Archivo *.json con snippets para VS Code para llamados rápidos de elementos Terraform con Huawei Cloud
Descargar y almacenar en la ruta:
%AppData%\Code\User\snippets\Una vez almacenado el archivo en la ruta mencionada
A continuación, se describe los snippets disponibles para Terraform utilizando Huawei Cloud.
- Prefijo:
tf-modHWCloudTFLib
module "HWCloudTFLib" {
source = "git::https://github.com/JuanRoeder/HWCloudTFLib.git?ref=v1.6.2"
}
locals {
enum_regions = module.HWCloudTFLib.enum_regions
enum_commons = module.HWCloudTFLib.enum_commons
enum_ecs = module.HWCloudTFLib.enum_ecs
enum_evs = module.HWCloudTFLib.enum_evs
enum_ims = module.HWCloudTFLib.enum_ims
enum_vpc = module.HWCloudTFLib.enum_vpc
enum_eip = module.HWCloudTFLib.enum_eip
enum_vpn = module.HWCloudTFLib.enum_vpn
}- Prefijo:
tf-variables
variable "HWCLOUD_SK" {
description = "Secret-key"
type = string
sensitive = true
}
variable "HWCLOUD_AK" {
description = "Access-key"
type = string
sensitive = true
}
variable "HWCLOUD_REGION" {
description = "Region"
type = string
default = ""
}
variable "HWCLOUD_PROJECTID" {
description = "Project ID"
type = string
default = ""
}- Prefijo:
tf-required_providers
terraform {
required_providers {
huaweicloud = {
source = "huaweicloud/huaweicloud"
version = ">= 1.36.0"
}
}
required_version = ">= 0.13"
}- Prefijo:
tf-provider hwcloud
provider "huaweicloud" {
region = "$region"
access_key = "${var.HWCLOUD_AK}"
secret_key = "${var.HWCLOUD_SK}"
}- Prefijo:
tf-data-eproject
data "huaweicloud_enterprise_project" "$enterprise_project" {
name = "$name"
}- Prefijo:
tf-data-image-windows
data "huaweicloud_images_image" "$windows" {
most_recent = true
architecture = local.enum_ims.architecture.x86
os = local.enum_ims.os_type.windows.name
visibility = local.enum_ims.visibility.Public
image_type = local.enum_ims.image_type.ECS
name = local.enum_ims.os_type.windows.$Enum_Image_Name
}- Prefijo:
tf-ecs-resource
resource "huaweicloud_compute_instance" "$nombre" {
enterprise_project_id = $enterprise_project_id
name = "$name"
image_id = "$image_id"
flavor_id = "$flavor_id"
security_group_ids = ["$security_group_ids"]
availability_zone = "$availability_zone"
system_disk_type = "$type"
system_disk_size = $size
dynamic "data_disks" {
for_each = [{
type = "$type"
size = $size
}]
content {
type = data_disks.value.type
size = data_disks.value.size
}
}
dynamic "network" {
for_each = [{
uuid = "$uuid"
}]
content {
uuid = network.value.uuid
}
}
}- Prefijo:
"tf-ecs-user-data - Nota: Este elemento se agrega dentro del bloque de
resourcede la ECS
user_data = base64encode(file("$init_disk.ps1"))- Prefijo:
tf-ecs-user-data-linux - Nota: Este elemento se agrega dentro del bloque de
resourcede la ECS
user_data = base64encode(file("$cloud_init_script.yaml"))- Prefijo:
tf-evs-resource
resource "huaweicloud_evs_volume" "$volumeName" {
name = "$volumeName"
volume_type = local.enum_evs.type.$Enum_type
size = $size
availability_zone = "$availability_zone"
server_id = "$server_id_to_attach"
}- Prefijo:
tf-eip-resource
resource "huaweicloud_vpc_eip" "$eip_name" {
publicip {
type = local.enum_eip.type.$Enum_type
}
bandwidth {
share_type = local.enum_eip.share_type.$Enum_type
name = "$bandwidth_name"
size = $size
charge_mode = local.enum_eip.charge_mode.$Enum_type
}
}- Prefijo:
tf-eip-associate
resource "huaweicloud_compute_eip_associate" "$name" {
public_ip = "$address_ip"
instance_id = "$ecs_id"
}- Prefijo:
tf-vpc-resource
resource "huaweicloud_vpc" "$vpc_name" {
name = "$name"
cidr = "$cidr_block"
}- Prefijo:
tf-subnet-resource
resource "huaweicloud_vpc_subnet" "$subnet_name" {
name = "$subnet_name"
cidr = "$subnet_cidr"
gateway_ip = "$subnet_gateway_ip"
vpc_id = "$vpc_id"
availability_zone = "$availability_zone"
}- Prefijo:
tf-vpc-peering
resource "huaweicloud_vpc_peering_connection" "$peering" {
provider = "huaweicloud.$mainAlias" # eliminar si el peering es con una VPC del mismo Tenant
name = "$peer_conn_name"
vpc_id = "$vpc_id"
peer_vpc_id = "$accepter_vpc_id"
}- Prefijo:
tf-vpc-peering-accepter - Nota: En el provider se debe incluir el provider con acceso al tenant remoto
resource "huaweicloud_vpc_peering_connection_accepter" "$accepter" {
provider = "huaweicloud.$peerAlias"
accept = true
vpc_peering_connection_id = huaweicloud_vpc_peering_connection.$peering.id
}- Prefijo:
tf-route-resource
resource "huaweicloud_vpc_route" "$vpc_route" {
vpc_id = "$vpc_id"
destination = "$cdir_destination"
type = local.enum_vpc.route_type.$Enum_type
nexthop = "$nexthop"
}- Prefijo:
tf-secgroup-resource
resource "huaweicloud_networking_secgroup" "$secGroupName" {
name = "$secGroupName"
delete_default_rules = true
}- Prefijo:
tf-secgroup-rule-resource
resource "huaweicloud_networking_secgroup_rule" "$ruleName" {
security_group_id = "$security_group_id"
action = local.enum_vpc.action_type.ALLOW
priority = 1 # Eliminar si 1 por defecto
direction = local.enum_vpc.secgroup_type.inbound
ethertype = local.enum_vpc.ip_version.IPv4
protocol = local.enum_vpc.protocol_type.TCP
ports = $port1,$port2,$port3-$portN
remote_ip_prefix = "$cidr_block" # Eliminar si no es a un rango de IPs en específico
remote_group_id = "$remote_group_id" # Eliminar si no es a un Security Group
remote_address_group_id = "$remote_address_group_id" # Eliminar si no es a un grupo de IPs
}- Prefijo:
tf-addr-group-resource
resource "huaweicloud_vpc_address_group" "$addrGroupName" {
name = "$addrGroupName"
ip_version = 4
ip_extra_set {
ip = "$ip_address"
remarks = "$remarks_description"
}
ip_extra_set {
ip = "$cidr_block"
remarks = "$remarks_description"
}
ip_extra_set {
ip = "$ip_address1-$ip_addressN" # Rango de IPs
}
}- Prefijo:
tf-vpn-gateway
data "huaweicloud_vpn_gateway_availability_zones" "$vpnName" {
flavor = local.enum_vpn.flavor.Professional1
attachment_type = local.enum_vpn.attachment_type.VPC
}
resource "huaweicloud_vpn_gateway" "$vpnName" {
enterprise_project_id = "$enterprise_project_id"
name = "$vpnName"
flavor = local.enum_vpn.flavor.Professional1
attachment_type = local.enum_vpn.attachment_type.VPC
vpc_id = "$vpc_id"
local_subnets = ["$cidr_block_1", "$cidr_block_2"]
connect_subnet = "$subnet_id"
asn = 64512 # 64,512 by default. Use 1 to 4,294,967,295
ha_mode = local.enum_vpn_ha_mode.Active-Standby
availability_zones = [
data.huaweicloud_vpn_gateway_availability_zones.$vpnName.names[0],
data.huaweicloud_vpn_gateway_availability_zones.$vpnName.names[1]
]
eip1 {
id = "$eip1_id" # eliminar en caso de crear nueva
bandwidth_name = "$bandwidth_name1"
type = local.enum_eip.type.dynamic-BGP
bandwidth_size = $size
charge_mode = local.enum_eip.charge_mode.Traffic
}
eip2 {
id = "$eip2_id" # eliminar en caso de crear nueva
bandwidth_name = "$bandwidth_name2"
type = local.enum_eip.type.dynamic-BGP
bandwidth_size = $size
charge_mode = local.enum_eip.charge_mode.Traffic
}
}- Prefijo:
tf-vpn-cust-gw-resource
resource "huaweicloud_vpn_customer_gateway" "$custGwName" {
name = "$CustGwName"
id_value = "$id_value" # IP o FQDN
id_type = local.enum_vpn.customer_id_type.IP
}- Prefijo:
tf-vpn-connection-static-resource
resource "huaweicloud_vpn_connection" "$vpnConnName" {
name = "$vpnConnName"
gateway_id = "$gateway_id"
gateway_ip = "$gateway_ip"
customer_gateway_id = "$customer_gateway_id"
peer_subnets = ["$cidr_peer_subnet"]
vpn_type = local.enum_vpn.connection_type.Static-Routing
psk = "$psk"
ikepolicy {
authentication_algorithm = local.enum_vpn.authentication_algorithm.sha2-256
authentication_method = local.enum_vpn.authentication_method.pre-share
encryption_algorithm = local.enum_vpn.encryption_algorithm.aes-128
ike_version = local.enum_vpn.ike_version.v2
lifetime_seconds = 86400
dh_group = local.enum_vpn.dh_group.group15
}
ipsecpolicy {
authentication_algorithm = local.enum_vpn.authentication_algorithm.sha2-256
encapsulation_mode = local.enum_vpn.encapsulation_mode.tunnel
encryption_algorithm = local.enum_vpn.encryption_algorithm.aes-128
lifetime_seconds = 3600
pfs = local.enum_vpn.pfs.group14
transform_protocol = local.enum_vpn.transform_protocol.esp
}
}- Prefijo:
tf-vpn-connection-bgp-resource
esource "huaweicloud_vpn_connection" "$vpnConnName" {
name = "$vpnConnName"
gateway_id = "$gateway_id"
gateway_ip = "$gateway_ip"
customer_gateway_id = "$customer_gateway_id"
peer_subnets = ["$cidr_peer_subnet"]
vpn_type = local.enum_vpn.connection_type.BGP-Routing
tunnel_local_address= "169.254.$pair.$addr1"
tunnel_peer_address = "169.254.$pair.$addr2"
psk = "$psk"
ikepolicy {
authentication_algorithm = local.enum_vpn.authentication_algorithm.sha2-256
authentication_method = local.enum_vpn.authentication_method.pre-share
encryption_algorithm = local.enum_vpn.encryption_algorithm.aes-128
ike_version = local.enum_vpn.ike_version.v2
lifetime_seconds = 86400
dh_group = local.enum_vpn.dh_group.group15
}
ipsecpolicy {
authentication_algorithm = local.enum_vpn.authentication_algorithm.sha2-256
encapsulation_mode = local.enum_vpn.encapsulation_mode.tunnel
encryption_algorithm = local.enum_vpn.encryption_algorithm.aes-128
lifetime_seconds = 3600
pfs = local.enum_vpn.pfs.group14
transform_protocol = local.enum_vpn.transform_protocol.esp
}
}- Prefijo:
tf-vpn-connection-policy-resource
resource "huaweicloud_vpn_connection" "$vpnConnName" {
name = "$vpnConnName"
gateway_id = "$gateway_id"
gateway_ip = "$gateway_ip"
customer_gateway_id = "$customer_gateway_id"
peer_subnets = ["$cidr_peer_subnet"]
vpn_type = local.enum_vpn.connection_type.Policy-Based
psk = "$psk"
policy_rules {
source = "$cidr_source"
destination = ["$cidr_destination"]
}
ikepolicy {
authentication_algorithm = local.enum_vpn.authentication_algorithm.sha2-256
authentication_method = local.enum_vpn.authentication_method.pre-share
encryption_algorithm = local.enum_vpn.encryption_algorithm.aes-128
ike_version = local.enum_vpn.ike_version.v2
lifetime_seconds = 86400
dh_group = local.enum_vpn.dh_group.group15
}
ipsecpolicy {
authentication_algorithm = local.enum_vpn.authentication_algorithm.sha2-256
encapsulation_mode = local.enum_vpn.encapsulation_mode.tunnel
encryption_algorithm = local.enum_vpn.encryption_algorithm.aes-128
lifetime_seconds = 3600
pfs = local.enum_vpn.pfs.group14
transform_protocol = local.enum_vpn.transform_protocol.esp
}
}