alicloud_kms_instance
更新时间:
Provides a KMS Instance resource.
For information about KMS Instance and how to use it, see What is Instance.
-> NOTE: Available since v1.210.0.
Example Usage
Create a subscription kms instance
provider "alicloud" {
region = var.region
}
variable "region" {
default = "cn-hangzhou"
}
variable "name" {
default = "terraform-example"
}
data "alicloud_account" "current" {}
resource "alicloud_vpc" "vpc-amp-instance-example" {
cidr_block = "172.16.0.0/12"
vpc_name = var.name
}
resource "alicloud_vswitch" "vswitch" {
vpc_id = alicloud_vpc.vpc-amp-instance-example.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_vswitch" "vswitch-j" {
vpc_id = alicloud_vpc.vpc-amp-instance-example.id
zone_id = "cn-hangzhou-j"
cidr_block = "172.16.2.0/24"
}
resource "alicloud_vpc" "shareVPC" {
cidr_block = "172.16.0.0/12"
vpc_name = format("%s3", var.name)
}
resource "alicloud_vswitch" "shareVswitch" {
vpc_id = alicloud_vpc.shareVPC.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_vpc" "share-VPC2" {
cidr_block = "172.16.0.0/12"
vpc_name = format("%s5", var.name)
}
resource "alicloud_vswitch" "share-vswitch2" {
vpc_id = alicloud_vpc.share-VPC2.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_vpc" "share-VPC3" {
cidr_block = "172.16.0.0/12"
vpc_name = format("%s7", var.name)
}
resource "alicloud_vswitch" "share-vsw3" {
vpc_id = alicloud_vpc.share-VPC3.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_kms_instance" "default" {
vpc_num = "7"
key_num = "1000"
secret_num = "0"
spec = "1000"
renew_status = "ManualRenewal"
product_version = "3"
renew_period = "3"
vpc_id = alicloud_vswitch.vswitch.vpc_id
zone_ids = ["cn-hangzhou-k", "cn-hangzhou-j"]
vswitch_ids = [alicloud_vswitch.vswitch-j.id]
bind_vpcs {
vpc_id = alicloud_vswitch.shareVswitch.vpc_id
region_id = var.region
vswitch_id = alicloud_vswitch.shareVswitch.id
vpc_owner_id = data.alicloud_account.current.id
}
bind_vpcs {
vpc_id = alicloud_vswitch.share-vswitch2.vpc_id
region_id = var.region
vswitch_id = alicloud_vswitch.share-vswitch2.id
vpc_owner_id = data.alicloud_account.current.id
}
bind_vpcs {
vpc_id = alicloud_vswitch.share-vsw3.vpc_id
region_id = var.region
vswitch_id = alicloud_vswitch.share-vsw3.id
vpc_owner_id = data.alicloud_account.current.id
}
log = "0"
period = "1"
log_storage = "0"
payment_type = "Subscription"
}
Create a pay-as-you-go kms instance
provider "alicloud" {
region = var.region
}
variable "region" {
default = "cn-hangzhou"
}
variable "name" {
default = "terraform-example"
}
data "alicloud_account" "current" {}
resource "alicloud_vpc" "vpc-amp-instance-example" {
cidr_block = "172.16.0.0/12"
vpc_name = var.name
}
resource "alicloud_vswitch" "vswitch" {
vpc_id = alicloud_vpc.vpc-amp-instance-example.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_vswitch" "vswitch-j" {
vpc_id = alicloud_vpc.vpc-amp-instance-example.id
zone_id = "cn-hangzhou-j"
cidr_block = "172.16.2.0/24"
}
resource "alicloud_vpc" "shareVPC" {
cidr_block = "172.16.0.0/12"
vpc_name = format("%s3", var.name)
}
resource "alicloud_vswitch" "shareVswitch" {
vpc_id = alicloud_vpc.shareVPC.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_vpc" "share-VPC2" {
cidr_block = "172.16.0.0/12"
vpc_name = format("%s5", var.name)
}
resource "alicloud_vswitch" "share-vswitch2" {
vpc_id = alicloud_vpc.share-VPC2.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_vpc" "share-VPC3" {
cidr_block = "172.16.0.0/12"
vpc_name = format("%s7", var.name)
}
resource "alicloud_vswitch" "share-vsw3" {
vpc_id = alicloud_vpc.share-VPC3.id
zone_id = "cn-hangzhou-k"
cidr_block = "172.16.1.0/24"
}
resource "alicloud_kms_instance" "default" {
payment_type = "PayAsYouGo"
product_version = 3
vpc_id = alicloud_vswitch.vswitch.vpc_id
zone_ids = [alicloud_vswitch.vswitch.zone_id, alicloud_vswitch.vswitch-j.zone_id]
vswitch_ids = [alicloud_vswitch.vswitch.id]
force_delete_without_backup = true
bind_vpcs {
vpc_id = alicloud_vswitch.shareVswitch.vpc_id
region_id = var.region
vswitch_id = alicloud_vswitch.shareVswitch.id
vpc_owner_id = data.alicloud_account.current.id
}
bind_vpcs {
vpc_id = alicloud_vswitch.share-vswitch2.vpc_id
region_id = var.region
vswitch_id = alicloud_vswitch.share-vswitch2.id
vpc_owner_id = data.alicloud_account.current.id
}
bind_vpcs {
vpc_id = alicloud_vswitch.share-vsw3.vpc_id
region_id = var.region
vswitch_id = alicloud_vswitch.share-vsw3.id
vpc_owner_id = data.alicloud_account.current.id
}
}
Argument Reference
The following arguments are supported:
bind_vpcs- (Optional, Set) Aucillary VPCs used to access this KMS instance Seebind_vpcsbelow.force_delete_without_backup- (Optional, Available since v1.223.2) Whether to force deletion even without backup.instance_name- (Optional, Computed) The name of the resourcekey_num- (Optional, Int) Maximum number of stored keys. The attribute is valid when the attributepayment_typeisSubscription.log- (Optional, Computed) Instance Audit Log Switch. The attribute is valid when the attributepayment_typeisSubscription.log_storage- (Optional, Computed, Int) Instance log capacity. The attribute is valid when the attributepayment_typeisSubscription.payment_type- (Optional, ForceNew, Computed) Payment type, valid values:Subscription: Prepaid.PayAsYouGo: Postpaid.
period- (Optional, Int) Purchase cycle, in months. The attribute is valid when the attributepayment_typeisSubscription.product_version- (Optional) KMS Instance commodity type (software/hardware)renew_period- (Optional, Int) Automatic renewal period, in months. The attribute is valid when the attributepayment_typeisSubscription.renew_status- (Optional) Renewal options. Valid values:AutoRenewal,ManualRenewal. The attribute is valid when the attributepayment_typeisSubscription.renewal_period_unit- (Optional, Available since v1.257.0) Automatic renewal period unit, valid value:M: Month.Y: Year.
secret_num- (Optional, Int) Maximum number of Secrets. The attribute is valid when the attributepayment_typeisSubscription.spec- (Optional, Int) The computation performance level of the KMS instance. The attribute is valid when the attributepayment_typeisSubscription.tags- (Optional, Map, Available since v1.259.0) A mapping of tags to assign to the resource.vpc_id- (Required, ForceNew) The ID of the virtual private cloud (VPC) that is associated with the KMS instance.vpc_num- (Optional, Int) The number of managed accesses. The maximum number of VPCs that can access this KMS instance. The attribute is valid when the attributepayment_typeisSubscription.vswitch_ids- (Required, ForceNew, List) Instance bind vswitcheszone_ids- (Required, ForceNew, List) zone id
bind_vpcs
The bind_vpcs supports the following:
region_id- (Optional) region idvswitch_id- (Optional) vswitch idvpc_id- (Optional) VPC IDvpc_owner_id- (Optional, Int) VPC owner root user ID
Attributes Reference
The following attributes are exported:
id- The ID of the resource supplied above.ca_certificate_chain_pem- KMS instance certificate chain in PEM format.create_time- The creation time of the resource.end_date- (Available since v1.233.1) Instance expiration time.instance_name- The name of the resource.status- Instance status.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 60 mins) Used when create the Instance.delete- (Defaults to 10 mins) Used when delete the Instance.update- (Defaults to 60 mins) Used when update the Instance.
Import
KMS Instance can be imported using the id, e.g.
$ terraform import alicloud_kms_instance.example <id>
该文章对您有帮助吗?