IBM Cloud Docs
Setting up Terraform for Transit Gateway

Setting up Terraform for Transit Gateway

Terraform on IBM Cloud® enables predictable and consistent creation of IBM Cloud services so that you can rapidly build complex, multi-tier cloud environments following Infrastructure as Code (IaC) principles. Similar to using the IBM Cloud CLI or API and SDKs, you can automate the creation, update, and deletion of your Transit Gateway instances by using HashiCorp Configuration Language (HCL).

Looking for a managed Terraform on IBM Cloud® solution? Try out IBM Cloud® Schematics. With Schematics, you can use the Terraform scripting language that you are familiar with, but you don't have to worry about setting up and maintaining the Terraform command line and the IBM Cloud® Provider plug-in. Schematics also provides pre-defined Terraform templates that you can easily install from the IBM Cloud® catalog.

Installing Terraform and configuring resources for Transit Gateway

Before you can create an authorization by using Terraform, make sure that you have completed the following:

  • Make sure that you have the required access to create and work with Transit Gateway resources.
  • Install the Terraform CLI and configure the IBM Cloud Provider plug-in for Terraform. For more information, see the tutorial for Getting started with Terraform on IBM Cloud®. The plug-in abstracts the IBM Cloud APIs that are used to complete this task.
  • Create a Terraform configuration file that is named main.tf. In this file, you add the configuration to create an authorization between services by using HashiCorp Configuration Language. For more information, see the Terraform documentation.

  1. Create a Transit Gateway instance by using the ibm_resource_instance resource argument in your main.tf file. The Transit Gateway resource in the following example is named transit-gateway-1, located in us-south, and is created with instance ID of ibm_tg_gateway.new_tg_gw.id.

    For more information about arguments and attributes, see the ibm_tg_gateway usage example.

    resource "ibm_tg_gateway" "new_tg_gw" {
    name="transit-gateway-1"
    location="us-south"
    global=true
    resource_group="30951d2dff914dafb26455a88c0c0092"
}

resource "ibm_iam_user_policy" "policy" {
    ibm_id = "user@ibm.com"
    roles  = ["Administrator"]
    resources {
      service              = "transit"
      resource_instance_id = "ibm_tg_gateway.new_tg_gw.id"
    }
}

  2. After you finish building your configuration file, initialize the Terraform CLI. For more information, see Initializing Working Directories.

    terraform init

  3. Provision the resources from the main.tf file. For more information, see Provisioning Infrastructure with Terraform.

    1. Run terraform plan to generate a Terraform execution plan to preview the proposed actions.

      terraform plan

    2. Run terraform apply to create the resources that are defined in the plan.

      terraform apply

  4. From the IBM Cloud resource list, select the Key Protect instance that you created and note the instance ID.

  5. Verify that the access policy is successfully assigned. For more information, see Reviewing assigned access in the console.

What's next?

Now that you successfully created your first Transit Gateway service instance with Terraform on IBM Cloud, you can visit the Transit Gateway Terraform registry to perform additional tasks using Terraform.