Skip to content

we-work-in-the-cloud/terraform-ibm-vpc-bastion

BranchesTags

Repository files navigation

Bastion for VPC Terraform Module

This module deploys a bastion instance into an existing VPC. A bastion is an instance that is provisioned with a public IP address and can be accessed via SSH. Once set up, the bastion host acts as a jump server allowing secure connection to instances provisioned without a public IP address.

Requirements

Name Version
terraform >= 0.13
ibm >= 1.18.0

Providers

Name Version
ibm >= 1.18.0

Inputs

Name Description Type Default Required
resource_group_id ID of the resource group where to create the bastion instance and security groups string n/a yes
vpc_id ID of the VPC where to create the bastion string n/a yes
subnet_id ID of the subnet where to create the bastion instance string n/a yes
name Name of the bastion instance string n/a yes
image_name Name of the image to use for the bastion instance string "ibm-ubuntu-18-04-1-minimal-amd64-2" no
init_script Script to run during the instance initialization. Defaults to an Ubuntu specific script when set to empty string "" no
profile_name Instance profile to use for the bastion instance string "cx2-2x4" no
ssh_key_ids List of SSH key IDs to inject into the bastion instance list(string) n/a yes
allow_ssh_from An IP address, a CIDR block, or a single security group identifier to allow incoming SSH connection to the bastion string "0.0.0.0/0" no
create_public_ip Set whether to allocate a public IP address for the bastion instance bool true no
security_group_rules List of security group rules to set on the bastion security group in addition to the SSH rules list 
[
  {
    "direction": "outbound",
    "name": "http_outbound",
    "remote": "0.0.0.0/0",
    "tcp": {
      "port_max": 80,
      "port_min": 80
    }
  },
  {
    "direction": "outbound",
    "name": "https_outbound",
    "remote": "0.0.0.0/0",
    "tcp": {
      "port_max": 443,
      "port_min": 443
    }
  },
  {
    "direction": "outbound",
    "name": "dns_outbound",
    "remote": "0.0.0.0/0",
    "udp": {
      "port_max": 53,
      "port_min": 53
    }
  },
  {
    "direction": "outbound",
    "icmp": {
      "type": 8
    },
    "name": "icmp_outbound",
    "remote": "0.0.0.0/0"
  }
]
 no
tags List of tags to add on all created resources list(string) [] no

Outputs

Name Description
bastion_id ID of the bastion virtual server instance
bastion_private_ip Private IP address of the bastion virtual server instance
bastion_public_ip Public IP address of the bastion virtual server instance, null if none was allocated.
bastion_security_group_id ID of the security group assigned to the bastion interface
bastion_maintenance_group_id ID of the security group used to allow connection from the bastion to your instances
bastion_network_interface_ids ID(s) of the primary_network_interface for the bastion instance

License

Apache 2 Licensed. See LICENSE for full details.

About

Bastion for VPC Terraform Module

registry.terraform.io/modules/we-work-in-the-cloud/vpc-bastion/ibm/latest

Topics

terraform ibm-cloud terraform-module

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

4 forks
Report repository

Releases

7 tags

Contributors 3

  •  
  •  
  •  

Languages