June 12, 2020 By Steve Strutt 2 min read

Secure SSH access to IBM Cloud VPC Gen2 environments for application provisioning with Red Hat Ansible and IBM Cloud Schematics.

With IBM Cloud VPC, it is quick and simple to deploy new applications—a characteristic that becomes even more powerful when coupled with Terraform and Red Hat Ansible to automate the end-to-end deployment of both VPC infrastructure and applications. Applying Infrastructure as Code (IaC) principles, Terraform and Ansible enable open-source-based apps to be deployed repeatably and reliably into VPC Gen2 environments in minutes. 

Terraform modules for IBM Cloud Gen2 VPC

To get users started with Terraform, Red Hat Ansible, and VPC, IBM Cloud Schematics has released Terraform modules for IBM Cloud Gen2 VPC. These modules and an example Terraform template implement a best practice configuration for secure application provisioning with Ansible in VPC environments.

The example delivers an out-of-the-box implementation of SSH access via a bastion host. At the same time, it keeps strong control over network security configuration using VPC Security Groups and network Access Control Lists (ACLs). The configuration also gives Ansible users access to the wide choice of open source software available from public repositories. 

These Terraform 0.12 modules for application provisioning in IBM Cloud VPC environments support the following features:

  • Automation of network ACL and Security Group setup
  • Best practice application of ACLs and Security groups to secure SSH public network access
  • Bastion host deployment and config
  • Multi-tier application support  
  • Network config for multi-zone high availability

More details

For more information on Infrastructure as Code practices and IBM Cloud Schematics, read “IBM Cloud Schematics: Enabling Infrastructure as Code.” The modules and Terraform example can be found in the Cloud Schematics GitHub repo.

For an in-depth review of the VPC security configuration, read the IBM Developer article, “Discover best-practice VPC configuration for application deployment.”

If you have questions, engage our team via Slack by registering here and join the discussion in the #general channel on our public IBM Cloud Schematics Slack channel.

Was this article helpful?

More from Cloud

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

A clear path to value: Overcome challenges on your FinOps journey 

3 min read - In recent years, cloud adoption services have accelerated, with companies increasingly moving from traditional on-premises hosting to public cloud solutions. However, the rise of hybrid and multi-cloud patterns has led to challenges in optimizing value and controlling cloud expenditure, resulting in a shift from capital to operational expenses.   According to a Gartner report, cloud operational expenses are expected to surpass traditional IT spending, reflecting the ongoing transformation in expenditure patterns by 2025. FinOps is an evolving cloud financial management discipline…

IBM Power8 end of service: What are my options?

3 min read - IBM Power8® generation of IBM Power Systems was introduced ten years ago and it is now time to retire that generation. The end-of-service (EoS) support for the entire IBM Power8 server line is scheduled for this year, commencing in March 2024 and concluding in October 2024. EoS dates vary by model: 31 March 2024: maintenance expires for Power Systems S812LC, S822, S822L, 822LC, 824 and 824L. 31 May 2024: maintenance expires for Power Systems S812L, S814 and 822LC. 31 October…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters