This specialized submodule calls the root landing-zone-vpc module with a preset configuration that results in a management VPC with a topology that is identical to the management VPC that is created by the terraform-ibm-landing-zone module.
You can use this submodule when you need more modularity to create your topology than the terraform-ibm-landing-zone module provides. This submodule provides one of the building blocks for this topology.
See the Landing Zone example for runnable code.
module management_vpc {
source = "terraform-ibm-modules/landing-zone-vpc/ibm//modules/management-vpc"
version = "X.X.X" # replace X.X.X with a release version to lock into an exact release
name = "management"
region = "us-south"
prefix = "management-vpc"
}| Name | Version |
|---|---|
| terraform | >= 1.9.0 |
| Name | Source | Version |
|---|---|---|
| management_vpc | ../../ | n/a |
No resources.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_tags | Optional list of access tags to add to the VPC resources that are created | list(string) |
[] |
no |
| address_prefixes | Use address_prefixes only if use_manual_address_prefixes is true otherwise prefixes will not be created. Use only if you need to manage prefixes manually. |
object({ |
null |
no |
| clean_default_sg_acl | Remove all rules from the default VPC security group and VPC ACL (less permissive) | bool |
false |
no |
| create_authorization_policy_vpc_to_cos | Set it to true if authorization policy is required for VPC to access COS | bool |
false |
no |
| default_network_acl_name | Override default ACL name | string |
null |
no |
| default_routing_table_name | Override default VPC routing table name | string |
null |
no |
| default_security_group_name | Override default VPC security group name | string |
null |
no |
| default_security_group_rules | Override default security group rules | list( |
[] |
no |
| enable_vpc_flow_logs | Enable VPC Flow Logs, it will create Flow logs collector if set to true | bool |
false |
no |
| existing_cos_bucket_name | Name of the COS bucket to collect VPC flow logs | string |
null |
no |
| existing_cos_instance_guid | GUID of the COS instance to create Flow log collector | string |
null |
no |
| network_acls | List of network ACLs to create with VPC | list( |
[ |
no |
| network_cidrs | Network CIDR for the VPC. This is used to manage network ACL rules for cluster provisioning. | list(string) |
[ |
no |
| prefix | The prefix that you would like to append to your resources | string |
"management" |
no |
| region | The region to which to deploy the VPC | string |
"au-syd" |
no |
| resource_group_id | The resource group ID where the VPC to be created | string |
n/a | yes |
| subnets | Object for subnets to be created in each zone, each zone can have any number of subnets | object({ |
{ |
no |
| tags | List of tags to apply to resources created by this module. | list(string) |
[] |
no |
| use_public_gateways | For each zone that is set to true, a public gateway will be created in that zone |
object({ |
{ |
no |
| Name | Description |
|---|---|
| vpc_crn | CRN of VPC created |
| vpc_id | ID of VPC created |
| vpc_name | VPC name |