|
20 | 20 | "solution" |
21 | 21 | ], |
22 | 22 | "short_description": "Automates VPC deployment on IBM Cloud, offering full configurability and flexibility for diverse workloads.", |
23 | | - "long_description": "The Cloud automation for VPC sets up a foundational IBM Cloud® [Virtual Private Cloud (VPC)](https://www.ibm.com/cloud/vpc) environment. It lays the groundwork for adding Virtual Servers Instances (VSI) or Red Hat OpenShift clusters and other advanced resources. This can be used as a base deployable architecture for many others deployable architectures like [Cloud automation for Red Hat OpenShift Container Platform on VPC](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-ocp-vpc-1728a4fd-f561-4cf9-82ef-2b1eeb5da1a8-global), [Cloud automation for Red Hat OpenShift AI](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-ocp-ai-ba708aed-bb8a-4ac0-83a7-53a066701db5-global), [Cloud automation for Virtual Servers for Virtual Private Cloud](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-vsi-vpc-28e2b12c-858f-4ae8-8717-60db8cec2e6e-global).<br>", |
| 23 | + "long_description": "The Cloud automation for VPC sets up a foundational IBM Cloud [Virtual Private Cloud (VPC)](https://www.ibm.com/cloud/vpc) environment. It lays the groundwork for adding Virtual Servers Instances (VSI) or Red Hat OpenShift clusters and other advanced resources. This can be used as a base deployable architecture for many others deployable architectures like [Cloud automation for Red Hat OpenShift Container Platform on VPC](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-ocp-vpc-1728a4fd-f561-4cf9-82ef-2b1eeb5da1a8-global), [Cloud automation for Red Hat OpenShift AI](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-ocp-ai-ba708aed-bb8a-4ac0-83a7-53a066701db5-global), [Cloud automation for Virtual Servers for Virtual Private Cloud](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-vsi-vpc-28e2b12c-858f-4ae8-8717-60db8cec2e6e-global).<br>", |
24 | 24 | "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/README.md", |
25 | 25 | "offering_icon_url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/main/images/vpc_icon.svg", |
26 | 26 | "provider_name": "IBM", |
|
93 | 93 | "architecture": { |
94 | 94 | "features": [ |
95 | 95 | { |
96 | | - "title": "Default configuration", |
97 | | - "description": "Creates VPC with subnets in three zones and configures ACLs. The pre-defined ACLs allows traffic through 443, 80 and 22 ports. A public gateway is attached with one of the subnet." |
| 96 | + "title": "VPC instance", |
| 97 | + "description": "Sets up nd configures a VPC with subnets across three zones and implements ACLs. The predefined ACLs allows traffic on ports 443, 80 and 22." |
| 98 | + }, |
| 99 | + { |
| 100 | + "title": "Public Gateway", |
| 101 | + "description": "Configures a public gateway with one of the subnets." |
98 | 102 | } |
99 | 103 | ], |
100 | 104 | "diagrams": [ |
|
104 | 108 | "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/main/reference-architecture/deployable-architecture-vpc.svg", |
105 | 109 | "type": "image/svg+xml" |
106 | 110 | }, |
107 | | - "description": "This architecture supports provisioning and configuring a <b>Virtual Private Cloud (VPC)</b> environment. While the diagram illustrates a three-zone deployment, the VPC can also be provisioned in a single-zone or two-zone configuration, depending on your availability requirements.<br><br>The default configuration deploys a VPC with three zone subnets, configures the pre-defined ACLs, and attaches a public gateway with one of the subnet. Additional functionalities such as VPN gateway, VPE gateway, Flow Logs, security groups, etc., can be configured by providing the appropriate input values.<br><br>VPC Flow Logs are used to monitor and analyze traffic. To enable VPC Flow Logs, this solution automatically manages the following tasks:<br>- Provisions a Cloud Object Storage (COS) instance using the COS deployable architecture. Alternatively, you can provide an existing COS instance if available.<br>- Creates an object storage bucket to store flow logs in the provisioned or existing COS instance.<br>- Supports creation of keys for a Key Management Service (KMS) if a KMS-encrypted bucket is enabled for enhanced security. You can use an existing KMS instance or create a new Key Protect instance using the KMS deployable architecture.<br><br>In addition, you have an option to integrate with <b>Observability services</b>. [Cloud automation for Observability](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-observability-a3137d28-79e0-479d-8a24-758ebd5a0eab-global) provides robust monitoring and logging capabilities to deliver deep operational insights into your VPC deployment. You can use <b>IBM Cloud Activity Tracker Event Routing</b> to monitor how users and applications interact with the VPC, supporting compliance and auditability. <b>Cloud Logs</b> can be enabled to collect, view, and analyze platform logs related to the VPC components. Furthermore, <b>IBM Cloud Monitoring</b> captures essential metrics such as CPU and memory utilization, helping you proactively monitor system performance and resource consumption.<br><br>This modular design provides flexibility and serves as a secure baseline for deploying compute workloads." |
| 111 | + "description": "This architecture supports provisioning and configuring a <b>Virtual Private Cloud (VPC)</b> environment. While the diagram illustrates a three-zone deployment, the VPC can also be provisioned in a single-zone or two-zone configuration, depending on your availability requirements.<br><br>The default configuration deploys a VPC with three zone subnets, configures the predefined ACLs, and attaches a public gateway with one of the subnets. Additional functionalities such as VPN gateway, VPE gateway, Flow Logs, security groups, etc., can be configured by providing the appropriate input values.<br><br>VPC Flow Logs are used to monitor and analyze traffic. To enable VPC Flow Logs, this solution automatically manages the following tasks:<br>- Provisions a Cloud Object Storage (COS) instance using the COS deployable architecture. Alternatively, you can provide an existing COS instance if available.<br>- Creates an object storage bucket to store flow logs in the provisioned or existing COS instance.<br>- Supports creation of keys for a Key Management Service (KMS) if a KMS-encrypted bucket is enabled for enhanced security. You can use an existing KMS instance or create a new Key Protect instance using the KMS deployable architecture.<br><br>In addition, you have an option to integrate with <b>Observability services</b>. [Cloud automation for Observability](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-observability-a3137d28-79e0-479d-8a24-758ebd5a0eab-global) provides robust monitoring and logging capabilities to deliver deep operational insights into your VPC deployment. You can use <b>IBM Cloud Activity Tracker Event Routing</b> to monitor how users and applications interact with the VPC, supporting compliance and auditability. <b>Cloud Logs</b> can be enabled to collect, view, and analyze platform logs related to the VPC components. Furthermore, <b>IBM Cloud Monitoring</b> captures essential metrics such as CPU and memory utilization, helping you proactively monitor system performance and resource consumption.<br><br>This modular design provides flexibility and serves as a secure baseline for deploying compute workloads." |
108 | 112 | } |
109 | 113 | ] |
110 | 114 | }, |
|
197 | 201 | { |
198 | 202 | "key": "address_prefixes" |
199 | 203 | }, |
200 | | - { |
201 | | - "key": "routes" |
202 | | - }, |
203 | 204 | { |
204 | 205 | "key": "security_group_rules" |
205 | 206 | }, |
|
209 | 210 | { |
210 | 211 | "key": "vpn_gateways" |
211 | 212 | }, |
| 213 | + { |
| 214 | + "key": "routes" |
| 215 | + }, |
212 | 216 | { |
213 | 217 | "key": "vpe_gateway_cloud_services" |
214 | 218 | }, |
|
394 | 398 | }, |
395 | 399 | { |
396 | 400 | "key": "provider_visibility", |
397 | | - "hidden": true |
| 401 | + "hidden": true, |
| 402 | + "options": [ |
| 403 | + { |
| 404 | + "displayname": "private", |
| 405 | + "value": "private" |
| 406 | + }, |
| 407 | + { |
| 408 | + "displayname": "public", |
| 409 | + "value": "public" |
| 410 | + }, |
| 411 | + { |
| 412 | + "displayname": "public-and-private", |
| 413 | + "value": "public-and-private" |
| 414 | + } |
| 415 | + ] |
398 | 416 | } |
399 | 417 | ], |
400 | 418 | "dependencies": [ |
401 | 419 | { |
402 | 420 | "name": "deploy-arch-ibm-account-infra-base", |
403 | | - "description": "Cloud automation for Account Configuration organizes your IBM Cloud account with a ready-made set of resource groups by default and when you enable the \"with Account Settings\" option, it also applies baseline security and governance settings.", |
| 421 | + "description": "Cloud automation for Account Configuration organizes your IBM Cloud account with a ready-made set of resource groups by default and when you enable the \"with Account Settings\" option, it also applies baseline security and governance settings. ", |
404 | 422 | "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3", |
405 | 423 | "flavors": [ |
406 | 424 | "resource-group-only", |
|
426 | 444 | { |
427 | 445 | "name": "deploy-arch-ibm-kms", |
428 | 446 | "id": "2cad4789-fa90-4886-9c9e-857081c273ee-global", |
429 | | - "description": "Enable Cloud Automation for Key Protect to use customer-managed encryption keys (CMKs) for encrypting the Cloud Object Storage bucket used to store VPC Flow Logs. If disabled, IBM Cloud's default service-managed encryption will be used instead. Applicable only when VPC Flow logs are enabled.", |
| 447 | + "description": "Enable Cloud Automation for Key Protect to use customer-managed encryption keys (CMKs) for encrypting the Cloud Object Storage bucket used to store VPC Flow Logs. If disabled, IBM Cloud's default service-managed encryption will be used instead. Applicable only when VPC Flow logs are enabled. ", |
430 | 448 | "flavors": ["fully-configurable"], |
431 | 449 | "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3", |
432 | 450 | "input_mapping": [ |
|
465 | 483 | { |
466 | 484 | "name": "deploy-arch-ibm-cos", |
467 | 485 | "id": "68921490-2778-4930-ac6d-bae7be6cd958-global", |
468 | | - "description": "Enable to create an IBM Cloud Object Storage (COS) instance, where a bucket will be set up to store VPC flow logs as part of this deployment.", |
| 486 | + "description": "Enable to create an IBM Cloud Object Storage (COS) instance, where a bucket will be set up to store VPC flow logs as part of this deployment. ", |
469 | 487 | "flavors": ["instance"], |
470 | 488 | "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3", |
471 | 489 | "input_mapping": [ |
|
475 | 493 | "reference_version": true |
476 | 494 | }, |
477 | 495 | { |
478 | | - "dependency_output": "cos_instance_id", |
| 496 | + "dependency_output": "cos_instance_crn", |
479 | 497 | "version_input": "existing_cos_instance_crn" |
480 | 498 | }, |
481 | 499 | { |
|
494 | 512 | }, |
495 | 513 | { |
496 | 514 | "name": "deploy-arch-ibm-observability", |
497 | | - "description": "Configure IBM Cloud Logs, Cloud Monitoring and Activity Tracker event routing for analysing logs and metrics generated by the VPC instance.", |
| 515 | + "description": "Configure IBM Cloud Logs, Cloud Monitoring and Activity Tracker event routing for analysing logs and metrics generated by the VPC instance. ", |
498 | 516 | "id": "a3137d28-79e0-479d-8a24-758ebd5a0eab-global", |
499 | 517 | "version": "v3.0.3", |
500 | 518 | "flavors": [ |
|
0 commit comments