Control your next generation software defined OpenZiti network using Terraform.
The OpenZiti provider supports all essential resources to start controlling your network.
| Entity | Data Source | Resource |
|---|---|---|
| config | ✅ | ✅ |
| edge-router-policy | ✅ | ✅ |
| identity | ✅ | ✅ |
| service | ✅ | ✅ |
| posture-check | ✅ | ✅ |
| service-policy | ✅ | ✅ |
| service-edge-router-policy | ✅ | ✅ |
| auth-policy | ❌ | ❌ |
| authenticator | ❌ | ❌ |
| ca | ❌ | ❌ |
| edge-router | ❌ | ❌ |
| ext-jwt-signer | ❌ | ❌ |
| terminator | ❌ | ❌ |
| transit-router | ❌ | ❌ |
| config-type | 🚧 | 🚧 |
| enrollment | 🚧 | 🚧 |
🚧 - Enrollment is a one-time thing, barely suitable in Terraform world. Config-type is just beyond the project scope(for now at least).
✅ - Entity could be fully controlled via a Terraform provider, and that both one and many datasources are ready to be used.
❌ - Not yet implemented.
- Terraform >= 1.0
- Go >= 1.22
- OpenZiti network >= 1.2.1
- Have a way to control a software-defined OpenZiti network using Terraform
- Backwards compatibility of a public interface between minor versions.
- Clone the repository
- Enter the repository directory
- Build the provider using the Go
installcommand:
go installThis provider uses Go modules. Please see the Go documentation for the most up to date information about using Go modules.
To add a new dependency github.com/author/dependency to your Terraform provider:
go get github.com/author/dependency
go mod tidyThen commit the changes to go.mod and go.sum.
terraform {
required_providers {
ziti = {
source = "nenkoru/ziti"
}
}
}
provider "ziti" {
username = "testadmin"
password = "testadmin"
mgmt_endpoint = "https://localhost:1280/edge/management/v1"
}
resource "ziti_host_config_v1" "simple_host" {
name = "simple_host.host.v1"
address = "localhost"
port = 5432
protocol = "tcp"
}If you wish to work on the provider, you'll first need Go installed on your machine (see Requirements above).
To compile the provider, run go install. This will build the provider and put the provider binary in the $GOPATH/bin directory.
To generate or update documentation, run make generate.
In order to run the full suite of Acceptance tests, run make testacc.
Note: Acceptance tests create real resources, and often cost money to run.
make testacc