From 37d609b94834862476af0153a8a3697b3df065ec Mon Sep 17 00:00:00 2001 From: hunter86bg Date: Mon, 11 Apr 2022 17:50:46 +0300 Subject: [PATCH 1/3] Add example for Security Groups --- website/docs/r/compute_instance.html.markdown | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/website/docs/r/compute_instance.html.markdown b/website/docs/r/compute_instance.html.markdown index e831edd1f..4f84bf404 100644 --- a/website/docs/r/compute_instance.html.markdown +++ b/website/docs/r/compute_instance.html.markdown @@ -32,6 +32,8 @@ resource "yandex_compute_instance" "default" { network_interface { subnet_id = "${yandex_vpc_subnet.foo.id}" + nat = true + security_group_ids = [ yandex_vpc_security_group.security_group1.id ] } metadata = { @@ -46,6 +48,49 @@ resource "yandex_vpc_subnet" "foo" { zone = "ru-central1-a" network_id = "${yandex_vpc_network.foo.id}" } + +resource "yandex_iam_service_account" "savpcsg" { + name = "savpcsg" +} + +resource "yandex_resourcemanager_folder_iam_binding" "editor" { + folder_id = var.yc_folder_id + role = "editor" + members = [ + "serviceAccount:${yandex_iam_service_account.savpcsg.id}" + ] + depends_on = [ + yandex_iam_service_account.savpcsg, + ] +} + +resource "yandex_vpc_security_group" "security_group1" { + name = "Security Group 1" + description = "Our Security Group" + network_id = yandex_vpc_network.foo.id + depends_on = [ + yandex_iam_service_account.savpcsg, + yandex_resourcemanager_folder_iam_binding.editor, + yandex_vpc_network.foo, + yandex_vpc_subnet.foo, + ] + + ingress { + protocol = "TCP" + description = "SSH" + port = 22 + v4_cidr_blocks = ["0.0.0.0/0"] + } + + egress { + + protocol = "ANY" + description = "Outbound unrestricted" + v4_cidr_blocks = ["0.0.0.0/0"] + port = -1 + } + +} ``` ## Argument Reference From 8f8f9ee1d5cd723fac332f8c2e4c8ebb7a80c286 Mon Sep 17 00:00:00 2001 From: hunter86bg Date: Mon, 11 Apr 2022 18:01:17 +0300 Subject: [PATCH 2/3] Example for cloudinit --- website/docs/r/compute_instance.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/compute_instance.html.markdown b/website/docs/r/compute_instance.html.markdown index 4f84bf404..e5e4bccbe 100644 --- a/website/docs/r/compute_instance.html.markdown +++ b/website/docs/r/compute_instance.html.markdown @@ -39,6 +39,7 @@ resource "yandex_compute_instance" "default" { metadata = { foo = "bar" ssh-keys = "ubuntu:${file("~/.ssh/id_rsa.pub")}" + user-data = "${file("/home/user/cloudinit/meta.txt")}" } } From 485096f98e8b84566e08c5d205bb72d0179cd32d Mon Sep 17 00:00:00 2001 From: hunter86bg Date: Mon, 11 Apr 2022 18:12:06 +0300 Subject: [PATCH 3/3] Add cloudinit example --- website/docs/r/compute_instance.html.markdown | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/website/docs/r/compute_instance.html.markdown b/website/docs/r/compute_instance.html.markdown index e5e4bccbe..657909589 100644 --- a/website/docs/r/compute_instance.html.markdown +++ b/website/docs/r/compute_instance.html.markdown @@ -93,6 +93,31 @@ resource "yandex_vpc_security_group" "security_group1" { } ``` +``` +#Sample cloudinit/meta.txt +users: + - name: user1 + groups: sudo + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + homedir: /opt/user1 + ssh-authorized-keys: + - ssh-rsa .... + +packages: + - tmux + - rsync + +package_upgrade: true +package_reboot_if_required: true +timezone: 'Asia/Tokyo' + +runcmd: + - echo PermitRootLogin No >> /etc/ssh/sshd_config && sshd -t && systemctl restart sshd + - echo -e "net.core.rmem_max=4194304\nnet.core.wmem_max=1048576" > /etc/sysctl.d/mynetwork.conf + - sysctl -p /etc/sysctl.d/mynetwork.conf + - chown -R user1:user1 /opt/user1 +``` ## Argument Reference