`firewall_id` should be required in `civo_kubernetes_cluster` resource

Question

`firewall_id` should be required in `civo_kubernetes_cluster` resource

zulh-civo opened this issue 3 years ago · 0 comments

In line with the recent changes in Civo API where deleting a Kubernetes cluster will not delete its firewall, we now have to make the firewall_id attribute required.

Meaning, user needs to create civo_firewall and civo_firewall_rule together with civo_kubernetes_cluster resource.

Example:

# Query xsmall instance size
data "civo_instances_size" "xsmall" {
    filter {
        key = "type"
        values = ["kubernetes"]
    }

    sort {
        key = "ram"
        direction = "asc"
    }
}

# Create a firewall
resource "civo_firewall" "www" {
    name = "www"
}

# Create a firewall rule
resource "civo_firewall_rule" "http" {
    firewall_id = civo_firewall.www.id
    protocol = "tcp"
    start_port = "80"
    end_port = "80"
    cidr = ["0.0.0.0/0"]
    direction = "ingress"
    label = "web-server"
}

# Create a cluster
resource "civo_kubernetes_cluster" "my-cluster" {
    region = "LON1"
    name = "my-cluster"
    applications = "Redis,Linkerd:Linkerd & Jaeger"
    num_target_nodes = 3
    target_nodes_size = element(data.civo_instances_size.xsmall.sizes, 0).name
    firewall_id = civo_firewall.www.id
}

By doing this, user can still manage the firewall even after the cluster gets deleted. For example, user can attach the firewall again to another cluster/compute instance.

They can choose to delete everything (cluster, firewall, firewall rule) if they want by running terraform destroy command.