chore: add sample to main
This commit is contained in:
Marcel S. Henselin
parent
a310d1454a
commit
431f6eff8c
19 changed files with 653 additions and 0 deletions
38
sample/alpha-from-registry/key.tf
Normal file
38
sample/alpha-from-registry/key.tf
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
resource "stackit_kms_keyring" "mshalpha-keyring" {
|
||||
project_id = var.project_id
|
||||
display_name = "msh-alpha-tests"
|
||||
description = "This is a test keyring for private endpoints"
|
||||
}
|
||||
|
||||
resource "stackit_kms_key" "mshalpha-key01" {
|
||||
project_id = var.project_id
|
||||
keyring_id = stackit_kms_keyring.mshalpha-keyring.keyring_id
|
||||
display_name = "mshalpha-key01"
|
||||
protection = "software"
|
||||
algorithm = "aes_256_gcm"
|
||||
purpose = "symmetric_encrypt_decrypt"
|
||||
access_scope = "SNA"
|
||||
}
|
||||
|
||||
output "keyid" {
|
||||
value = stackit_kms_key.mshalpha-key01.key_id
|
||||
}
|
||||
|
||||
# (because stackit_kms_key.key001 is not in configuration)
|
||||
resource "stackit_kms_key" "key001" {
|
||||
access_scope = "SNA"
|
||||
algorithm = "aes_256_gcm"
|
||||
display_name = "msh-key-sna01"
|
||||
keyring_id = stackit_kms_keyring.keyring001.keyring_id
|
||||
project_id = var.project_id
|
||||
protection = "software"
|
||||
purpose = "symmetric_encrypt_decrypt"
|
||||
}
|
||||
|
||||
# stackit_kms_keyring.keyring001 will be destroyed
|
||||
# (because stackit_kms_keyring.keyring001 is not in configuration)
|
||||
resource "stackit_kms_keyring" "keyring001" {
|
||||
description = "This is a test keyring for private endpoints"
|
||||
display_name = "msh-keyring-sna01"
|
||||
project_id = var.project_id
|
||||
}
|
||||
96
sample/alpha-from-registry/postresql.tf
Normal file
96
sample/alpha-from-registry/postresql.tf
Normal file
|
|
@ -0,0 +1,96 @@
|
|||
|
||||
data "stackitprivatepreview_postgresflexalpha_flavor" "pgsql_flavor" {
|
||||
project_id = var.project_id
|
||||
region = "eu01"
|
||||
cpu = 2
|
||||
ram = 4
|
||||
node_type = "Single"
|
||||
storage_class = "premium-perf2-stackit"
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_postgresflexalpha_instance" "msh-alpha-sna-enc" {
|
||||
project_id = var.project_id
|
||||
name = "msh-alpha-sna-enc"
|
||||
backup_schedule = "0 0 * * *"
|
||||
retention_days = 45
|
||||
flavor_id = data.stackitprivatepreview_postgresflexalpha_flavor.pgsql_flavor.flavor_id
|
||||
replicas = 1
|
||||
storage = {
|
||||
performance_class = "premium-perf2-stackit"
|
||||
size = 10
|
||||
}
|
||||
encryption = {
|
||||
kek_key_id = stackit_kms_key.mshalpha-key01.key_id
|
||||
kek_key_ring_id = stackit_kms_keyring.mshalpha-keyring.keyring_id
|
||||
kek_key_version = 1
|
||||
service_account = var.sa_email
|
||||
}
|
||||
network = {
|
||||
acl = ["0.0.0.0/0", "193.148.160.0/19", "170.85.2.177/32"]
|
||||
access_scope = "SNA"
|
||||
}
|
||||
version = 17
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_postgresflexalpha_instance" "msh-alpha-nosna-noenc" {
|
||||
project_id = var.project_id
|
||||
name = "msh-alpha-nosna-enc"
|
||||
backup_schedule = "0 0 * * *"
|
||||
retention_days = 45
|
||||
flavor_id = data.stackitprivatepreview_postgresflexalpha_flavor.pgsql_flavor.flavor_id
|
||||
replicas = 1
|
||||
storage = {
|
||||
performance_class = "premium-perf2-stackit"
|
||||
size = 10
|
||||
}
|
||||
network = {
|
||||
acl = ["0.0.0.0/0", "193.148.160.0/19", "170.85.2.177/32"]
|
||||
access_scope = "PUBLIC"
|
||||
}
|
||||
version = 16
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_postgresflexalpha_user" "ptlsdbadminuser" {
|
||||
project_id = var.project_id
|
||||
instance_id = stackitprivatepreview_postgresflexalpha_instance.msh-alpha-sna-enc.instance_id
|
||||
name = var.db_admin_username
|
||||
roles = ["createdb", "login"]
|
||||
# roles = ["createdb", "login", "createrole"]
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_postgresflexalpha_user" "ptlsdbuser" {
|
||||
project_id = var.project_id
|
||||
instance_id = stackitprivatepreview_postgresflexalpha_instance.msh-alpha-sna-enc.instance_id
|
||||
name = var.db_username
|
||||
roles = ["login"]
|
||||
# roles = ["createdb", "login", "createrole"]
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_postgresflexalpha_database" "example" {
|
||||
count = 5
|
||||
depends_on = [stackitprivatepreview_postgresflexalpha_user.ptlsdbadminuser]
|
||||
project_id = var.project_id
|
||||
instance_id = stackitprivatepreview_postgresflexalpha_instance.msh-alpha-sna-enc.instance_id
|
||||
name = "${var.db_name}${count.index}"
|
||||
owner = var.db_admin_username
|
||||
}
|
||||
|
||||
# data "stackitprivatepreview_postgresflexalpha_instance" "datapsql" {
|
||||
# project_id = var.project_id
|
||||
# instance_id = var.instance_id
|
||||
# region = "eu01"
|
||||
# }
|
||||
|
||||
# output "psql_instance_id" {
|
||||
# value = data.stackitprivatepreview_postgresflexalpha_instance.datapsql.instance_id
|
||||
# }
|
||||
|
||||
output "psql_user_password" {
|
||||
value = stackitprivatepreview_postgresflexalpha_user.ptlsdbuser.password
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
# output "psql_user_conn" {
|
||||
# value = stackitprivatepreview_postgresflexalpha_user.ptlsdbuser.connection_string
|
||||
# sensitive = true
|
||||
# }
|
||||
24
sample/alpha-from-registry/providers.tf
Normal file
24
sample/alpha-from-registry/providers.tf
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
|
||||
terraform {
|
||||
required_providers {
|
||||
stackit = {
|
||||
source = "registry.terraform.io/stackitcloud/stackit"
|
||||
version = "~> 0.70"
|
||||
}
|
||||
stackitprivatepreview = {
|
||||
source = "tfregistry.sysops.stackit.rocks/mhenselin/stackitprivatepreview"
|
||||
version = ">=0.1.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "stackit" {
|
||||
default_region = "eu01"
|
||||
enable_beta_resources = true
|
||||
service_account_key_path = "../service_account.json"
|
||||
}
|
||||
|
||||
provider "stackitprivatepreview" {
|
||||
default_region = "eu01"
|
||||
service_account_key_path = "../service_account.json"
|
||||
}
|
||||
101
sample/alpha-from-registry/sqlserver.tf
Normal file
101
sample/alpha-from-registry/sqlserver.tf
Normal file
|
|
@ -0,0 +1,101 @@
|
|||
# resource "stackit_kms_keyring" "keyring001" {
|
||||
# project_id = var.project_id
|
||||
# display_name = "msh-keyring-sna01"
|
||||
# description = "This is a test keyring for private endpoints"
|
||||
# }
|
||||
#
|
||||
# resource "stackit_kms_key" "key001" {
|
||||
# project_id = var.project_id
|
||||
# keyring_id = stackit_kms_keyring.keyring001.keyring_id
|
||||
# display_name = "msh-key-sna01"
|
||||
# protection = "software"
|
||||
# algorithm = "aes_256_gcm"
|
||||
# purpose = "symmetric_encrypt_decrypt"
|
||||
# access_scope = "SNA"
|
||||
# }
|
||||
|
||||
data "stackitprivatepreview_sqlserverflexbeta_flavor" "sqlserver_flavor" {
|
||||
project_id = var.project_id
|
||||
region = "eu01"
|
||||
cpu = 4
|
||||
ram = 16
|
||||
node_type = "Single"
|
||||
storage_class = "premium-perf2-stackit"
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_sqlserverflexbeta_instance" "msh-sna-001" {
|
||||
project_id = var.project_id
|
||||
name = "msh-sna-001"
|
||||
backup_schedule = "0 3 * * *"
|
||||
retention_days = 31
|
||||
flavor_id = data.stackitprivatepreview_sqlserverflexbeta_flavor.sqlserver_flavor.flavor_id
|
||||
storage = {
|
||||
class = "premium-perf2-stackit"
|
||||
size = 50
|
||||
}
|
||||
version = 2022
|
||||
encryption = {
|
||||
kek_key_version = 1
|
||||
kek_key_id = var.key_id
|
||||
kek_key_ring_id = var.keyring_id
|
||||
service_account = var.sa_email
|
||||
}
|
||||
network = {
|
||||
acl = ["0.0.0.0/0", "193.148.160.0/19"]
|
||||
access_scope = "SNA"
|
||||
}
|
||||
}
|
||||
|
||||
#resource "stackitprivatepreview_sqlserverflexbeta_instance" "msh-nosna-001" {
|
||||
# project_id = var.project_id
|
||||
# name = "msh-nosna-001"
|
||||
# backup_schedule = "0 3 * * *"
|
||||
# retention_days = 31
|
||||
# flavor_id = data.stackitprivatepreview_sqlserverflexbeta_flavor.sqlserver_flavor.flavor_id
|
||||
# storage = {
|
||||
# class = "premium-perf2-stackit"
|
||||
# size = 50
|
||||
# }
|
||||
# version = 2022
|
||||
# # encryption = {
|
||||
# # #key_id = stackit_kms_key.key.key_id
|
||||
# # #keyring_id = stackit_kms_keyring.keyring.keyring_id
|
||||
# # #key_version = 1
|
||||
# # #key_id = var.key_id
|
||||
# # # key with scope public
|
||||
# # key_id = "fe039bcf-8d7b-431a-801d-9e81371a6b7b"
|
||||
# # keyring_id = var.keyring_id
|
||||
# # key_version = var.key_version
|
||||
# # service_account = var.sa_email
|
||||
# # }
|
||||
# network = {
|
||||
# acl = ["0.0.0.0/0", "193.148.160.0/19"]
|
||||
# access_scope = "PUBLIC"
|
||||
# }
|
||||
#}
|
||||
|
||||
# data "stackitprivatepreview_sqlserverflexbeta_instance" "test" {
|
||||
# project_id = var.project_id
|
||||
# instance_id = var.instance_id
|
||||
# region = "eu01"
|
||||
# }
|
||||
|
||||
# output "test" {
|
||||
# value = data.stackitprivatepreview_sqlserverflexbeta_instance.test
|
||||
# }
|
||||
|
||||
resource "stackitprivatepreview_sqlserverflexbeta_user" "ptlsdbadminuser" {
|
||||
project_id = var.project_id
|
||||
instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-sna-001.instance_id
|
||||
username = var.db_admin_username
|
||||
#roles = ["##STACKIT_LoginManager##", "##STACKIT_DatabaseManager##"]
|
||||
roles = ["##STACKIT_LoginManager##"]
|
||||
}
|
||||
|
||||
resource "stackitprivatepreview_sqlserverflexbeta_user" "ptlsdbuser" {
|
||||
project_id = var.project_id
|
||||
instance_id = stackitprivatepreview_sqlserverflexbeta_instance.msh-sna-001.instance_id
|
||||
username = var.db_username
|
||||
roles = ["##STACKIT_LoginManager##"]
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue