commit 73b5a564592c40d4d7342f90a2f5fa2412de57f5 Author: SupraJames Date: Tue Jun 9 17:23:47 2026 +0100 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b86ad2f --- /dev/null +++ b/.gitignore @@ -0,0 +1,18 @@ +# Terraform +.terraform/ +.terraform.lock.hcl +*.tfstate +*.tfstate.* +crash.log +crash.*.log +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Local variable files +*.tfvars +*.tfvars.json + +# Provider credentials +rsc.json diff --git a/aws-cces/README.md b/aws-cces/README.md new file mode 100644 index 0000000..e153eb2 --- /dev/null +++ b/aws-cces/README.md @@ -0,0 +1,43 @@ +## Rubrik AWS Cloud Cluster Example + +This Terraform config creates a Rubrik AWS cloud cluster using the Rubrik provider. + +### Files + +- [main.tf](main.tf): Terraform configuration and resource definition. +- [terraform.tfvars](terraform.tfvars): Local variable values for the deployment. +- `pso.json`: Rubrik provider credentials file referenced by the provider block. + +### Prerequisites + +- Terraform installed. +- A valid `pso.json` file in the project root. +- An AWS account already onboarded in Rubrik Security Cloud. + +### Configure + +Set the values in `terraform.tfvars`: + +- `account_name` +- `region` +- `cluster_name` +- `admin_email` +- `admin_password` +- `bucket_name` +- `instance_profile_name` +- `vpc_id` +- `subnet_id` +- `security_group_ids` + +### Run + +```bash +terraform init +terraform plan +terraform apply +``` + +### Notes + +- Keep `terraform.tfvars` and `pso.json` out of version control. +- The cluster uses fixed values for DNS, NTP, instance type, and CDM version in `main.tf`. diff --git a/aws-cces/main.tf b/aws-cces/main.tf new file mode 100644 index 0000000..f252163 --- /dev/null +++ b/aws-cces/main.tf @@ -0,0 +1,58 @@ +terraform { + required_providers { + rubrik = { + source = "rubrikinc/rubrik" + version = ">= 1.0.0" + } + } +} + +provider "rubrik" { + credentials = "rsc.json" +} + +variable "account_name" { type = string } +variable "region" { type = string } +variable "cluster_name" { type = string } +variable "admin_email" { type = string } +variable "admin_password" { type = string } + +variable "bucket_name" { type = string } +variable "instance_profile_name" { type = string } +variable "vpc_id" { type = string } +variable "subnet_id" { type = string } +variable "security_group_ids" { type = list(string) } + +# Look up the AWS account by name to get the RSC UUID +data "rubrik_aws_account" "account" { + name = var.account_name +} + +resource "rubrik_aws_cloud_cluster" "newcluster" { + cloud_account_id = data.rubrik_aws_account.account.id + region = var.region + use_placement_groups = true + + cluster_config { + cluster_name = var.cluster_name + admin_email = var.admin_email + admin_password = var.admin_password + dns_name_servers = ["8.8.8.8"] + dns_search_domains = ["example.com"] + ntp_servers = ["pool.ntp.org"] + num_nodes = 3 + bucket_name = var.bucket_name + enable_immutability = true + keep_cluster_on_failure = false + } + + vm_config { + cdm_version = "9.4.3-p2-31324" + instance_type = "M6I_2XLARGE" + instance_profile_name = var.instance_profile_name + vpc_id = var.vpc_id + subnet_id = var.subnet_id + security_group_ids = var.security_group_ids + vm_type = "EXTRA_DENSE" + } +} \ No newline at end of file diff --git a/aws-cces/terraform.tfvars.example b/aws-cces/terraform.tfvars.example new file mode 100644 index 0000000..6fb7cb7 --- /dev/null +++ b/aws-cces/terraform.tfvars.example @@ -0,0 +1,11 @@ +account_name = "AWS-Dev-2" # already onboarded account in RSC +region = "eu-west-2" +cluster_name = "TestClusterAWS" +admin_email = "james.pattinson@rubrik.com" +admin_password = "Welcome123" + +bucket_name = "wibble-test-bucket" +instance_profile_name = "rubrik-cces-dev2" +vpc_id = "vpc-0f7532f9c7ad807f6" +subnet_id = "subnet-0512b7e1aa00f0131" +security_group_ids = ["sg-0a46794fb4641aa39"] \ No newline at end of file