generated from equinix-labs/terraform-equinix-template
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
initial MVP- Palo Alto Firewall Module
- Loading branch information
1 parent
023c45f
commit de0e1e5
Showing
11 changed files
with
65 additions
and
239 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,50 +3,50 @@ provider "equinix" { | |
| client_secret = var.equinix_client_secret | ||
| } | ||
|
|
||
| module "pa-vm-ha" { | ||
| module "pa_vm_ha" { | ||
| source = "../../../modules/Palo-Alto-Network-Firewall" | ||
| # version = "1.0.0" | ||
| name = "tf-pa-vm-ha" | ||
| metro_code = var.metro_code_primary | ||
| platform = "medium" | ||
| account_number = "664566" | ||
| account_number = "123456" | ||
| software_package = "VM300" | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
| term_length = 1 | ||
| connectivity = "INTERNET-ACCESS" | ||
| notifications = ["[email protected]"] | ||
| hostname = "pavm-pri" | ||
| additional_bandwidth = 100 | ||
| acl_template_id = equinix_network_acl_template.pa-vm-pri.id | ||
| acl_template_id = equinix_network_acl_template.pa_vm_pri.id | ||
| ssh_key = { | ||
| userName = "johndoe-primary" | ||
| keyName = equinix_network_ssh_key.johndoe-pri.name | ||
| keyName = equinix_network_ssh_key.johndoe_pri.name | ||
| } | ||
| license_token = "I3372903" | ||
| license_token = "I1234567" | ||
| secondary = { | ||
| enabled = true | ||
| metro_code = var.metro_code_secondary | ||
| hostname = "nginx-sec" | ||
| account_number = "664566" | ||
| account_number = "123456" | ||
| additional_bandwidth = 50 | ||
| acl_template_id = equinix_network_acl_template.pa-vm-sec.id | ||
| license_token = "I3372903" | ||
| acl_template_id = equinix_network_acl_template.pa_vm_sec.id | ||
| license_token = "I1234567" | ||
| } | ||
|
|
||
| } | ||
|
|
||
| resource "equinix_network_ssh_key" "johndoe-pri" { | ||
| resource "equinix_network_ssh_key" "johndoe_pri" { | ||
| name = "johndoe-pri-0425-2" | ||
| public_key = var.ssh_rsa_public_key | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
| } | ||
|
|
||
| resource "equinix_network_ssh_key" "johndoe-sec" { | ||
| resource "equinix_network_ssh_key" "johndoe_sec" { | ||
| name = "johndoe-sec-0425-2" | ||
| public_key = var.ssh_rsa_public_key | ||
| } | ||
|
|
||
| resource "equinix_network_acl_template" "pa-vm-pri" { | ||
| resource "equinix_network_acl_template" "pa_vm_pri" { | ||
| name = "tf-pa-vm-pri" | ||
| description = "Primary Palo Alto Networks VM ACL template" | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
|
|
@@ -58,7 +58,7 @@ resource "equinix_network_acl_template" "pa-vm-pri" { | |
| } | ||
| } | ||
|
|
||
| resource "equinix_network_acl_template" "pa-vm-sec" { | ||
| resource "equinix_network_acl_template" "pa_vm_sec" { | ||
| name = "tf-pa-vm-sec" | ||
| description = "Secondary Palo Alto Networks VM ACL template" | ||
| inbound_rule { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -20,179 +20,6 @@ terraform apply | |
| Note that this example may create resources which cost money. Run 'terraform destroy' when you don't need these | ||
| resources. | ||
|
|
||
| To use this example of the module in your own terraform configuration include the following: | ||
|
|
||
| *NOTE: terraform.tfvars must be a separate file, but all other content can be placed together in main.tf if you prefer* | ||
|
|
||
| terraform.tfvars (Replace these values with your own): | ||
|
|
||
| ```hcl | ||
| equinix_client_id = "<MyEquinixClientId>" | ||
| equinix_client_secret = "<MyEquinixSecret>" | ||
| name = "tf-pa-vm-ha" | ||
| metro_code = var.metro_code_primary | ||
| platform = "medium" | ||
| account_number = "664566" | ||
| software_package = "VM300" | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
| software_version = "10.1.10" | ||
| term_length = 1 | ||
| notifications = ["[email protected]"] | ||
| hostname = "pavm-pri" | ||
| additional_bandwidth = 100 | ||
| acl_template_id = equinix_network_acl_template.pa-vm-pri.id | ||
| ssh_key = { | ||
| userName = "johndoe-primary" | ||
| keyName = equinix_network_ssh_key.johndoe-pri.name | ||
| } | ||
| secondary = { | ||
| enabled = true | ||
| metro_code = var.metro_code_secondary | ||
| hostname = "nginx-sec" | ||
| account_number = "664566" | ||
| additional_bandwidth = 50 | ||
| acl_template_id = equinix_network_acl_template.pa-vm-sec.id | ||
| } | ||
| license_token = "123456" | ||
| ``` | ||
|
|
||
| versions.tf: | ||
|
|
||
| ```hcl | ||
| terraform { | ||
| required_version = ">= 0.13" | ||
| required_providers { | ||
| equinix = { | ||
| source = "equinix/equinix" | ||
| version = "~> 1.34.0" | ||
| } | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| variables.tf: | ||
|
|
||
| ```hcl | ||
| variable "equinix_client_id" { | ||
| type = string | ||
| description = "API Consumer Key available under 'My Apps' in developer portal. This argument can also be specified with the EQUINIX_API_CLIENTID shell environment variable." | ||
| } | ||
| variable "equinix_client_secret" { | ||
| type = string | ||
| description = "API Consumer secret available under 'My Apps' in developer portal. This argument can also be specified with the EQUINIX_API_CLIENTSECRET shell environment variable." | ||
| } | ||
| variable "metro_code_primary" { | ||
| description = "Device location metro code" | ||
| type = string | ||
| } | ||
| variable "metro_code_secondary" { | ||
| description = "Device location metro code" | ||
| type = string | ||
| } | ||
| variable "ssh_rsa_public_key" { | ||
| description = "SSH RSA public key" | ||
| type = string | ||
| } | ||
| ``` | ||
|
|
||
| outputs.tf: | ||
|
|
||
| ```hcl | ||
| output "device_details" { | ||
| description = "Virtual device details" | ||
| value = module.pa-vm-ha | ||
| } | ||
| ``` | ||
|
|
||
| main.tf: | ||
|
|
||
| ```hcl | ||
| provider "equinix" { | ||
| client_id = var.equinix_client_id | ||
| client_secret = var.equinix_client_secret | ||
| } | ||
| module "pa-vm-ha" { | ||
| source = "../../modules/Palo-Alto-Network-Firewall" | ||
| # source = "equinix/pa-vm/equinix" | ||
| # version = "1.1.0" # Use the latest version, according to https://github.com/equinix/terraform-equinix-pa-vm/releases | ||
| name = "tf-pa-vm-ha" | ||
| metro_code = var.metro_code_primary | ||
| platform = "medium" | ||
| account_number = "664566" | ||
| software_package = "VM300" | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
| # software_version = "10.1.10" | ||
| term_length = 1 | ||
| notifications = ["[email protected]"] | ||
| hostname = "pavm-pri" | ||
| additional_bandwidth = 100 | ||
| acl_template_id = equinix_network_acl_template.pa-vm-pri.id | ||
| ssh_key = { | ||
| userName = "johndoe-primary" | ||
| keyName = equinix_network_ssh_key.johndoe-pri.name | ||
| } | ||
| secondary = { | ||
| enabled = true | ||
| metro_code = var.metro_code_secondary | ||
| hostname = "nginx-sec" | ||
| account_number = "664566" | ||
| additional_bandwidth = 50 | ||
| acl_template_id = equinix_network_acl_template.pa-vm-sec.id | ||
| } | ||
| license_token = "" | ||
| } | ||
| resource "equinix_network_ssh_key" "johndoe-pri" { | ||
| name = "johndoe-pri-0414-8" | ||
| public_key = var.ssh_rsa_public_key | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
| } | ||
| resource "equinix_network_ssh_key" "johndoe-sec" { | ||
| name = "johndoe-sec-0414-8" | ||
| public_key = var.ssh_rsa_public_key | ||
| } | ||
| resource "equinix_network_acl_template" "pa-vm-pri" { | ||
| name = "tf-pa-vm-pri" | ||
| description = "Primary Palo Alto Networks VM ACL template" | ||
| project_id = "e6be59d9-62c0-4140-aad6-150f0700203c" | ||
| inbound_rule { | ||
| subnet = "12.16.103.0/24" | ||
| protocol = "TCP" | ||
| src_port = "any" | ||
| dst_port = "22" | ||
| } | ||
| } | ||
| resource "equinix_network_acl_template" "pa-vm-sec" { | ||
| name = "tf-pa-vm-sec" | ||
| description = "Secondary Palo Alto Networks VM ACL template" | ||
| inbound_rule { | ||
| subnet = "172.16.25.0/24" | ||
| protocol = "TCP" | ||
| src_port = "any" | ||
| dst_port = "22" | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| <!-- End Example Usage --> | ||
|
|
||
|
|
||
|
|
||
| <!-- TEMPLATE: The following block has been generated by terraform-docs util: https://github.com/terraform-docs/terraform-docs --> | ||
| <!-- BEGIN_TF_DOCS --> | ||
|
|
||
Oops, something went wrong.