Skip to content

mmgil/terraform-mgc-network-vpcs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

INTRODUCTION

PROJECT: IaC (Infrastructure as a Code) with terraform for deploying azure resource group

What Is Terraform?

Terraform is an infrastructure as code (IaC) tool that allows you to build, change, and version infrastructure safely and efficiently. This includes both low-level components like compute instances, storage, and networking, as well as high-level components like DNS entries and SaaS features.

What Is MGC Network VPC?

VPC is a virtual network isolated behind of the Magalu Cloud infrastructure. This resource allow you execute yours resources with more security and privacy, with full control over the network environment.

more

NAMING CONVENTIONS

An effective naming convention consists of resource names from important information about each resource. A good name helps you quickly identify the resource's type, associated workload, environment, and the region hosting it.

In our environment we adopt the following convention:

Business Cost Center (any characters) Environment (3 characters and 1 number) Azure Region (4 characters) Resource Type (5 characters max) Instance (3 characters)

Environments possibles:

Name Acronym Description
Production pro1 Production Environment
Staging sta1 Homologation Environment
Development dev1 Development Environment
Shared sha1 Shared Environment
hub hub1 Transit Environment to network resources
Spoke spk1 Hub Environment to traffic requests to on-premisses

Magalu Cloud Region (5 characters) according this table:

ACRONYM REGION
brse1 br-se1
brne1 br-ne1

For example, a virtual machine for a business costcenter called cliente01 for a production workload in the Brasil Sudeste Region might be cliente01-pro1-brse1-prj-001.

cliente01-pro1-brse1-prj-001

INSTALL TERRAFORM

Linux

Ubuntu

  curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
  sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
  sudo apt-get update && sudo apt-get install terraform
  terraform version

CentOS/RHEL/Oracle Linux

  sudo yum install -y yum-utils
  sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
  sudo yum -y install terraform
  terraform version

Windows

 Invoke-WebRequest -Uri https://releases.hashicorp.com/terraform/1.1.9/terraform_1.1.9_windows_amd64.zip -OutFile terraform.zip
 Expand-Archive .\terraform.zip -DestinationPath C:\Windows\System32\ -Force
 terraform version

AUTHENTICATING IN HASHICORP ENVIRONMENT

We are using hashicorp's SAAS to host the service states. By default, Terraform will obtain an API token and save it in plain text in a local CLI configuration file called credentials.tfrc.json. When you run terraform login, it will explain specifically where it intends to save the API token and give you a chance to cancel if the current configuration is not as desired.

You can get more details about these features from the following links:

CLI Authentication

terraform login

CLI Configuration File

You can find the API Token that has already been generated in the environment in our keepass and configure your CLI as follows:

In Windows:

@"
{
  "credentials": {
    "app.terraform.io": {
      "token": "SEE IN THE KEEPASS OR CONSULTE OURS ADMINS"
    }
  }
}
"@ | Set-Content ~\AppData\Roaming\terraform.d\credentials.tfrc.json

In Linux:

cat <<EOF | tee ~/.terraform.d/credentials.tfrc.json
{
  "credentials": {
    "app.terraform.io": {
      "token": "SEE IN THE KEEPASS OR CONSULTE OURS ADMINS"
    }
  }
}
EOF

AUTHENTICATING IN MAGALU CLOUD

If workspace in Hashicorp's environment is configured to operate locally, you will need to authenticate to the API of the Magalu Cloud using an API KEY.

You can more information how to generate this API KEY in Create API Key

In our environment we use the credentials as environment variables to autenticate in API of the Magalu Cloud, for example:

Linux:

  export MGC_API_KEY="00000000-0000-0000-0000-000000000000"

Windows:

  $env:MGC_API_KEY="00000000-0000-0000-0000-000000000000"

To persist environment variables at user level

  [System.Environment]::SetEnvironmentVariable("MGC_API_KEY","00000000-0000-0000-0000-000000000000","User")

To persist environment variables at machine level

  [System.Environment]::SetEnvironmentVariable("MGC_API_KEY","00000000-0000-0000-0000-000000000000","Machine")

ATTENTION: On Linux operating systems it is not possible to persist environment variables

By declaring these environment variables, terraform will be able to authenticate through this SPN

MODULE DOCUMENTATION

Requirements

Name Version
mgc 0.32.2

Providers

Name Version
mgc 0.32.2

Modules

No modules.

Resources

Name Type
mgc_network_subnetpools.subnetpool resource
mgc_network_vpcs.vpc resource
mgc_network_vpcs_subnets.subnet resource
mgc_availability_zones.availability_zones data source

Inputs

Name Description Type Default Required
project_name [REQUIRED] Name of an existing Project Name string n/a yes
sequence [REQUIRED] Sequence to be used on resource naming. number 1 no
subnet_pools [REQUIRED] The address space that is used the virtual network. You can supply more than one address space. CAUTION: Changing the existing address space recalculates all subnets. This action can harm the environment. 
map(
    object(
      {
        ## - REQUIRED - SUBNET POO, ENABLED OR NO.
        enabled = bool
        ## REQUIRED - The description of the subnet pool.
        description = string
        ## OPTIONAL - The CIDR block of the subnet pool
        cidr = optional(string)
        ## REQUIRED - 
        type = optional(string)
        ## REQUIRED - VPC
        vpcs = map(
          object(
            {
              enabled     = bool
              description = optional(string)
              ## REQUIRED - Network VPC Subnet
              subnets = map(
                object(
                  {
                    description     = optional(string)
                    enabled         = bool
                    dns_nameservers = optional(list(string))
                    ip_version      = string
                    mask            = number
 order           = number
                  }
                )
              )
            }
          )
        )
      }
    )
  )
 
{
  "main": {
    "cidr": "10.0.0.0/16",
    "description": "Managed by Terraform (M1 Cloud).",
    "enabled": true,
    "vpcs": {
      "default": {
        "description": "Managed by Terraform.",
        "enabled": true,
        "subnets": {
          "zona1": {
            "dns_nameservers": [
              "8.8.8.8",
              "8.8.4.4"
            ],
            "enabled": true,
            "ip_version": "IPv4",
            "mask": 22,
            "order": 1
          }
        }
      }
    }
  }
}
 no

Outputs

Name Description
resources n/a

DOCUMENTATION

Some of this documentation was generated through terraform-docs using the following command:

  docker run --rm --volume "$(pwd):/terraform-docs" quay.io/terraform-docs/terraform-docs:0.16.0 markdown /terraform-docs

About

Magalu Cloud VPC Module

m1cloud.com.br

Topics

module terraform virtual-private-cloud magalu magalucloud magalu-cloud

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

0.1.0 Latest
Feb 25, 2025

Packages

No packages published

Languages