This specialized submodule calls the root landing-zone-vpc module with a preset configuration that results in a workload VPC with a topology that is identical to the workload VPC that is created by the terraform-ibm-landing-zone module.
You can use this submodule when you need more modularity to create your topology than the terraform-ibm-landing-zone module provides. This submodule provides one of the building blocks for this topology.
See the Landing Zone example for runnable code.
module workload_vpc {
source = "terraform-ibm-modules/landing-zone-vpc/ibm//modules/workload-vpc"
version = "X.X.X" # replace X.X.X with a release version to lock into an exact release
name = "workload"
region = "us-south"
prefix = "workload-vpc"
}| Name | Version |
|---|---|
| terraform | >= 1.3.0 |
| Name | Source | Version |
|---|---|---|
| workload_vpc | ../../ | n/a |
No resources.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_tags | Optional list of access tags to add to the VPC resources that are created | list(string) |
[] |
no |
| address_prefixes | Use address_prefixes only if use_manual_address_prefixes is true otherwise prefixes will not be created. Use only if you need to manage prefixes manually. |
object({ |
null |
no |
| classic_access | Optionally allow VPC to access classic infrastructure network | bool |
null |
no |
| clean_default_sg_acl | Remove all rules from the default VPC security group and VPC ACL (less permissive) | bool |
false |
no |
| create_authorization_policy_vpc_to_cos | Set it to true if authorization policy is required for VPC to access COS | bool |
false |
no |
| default_network_acl_name | Override default ACL name | string |
null |
no |
| default_routing_table_name | Override default VPC routing table name | string |
null |
no |
| default_security_group_name | Override default VPC security group name | string |
null |
no |
| default_security_group_rules | Override default security group rules | list( |
[] |
no |
| enable_vpc_flow_logs | Enable VPC Flow Logs, it will create Flow logs collector if set to true | bool |
false |
no |
| existing_cos_bucket_name | Name of the COS bucket to collect VPC flow logs | string |
null |
no |
| existing_cos_instance_guid | GUID of the COS instance to create Flow log collector | string |
null |
no |
| network_acls | List of network ACLs to create with VPC | list( |
[ |
no |
| network_cidrs | Network CIDR for the VPC. This is used to manage network ACL rules for cluster provisioning. | list(string) |
[ |
no |
| prefix | The prefix that you would like to append to your resources | string |
"workload" |
no |
| region | The region to which to deploy the VPC | string |
"au-syd" |
no |
| resource_group_id | The resource group ID where the VPC to be created | string |
n/a | yes |
| subnets | Object for subnets to be created in each zone, each zone can have any number of subnets | object({ |
{ |
no |
| tags | List of tags to apply to resources created by this module. | list(string) |
[] |
no |
| use_public_gateways | For each zone that is set to true, a public gateway will be created in that zone |
object({ |
{ |
no |
| Name | Description |
|---|---|
| vpc_crn | CRN of VPC created |
| vpc_id | ID of VPC created |
| vpc_name | VPC name |