IBM Cloud Docs
Setting up Terraform for CIS

Setting up Terraform for CIS

Terraform on IBM Cloud® enables predictable and consistent provisioning of IBM Cloud services so that you can rapidly build complex, multi-tier cloud environments following Infrastructure as Code (IaC) principles. Similar to using the IBM Cloud CLI or API and SDKs, you can automate the provisioning, update, and deletion of your IBM Cloud Internet Services instances by using HashiCorp Configuration Language (HCL).

Looking for a managed Terraform on IBM Cloud® solution? Try out IBM Cloud® Schematics. With Schematics, you can use the Terraform scripting language that you are familiar with, but you don't have to worry about setting up and maintaining the Terraform command line and the IBM Cloud® Provider plug-in. Schematics also provides pre-defined Terraform templates that you can easily install from the IBM Cloud® catalog.

Installing Terraform and configuring resources for IBM Cloud Internet Services

Before you begin, make sure that you have the required access to create and work with IBM Cloud Internet Services resources.

  • Follow the Terraform on IBM Cloud® getting started tutorial to install the Terraform CLI and configure the IBM Cloud® Provider plug-in for Terraform. The plug-in abstracts the IBM Cloud® APIs that are used to provision, update, or delete IBM Cloud Internet Services service instances and resources.
  • Create a Terraform configuration file that is named main.tf. In this file, you add the configuration to create a CIS service instance and to assign a user an access policy in Identity and Access Management (IAM) for that instance by using HashiCorp Configuration Language (HCL). For more information, see the Terraform documentation.

  1. Create a CIS instance by using the ibm_resource_instance resource argument in your main.tf file. The CIS instance in the following example is named test and is created with the standard pricing plan. The resource_group_id is data.ibm_resource_group.group.id, and the location property is set to global.

    data "ibm_resource_group" "group" {
  name = "test"
}

resource "ibm_cis" "cis_instance" {
  name              = "test"
  plan              = "standard-next"
  resource_group_id = data.ibm_resource_group.group.id
  tags              = ["tag1", "tag2"]
  location          = "global"

  //User can increase timeouts
  timeouts {
    create = "15m"
    update = "15m"
    delete = "15m"
  }
}

  2. After you finish building your configuration file, initialize the Terraform CLI. For more information, see Initializing Working Directories.

    terraform init

  3. Provision the resources from the main.tf file. For more information, see Provisioning Infrastructure with Terraform.

    1. Run terraform plan to generate a Terraform execution plan to preview the proposed actions.

      terraform plan

    2. Run terraform apply to create the resources that are defined in the plan.

      terraform apply

  4. From the IBM Cloud resource list, select the CIS instance that you created and note the instance ID.

  5. Verify that the access policy is successfully assigned. For more information, see Reviewing assigned access in the console.

What's next?

Now that you successfully created your first CIS service instance with Terraform on IBM Cloud, you can visit the Cloud Internet Services (CIS) Terraform registry to perform additional tasks using Terraform.