|
22 | 22 | ], |
23 | 23 | "short_description": "Creates client-to-site VPN connectivity to VPC", |
24 | 24 | "long_description": "Some VPC patterns are configured with private networks not available over the internet. To access these networks, there are several connectivity options. This deployable architecture pattern configures the client-to-site VPN Server connectivity with only a few required inputs to configure it within an existing VPC. Once deployed, you can install an OpenVPN client application and import a profile from the VPN Server on the devices you want to access the VPN. The configuration can include a list of users that will be provided access to the private network, controlled by IBM Cloud IAM.", |
25 | | - "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-client-to-site-vpn/blob/main/solutions/standard/README.md", |
| 25 | + "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-client-to-site-vpn/blob/main/solutions/fully-configurable/README.md", |
26 | 26 | "offering_icon_url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-client-to-site-vpn/main/images/c2s_vpn.svg", |
27 | 27 | "provider_name": "IBM", |
28 | 28 | "features": [ |
|
49 | 49 | ], |
50 | 50 | "flavors": [ |
51 | 51 | { |
52 | | - "label": "Quickstart", |
53 | | - "name": "quickstart", |
| 52 | + "label": "Fully configurable", |
| 53 | + "name": "fully-configurable", |
54 | 54 | "install_type": "fullstack", |
55 | | - "working_directory": "solutions/quickstart", |
| 55 | + "working_directory": "solutions/fully-configurable", |
56 | 56 | "dependency_version_2": true, |
57 | 57 | "dependencies": [ |
58 | 58 | { |
|
81 | 81 | "name": "deploy-arch-ibm-slz-vsi", |
82 | 82 | "version": ">=1.0.0", |
83 | 83 | "optional": true |
84 | | - } |
85 | | - ], |
86 | | - "configuration": [ |
87 | | - { |
88 | | - "key": "ibmcloud_api_key" |
89 | | - }, |
90 | | - { |
91 | | - "key": "provider_visibility", |
92 | | - "options": [ |
93 | | - { |
94 | | - "displayname": "private", |
95 | | - "value": "private" |
96 | | - }, |
97 | | - { |
98 | | - "displayname": "public", |
99 | | - "value": "public" |
100 | | - }, |
101 | | - { |
102 | | - "displayname": "public-and-private", |
103 | | - "value": "public-and-private" |
104 | | - } |
105 | | - ] |
106 | | - }, |
107 | | - { |
108 | | - "key": "prefix", |
109 | | - "required": true |
110 | | - }, |
111 | | - { |
112 | | - "key": "use_existing_resource_group" |
113 | | - }, |
114 | | - { |
115 | | - "key": "resource_group_name" |
116 | | - }, |
117 | | - { |
118 | | - "key": "vpn_name" |
119 | | - }, |
120 | | - { |
121 | | - "key": "existing_secrets_manager_instance_crn" |
122 | | - }, |
123 | | - { |
124 | | - "key": "cert_common_name" |
125 | | - }, |
126 | | - { |
127 | | - "key": "certificate_template_name" |
128 | | - }, |
129 | | - { |
130 | | - "key": "vpn_client_access_group_users" |
131 | | - }, |
132 | | - { |
133 | | - "key": "existing_vpc_crn" |
134 | | - }, |
135 | | - { |
136 | | - "key": "vpn_client_access_acl_ids" |
137 | | - } |
138 | | - ], |
139 | | - "iam_permissions": [ |
140 | | - { |
141 | | - "role_crns": [ |
142 | | - "crn:v1:bluemix:public:iam::::role:Administrator" |
143 | | - ], |
144 | | - "service_name": "iam-identity" |
145 | | - }, |
146 | | - { |
147 | | - "role_crns": [ |
148 | | - "crn:v1:bluemix:public:iam::::role:Administrator" |
149 | | - ], |
150 | | - "service_name": "is.vpc" |
151 | | - } |
152 | | - ], |
153 | | - "architecture": { |
154 | | - "descriptions": "", |
155 | | - "features": [ |
156 | | - { |
157 | | - "title": "Supports OpenVPN Clients", |
158 | | - "description": "Yes" |
159 | | - }, |
160 | | - { |
161 | | - "title": "Separate IAM access list for VPN users", |
162 | | - "description": "Yes" |
163 | | - }, |
164 | | - { |
165 | | - "title": "Separate VPC subnet for VPN Server", |
166 | | - "description": "Yes" |
167 | | - }, |
168 | | - { |
169 | | - "title": "ACL rule that grants all access from any source", |
170 | | - "description": "Yes" |
171 | | - }, |
172 | | - { |
173 | | - "title": "Security group that allows all incoming request from any source", |
174 | | - "description": "Yes" |
175 | | - }, |
176 | | - { |
177 | | - "title": "IBM-managed VPN Server", |
178 | | - "description": "Yes" |
179 | | - }, |
180 | | - { |
181 | | - "title": "Access to private network via VPN clients", |
182 | | - "description": "Yes" |
183 | | - } |
184 | | - ], |
185 | | - "diagrams": [ |
186 | | - { |
187 | | - "diagram": { |
188 | | - "caption": "Client-to-site VPN configuration for accessing a VPC", |
189 | | - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-client-to-site-vpn/main/reference-architectures/reference-architectures/cts-quickstart-da.svg", |
190 | | - "type": "image/svg+xml" |
191 | | - }, |
192 | | - "description": "Client-to-site VPN configuration for accessing a VPC." |
193 | | - } |
194 | | - ] |
195 | | - } |
196 | | - }, |
197 | | - { |
198 | | - "label": "Standard", |
199 | | - "name": "standard", |
200 | | - "install_type": "fullstack", |
201 | | - "working_directory": "solutions/standard", |
202 | | - "dependency_version_2": true, |
203 | | - "dependencies": [ |
204 | | - { |
205 | | - "flavors": [ |
206 | | - "standard" |
207 | | - ], |
208 | | - "id": "95fccffc-ae3b-42df-b6d9-80be5914d852-global", |
209 | | - "name": "deploy-arch-ibm-slz-ocp", |
210 | | - "version": ">=1.0.0", |
211 | | - "optional": true |
212 | | - }, |
213 | | - { |
214 | | - "flavors": [ |
215 | | - "standard" |
216 | | - ], |
217 | | - "id": "9fc0fa64-27af-4fed-9dce-47b3640ba739-global", |
218 | | - "name": "deploy-arch-ibm-slz-vpc", |
219 | | - "version": ">=1.0.0", |
220 | | - "optional": true |
221 | 84 | }, |
222 | 85 | { |
223 | 86 | "flavors": [ |
224 | | - "standard" |
225 | | - ], |
226 | | - "id": "ef663980-4c71-4fac-af4f-4a510a9bcf68-global", |
227 | | - "name": "deploy-arch-ibm-slz-vsi", |
228 | | - "version": ">=1.0.0", |
229 | | - "optional": true |
230 | | - }, |
231 | | - { |
232 | | - "flavors": [ |
233 | | - "standard" |
| 87 | + "fully-configurable" |
234 | 88 | ], |
235 | 89 | "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3", |
236 | 90 | "id": "6d6ebc76-7bbd-42f5-8bc7-78f4fabd5944-global", |
|
244 | 98 | "key": "ibmcloud_api_key" |
245 | 99 | }, |
246 | 100 | { |
247 | | - "key": "provider_visibility", |
248 | | - "options": [ |
249 | | - { |
250 | | - "displayname": "private", |
251 | | - "value": "private" |
252 | | - }, |
253 | | - { |
254 | | - "displayname": "public", |
255 | | - "value": "public" |
256 | | - }, |
257 | | - { |
258 | | - "displayname": "public-and-private", |
259 | | - "value": "public-and-private" |
260 | | - } |
261 | | - ] |
| 101 | + "key": "prefix", |
| 102 | + "required": true |
262 | 103 | }, |
263 | 104 | { |
264 | | - "key": "prefix", |
| 105 | + "key": "vpn_name", |
265 | 106 | "required": true |
266 | 107 | }, |
267 | 108 | { |
268 | | - "key": "use_existing_resource_group" |
| 109 | + "key": "existing_resource_group_name", |
| 110 | + "required": true, |
| 111 | + "custom_config": { |
| 112 | + "type": "resource_group", |
| 113 | + "grouping": "deployment", |
| 114 | + "original_grouping": "deployment", |
| 115 | + "config_constraints": { |
| 116 | + "identifier": "rg_name" |
| 117 | + } |
| 118 | + } |
269 | 119 | }, |
270 | 120 | { |
271 | | - "key": "resource_group_name" |
| 121 | + "key": "existing_secrets_manager_instance_crn" |
272 | 122 | }, |
273 | 123 | { |
274 | | - "key": "vpn_name" |
| 124 | + "key": "existing_secrets_manager_cert_crn" |
275 | 125 | }, |
276 | 126 | { |
277 | | - "key": "existing_secrets_manager_instance_crn" |
| 127 | + "key": "private_cert_engine_config_root_ca_common_name" |
278 | 128 | }, |
279 | 129 | { |
280 | | - "key": "existing_secrets_manager_cert_crn" |
| 130 | + "key": "private_cert_engine_config_template_name" |
281 | 131 | }, |
282 | 132 | { |
283 | | - "key": "cert_common_name" |
| 133 | + "key": "vpn_client_access_acl_ids", |
| 134 | + "custom_config": { |
| 135 | + "type": "array", |
| 136 | + "grouping": "deployment", |
| 137 | + "original_grouping": "deployment", |
| 138 | + "config_constraints": { |
| 139 | + "type": "string" |
| 140 | + } |
| 141 | + } |
284 | 142 | }, |
285 | 143 | { |
286 | | - "key": "certificate_template_name" |
| 144 | + "key": "existing_subnet_ids", |
| 145 | + "custom_config": { |
| 146 | + "type": "array", |
| 147 | + "grouping": "deployment", |
| 148 | + "original_grouping": "deployment", |
| 149 | + "config_constraints": { |
| 150 | + "type": "string" |
| 151 | + } |
| 152 | + } |
287 | 153 | }, |
288 | 154 | { |
289 | 155 | "key": "remote_cidr" |
|
295 | 161 | "key": "vpn_subnet_cidr_zone_2" |
296 | 162 | }, |
297 | 163 | { |
298 | | - "key": "vpn_client_access_group_users" |
| 164 | + "key": "vpn_client_access_group_users", |
| 165 | + "custom_config": { |
| 166 | + "type": "array", |
| 167 | + "grouping": "deployment", |
| 168 | + "original_grouping": "deployment", |
| 169 | + "config_constraints": { |
| 170 | + "type": "string" |
| 171 | + } |
| 172 | + } |
299 | 173 | }, |
300 | 174 | { |
301 | 175 | "key": "access_group_name" |
|
304 | 178 | "key": "create_policy" |
305 | 179 | }, |
306 | 180 | { |
307 | | - "key": "vpn_server_routes" |
| 181 | + "key": "vpn_server_routes", |
| 182 | + "custom_config": { |
| 183 | + "type": "array", |
| 184 | + "grouping": "deployment", |
| 185 | + "original_grouping": "deployment", |
| 186 | + "config_constraints": { |
| 187 | + "type": "string" |
| 188 | + } |
| 189 | + } |
| 190 | + }, |
| 191 | + { |
| 192 | + "key": "vpn_route_action" |
308 | 193 | }, |
309 | 194 | { |
310 | 195 | "key": "existing_vpc_crn" |
|
319 | 204 | "key": "client_ip_pool" |
320 | 205 | }, |
321 | 206 | { |
322 | | - "key": "vpn_client_access_acl_ids" |
| 207 | + "key": "client_dns_server_ips", |
| 208 | + "custom_config": { |
| 209 | + "type": "array", |
| 210 | + "grouping": "deployment", |
| 211 | + "original_grouping": "deployment", |
| 212 | + "config_constraints": { |
| 213 | + "type": "string" |
| 214 | + } |
| 215 | + } |
| 216 | + }, |
| 217 | + { |
| 218 | + "key": "client_idle_timeout" |
| 219 | + }, |
| 220 | + { |
| 221 | + "key": "enable_split_tunneling" |
323 | 222 | }, |
324 | 223 | { |
325 | 224 | "key": "add_security_group" |
|
328 | 227 | "key": "existing_secrets_manager_secret_group_id" |
329 | 228 | }, |
330 | 229 | { |
331 | | - "key": "existing_security_group_ids" |
| 230 | + "key": "existing_security_group_ids", |
| 231 | + "custom_config": { |
| 232 | + "type": "array", |
| 233 | + "grouping": "deployment", |
| 234 | + "original_grouping": "deployment", |
| 235 | + "config_constraints": { |
| 236 | + "type": "string" |
| 237 | + } |
| 238 | + } |
332 | 239 | }, |
333 | 240 | { |
334 | | - "key": "existing_subnet_ids" |
| 241 | + "key": "provider_visibility", |
| 242 | + "options": [ |
| 243 | + { |
| 244 | + "displayname": "private", |
| 245 | + "value": "private" |
| 246 | + }, |
| 247 | + { |
| 248 | + "displayname": "public", |
| 249 | + "value": "public" |
| 250 | + }, |
| 251 | + { |
| 252 | + "displayname": "public-and-private", |
| 253 | + "value": "public-and-private" |
| 254 | + } |
| 255 | + ], |
| 256 | + "hidden": true |
335 | 257 | } |
336 | 258 | ], |
337 | 259 | "iam_permissions": [ |
|
384 | 306 | { |
385 | 307 | "diagram": { |
386 | 308 | "caption": "Client-to-site VPN configuration.", |
387 | | - "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-client-to-site-vpn/main/reference-architectures/reference-architectures/cts-standard-da.svg", |
| 309 | + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-client-to-site-vpn/main/reference-architectures/reference-architectures/cts-fully-configurable-da.svg", |
388 | 310 | "type": "image/svg+xml" |
389 | 311 | }, |
390 | 312 | "description": "Client-to-site VPN configuration." |
|
0 commit comments