Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync aws Terraform module documentation to pan.dev #472

Merged
merged 1 commit into from
Oct 17, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -76,13 +76,13 @@ Use a web browser to access https://x.x.x.x and login with admin and your previo
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0, < 2.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.25 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.17 |

### Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.25 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.17 |

### Modules

Expand All @@ -100,8 +100,10 @@ Use a web browser to access https://x.x.x.x and login with admin and your previo
| [aws_iam_instance_profile.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
| [aws_caller_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_ebs_default_kms_key.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source |
| [aws_kms_alias.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_alias) | data source |
| [aws_partition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |

### Inputs

Expand All @@ -112,7 +114,7 @@ Use a web browser to access https://x.x.x.x and login with admin and your previo
| <a name="input_panoramas"></a> [panoramas](#input\_panoramas) | A map defining Panorama instances<br /><br />Following properties are available:<br />- `instances`: map of Panorama instances with attributes:<br /> - `az`: name of the Availability Zone<br /> - `private_ip_address`: private IP address for management interface<br />- `panos_version`: PAN-OS version used for Panorama<br />- `network`: definition of network settings in object with attributes:<br /> - `vpc`: name of the VPC (needs to be one of the keys in map `vpcs`)<br /> - `vpc_subnet`: key of the VPC and subnet connected by '-' character<br /> - `security_group`: security group assigned to ENI used by Panorama<br /> - `create_public_ip`: true, if public IP address for management should be created<br />- `ebs`: EBS settings defined in object with attributes:<br /> - `volumes`: list of EBS volumes attached to each instance<br /> - `kms_key_alias`: KMS key alias used for encrypting Panorama EBS<br />- `iam`: IAM settings in object with attrbiutes:<br /> - `create_role`: enable creation of IAM role<br /> - `role_name`: name of the role to create or use existing one<br />- `enable_imdsv2`: whether to enable IMDSv2 on the EC2 instance<br /><br />Example:<pre>{<br /> panorama\_ha\_pair = {<br /> instances = {<br /> "primary" = {<br /> az = "eu-central-1a"<br /> private\_ip\_address = "10.255.0.4"<br /> }<br /> "secondary" = {<br /> az = "eu-central-1b"<br /> private\_ip\_address = "10.255.1.4"<br /> }<br /> }<br /><br /> panos\_version = "10.2.3"<br /><br /> network = {<br /> vpc = "management\_vpc"<br /> vpc\_subnet = "management\_vpc-mgmt"<br /> security\_group = "panorama\_mgmt"<br /> create\_public\_ip = true<br /> }<br /><br /> ebs = {<br /> volumes = [<br /> {<br /> name = "ebs-1"<br /> ebs\_device\_name = "/dev/sdb"<br /> ebs\_size = "2000"<br /> ebs\_encrypted = true<br /> },<br /> {<br /> name = "ebs-2"<br /> ebs\_device\_name = "/dev/sdc"<br /> ebs\_size = "2000"<br /> ebs\_encrypted = true<br /> }<br /> ]<br /> kms\_key\_alias = "aws/ebs"<br /> }<br /><br /> iam = {<br /> create\_role = true<br /> role\_name = "panorama"<br /> }<br /><br /> enable\_imdsv2 = false<br /> }<br />}</pre> | <pre>map(object({<br /> instances = map(object({<br /> az = string<br /> private\_ip\_address = string<br /> }))<br /><br /> panos\_version = string<br /><br /> network = object({<br /> vpc = string<br /> vpc\_subnet = string<br /> security\_group = string<br /> create\_public\_ip = bool<br /> })<br /><br /> ebs = object({<br /> volumes = list(object({<br /> name = string<br /> ebs\_device\_name = string<br /> ebs\_size = string<br /> ebs\_encrypted = bool<br /> }))<br /> kms\_key\_alias = string<br /> })<br /><br /> iam = object({<br /> create\_role = bool<br /> role\_name = string<br /> })<br /><br /> enable\_imdsv2 = bool<br /> }))</pre> | `{}` | no |
| <a name="input_region"></a> [region](#input\_region) | AWS region used to deploy whole infrastructure | `string` | n/a | yes |
| <a name="input_ssh_key_name"></a> [ssh\_key\_name](#input\_ssh\_key\_name) | Name of the SSH key pair existing in AWS key pairs and used to authenticate to VM-Series or test boxes | `string` | n/a | yes |
| <a name="input_vpcs"></a> [vpcs](#input\_vpcs) | A map defining VPCs with security groups and subnets.<br /><br />Following properties are available:<br />- `name`: VPC name<br />- `cidr`: CIDR for VPC<br />- `security_groups`: map of security groups<br />- `subnets`: map of subnets with properties:<br /> - `az`: availability zone<br /> - `set`: internal identifier referenced by main.tf<br />- `routes`: map of routes with properties:<br /> - `vpc_subnet`: built from key of VPCs concatenate with `-` and key of subnet in format: `VPCKEY-SUBNETKEY`<br /> - `to_cidr`: destination IP range<br /> - `next_hop_key`: must match keys use to create TGW attachment, IGW, GWLB endpoint or other resources<br /> - `next_hop_type`: internet\_gateway, nat\_gateway, transit\_gateway\_attachment or gwlbe\_endpoint<br /><br />Example:<pre>{<br /> security\_vpc = {<br /> name = "security-vpc"<br /> cidr = "10.100.0.0/16"<br /> security\_groups = {<br /> panorama\_mgmt = {<br /> name = "panorama\_mgmt"<br /> rules = {<br /> all\_outbound = {<br /> description = "Permit All traffic outbound"<br /> type = "egress", from\_port = "0", to\_port = "0", protocol = "-1"<br /> cidr\_blocks = ["0.0.0.0/0"]<br /> }<br /> https = {<br /> description = "Permit HTTPS"<br /> type = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"<br /> cidr\_blocks = ["130.41.247.0/24"]<br /> }<br /> ssh = {<br /> description = "Permit SSH"<br /> type = "ingress", from\_port = "22", to\_port = "22", protocol = "tcp"<br /> cidr\_blocks = ["130.41.247.0/24"]<br /> }<br /> }<br /> }<br /> }<br /> subnets = {<br /> "10.100.0.0/24" = { az = "eu-central-1a", set = "mgmt" }<br /> "10.100.64.0/24" = { az = "eu-central-1b", set = "mgmt" }<br /> }<br /> routes = {<br /> mgmt\_default = {<br /> vpc\_subnet = "security\_vpc-mgmt"<br /> to\_cidr = "0.0.0.0/0"<br /> next\_hop\_key = "security\_vpc"<br /> next\_hop\_type = "internet\_gateway"<br /> }<br /> }<br /> }<br />}</pre> | <pre>map(object({<br /> name = string<br /> cidr = string<br /> security\_groups = map(object({<br /> name = string<br /> rules = map(object({<br /> description = string<br /> type = string,<br /> from\_port = string<br /> to\_port = string,<br /> protocol = string<br /> cidr\_blocks = list(string)<br /> }))<br /> }))<br /> subnets = map(object({<br /> az = string<br /> set = string<br /> }))<br /> routes = map(object({<br /> vpc\_subnet = string<br /> to\_cidr = string<br /> next\_hop\_key = string<br /> next\_hop\_type = string<br /> }))<br /> }))</pre> | `{}` | no |
| <a name="input_vpcs"></a> [vpcs](#input\_vpcs) | A map defining VPCs with security groups and subnets.<br /><br />Following properties are available:<br />- `name`: VPC name<br />- `cidr`: CIDR for VPC<br />- `security_groups`: map of security groups<br />- `subnets`: map of subnets with properties:<br /> - `az`: availability zone<br /> - `set`: internal identifier referenced by main.tf<br />- `routes`: map of routes with properties:<br /> - `vpc_subnet`: built from key of VPCs concatenate with `-` and key of subnet in format: `VPCKEY-SUBNETKEY`<br /> - `to_cidr`: destination IP range<br /> - `next_hop_key`: must match keys use to create TGW attachment, IGW, GWLB endpoint or other resources<br /> - `next_hop_type`: internet\_gateway, nat\_gateway, transit\_gateway\_attachment or gwlbe\_endpoint<br /><br />Example:<pre>{<br /> security\_vpc = {<br /> name = "security-vpc"<br /> cidr = "10.100.0.0/16"<br /> security\_groups = {<br /> panorama\_mgmt = {<br /> name = "panorama\_mgmt"<br /> rules = {<br /> all\_outbound = {<br /> description = "Permit All traffic outbound"<br /> type = "egress", from\_port = "0", to\_port = "0", protocol = "-1"<br /> cidr\_blocks = ["0.0.0.0/0"]<br /> }<br /> https = {<br /> description = "Permit HTTPS"<br /> type = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"<br /> cidr\_blocks = ["130.41.247.0/24"]<br /> }<br /> ssh = {<br /> description = "Permit SSH"<br /> type = "ingress", from\_port = "22", to\_port = "22", protocol = "tcp"<br /> cidr\_blocks = ["130.41.247.0/24"]<br /> }<br /> }<br /> }<br /> }<br /> subnets = {<br /> "10.100.0.0/24" = { az = "eu-central-1a", set = "mgmt" }<br /> "10.100.64.0/24" = { az = "eu-central-1b", set = "mgmt" }<br /> }<br /> routes = {<br /> mgmt\_default = {<br /> vpc\_subnet = "security\_vpc-mgmt"<br /> to\_cidr = "0.0.0.0/0"<br /> next\_hop\_key = "security\_vpc"<br /> next\_hop\_type = "internet\_gateway"<br /> }<br /> }<br /> }<br />}</pre> | <pre>map(object({<br /> name = string<br /> cidr = string<br /> security\_groups = any<br /> subnets = map(object({<br /> az = string<br /> set = string<br /> }))<br /> routes = map(object({<br /> vpc\_subnet = string<br /> to\_cidr = string<br /> next\_hop\_key = string<br /> next\_hop\_type = string<br /> }))<br /> }))</pre> | `{}` | no |

### Outputs

Expand Down
7 changes: 4 additions & 3 deletions products/terraform/docs/swfw/aws/vmseries/modules/alb.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ title: Palo Alto Networks Application Load Balancer Module for AWS

A Terraform module for deploying an Application Load Balancer in AWS cloud. This is always a public Load Balancer with Target Groups of `IP` type. It is intended to be placed just in front of Next Generation Firewalls.

[![GitHub Logo](/img/view_on_github.png)](https://github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tree/main/examples/alb) [![Terraform Logo](/img/view_on_terraform_registry.png)](https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws/latest/examples/alb)
[![GitHub Logo](/img/view_on_github.png)](https://github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tree/main/modules/alb) [![Terraform Logo](/img/view_on_terraform_registry.png)](https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws/latest/submodules/alb)

## Usage

Expand Down Expand Up @@ -98,13 +98,13 @@ module "public_alb" {
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0, < 2.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.25 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.17 |

### Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.25 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.17 |

### Modules

Expand All @@ -127,6 +127,7 @@ No modules.
| [aws_s3_bucket_versioning.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning) | resource |
| [aws_elb_service_account.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source |
| [aws_iam_policy_document.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_partition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source |

### Inputs
Expand Down
7 changes: 4 additions & 3 deletions products/terraform/docs/swfw/aws/vmseries/modules/asg.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ title: Palo Alto Networks Autoscaling Group Module for AWS

A Terraform module for deploying VM-Series in Autoscaling group in AWS cloud.

[![GitHub Logo](/img/view_on_github.png)](https://github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tree/main/examples/asg) [![Terraform Logo](/img/view_on_terraform_registry.png)](https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws/latest/examples/asg)
[![GitHub Logo](/img/view_on_github.png)](https://github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tree/main/modules/asg) [![Terraform Logo](/img/view_on_terraform_registry.png)](https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws/latest/submodules/asg)

## Usage

Expand All @@ -34,15 +34,15 @@ For example usage, please refer to the [Examples](https://github.com/PaloAltoNet
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0, < 2.0.0 |
| <a name="requirement_archive"></a> [archive](#requirement\_archive) | ~> 2.2 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.25 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.17 |
| <a name="requirement_null"></a> [null](#requirement\_null) | 3.2.1 |

### Providers

| Name | Version |
|------|---------|
| <a name="provider_archive"></a> [archive](#provider\_archive) | ~> 2.2 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.25 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.17 |
| <a name="provider_null"></a> [null](#provider\_null) | 3.2.1 |

### Modules
Expand Down Expand Up @@ -70,6 +70,7 @@ No modules.
| [aws_ami.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_kms_alias.ebs_kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_alias) | data source |
| [aws_partition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |

### Inputs

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ The bootstrap package may optionally include a PAN-OS software image,
application and threat signature updates, VM-Series plug-ins, and/or license
files.

[![GitHub Logo](/img/view_on_github.png)](https://github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tree/main/examples/bootstrap) [![Terraform Logo](/img/view_on_terraform_registry.png)](https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws/latest/examples/bootstrap)
[![GitHub Logo](/img/view_on_github.png)](https://github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tree/main/modules/bootstrap) [![Terraform Logo](/img/view_on_terraform_registry.png)](https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws/latest/submodules/bootstrap)

## Directory and file structure
The root directory of the Terraform plan calling this module should include a
Expand Down Expand Up @@ -93,14 +93,14 @@ variables and associated values.
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0, < 2.0.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.25 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.17 |
| <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.3.2 |

### Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.25 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.17 |
| <a name="provider_random"></a> [random](#provider\_random) | ~> 3.3.2 |

### Modules
Expand All @@ -125,6 +125,7 @@ No modules.
| [aws_s3_object.init_cfg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
| [random_id.sufix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role) | data source |
| [aws_partition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source |

### Inputs
Expand Down
Loading