_group")
-	bastionLaunchTemplate := terraform.Output(t, terraformOptions, "bastion_launch_template")
-	bastionS3Bucket := terraform.Output(t, terraformOptions, "bastion_s3_bucket")
+	bastionSecurityGroup1 := terraform.Output(t, terraformOptions, "bastion_security_group_1")
+	bastionLaunchTemplate1 := terraform.Output(t, terraformOptions, "bastion_launch_template_1")
+	bastionS3Bucket1 := terraform.Output(t, terraformOptions, "bastion_s3_bucket_1")
 
-	assert.Regexp(t, regexp.MustCompile(`^sg-*`), bastionSecurityGroup)
-	assert.Contains(t, bastionLaunchTemplate, "arn:aws:ec2:eu-west-2:")
-	assert.Contains(t, bastionLaunchTemplate, "instance_type:t3.micro")
-	assert.Contains(t, bastionS3Bucket, "arn:aws:s3:::bastion-"+workspace+"-")
+	assert.Regexp(t, regexp.MustCompile(`^sg-*`), bastionSecurityGroup1)
+	assert.Contains(t, bastionLaunchTemplate1, "arn:aws:ec2:eu-west-2:")
+	assert.Contains(t, bastionLaunchTemplate1, "instance_type:t3.micro")
+	assert.Contains(t, bastionS3Bucket1, "arn:aws:s3:::bastion-1-testing-test-")
+
+	bastionSecurityGroup2 := terraform.Output(t, terraformOptions, "bastion_security_group_2")
+	bastionLaunchTemplate2 := terraform.Output(t, terraformOptions, "bastion_launch_template_2")
+	bastionS3Bucket2 := terraform.Output(t, terraformOptions, "bastion_s3_bucket_2")
+
+	assert.Regexp(t, regexp.MustCompile(`^sg-*`), bastionSecurityGroup2)
+	assert.Contains(t, bastionLaunchTemplate2, "arn:aws:ec2:eu-west-2:")
+	assert.Contains(t, bastionLaunchTemplate2, "instance_type:t3.micro")
+	assert.Contains(t, bastionS3Bucket2, "arn:aws:s3:::bastion-2-testing-test-")
 }
diff --git a/test/unit-test/backend.tf b/test/unit-test/backend.tf
diff --git a/test/unit-test/bastion_linux.json b/test/unit-test/bastion_linux.json
@@ -1,20 +1,20 @@
 {
   "keys": {
     "development": {
-      "zuri": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8WQRJ+pCFGPJRGyD92cDmYOQ0M+sqtT+8y9DOubn8sXQ/53HpT/qfqxiYTZQbeZ4JfNuCfh6yenVXaCWG8qEwgpkXymc9GdrweLRl1Uzo017iDgKHVPbGLbyJUO9Vd+JFs4c0Gm6MioxQmk/i3CX75+nQ6Bmw7gb9ZrOgG0dbK0h6nJPotmjEamIT/9EXHPvn9Hfazxhqd2KQnsbDoNjbky7yZRhHjN9U5Qi9v9Tj00z80Q+9U/p6Tk2okVvEjm9ZJEs1Y0AJT6u877yDIZMuZLgFtd8UXg4e0MqlTp3Dx1yFrJKb+7Bn+sXQNWXd+svpyfsXPnABaMUdctjT3NA7 zuri@Zuris-MacBook-Pro.local",
-      "georgef": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAM2EXs0ywP+kaMfI2OgB8FmJ3bjfiUnSxmqChrY9TUIIt2xIBTtOvHIIUrxotHiLx6O/cUKVnCfiXxF5XZoNW8t3Bt2bTsJjtWZmUQxu7XpZuWkLJ3SEHWbatOkXgRZaJ+G7NzfddSvI4z93fweyeG+68DfsCSPhOvptFostIbsrxjZnXH7wDdjAAdjBiokOcvV5fyh2FsOulKRvHmW/LKDtRGLrhip7Z8nHqzdwkxTSwNpP+3vuR2LToQPanCsbl1d6/eVhx3Fly7UgOfcwU9I+teSrphs71Wlo1dFqtB2exhmGcG4gvtwJ9Om8PN2nhAR9vjoXDTtqC6XcgSPWhmsBBDqviwTUbbzq5wfExmYkd/Kc9ttOLPgW4uMPmLuWOkuppqIP1DcEKyWsZdouKmK/Lz51/ms87UucGOAs885MkVK+6gAnzvxeElpzx714gAHAFvrIrfFsgVOlzuMNbWPYKM68oxvQOBh4CT68nx1IdEO7zMeabbwSJZOdlL4c= george.fountopoulos@L1220"
+      "davidelliott": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDoPyLxEkdq8VJctmdJYLt73X7C5XWQNK5BHtHjGFbx99IdWukjd+YniF5WSV+T+PGVWPUjnPS0UHMwQXz7rmevWuKQfFGf3OgPdYWG6BmjaQVlRj2gULHBk7wXoTMVi/e93gA4qq/GwCVOW2GsiidDUXCzDDJwJVhHKGVoLAY5uItW5qkLrlhGmNiX2g3PajzakPhMQUNy+4/8iRnzj2Xm9W17o23IowY/7FgFvaoT9D5+JWsIr+DuFZZ/Nnbioxejyk0IwrL4sf7MOW8uowq3Q2D3z+84uH5MBwbZRiw7a0elC/UaBAcs6pMd9H3H7cg7lOZDF8sWZ/+gcFUrjUyg/uh0QkJTh+ymosbcuUaO7elEJ9j9UTYtIr/Z0E5VV4pAyVbZs7Q6P1oupPijBDmUPu2D03cdQMw/cqf1LFjRAf2ZGuq3nuUlx/V3CCZxS4fY3R0ZNpUgTmF9lpxFIrqXFYa8pqRLLcI3D9O4jUOGRgqwZ2XeqAnuh+zbMpPezOE= davidelliot@L0421",
+      "ewastempel": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDn8g/Fo0Vr5uCcUp4+P1UdXtYdY73taERpeI7MrhZKQ0PVu4OSOAOQ8xv32xRSDgZsgZP3pkUkWprbgE9S8DGZjORyWndbPYhnC6nerfakEIiK4N30jNHDMmRWSwSCtwGC/ww+HQE+AR0UjoTTL56oNxN7zmgCelCuX/jgdXfTuuYKGwhqXE5hiz8YVwNUvPPgx0AI1OtbX6JPn+U8blnBfoI5mXhRw8GCvqW50OQetH6e9o0njtZPy+16XLM1sMzG1QpDfTlHVfklxqwLvFm1NDrZeYgsT76dV/YvgK74/SFBTWBjDTXtIO4rXoyjFhInzUQsMCEWuPPpov82fkqp ewastempel@L0693"
     },
     "test": {
-      "zuri": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8WQRJ+pCFGPJRGyD92cDmYOQ0M+sqtT+8y9DOubn8sXQ/53HpT/qfqxiYTZQbeZ4JfNuCfh6yenVXaCWG8qEwgpkXymc9GdrweLRl1Uzo017iDgKHVPbGLbyJUO9Vd+JFs4c0Gm6MioxQmk/i3CX75+nQ6Bmw7gb9ZrOgG0dbK0h6nJPotmjEamIT/9EXHPvn9Hfazxhqd2KQnsbDoNjbky7yZRhHjN9U5Qi9v9Tj00z80Q+9U/p6Tk2okVvEjm9ZJEs1Y0AJT6u877yDIZMuZLgFtd8UXg4e0MqlTp3Dx1yFrJKb+7Bn+sXQNWXd+svpyfsXPnABaMUdctjT3NA7 zuri@Zuris-MacBook-Pro.local",
-      "georgef": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAM2EXs0ywP+kaMfI2OgB8FmJ3bjfiUnSxmqChrY9TUIIt2xIBTtOvHIIUrxotHiLx6O/cUKVnCfiXxF5XZoNW8t3Bt2bTsJjtWZmUQxu7XpZuWkLJ3SEHWbatOkXgRZaJ+G7NzfddSvI4z93fweyeG+68DfsCSPhOvptFostIbsrxjZnXH7wDdjAAdjBiokOcvV5fyh2FsOulKRvHmW/LKDtRGLrhip7Z8nHqzdwkxTSwNpP+3vuR2LToQPanCsbl1d6/eVhx3Fly7UgOfcwU9I+teSrphs71Wlo1dFqtB2exhmGcG4gvtwJ9Om8PN2nhAR9vjoXDTtqC6XcgSPWhmsBBDqviwTUbbzq5wfExmYkd/Kc9ttOLPgW4uMPmLuWOkuppqIP1DcEKyWsZdouKmK/Lz51/ms87UucGOAs885MkVK+6gAnzvxeElpzx714gAHAFvrIrfFsgVOlzuMNbWPYKM68oxvQOBh4CT68nx1IdEO7zMeabbwSJZOdlL4c= george.fountopoulos@L1220"
+      "davidelliott": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDoPyLxEkdq8VJctmdJYLt73X7C5XWQNK5BHtHjGFbx99IdWukjd+YniF5WSV+T+PGVWPUjnPS0UHMwQXz7rmevWuKQfFGf3OgPdYWG6BmjaQVlRj2gULHBk7wXoTMVi/e93gA4qq/GwCVOW2GsiidDUXCzDDJwJVhHKGVoLAY5uItW5qkLrlhGmNiX2g3PajzakPhMQUNy+4/8iRnzj2Xm9W17o23IowY/7FgFvaoT9D5+JWsIr+DuFZZ/Nnbioxejyk0IwrL4sf7MOW8uowq3Q2D3z+84uH5MBwbZRiw7a0elC/UaBAcs6pMd9H3H7cg7lOZDF8sWZ/+gcFUrjUyg/uh0QkJTh+ymosbcuUaO7elEJ9j9UTYtIr/Z0E5VV4pAyVbZs7Q6P1oupPijBDmUPu2D03cdQMw/cqf1LFjRAf2ZGuq3nuUlx/V3CCZxS4fY3R0ZNpUgTmF9lpxFIrqXFYa8pqRLLcI3D9O4jUOGRgqwZ2XeqAnuh+zbMpPezOE= davidelliot@L0421",
+      "ewastempel": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDn8g/Fo0Vr5uCcUp4+P1UdXtYdY73taERpeI7MrhZKQ0PVu4OSOAOQ8xv32xRSDgZsgZP3pkUkWprbgE9S8DGZjORyWndbPYhnC6nerfakEIiK4N30jNHDMmRWSwSCtwGC/ww+HQE+AR0UjoTTL56oNxN7zmgCelCuX/jgdXfTuuYKGwhqXE5hiz8YVwNUvPPgx0AI1OtbX6JPn+U8blnBfoI5mXhRw8GCvqW50OQetH6e9o0njtZPy+16XLM1sMzG1QpDfTlHVfklxqwLvFm1NDrZeYgsT76dV/YvgK74/SFBTWBjDTXtIO4rXoyjFhInzUQsMCEWuPPpov82fkqp ewastempel@L0693"
     },
     "preproduction": {
-      "zuri": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8WQRJ+pCFGPJRGyD92cDmYOQ0M+sqtT+8y9DOubn8sXQ/53HpT/qfqxiYTZQbeZ4JfNuCfh6yenVXaCWG8qEwgpkXymc9GdrweLRl1Uzo017iDgKHVPbGLbyJUO9Vd+JFs4c0Gm6MioxQmk/i3CX75+nQ6Bmw7gb9ZrOgG0dbK0h6nJPotmjEamIT/9EXHPvn9Hfazxhqd2KQnsbDoNjbky7yZRhHjN9U5Qi9v9Tj00z80Q+9U/p6Tk2okVvEjm9ZJEs1Y0AJT6u877yDIZMuZLgFtd8UXg4e0MqlTp3Dx1yFrJKb+7Bn+sXQNWXd+svpyfsXPnABaMUdctjT3NA7 zuri@Zuris-MacBook-Pro.local",
-      "georgef": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAM2EXs0ywP+kaMfI2OgB8FmJ3bjfiUnSxmqChrY9TUIIt2xIBTtOvHIIUrxotHiLx6O/cUKVnCfiXxF5XZoNW8t3Bt2bTsJjtWZmUQxu7XpZuWkLJ3SEHWbatOkXgRZaJ+G7NzfddSvI4z93fweyeG+68DfsCSPhOvptFostIbsrxjZnXH7wDdjAAdjBiokOcvV5fyh2FsOulKRvHmW/LKDtRGLrhip7Z8nHqzdwkxTSwNpP+3vuR2LToQPanCsbl1d6/eVhx3Fly7UgOfcwU9I+teSrphs71Wlo1dFqtB2exhmGcG4gvtwJ9Om8PN2nhAR9vjoXDTtqC6XcgSPWhmsBBDqviwTUbbzq5wfExmYkd/Kc9ttOLPgW4uMPmLuWOkuppqIP1DcEKyWsZdouKmK/Lz51/ms87UucGOAs885MkVK+6gAnzvxeElpzx714gAHAFvrIrfFsgVOlzuMNbWPYKM68oxvQOBh4CT68nx1IdEO7zMeabbwSJZOdlL4c= george.fountopoulos@L1220"
+      "davidelliott": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDoPyLxEkdq8VJctmdJYLt73X7C5XWQNK5BHtHjGFbx99IdWukjd+YniF5WSV+T+PGVWPUjnPS0UHMwQXz7rmevWuKQfFGf3OgPdYWG6BmjaQVlRj2gULHBk7wXoTMVi/e93gA4qq/GwCVOW2GsiidDUXCzDDJwJVhHKGVoLAY5uItW5qkLrlhGmNiX2g3PajzakPhMQUNy+4/8iRnzj2Xm9W17o23IowY/7FgFvaoT9D5+JWsIr+DuFZZ/Nnbioxejyk0IwrL4sf7MOW8uowq3Q2D3z+84uH5MBwbZRiw7a0elC/UaBAcs6pMd9H3H7cg7lOZDF8sWZ/+gcFUrjUyg/uh0QkJTh+ymosbcuUaO7elEJ9j9UTYtIr/Z0E5VV4pAyVbZs7Q6P1oupPijBDmUPu2D03cdQMw/cqf1LFjRAf2ZGuq3nuUlx/V3CCZxS4fY3R0ZNpUgTmF9lpxFIrqXFYa8pqRLLcI3D9O4jUOGRgqwZ2XeqAnuh+zbMpPezOE= davidelliot@L0421",
+      "ewastempel": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDn8g/Fo0Vr5uCcUp4+P1UdXtYdY73taERpeI7MrhZKQ0PVu4OSOAOQ8xv32xRSDgZsgZP3pkUkWprbgE9S8DGZjORyWndbPYhnC6nerfakEIiK4N30jNHDMmRWSwSCtwGC/ww+HQE+AR0UjoTTL56oNxN7zmgCelCuX/jgdXfTuuYKGwhqXE5hiz8YVwNUvPPgx0AI1OtbX6JPn+U8blnBfoI5mXhRw8GCvqW50OQetH6e9o0njtZPy+16XLM1sMzG1QpDfTlHVfklxqwLvFm1NDrZeYgsT76dV/YvgK74/SFBTWBjDTXtIO4rXoyjFhInzUQsMCEWuPPpov82fkqp ewastempel@L0693"
     },
     "production": {
-      "zuri": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8WQRJ+pCFGPJRGyD92cDmYOQ0M+sqtT+8y9DOubn8sXQ/53HpT/qfqxiYTZQbeZ4JfNuCfh6yenVXaCWG8qEwgpkXymc9GdrweLRl1Uzo017iDgKHVPbGLbyJUO9Vd+JFs4c0Gm6MioxQmk/i3CX75+nQ6Bmw7gb9ZrOgG0dbK0h6nJPotmjEamIT/9EXHPvn9Hfazxhqd2KQnsbDoNjbky7yZRhHjN9U5Qi9v9Tj00z80Q+9U/p6Tk2okVvEjm9ZJEs1Y0AJT6u877yDIZMuZLgFtd8UXg4e0MqlTp3Dx1yFrJKb+7Bn+sXQNWXd+svpyfsXPnABaMUdctjT3NA7 zuri@Zuris-MacBook-Pro.local",
-      "georgef": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAM2EXs0ywP+kaMfI2OgB8FmJ3bjfiUnSxmqChrY9TUIIt2xIBTtOvHIIUrxotHiLx6O/cUKVnCfiXxF5XZoNW8t3Bt2bTsJjtWZmUQxu7XpZuWkLJ3SEHWbatOkXgRZaJ+G7NzfddSvI4z93fweyeG+68DfsCSPhOvptFostIbsrxjZnXH7wDdjAAdjBiokOcvV5fyh2FsOulKRvHmW/LKDtRGLrhip7Z8nHqzdwkxTSwNpP+3vuR2LToQPanCsbl1d6/eVhx3Fly7UgOfcwU9I+teSrphs71Wlo1dFqtB2exhmGcG4gvtwJ9Om8PN2nhAR9vjoXDTtqC6XcgSPWhmsBBDqviwTUbbzq5wfExmYkd/Kc9ttOLPgW4uMPmLuWOkuppqIP1DcEKyWsZdouKmK/Lz51/ms87UucGOAs885MkVK+6gAnzvxeElpzx714gAHAFvrIrfFsgVOlzuMNbWPYKM68oxvQOBh4CT68nx1IdEO7zMeabbwSJZOdlL4c= george.fountopoulos@L1220"
+      "davidelliott": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDoPyLxEkdq8VJctmdJYLt73X7C5XWQNK5BHtHjGFbx99IdWukjd+YniF5WSV+T+PGVWPUjnPS0UHMwQXz7rmevWuKQfFGf3OgPdYWG6BmjaQVlRj2gULHBk7wXoTMVi/e93gA4qq/GwCVOW2GsiidDUXCzDDJwJVhHKGVoLAY5uItW5qkLrlhGmNiX2g3PajzakPhMQUNy+4/8iRnzj2Xm9W17o23IowY/7FgFvaoT9D5+JWsIr+DuFZZ/Nnbioxejyk0IwrL4sf7MOW8uowq3Q2D3z+84uH5MBwbZRiw7a0elC/UaBAcs6pMd9H3H7cg7lOZDF8sWZ/+gcFUrjUyg/uh0QkJTh+ymosbcuUaO7elEJ9j9UTYtIr/Z0E5VV4pAyVbZs7Q6P1oupPijBDmUPu2D03cdQMw/cqf1LFjRAf2ZGuq3nuUlx/V3CCZxS4fY3R0ZNpUgTmF9lpxFIrqXFYa8pqRLLcI3D9O4jUOGRgqwZ2XeqAnuh+zbMpPezOE= davidelliot@L0421",
+      "ewastempel": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDn8g/Fo0Vr5uCcUp4+P1UdXtYdY73taERpeI7MrhZKQ0PVu4OSOAOQ8xv32xRSDgZsgZP3pkUkWprbgE9S8DGZjORyWndbPYhnC6nerfakEIiK4N30jNHDMmRWSwSCtwGC/ww+HQE+AR0UjoTTL56oNxN7zmgCelCuX/jgdXfTuuYKGwhqXE5hiz8YVwNUvPPgx0AI1OtbX6JPn+U8blnBfoI5mXhRw8GCvqW50OQetH6e9o0njtZPy+16XLM1sMzG1QpDfTlHVfklxqwLvFm1NDrZeYgsT76dV/YvgK74/SFBTWBjDTXtIO4rXoyjFhInzUQsMCEWuPPpov82fkqp ewastempel@L0693"
     }
   }
 }
diff --git a/test/unit-test/main.tf b/test/unit-test/main.tf
@@ -3,15 +3,19 @@ locals {
 }
 
 module "bastion_linux" {
+  count  = 2
   source = "../../"
 
   providers = {
     aws.share-host   = aws.core-vpc # core-vpc-(environment) holds the networking for all accounts
     aws.share-tenant = aws          # The default provider (unaliased, `aws`) is the tenant
   }
 
+  # Instance name
+  instance_name = "bastion_linux_${count.index + 1}"
+
   # s3 - used for logs and user ssh public keys
-  bucket_name          = "bastion"
+  bucket_name          = "bastion-${count.index + 1}"
   bucket_versioning    = true
   bucket_force_destroy = true
   # public keys
@@ -32,5 +36,5 @@ module "bastion_linux" {
 
   # Tags
   tags_common = local.tags
-  tags_prefix = terraform.workspace
+  tags_prefix = "testing-test"
 }
diff --git a/test/unit-test/outputs.tf b/test/unit-test/outputs.tf
@@ -1,14 +1,29 @@
-output "bastion_security_group" {
-  value       = module.bastion_linux.bastion_security_group
+output "bastion_security_group_1" {
   description = "Security group of bastion"
+  value       = module.bastion_linux[0].bastion_security_group
 }
 
-output "bastion_launch_template" {
+output "bastion_launch_template_1" {
   description = "Launch template of bastion"
-  value       = module.bastion_linux.bastion_launch_template
+  value       = module.bastion_linux[0].bastion_launch_template
 }
 
-output "bastion_s3_bucket" {
+output "bastion_s3_bucket_1" {
   description = "S3 bucket of bastion"
-  value       = module.bastion_linux.bastion_s3_bucket
-}
+  value       = module.bastion_linux[0].bastion_s3_bucket
+}
+
+output "bastion_security_group_2" {
+  description = "Security group of bastion"
+  value       = module.bastion_linux[1].bastion_security_group
+}
+
+output "bastion_launch_template_2" {
+  description = "Launch template of bastion"
+  value       = module.bastion_linux[1].bastion_launch_template
+}
+
+output "bastion_s3_bucket_2" {
+  description = "S3 bucket of bastion"
+  value       = module.bastion_linux[1].bastion_s3_bucket
+}
diff --git a/variables.tf b/variables.tf
@@ -13,6 +13,12 @@ variable "app_name" {
   }
 }
 
+variable "instance_name" {
+  type        = string
+  description = "Name of instance"
+  default     = "bastion_linux"
+}
+
 variable "business_unit" {
   type        = string
   description = "Fixed variable to specify business-unit for RAM shared subnets"