-green?style=plastic){kind=icon}
This module provisions an IBM Cloud® Data Engine instance.
provider "ibm" { ibmcloud_api_key = "XXXXXXXXXX" region = "us-south" } module "data_engine" { # Replace "main" with a GIT release version to lock into a specific release source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-data-engine.git?ref=main" resource_group_id = "xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX" region = "us-south" }You need the following permissions to run this module.
- Account Management
- All Identity and Access Enabled service
Viewerplatform access
- All Resource Groups service
Viewerplatform access
- All Identity and Access Enabled service
- IAM Services
- Data Engine service
Editorplatform accessManagerservice access
- Data Engine service
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| ibm | >= 1.49.0 |
No modules.
| Name | Type |
|---|---|
| ibm_iam_authorization_policy.kms_policy | resource |
| ibm_resource_instance.data_engine_instance | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| existing_kms_instance_guid | The GUID the Key Protect instance in which the key specified in var.kms_key_crn is coming from. Required only if var.kms_encryption_enabled is set to true, var.skip_iam_authorization_policy is set to false. NOTE: Hyper Protect Crypto Services is not currently supported by Data Engine. | string | null | no |
| instance_name | The name to give the Data Engine instance. | string | n/a | yes |
| kms_encryption_enabled | Set this to true to control the encryption keys used to encrypt the data that you store in Data Engine. If set to false, the data is encrypted by using randomly generated keys. For more info on Key Protect integration, see https://cloud.ibm.com/docs/sql-query?topic=sql-query-securing-data. | bool | false | no |
| kms_key_crn | The root key CRN of a Key Protect key that you want to use for disk encryption. Only used if var.kms_encryption_enabled is set to true. NOTE: Hyper Protect Crypto Services is not currently supported by Data Engine. | string | null | no |
| kms_region | The region where KMS instance exists if using KMS encryption. | string | "us-south" | no |
| plan | The plan for the Data Engine instance. Supported plans: standard or lite. | string | "lite" | no |
| region | The region where you want to deploy your instance. | string | "us-south" | no |
| resource_group_id | The resource group ID where the Data Engine instance will be created. | string | n/a | yes |
| service_endpoints | Specify whether you want to enable the public, private, or both service endpoints. Supported values are 'public', 'private', or 'public-and-private'. | string | "private" | no |
| skip_iam_authorization_policy | Set to true to skip the creation of an IAM authorization policy that permits all Data Engine instances in the resource group to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the existing_kms_instance_guid variable. In addition, no policy is created if var.kms_encryption_enabled is set to false. | bool | false | no |
| tags | (Optional, Array of Strings) A list of tags that you want to add to your instance. | list(any) | [] | no |
| Name | Description |
|---|---|
| crn | data engine crn |
| guid | data engine guid |
| id | data engine id |
You can report issues and request features for this module in GitHub issues in the module repo. See Report an issue or request a feature.
To set up your local development environment, see Local development setup in the project documentation.