We will create following resources:
|Resources||Auto created resources|
|VPC (Virual Private Cloud)||Routing Table, Security Group|
Note: For a better understanding “A security group is a collection of rules that specify whether to allow traffic for an associated ‘Virtual Server Instance’ VSI. It acts as a virtual firewall that controls the traffic for one or more servers.”
Source: https://www.ibm.com/cloud/vpc/security Date: 26. November 2021
Setup the example¶
I created a small github project for this automation and I wrote two small batch scripts automations one for the creation and one for the deletion. To execute the scripts just follow the next steps:
1. Open the IBM Cloud Shell in from your IBM Cloud Web UI¶
2. Clone the project¶
git clone https://github.com/thomassuedbroecker/simple-vpc-ibm-cloud.git
3. Navigate to the scripts folder¶
4. Execute the script¶
5. Open the
VPC Infrasture in the
IBM Cloud Web UI and verify the create elements¶
Background related to the creation script¶
The creation script contains following major steps:
1. Ensures that you are in the right region¶
ibmcloud target -g $RESOURCE_GROUP ibmcloud target -r $REGION
2. Creates a VPC (Virual Private Cloud)¶
ibmcloud is vpc-create $VPC_NAME --resource-group-name $RESOURCE_GROUP --output JSON
3. Renames the default automated created elements of the VPC Routing Table and Security Group¶
ibmcloud is vpc-routing-table-update $VPC_ID $DEFAULT_ROUTING_TABLE_ID --name $DEFAULT_ROUTING_TABLE
4. Creates a Public Gateway and bind it to the zone 1, in this case (us-south-1)¶
ibmcloud is public-gateway-create $PUBLIC_GATEWAY $VPC_ID $ZONE1 \ --resource-group-name $RESOURCE_GROUP \ --output JSON
ibmcloud is subnet-create "$SUBNET_NAME" "$VPC_ID" \ --ipv4-address-count 256 \ --zone "$ZONE1" \ --resource-group-name "$RESOURCE_GROUP"
The manual creation and basic configuration for an VPC instance using the IBM Cloud CLI shows some basics dependencies, which cloud be useful from my perspective.
In addition there is also a project called Architecture and Security Controls Enterprise Tool (ASCENT) in the context of the Cloud-Native Toolkit . In that context you should take a short look into an older blog post I made Start with CICD using the Cloud Native Toolkit from the IBM Garage.
By the way: Thanks to Robert Kleniewski 👍🏻 He reminded me to link a related blog post. He did it on LinkedIn and here is the blog post: Create a Virtual Private Cloud (VPC), Virtual Server Instance (VSI) on IBM Cloud with Terraform
I hope this was useful for you and let’s see what’s next?
#ibmcloud , #vpc, #ibmcloudcli