terraform-ibm-modules · ocofaigh · Jun 4, 2025 · May 29, 2025 · May 29, 2025 · May 29, 2025
@@ -295,6 +295,9 @@
             {
               "key": "use_legacy_network_interface"
             },
+            {
+              "key": "allow_ip_spoofing"
+            },
             {
               "key": "add_edge_vpc",
               "hidden": true
@@ -717,6 +720,9 @@
             },
             {
               "key": "use_legacy_network_interface"
+            },
+            {
+              "key": "allow_ip_spoofing"
             }
           ],
           "iam_permissions": [

@@ -68,4 +68,5 @@ module "vsi" {
   placement_group_id              = var.placement_group_id
   primary_vni_additional_ip_count = var.primary_vni_additional_ip_count
   use_legacy_network_interface    = var.use_legacy_network_interface
+  allow_ip_spoofing               = var.allow_ip_spoofing
 }
@@ -209,3 +209,9 @@ variable "use_legacy_network_interface" {
   type        = bool
   default     = false
 }
+
+variable "allow_ip_spoofing" {
+  description = "Allow IP spoofing on the primary network interface"
+  type        = bool
+  default     = false
+}
@@ -89,6 +89,7 @@ module "vsi_landing_zone" {
   existing_vpc_cbr_zone_id               = var.existing_vpc_cbr_zone_id
   user_data                              = var.user_data
   use_legacy_network_interface           = var.use_legacy_network_interface
+  allow_ip_spoofing                      = var.allow_ip_spoofing
 }
 
 moved {

@@ -86,6 +86,7 @@ locals {
         boot_volume_encryption_key_name = "${var.prefix}-vsi-volume-key"
         user_data                       = lookup(var.user_data, network, null) != null ? var.user_data[network].user_data : null
         use_legacy_network_interface    = var.use_legacy_network_interface
+        allow_ip_spoofing               = var.allow_ip_spoofing
         security_group = {
           name     = "${var.prefix}-${network}"
           vpc_name = var.vpcs[0]

@@ -160,6 +160,12 @@ variable "use_legacy_network_interface" {
   default     = false
 }
 
+variable "allow_ip_spoofing" {
+  description = "Allow IP spoofing on the primary network interface"
+  type        = bool
+  default     = false
+}
+
 ##############################################################################
 
 

@@ -423,7 +423,8 @@
                 "vsi-zone-3"
             ],
             "vpc_name": "management",
-            "vsi_per_subnet": 1
+            "vsi_per_subnet": 1,
+            "allow_ip_spoofing": false
         },
         {
             "boot_volume_encryption_key_name": "slz-vsi-volume-key",

@@ -160,6 +160,12 @@ variable "use_legacy_network_interface" {
   default     = false
 }
 
+variable "allow_ip_spoofing" {
+  description = "Allow IP spoofing on the primary network interface"
+  type        = bool
+  default     = false
+}
+
 ##############################################################################
 
 

@@ -317,6 +317,7 @@ variable "vsi" {
       user_data                       = optional(string)
       resource_group                  = optional(string)
       enable_floating_ip              = optional(bool)
+      allow_ip_spoofing               = optional(bool)
       security_groups                 = optional(list(string))
       boot_volume_encryption_key_name = optional(string)
       primary_vni_additional_ip_count = optional(number)

@@ -88,6 +88,7 @@ module "vsi" {
     }
   ]
   enable_floating_ip = each.value.enable_floating_ip == true ? true : false
+  allow_ip_spoofing  = each.value.allow_ip_spoofing
   depends_on         = [module.ssh_keys]
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -88,6 +88,7 @@ module "vsi" { @@
         }
       ]
       enable_floating_ip = each.value.enable_floating_ip == true ? true : false
+      allow_ip_spoofing  = each.value.allow_ip_spoofing
       depends_on         = [module.ssh_keys]
     }
@@ Expand Down @@