IBM Cloud Internet Services (CIS) Module

This module provisions an IBM Cloud Internet Services (CIS) instance and configures domain to the CIS instance. The module includes the submodules to add the following features to a CIS instance.

• Domain
• DNS records
• Global load balancer (GLB) including load balancers, origin pools and health checks
• Web Application Firewall (WAF)

For more information about the module, see, read Features of IBM Cloud Internet Services module.

Overview

• terraform-ibm-cis
• Submodules
  • dns
  • domain
  • fscloud
  • glb
  • waf
• Examples
  • End-to-end example
  • Financial Services Cloud profile example
• Contributing

terraform-ibm-cis

Usage

provider "ibm" {
  ibmcloud_api_key = ""
}

module "cis_instance" {
  source            = "terraform-ibm-modules/cis/ibm"
  version           = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
  service_name      = "example-cis"
  resource_group_id = "000fb3134f214c3a9017554db4510f70" # pragma: allowlist secret
  plan              = "standard-next"
  domain_name       = "sub.cis-terraform.com"
}

module "cis_dns_records" {
  source          = "terraform-ibm-modules/cis/ibm//dns"
  cis_instance_id = module.cis_instance.cis_instance_id
  domain_id       = module.cis_instance.cis_domain.domain_id
  dns_record_set      = [
    {
      type    = "A"
      name    = "test-example"
      content = "1.2.3.4"
      ttl     = 900
    }
  ]
}

module "cis_glb" {
  source             = "terraform-ibm-modules/cis/ibm//glb"
  cis_instance_id    = module.cis_instance.cis_instance_id
  domain_id          = module.cis_instance.cis_domain.domain_id
  glb_name           = "cis_glb"
  fallback_pool_name = "cis_fpn"
  glb_enabled        = true
  origin_pools       = [
    {
      name = "glb1"
      origins = [{
        name    = "o-1"
        address = "1.1.1.0"
        enabled = true
        }]
      enabled           = true
      description       = "Test GLB"
      check_regions     = ["WEU"]
      health_check_name = "hc1"
    }
  ]
  health_checks       = [
    {
      expected_body  = "alive"
      expected_codes = "200"
      method         = "GET"
      timeout        = 7
      path           = "/health"
      interval       = 60
      retries        = 3
      name           = "hc1"
    }
  ]
}

Required IAM access policies

You need the following permissions to run this module.

• Account Management
  • Resource Group services
    • Editor platform access
• IAM Services
  • Cloud Internet service
    • Editor platform access

Requirements

Name	Version
terraform	>= 1.3.0
ibm	>= 1.63.0, < 2.0.0

Modules

Name	Source	Version
cis_domain	./modules/domain	n/a

Resources

Name	Type
ibm_cis.cis_instance	resource

Inputs

Name	Description	Type	Default	Required
domain_name	The domain name to be added to the CIS instance.	string	n/a	yes
plan	The type of plan for the CIS instance: standard-next or trial.	string	"trial"	no
resource_group_id	The resource group ID to provision the CIS instance.	string	n/a	yes
service_name	Name of the CIS instance.	string	n/a	yes
tags	List of tags to be associated to the CIS instance.	list(string)	[]	no

Outputs

Name	Description
cis_domain	CIS Domain details
cis_instance_guid	GUID of CIS instance
cis_instance_id	CRN of CIS instance
cis_instance_name	CIS instance name
cis_instance_status	Status of CIS instance

Contributing

You can report issues and request features for this module in GitHub issues in the module repo. See Report an issue or request a feature.

To set up your local development environment, see Local development setup in the project documentation.