The DBaaS MariaDB Cluster data source can be used to search for and return an existing DBaaS MariaDB Cluster.
Example Usage
By ID
By Name
Argument Reference
display_name - (Optional)[string] Display Name of an existing cluster that you want to search for.
id - (Optional)[string] ID of the cluster you want to search for.
location- (Optional)[string] The location of the cluster. Different service endpoints are used based on location, possible options are: "de/fra", "de/txl", "es/vit", "fr/par", "gb/lhr", "us/ewr", "us/las", "us/mci". If not set, the endpoint will be the one corresponding to "de/txl".
⚠ WARNING:Location attribute will become required in the future.
Either display_name or id must be provided. If none or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
mariadb_version - [string] The MariaDB version of your cluster.
instances - [int] The total number of instances in the cluster (one primary and n-1 secondary).
cores - [int] The number of CPU cores per instance.
ionoscloud_kafka_users
Gets information about Kafka users.
The Kafka users data source can be used to retrieve information about users.
Example Usage
Argument reference
cluster_id - (Required)[string] the ID of the Kafka cluster;
location - (Optional)[string] the location of the Kafka cluster, can be one of: de/fra, de/fra/2, de/txl, fr/par, es/vit
Attributes Reference
The following attributes are returned by the data source:
users - the list of users, for each user inside the list, the following information is retrieved:
id - the ID of the user;
username
ionoscloud_pg_backups
Get information on DbaaS PgSql Backups
The DbaaS Postgres Backups data source can be used to search for and return existing DbaaS Postgres Backups for a specific Cluster. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_gpu
Get information on a Ionos Cloud GPU
The GPU data source can be used to search for and return an existing GPU by either its ID or name. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_inmemorydb_snapshot
Gets information about an existing InMemoryDB Snapshot.
The ionoscloud_inmemorydb_snapshot data source can be used to retrieve information about an existing InMemoryDB Snapshot.
Example Usage
ionoscloud_s3_bucket
Get information about IonosCloud IONOS Object Storage Buckets.
The Bucket data source can be used to search for and return existing buckets. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
⚠️ Note: The Terraform provider only supports contract-owned buckets. User-owned buckets are not supported, and there are no plans to introduce support for them. As a result, user-owned buckets cannot be created, updated, deleted, read, or imported using this provider.
Example Usage
ionoscloud_pg_database
Get information on DBaaS PgSql Database.
The PgSql Database data source can be used to search for and return an existing PgSql database.
Example Usage
ionoscloud_k8s_node_pool_nodes
Get information on the list of IonosCloud K8s Nodes that make a nodepool
The k8s Node Pool Nodes data source can be used to search for and return a list of existing k8s Node Pool nodes.
cluster_id - (Required) The unique ID of the cluster.
cluster_id must be provided. If it is not provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
cluster_id - Id of the cluster.
cluster_backups - List of backups.
id - The unique ID of the resource.
cluster_id - The unique ID of the cluster
size - The size of all base backups including the wal size in MB.
location - The IONOS Object Storage location where the backups will be stored.
version - The PostgreSQL version this backup was created from.
is_active - Whether a cluster currently backs up data to this backup.
earliest_recovery_target_time - The oldest available timestamp to which you can restore.
type
metadata - Metadata of the resource.
created_date - The ISO 8601 creation timestamp.
created_by
NOTE: If the earliestRecoveryTargetTime is missing in your backup, the cluster from where you want to restore wasn't able to do a base backup. This can happen, when you e.g. quickly delete a newly created cluster, since the base backup will be triggered up to a minute after the cluster is available.
ionoscloud_dns_zone
Get information on a DNS Zone.
The DNS Zone can be used to search for and return an existing DNS Zone. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
⚠️ Only tokens are accepted for authorization in the ionoscloud_dns_zone data source. Please ensure you are using tokens as other methods will not be valid.
Example Usage
By ID
By name
By name with partial match
Argument reference
id - (Optional)[string] The ID of the DNS Zone you want to search for.
name - (Optional)[string] The name of the DNS Zone you want to search for.
partial_match
Either id or name must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The UUID of the DNS Zone.
name - The name of the DNS Zone.
description
ionoscloud_natgateway
Get information on a Nat Gateway
The NAT gateway data source can be used to search for and return existing NAT Gateways. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing network load balancer forwarding rule that you want to search for.
id
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of that natgateway
name - Name of that natgateway
public_ips
ionoscloud_object_storage_accesskey
Get information on a IonosCloud Object storage Accesskey
The Object Storage Accesskey data source can be used to search for and return an existing Object Storage Accesskeys.
Example Usage
By ID
Argument Reference
id - (Optional) Id of an existing object storage accesskey that you want to search for.
accesskey - (Optional) Access key metadata is a string of 92 characters.
description - (Optional) Description of the Access key.
Attributes Reference
The following attributes are returned by the datasource:
id - The ID (UUID) of the AccessKey.
description - Description of the Access key.
accesskey - Access key metadata is a string of 92 characters.
⚠ WARNING:IONOS_API_URL_OBJECT_STORAGE_MANAGEMENT can be used to set a custom API URL for the Object Storage Management SDK. Setting endpoint or IONOS_API_URL does not have any effect
ionoscloud_kafka_cluster_topic
Reads IonosCloud Kafka Cluster objects.
The Kafka topic data source can be used to search for and return an existing Kafka Cluster Topic. You can provide a string for the name parameter which will be compared with provisioned Kafka Cluster Topics. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Needs to have the resource be previously created, or a depends_on clause to ensure that the resource is created before this data source is called.
Argument Reference
id - (Optional) ID of an existing Kafka Cluster Topic that you want to search for.
name - (Optional) Name of an existing Kafka Cluster Topic that you want to search for.
cluster_id - (Required) ID of the Kafka Cluster that the topic belongs to.
Attributes Reference
The following attributes are returned by the datasource:
id - UUID of the Kafka Cluster Topic.
name - The name of the Kafka Cluster Topic.
cluster_id - The id of the Kafka Cluster that the topic belongs to.
ionoscloud_mongo_user
Creates and manages DbaaS MongoDB users.
The DbaaS Mongo User data source can be used to search for and return an existing DbaaS MongoDB User. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By username
Argument reference
cluster_id - (Required)[string] The unique ID of the cluster. Updates to the value of the field force the cluster to be re-created.
username - (Required)[string] Used for authentication. Updates to the value of the field force the cluster to be re-created.
NOTE: MongoDb users do not support update at the moment. Changing any attribute will result in the user being re-created.
Import
Resource DbaaS MongoDb User can be imported using the cluster_id, the database and the username e.g.
ionoscloud_mariadb_backups
Get information on DBaaS MariaDB Backups
The DBaaS MariaDB Backups data source can be used to search for and return existing DBaaS MariaDB Backups for a specific cluster.
Example Usage
Get all backups for a specific cluster
Get a specific backup
Argument Reference
cluster_id - (Optional)[string] The unique ID of the cluster.
backup_id - (Optional)[string] The unique ID of the backup.
location- (Optional)[string] The location of the cluster. Different service endpoints are used based on location, possible options are: "de/fra", "de/txl", "es/vit", "fr/par", "gb/lhr", "us/ewr", "us/las", "us/mci". If not set, the endpoint will be the one corresponding to "de/txl".
⚠️ Note: Either cluster_id or backup_id must be used, but not both at the same time.
⚠ WARNING:Location attribute will become required in the future.
Attributes Reference
The following attributes are returned by the datasource:
bakups - List of backups.
cluster_id - The unique ID of the cluster that was backed up.
earliest_recovery_target_time
ionoscloud_backup_unit
Get Information on a IonosCloud Backup Unit
The Backup Unit data source can be used to search for and return an existing Backup Unit. You can provide a string for either id or name parameters which will be compared with provisioned Backup Units. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
The following arguments are supported:
name - (Optional) Name of an existing backup unit that you want to search for.
id - (Optional) ID of the backup unit you want to search for.
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the Backup Unit.
name - The name of the Backup Unit.
email
ionoscloud_k8s_clusters
Retrieves a list of Ionos Cloud Kubernetes Clusters
The k8s_clusters data source can be used to search for and return existing kubernetes clusters based on filters used.
Example Usage
By Name
By Name and k8s version Family
Retrieve private clusters only, by Name and Cluster State
Argument Reference
filter - (Optional) One or more property name - value pairs to be used in filtering the cluster list by the specified attributes. You can use most of the top level fields from the resource except those containing other nested structures such as maintenance_window or config.
NOTE: Filtering uses partial matching for all types of values. Searching for a cluster using name:testCluster will find all clusters who have the testCluster substring in their name. This also applies to values for properties that would normally be boolean or numerical.
Attributes Reference
The following attributes are returned by the datasource:
clusters - list of Kubernetes clusters that match the provided filters. The elements of this list are structurally identical to the k8s_cluster datasource, which is limited to retrieving only 1 cluster in a single query.
entries - indicates the number of clusters found and added to the list after the query has been performed with the specified filters. For a full reference of all the attributes returned, check out
ionoscloud_auto_certificate
Get Information on Certificate Manager AutoCertificate
The CM AutoCertificate data source can be used to search for and return an existing auto-certificate. You can provide a string for either id or name parameters which will be compared with provisioned auto-certificates. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
The following arguments are supported:
location - (Required)[string] The location of the auto-certificate. Available locations: de/fra, de/fra/2.
name - (Optional)[string] Name of an existing auto-certificate that you want to search for.
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
common_name - [string] The common name (DNS) of the certificate to issue. The common name needs to be part of a zone in IONOS Cloud DNS.
key_algorithm - [string] The key algorithm used to generate the certificate.
subject_alternative_names - [list][string] Optional additional names to be added to the issued certificate. The additional names needs to be part of a zone in IONOS Cloud DNS.
Get information on an Application Load Balancer Forwarding Rule
The Application Load Balancer Forwarding Rule data source can be used to search for and return an existing Application Load Balancer Forwarding Rules. You can provide a string for the name parameter which will be compared with provisioned Application Load Balancers Forwarding Rules. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
Example Usage
ionoscloud_mongo_template
Get information on DbaaS MongoDB Cluster objects.
The DbaaS Mongo Template data source can be used to search for and return an existing DbaaS MongoDB Template. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_template
Get information on a Ionos Cloud Template
The Template data source can be used to search for and return existing templates by providing any of template properties (name, cores, ram, storage_size). If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_datacenter
Get information on a IonosCloud Data Centers
The Datacenter data source can be used to search for and return an existing Virtual Data Center. You can provide a string for the name and location parameters which will be compared with provisioned Virtual Data Centers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_kafka_cluster
Reads IonosCloud Kafka Cluster objects.
The Kafka Cluster data source can be used to search for and return an existing Kafka Cluster. You can provide a string for the name parameter which will be compared with provisioned Kafka Clusters. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_container_registry
Get information on a Container Registry
The Container Registry data source can be used to search for and return an existing Container Registry. You can provide a string for the name parameter which will be compared with provisioned Container Registry. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
Example Usage
ionoscloud_s3_bucket_policy
Get information about IONOS Object Storage Buckets policies.
The Bucket Policy data source can be used to search for and return existing bucket policies. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
⚠️ Note: The Terraform provider only supports contract-owned buckets. User-owned buckets are not supported, and there are no plans to introduce support for them. As a result, user-owned buckets cannot be created, updated, deleted, read, or imported using this provider.
Example Usage
ionoscloud_autoscaling_group_servers
Get information on servers generated as part of the autoscaling group.
The autoscaling group servers data source can be used to search for and return existing servers that are part of a specific autoscaling group.
Example Usage
ionoscloud_s3_objects
Get information about IONOS Object Storage Objects.
The Objects data source can be used to search for and return existing objects.
⚠️ Note: The Terraform provider only supports contract-owned buckets. User-owned buckets are not supported, and there are no plans to introduce support for them. As a result, user-owned buckets cannot be created, updated, deleted, read, or imported using this provider.
Example Usage
ionoscloud_lan
Get information on a Ionos Cloud Lans
The LAN data source can be used to search for and return existing lans. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_kafka_user_credentials
Gets information about Kafka users access credentials.
The Kafka user credentials data source can be used to retrieve access credentials for a specific user.
⚠️ In order to avoid storing sensitive data in the state, the user credentials can be used.
Example Usage
ionoscloud_pg_versions
Get information on DbaaS PgSql Versions
The DbaaS Postgres Versions data source can be used to search for and retrieve list of available postgres versions for a specific cluster or for all clusters.
Example Usage
ionoscloud_dns_reverse_records
Get information on DNS Reverse Records.
The DNS Reverse Records can be used to search for and return existing DNS Reverse Records. Multiple matches will be returned.
⚠️ Only tokens are accepted for authorization in the ionoscloud_dns_reverse_records data source. Please ensure you are using tokens as other methods will not be valid.
Example Usage
ionoscloud_certificate
Creates and manages a certificate.
Manages a on IonosCloud.
Example Usage
NOTE: You can also provide the values as multiline strings, as seen below:
ionoscloud_share
Get Information on share permission objects
The Share data source can be used to search for and return an existing share object. You need to provide the group_id and resource_id to get the group resources for the shared resource. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_resource
Get information on a IonosCloud Resource
The Resource data source can be used to search for and return any existing IonosCloud resource and optionally their group associations. You can provide a string for the resource type (datacenter,image,snapshot,ipblock) and/or resource id parameters which will be queries against available resources. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_gpus
Get information on Ionos Cloud GPUs
The GPUs data source can be used to retrieve a list of all GPUs attached to a specific server within a datacenter.
Example Usage
data "ionoscloud_pg_backups" "example" {
cluster_id = "cluster_id"
}
created_by_user_id
last_modified_date - The ISO 8601 modified timestamp.
last_modified_by
last_modified_by_user_id
ephemerals
- (Optional)[bool] Whether partial matching is allowed or not when using name argument. Default value is false.
- The description of the DNS Zone.
enabled - Indicates if the DNS Zone is activated or not.
nameservers - A list of available name servers.
- (Optional) ID of the network load balancer forwarding rule you want to search for.
- Collection of public IP addresses of the NAT gateway. Should be customer reserved IP addresses in that location
lans - Collection of LANs connected to the NAT gateway. IPs must contain valid subnet mask. If user will not provide any IP then system will generate an IP with /24 subnet.
id - Id for the LAN connected to the NAT gateway
gateway_ips - Collection of gateway IP addresses of the NAT gateway. Will be auto-generated if not provided. Should ideally be an IP belonging to the same subnet as the LAN
canonical_user_id - The canonical user ID which is valid for user-owned buckets.
contract_user_id - The contract user ID which is valid for contract-owned buckets
location - (Optional) The location of the Kafka Cluster Topic. Must be the same as the location of the Kafka Cluster. Possible values: de/fra, de/fra/2, de/txl, fr/par, es/vit, gb/lhr, gb/bhx, us/las, us/mci, us/ewr.
replication_factor - The number of replicas of the topic. The replication factor determines how many copies of the topic are stored on different brokers.
number_of_partitions - The number of partitions of the topic. Partitions allow for parallel processing of messages.
retention_time - This configuration controls the maximum time we will retain a log before we will discard old log segments to free up space. This represents an SLA on how soon consumers must read their data. If set to -1, no time limit is applied.
segment_bytes - This configuration controls the segment file size for the log. Retention and cleaning is always done a file at a time so a larger segment size means fewer files but less granular control over retention.
database
- (Required)[string] The user database to use for authentication. Updates to the value of the field force the cluster to be re-created.
password - (Required)[string] User password. Updates to the value of the field force the cluster to be re-created.
roles - (Required)[string] a list of mongodb user roles. Updates to the value of the field force the cluster to be re-created.
role - (Required)[true] Mongodb user role. Examples: read, readWrite, readAnyDatabase, readWriteAnyDatabase, dbAdmin, dbAdminAnyDatabase, clusterMonitor and enableSharding.
database - (Required)[true] Database on which to apply the role.
- The oldest available timestamp to which you can restore.
size - Size of all base backups in Mebibytes (MiB). This is at least the sum of all base backup sizes.
base_backups - The list of backups for the specified cluster
size - The size of the backup in Mebibytes (MiB). This is the size of the binary backup file that was stored
created - The ISO 8601 creation timestamp
- The e-mail address you want assigned to the backup unit.
login - The login associated with the backup unit. Derived from the contract number.
cluster_id - (Required)[string] The ID of the cluster.
username - (Required)[string] Name of an existing user that you want to search for.
Attributes Reference
The following attributes are returned by the datasource:
id - [string] The id of the user.
is_system_user - [bool] Describes whether this user is a system user or not. A system user cannot be updated or deleted.
By ID
By name
By name, using partial_match
name - (Optional) The name of the template you want to search for.
id - (Optional) ID of the template you want to search for.
partial_match - (Optional) Whether partial matching is allowed or not when using name argument. Default value is false.
Either name or id must be provided. If none or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The ID of the template.
name - The name of the template.
edition - The edition of the template (e.g. enterprise).
cores - The number of CPU cores.
ram - The amount of memory in GB.
storage_size - The amount of storage size in GB.
By Id
By Name
By Name with Partial Match
Argument Reference
id - (Optional) ID of the container registry you want to search for.
name - (Optional) Name of an existing container registry that you want to search for. Search by name is case-insensitive. The whole resource name is required if partial_match parameter is not set to true.
partial_match - (Optional) Whether partial matching is allowed or not when using name argument. Default value is false.
Either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of the container registry.
name - The name of the container registry.
location
garbage_collection_schedule
time
days
hostname
api_subnet_allow_list - The subnet CIDRs that are allowed to connect to the registry. Specify "a.b.c.d/32" for an individual IP address. Note: If this list is empty or not set, there are no restrictions.
maintenance_window
time
days
storage_usage
bytes
updated_at
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing lan that you want to search for.
id - (Optional) ID of the lan you want to search for.
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the LAN.
name - The name of the LAN.
datacenter_id - The ID of lan's Virtual Data Center.
ip_failover - list of
nic_uuid
ip
pcc - The unique id of a ionoscloud_private_crossconnect resource, in order.
public - Indicates if the LAN faces the public Internet (true) or not (false).
ipv4_cidr_block - For public LANs this property is null, for private LANs it contains the private IPv4 CIDR range.
ipv6_cidr_block - Contains the LAN's /64 IPv6 CIDR block if this LAN is IPv6 enabled.
Retrieve list of postgres versions for a specific cluster
Retrieve list of postgres versions for all clusters
Argument Reference
cluster_id - (Optional) The unique ID of the cluster.
If cluster_id is not provided the data source will return the list of postgres version for all cluster.
Attributes Reference
The following attributes are returned by the datasource:
cluster_id - Id of the cluster
postgres_versions - list of PostgreSQL versions.
By name
By name with partial match
By IPs
Argument reference
name - (Optional)[string] The name of the DNS Reverse Record you want to search for.
ips - (Optional)[list of string] The IPs of the DNS Reverse Records you want to search for.
partial_match - (Optional)[bool] Whether partial matching is allowed or not when using name argument. Default value is false.
Attributes Reference
The following attributes are returned by the datasource:
reverse_records list of
id - The UUID of the DNS Reverse Record.
name - The reverse DNS record name.
ip - Specifies for which IP address the reverse record should be created. The IP addresses needs to be owned by the contract.
description - Description stored along with the reverse DNS record to describe its usage.
Argument Reference
The following arguments are supported:
name - (Required)[string] The certificate name
certificate - (Required)[string] The certificate body. Pem encoded. Immutable.
private_key - (Required)[string] The certificate private key. Immutable. Sensitive.
certificate_chain - (Optional)[string] The certificate chain. Pem encoded. Immutable.
Import
Resource certificate can be imported using the resource id, e.g.
data "ionoscloud_backup_unit" "example" {
id = "backup_unit_id"
}
data "ionoscloud_backup_unit" "example" {
name = "Backup Unit Example"
}
data ionoscloud_k8s_clusters example {
filter {
name = "name"
value = "k8sClusterExample"
}
}
data ionoscloud_k8s_clusters example2 {
filter {
name = "name"
value = "k8sClusterExample"
}
filter {
name = "k8s_version"
value = "1.27"
}
}
data ionoscloud_servers example {
filter{
name = "name"
value = "k8sClusterExample"
}
filter {
name = "state"
value = "ACTIVE"
}
filter {
name = "public"
value = "false"
}
}
data "ionoscloud_auto_certificate" "example" {
id = "auto_certificate_id"
location = "auto_certificate_location"
}
data "ionoscloud_auto_certificate" "example" {
name = "AutoCertificate Name Example"
location = "auto_certificate_location"
}
data "ionoscloud_autoscaling_group_servers" "autoscaling_group_servers" {
group_id = "autoscaling_group_uuid"
}
id - (Optional) ID of the application load balancer you want to search for.
name - (Optional) Name of an existing application load balancer that you want to search for. Search by name is case-insensitive. The whole resource name is required if partial_match parameter is not set to true.
partial_match - (Optional) Whether partial matching is allowed or not when using name argument. Default value is false.
Both datacenter_id and application_loadbalancer_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of Application Load Balancer Forwarding Rule
name - The name of the Application Load Balancer forwarding rule.
protocol - Balancing protocol.
listener_ip - Listening (inbound) IP.
listener_port - Listening (inbound) port number; valid range is 1 to 65535.
client_timeout - The maximum time in milliseconds to wait for the client to acknowledge or send data; default is 50,000 (50 seconds).
server certificates - Array of items in that collection.
http_rules - Array of items in that collection
name - The unique name of the Application Load Balancer HTTP rule.
type
By Name
By Cores
By Ram
By Storage Size
Argument Reference
name - (Optional) A name of that resource.
cores - (Optional) The CPU cores count.
ram - (Optional) The RAM size in MB.
storage_size - (Optional) The storage size in GB.
category - (Optional) The category of the template.
Any of the arguments ca be provided. If none, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of template
name - Name of template
cores- The CPU cores count
ram - The RAM size in MB
storage_size - The storage size in GB
category - The category of the template
gpus - List of GPUs in the template
count - The number of GPUs
model - The model of the GPU
By ID
By Name & Location
Argument Reference
id - (Optional) Id of an existing Virtual Data Center that you want to search for.
name - (Optional) Name of an existing Virtual Data Center that you want to search for.
location - (Optional) Id of the existing Virtual Data Center's location. Available locations: de/fra, us/las, us/ewr, de/txl, gb/lhr, gb/bhx, es/vit, fr/par, us/mci, de/fra/2
Either name, location or id must be provided. If none, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - UUID of the Virtual Data Center
name - The name of the Virtual Data Center
location - The regional location where the Virtual Data Center is created
description - Description for the Virtual Data Center
version - The version of that Data Center. Gets incremented with every change
features - List of features supported by the location this data center is part of
sec_auth_protection - Boolean value representing if the data center requires extra protection e.g. two factor protection
cpu_architecture - Array of features and CPU families available in a location
cpu_family - A valid CPU family name
max_cores
By ID
By Name
Needs to have the resource be previously created, or a depends_on clause to ensure that the resource is created before this data source is called.
Argument Reference
id - (Optional) ID of an existing Kafka Cluster that you want to search for.
name - (Optional) Name of an existing Kafka Cluster that you want to search for.
location - (Required) The location of the Kafka Cluster. Possible values: de/fra, de/fra/2, de/txl, fr/par, es/vit, gb/lhr, gb/bhx, us/las, us/mci, us/ewr.
Attributes Reference
The following attributes are returned by the datasource:
id - UUID of the Kafka Cluster.
name - The name of the Kafka Cluster.
version - The version of the Kafka Cluster.
size - The size of the Kafka Cluster.
connections - Connection information of the Kafka Cluster. Minimum items: 1, maximum items: 1.
datacenter_id - The datacenter that your instance is connected to.
lan_id - The numeric LAN ID your instance is connected to.
broker_addresses - IP address and port of cluster brokers.
By ID
By name
Argument reference
cluster_id - (Required)[string] the ID of the Kafka cluster;
username - (Optional)[string] the name of the Kafka user, can be retrieved using ;
location - (Optional)[string] the location of the Kafka cluster, can be one of: de/fra, de/fra/2, de/txl, fr/par, es/vit, gb/lhr, gb/bhx, us/las, us/mci, us/ewr
Attributes reference
The following attributes are returned by the data source:
id - the ID of the user;
username - the name of the user;
certificate_authority - PEM for the certificate authority;
The DbaaS Postgres Cluster data source can be used to search for and return an existing DbaaS Postgres Cluster. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
display_name - (Optional) Display Name of an existing cluster that you want to search for.
id - (Optional) ID of the cluster you want to search for.
Either display_name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
postgres_version - The PostgreSQL version of your cluster.
instances - The total number of instances in the cluster (one master and n-1 standbys)
cores
ionoscloud_dns_reverse_record
Get information on a DNS Reverse Record.
The DNS Reverse Record can be used to search for and return an existing DNS Reverse Record. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
⚠️ Only tokens are accepted for authorization in the ionoscloud_dns_reverse_record data source. Please ensure you are using tokens as other methods will not be valid.
Example Usage
By ID
By name
By name with partial match
By IP
Argument reference
id - (Optional)[string] The ID of the DNS Reverse Record you want to search for.
name - (Optional)[string] The name of the DNS Reverse Record you want to search for.
ip - (Optional)[string] The IP of the DNS Reverse Record you want to search for.
Either id, ip or name must be provided. If none, or more are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The UUID of the DNS Reverse Record.
name - The reverse DNS record name.
ip - Specifies for which IP address the reverse record should be created. The IP addresses needs to be owned by the contract.
ionoscloud_application_loadbalancer
Get information on an Application Load Balancer
The Application Load Balancer data source can be used to search for and return an existing Application Load Balancer. You can provide a string for the name parameter which will be compared with provisioned Application Load Balancers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
Example Usage
By Id
By Name
By Name with Partial Match
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
id - (Optional) ID of the application load balancer you want to search for.
name
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of the application load balancer.
name - The name of the Application Load Balancer.
listener_lan
ionoscloud_container_registry_token
Get information on a Container Registry Token
The Container Registry Token data source can be used to search for and return an existing Container Registry Token. You can provide a string for the name parameter which will be compared with provisioned Container Registry Token. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
Example Usage
By Id
By Name
By Name with Partial Match
Argument Reference
registry_id - (Required) Registry's UUID.
id - (Optional) ID of the container registry token you want to search for.
name
registry_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of the container registry token.
name - The name of the container registry token.
credentials
ionoscloud_dns_record
Get information on a DNS Record.
The DNS Record can be used to search for and return an existing DNS Record. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
⚠️ Only tokens are accepted for authorization in the ionoscloud_dns_record data source. Please ensure you are using tokens as other methods will not be valid.
Example Usage
By ID
By name
By name with partial match
Argument reference
zone_id - (Required)[string] The ID of the DNS Zone in which the DNS Record can be found.
id - (Optional)[string] The ID of the DNS Record you want to search for.
name
Either id or name must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The UUID of the DNS Record.
name - The name of the DNS Record.
type
ionoscloud_container_registry
Creates and manages IonosCloud Container Registry.
name - The name of the container registry. Immutable, update forces re-creation of the resource.
garbage_collection_schedule - (Optional)[Map]
⚠ WARNINGContainer Registry Vulnerability Scanning is a paid feature which is enabled by default, and cannot be turned off after activation. To disable this feature for a Container Registry, ensure vulnerability_scanning is set to false on resource creation.
Import
Resource Container Registry can be imported using the resource id, e.g.
ionoscloud_private_crossconnect
Get information on a Ionos Cloud Crossconnects
The Cross Connect data source can be used to search for and return existing cross connects. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
name - (Optional) Name of an existing cross connect that you want to search for.
id - (Optional) ID of the cross connect you want to search for.
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
The VPN IPSec Gateway Tunnel data source can be used to search for and return an existing IPSec Gateway Tunnel. You can provide a string for the name parameter which will be compared with provisioned IPSec Gateway Tunnels. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Needs to have the resource be previously created, or a depends_on clause to ensure that the resource is created before this data source is called.
Argument Reference
id - (Optional) ID of an existing IPSec Gateway Tunnel that you want to search for.
name - (Optional) Name of an existing IPSec Gateway Tunnel that you want to search for.
gateway_id - (Required) The ID of the IPSec Gateway that the tunnel belongs to.
Attributes reference
The following attributes are returned by the datasource:
id - The unique ID of the IPSec Gateway Tunnel.
name - The name of the IPSec Gateway Tunnel.
description - The human-readable description of your IPSec Gateway Tunnel.
ionoscloud_location
Get information on a IonosCloud Locations
The Location data source can be used to search for and return an existing location which can then be used elsewhere in the configuration. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
Argument Reference
name - (Required) Name of the location to search for.
feature - (Optional) A desired feature that the location must be able to provide.
Attributes Reference
The following attributes are returned by the datasource:
id - UUID of the location
cpu_architecture - Array of features and CPU families available in a location
cpu_family
ionoscloud_s3_key
Get Information on a IonosCloud Object Storage key
The IONOS Object Storage key data source can be used to search for and return an existing IONOS Object Storage key. You can provide a string id which will be compared with provisioned IONOS Object Storage keys. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
Argument Reference
The following arguments are supported:
user_id - (Required)[string] The UUID of the user owning the IONOS Object Storage Key.
id - (Required) ID of the IONOS Object Storage key you want to search for.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the IONOS Object Storage key
active - The state of the IONOS Object Storage key
user_id
ionoscloud_auto_certificate
Creates and manages Certificate Manager AutoCertificate objects.
provider_id - (Required)[string] The certificate provider used to issue the certificates.
location - (Required)[string] The location of the auto-certificate. Available locations: de/fra, de/fra/2.
Import
The resource can be imported using the auto_certificate_id and the location, separated by :, e.g.
Contracts Data Source
Get information on the contracts available in your IONOS Cloud account
The contracts data source provides information about the contracts available in your IONOS Cloud account, including resource limits and other contract details.
Example Usage
data "ionoscloud_contracts" "example" {}
output "contracts" {
value = data.ionoscloud_contracts.example.contracts
}
The following attributes are returned by the datasource:
Sure! Here's the list of attributes formatted as requested:
contracts
contract_number - The contract number.
owner - The contract owner's user name.
ionoscloud_datacenter_nsg_selection
Links a Network Security Group to a IonosCloud datacenter.
Links a Network Security Group to a IonosCloud datacenter. The datacenter can only have one linked NSG. To set a new NSG for the datacenter, the current one will be unlinked.
Example Usage
A Network Security Group can be linked to a ionoscloud_datacenter with this resource. Deleting the resource will unlink the NSG from the datacenter.
Select an external volume
Argument reference
datacenter_id - (Required)[string] The ID of a Virtual Data Center.
nsg_id - (Required)[string] The ID of a Network Security Group.
ionoscloud_servers
Retrieves a list of Ionos Cloud Servers
The Servers data source can be used to search for and return existing servers based on filters used.
Example Usage
By Name
By CPU Family
By Name and Cores
Argument Reference
datacenter_id - (Required) Name of an existing datacenter that the servers are a part of
filter - (Optional) One or more name/value pairs to filter off of. You can use most base fields in the resource. These do NOT include nested fields in nics or volume nested fields.
datacenter_id must be provided. If datacenter_id is missing , the datasource will return an error.
NOTE: Lookup by filter is partial. Searching for a server using filter name and value test, will find all servers that have test in the name. For example, it will find servers named test, test1, testsomething.
NOTE: You cannot search by image_name by providing an alias like ubuntu.
Attributes Reference
The following attributes are returned by the datasource:
servers - list of servers that matches the filters provided. For a full reference of all attributes returned, check out
ionoscloud_auto_certificate_provider
Get Information on Certificate Manager Provider
The CM Provider data source can be used to search for and return an existing certificate manager provider. You can provide a string for either id or name parameters which will be compared with provisioned providers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
The following arguments are supported:
location - (Required)[string] The location of the provider. Available locations: de/fra, de/fra/2
name - (Optional)[string] Name of an existing provider that you want to search for.
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
email - [string] The email address of the certificate requester.
server - [string] The URL of the certificate provider.
external_account_binding - [list]
ionoscloud_mongo_cluster
Get information on DbaaS MongoDB Cluster objects.
The DbaaS Mongo Cluster data source can be used to search for and return an existing DbaaS MongoDB Cluster. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_image
Get information on a IonosCloud Image
The Image data source can be used to search for and return an existing image which can then be used to provision a server.
If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result. In case multiple matches are found, enable debug(TF_LOG=debug) to show the name and location of the images.
Example Usage
Finds an image with alias ubuntu:latest_iso
ionoscloud_nic
Get information on a Ionos Cloud NIC
The Nic data source can be used to search for and return existing nics. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_backup_unit
Creates and manages IonosCloud Backup Units.
Manages a on IonosCloud.
Example Usage
ionoscloud_networkloadbalancer
Get information on a Network Load Balancer
The Network Load Balancer data source can be used to search for and return existing network load balancers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_cdn_distribution
Creates and manages IonosCloud CDN Distributions.
Manages a on IonosCloud.
Example Usage
ionoscloud_ipblock
Get information on a IonosCloud Ip Block
The IP Block data source can be used to search for and return an existing Ip Block. You can provide a string for the id, the name or the location parameters which will be compared with the provisioned Ip Blocks. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_nfs_cluster
Get information on Network File Storage (NFS) Cluster objects
Returns information about clusters of Network File Storage (NFS) on IonosCloud.
Example Usage
ionoscloud_auto_certificate_provider
Creates and manages Certificate Manager provider objects.
Manages a .
Example Usage
data "ionoscloud_application_loadbalancer_forwardingrule" "example" {
datacenter_id = ionoscloud_datacenter.example.id
application_loadbalancer_id = ionoscloud_application_loadbalancer.example.id
id = "alb_fwr_id"
}
data "ionoscloud_application_loadbalancer_forwardingrule" "example" {
datacenter_id = ionoscloud_datacenter.example.id
application_loadbalancer_id = ionoscloud_application_loadbalancer.example.id
name = "ALB FR Example"
}
data "ionoscloud_application_loadbalancer_forwardingrule" "example" {
datacenter_id = ionoscloud_datacenter.example.id
application_loadbalancer_id = ionoscloud_application_loadbalancer.example.id
name = "Example"
partial_match = true
}
data "ionoscloud_template" "example" {
name = "CUBES S"
}
data "ionoscloud_template" "example" {
cores = 6
}
data "ionoscloud_template" "example" {
ram = 49152
}
data "ionoscloud_template" "example" {
storage_size = 80
}
data "ionoscloud_datacenter" "example" {
id = "datacenter_id"
}
data "ionoscloud_datacenter" "example" {
name = "Datacenter Example"
location = "us/las"
}
data "ionoscloud_kafka_cluster" "example" {
id = "your_kafka_cluster_id"
location = "location_of_kafka_cluster"
}
data "ionoscloud_kafka_cluster" "example" {
name = "kafka-cluster"
location = "location_of_kafka_cluster"
}
target_group - The UUID of the target group; mandatory for FORWARD action.
drop_query - Default is false; valid only for REDIRECT actions.
location - The location for redirecting; mandatory and valid only for REDIRECT actions.
status_code - Valid only for REDIRECT and STATIC actions. For REDIRECT actions, default is 301 and possible values are 301, 302, 303, 307, and 308. For STATIC actions, default is 503 and valid range is 200 to 599.
response_message - The response message of the request; mandatory for STATIC action.
content_type - Valid only for STATIC actions.
conditions - An array of items in the collection.The action is only performed if each and every condition is met; if no conditions are set, the rule will always be performed.
type - Type of the Http Rule condition.
condition - Matching rule for the HTTP rule condition attribute; mandatory for HEADER, PATH, QUERY, METHOD, HOST, and COOKIE types; must be null when type is SOURCE_IP.
negate - Specifies whether the condition is negated or not; the default is False.
key - Must be null when type is PATH, METHOD, HOST, or SOURCE_IP. Key can only be set when type is COOKIES, HEADER, or QUERY.
value - Mandatory for conditions CONTAINS, EQUALS, MATCHES, STARTS_WITH, ENDS_WITH; must be null when condition is EXISTS; should be a valid CIDR if provided and if type is SOURCE_IP.
type - The type of the GPU
vendor - The vendor of the GPU
- The maximum number of cores available
max_ram - The maximum number of RAM in MB
vendor - A valid CPU vendor name
broker_addresses - IP addresses and subnet of cluster brokers.
- A valid CPU family name.
max_cores - The maximum number of cores available.
max_ram - The maximum number of RAM in MB.
vendor - A valid CPU vendor name.
image_aliases - List of image aliases available for the location
ram - The amount of memory per instance in megabytes.
storage_size - The amount of storage per instance in MB.
storage_type - The storage type used in your cluster.
connection_pooler - Details about the connection pooler.
enabled
pool_mode - Represents different modes of connection pooling for the connection pooler.
connections - Details about the network connection for your cluster.
datacenter_id - The datacenter to connect your cluster to.
lan_id - The LAN to connect your cluster to.
cidr - The IP and subnet for the database.
location - The physical location where the cluster will be created. This will be where all of your instances live.
backup_location - The IONOS Object Storage location where the backups will be stored.
display_name - The friendly name of your cluster.
maintenance_window - A weekly 4 hour-long window, during which maintenance might occur
time
day_of_the_week
credentials - Credentials for the database user to be created.
username - The username for the initial postgres user.
synchronization_mode - Represents different modes of replication.
from_backup - The unique ID of the backup you want to restore.
backup_id - The PostgreSQL version of your cluster.
recovery_target_time - If this value is supplied as ISO 8601 timestamp, the backup will be replayed up until the given timestamp.
dns_name - The DNS name pointing to your cluster.
partial_match - (Optional)[bool] Whether partial matching is allowed or not when using name argument. Default value is false.
description - Description stored along with the reverse DNS record to describe its usage.
- (Optional) Name of an existing application load balancer that you want to search for. Search by name is case-insensitive. The whole resource name is required if
partial_match
parameter is not set to true.
partial_match - (Optional) Whether partial matching is allowed or not when using name argument. Default value is false.
- ID of the listening (inbound) LAN.
ips - Collection of the Application Load Balancer IP addresses. (Inbound and outbound) IPs of the listenerLan are customer-reserved public IPs for the public Load Balancers, and private IPs for the private Load Balancers.
target_lan - ID of the balanced private target LAN (outbound).
lb_private_ips - Collection of private IP addresses with the subnet mask of the Application Load Balancer. IPs must contain valid a subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.
central_logging - Turn logging on and off for this product. Default value is 'false'.
logging_lormat - Specifies the format of the logs.
flowlog - Only 1 flow log can be configured. Only the name field can change as part of an update. Flow logs holistically capture network information such as source and destination IP addresses, source and destination ports, number of packets, amount of bytes, the start and end time of the recording, and the type of protocol – and log the extent to which your instances are being accessed.
action - Specifies the action to be taken when the rule is matched. Possible values: ACCEPTED, REJECTED, ALL. Immutable, forces re-creation.
bucket - Specifies the IONOS Object Storage bucket where the flow log data will be stored. The bucket must exist. Immutable, forces re-creation.
direction - Specifies the traffic direction pattern. Valid values: INGRESS, EGRESS, BIDIRECTIONAL. Immutable, forces re-creation.
name - Specifies the name of the flow log.
- (Optional) Name of an existing container registry token that you want to search for. Search by name is case-insensitive. The whole resource name is required if
partial_match
parameter is not set to true.
partial_match - (Optional) Whether partial matching is allowed or not when using name argument. Default value is false.
username
expiry-date
scopes
actions
name
type
status
- (Optional)[string] The name of the DNS Record you want to search for.
partial_match - (Optional)[bool] Whether partial matching is allowed or not when using name argument. Default value is false.
- The type of the DNS Record.
content - The content of the DNS Record.
ttl - The time to live of the DNS Record.
priority - The priority for the DNS Record.
enabled - Indicates if the DNS Record is active or not.
time - (Required)[string]
days - (Required)[list] Elements of list must have one of the values: Saturday, Sunday, Monday, Tuesday, Wednesday, Thursday, Friday
location - (Required)[string] Immutable, update forces re-creation of the resource.
api_subnet_allow_list - (Optional)[list] The subnet CIDRs that are allowed to connect to the registry. Specify "a.b.c.d/32" for an individual IP address. Note: If this list is empty or not set, there are no restrictions.
features - (Optional)[Map]
vulnerability_scanning - (Optional)[bool] Enables or disables the Vulnerability Scanning feature for the Container Registry. To disable this feature, set the attribute to false when creating the CR resource.
- Description of cross connect
peers - Lists LAN's joined to this cross connect
lan_id - The id of the cross-connected LAN
lan_name - The name of the cross-connected LAN
datacenter_id - The id of the cross-connected datacenter
datacenter_name - The name of the cross-connected datacenter
location - The location of the cross-connected datacenter
connectable_datacenters - Lists datacenters that can be joined to this cross connect
id - The UUID of the connectable datacenter
name - The name of the connectable datacenter
location - The physical location of the connectable datacenter
location - (Optional) The location of the IPSec Gateway Tunnel. Supported locations: de/fra, de/fra/2, de/txl, es/vit, gb/lhr, us/ewr, us/las, us/mci, fr/par.
remote_host - The remote peer host fully qualified domain name or public IPV4 IP to connect to.
ike - Settings for the initial security exchange phase.
diffie_hellman_group - The Diffie-Hellman Group to use for IPSec Encryption.
encryption_algorithm - The encryption algorithm to use for IPSec Encryption.
integrity_algorithm - The integrity algorithm to use for IPSec Encryption.
lifetime - The phase lifetime in seconds.
esp - Settings for the IPSec SA (ESP) phase.
diffie_hellman_group - The Diffie-Hellman Group to use for IPSec Encryption.
encryption_algorithm - The encryption algorithm to use for IPSec Encryption.
integrity_algorithm - The integrity algorithm to use for IPSec Encryption.
lifetime - The phase lifetime in seconds.
auth - Properties with all data needed to define IPSec Authentication.
method - The authentication method to use for IPSec Authentication.
cloud_network_cidrs - The network CIDRs on the "Left" side that are allowed to connect to the IPSec tunnel, i.e. the CIDRs within your IONOS Cloud LAN. Specify "0.0.0.0/0" or "::/0" for all addresses.
peer_network_cidrs - The network CIDRs on the "Right" side that are allowed to connect to the IPSec tunnel. Specify "0.0.0.0/0" or "::/0" for all addresses.
common_name - (Required)[string] The common name (DNS) of the certificate to issue. The common name needs to be part of a zone in IONOS Cloud DNS.
key_algorithm - (Required)[string] The key algorithm used to generate the certificate.
name - (Required)[string] A certificate name used for management purposes.
subject_alternative_names - (Optional)[list][string] Optional additional names to be added to the issued certificate. The additional names needs to be part of a zone in IONOS Cloud DNS.
last_issued_certificate_id - (Computed)[string] The ID of the last certificate that was issued.
id - (Optional)[string] ID of the provider you want to search for.
key_id - [string] The key ID of the external account binding.
key_secret - [string] The key secret of the external account binding
, in location
de/txl
, that does not support
cloud_init
and is of type
CDROM
.
Example Usage
Finds an image with alias ubuntu:latest in location de/txl. Uses exact matching on both fields.
Example Usage
Finds an image named ubuntu-20.04.6 in location de/txl. Uses exact matching.
Argument Reference
name - (Required) Name of an existing image that you want to search for. It will return an exact match if one exists, otherwise it will retrieve partial matches.
location - (Optional) Id of the existing image's location. Exact match. Possible values: de/fra, de/txl, gb/lhr, es/vit, us/ewr, us/las
type - (Optional) The image type, HDD or CD-ROM. Exact match.
image_alias - (Optional) Image alias of the image you are searching for. Exact match. E.g. =centos:latest, ubuntu:latest
version - (Optional) The version of the image that you want to search for.
If both "name" and "version" are provided the plugin will concatenate the two strings in this format [name]-[version]. The resulting string will be used to search for an exact match. An error will be thrown if one is not found.
Attributes Reference
id - UUID of the image
name - name of the image
description - description of the image
size - The size of the image in GB
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
cpu_hot_unplug - Is capable of CPU hot unplug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
ram_hot_unplug - Is capable of memory hot unplug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
disc_scsi_hot_plug - Is capable of SCSI drive hot plug (no reboot required)
disc_scsi_hot_unplug - Is capable of SCSI drive hot unplug (no reboot required)
licence_type - OS type of this Image
public - Indicates if the image is part of the public repository or not
expose_serial - Indicates if the serial ID of the disk attached to the server will be exposed or not.
image_aliases - List of image aliases mapped for this Image
cloud_init - Cloud init compatibility
type - This indicates the type of image
location - Location of that image/snapshot.
require_legacy_bios - Indicates if the image requires the legacy BIOS for compatibility or specific needs.
Argument Reference
The following arguments are supported:
name - (Required)[string] The name of the Backup Unit. This argument is immutable.
password - (Required)[string] The desired password for the Backup Unit
email - (Required)[string] The email address assigned to the backup unit
login - (Computed) The login associated with the backup unit. Derived from the contract number
Import
A Backup Unit resource can be imported using its resource id, e.g.
This can be helpful when you want to import backup units which you have already created manually or using other means, outside of terraform. Please note that you need to manually specify the password when first declaring the resource in terraform, as there is no way to retrieve the password from the Cloud API.
Important Notes
Please note that at the moment, Backup Units cannot be renamed
Please note that the password attribute is write-only, and it cannot be retrieved from the API when importing a ionoscloud_backup_unit. The only way to keep track of it in Terraform is to specify it on the resource to be imported, thus, making it a required attribute.
data ionoscloud_servers example {
datacenter_id = ionoscloud_datacenter.example.id
filter {
name = "name"
value = "server_name_to_look_here"
}
}
data ionoscloud_servers example {
datacenter_id = ionoscloud_datacenter.example.id
filter {
name = "cpu_family"
value = "INTEL_XEON"
}
}
data ionoscloud_servers example {
datacenter_id = ionoscloud_datacenter.example.id
filter {
name = "name"
value = "test"
}
filter {
name = "cores"
value = "1"
}
}
data "ionoscloud_auto_certificate_provider" "example" {
id = "provider_id"
location = "provider_location"
}
data "ionoscloud_auto_certificate_provider" "example" {
name = "Provider Name Example"
location = "provider_location"
}
data "ionoscloud_image" "cdrom" {
image_alias = "ubuntu:latest_iso"
type = "CDROM"
location = "de/txl"
cloud_init = "NONE"
}
display_name - (Optional) Display Name of an existing cluster that you want to search for.
id - (Optional) ID of the cluster you want to search for.
Either display_name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
edition - Cluster edition. Playground, business or enterprise.
mongodb_version - The MongoDB version of your cluster. Updates to the value of the field force the cluster to be re-created.
template_id - The unique ID of the template, which specifies the number of cores, storage size, and memory. Updates to the value of the field force the cluster to be re-created.
instances - The total number of instances in the cluster (one master and n-1 standbys). Example: 3, 5, 7. Updates to the value of the field force the cluster to be re-created.
display_name - The name of your cluster. Updates to the value of the field force the cluster to be re-created.
location - The connection string for your cluster. Updates to the value of the field force the cluster to be re-created.
connections - Details about the network connection for your cluster. Updates to the value of the field force the cluster to be re-created.
datacenter_id - The datacenter to connect your cluster to.
maintenance_window - A weekly 4 hour-long window, during which maintenance might occur. Updates to the value of the field force the cluster to be re-created.
time
day_of_the_week
connection_string - The physical location where the cluster will be created. This will be where all of your instances live. Updates to the value of the field force the cluster to be re-created. Available locations: de/txl, gb/lhr, es/vit"
ram - The amount of memory per instance in megabytes. Required for enterprise edition.
storage_size - The amount of storage per instance in MB. Required for enterprise edition.
storage_type - The storage type used in your cluster. Required for enterprise edition.
cores - The number of CPU cores per replica. Required for enterprise edition.
backup
location: The location where the cluster backups will be stored. If not set, the backup is stored in the nearest location of the cluster. Possible values are de, eu-south-2, or eu-central-2.
By ID
By Name
Argument reference
datacenter_id - (Required)[string] The ID of a Virtual Data Center.
server_id - (Required)[string] The ID of a server.
name - (Optional)[string] The name of the LAN.
id - (Optional) ID of the nic you want to search for.
datacenter_id and either name or id must be provided. If none, are provided, the datasource will return an error.
Import
Resource Nic can be imported using the resource id, e.g.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the NIC.
datacenter_id - The ID of a Virtual Data Center.
server_id - The ID of a server.
lan - The LAN ID the NIC will sit on.
name - The name of the LAN.
dhcp - Indicates if the NIC should get an IP address using DHCP (true) or not (false).
ips - Collection of IP addresses assigned to a nic. Explicitly assigned public IPs need to come from reserved IP blocks, Passing value null or empty array will assign an IP address automatically.
firewall_active - If this resource is set to true and is nested under a server resource firewall, with open SSH port, resource must be nested under the NIC.
firewall_type - The type of firewall rules that will be allowed on the NIC. If it is not specified it will take the default value INGRESS
mac - The MAC address of the NIC.
device_number- The Logical Unit Number (LUN) of the storage volume. Null if this NIC was created from CloudAPI and no DCD changes were done on the Datacenter.
pci_slot- The PCI slot number of the Nic.
flowlog - Only 1 flow log can be configured. Only the name field can change as part of an update. Flow logs holistically capture network information such as source and destination IP addresses, source and destination ports, number of packets, amount of bytes, the start and end time of the recording, and the type of protocol – and log the extent to which your instances are being accessed.
action - Specifies the action to be taken when the rule is matched. Possible values: ACCEPTED, REJECTED, ALL.
security_groups_ids - The list of Security Group IDs for the resource.
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing network load balancer that you want to search for.
id - (Optional) ID of the network load balancer you want to search for.
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of that Network Load Balancer
name- Name of that Network Load Balancer
listener_lan - Id of the listening LAN. (inbound)
target_lan - Id of the balanced private target LAN. (outbound)
ips - Collection of IP addresses of the Network Load Balancer. (inbound and outbound) IP of the listenerLan must be a customer reserved IP for the public load balancer and private IP for the private load balancer.
lb_private_ips - Collection of private IP addresses with subnet mask of the Network Load Balancer. IPs must contain valid subnet mask. If user will not provide any IP then the system will generate one IP with /24 subnet.
central_logging - Turn logging on and off for this product. Default value is 'false'.
logging_lormat - Specifies the format of the logs.
flowlog - Only 1 flow log can be configured. Only the name field can change as part of an update. Flow logs holistically capture network information such as source and destination IP addresses, source and destination ports, number of packets, amount of bytes, the start and end time of the recording, and the type of protocol – and log the extent to which your instances are being accessed.
action - Specifies the action to be taken when the rule is matched. Possible values: ACCEPTED, REJECTED, ALL. Immutable, forces re-creation.
Argument Reference
The following arguments are supported:
domain - (Required)[string] The domain of the distribution.
certificate_id - (Required)[string] The ID of the certificate to use for the distribution. You can create certificates with the certificate resource.
routing_rules - (Required)[list] The routing rules for the distribution.
scheme - (Required)[string] The scheme of the routing rule.
prefix - (Required)[string] The prefix of the routing rule.
upstream - (Required)[map] - A map of properties for the rule
Attributes Reference
public_endpoint_v4 - IP of the distribution, it has to be included on the domain DNS Zone as A record.
public_endpoint_v6 - IP of the distribution, it has to be included on the domain DNS Zone as AAAA record.
resource_urn - Unique resource indentifier.
Import
Resource Distribution can be imported using the resource id, e.g.
id - (Optional) ID of an existing Ip Block that you want to search for.
name - (Optional) Name of an existing Ip Block that you want to search for.
location - (Optional) The regional location for this IP Block: us/las, us/ewr, de/fra, de/fkb.
Attributes Reference
id - The id of Ip Block
name - The name of Ip Block
location - The regional location for this IP Block: us/las, us/ewr, de/fra, de/fkb.
size - The number of IP addresses to reserve for this block.
ips - The list of IP addresses associated with this block.
ip_consumers Read-Only attribute. Lists consumption detail of an individual ip
ip
mac
By ID
By Name
Argument Reference
location - (Optional) The location where the Network File Storage cluster is located. Available locations: de/fra, de/fra/2, de/txl, fr/par, gb/lhr, es/vit, us/las, us/ewr, us/mci.
name - (Optional) Name of the Network File Storage cluster.
id - (Optional) ID of the Network File Storage cluster.
partial_match - (Optional) Whether partial matching is allowed or not when using the name filter. Defaults to false.
Attributes Reference
The following attributes are returned by the datasource:
-id - The ID of the Network File Storage cluster.
name - The name of the Network File Storage cluster.
location - The location where the Network File Storage cluster is located.
size - The size of the Network File Storage cluster in TiB. Note that the cluster size cannot be reduced after provisioning. This value determines the billing fees. Default is 2. The minimum value is 2 and the maximum value is 42.
nfs - The NFS configuration for the Network File Storage cluster. Each NFS configuration supports the following:
min_version - The minimum supported version of the NFS cluster. Default is 4.2
connections - A list of connections for the Network File Storage cluster. You can specify only one connection. Each connection supports the following:
datacenter_id - The ID of the datacenter where the Network File Storage cluster is located.
ip_address
ionoscloud_gpu_server
Get information on a Ionos Cloud GPU Server
The GPU Server data source can be used to search for and return existing GPU servers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing server that you want to search for.
id - (Optional) ID of the server you want to search for.
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
template_uuid - The UUID of the template for creating a GPU server; the available templates for GPU servers can be found on the templates resource
id - The id of that resource
name - The name of that resource
ionoscloud_autoscaling_group
Get information on a IonosCloud Autoscaling Group
The autoscaling group data source can be used to search for and return an existing Autoscaling Group. You can provide a string for the name or id parameters which will be compared with provisioned Autoscaling Groups. If a single match is found, it will be returned.
Example Usage
By Id
By Name
Argument Reference
id - (Optional) Id of an existing Autoscaling Group that you want to search for.
name - (Optional) Name of an existing Autoscaling Group that you want to search for.
Either name or id must be provided. If none or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - UUID of the Autoscaling Group.
name - The name of the Autoscaling Group.
datacenter - VMs for this Autoscaling Group will be created in this Virtual Datacenter. Please note, that it has to have the same location
ionoscloud_nfs_share
Get information on Network File Storage (NFS) Share objects
Returns information about shares of Network File Storage (NFS) on IonosCloud.
Example Usage
By ID
By Name
Argument Reference
location - (Optional) The location where the Network File Storage share is located. Available locations: de/fra, de/fra/2, de/txl, fr/par, gb/lhr, es/vit, us/las, us/ewr, us/mci.
Attributes Reference
id - The ID of the Network File Storage share.
name - The name of the Network File Storage share.
location - The location where the Network File Storage share is located.
ionoscloud_natgateway_rule
Get information on a Nat Gateway Rule
The NAT Gateway Rule data source can be used to search for and return existing NAT Gateway Rules. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
natgateway_id - (Required) Nat Gateway's UUID.
name
Both datacenter_id and natgateway_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - Id of the NAT gateway rule
name - Name of the NAT gateway rule
type
Data Source: ionoscloud_vpn_wireguard_gateway
Provides information about a specific IonosCloud VPN WireGuard Gateway.
The ionoscloud_vpn_wireguard_gateway data source provides information about a specific IonosCloud VPN WireGuard Gateway. You can use this data source to retrieve details of a WireGuard Gateway for use in other resources and configurations.
Example Usage
Argument Reference
The following arguments are supported:
name - (Optional)[String] The name of the WireGuard Gateway.
id - (Optional)[String] The ID of the WireGuard Gateway.
location - (Optional)[String] The location of the WireGuard Gateway. Supported locations: de/fra, de/fra/2, de/txl, es/vit, gb/bhx, gb/lhr, us/ewr, us/las, us/mci, fr/par.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
description - The description of the WireGuard Gateway.
public_key - The public key for the WireGuard Gateway.
status - The current status of the WireGuard Gateway.
ionoscloud_snapshot
Get information on a IonosCloud Snapshots
The Snapshot data source can be used to search for and return an existing snapshot which can then be used to provision a server. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name & Size & Location
Note: The size argument is in GB
Argument Reference
id - (Optional) UUID of an existing snapshot that you want to search for.
name - (Optional) Name of an existing snapshot that you want to search for.
location
Either name or id must be provided. If none, or both are provided, the datasource will return an error. Additionally, you can add location and size along with the name argument for a more refined search. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Attributes Reference
The following attributes are returned by the datasource:
id - UUID of the snapshot
name - The name of the snapshot.
description
ionoscloud_volume
Get information on a Ionos Cloud Volume
The volume data source can be used to search for and return existing volumes. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
name - (Optional) Name of an existing volume that you want to search for.
id - (Optional) ID of the volume you want to search for.
Either volume or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the volume.
name - The name of the volume.
disk_type
ionoscloud_container_registry_token
Creates and manages IonosCloud Container Registry Token.
registry_id - (Required)[string] The ID of the container registry
name - (Required)[string] The name of the container registry token. Immutable, update forces re-creation of the resource.
expiry-date
⚠ WARNINGsave_password_to_file must be used with caution. It will save the password(token) returned on create to a file. This is the only way to get the token.
Import
Resource Container Registry Token can be imported using the container registry id and resource id, e.g.
ionoscloud_user
Get information on a Ionos Cloud Users
The User data source can be used to search for and return existing users. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Email
By Email from Env Variables - Current User
data "ionoscloud_user" "example" { }
Argument Reference
email - (Optional) Email of an existing user that you want to search for.
id - (Optional) ID of the user you want to search for.
Either email or id can be provided. If no argument is set, the provider will search for the email that was provided for the configuration. If none is found, the provider will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the user.
administrator - Indicates if the user has administrative rights. Administrators do not need to be managed in groups, as they automatically have access to all resources associated with the contract.
email
ionoscloud_cube_server
Get information on a Ionos Cloud Cube Servers
The can be used to search for and return existing servers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_k8s_cluster
Get information on a IonosCloud K8s Cluster
The k8s Cluster data source can be used to search for and return existing k8s clusters. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_application_loadbalancer
Creates and manages IonosCloud Application Load Balancer.
Manages an on IonosCloud.
Example Usage
ionoscloud_k8s_node_pool
Get information on a IonosCloud K8s Node Pool
The k8s Node Pool data source can be used to search for and return existing k8s Node Pools. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_target_group
Get information on an Target Group
The Target Group data source can be used to search for and return an existing Application Load Balancer Target Group. You can provide a string for the name parameter which will be compared with provisioned Application Load Balancer Target Groups. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique names.
Example Usage
ionoscloud_logging_pipeline
Get information on a Logging pipeline.
The Logging pipeline datasource can be used to search for and return an existing Logging pipeline. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned.
⚠️ Only tokens are accepted for authorization in the logging_pipeline data source. Please ensure you are using tokens as other methods will not be valid.
Example Usage
ionoscloud_inmemorydb_replicaset
Gets information about an existing InMemoryDB Replica Set.
The ionoscloud_inmemorydb_replicaset data source can be used to retrieve information about an existing InMemoryDB Replica Set.
Example Usage
ionoscloud_networkloadbalancer_forwardingrule
Get information on a Network Load Balancer Forwarding Rule
The Network Load Balancer Forwarding Rule data source can be used to search for and return existing network forwarding rules. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
Data Source: ionoscloud_vpn_wireguard_gateway
Provides information about a specific IonosCloud VPN WireGuard Gateway.
The ionoscloud_vpn_wireguard_gateway data source provides information about a specific IonosCloud VPN WireGuard Gateway. You can use this data source to retrieve details of a WireGuard Gateway for use in other resources and configurations.
Example Usage
data "ionoscloud_mongo_cluster" "example" {
id = "cluster_id"
}
data "ionoscloud_mongo_cluster" "example" {
display_name = "display_name"
}
data "ionoscloud_nic" "example" {
datacenter_id = "datancenter_id"
server_id = "server_id"
id = "nic_id"
}
data "ionoscloud_nic" "example" {
datacenter_id = "datancenter_id"
server_id = "server_id"
name = "Nic Example"
}
data "ionoscloud_networkloadbalancer" "example" {
datacenter_id = ionoscloud_datacenter.example.id
id = "networkloadbalancer_id"
}
data "ionoscloud_networkloadbalancer" "example" {
datacenter_id = ionoscloud_datacenter.example.id
name = "Network Load Balancer Name"
}
terraform import ionoscloud_cdn_distribution.myDistribution distribution uuid
data "ionoscloud_ipblock" "example" {
id = "ipblock_id"
}
data "ionoscloud_ipblock" "example" {
name = "IP Block Name"
}
data "ionoscloud_ipblock" "example" {
location = "us/las"
}
data "ionoscloud_ipblock" "example" {
name = "IP Block Name"
location = "us/las"
}
data "ionoscloud_nfs_cluster" "example" {
location = "location"
id = "cluster-id"
}
data "ionoscloud_nfs_cluster" "example" {
location = "location"
name = "partial-name"
partial_match = true
}
output "cluster_test_output" {
value = format("%s from %s with %sTB",
data.ionoscloud_nfs_cluster.example.name,
data.ionoscloud_nfs_cluster.example.location,
data.ionoscloud_nfs_cluster.example.nfs[0].min_version
)
}
data "ionoscloud_vpn_wireguard_gateway" "example" {
location = "de/fra"
name = "example-gateway"
}
output "vpn_wireguard_gateway_public_key" {
value = data.vpn_wireguard_gateway.example.public_key
}
resource "ionoscloud_container_registry" "example" {
garbage_collection_schedule {
days = ["Monday", "Tuesday"]
time = "05:19:00+00:00"
}
location = "de/fra"
name = "container-registry-example"
}
resource "ionoscloud_container_registry_token" "example" {
expiry_date = "2023-01-13 16:27:42Z"
name = "container-registry-token-example"
scopes {
actions = ["push"]
name = "Scope1"
type = "repository"
}
status = "enabled"
registry_id = ionoscloud_container_registry.example.id
save_password_to_file = "pass.txt"
}
lan_id
- The LAN to connect your cluster to.
cidr - The IP and subnet for the database. Must be same number as instances. Note the following unavailable IP ranges: 10.233.64.0/18, 10.233.0.0/18, 10.233.114.0/24. Please input in the correct format like IP/Subnet, exp: 192.168.10.0/24. See Private IPs and Cluster Setup - Preparing the network.
whitelist - List of whitelisted CIDRs
bucket - Specifies the IONOS Object Storage bucket where the flow log data will be stored. The bucket must exist.
direction - Specifies the traffic direction pattern. Valid values: INGRESS, EGRESS, BIDIRECTIONAL.
name - Specifies the name of the flow log.
bucket - Specifies the IONOS Object Storage bucket where the flow log data will be stored. The bucket must exist. Immutable, forces re-creation.
direction - Specifies the traffic direction pattern. Valid values: INGRESS, EGRESS, BIDIRECTIONAL. Immutable, forces re-creation.
name - Specifies the name of the flow log.
host - (Required)[string] The upstream host that handles the requests if not already cached. This host will be protected by the WAF if the option is enabled.
caching - (Required)[bool] Enable or disable caching. If enabled, the CDN will cache the responses from the upstream host. Subsequent requests for the same resource will be served from the cache.
waf - (Required)[bool] Enable or disable WAF to protect the upstream host.
sni_mode - (Required)[string] The SNI (Server Name Indication) mode of the upstream. It supports two modes: 1) distribution: for outgoing connections to the upstream host, the CDN requires the upstream host to present a valid certificate that matches the configured domain of the CDN distribution; 2) origin: for outgoing connections to the upstream host, the CDN requires the upstream host to present a valid certificate that matches the configured upstream/origin hostname.
rate_limit_class - (Required)[string] Rate limit class that will be applied to limit the number of incoming requests per IP.
geo_restrictions - (Optional)[map] - A map of geo_restrictions
allow_list - (Optional)[string] List of allowed countries
block_list - (Optional)[string] List of blocked countries
nic_uuid
server_id
server_name
datacenter_id
datacenter_name
k8s_nodepool_uuid
k8s_cluster_uuid
- The IP address and prefix of the Network File Storage cluster. The IP address can be either IPv4 or IPv6. The IP address has to be given with CIDR notation.
lan - The Private LAN to which the Network File Storage cluster must be connected.
gateway_ip - The IP address of the WireGuard Gateway.
interface_ipv4_cidr - The IPv4 CIDR for the WireGuard Gateway interface.
interface_ipv6_cidr - The IPv6 CIDR for the WireGuard Gateway interface.
connections - A list of connection configurations for the WireGuard Gateway. Each connections block contains:
datacenter_id - The ID of the datacenter where the WireGuard Gateway is located.
lan_id - The ID of the LAN where the WireGuard Gateway is connected.
ipv4_cidr - The VPN Gateway IPv4 address in CIDR notation. This is the private gateway address for LAN clients to route traffic over the VPN Gateway, this should be within the subnet already assigned to the LAN.
ipv6_cidr - The VPN Gateway IPv6 address in CIDR notation. This is the private gateway address for LAN clients to route traffic over the VPN Gateway, this should be within the subnet already assigned to the LAN.
maintenance_window - A weekly 4 hour-long window, during which maintenance might occur.
time - Start of the maintenance window in UTC time.
day_of_the_week - The name of the week day.
tier - Gateway performance options.
hostname - The hostname of the server
type - Server usages: GPU
vm_state- Status of the virtual Machine
datacenter_id - The id of the datacenter
availability_zone - The availability zone in which the server should exist
vm_state - Status of the virtual Machine
boot_cdrom
ram
cores
boot_volume
boot_image
token
cdroms - list of
id - Id of the attached cdrom
name - The name of the attached cdrom
description - Description of cdrom
location - Location of that image/snapshot
size - The size of the image in GB
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
cpu_hot_unplug - Is capable of CPU hot unplug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
ram_hot_unplug - Is capable of memory hot unplug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
disc_scsi_hot_plug - Is capable of SCSI drive hot plug (no reboot required)
disc_scsi_hot_unplug - Is capable of SCSI drive hot unplug (no reboot required)
licence_type - OS type of this Image
image_type - Type of image
image_aliases - List of image aliases mapped for this Image
public - Indicates if the image is part of the public repository or not
image_aliases - List of image aliases mapped for this Image
cloud_init - Cloud init compatibility
volumes - list of
id - Id of the attached volume
name - Name of the attached volume
type - Hardware type of the volume.
availability_zone - The availability zone in which the volume should exist
image - Image or snapshot ID to be used as template for this volume
image_password - Initial password to be set for installed OS
ssh_keys - Public SSH keys are set on the image as authorized keys for appropriate SSH login to the instance using the corresponding private key
bus - The bus type of the volume
licence_type - OS type of this volume
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
device_number - The Logical Unit Number of the storage volume
pci_slot - The PCI slot number of the storage volume
cluster_id - (Required) The ID of the Network File Storage cluster.
name - (Optional) Name of the Network File Storage share.
id - (Optional) ID of the Network File Storage share.
partial_match - (Optional) Whether partial matching is allowed or not when using the name filter. Defaults to false.
cluster_id - The ID of the Network File Storage cluster.
nfs_path - Path to the NFS export. The NFS path is the path to the directory being exported.
quota - The quota in MiB for the export. The quota can restrict the amount of data that can be stored within the export. The quota can be disabled using 0.
gid - The group ID that will own the exported directory. If not set, anonymous (512) will be used.
uid - The user ID that will own the exported directory. If not set, anonymous (512) will be used.
client_groups - The groups of clients are the systems connecting to the Network File Storage cluster. Each client group supports the following:
description - Optional description for the clients groups.
ip_networks - The allowed host or network to which the export is being shared. The IP address can be either IPv4 or IPv6 and has to be given with CIDR notation.
hosts - A singular host allowed to connect to the share. The host can be specified as IP address and can be either IPv4 or IPv6.
nfs - The NFS configuration for the client group. Each NFS configuration supports the following:
squash - The squash mode for the export. The squash mode can be: none - No squash mode. no mapping, root-anonymous - Map root user to anonymous uid, all-anonymous - Map all users to anonymous uid.
- (Optional) Name of an existing NAT gateway rule that you want to search for.
id - (Optional) ID of the NAT gateway rule you want to search for.
- ype of the NAT gateway rule.
protocol - Protocol of the NAT gateway rule. Defaults to ALL. If protocol is 'ICMP' then targetPortRange start and end cannot be set.
source_subnet - Source subnet of the NAT gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets source IP address.
public_ip - Public IP address of the NAT gateway rule. Specifies the address used for masking outgoing packets source address field. Should be one of the customer reserved IP address already configured on the NAT gateway resource
target_subnet - Target or destination subnet of the NAT gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on the packets destination IP address. If none is provided, rule will match any address.
target_port_range - Target port range of the NAT gateway rule. For SNAT rules it specifies which packets this translation rule applies to based on destination port. If none is provided, rule will match any port
start
end
- (Optional) Existing snapshot's location.
size - (Optional) The size of the snapshot to look for.
- Human readable description
licence_type - OS type of this Snapshot
location - Location of that image/snapshot
size - The size of the image in GB
sec_auth_protection - Boolean value representing if the snapshot requires extra protection e.g. two factor protection
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
cpu_hot_unplug - Is capable of CPU hot unplug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
ram_hot_unplug - Is capable of memory hot unplug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required). This works only for non-Windows virtual Machines.
disc_scsi_hot_plug - Is capable of SCSI drive hot plug (no reboot required)
disc_scsi_hot_unplug - Is capable of SCSI drive hot unplug (no reboot required). This works only for non-Windows virtual Machines.
require_legacy_bios - Indicates if the image requires the legacy BIOS for compatibility or specific needs.
- The volume type: HDD or SSD.
bus - The bus type of the volume: VIRTIO or IDE.
size - The size of the volume in GB.
ssh_key_path - List of paths to files containing a public SSH key that will be injected into IonosCloud provided Linux images. Also accepts ssh keys directly.
sshkey - The associated public SSH key.
image_password - Required if sshkey_path is not provided.
image - The image or snapshot UUID.
licence_type - The type of the licence.
availability_zone - The storage availability zone assigned to the volume: AUTO, ZONE_1, ZONE_2, or ZONE_3. This property is immutable.
user_data - The cloud-init configuration for the volume as base64 encoded string. The property is immutable and is only allowed to be set on a new volume creation. This option will work only with cloud-init compatible images.
backup_unit_id- The uuid of the Backup Unit that user has access to. The property is immutable and is only allowed to be set on a new volume creation. It is mandatory to provide either 'public image' or 'imageAlias' in conjunction with this property.
device_number - The LUN ID of the storage volume. Null for volumes not mounted to any VM
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required). This works only for non-Windows virtual Machines.
boot_server - The UUID of the attached server.
expose_serial - If set to true will expose the serial id of the disk attached to the server. If set to false will not expose the serial id. Some operating systems or software solutions require the serial id to be exposed to work properly. Exposing the serial can influence licensed software (e.g. Windows) behavior
require_legacy_bios - Indicates if the image requires the legacy BIOS for compatibility or specific needs.
- (Optional)[string] The value must be supplied as ISO 8601 timestamp
credentials - (Computed)[map]
username - (Computed)[string] The username of the container registry token
password - (Computed)[string] The password/token of the container registry token which will also be saved to a file if save_password_to_file is set
data "ionoscloud_vpn_wireguard_peer" "example" {
location = "de/fra"
gateway_id = "example-gateway"
name = "example-peer"
}
output "vpn_wireguard_peer_public_key" {
value = data.vpn_wireguard_peer.example.public_key
}
as the
template
.
href - Absolute URL to the resource's representation
type - Type of resource
id - Unique identifier for the resource
location - Location of the datacenter. This location is the same as the one from the selected template.
max_replica_count - Maximum replica count value for targetReplicaCount. Will be enforced for both automatic and manual changes.
min_replica_count - Minimum replica count value for targetReplicaCount. Will be enforced for both automatic and manual changes.
policy - Specifies the behavior of this Autoscaling Group. A policy consists of Triggers and Actions, whereby an Action is some kind of automated behavior, and a Trigger is defined by the circumstances under which the Action is triggered. Currently, two separate Actions, namely Scaling In and Out are supported, triggered through Thresholds defined on a given Metric.
metric - The Metric that should trigger Scaling Actions. The values of the Metric are checked in fixed intervals.
range - Defines the range of time from which samples will be aggregated. Default is 120s. Note that when you set it to values like 5m the API will automatically transform it in PT5M, so the plan will show you a diff in state that should be ignored.
scale_in_action - Specifies the Action to take when the scaleInThreshold
amount - When amountType == ABSOLUTE, this is the number of VMs added or removed in one step. When amountType == PERCENTAGE, this is a percentage value, which will be applied to the Autoscaling Group's current targetReplicaCount in order to derive the number of VMs that will be added or removed in one step. There will always be at least one VM added or removed.
scale_in_threshold - A lower threshold on the value of metric. Will be used with less than (<) operator. Exceeding this will start a Scale-In Action as specified by the scaleInAction property. The value must have a higher minimum delta to the scaleOutThreshold depending on the metric to avoid competitive actions at the same time.
scale_out_action - Specifies the action to take when the scaleOutThreshold is exceeded. Hereby, scaling out is always about adding new VMs to this autoscaling group
amount - When amountType == ABSOLUTE, this is the number of VMs added or removed in one step. When amountType == PERCENTAGE, this is a percentage value, which will be applied to the Autoscaling Group's current targetReplicaCount
scale_out_threshold - The upper threshold for the value of the metric. Used with the greater than (>) operator. A scale-out action is triggered when this value is exceeded, specified by the scaleOutAction property. The value must have a lower minimum delta to the scaleInThreshold, depending on the metric, to avoid competing for actions simultaneously. If properties.policy.unit=TOTAL, a value >= 40 must be chosen.
unit - Specifies the Action to take when the scaleInThreshold is exceeded. Hereby, scaling in is always about removing VMs that are currently associated with this Autoscaling Group.
template - VMs for this Autoscaling Group will be created using this Template.
href - Absolute URL to the resource's representation
type - Type of resource
id - Unique identifier for the resource
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing server that you want to search for.
id - (Optional) ID of the server you want to search for.
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
template_uuid - The UUID of the template for creating a CUBE server; the available templates for CUBE servers can be found on the templates resource
id - The id of that resource
name - The name of that resource
hostname - The hostname of the server
type - Server usages: CUBE
vm_state- Status of the virtual Machine
datacenter_id - The id of the datacenter
availability_zone - The availability zone in which the server should exist
vm_state - Status of the virtual Machine
boot_cdrom
ram
cores
boot_volume
boot_image
token
cdroms - list of
id - Id of the attached cdrom
name - The name of the attached cdrom
volumes - list of
id - Id of the attached volume
name - Name of the attached volume
nics - list of
id - Id of the attached nic
name - Name of the attached nid
security_groups_ids - The list of Security Group IDs for the resource.
name - (Optional) Name of an existing cluster that you want to search for.
id - (Optional) ID of the cluster you want to search for.
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - id of the cluster
name - name of the cluster
k8s_version - Kubernetes version
maintenance_window - A maintenance window comprise of a day of the week and a time for maintenance to be allowed
time - A clock time in the day when maintenance is allowed
day_of_the_week
available_upgrade_versions - A list of available versions for upgrading the cluster
viable_node_pool_versions - A list of versions that may be used for node pools under this cluster
state - one of "AVAILABLE", "INACTIVE", "BUSY", "DEPLOYING", "ACTIVE", "FAILED", "SUSPENDED", "FAILED_SUSPENDED", "UPDATING", "FAILED_UPDATING", "DESTROYING", "FAILED_DESTROYING", "TERMINATED"
node_pools - list of the IDs of the node pools in this cluster
api_subnet_allow_list - access to the K8s API server is restricted to these CIDRs
public - indicates if the cluster is public or private.
nat_gateway_ip - the NAT gateway IP of the cluster if the cluster is private.
node_subnet - the node subnet of the cluster, if the cluster is private.
location - this attribute is mandatory if the cluster is private.
s3_buckets - list of IONOS Object Storage bucket configured for K8s usage
kube_config - Kubernetes configuration
config - structured kubernetes config consisting of a list with 1 item with the following fields:
api_version - Kubernetes API Version
kind - "Config"
user_tokens - a convenience map to be search the token of a specific user
key - is the user name
value - is the token
server - cluster server (same as config[0].clusters[0].cluster.server but provided as an attribute for ease of use)
ca_crt - base64 decoded cluster certificate authority data (provided as an attribute for direct use)
NOTE: The whole config node is marked as sensitive.
Example of accessing a kubernetes cluster using the user's token
Example of accessing a kubernetes cluster using the token from the config
Example of dumping the kube_config raw data into a yaml file
NOTE: Dumping kube_config data into files poses a security risk.
NOTE: Using sensitive_content for local_file does not show the data written to the file during the plan phase.
Argument Reference
The following arguments are supported:
datacenter_id - (Required)[string] ID of the datacenter.
name - (Required)[string] The name of the Application Load Balancer.
listener_lan - (Required)[int] ID of the listening (inbound) LAN.
ips - (Optional)[set] Collection of the Application Load Balancer IP addresses. (Inbound and outbound) IPs of the listenerLan are customer-reserved public IPs for the public Load Balancers, and private IPs for the private Load Balancers.
target_lan - (Required)[int] ID of the balanced private target LAN (outbound).
lb_private_ips - (Optional)[set] Collection of private IP addresses with the subnet mask of the Application Load Balancer. IPs must contain valid a subnet mask. If no IP is provided, the system will generate an IP with /24 subnet.
central_logging - (Optional)[bool] Turn logging on and off for this product. Default value is 'false'.
logging_lormat - (Optional)[string] Specifies the format of the logs.
flowlog - (Optional)[list] Only 1 flow log can be configured. Only the name field can change as part of an update. Flow logs holistically capture network information such as source and destination IP addresses, source and destination ports, number of packets, amount of bytes, the start and end time of the recording, and the type of protocol – and log the extent to which your instances are being accessed.
action - (Required)[string] Specifies the action to be taken when the rule is matched. Possible values: ACCEPTED, REJECTED, ALL. Immutable, forces re-creation.
⚠️ Note: Removing the flowlog forces re-creation of the application load balancer resource.
Import
Resource Application Load Balancer can be imported using the resource id and datacenter id, e.g.
name - (Optional) Name of an existing node pool that you want to search for.
id - (Optional) ID of the node pool you want to search for.
k8s_cluster_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - id of the node pool
name - name of the node pool
k8s_cluster_id - ID of the cluster this node pool is part of
datacenter_id - The UUID of the VDC
state - one of "AVAILABLE", "INACTIVE", "BUSY", "DEPLOYING", "ACTIVE", "FAILED", "SUSPENDED", "FAILED_SUSPENDED", "UPDATING", "FAILED_UPDATING", "DESTROYING", "FAILED_DESTROYING", "TERMINATED"
node_count - The number of nodes in this node pool
cpu_family - CPU Family
server_type - The server type for the compute engine
cores_count - CPU cores count
ram_size - The amount of RAM in MB
availability_zone - The compute availability zone in which the nodes should exist
storage_type - HDD or SDD
storage_size - The size of the volume in GB. The size should be greater than 10GB.
k8s_version - The kubernetes version
maintenance_window - A maintenance window comprise of a day of the week and a time for maintenance to be allowed
time - A clock time in the day when maintenance is allowed
day_of_the_week
auto_scaling - The range defining the minimum and maximum number of worker nodes that the managed node group can scale in
min_node_count - The minimum number of worker nodes the node pool can scale down to
lans - A list of Local Area Networks the node pool is a part of
id - The LAN ID of an existing LAN at the related datacenter
dhcp
labels - A map of labels in the form of key -> value
annotations - A map of annotations in the form of key -> value
available_upgrade_versions - A list of kubernetes versions available for upgrade
public_ips - The list of fixed IPs associated with this node pool
By Id
By Name
By Name with Partial Match
Argument Reference
id - (Optional) ID of the target group you want to search for.
name - (Optional) Name of an existing target group that you want to search for. Search by name is case-insensitive. The whole resource name is required if partial_match parameter is not set to true.
partial_match - (Optional) Whether partial matching is allowed or not when using name argument. Default value is false.
Either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The Id of that Target group
name - The name of that Target Group.
algorithm - Balancing algorithm.
protocol - Balancing protocol.
protocol_version - The forwarding protocol version. Value is ignored when protocol is not 'HTTP'.
targets - Array of items in the collection
ip - The IP of the balanced target VM.
port
health_check - Health check attributes for Target Group.
check_timeout - The maximum time in milliseconds to wait for a target to respond to a check. For target VMs with 'Check Interval' set, the lesser of the two values is used once the TCP connection is established.
http_health_check - Http health check attributes for Target Group
path - The path (destination URL) for the HTTP health check request; the default is /.
method
By ID
By name
Argument reference
location - (Optional)[string] The location of the Logging pipeline. Default: de/txl, other available locations: de/fra, de/fra/2, de/txl, es/vit, gb/bhx, gb/lhr, fr/par, us/mci.
id - (Optional)[string] The ID of the Logging pipeline you want to search for.
name - (Optional)[string] The name of the Logging pipeline you want to search for.
Either id or name must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The UUID of the Logging pipeline.
name - The name of the Logging pipeline.
grafana_address - The Grafana address is where user can access their logs, create dashboards, and set up alerts.
tcp_address - The TCP address of the pipeline. This is the address to which logs are sent using the TCP protocol.
http_address - The HTTP address of the pipeline. This is the address to which logs are sent using the HTTP protocol.
log - [list] Pipeline logs, a list that contains elements with the following structure:
source - [string] The source parser to be used.
tag
By id
By display_name
Argument Reference
id - (Optional) The ID of the InMemoryDB Replica Set.
display_name - (Optional) The display name of the InMemoryDB Replica Set.
location - (Optional) The location of the InMemoryDB Replica Set. Available locations: de/fra, de/fra/2, de/txl, es/vit, gb/bhx, gb/lhr, us/ewr, us/las, us/mci, fr/par
Note: Either id or display_name must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
dns_name - [string] The DNS name pointing to your replica set. Will be used to connect to the active/standalone instance.
connections - [object] The network connection for your replica set. Only one connection is allowed. It includes:
cidr - [string] The IP and subnet for your instance. Note the following unavailable IP ranges: 10.233.64.0/18, 10.233.0.0/18, 10.233.114.0/24.
datacenter_id - [string] The datacenter to connect your instance to.
lan_id - [string] The numeric LAN ID to connect your instance to.
credentials - [object] Credentials for the InMemoryDB replicaset, only one type of password can be used since they are mutually exclusive. It includes:
username - [string] The username for the initial InMemoryDB user. Some system usernames are restricted (e.g. 'admin', 'standby').
eviction_policy - [string] The eviction policy for the replica set, possible values are:
noeviction - No eviction policy is used. InMemoryDB will never remove any data. If the memory limit is reached, an error will be returned on write operations.
allkeys-lru
maintenance_window - A weekly 4 hour-long window, during which maintenance might occur. It includes:
time - [string] Start of the maintenance window in UTC time.
day_of_the_week - [string] The name of the week day.
persistence_mode - [string] Specifies How and If data is persisted, possible values are:
None - Data is inMemory only and will not be persisted. Useful for cache only applications.
AOF - (Append Only File) AOF persistence logs every write operation received by the server. These operations can then be replayed again at server startup, reconstructing the original dataset. Commands are logged using the same format as the InMemoryDB protocol itself.
version - [string] The InMemoryDB version of your replica set.
replicas - [int] The total number of replicas in the replica set (one active and n-1 passive). In case of a standalone instance, the value is 1. In all other cases, the value is > 1. The replicas will not be available as read replicas, they are only standby for a failure of the active instance.
resources - [object] The resources of the individual replicas. It includes:
cores - [int] The number of CPU cores per instance.
ram - [int] The amount of memory per instance in gigabytes (GB).
name - (Optional) Name of an existing network load balancer forwarding rule that you want to search for.
id - (Optional) ID of the network load balancer forwarding rule you want to search for.
Both datacenter_id and networkloadbalancer_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of that Network Load Balancer forwarding rule.
name - The name of that Network Load Balancer forwarding rule.
algorithm - Algorithm for the balancing.
protocol - Protocol of the balancing.
listener_ip - Listening IP. (inbound)
listener_port - Listening port number. (inbound) (range: 1 to 65535)
health_check - Health check attributes for Network Load Balancer forwarding rule.
client_timeout - ClientTimeout is expressed in milliseconds. This inactivity timeout applies when the client is expected to acknowledge or send data. If unset the default of 50 seconds will be used.
targets - Array of items in that collection.
ip - IP of a balanced target VM.
port
ionoscloud_certificate
Get Information on a certificate
The Certificate data source can be used to search for and return an existing certificate. You can provide a string for either id or name parameters which will be compared with provisioned certificates. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
The following arguments are supported:
name - (Optional) Name of an existing certificate that you want to search for.
id - (Optional) ID of the certificate you want to search for.
Either name or id must be provided, or both. If none are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the certificate.
name - The name of the certificate.
certificate - Certificate body.
ionoscloud_cube_server
Creates and manages IonosCloud Cube Server objects.
A is a Virtual Machine (VM) with an attached NVMe Volume. You can use each newly created Cube as a new VM, either standalone or in combination with other IONOS Cloud products.
Check out
Example Usage
This resource will create an operational server. After this section completes, the provisioner can be called.
ionoscloud_nsg
Get information on a IonosCloud Network Security Group
The NSG Data source can be used to search for and return an existing security group. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_firewall
Get Information on a IonosCloud Firewall
The Firewall data source can be used to search for and return an existing FirewallRules. You can provide a string for either id or name parameters which will be compared with provisioned Firewall Rules. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_vpn_ipsec_gateway
Reads IonosCloud VPN IPSec Gateway objects.
The VPN IPSec Gateway data source can be used to search for and return an existing IPSec Gateway. You can provide a string for the name parameter which will be compared with provisioned IPSec Gateways. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_monitoring_pipeline
Get information on a Monitoring pipeline.
The Monitoring pipeline datasource can be used to search for and return an existing Monitoring pipeline. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned.
⚠️ Only tokens are accepted for authorization in the monitoring_pipeline data source. Please ensure you are using tokens as other methods will not be valid.
Example Usage
data "ionoscloud_autoscaling_group" "autoscaling_group" {
id = "autoscaling_group_uuid"
}
data "ionoscloud_autoscaling_group" "autoscaling_group" {
name = "test_ds"
}
data "ionoscloud_cube_server" "example" {
datacenter_id = "datacenter_id"
id = "server_id"
}
data "ionoscloud_cube_server" "example" {
datacenter_id = "datacenter_id"
name = "Server Example"
}
data "ionoscloud_k8s_cluster" "example" {
id = "cluster_id"
}
data "ionoscloud_k8s_cluster" "example" {
name = "K8s Cluster Example"
}
resource "ionoscloud_k8s_cluster" "test" {
name = "test_cluster"
maintenance_window {
day_of_the_week = "Saturday"
time = "03:58:25Z"
}
}
data "ionoscloud_k8s_cluster" "test" {
name = "test_cluster"
}
provider "kubernetes" {
host = data.ionoscloud_k8s_cluster.test.server
token = data.ionoscloud_k8s_cluster.test.user_tokens["cluster-admin"]
}
resource "ionoscloud_k8s_cluster" "test" {
name = "test_cluster"
maintenance_window {
day_of_the_week = "Saturday"
time = "03:58:25Z"
}
}
data "ionoscloud_k8s_cluster" "test" {
name = "test_cluster"
}
provider "kubernetes" {
host = data.ionoscloud_k8s_cluster.test.config[0].clusters[0].cluster.server
token = data.ionoscloud_k8s_cluster.test.config[0].users[0].user.token
}
data "ionoscloud_k8s_cluster" "k8s_cluster_example" {
name = "k8s-demo"
}
resource "local_file" "kubeconfig" {
sensitive_content = yamlencode(jsondecode(data.ionoscloud_k8s_cluster.k8s_cluster_example.kube_config))
filename = "kubeconfig.yaml"
}
data "ionoscloud_networkloadbalancer_forwardingrule" "example" {
datacenter_id = "datacenter_id"
networkloadbalancer_id = "networkloadbalancer_id"
id = "networkloadbalancer_forwardingrule_id"
}
data "ionoscloud_networkloadbalancer_forwardingrule" "example" {
datacenter_id = "datacenter_id"
networkloadbalancer_id = "networkloadbalancer_id"
name = "Network Load Balancer Forwarding Rule Example"
}
amount_type - The type for the given amount. Possible values are: [ABSOLUTE, PERCENTAGE].
cooldown_period - Minimum time to pass after this Scaling Action has started, until the next Scaling Action will be started. Additionally, if a Scaling Action is currently in progress, no second Scaling Action will be started for the same Autoscaling Group. Instead, the Metric will be re-evaluated after the current Scaling Action completed (either successful or with failures). Note that when you set it to values like 5m the API will automatically transform it in PT5M, so the plan will show you a diff in state that should be ignored.
in order to derive the number of VMs that will be added or removed in one step. There will always be at least one VM added or removed.
amount_type - The type for the given amount. Possible values are: [ABSOLUTE, PERCENTAGE].
cooldown_period - Minimum time to pass after this Scaling Action has started, until the next Scaling Action will be started. Additionally, if a Scaling Action is currently in progress, no second Scaling Action will be started for the same Autoscaling Group. Instead, the Metric will be re-evaluated after the current Scaling Action completed (either successful or with failures). Note that when you set it to values like 5m the API will automatically transform it in PT5M, so the plan will show you a diff in state that should be ignored.
description - Description of cdrom
location - Location of that image/snapshot
size - The size of the image in GB
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
cpu_hot_unplug - Is capable of CPU hot unplug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
ram_hot_unplug - Is capable of memory hot unplug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
disc_scsi_hot_plug - Is capable of SCSI drive hot plug (no reboot required)
disc_scsi_hot_unplug - Is capable of SCSI drive hot unplug (no reboot required)
licence_type - OS type of this Image
image_type - Type of image
image_aliases - List of image aliases mapped for this Image
public - Indicates if the image is part of the public repository or not
image_aliases - List of image aliases mapped for this Image
cloud_init - Cloud init compatibility
type - Hardware type of the volume.
availability_zone - The availability zone in which the volume should exist
image - Image or snapshot ID to be used as template for this volume
image_password - Initial password to be set for installed OS
ssh_keys - Public SSH keys are set on the image as authorized keys for appropriate SSH login to the instance using the corresponding private key
bus - The bus type of the volume
licence_type - OS type of this volume
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
device_number - The Logical Unit Number of the storage volume
pci_slot - The PCI slot number of the storage volume
backup_unit_id - The uuid of the Backup Unit that user has access to
user_data - The cloud-init configuration for the volume as base64 encoded string
require_legacy_bios - Indicates if the image requires the legacy BIOS for compatibility or specific needs.
mac - The MAC address of the NIC
ips - Collection of IP addresses assigned to a nic
dhcp - Indicates if the nic will reserve an IP using DHCP
lan - The LAN ID the NIC will sit on
firewall_active - Activate or deactivate the firewall
firewall_type - The type of firewall rules that will be allowed on the NIC
device_number - The Logical Unit Number (LUN) of the storage volume
pci_slot - The PCI slot number of the Nic
firewall_rules - list of
id - Id of the firewall rule
name - Name of the firewall rule
protocol - he protocol for the rule
source_mac - Only traffic originating from the respective MAC address is allowed
source_ip - Only traffic originating from the respective IPv4 address is allowed. Value null allows all source IPs
target_ip - In case the target NIC has multiple IP addresses, only traffic directed to the respective IP address of the NIC is allowed
icmp_code - Defines the allowed code (from 0 to 254) if protocol ICMP is chosen
icmp_type - Defines the allowed type (from 0 to 254) if the protocol ICMP is chosen
port_range_start - Defines the start range of the allowed port (from 1 to 65534) if protocol TCP or UDP is chosen
port_range_end - Defines the end range of the allowed port (from 1 to 65534) if the protocol TCP or UDP is chosen
type - The type of firewall rule
- Day of the week when maintenance is allowed
current-context - string
clusters - list of
name - name of cluster
cluster - map of
certificate-authority-data - base64 decoded cluster CA data
server - server address in the form https://host:port
contexts - list of
name - context name
context - map of
cluster - cluster name
user - cluster user
users - list of
name - user name
user - map of
token - user token used for authentication
bucket - (Required)[string] Specifies the IONOS Object Storage bucket where the flow log data will be stored. The bucket must exist. Immutable, forces re-creation.
direction - (Required)[string] Specifies the traffic direction pattern. Valid values: INGRESS, EGRESS, BIDIRECTIONAL. Immutable, forces re-creation.
name - (Required)[string] Specifies the name of the flow log.
- Day of the week when maintenance is allowed
max_node_count
- The maximum number of worker nodes that the node pool can scale to
- Indicates if the Kubernetes Node Pool LAN will reserve an IP using DHCP
routes - An array of additional LANs attached to worker nodes
network - IPv4 or IPv6 CIDR to be routed via the interface
gateway_ip - IPv4 or IPv6 Gateway IP for the route
- The port of the balanced target service; valid range is 1 to 65535.
weight - Traffic is distributed in proportion to target weight, relative to the combined weight of all targets. A target with higher weight receives a greater share of traffic. Valid range is 0 to 256 and default is 1; targets with weight of 0 do not participate in load balancing but still accept persistent connections. It is best use values in the middle of the range to leave room for later adjustments.
proxy_protocol - The proxy protocol version.
health_check_enabled - Makes the target available only if it accepts periodic health check TCP connection attempts; when turned off, the target is considered always available. The health check only consists of a connection attempt to the address and port of the target. Default is True.
maintenance_enabled - Maintenance mode prevents the target from receiving balanced traffic.
check_interval - The interval in milliseconds between consecutive health checks; default is 2000.
retries - The maximum number of attempts to reconnect to a target after a connection failure. Valid range is 0 to 65535, and default is three reconnection.
- The method for the HTTP health check.
match_type
response - The response returned by the request, depending on the match type.
regex
negate
- [string] The tag is used to distinguish different pipelines. Must be unique amongst the pipeline's array items.
protocol - [string] "Protocol to use as intake. Possible values are: http, tcp."
public - [bool]
destinations - [list] The configuration of the logs datastore, a list that contains elements with the following structure:
type - [string] The internal output stream to send logs to.
retention_in_days - [int] Defines the number of days a log record should be kept in loki. Works with loki destination type only.
- The least recently used keys will be removed first.
allkeys-lfu - The least frequently used keys will be removed first.
allkeys-random - Random keys will be removed.
volatile-lru - The least recently used keys will be removed first, but only among keys with the expire field set to true.
volatile-lfu - The least frequently used keys will be removed first, but only among keys with the expire field set to true.
volatile-random - Random keys will be removed, but only among keys with the expire field set to true.
volatile-ttl - The key with the nearest time to live will be removed first, but only among keys with the expire field set to true.
RDB - RDB persistence performs snapshots of the current in memory state.
RDB_AOF - Both, RDB and AOF persistence are enabled.
storage - [int] The size of the storage in GB. The size is derived from the amount of RAM and the persistence mode and is not configurable.
connect_timeout - It specifies the maximum time (in milliseconds) to wait for a connection attempt to a target VM to succeed. If unset, the default of 5 seconds will be used.
target_timeout - TargetTimeout specifies the maximum inactivity time (in milliseconds) on the target VM side. If unset, the default of 50 seconds will be used.
retries - Retries specifies the number of retries to perform on a target VM after a connection failure. If unset, the default value of 3 will be used.
- Port of the balanced target service. (range: 1 to 65535).
weight - Weight parameter is used to adjust the target VM's weight relative to other target VMs.
proxy_protocol - The proxy protocol version.
health_check - Health check attributes for Network Load Balancer forwarding rule target.
check - Check specifies whether the target VM's health is checked.
check_interval - CheckInterval determines the duration (in milliseconds) between consecutive health checks. If unspecified a default of 2000 ms is used.
maintenance - Maintenance specifies if a target VM should be marked as down, even if it is not.
certificate_chain - Certificate chain.
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
id - (Optional) Id of an existing Network Security Group that you want to search for.
name - (Optional) Name of an existing Network Security Group that you want to search for.
Either name, or id must be provided. If none, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
datacenter_id - UUID of the Virtual Data Center
id - UUID of the Network Security Group
name - The name of the Network Security Group
description - Description for the Network Security Group
rule_ids - List of IDs for the Firewall Rules attached to this group
rules - List of Firewall Rule objects attached to this group
By ID
By Name
Argument Reference
The following arguments are supported:
name - (Optional) Name of an existing firewall rule that you want to search for.
id - (Optional) ID of the firewall rule you want to search for.
datacenter_id - (Required) The Virtual Data Center ID.
server_id - (Required) The Server ID.
nic_id - (Required) The NIC ID.
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the firewall rule.
name - The name of the firewall rule.
protocol - The protocol for the rule: TCP, UDP, ICMP, ANY. This property is immutable.
source_mac - Only traffic originating from the respective MAC address is allowed.
source_ip - Only traffic originating from the respective IPv4 address is allowed.
target_ip - Only traffic directed to the respective IP address of the NIC is allowed.
port_range_start - Defines the start range of the allowed port (from 1 to 65534) if protocol TCP or UDP is chosen.
port_range_end - Defines the end range of the allowed port (from 1 to 65534) if the protocol TCP or UDP is chosen.
icmp_type - Defines the allowed type (from 0 to 254) if the protocol ICMP is chosen.
icmp_code - Defines the allowed code (from 0 to 254) if protocol ICMP is chosen.
By ID
By name
Argument reference
location - (Optional)[string] The location of the Monitoring pipeline. Default is de/fra. It can be one of de/fra, de/txl, gb/lhr, es/vit, fr/par. If this is not set and if no value is provided for the IONOS_API_URL env var, the default location will be: de/fra.
id - (Optional)[string] The ID of the Monitoring pipeline you want to search for.
name - (Optional)[string] The name of the Monitoring pipeline you want to search for.
Either id or name must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The UUID of the Monitoring pipeline.
name - The name of the Monitoring pipeline.
grafana_address - The endpoint of the Grafana instance.
http_endpoint- The HTTP endpoint of the Monitoring instance.
data "ionoscloud_certificate" "example" {
id = "certificate_id"
}
data "ionoscloud_certificate" "example" {
name = "Certificate Name Example"
}
data "ionoscloud_nsg" "example" {
datacenter_id = ionoscloud_datacenter.example.id
id = nsg_id
}
data "ionoscloud_nsg" "example" {
datacenter_id = ionoscloud_datacenter.example.id
name = "NSG Example"
}
data "ionoscloud_firewall" "example" {
datacenter_id = "datacenter_id"
server_id = "server_id"
nic_id = "nic_id"
id = "firewall_id"
}
data "ionoscloud_firewall" "example" {
datacenter_id = "datacenter_id"
server_id = "server_id"
nic_id = "nic_id"
name = "test_ds_firewall_rule"
}
data "ionoscloud_monitoring_pipeline" "example" {
location = "de/txl"
id = "pipeline_id"
}
data "ionoscloud_monitoring_pipeline" "example" {
location = "de/txl"
name = "pipeline_name"
}
CUBE Server
With IPv6 Enabled
Argument reference
template_uuid - (Required)[string] The UUID of the template for creating a CUBE server; the available templates for CUBE servers can be found on the templates resource
name - (Required)[string] The name of the server.
datacenter_id - (Required)[string] The ID of a Virtual Data Center.
hostname - (Optional)(Computed) The hostname of the resource. Allowed characters are a-z, 0-9 and - (minus). Hostname should not start with minus and should not be longer than 63 characters. If no value provided explicitly, it will be populated with the name of the server
image_name - (Optional)[string] The name, ID or alias of the image. May also be a snapshot ID. It is required if licence_type is not provided. Attribute is immutable.
availability_zone - (Optional)[string] The availability zone in which the server should exist. This property is immutable.
licence_type - (Optional)[string] Sets the OS type of the server.
vm_state - (Optional)[string] Sets the power state of the cube server. E.g: RUNNING or SUSPENDED.
volume - (Required) See the section.
nic - (Required) See the section.
boot_volume - (Computed) The associated boot volume.
boot_cdrom - DEPRECATED Please refer to (Optional)[string] The associated boot drive, if any. Must be the UUID of a bootable CDROM image that can be retrieved using the data source.
boot_image - (Optional)[string] The image or snapshot UUID / name. May also be an image alias. It is required if licence_type is not provided.
primary_nic - (Computed) The associated NIC.
primary_ip - (Computed) The associated IP address.
firewallrule_id - (Computed) The associated firewall rule.
ssh_key_path - (Optional)[list] List of paths to files containing a public SSH key that will be injected into IonosCloud provided Linux images. Required for IonosCloud Linux images. Required if image_password is not provided.
image_password - (Optional)[string] Required if ssh_key_path is not provided.
security_groups_ids - (Optional) The list of Security Group IDs for the resource.
allow_replace - (Optional)[bool] When set to true, allows the update of immutable fields by first destroying and then re-creating the server.
⚠️ Warning: allow_replace - lets you update immutable fields, but it first destroys and then re-creates the server in order to do it. This field should be used with care, understanding the risks.
⚠ WARNING
Image_name under volume level is deprecated, please use image_name under server level
⚠ WARNING
For creating a CUBE server, you can not set volume.size argument.
Import
Resource Server can be imported using the resource id and the datacenter id, e.g.
Notes
Please note that for any secondary volume, you need to set the licence_type property to UNKNOWN
Creates and manages IonosCloud Application Load Balancer Forwarding Rule.
Manages an Application Load Balancer Forwarding Rule on IonosCloud.
Example Usage
Argument Reference
The following arguments are supported:
datacenter_id - (Required)[string] The ID of a Virtual Data Center.
application_loadbalancer_id - (Required)[string] The ID of Application Load Balancer.
name
Import
Resource Application Load Balancer Forwarding Rule can be imported using the resource id, alb id and datacenter id, e.g.
ionoscloud_group
Get information on a Ionos Cloud Groups
The Group data source can be used to search for and return existing groups. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
By ID
By Name
Argument Reference
name - (Optional) Name of an existing group that you want to search for.
id - (Optional) ID of the group you want to search for.
get_users_data - (Optional) [Boolean] When set to true, information about users will be stored in state under
Either name or id must be provided. If none, or both are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the group.
name - A name for the group.
create_datacenter - The group will be allowed to create virtual data centers.
ionoscloud_datacenter
Creates and manages IonosCloud Virtual Data Center.
A single Network Security Group can be attached at any time to a Datacenter. To do this, use the ionoscloud_datacenter_nsg_selection and provide the IDs of the NSG and Datacenter to link them. Deleting the resource or setting the empty string for the nsg_id field will de-attach any previously linked NSG from the Datacenter.
Argument Reference
The following arguments are supported:
name - (Required)[string] The name of the Virtual Data Center.
location - (Required)[string] The regional location where the Virtual Data Center will be created. This argument is immutable. Available locations: de/fra, us/las, us/ewr, de/txl, gb/lhr
Import
Resource Datacenter can be imported using the resource id, e.g.
Auto-generate the datacenter resource in the dc.tf file using the following command:
The older syntax can be for importing the resource is still supported:
ionoscloud_server
Get information on a Ionos Cloud Servers
The Server data source can be used to search for and return existing servers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_vcpu_server
Get information on a Ionos Cloud VCPU Servers
The can be used to search for and return existing VCPU servers. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
Example Usage
ionoscloud_cdn_distribution
Get information on an CDN Distribution
The Distribution data source can be used to search for and return an existing Distributions. You can provide a string for the domain parameter which will be compared with provisioned Distributions. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search and make sure that your resources have unique domains.
Example Usage
ionoscloud_object_storage_region
Get information on a IonosCloud Object Storage Region
The Object storage region data source can be used to search for and return an existing S3 Regions.
Example Usage
ionoscloud_s3_object
Get information about IONOS Object Storage Objects.
The Object data source can be used to search for and return existing objects. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned. When this happens, please refine your search string so that it is specific enough to return only one result.
⚠️ Note: The Terraform provider only supports contract-owned buckets. User-owned buckets are not supported, and there are no plans to introduce support for them. As a result, user-owned buckets cannot be created, updated, deleted, read, or imported using this provider.
Example Usage
data "ionoscloud_template" "example" {
name = "Basic Cube XS"
}
resource "ionoscloud_datacenter" "example" {
name = "Datacenter Example"
location = "de/txl"
}
resource "ionoscloud_lan" "example" {
datacenter_id = ionoscloud_datacenter.example.id
public = true
name = "Lan Example"
}
resource "ionoscloud_cube_server" "example" {
name = "Server Example"
image_name = "ubuntu:latest"
template_uuid = data.ionoscloud_template.example.id
image_password = random_password.server_image_password.result
datacenter_id = ionoscloud_datacenter.example.id
volume {
name = "Volume Example"
licence_type = "LINUX"
disk_type = "DAS"
}
nic {
lan = ionoscloud_lan.example.id
name = "Nic Example"
dhcp = true
firewall_active = true
}
}
resource "random_password" "server_image_password" {
length = 16
special = false
}
ipv4_cidr - The VPN Gateway IPv4 address in CIDR notation. This is the private gateway address for LAN clients to route traffic over the VPN Gateway, this should be within the subnet already assigned to the LAN.
ipv6_cidr - The VPN Gateway IPv6 address in CIDR notation. This is the private gateway address for LAN clients to route traffic over the VPN Gateway, this should be within the subnet already assigned to the LAN.
create_snapshot - The group will be allowed to create snapshots.
reserve_ip - The group will be allowed to reserve IP addresses.
access_activity_log - The group will be allowed to access the activity log.
create_pcc - The group will be allowed to create Cross Connects privilege.
s3_privilege - The group will have S3 privilege.
create_backup_unit - The group will be allowed to create backup unit privilege.
create_internet_access - The group will be allowed to create internet access privilege.
create_k8s_cluster - The group will be allowed to create kubernetes cluster privilege.
create_flow_log - The group will be allowed to create flow log.
access_and_manage_monitoring The group will be allowed to access and manage monitoring.
access_and_manage_certificates - The group will be allowed to access and manage certificates.
access_and_manage_dns - The group will be allowed to access and manage dns records.
manage_registry - The group will be allowed to access container registry related functionality.
manage_dataplatform - The group will be allowed to access and manage the Data Platform.
access_and_manage_logging - The group will be allowed to access and manage logging.
access_and_manage_cdn - The group will be allowed to access and manage cdn.
access_and_manage_vpn - The group will be allowed to access and manage vpn.
access_and_manage_api_gateway - The group will be allowed to access and manage api gateway.
access_and_manage_kaas - The group will be allowed to access and manage kaas.
access_and_manage_network_file_storage - The group will be allowed to access and manage network file storage.
access_and_manage_ai_model_hub - The group will be allowed to access and manage ai model hub.
access_and_manage_iam_resources - The group will be allowed to access and manage iam resources.
create_network_security_groups - The group will be allowed to create network security groups.
manage_dbaas - Privilege for a group to manage DBaaS related functionality.
users - List of users in group.
,
gb/bhx
,
es/vit
,
fr/par
,
us/mci
,
de/fra/2
description - (Optional)[string] Description for the Virtual Data Center.
sec_auth_protection - (Optional) [bool] Boolean value representing if the data center requires extra protection e.g. two factor protection
version - (Computed) The version of that Data Center. Gets incremented with every change
features - (Computed) List of features supported by the location this data center is part of
ipv6_cidr_block - (Computed) The automatically-assigned /56 IPv6 CIDR block if IPv6 is enabled on this virtual data center
cpu_architecture - (Computed) Array of features and CPU families available in a location
cpu_family - A valid CPU family name
max_cores - The maximum number of cores available
max_ram - The maximum number of RAM in MB
vendor - A valid CPU vendor name
Argument Reference
The following arguments are supported:
bucket - (Required)[string] The name of the bucket where the object is stored.
key - (Required)[string] The name of the object.
version_id - (Optional)[string] The version of the object.
range - (Optional)[string] Downloads the specified range bytes of an object. For more information about the HTTP Range header
Attributes Reference
The following attributes are returned by the datasource:
body - The content of the object.
cache_control - The caching behavior along the request/reply chain.
content_length - The size of the object in bytes.
content_disposition - Presentational information for the object.
content_encoding - The content encodings applied to the object.
content_language - The natural language of the intended audience for the object.
content_type - The MIME type describing the format of the contents.
expires - The date and time at which the object is no longer cacheable.
server_side_encryption - The server-side encryption algorithm used when storing this object.
storage_class - The storage class of the object.
website_redirect - If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL.
server_side_encryption_customer_algorithm - The algorithm to use for encrypting the object (e.g., AES256).
server_side_encryption_customer_key - The 256-bit, base64-encoded encryption key to encrypt and decrypt your data. This attribute is sensitive.
server_side_encryption_customer_key_md5 - The 128-bit MD5 digest of the encryption key.
server_side_encryption_context - The encryption context to use for object encryption. This attribute is sensitive.
request_payer - Confirms that the requester knows that they will be charged for the request.
object_lock_mode - The object lock mode, which can be either GOVERNANCE or COMPLIANCE.
object_lock_retain_until_date - The date until which the object will remain locked.
object_lock_legal_hold - The legal hold status of the object, which can be either ON or OFF.
etag - An entity tag (ETag) assigned by a web server to a specific version of a resource.
tags - The tag-set for the object, represented as a map of string key-value pairs.
metadata - A map of metadata stored with the object.
version_id - The version of the object. This attribute is optional.
data "ionoscloud_group" "example" {
id = "group_id"
}
data "ionoscloud_group" "example" {
name = "Group Example"
}
listener_port - (Required)[int] Listening (inbound) port number; valid range is 1 to 65535.
client_timeout - (Optional)[int] The maximum time in milliseconds to wait for the client to acknowledge or send data; default is 50,000 (50 seconds).
server_certificates - (Optional)[list] Array of certificate ids. You can create certificates with the certificate resource.
http_rules - (Optional)[list] Array of items in that collection
name - (Required)[string] The unique name of the Application Load Balancer HTTP rule.
type - (Required)[string] Type of the Http Rule.
target_group - (Optional)[string] The UUID of the target group; mandatory for FORWARD action.
drop_query - (Optional)[bool] Default is false; valid only for REDIRECT actions.
location - (Optional)[string] The location for redirecting; mandatory and valid only for REDIRECT actions.
status_code - (Optional)[int] Valid only for REDIRECT and STATIC actions. For REDIRECT actions, default is 301 and possible values are 301, 302, 303, 307, and 308. For STATIC actions, default is 503 and valid range is 200 to 599.
response_message - (Optional)[string] The response message of the request; mandatory for STATIC action.
content_type - (Optional)[string] Valid only for STATIC actions.
conditions - (Optional)[list] - An array of items in the collection.The action is only performed if each and every condition is met; if no conditions are set, the rule will always be performed.
type - (Required)[string] Type of the Http Rule condition.
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing server that you want to search for.
id - (Optional) ID of the server you want to search for.
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
template_uuid - The UUID of the template for creating a CUBE server; the available templates for CUBE servers can be found on the templates resource
hostname - The hostname of the resource.
id - The id of that resource
name - The name of that resource
type - Server usages: now named dedicated core, or
vm_state- Status of the virtual Machine
datacenter_id - The id of the datacenter
cores - The total number of cores for the server
cpu_family - CPU architecture on which server gets provisioned; not all CPU architectures are available in all datacenter regions; available CPU architectures can be retrieved from the datacenter resource.
ram - The amount of memory for the server in MB
availability_zone - The availability zone in which the server should exist
vm_state - Status of the virtual Machine
boot_cdrom
boot_volume
boot_image
token
cdroms - list of
id - Id of the attached cdrom
name
volumes - list of
id - Id of the attached volume
name
nics - list of
id - Id of the attached nic
name
labels - list of
id - The Id of the label
key
security_groups_ids - The list of Security Group IDs for the resource.
nic_multi_queue - Specifies whether the nic_multi_queue feature is enabled or not.
By ID
By Name
Argument Reference
datacenter_id - (Required) Datacenter's UUID.
name - (Optional) Name of an existing server that you want to search for.
id - (Optional) ID of the server you want to search for.
datacenter_id and either name or id must be provided. If none, or both of name and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of that resource
name - The name of that resource
hostname - The hostname of the server
type - The type of the server, should always be VCPU
vm_state- Status of the virtual Machine
datacenter_id - The id of the datacenter
cores - The total number of cores for the server
cpu_family - CPU architecture on which server gets provisioned; not all CPU architectures are available in all datacenter regions; available CPU architectures can be retrieved from the datacenter resource.
ram - The amount of memory for the server in MB
availability_zone - The availability zone in which the server should exist
vm_state - Status of the virtual Machine
boot_cdrom
boot_volume
boot_image
token
security_groups_ids - The list of Security Group IDs for the resource.
cdroms - list of
id - Id of the attached cdrom
name - The name of the attached cdrom
volumes - list of
id - Id of the attached volume
name - Name of the attached volume
nics - list of
id - Id of the attached nic
name - Name of the attached nid
labels - list of
id - The Id of the label
key - The key of the label
nic_multi_queue - Specifies whether the nic_multi_queue feature is enabled or not.
id - (Optional) ID of the distribution you want to search for.
domain - (Optional) Domain of an existing distribution that you want to search for. Search by domain is case-insensitive. The whole resource domain is required if partial_match parameter is not set to true.
partial_match - (Optional) Whether partial matching is allowed or not when using domain argument. Default value is false.
Either domain or id must be provided. If none, or both of domain and id are provided, the datasource will return an error.
Attributes Reference
The following attributes are returned by the datasource:
domain - The domain of the distribution.
certificate_id - The ID of the certificate to use for the distribution. You can create certificates with the certificate resource.
routing_rules - The routing rules for the distribution.
scheme - The scheme of the routing rule.
prefix - The prefix of the routing rule.
upstream - A map of properties for the rule
public_endpoint_v4 - IP of the distribution, it has to be included on the domain DNS Zone as A record.
public_endpoint_v6 - IP of the distribution, it has to be included on the domain DNS Zone as AAAA record.
resource_urn - Unique resource identifier.
By ID
Argument Reference
id - (Required) Id of an existing object storage Region that you want to search for.
Attributes Reference
The following attributes are returned by the datasource:
id - The id of the region
version - The version of the region properties
endpoint - The endpoint URL for the region
website - The website URL for the region
storage_classes - The available classes in the region
location - The data center location of the region as per . Can't be used as LocationConstraint on bucket creation.
capability - The capabilities of the region
iam - Indicates if IAM policy based access is supported
s3select - Indicates if S3 Select is supported
⚠ WARNING:IONOS_API_URL_OBJECT_STORAGE_MANAGEMENT can be used to set a custom API URL for the Object Storage Management SDK. Setting endpoint or IONOS_API_URL does not have any effect
ionoscloud_kafka_user_credentials
Gets information about Kafka users access credentials.
The Kafka user credentials ephemeral can be used to retrieve access credentials for a specific user without storing sensitive data into the state.
Example Usage
By ID
By name
Argument reference
cluster_id - (Required)[string] the ID of the Kafka cluster;
id - (Optional)[string] the ID of the Kafka user, can be retrieved using ;
username - (Optional)[string] the name of the Kafka user, can be retrieved using
Attributes reference
The following information is returned by the ephemeral resource:
id - the ID of the user;
username - the name of the user;
certificate_authority - PEM for the certificate authority;
ionoscloud_ipfailover
Get Information on ipfailover objects.
The IP Failover data source can be used to search for and return an existing IP Failover object. You need to provide the datacenter_id and the id of the lan to get the ip failover object for the provided datacenter. If a single match is found, it will be returned. If your search results in multiple matches, an error will be returned.
Example Usage
Argument Reference
The following arguments are supported:
datacenter_id - (Required) The ID of the datacenter containing the ip failover datasource
lan_id - (Required) The id of the lan of which the IP failover belongs
Attributes Reference
The following attributes are returned by the datasource:
datacenter_id - The ID of a Data Center.
ip - The reserved IP address to be used in the IP failover group.
- (Required)[string] Matching rule for the HTTP rule condition attribute; mandatory for HEADER, PATH, QUERY, METHOD, HOST, and COOKIE types; must be null when type is SOURCE_IP.
negate - (Optional)[bool] Specifies whether the condition is negated or not; the default is False.
key - (Optional)[string] Must be null when type is PATH, METHOD, HOST, or SOURCE_IP. Key can only be set when type is COOKIES, HEADER, or QUERY.
value - (Optional)[string] Mandatory for conditions CONTAINS, EQUALS, MATCHES, STARTS_WITH, ENDS_WITH; must be null when condition is EXISTS; should be a valid CIDR if provided and if type is SOURCE_IP.
description - Description of cdrom
location - Location of that image/snapshot
size - The size of the image in GB
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
cpu_hot_unplug - Is capable of CPU hot unplug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
ram_hot_unplug - Is capable of memory hot unplug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
disc_scsi_hot_plug - Is capable of SCSI drive hot plug (no reboot required)
disc_scsi_hot_unplug - Is capable of SCSI drive hot unplug (no reboot required)
licence_type - OS type of this Image
image_type - Type of image
image_aliases - List of image aliases mapped for this Image
public - Indicates if the image is part of the public repository or not
image_aliases - List of image aliases mapped for this Image
cloud_init - Cloud init compatibility
type - Hardware type of the volume.
size - The size of the volume in GB
availability_zone - The availability zone in which the volume should exist
image - Image or snapshot ID to be used as template for this volume
image_password - Initial password to be set for installed OS
ssh_keys - Public SSH keys are set on the image as authorized keys for appropriate SSH login to the instance using the corresponding private key
bus - The bus type of the volume
licence_type - OS type of this volume
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
device_number - The Logical Unit Number of the storage volume
pci_slot - The PCI slot number of the storage volume
backup_unit_id - The uuid of the Backup Unit that user has access to
user_data - The cloud-init configuration for the volume as base64 encoded string
require_legacy_bios - Indicates if the image requires the legacy BIOS for compatibility or specific needs.
mac - The MAC address of the NIC
ips - Collection of IP addresses assigned to a nic
dhcp - Indicates if the nic will reserve an IP using DHCP
lan - The LAN ID the NIC will sit on
firewall_active - Activate or deactivate the firewall
firewall_type - The type of firewall rules that will be allowed on the NIC
device_number - The Logical Unit Number (LUN) of the storage volume
pci_slot - The PCI slot number of the Nic
firewall_rules - list of
id - Id of the firewall rule
name - Name of the firewall rule
protocol - he protocol for the rule
source_mac - Only traffic originating from the respective MAC address is allowed
source_ip - Only traffic originating from the respective IPv4 address is allowed. Value null allows all source IPs
target_ip - In case the target NIC has multiple IP addresses, only traffic directed to the respective IP address of the NIC is allowed
icmp_code - Defines the allowed code (from 0 to 254) if protocol ICMP is chosen
icmp_type - Defines the allowed type (from 0 to 254) if the protocol ICMP is chosen
port_range_start - Defines the start range of the allowed port (from 1 to 65534) if protocol TCP or UDP is chosen
port_range_end - Defines the end range of the allowed port (from 1 to 65534) if the protocol TCP or UDP is chosen
type - The type of firewall rule
value - The value of the label
host - The upstream host that handles the requests if not already cached. This host will be protected by the WAF if the option is enabled.
caching - Enable or disable caching. If enabled, the CDN will cache the responses from the upstream host. Subsequent requests for the same resource will be served from the cache.
waf - Enable or disable WAF to protect the upstream host.
sni_mode - The SNI (Server Name Indication) mode of the upstream. It supports two modes: 1) distribution: for outgoing connections to the upstream host, the CDN requires the upstream host to present a valid certificate that matches the configured domain of the CDN distribution; 2) origin: for outgoing connections to the upstream host, the CDN requires the upstream host to present a valid certificate that matches the configured upstream/origin hostname.
rate_limit_class - Rate limit class that will be applied to limit the number of incoming requests per IP.
geo_restrictions - A map of geo_restrictions
allow_list - List of allowed countries
block_list - List of blocked countries
- The ID of a LAN.
nicuuid - The ID of a NIC.
- The name of the attached cdrom
description - Description of cdrom
location - Location of that image/snapshot
size - The size of the image in GB
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
cpu_hot_unplug - Is capable of CPU hot unplug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
ram_hot_unplug - Is capable of memory hot unplug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
disc_scsi_hot_plug - Is capable of SCSI drive hot plug (no reboot required)
disc_scsi_hot_unplug - Is capable of SCSI drive hot unplug (no reboot required)
licence_type - OS type of this Image
image_type - Type of image
image_aliases - List of image aliases mapped for this Image
public - Indicates if the image is part of the public repository or not
image_aliases - List of image aliases mapped for this Image
cloud_init - Cloud init compatibility
- Name of the attached volume
type - Hardware type of the volume.
size - The size of the volume in GB
availability_zone - The availability zone in which the volume should exist
image - Image or snapshot ID to be used as template for this volume
image_password - Initial password to be set for installed OS
ssh_keys - Public SSH keys are set on the image as authorized keys for appropriate SSH login to the instance using the corresponding private key
bus - The bus type of the volume
licence_type - OS type of this volume
cpu_hot_plug - Is capable of CPU hot plug (no reboot required)
ram_hot_plug - Is capable of memory hot plug (no reboot required)
nic_hot_plug - Is capable of nic hot plug (no reboot required)
nic_hot_unplug - Is capable of nic hot unplug (no reboot required)
disc_virtio_hot_plug - Is capable of Virt-IO drive hot plug (no reboot required)
disc_virtio_hot_unplug - Is capable of Virt-IO drive hot unplug (no reboot required)
device_number - The Logical Unit Number of the storage volume
pci_slot - The PCI slot number of the storage volume
backup_unit_id - The uuid of the Backup Unit that user has access to
user_data - The cloud-init configuration for the volume as base64 encoded string
require_legacy_bios - Indicates if the image requires the legacy BIOS for compatibility or specific needs.
- Name of the attached nid
mac - The MAC address of the NIC
ips - Collection of IP addresses assigned to a nic
dhcp - Indicates if the nic will reserve an IP using DHCP
lan - The LAN ID the NIC will sit on
firewall_active - Activate or deactivate the firewall
firewall_type - The type of firewall rules that will be allowed on the NIC
device_number - The Logical Unit Number (LUN) of the storage volume
pci_slot - The PCI slot number of the Nic
security_groups_ids - The list of Security Group IDs for the resource.
firewall_rules - list of
id - Id of the firewall rule
name - Name of the firewall rule
protocol - he protocol for the rule
source_mac - Only traffic originating from the respective MAC address is allowed
source_ip - Only traffic originating from the respective IPv4 address is allowed. Value null allows all source IPs
target_ip - In case the target NIC has multiple IP addresses, only traffic directed to the respective IP address of the NIC is allowed
icmp_code - Defines the allowed code (from 0 to 254) if protocol ICMP is chosen
icmp_type - Defines the allowed type (from 0 to 254) if the protocol ICMP is chosen
port_range_start - Defines the start range of the allowed port (from 1 to 65534) if protocol TCP or UDP is chosen
port_range_end - Defines the end range of the allowed port (from 1 to 65534) if the protocol TCP or UDP is chosen
location - (Optional)[string] the location of the Kafka cluster, can be one of: de/fra, de/fra/2, de/txl, fr/par, es/vit, gb/lhr, gb/bhx, us/las, us/mci, us/ewr. If omitted, the default location will be used: de/fra;
The IonosCloud provider gives the ability to deploy and configure resources using the IonosCloud APIs.
Use the navigation to the left to read about the available data sources and resources.
Using the provider
The provider needs to be configured with proper credentials before it can be used.
You can use token authentication. We strongly suggest to use token authentication for security purposes. Details on how to generate your token :
You can set the environment variables for HTTP basic authentication:
For managing IONOS Object Storage resources you need to set the following environment variables with your credentials
Also, you can overwrite the api endpoint: api.ionos.com via the following environment variable:
Note: if IONOS_API_URL environment variable is set, it is recommended to have the api.ionos.com value (not api.ionos.com/cloudapi/v5).
Another way of configuring it, is by providing your credentials/api_url in a .tf configuration file in the provider block as shown in the below example.
⚠️ Note: It's NOT usually necessary to set endpoint field. The SDKs the terraform uses know how to route requests to the correct endpoints in the API.
You can either explicitly write them in the .tf file or use var.name as in the example above. For setting the var.name, environment variables can be used. The environment variables must be in the format TF_VAR_name and this will be checked last for a value. For example:
For more complex configurations, with multiple user profiles and environments with custom API URLs, you can use a YAML configuration file with the following structure:
The path to the file can be set using the IONOS_CONFIG_FILE environment variable, or it defaults to ~/.ionos/config.yaml. The file can either be written manually by the user, or generated through the ionosctl login command (see ).
A configuration file can be used in conjunction with the token, username, password, endpoint, s3_access_key, s3_secret_key and s3_region fields in the provider block or the corresponding environment variables, replacing the credentials set for the currentProfile. All endpoints defined in the currentProfile environment will still be used.
Example Usage
Working with multiple regions/locations
When working with the same resource type on multiple regions/locations it is required to use multiple provider blocks with different aliases, one block for each region:
Configuration example for S3 buckets in different regions:
Configuration example for resources with multiple available locations:
Important Notes
The required_providers section needs to be specified in order for terraform to be able to find and download the ionoscloud provider
The credentials provided in a .tf file will override the credentials from environment variables.
Configuration Reference
The following arguments are supported:
token - Required if username and password are not set. If omitted, the IONOS_TOKEN environment variable is used.
username - Required if token is not set. If omitted, the IONOS_USERNAME environment variable is used. The username is generally an e-mail address in '[email protected]' format.
Environment Variables
Environment Variable
Description
Resource Timeout
Individual resources may provide a timeouts block to configure the amount of time a specific operation is allowed to take before being considered an error. Each resource may provide configurable timeouts for the create, update, and delete operations. Each resource that supports timeouts will have or inherit default values for that operation. Users can overwrite the default values for a specific resource in the configuration.
The default timeouts values are:
create - (Default 60 minutes) Used for creating a resource.
update - (Default 60 minutes) Used for updating a resource .
delete - (Default 60 minutes) Used for destroying a resource.
An example of overwriting the create, update, and delete timeouts:
Valid units of time should be expressed in "s", "m", "h" for "seconds", "minutes", and "hours" respectively.
Individual resources must opt-in to providing configurable timeouts, and attempting to configure values for a resource that does not support timeouts, or overwriting a specific action that the resource does not specify as an option, will result in an error.
~> Note: Terraform does not automatically rollback in the face of errors. Instead, your Terraform state file will be partially updated with any resources that successfully completed.
Debugging
In the default mode, the Terraform provider returns only HTTP client errors. These usually consist only of the HTTP status code. There is no clear description of the problem. But if you want to see the API call error messages as well, you need to set the SDK and Terraform provider environment variables.
You can enable logging now using the IONOS_LOG_LEVEL env variable. Allowed values: off, debug and trace. Defaults to off.
⚠️ Note: We recommend you only use trace level for debugging purposes. Disable it in your production environments because it can log sensitive data. It logs the full request and response without encryption, even for an HTTPS call. Verbose request and response logging can also significantly impact your application’s performance.
⚠️ Note:IONOS_DEBUG is now deprecated and will be removed in a future release.
⚠️ Note: We recommend you only use IONOS_DEBUG for debugging purposes. Disable it in your production environments because it can log sensitive data. It logs the full request and response without encryption, even for an HTTPS call. Verbose request and response logging can also significantly impact your application’s performance.
now you can see the response body incl. api error message:
Migrating from the ProfitBricks provider
This area is not necessary unless you were using the old profitbricks provider
Provider Name in HCL files
The provider name changed from profitbricks to ionoscloud. This reflects in the following change in your terraform hcl files: provider "profitbricks" becomes provider "ionoscloud"
Environment Variables
The following env variables have changed:
Old Variable Name
New Variable Name
Resources and Datasources in HCL files
The migration affects resource names and datasource names. Every resource and datasource changed its prefix from profitbricks_ to ionoscloud_.
In order to accommodate that, the terraform hcl files must be updated.
This can be done with a simple find and replace procedure. For example, on Linux, sed can be used:
On OSX the same command becomes:
Terraform State
Because of the name changes of resources and datasources, the terraform state must also be updated. The local state, in json format, can be updated by replacing profitbricks_ with ionoscloud_ directly in the state file. For example, on Linux, using:
On OSX the same command becomes:
The provider entries must also be updated. For example:
becomes
If you manage your state using remote backends you need to take the appropriate steps specific to your backend.
ionoscloud_pg_databases
Get information on DBaaS PgSql Databases.
The PgSql Databases data source can be used to search for and return multiple existing PgSql databases.
Example Usage
All databases from a specific cluster
Filter by owner
Argument Reference
cluster_id - (Required)[string] The ID of the cluster.
owner - (Optional)[string] Filter using a specific owner.
Attributes Reference
The following attributes are returned by the datasource:
databases - [list] A list that contains either all databases, either some of them (filter by owner). A database from list has the following format:
name - [string] The name of the database.
password - Required if token is not set. If omitted, the IONOS_PASSWORD environment variable is used.
endpoint - (Optional) Usually not necessary to be set, SDks know internally how to route requests to the API. If omitted, the IONOS_API_URL environment variable is used, or it defaults to the current Cloud API release.
retries - (Deprecated) Number of retries while waiting for a resource to be provisioned. Default value is 50. Note: This argument has been deprecated and replaced by the implementation of resource timeouts described below.
contract_number - "To be set only for reseller accounts. Allows to run terraform on a contract number under a reseller account.",
s3_access_key - Required for managing IONOS Object Storage resources.
s3_secret_key - Required for managing IONOS Object Storage resources.
s3_region - Optional, defines the region of the Object Storage resource.
IONOS_CONTRACT_NUMBER
Specify the contract number on which you wish to provision. Only valid for reseller accounts, for other types of accounts the header will be ignored
IONOS_S3_ACCESS_KEY
Specify the access key used to authenticate against the IONOS Object Storage API
IONOS_S3_SECRET_KEY
Specify the secret key used to authenticate against the IONOS Object Storage API
IONOS_S3_REGION
Region for IONOS Object Storage operations. Default value: eu-central-3. If you use IONOS_API_URL_OBJECT_STORAGE, IONOS_S3_REGION is mandatory
IONOS_CONFIG_FILE
Specify the path to the YAML configuration file. Default value: ~/.ionos/config.yaml.
IONOS_CURRENT_PROFILE
Specify the current profile to use from the YAML configuration file.
default - (Default 60 minutes) Used for every other action on a resource.
IONOS_USERNAME
Specify the username used to login, to authenticate against the IONOS Cloud API
IONOS_PASSWORD
Specify the password used to login, to authenticate against the IONOS Cloud API
IONOS_TOKEN
Specify the token used to login, if a token is being used instead of username and password
IONOS_API_URL
Specify the API URL. It will overwrite the API endpoint default value api.ionos.com. It is not necessary to override this value unless you have special routing config
IONOS_LOG_LEVEL
Specify the Log Level used to log messages. Possible values: Off, Debug, Trace
IONOS_PINNED_CERT
Specify the SHA-256 public fingerprint here, enables certificate pinning
provider "ionoscloud" {
# we encourage users to use token authentication for security reasons
# username = var.ionos_username
# password = var.ionos_password
token = var.ionos_token
# optional, to be used only for reseller accounts
# contract_number = "contract_number_here"
# optional, does not need to be configured in most cases
# endpoint = "custom_cloud_api_url"
# s3_access_key = "your_access_key"
# s3_secret_key = "your_secret_key"
version: 1.0
currentProfile: user # The current profile can also be overridden by the environment variable IONOS_CURRENT_PROFILE
profiles:
- name: user
environment: prod
credentials:
# You can use either username and password, or token.
# If both username and password, as well as token are provided, the token will take precedence.
token: <token>
- name: user2
environment: dev
credentials:
username: <username>
password: <password>
environments:
- name: prod
products:
- name: compute
endpoints:
- name: https://api.ionos.com/cloudapi/v6
skipTlsVerify: false
- name: dev
products:
- name: auth
endpoints:
- name: https://api.ionos.com/auth/v1
skipTlsVerify: false
terraform {
required_providers {
ionoscloud = {
source = "ionos-cloud/ionoscloud"
version = ">= 6.4.10"
}
}
}
provider "ionoscloud" {
token = var.ionos_token
# we encourage users to use token authentication
# username = var.ionos_username
# password = var.ionos_password
# optional, to be used only for reseller accounts
# contract_number = "contract_number_here"
# optional, does not need to be configured in most cases
# endpoint = "custom_cloud_api_url"
# s3_access_key = "your_access_key"
# s3_secret_key = "your_secret_key"
# s3_region = "your_bucket_region"
}
resource "ionoscloud_datacenter" "main" {
# ...
}
terraform {
required_providers {
ionoscloud = {
source = "ionos-cloud/ionoscloud"
version = "6.7.20"
}
}
}
resource "ionoscloud_s3_bucket" "firstbucket" {
name = "terraform-eu-central-3"
region = "eu-central-3"
provider = ionoscloud.eucentral3
object_lock_enabled = true
force_destroy = true
}
resource "ionoscloud_s3_bucket" "secondbucket" {
name = "terraform-eu-central-4"
region = "eu-central-4"
provider = ionoscloud
object_lock_enabled = true
force_destroy = true
}
# This provider will be used to manipulate resources in 'eu-central-3' region.
provider "ionoscloud" {
s3_access_key = "S3_ACCESS_KEY"
s3_secret_key = "S3_SECRET_KEY"
token = "IONOS_TOKEN"
alias = "eucentral3"
}
# This provider will be used to manipulate resources in 'eu-central-4' region.
provider "ionoscloud" {
s3_access_key = "S3_ACCESS_KEY"
s3_secret_key = "S3_SECRET_KEY"
token = "IONOS_TOKEN"
}
terraform {
required_providers {
ionoscloud = {
source = "ionos-cloud/ionoscloud"
version = "6.7.20"
}
}
}
resource "ionoscloud_logging_pipeline" "firstpipeline" {
location = "de/fra"
name = "firstpipeline"
log {
source = "kubernetes"
tag = "tagexample"
protocol = "http"
destinations {
type = "loki"
retention_in_days = 7
}
}
provider = ionoscloud.frankfurt
}
resource "ionoscloud_logging_pipeline" "secondpipeline" {
location = "de/txl"
name = "secondpipeline"
log {
source = "kubernetes"
tag = "tagexample"
protocol = "http"
destinations {
type = "loki"
retention_in_days = 7
}
}
provider = ionoscloud.berlin
}
resource "ionoscloud_logging_pipeline" "thirdpipeline" {
location = "fr/par"
name = "thirdpipeline"
log {
source = "kubernetes"
tag = "tagexample"
protocol = "http"
destinations {
type = "loki"
retention_in_days = 7
}
}
provider = ionoscloud
}
# This provider will be used to manipulate resources in Frankfurt.
provider "ionoscloud" {
token = "IONOS_TOKEN"
alias = "frankfurt"
}
# This provider will be used to manipulate resources in Berlin.
provider "ionoscloud" {
token = "IONOS_TOKEN"
alias = "berlin"
}
# This provider will be used to manipulate resources in Paris.
provider "ionoscloud" {
token = "IONOS_TOKEN"
}
{
"httpStatus" : 422,
"messages" : [ {
"errorCode" : "200",
"message" : "[VDC-yy-xxxx] Operation cannot be executed since this Kubernetes Nodepool is already marked for deletion. Current state of the resource is FAILED_DESTROYING."
}]
}
$ sed -i 's/profitbricks_/ionoscloud_/g' ./main.tf
$ sed -i bak 's/profitbricks_/ionoscloud_/g' ./main.tf
$ sed -i 's/profitbricks_/ionoscloud_/g' ./terraform.tfstate
$ sed -i bak 's/profitbricks_/ionoscloud_/g' ./terraform.tfstate
max_replica_count - (Required)[int] The maximum value for the number of replicas on a VM Auto Scaling Group. Must be >= 0 and <= 200. Will be enforced for both automatic and manual changes.
min_replica_count - (Required)[int] The minimum value for the number of replicas on a VM Auto Scaling Group. Must be >= 0 and <= 200. Will be enforced for both automatic and manual changes.
- (Optional)[int] The target number of VMs in this Group. Depending on the scaling policy, this number will be adjusted automatically. VMs will be created or destroyed automatically in order to adjust the actual number of VMs to this number. If targetReplicaCount is given in the request body then it must be >= minReplicaCount and <= maxReplicaCount.
name - (Required)[string] User-defined name for the Autoscaling Group.
policy - (Required)[List] Specifies the behavior of this Autoscaling Group. A policy consists of Triggers and Actions, whereby an Action is some kind of automated behavior, and a Trigger is defined by the circumstances under which the Action is triggered. Currently, two separate Actions, namely Scaling In and Out are supported, triggered through Thresholds defined on a given Metric.
metric - (Required)[string] The Metric that should trigger the scaling actions. Metric values are checked at fixed intervals. Possible values: INSTANCE_CPU_UTILIZATION_AVERAGE, INSTANCE_NETWORK_IN_BYTES, INSTANCE_NETWORK_IN_PACKETS, INSTANCE_NETWORK_OUT_BYTES, INSTANCE_NETWORK_OUT_PACKETS
range - (Optional)[string] Defines the time range, for which the samples will be aggregated. Default is 120s. Note that when you set it to values like 5m the API will automatically transform it in PT5M, so the plan will show you a diff in state that should be ignored.
scale_in_action - (Required)[list] Specifies the action to take when the scaleInThreshold is exceeded. Hereby, scaling in is always about removing VMs that are currently associated with this autoscaling group. Default termination policy is OLDEST_SERVER_FIRST.
amount - (Required)[int] When amountType == ABSOLUTE, this is the number of VMs removed in one step. When amountType == PERCENTAGE, this is a percentage value, which will be applied to the autoscaling group's current targetReplicaCount
scale_in_threshold - (Required)[int] A lower threshold on the value of metric. Will be used with less than (<) operator. Exceeding this will start a Scale-In Action as specified by the scaleInAction property. The value must have a higher minimum delta to the scaleOutThreshold depending on the metric to avoid competitive actions at the same time.
scale_out_action - (Required)[list] Specifies the action to take when the scaleOutThreshold is exceeded. Hereby, scaling out is always about adding new VMs to this autoscaling group.
amount - (Required)[int] When amountType=ABSOLUTE specifies the absolute number of VMs that are added. The value must be between 1 to 10. amountType=PERCENTAGE specifies the percentage value that is applied to the current number of replicas of the VM Auto Scaling Group. The value must be between 1 to 200. At least one VM is always added.
scale_out_threshold - (Required)[int] The upper threshold for the value of the metric. Used with the greater than (>) operator. A scale-out action is triggered when this value is exceeded, specified by the scaleOutAction property. The value must have a lower minimum delta to the scaleInThreshold, depending on the metric, to avoid competing for actions simultaneously. If properties.policy.unit=TOTAL, a value >= 40 must be chosen.
unit - (Required)[string] Units of the applied Metric. Possible values are: PER_HOUR, PER_MINUTE, PER_SECOND, TOTAL.
replica_configuration - (Required)[List]
availability_zone - (Required)[string] The zone where the VMs are created using this configuration. Possible values are: AUTO, ZONE_1, ZONE_2.
cores - (Required)[int] The total number of cores for the VMs.
cpu_family - (Optional)[string] CPU family for the VMs created using this configuration. If null, the VM will be created with the default CPU family for the assigned location. Possible values are: INTEL_SKYLAKE, INTEL_XEON.
nics - (Optional)[set] List of NICs associated with this Replica.
lan - (Required)[int] Lan ID for this replica Nic.
name - (Required)[string] Name for this replica NIC.
ram - (Required)[int] The amount of memory for the VMs in MB, e.g. 2048. Size must be specified in multiples of 256 MB with a minimum of 256 MB; however, if you set ramHotPlug to TRUE then you must use a minimum of 1024 MB. If you set the RAM size more than 240GB, then ramHotPlug will be set to FALSE and can not be set to TRUE unless RAM size not set to less than 240GB.
volume - (Optional)[list] List of volumes associated with this Replica.
image - (Optional)[string] The image installed on the volume. Only the UUID of the image is presently supported.
image_alias - (Optional)[string] The image installed on the volume. Must be an
datacenter_id - (Required)[string] Unique identifier for the resource
location - (Computed) Location of the data center.
in order to derive the number of VMs that will be removed in one step. There will always be at least one VM removed. For SCALE_IN operation new volumes are NOT deleted after the server deletion.
amount_type - (Required)[string] The type for the given amount. Possible values are: ABSOLUTE, PERCENTAGE.
termination_policy_type - (Optional)[string] The type of the termination policy for the autoscaling group so that a specific pattern is followed for Scaling-In replicas. Default termination policy is OLDEST_SERVER_FIRST. Possible values are: OLDEST_SERVER_FIRST, NEWEST_SERVER_FIRST, RANDOM
cooldown_period - (Optional)[string] Minimum time to pass after this Scaling action has started, until the next Scaling action will be started. Additionally, if a Scaling action is currently in progress, no second Scaling action will be started for the same autoscaling group. Instead, the Metric will be re-evaluated after the current Scaling action is completed (either successfully or with failures). This is validated with a minimum value of 2 minutes and a maximum of 24 hours currently. Default value is 5 minutes if not given. Note that when you set it to values like 5m the API will automatically transform it in PT5M, so the plan will show you a diff in state that should be ignored.
delete_volumes - (Required)[bool] If set to true, when deleting a replica during scale in, any attached volume will also be deleted. When set to false, all volumes remain in the datacenter and must be deleted manually. Note that every scale-out creates new volumes. When they are not deleted, they will eventually use all of your contracts resource limits. At this point, scaling out would not be possible anymore.
amount_type - (Required)[string] The type for the given amount. Possible values are: ABSOLUTE, PERCENTAGE.
cooldown_period - (Optional)[string] Minimum time to pass after this Scaling action has started, until the next Scaling action will be started. Additionally, if a Scaling action is currently in progress, no second Scaling action will be started for the same autoscaling group. Instead, the Metric will be re-evaluated after the current Scaling action is completed (either successfully or with failures). This is validated with a minimum value of 2 minutes and a maximum of 24 hours currently. Default value is 5 minutes if not given. Note that when you set it to values like 5m the API will automatically transform it in PT5M, so the plan will show you a diff in state that should be ignored.
dhcp - (Optional)[bool] Dhcp flag for this replica Nic. This is an optional attribute with default value of true if not given in the request payload or given as null.
firewall_active - (Optional)[bool] Firewall active flag.
firewall_type - (Optional)[string] The type of firewall rules that will be allowed on the NIC. Valid values: INGRESS EGRESS BIDIRECTIONAL. If not specified, the default INGRESS value is used.
firewall_rules - (Optional)[list] List of firewall rules associated with this NIC.
protocol - (Required)[string] The protocol for the rule: TCP, UDP, ICMP, ANY. Property cannot be modified after creation (disallowed in update requests).
name - (Optional)[string] The name of the firewall rule.
source_mac - (Optional)[string] Only traffic originating from the respective MAC address is allowed. Valid format: aa:bb:cc:dd:ee:ff. Value null allows all source MAC address. Valid format: aa:bb:cc:dd:ee:ff.
source_ip - (Optional)[string] Only traffic originating from the respective IPv4 address is allowed. Value null allows all source IPs.
target_ip - (Optional)[string] In case the target NIC has multiple IP addresses, only traffic directed to the respective IP address of the NIC is allowed. Value null allows all target IPs.
port_range_start - (Optional)[int] Defines the start range of the allowed port (from 1 to 65534) if protocol TCP or UDP is chosen. Leave portRangeStart and portRangeEnd null to allow all ports.
port_range_end - (Optional)[int] Defines the end range of the allowed port (from 1 to 65534) if the protocol TCP or UDP is chosen. Leave portRangeStart and portRangeEnd null to allow all ports.
icmp_type - (Optional)[string] Defines the allowed code (from 0 to 254) if protocol ICMP is chosen. Value null allows all codes.
icmp_code - (Optional)[int] Defines the allowed code (from 0 to 254) if protocol ICMP is chosen.
type - (Optional)[string] The type of firewall rule. If is not specified, it will take the default value INGRESS.
flow_log - (Optional)[list] Only 1 flow log can be configured. Only the name field can change as part of an update. Flow logs holistically capture network information such as source and destination IP addresses, source and destination ports, number of packets, amount of bytes, the start and end time of the recording, and the type of protocol – and log the extent to which your instances are being accessed.
action - (Required)[string] Specifies the action to be taken when the rule is matched. Possible values: ACCEPTED, REJECTED, ALL. Immutable, forces re-creation.
bucket - (Required)[string] Specifies the IONOS Object Storage bucket where the flow log data will be stored. The bucket must exist. Immutable, forces re-creation.
direction - (Required)[string] Specifies the traffic direction pattern. Valid values: INGRESS, EGRESS, BIDIRECTIONAL. Immutable, forces re-creation.
name - (Required)[string] Specifies the name of the flow log.
target_group - (Optional)[list] In order to link VM to ALB, target group must be provided
target_group_id (Required)[string] The ID of the target group.
weight (Optional)[int] The weight of the target group.
port (Optional)[int] The port of the target group.
imageAlias
as specified via the images API. Note that one of
image
or
imageAlias
must be set, but not both.
name - (Required)[string] Name for this replica volume.
size - (Required)[int] Name for this replica volume.
ssh_keys - (Optional) List of ssh keys, supports values or paths to files. Cannot be changed at update.
type - (Required)[string] Storage Type for this replica volume. Possible values: SSD, HDD, SSD_STANDARD or SSD_PREMIUM.
user_data - (Optional)[string] User-data (Cloud Init) for this replica volume. Make sure you provide a Cloud Init compatible image in conjunction with this parameter.
image_password - (Optional)[string] Image password for this replica volume.
bus - (Optional)[string] The bus type of the volume. Default setting is VIRTIO. The bus type IDE is also supported.
backup_unit_id - (Optional)[string] The uuid of the Backup Unit that user has access to. The property is immutable and is only allowed to be set on a new volume creation. It is mandatory to provide either public image or imageAlias in conjunction with this property.
boot_order - (Optional)[string] Determines whether the volume will be used as a boot volume. Set to NONE, the volume will not be used as boot volume. Set to PRIMARY, the volume will be used as boot volume and set to AUTO will delegate the decision to the provisioning engine to decide whether to use the volume as boot volume. Notice that exactly one volume can be set to PRIMARY or all of them set to AUTO.