Initial commit

.gitignore

@@ -0,0 +1,18 @@
+# Terraform
+.terraform/
+.terraform.lock.hcl
+*.tfstate
+*.tfstate.*
+crash.log
+crash.*.log
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Local variable files
+*.tfvars
+*.tfvars.json
+
+# Provider credentials
+rsc.json

aws-cces/README.md

@@ -0,0 +1,43 @@
+## Rubrik AWS Cloud Cluster Example
+
+This Terraform config creates a Rubrik AWS cloud cluster using the Rubrik provider.
+
+### Files
+
+- [main.tf](main.tf): Terraform configuration and resource definition.
+- [terraform.tfvars](terraform.tfvars): Local variable values for the deployment.
+- `pso.json`: Rubrik provider credentials file referenced by the provider block.
+
+### Prerequisites
+
+- Terraform installed.
+- A valid `pso.json` file in the project root.
+- An AWS account already onboarded in Rubrik Security Cloud.
+
+### Configure
+
+Set the values in `terraform.tfvars`:
+
+- `account_name`
+- `region`
+- `cluster_name`
+- `admin_email`
+- `admin_password`
+- `bucket_name`
+- `instance_profile_name`
+- `vpc_id`
+- `subnet_id`
+- `security_group_ids`
+
+### Run
+
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+### Notes
+
+- Keep `terraform.tfvars` and `pso.json` out of version control.
+- The cluster uses fixed values for DNS, NTP, instance type, and CDM version in `main.tf`.

aws-cces/main.tf

@@ -0,0 +1,58 @@
+terraform {
+  required_providers {
+    rubrik = {
+      source  = "rubrikinc/rubrik"
+      version = ">= 1.0.0"
+    }
+  }
+}
+
+provider "rubrik" {
+  credentials = "rsc.json"
+}
+
+variable "account_name"     { type = string }
+variable "region"           { type = string }
+variable "cluster_name"     { type = string }
+variable "admin_email"      { type = string }
+variable "admin_password"   { type = string }
+
+variable "bucket_name"            { type = string }
+variable "instance_profile_name"  { type = string }
+variable "vpc_id"                 { type = string }
+variable "subnet_id"              { type = string }
+variable "security_group_ids"     { type = list(string) }
+
+# Look up the AWS account by name to get the RSC UUID
+data "rubrik_aws_account" "account" {
+  name = var.account_name
+}
+
+resource "rubrik_aws_cloud_cluster" "newcluster" {
+  cloud_account_id     = data.rubrik_aws_account.account.id
+  region               = var.region
+  use_placement_groups = true
+
+  cluster_config {
+    cluster_name            = var.cluster_name
+    admin_email             = var.admin_email
+    admin_password          = var.admin_password
+    dns_name_servers        = ["8.8.8.8"]
+    dns_search_domains      = ["example.com"]
+    ntp_servers             = ["pool.ntp.org"]
+    num_nodes               = 3
+    bucket_name             = var.bucket_name
+    enable_immutability     = true
+    keep_cluster_on_failure = false
+  }
+
+  vm_config {
+    cdm_version           = "9.4.3-p2-31324"
+    instance_type         = "M6I_2XLARGE"
+    instance_profile_name = var.instance_profile_name
+    vpc_id                = var.vpc_id
+    subnet_id             = var.subnet_id
+    security_group_ids    = var.security_group_ids
+    vm_type               = "EXTRA_DENSE"
+  }
+}

aws-cces/terraform.tfvars.example

@@ -0,0 +1,11 @@
+account_name          = "AWS-Dev-2" # already onboarded account in RSC
+region                = "eu-west-2"
+cluster_name          = "TestClusterAWS"
+admin_email           = "james.pattinson@rubrik.com"
+admin_password        = "Welcome123"
+
+bucket_name           = "wibble-test-bucket"
+instance_profile_name = "rubrik-cces-dev2"
+vpc_id                = "vpc-0f7532f9c7ad807f6"
+subnet_id             = "subnet-0512b7e1aa00f0131"
+security_group_ids    = ["sg-0a46794fb4641aa39"]