| access_tags |
A list of access tags to apply to the VSI resources created by the module. For more information, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial. |
list(string) |
[] |
no |
| allow_ip_spoofing |
Allow IP spoofing on the primary network interface |
bool |
false |
no |
| block_storage_volumes |
List describing the block storage volumes that will be attached to each vsi |
list(
object({
name = string
profile = string
capacity = optional(number)
iops = optional(number)
encryption_key = optional(string)
snapshot_crn = optional(string) # set if you would like to base volume on a snapshot. If you plan to use a snapshot from another account, make sure that the right IAM authorizations are in place.
tags = optional(list(string), [])
})
) |
[] |
no |
| boot_volume_encryption_key |
CRN of boot volume encryption key |
string |
n/a |
yes |
| boot_volume_size |
The capacity of the volume in gigabytes. This defaults to minimum capacity of the image and maximum to 250 GB |
number |
null |
no |
| boot_volume_snapshot_crn |
The snapshot CRN of the volume to be used for creating boot volume attachment (if specified, the image_id parameter will not be used). If you plan to use a snapshot from another account, make sure that the right IAM authorizations are in place. |
string |
null |
no |
| create_security_group |
Create security group for VSI. If this is passed as false, the default will be used |
bool |
n/a |
yes |
| custom_vsi_volume_names |
A map of subnets, VSI names, and storage volume names. Subnet names should correspond to existing subnets, while VSI and storage volume names are used for resource creation. Example format: { 'subnet_name_1': { 'vsi_name_1': [ 'storage_volume_name_1', 'storage_volume_name_2' ] } }. If the 'custom_vsi_volume_names' input variable is not set, VSI and volume names are automatically determined using a prefix, the first 4 digits of the subnet_id, and number padding. In addition, for volume names, the name from the 'block_storage_volumes' input variable is also used. |
map(map(list(string))) |
{} |
no |
| dedicated_host_id |
ID of the dedicated host for hosting the VSI's. The enable_dedicated_host input should be set to true if passing a dedicated host ID |
string |
null |
no |
| enable_dedicated_host |
Enabling this option will activate dedicated hosts for the VSIs. When enabled, the dedicated_host_id input is required. The default value is set to false. Refer Understanding Dedicated Hosts for more details |
bool |
false |
no |
| enable_floating_ip |
Create a floating IP for each virtual server created |
bool |
false |
no |
| image_id |
Image ID used for VSI. Run 'ibmcloud is images' to find available images in a region |
string |
n/a |
yes |
| load_balancers |
Load balancers to add to VSI |
list(
object({
name = string
type = string
listener_port = number
listener_protocol = string
connection_limit = number
idle_connection_timeout = optional(number)
algorithm = string
protocol = string
health_delay = number
health_retries = number
health_timeout = number
health_type = string
pool_member_port = string
profile = optional(string)
dns = optional(
object({
instance_crn = string
zone_id = string
})
)
security_group = optional(
object({
name = string
rules = list(
object({
name = string
direction = string
source = string
tcp = optional(
object({
port_max = number
port_min = number
})
)
udp = optional(
object({
port_max = number
port_min = number
})
)
icmp = optional(
object({
type = number
code = number
})
)
})
)
})
)
})
) |
[] |
no |
| machine_type |
VSI machine type. Run 'ibmcloud is instance-profiles' to get a list of regional profiles |
string |
n/a |
yes |
| manage_reserved_ips |
Set to true if you want this terraform module to manage the reserved IP addresses that are assigned to VSI instances. If this option is enabled, when any VSI is recreated it should retain its original IP. |
bool |
false |
no |
| prefix |
The prefix that you would like to append to your resources |
string |
n/a |
yes |
| resource_group_id |
ID of resource group to create VSI and block storage volumes. If you wish to create the block storage volumes in a different resource group, you can optionally set that directly in the 'block_storage_volumes' variable. |
string |
n/a |
yes |
| security_group |
Security group created for VSI |
object({
name = string
rules = list(
object({
name = string
direction = string
source = string
tcp = optional(
object({
port_max = number
port_min = number
})
)
udp = optional(
object({
port_max = number
port_min = number
})
)
icmp = optional(
object({
type = number
code = number
})
)
})
)
}) |
n/a |
yes |
| security_group_ids |
IDs of additional security groups to be added to VSI deployment primary interface. A VSI interface can have a maximum of 5 security groups. |
list(string) |
[] |
no |
| skip_iam_authorization_policy |
Set to true to skip the creation of an IAM authorization policy that permits all Storage Blocks to read the encryption key from the KMS instance. If set to false, pass in a value for the boot volume encryption key in the boot_volume_encryption_key variable. In addition, no policy is created if var.kms_encryption_enabled is set to false. |
bool |
false |
no |
| snapshot_consistency_group_id |
The snapshot consistency group Id. If supplied, the group will be queried for snapshots that are matched with both boot volume and attached (attached are matched based on name suffix). You can override specific snapshot CRNs by setting the appropriate input variables as well. |
string |
null |
no |
| ssh_key_ids |
ssh key ids to use in creating vsi |
list(string) |
n/a |
yes |
| subnets |
A list of subnet IDs where VSI will be deployed |
list(
object({
name = string
id = string
zone = string
cidr = string
})
) |
n/a |
yes |
| tags |
List of tags to apply to resources created by this module. |
list(string) |
[] |
no |
| use_boot_volume_key_as_default |
Set to true to use the key specified in the boot_volume_encryption_key input as default for all volumes, overriding any key value that may be specified in the encryption_key option of the block_storage_volumes input variable. If set to false, the value passed for the encryption_key option of the block_storage_volumes will be used instead. |
bool |
false |
no |
| use_static_boot_volume_name |
Sets the boot volume name for each VSI to a static name in the format {hostname}_boot, instead of a random name. Set this to true to have a consistent boot volume name even when VSIs are recreated. |
bool |
false |
no |
| user_data |
User data to initialize VSI deployment |
string |
n/a |
yes |
| vpc_id |
ID of VPC |
string |
n/a |
yes |
| vsi_per_subnet |
Number of VSI instances for each subnet |
number |
n/a |
yes |