dfns
diff --git a/‎README.md‎
Lines changed: 1 addition & 0 deletions b/‎README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docs/data-sources/ssh.md‎
Lines changed: 49 additions & 0 deletions b/‎docs/data-sources/ssh.md‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎docs/ephemeral-resources/ssh.md‎
Lines changed: 49 additions & 0 deletions b/‎docs/ephemeral-resources/ssh.md‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎docs/index.md‎
Lines changed: 1 addition & 0 deletions b/‎docs/index.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎examples/data-sources/tunnel_ssh/data-source.tf‎
Lines changed: 14 additions & 0 deletions b/‎examples/data-sources/tunnel_ssh/data-source.tf‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎examples/ephemeral-resources/tunnel_ssh/ephemeral-resource.tf‎
Lines changed: 14 additions & 0 deletions b/‎examples/ephemeral-resources/tunnel_ssh/ephemeral-resource.tf‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎go.mod‎
Lines changed: 8 additions & 4 deletions b/‎go.mod‎
Lines changed: 8 additions & 4 deletions
diff --git a/‎go.sum‎
Lines changed: 20 additions & 6 deletions b/‎go.sum‎
Lines changed: 20 additions & 6 deletions
diff --git a/‎internal/libs/const.go‎
Lines changed: 6 additions & 0 deletions b/‎internal/libs/const.go‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎internal/provider/common.go‎ ‎internal/libs/port.go‎internal/provider/common.go renamed to internal/libs/port.go
Lines changed: 1 addition & 1 deletion b/‎internal/provider/common.go‎ ‎internal/libs/port.go‎internal/provider/common.go renamed to internal/libs/port.go
Lines changed: 1 addition & 1 deletion
@@ -9,6 +9,7 @@ The provider is compatible with HashiCorp Cloud Platform (HCP)
 ## Available tunnel types
 
 - [AWS Systems Manager (SSM)](https://docs.aws.amazon.com/systems-manager/latest/userguide/)
+- [SSH Tunneling](https://www.ssh.com/academy/ssh/tunneling)
 
 ## Example Usage
 
 
@@ -0,0 +1,49 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "tunnel_ssh Data Source - tunnel"
+subcategory: ""
+description: |-
+  Create a local SSH tunnel to a remote host
+---
+
+# tunnel_ssh (Data Source)
+
+Create a local SSH tunnel to a remote host
+
+## Example Usage
+
+```terraform
+data "tunnel_ssh" "k8s" {
+  target_host = "localhost"
+  target_port = 6443
+  ssh_host    = "k8s-master.example.com"
+  ssh_user    = "ec2-user"
+}
+
+provider "kubernetes" {
+  host = "https://${data.tunnel_ssh.k8s.local_host}:${data.tunnel_ssh.k8s.local_port}"
+
+  client_certificate     = file("~/.kube/client-cert.pem")
+  client_key             = file("~/.kube/client-key.pem")
+  cluster_ca_certificate = file("~/.kube/cluster-ca-cert.pem")
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `ssh_host` (String) The DNS name or IP address of the SSH bastion host
+- `target_host` (String) The DNS name or IP address of the remote host
+- `target_port` (Number) The port number of the remote host
+
+### Optional
+
+- `ssh_port` (Number) The port number of the SSH bastion host
+- `ssh_user` (String) The username to use for the SSH connection
+
+### Read-Only
+
+- `local_host` (String) The DNS name or IP address of the local host
+- `local_port` (Number) The local port number to use for the tunnel
@@ -0,0 +1,49 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "tunnel_ssh Ephemeral Resource - tunnel"
+subcategory: ""
+description: |-
+  Create a local SSH tunnel to a remote host
+---
+
+# tunnel_ssh (Ephemeral Resource)
+
+Create a local SSH tunnel to a remote host
+
+## Example Usage
+
+```terraform
+ephemeral "tunnel_ssh" "k8s" {
+  target_host = "localhost"
+  target_port = 6443
+  ssh_host    = "k8s-master.example.com"
+  ssh_user    = "ec2-user"
+}
+
+provider "kubernetes" {
+  host = "https://${ephemeral.tunnel_ssh.k8s.local_host}:${ephemeral.tunnel_ssh.k8s.local_port}"
+
+  client_certificate     = file("~/.kube/client-cert.pem")
+  client_key             = file("~/.kube/client-key.pem")
+  cluster_ca_certificate = file("~/.kube/cluster-ca-cert.pem")
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `ssh_host` (String) The DNS name or IP address of the SSH bastion host
+- `target_host` (String) The DNS name or IP address of the remote host
+- `target_port` (Number) The port number of the remote host
+
+### Optional
+
+- `ssh_port` (Number) The port number of the SSH bastion host
+- `ssh_user` (String) The username to use for the SSH connection
+
+### Read-Only
+
+- `local_host` (String) The DNS name or IP address of the local host
+- `local_port` (Number) The local port number to use for the tunnel
@@ -15,6 +15,7 @@ The provider is compatible with HashiCorp Cloud Platform (HCP)
 ## Available tunnel types
 
 - [AWS Systems Manager (SSM)](https://docs.aws.amazon.com/systems-manager/latest/userguide/)
+- [SSH Tunneling](https://www.ssh.com/academy/ssh/tunneling)
 
 ## Example Usage
 
 
@@ -0,0 +1,14 @@
+data "tunnel_ssh" "k8s" {
+  target_host = "localhost"
+  target_port = 6443
+  ssh_host    = "k8s-master.example.com"
+  ssh_user    = "ec2-user"
+}
+
+provider "kubernetes" {
+  host = "https://${data.tunnel_ssh.k8s.local_host}:${data.tunnel_ssh.k8s.local_port}"
+
+  client_certificate     = file("~/.kube/client-cert.pem")
+  client_key             = file("~/.kube/client-key.pem")
+  cluster_ca_certificate = file("~/.kube/cluster-ca-cert.pem")
+}
@@ -0,0 +1,14 @@
+ephemeral "tunnel_ssh" "k8s" {
+  target_host = "localhost"
+  target_port = 6443
+  ssh_host    = "k8s-master.example.com"
+  ssh_user    = "ec2-user"
+}
+
+provider "kubernetes" {
+  host = "https://${ephemeral.tunnel_ssh.k8s.local_host}:${ephemeral.tunnel_ssh.k8s.local_port}"
+
+  client_certificate     = file("~/.kube/client-cert.pem")
+  client_key             = file("~/.kube/client-key.pem")
+  cluster_ca_certificate = file("~/.kube/cluster-ca-cert.pem")
+}
@@ -1,6 +1,8 @@
 module github.com/dfns/terraform-provider-tunnel
 
-go 1.22.7
+go 1.23
+
+toolchain go1.23.4
 
 require (
 	github.com/aws/aws-sdk-go-v2 v1.32.6
@@ -9,6 +11,7 @@ require (
 	github.com/aws/session-manager-plugin v0.0.0-20241010233726-61cf1288c7c6
 	github.com/aws/smithy-go v1.22.1
 	github.com/hashicorp/terraform-plugin-framework v1.13.0
+	github.com/rgzr/sshtun v1.2.1
 	github.com/shirou/gopsutil/v4 v4.24.11
 )
 
@@ -59,10 +62,11 @@ require (
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/xtaci/smux v1.5.31 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/net v0.28.0 // indirect
-	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.26.0 // indirect
-	golang.org/x/text v0.17.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect
 	google.golang.org/grpc v1.67.1 // indirect
 	google.golang.org/protobuf v1.35.1 // indirect
 
@@ -1,3 +1,7 @@
+github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
+github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
+github.com/avast/retry-go v3.0.0+incompatible h1:4SOWQ7Qs+oroOTQOYnAHqelpCO0biHSxpiH9JdtuBj0=
+github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevBhOOCWBLXXy3hyiqqBrY=
 github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU=
 github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
 github.com/aws/aws-sdk-go-v2 v1.32.6 h1:7BokKRgRPuGmKkFMhEg/jSul+tB9VvXhcViILtfG8b4=
@@ -45,6 +49,8 @@ github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
 github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
 github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
 github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
+github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE=
+github.com/gliderlabs/ssh v0.3.7/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8=
 github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
@@ -100,10 +106,14 @@ github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJ
 github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8=
 github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
+github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI=
+github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
 github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
+github.com/rgzr/sshtun v1.2.1 h1:XrztteWapZoISyEQ7k7wCi3Yi5V7TYBHqfMPB0UvmhI=
+github.com/rgzr/sshtun v1.2.1/go.mod h1:GgLWtjaRz0MVnpFvW6StDchibSbTOh7ggQAH8qIJ1nA=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
@@ -129,10 +139,12 @@ github.com/xtaci/smux v1.5.31 h1:3ha7sHtH46h85Iv7MfQogxasuRt1KPRhoFB3S4rmHgU=
 github.com/xtaci/smux v1.5.31/go.mod h1:OMlQbT5vcgl2gb49mFkYo6SMf+zP3rcjcwQz7ZU7IGY=
 github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
 github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
 golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
-golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
-golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -144,10 +156,12 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
-golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
-golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
+golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 h1:e7S5W7MGGLaSu8j3YjdezkZ+m1/Nm0uRVRMEMGk26Xs=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
 
@@ -0,0 +1,6 @@
+package libs
+
+const (
+	TunnelTypeEnv = "DFNS_TERRAFORM_TUNNEL_TYPE"
+	TunnelConfEnv = "DFNS_TERRAFORM_TUNNEL_CONF"
+)
@@ -1,4 +1,4 @@
-package provider
+package libs
 
 import (
 	"fmt"
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-package provider`
	`1`	`+package libs`
`2`	`2`
`3`	`3`	`import (`
`4`	`4`	`"fmt"`