diff --git a/.github/workflows/default-ci.yaml b/.github/workflows/default-ci.yaml
index 7f9f84d..75355ad 100644
--- a/.github/workflows/default-ci.yaml
+++ b/.github/workflows/default-ci.yaml
@@ -1,4 +1,4 @@
-name: "Default CI"
+name: "Professional Services CI"
on:
push:
@@ -17,23 +17,6 @@ jobs:
- name: TruffleHog Scan
uses: edplato/trufflehog-actions-scan@master
- todo-check:
- name: "Check for Open TODOs"
- runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'stackit-ubuntu-22' }}
- steps:
- - name: Checkout Code
- uses: actions/checkout@v6
-
- - name: Search codebase
- run: |
- # Searches recursively (-r), showing line numbers (-n), ignoring binary files (-I)
- # Excludes the .git directory to prevent false positives
- if grep -rnIE "# ?TODO" --exclude-dir=.git --exclude-dir=.github .; then
- echo "Error: TODOs found in the codebase. Please resolve them before merging."
- exit 1
- fi
- echo "No TODOs found. Proceeding."
-
pre-commit-checks:
name: "Pre-Commit Hooks"
runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'stackit-ubuntu-22' }}
diff --git a/.github/workflows/github-mirror-ci.yaml b/.github/workflows/github-mirror-ci.yaml
index de61ea9..c596648 100644
--- a/.github/workflows/github-mirror-ci.yaml
+++ b/.github/workflows/github-mirror-ci.yaml
@@ -28,11 +28,11 @@ jobs:
- name: Push to Public Repo
run: |
echo "Setting up remote..."
- git config --global user.name "ps-sync-bot"
- git config --global user.email "ps-sync-bot@digits.schwarz"
+ git config --global user.name "prof-service-sync-bot"
+ git config --global user.email "prof-service-sync-bot@digits.schwarz"
# Add the GitHub remote using the SSH protocol
- git remote add public git@github.com:stackitcloud/professional-service.git
+ git remote add public git@github.com:stackitcloud/professional-services.git
echo "Pushing main branch to GitHub..."
git push public main --force
diff --git a/GOVERNANCE.md b/GOVERNANCE.md
deleted file mode 100644
index 8b1c7fc..0000000
--- a/GOVERNANCE.md
+++ /dev/null
@@ -1,41 +0,0 @@
-# Project Governance: STACKIT Professional Service
-
-This document defines the management, ownership, and maintenance processes for the STACKIT Professional Service repository.
-
-## 1. Strategy & "The Story"
-
-This repository serves as a bridge between internal excellence and public visibility.
-
-- **Internal Git (Source of Truth):** The primary repository is hosted on our internal STACKIT Git instance. All internal communication, documentation, and chat links MUST point to the internal instance to promote our own infrastructure and tools.
-- **GitHub (Public Mirror):** The GitHub repository is a mirror intended for external visibility, SEO, and accessibility for AI models (LLMs). It helps customers find our solutions and establishes STACKIT as a thought leader in cloud automation.
-
-## 2. Ownership
-
-### 2.1 Organizational Ownership
-
-The repository is owned by the **STACKIT Professional Services** organization. High-level decisions regarding repository structure, licensing, and global policies are managed by the Core Maintainers team.
-
-### 2.2 Example & Module Ownership
-
-Individual examples or modules within the repository have specific owners, documented in their respective `MAINTAINERS.md` files.
-
-- **Responsibility:** Owners are responsible for the technical health, periodic updates (e.g., dependency bumps), and community feedback for their specific content.
-- **Handover:** If an owner leaves the project or company, ownership reverts to the Core Maintainers until a new owner is assigned.
-
-## 3. Review & Quality Assurance
-
-To ensure high standards and security, we follow a strict contribution process:
-
-- **4-Eyes Principle:** No code enters the `main` branch without at least one successful Peer Review.
-- **Automated Validation:** Every Pull Request must pass the CI pipeline, which includes:
- - Linting and formatting checks.
- - License header verification (Apache 2.0).
- - Secret scanning (Trufflehog).
-- **Best Effort Policy:** While we strive for quality, the content is provided "as-is." Use in production environments requires independent validation by the user.
-
-## 4. Mirroring Process
-
-The synchronization between the internal Git and GitHub is fully automated:
-
-1. Changes are merged into the internal `main` branch.
-2. A GitHub Action triggers on every push to `main`.
diff --git a/README.md b/README.md
index 9fce77a..46e3b56 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
-# STACKIT Professional Service
+# STACKIT Professional Services
-Welcome to the central repository for STACKIT examples, scripts, and boilerplate code!
+Welcome to the central repository for STACKIT Professional Services examples, scripts, and boilerplate code!
> **⚠️ REPOSITORY MIRROR NOTICE**
>
> This GitHub repository is a **mirror**.
> The primary, internal source of truth for this codebase lives at:
-> `https://professional-service.git.onstackit.cloud/professional-service-best-practices/professional-service`
+> `https://professional-service.git.onstackit.cloud/professional-service-best-practices/professional-services`
>
> We automatically sync changes from our STACKIT managed GIT instance to this public GitHub repository.
>
@@ -20,7 +20,7 @@ Let's be upfront about how this repository is maintained:
- **Strictly Best Effort:** Everything you find in this repository is provided on a "best effort" basis.
- **No Guarantees on Freshness:** We try our best to keep the examples, Terraform modules, and scripts up to date with the latest provider releases and API changes. However, **we cannot guarantee it**. Things move fast in the cloud, and some examples might become outdated over time.
-- **Review Before Deploying:** Do not blindly copy-paste code from here directly into a production environment.
+- **Use Your Brain:** Do not blindly copy-paste code from here directly into a production environment.
## Contents
diff --git a/examples/dbaas-otel-collect-metrics/.terraform.lock.hcl b/examples/dbaas-otel-collect-metrics/.terraform.lock.hcl
deleted file mode 100644
index 810732d..0000000
--- a/examples/dbaas-otel-collect-metrics/.terraform.lock.hcl
+++ /dev/null
@@ -1,107 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/helm" {
- version = "3.1.1"
- hashes = [
- "h1:47CqNwkxctJtL/N/JuEj+8QMg8mRNI/NWeKO5/ydfZU=",
- "h1:5b2ojWKT0noujHiweCds37ZreRFRQLNaErdJLusJN88=",
- "zh:1a6d5ce931708aec29d1f3d9e360c2a0c35ba5a54d03eeaff0ce3ca597cd0275",
- "zh:3411919ba2a5941801e677f0fea08bdd0ae22ba3c9ce3309f55554699e06524a",
- "zh:81b36138b8f2320dc7f877b50f9e38f4bc614affe68de885d322629dd0d16a29",
- "zh:95a2a0a497a6082ee06f95b38bd0f0d6924a65722892a856cfd914c0d117f104",
- "zh:9d3e78c2d1bb46508b972210ad706dd8c8b106f8b206ecf096cd211c54f46990",
- "zh:a79139abf687387a6efdbbb04289a0a8e7eaca2bd91cdc0ce68ea4f3286c2c34",
- "zh:aaa8784be125fbd50c48d84d6e171d3fb6ef84a221dbc5165c067ce05faab4c8",
- "zh:afecd301f469975c9d8f350cc482fe656e082b6ab0f677d1a816c3c615837cc1",
- "zh:c54c22b18d48ff9053d899d178d9ffef7d9d19785d9bf310a07d648b7aac075b",
- "zh:db2eefd55aea48e73384a555c72bac3f7d428e24147bedb64e1a039398e5b903",
- "zh:ee61666a233533fd2be971091cecc01650561f1585783c381b6f6e8a390198a4",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "3.1.0"
- constraints = ">= 2.14.0"
- hashes = [
- "h1:G9QqKNpcztBRqrywtlNylFJSpGzDfRFtO8hcWLdkvRY=",
- "h1:oodIAuFMikXNmEtil5MQgP4dfSctUBYQiGJfjbsF3NY=",
- "zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0",
- "zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20",
- "zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c",
- "zh:1678c982853ad461e65ccb5e79d585e13ed109dd47dab2a66d3a7a304faeef65",
- "zh:1c050a5c15e330457a9c18caacf61a923c59d663e13f2962e4b32f04fef523a0",
- "zh:2c55bcec83be58ec132c7cb0a1ac644758b800d794fdc636d53a0eada0358a3a",
- "zh:a062bb0aa316c08d8460c66a5d68da71da40de5d3bc3b31abcf3a1a9a19650f1",
- "zh:a26fdea0afaa9b247c73c0b42843ca51ba7db0ac2571f9d3d50dcabd20ca1b98",
- "zh:c872c9385a78d502bf5823d61cd3bb0f9a0585030e025eb12585c83451beeaa1",
- "zh:f180879af931182beee4c8c0d9dab62b81d86f17ddcbe3786ef4c7cec9163a4e",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f70f5789264069e0eef06f9b5d5fde955ef7206f7d446d1ce51a4c37a3f3e02f",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.8.1"
- constraints = ">= 3.6.3"
- hashes = [
- "h1:Eexl06+6J+s75uD46+WnZtpJZYRVUMB0AiuPBifK6Jc=",
- "h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
- "zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
- "zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
- "zh:229665ddf060aa0ed315597908483eee5b818a17d09b6417a0f52fd9405c4f57",
- "zh:2469d2e48f28076254a2a3fc327f184914566d9e40c5780b8d96ebf7205f8bc0",
- "zh:37d7eb334d9561f335e748280f5535a384a88675af9a9eac439d4cfd663bcb66",
- "zh:741101426a2f2c52dee37122f0f4a2f2d6af6d852cb1db634480a86398fa3511",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:a902473f08ef8df62cfe6116bd6c157070a93f66622384300de235a533e9d4a9",
- "zh:b85c511a23e57a2147355932b3b6dce2a11e856b941165793a0c3d7578d94d05",
- "zh:c5172226d18eaac95b1daac80172287b69d4ce32750c82ad77fa0768be4ea4b8",
- "zh:dab4434dba34aad569b0bc243c2d3f3ff86dd7740def373f2a49816bd2ff819b",
- "zh:f49fd62aa8c5525a5c17abd51e27ca5e213881d58882fd42fec4a545b53c9699",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/time" {
- version = "0.13.1"
- hashes = [
- "h1:+W+DMrVoVnoXo3f3M4W+OpZbkCrUn6PnqDF33D2Cuf0=",
- "h1:ZT5ppCNIModqk3iOkVt5my8b8yBHmDpl663JtXAIRqM=",
- "zh:02cb9aab1002f0f2a94a4f85acec8893297dc75915f7404c165983f720a54b74",
- "zh:04429b2b31a492d19e5ecf999b116d396dac0b24bba0d0fb19ecaefe193fdb8f",
- "zh:26f8e51bb7c275c404ba6028c1b530312066009194db721a8427a7bc5cdbc83a",
- "zh:772ff8dbdbef968651ab3ae76d04afd355c32f8a868d03244db3f8496e462690",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:898db5d2b6bd6ca5457dccb52eedbc7c5b1a71e4a4658381bcbb38cedbbda328",
- "zh:8de913bf09a3fa7bedc29fec18c47c571d0c7a3d0644322c46f3aa648cf30cd8",
- "zh:9402102c86a87bdfe7e501ffbb9c685c32bbcefcfcf897fd7d53df414c36877b",
- "zh:b18b9bb1726bb8cfbefc0a29cf3657c82578001f514bcf4c079839b6776c47f0",
- "zh:b9d31fdc4faecb909d7c5ce41d2479dd0536862a963df434be4b16e8e4edc94d",
- "zh:c951e9f39cca3446c060bd63933ebb89cedde9523904813973fbc3d11863ba75",
- "zh:e5b773c0d07e962291be0e9b413c7a22c044b8c7b58c76e8aa91d1659990dfb5",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.92.0"
- constraints = ">= 0.87.0"
- hashes = [
- "h1:dE5sdzUaHkzVL8AW3+GXD2EEWX2PlS+sHT7F25SXcZ0=",
- "h1:j26ncxqlAp4q0/NHFoiATuVdIg7KH0zZhWoSAd+4Yj0=",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:5eaa713f68a004ec33697f510ca4c7722940e2bab8080c025822ca547325ef98",
- "zh:60ed4496492b9781f7cc581e346222a6356538a527e4ac67dce6815a64fc5c66",
- "zh:6834a7819429e3482a5fdd547c442cc032d7047c3fb0dee30e8babb2438598e1",
- "zh:6de632db0cbb42b429a9e752078df37716b0f335e5c39e883be5c55f7f1da553",
- "zh:ac8b1bc8212236aaab789cef1dce718e6b8394bcf4b5f6c6f8dabf8c8a213573",
- "zh:af4b1e805d6082a3ec94d2f5b68e8a62f04205af3f75a4a7d1b167e0f027d9ec",
- "zh:b709258a4cd3acd0a9426809c1d7c1ed25859010b566c1b29481b132a7e2af13",
- "zh:c7e8c5e8f2ca8c14c1bf5c92716a761b67792b38046b99653bdbf9ca423fc675",
- "zh:c7f47c6b7e33d1f28bdc8d1aa5fda2734d74d6b1b0c6ef8b258489d9405af231",
- "zh:d57dc6ad6b3a2879aa47012faf82f597a2ca1c3de1561bb96c6191e65072ea95",
- "zh:d5b18390104164477913ced864e7a1cd5a678490f9412be887e5d8e3961d242e",
- "zh:ead616306ab18c30a4c1110ad7fa8aee7d8a99e4410ceecbe5875beac5724f8a",
- "zh:f73ad70183a35e5d04e4b48c44654c76fec48a8f4c913dd31a5befc2a1c2e4dc",
- ]
-}
diff --git a/examples/dbaas-otel-collect-metrics/00-provider.tf b/examples/dbaas-otel-collect-metrics/00-provider.tf
deleted file mode 100644
index 8bf8bc1..0000000
--- a/examples/dbaas-otel-collect-metrics/00-provider.tf
+++ /dev/null
@@ -1,55 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# This file defines the required Terraform providers and their configurations.
-# It sets up the STACKIT, Kubernetes, and Helm providers to manage resources in the project and the SKE cluster.
-terraform {
- required_version = ">= 0.14.0"
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">= 0.87.0"
- }
- random = {
- source = "hashicorp/random"
- version = ">= 3.6.3"
- }
- kubernetes = {
- source = "hashicorp/kubernetes"
- version = ">=2.14.0"
- }
- }
-}
-
-provider "stackit" {
- default_region = var.stackit_region
- service_account_key_path = var.stackit_service_account_key_path
- experiments = ["iam"]
-}
-
-provider "kubernetes" {
- host = yamldecode(stackit_ske_kubeconfig.this.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.this.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.this.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.this.kube_config).clusters.0.cluster.certificate-authority-data)
-}
-
-provider "helm" {
- kubernetes = {
- host = yamldecode(stackit_ske_kubeconfig.this.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.this.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.this.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.this.kube_config).clusters.0.cluster.certificate-authority-data)
- }
-}
diff --git a/examples/dbaas-otel-collect-metrics/01-variables.tf b/examples/dbaas-otel-collect-metrics/01-variables.tf
deleted file mode 100644
index 35ec61c..0000000
--- a/examples/dbaas-otel-collect-metrics/01-variables.tf
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-variable "stackit_project_id" {
- type = string
- default = "d75e6aab-b616-4b42-ae3b-aaf161ad626d"
-}
-
-variable "stackit_region" {
- type = string
- default = "eu01"
-}
-
-variable "stackit_service_account_key_path" {
- type = string
- default = "../../keys/stackit-sa.json"
-}
-
-resource "stackit_key_pair" "admin_keypair" {
- name = "admin-keypair-12345"
- public_key = chomp(file("~/.ssh/id_rsa.pub"))
-}
diff --git a/examples/dbaas-otel-collect-metrics/02-ske.tf b/examples/dbaas-otel-collect-metrics/02-ske.tf
deleted file mode 100644
index 173ccbb..0000000
--- a/examples/dbaas-otel-collect-metrics/02-ske.tf
+++ /dev/null
@@ -1,67 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resource "stackit_ske_kubeconfig" "this" {
- project_id = var.stackit_project_id
- cluster_name = stackit_ske_cluster.this.name
- refresh = true
-
- depends_on = [stackit_ske_cluster.this]
-}
-
-data "stackit_ske_kubernetes_versions" "this" {
- version_state = "SUPPORTED"
-}
-
-data "stackit_ske_machine_image_versions" "this" {
- version_state = "SUPPORTED"
-}
-
-locals {
- flatcar_supported_version = one(flatten([
- for mi in data.stackit_ske_machine_image_versions.this.machine_images : [
- for v in mi.versions :
- v.version
- if mi.name == "flatcar"
- ]
- ]))
-}
-
-resource "stackit_ske_cluster" "this" {
- project_id = var.stackit_project_id
- name = "dbaas-otel"
- kubernetes_version_min = data.stackit_ske_kubernetes_versions.this.kubernetes_versions.0.version
-
- maintenance = {
- enable_kubernetes_version_updates = true
- enable_machine_image_version_updates = true
- start = "01:00:00Z"
- end = "02:00:00Z"
- }
-
- node_pools = [
- {
- name = "standard"
- machine_type = "g2i.4"
- minimum = "3"
- maximum = "9"
- max_surge = "3"
- availability_zones = ["eu01-1", "eu01-2", "eu01-3"]
- os_version_min = local.flatcar_supported_version
- os_name = "flatcar"
- volume_size = 150
- volume_type = "storage_premium_perf6"
- },
- ]
-}
diff --git a/examples/dbaas-otel-collect-metrics/03-observability.tf b/examples/dbaas-otel-collect-metrics/03-observability.tf
deleted file mode 100644
index 916d7db..0000000
--- a/examples/dbaas-otel-collect-metrics/03-observability.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resource "stackit_observability_instance" "example" {
- project_id = var.stackit_project_id
- name = "example-obs"
- plan_name = "Observability-Large-EU01"
- alert_config = null
-}
diff --git a/examples/dbaas-otel-collect-metrics/04-postgres.tf b/examples/dbaas-otel-collect-metrics/04-postgres.tf
deleted file mode 100644
index 6247083..0000000
--- a/examples/dbaas-otel-collect-metrics/04-postgres.tf
+++ /dev/null
@@ -1,44 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resource "stackit_postgresflex_instance" "this" {
- project_id = var.stackit_project_id
- name = "example-instance"
- backup_schedule = "00 00 * * *"
- flavor = {
- cpu = 2
- ram = 4
- }
- replicas = 3
- storage = {
- class = "premium-perf2-stackit"
- size = 15
- }
- version = 15
- acl = ["0.0.0.0/0"]
-}
-
-resource "stackit_postgresflex_user" "this" {
- project_id = var.stackit_project_id
- instance_id = stackit_postgresflex_instance.this.instance_id
- username = "test"
- roles = ["createdb", "login"]
-}
-
-resource "stackit_postgresflex_database" "this" {
- project_id = var.stackit_project_id
- instance_id = stackit_postgresflex_instance.this.instance_id
- name = "test"
- owner = stackit_postgresflex_user.this.username
-}
diff --git a/examples/dbaas-otel-collect-metrics/04-service-account.tf b/examples/dbaas-otel-collect-metrics/04-service-account.tf
deleted file mode 100644
index eb25d4c..0000000
--- a/examples/dbaas-otel-collect-metrics/04-service-account.tf
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resource "stackit_service_account" "this" {
- name = "prom-proxy"
- project_id = var.stackit_project_id
-}
-
-resource "time_rotating" "rotate" {
- rotation_days = 150
-}
-
-resource "stackit_service_account_key" "this" {
- project_id = var.stackit_project_id
- service_account_email = stackit_service_account.this.email
- ttl_days = 180
-
- rotate_when_changed = {
- rotation = time_rotating.rotate.id
- }
-}
-
-resource "stackit_authorization_project_role_assignment" "this" {
- resource_id = var.stackit_project_id
- role = "prometheus-proxy.reader"
- subject = stackit_service_account.this.email
-}
diff --git a/examples/dbaas-otel-collect-metrics/05-otel-helm.tf b/examples/dbaas-otel-collect-metrics/05-otel-helm.tf
deleted file mode 100644
index acc8ee6..0000000
--- a/examples/dbaas-otel-collect-metrics/05-otel-helm.tf
+++ /dev/null
@@ -1,65 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-locals {
- sa_json = jsondecode(stackit_service_account_key.this.json)
- otel_helm_values = templatefile("${path.module}/helm-values/otel-collector-values.tftpl", {
- stackit_project_id = var.stackit_project_id
- stackit_region = var.stackit_region
- stackit_postgres_instance_id = stackit_postgresflex_instance.this.instance_id
- observability_metrics_endpoint = stackit_observability_instance.example.metrics_push_url
- secret_name = kubernetes_secret.otel_secret.metadata[0].name
- sa_client_id = local.sa_json.credentials.sub
- sa_issuer = local.sa_json.credentials.iss
- sa_key_id = local.sa_json.credentials.kid
- })
-}
-
-
-resource "stackit_observability_credential" "otel" {
- project_id = var.stackit_project_id
- instance_id = stackit_observability_instance.example.instance_id
-}
-
-resource "kubernetes_namespace" "monitoring" {
- metadata {
- name = "monitoring"
- }
-}
-
-resource "kubernetes_secret" "otel_secret" {
- metadata {
- name = "otel-secrets"
- namespace = kubernetes_namespace.monitoring.metadata[0].name
- }
-
- data = {
- OBSERVABILITY_AUTHORIZATION_HEADER = "Basic ${base64encode("${stackit_observability_credential.otel.username}:${stackit_observability_credential.otel.password}")}"
- JSON = stackit_service_account_key.this.json
- PRIVATE_KEY = jsondecode(stackit_service_account_key.this.json).credentials.privateKey
- }
-}
-
-resource "helm_release" "opentelemetry_collector" {
- name = "opentelemetry-collector"
- repository = "https://open-telemetry.github.io/opentelemetry-helm-charts"
- chart = "opentelemetry-collector"
- version = "0.152.0"
- namespace = kubernetes_namespace.monitoring.metadata[0].name
- timeout = 30
-
- values = [
- local.otel_helm_values
- ]
-}
diff --git a/examples/dbaas-otel-collect-metrics/MAINTAINERS.md b/examples/dbaas-otel-collect-metrics/MAINTAINERS.md
deleted file mode 100644
index 6457701..0000000
--- a/examples/dbaas-otel-collect-metrics/MAINTAINERS.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Maintainers
-
-General maintainers:
-
-- Mauritz Uphoff (Mauritz.Uphoff@digits.schwarz)
-
-This example is actively maintained. The owner is responsible for reviewing and updating dependencies and functionalities on a monthly basis.
-For questions, issues, or feature requests, please email general maintainers.
-Please include the BP name and version in your request. We will track your request as an issue.
diff --git a/examples/dbaas-otel-collect-metrics/README.md b/examples/dbaas-otel-collect-metrics/README.md
deleted file mode 100644
index 965b11b..0000000
--- a/examples/dbaas-otel-collect-metrics/README.md
+++ /dev/null
@@ -1,39 +0,0 @@
-# DBaaS OpenTelemetry Metrics Collection
-
-Collect metrics from STACKIT PostgreSQL Flex and MongoDB instances using OpenTelemetry (OTel) and export them to STACKIT Observability.
-
-## Prerequisites
-
-- STACKIT Project ID and Service Account key.
-- Terraform, `kubectl`, and `helm` installed.
-
-## Usage
-
-1. **Configure**: Update `stackit_project_id` and `stackit_service_account_key_path` in `01-variables.tf`.
-2. **Deploy**:
- ```bash
- terraform init
- terraform apply
- ```
-
-## Scrape Configuration
-
-The OTel Collector scrapes metrics from:
-
-- **PostgreSQL**: `https://postgres-prom-proxy.api.stackit.cloud/v2/...`
-- **MongoDB**: `https://mongodb-prom-proxy.api.stackit.cloud/v2/...`
-
-_Note: MSSQL is not supported._
-
-## Debugging
-
-View live scrape data in the collector logs:
-
-```bash
-kubectl logs -l app.kubernetes.io/name=otel-collector -n monitoring -f
-```
-
-## Documentation
-
-- [PostgreSQL Flex Metrics](https://docs.stackit.cloud/products/databases/postgresql-flex/reference/observability-metrics-in-postgresql-flex/)
-- [MongoDB Flex Metrics](https://docs.stackit.cloud/products/databases/mongodb-flex/reference/observability-metrics/)
diff --git a/examples/dbaas-otel-collect-metrics/helm-values/otel-collector-values.tftpl b/examples/dbaas-otel-collect-metrics/helm-values/otel-collector-values.tftpl
deleted file mode 100644
index 2f34dd0..0000000
--- a/examples/dbaas-otel-collect-metrics/helm-values/otel-collector-values.tftpl
+++ /dev/null
@@ -1,79 +0,0 @@
-fullnameOverride: otel-collector
-mode: deployment
-
-podAnnotations:
- stackit-sa-key-id: "${sa_key_id}"
-
-image:
- repository: "otel/opentelemetry-collector-contrib"
-
-config:
- receivers:
- prometheus:
- config:
- scrape_configs:
- - job_name: stackit-postgres
- metrics_path: /v2/projects/$${STACKIT_PROJECT_ID}/regions/$${STACKIT_REGION}/instances/$${STACKIT_POSTGRES_INSTANCE_ID}/metrics
- oauth2:
- audience: $${SA_TOKEN_REQUEST_AUDIENCE}
- client_certificate_key_file: /mnt/secrets-store/private-key
- client_certificate_key_id: $${SA_TOKEN_REQUEST_CLIENT_CERTIFICATE_KEY_ID}
- client_id: $${SA_TOKEN_REQUEST_CLIENT_ID}
- grant_type: urn:ietf:params:oauth:grant-type:jwt-bearer
- iss: $${SA_TOKEN_REQUEST_ISSUER}
- signature_algorithm: RS512
- token_url: https://service-account.api.stackit.cloud/token
- scheme: https
- scrape_interval: 1m
- static_configs:
- - targets:
- - postgres-prom-proxy.api.stackit.cloud:443
- exporters:
- debug:
- verbosity: normal
- prometheusremotewrite:
- endpoint: $${OBSERVABILITY_METRICS_ENDPOINT}
- headers:
- Authorization: $${OBSERVABILITY_AUTHORIZATION_HEADER}
-
- service:
- pipelines:
- metrics:
- receivers: [prometheus]
- exporters: [prometheusremotewrite, debug]
-
-extraEnvs:
- - name: STACKIT_PROJECT_ID
- value: "${stackit_project_id}"
- - name: STACKIT_REGION
- value: "${stackit_region}"
- - name: STACKIT_POSTGRES_INSTANCE_ID
- value: "${stackit_postgres_instance_id}"
- - name: OBSERVABILITY_METRICS_ENDPOINT
- value: "${observability_metrics_endpoint}"
- - name: OBSERVABILITY_AUTHORIZATION_HEADER
- valueFrom:
- secretKeyRef:
- name: ${secret_name}
- key: OBSERVABILITY_AUTHORIZATION_HEADER
- - name: SA_TOKEN_REQUEST_CLIENT_ID
- value: "${sa_client_id}"
- - name: SA_TOKEN_REQUEST_ISSUER
- value: "${sa_issuer}"
- - name: SA_TOKEN_REQUEST_CLIENT_CERTIFICATE_KEY_ID
- value: "${sa_key_id}"
- - name: SA_TOKEN_REQUEST_AUDIENCE
- value: "https://service-account.api.stackit.cloud/token"
-
-extraVolumes:
- - name: otel-secrets
- secret:
- secretName: ${secret_name}
- items:
- - key: PRIVATE_KEY
- path: private-key
-
-extraVolumeMounts:
- - name: otel-secrets
- mountPath: /mnt/secrets-store
- readOnly: true
diff --git a/examples/iaas-cross-az-layer4-loadbalancer/.terraform.lock.hcl b/examples/iaas-cross-az-layer4-loadbalancer/.terraform.lock.hcl
index eeb1632..bd80b22 100644
--- a/examples/iaas-cross-az-layer4-loadbalancer/.terraform.lock.hcl
+++ b/examples/iaas-cross-az-layer4-loadbalancer/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/random" {
version = "3.8.1"
constraints = ">= 3.6.3"
hashes = [
- "h1:Eexl06+6J+s75uD46+WnZtpJZYRVUMB0AiuPBifK6Jc=",
"h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
"zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
"zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
@@ -27,7 +26,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
constraints = ">= 0.87.0"
hashes = [
"h1:8de9n+Roq6Z2Ltp9poBBBN9a4zSpx73VLpgFS5mTyoI=",
- "h1:RStdHSDwbtonYfg7mR5Y92v6fxIVX9FEz0UN+tm9kHI=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:0ed12db90276ccd2d6f87135b7dd078657823c3ca33121c6a157d0bdf08f801e",
"zh:160b32bcf1d01666784cf8469e10e0a38d4c3d24c80c0c5be470cc63ef27ea62",
diff --git a/examples/iaas-cross-az-layer7-loadbalancer-waf/.terraform.lock.hcl b/examples/iaas-cross-az-layer7-loadbalancer-waf/.terraform.lock.hcl
index 25ece83..5e195e5 100644
--- a/examples/iaas-cross-az-layer7-loadbalancer-waf/.terraform.lock.hcl
+++ b/examples/iaas-cross-az-layer7-loadbalancer-waf/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/random" {
version = "3.8.1"
constraints = ">= 3.6.3"
hashes = [
- "h1:Eexl06+6J+s75uD46+WnZtpJZYRVUMB0AiuPBifK6Jc=",
"h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
"zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
"zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
@@ -25,7 +24,6 @@ provider "registry.terraform.io/hashicorp/random" {
provider "registry.terraform.io/hashicorp/tls" {
version = "4.2.1"
hashes = [
- "h1:F5d6bQY8UlBo0D71Sv7CsV+3aZOFz0yeNF+vufog7h4=",
"h1:akFNuHwvrtnYMBofieoeXhPJDhYZzJVu/Q/BgZK2fgg=",
"zh:0d1e7d07ac973b97fa228f46596c800de830820506ee145626f079dd6bbf8d8a",
"zh:5c7e3d4348cb4861ab812973ef493814a4b224bdd3e9d534a7c8a7c992382b86",
@@ -44,9 +42,8 @@ provider "registry.terraform.io/hashicorp/tls" {
provider "registry.terraform.io/mastercard/restapi" {
version = "3.0.0"
- constraints = ">= 3.0.0"
+ constraints = "3.0.0"
hashes = [
- "h1:Fqxoc6bsydl6iWGx6ZvyqUDdGt7Cb4sW/BSHhBeHGgw=",
"h1:y1I3azDHOqRySTyDHsb3Xh1waP/99KfykZRagbRx1qI=",
"zh:0b63bd3c25a31f090a41933f90b7dd6e984add1c4261d8f5caa73f4d5aa065a4",
"zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7",
@@ -71,7 +68,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
constraints = ">= 0.87.0"
hashes = [
"h1:8de9n+Roq6Z2Ltp9poBBBN9a4zSpx73VLpgFS5mTyoI=",
- "h1:RStdHSDwbtonYfg7mR5Y92v6fxIVX9FEz0UN+tm9kHI=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:0ed12db90276ccd2d6f87135b7dd078657823c3ca33121c6a157d0bdf08f801e",
"zh:160b32bcf1d01666784cf8469e10e0a38d4c3d24c80c0c5be470cc63ef27ea62",
diff --git a/examples/iaas-ha-vrrp/.terraform.lock.hcl b/examples/iaas-ha-vrrp/.terraform.lock.hcl
index c8e7f0a..22969f3 100644
--- a/examples/iaas-ha-vrrp/.terraform.lock.hcl
+++ b/examples/iaas-ha-vrrp/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/random" {
version = "3.8.1"
constraints = ">= 3.6.3"
hashes = [
- "h1:Eexl06+6J+s75uD46+WnZtpJZYRVUMB0AiuPBifK6Jc=",
"h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
"zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
"zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
@@ -26,7 +25,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.90.0"
constraints = ">= 0.87.0"
hashes = [
- "h1:QgP6TOtucJ3A6fA51rdUvxhYGjl9RrWvXQZpjHTOuiU=",
"h1:W29Kv6XUxYssF2Gy8KcmTx3EFstt6k8sKgPRIBbq+qs=",
"zh:003af58a84884558bbb2fc40fcbefa6774ec20aa9e4b97cf3f950190a600afd2",
"zh:026ee9cef4670cf33369f8654c6b9b1d8c0e116ceb0b353c882be222951ecdd4",
diff --git a/examples/iaas-volume-encryption/.terraform.lock.hcl b/examples/iaas-volume-encryption/.terraform.lock.hcl
index f4f00c9..7c3993a 100644
--- a/examples/iaas-volume-encryption/.terraform.lock.hcl
+++ b/examples/iaas-volume-encryption/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.80.0"
constraints = "0.80.0"
hashes = [
- "h1:VqmLlSV9sMOX7aq5Bnsj18KNKCUPFahZzf0SA5fTkVk=",
"h1:wz7uGwzVoo1NO18CDLcfjLraTSiWQ5EzJnDeCKcFi60=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:3a0e6cb125ef76a24b2b5ff9c786c57058f385571d283bd68f633225fcca695a",
diff --git a/examples/pfsense-hub-and-spoke/cloud-init/user-init-linux.yml b/examples/pfsense-hub-and-spoke/cloud-init/user-init-linux.yml
index be6e579..6850de0 100644
--- a/examples/pfsense-hub-and-spoke/cloud-init/user-init-linux.yml
+++ b/examples/pfsense-hub-and-spoke/cloud-init/user-init-linux.yml
@@ -8,7 +8,7 @@
# default password in production.
#
# Generate a SHA-512 hash on Linux/macOS:
-# openssl passwd -6 "YourPassword"
+# python3 -c "import crypt; print(crypt.crypt('YourPassword', crypt.mksalt(crypt.METHOD_SHA512)))"
# ---------------------------------------------------------------------------
users:
- name: admin-user
diff --git a/examples/resourcemanager-nested-folders/.terraform.lock.hcl b/examples/resourcemanager-nested-folders/.terraform.lock.hcl
index 0fdab96..c9888a0 100644
--- a/examples/resourcemanager-nested-folders/.terraform.lock.hcl
+++ b/examples/resourcemanager-nested-folders/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/random" {
version = "3.6.3"
constraints = "3.6.3"
hashes = [
- "h1:Fnaec9vA8sZ8BXVlN3Xn9Jz3zghSETIKg7ch8oXhxno=",
"h1:zG9uFP8l9u+yGZZvi5Te7PV62j50azpgwPunq2vTm1E=",
"zh:04ceb65210251339f07cd4611885d242cd4d0c7306e86dda9785396807c00451",
"zh:448f56199f3e99ff75d5c0afacae867ee795e4dfda6cb5f8e3b2a72ec3583dd8",
@@ -26,7 +25,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.90.0"
constraints = ">= 0.66.0"
hashes = [
- "h1:QgP6TOtucJ3A6fA51rdUvxhYGjl9RrWvXQZpjHTOuiU=",
"h1:W29Kv6XUxYssF2Gy8KcmTx3EFstt6k8sKgPRIBbq+qs=",
"zh:003af58a84884558bbb2fc40fcbefa6774ec20aa9e4b97cf3f950190a600afd2",
"zh:026ee9cef4670cf33369f8654c6b9b1d8c0e116ceb0b353c882be222951ecdd4",
diff --git a/examples/resourcemanager-nested-folders/README.md b/examples/resourcemanager-nested-folders/README.md
index b3d356d..1e99e45 100644
--- a/examples/resourcemanager-nested-folders/README.md
+++ b/examples/resourcemanager-nested-folders/README.md
@@ -2,6 +2,4 @@
## Overview
-> ⚠️ Two levels of folders must be enabled via a support ticket. By default, only one level is possible.
-
This repository demonstrates code to generate nested folders within a project.
diff --git a/examples/s3-aws-terraform-provider/.terraform.lock.hcl b/examples/s3-aws-terraform-provider/.terraform.lock.hcl
deleted file mode 100644
index 8873576..0000000
--- a/examples/s3-aws-terraform-provider/.terraform.lock.hcl
+++ /dev/null
@@ -1,47 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/aws" {
- version = "5.100.0"
- constraints = "~> 5.0"
- hashes = [
- "h1:edXOJWE4ORX8Fm+dpVpICzMZJat4AX0VRCAy/xkcOc0=",
- "zh:054b8dd49f0549c9a7cc27d159e45327b7b65cf404da5e5a20da154b90b8a644",
- "zh:0b97bf8d5e03d15d83cc40b0530a1f84b459354939ba6f135a0086c20ebbe6b2",
- "zh:1589a2266af699cbd5d80737a0fe02e54ec9cf2ca54e7e00ac51c7359056f274",
- "zh:6330766f1d85f01ae6ea90d1b214b8b74cc8c1badc4696b165b36ddd4cc15f7b",
- "zh:7c8c2e30d8e55291b86fcb64bdf6c25489d538688545eb48fd74ad622e5d3862",
- "zh:99b1003bd9bd32ee323544da897148f46a527f622dc3971af63ea3e251596342",
- "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
- "zh:9f8b909d3ec50ade83c8062290378b1ec553edef6a447c56dadc01a99f4eaa93",
- "zh:aaef921ff9aabaf8b1869a86d692ebd24fbd4e12c21205034bb679b9caf883a2",
- "zh:ac882313207aba00dd5a76dbd572a0ddc818bb9cbf5c9d61b28fe30efaec951e",
- "zh:bb64e8aff37becab373a1a0cc1080990785304141af42ed6aa3dd4913b000421",
- "zh:dfe495f6621df5540d9c92ad40b8067376350b005c637ea6efac5dc15028add4",
- "zh:f0ddf0eaf052766cfe09dea8200a946519f653c384ab4336e2a4a64fdd6310e9",
- "zh:f1b7e684f4c7ae1eed272b6de7d2049bb87a0275cb04dbb7cda6636f600699c9",
- "zh:ff461571e3f233699bf690db319dfe46aec75e58726636a0d97dd9ac6e32fb70",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.94.0"
- constraints = "> 0.90.0"
- hashes = [
- "h1:ikFzd4yeJ1LR8ojP2PsZwiK2ZLhxBjRXkEg2HJrI07U=",
- "zh:06c8da7d8a048216e825fa7d1e45949c1bda2a5f53f9bb0556b83b6610703fe6",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:19e82636cfd52a65105e0cf030bc8a0c815082818ef953b84f9b1e349a87318c",
- "zh:24af9b7d2f1bb38f480b1aa8cf5e4ecf483bd4403642a9e8a5accbe1ae212feb",
- "zh:3b10850e9242bcd00c519ff4140130e8443002fd60b6dff90983e7cb1973b2c3",
- "zh:54837a0fa4ddbcf0b8407718f8823b831322deba3bd7ec8492e4578928f50633",
- "zh:5cfd6a6b1ca73826a03f8746ef84a5c4059648bc49abf8056c8e0f9b87800a23",
- "zh:6ab3bcfef6ff65b4ce76d333b4ad99e5f91991fcf5bddbe1958aadde6ee05eab",
- "zh:81b96dc29b055f15e475d8bc32482617a582785949b3c02f44ef15d19951f69c",
- "zh:85f478c2fcf10219263462d0f06b5cc41603b1edad813c336e100b3e0a55bfe8",
- "zh:9adbb7655fddfe4d4081746d0d7e39c3e8fbf8aa3d8b7d3b5164f30c16a6bd93",
- "zh:9c24b39e788283ead8a8ce1f013a47562ff0dc1ccb642a8e18644cbdcda0f1c4",
- "zh:a425f28d6a5f6f024cab56c848c55025e84a09db946f1b00a2655d9567251cea",
- "zh:f28aa62d2f06e08fe6d18ef9103a8164aa9278540779bebd61120f810c603c6b",
- ]
-}
diff --git a/examples/secretsmanager-vault-terraform-provider/.terraform.lock.hcl b/examples/secretsmanager-vault-terraform-provider/.terraform.lock.hcl
deleted file mode 100644
index 474bc20..0000000
--- a/examples/secretsmanager-vault-terraform-provider/.terraform.lock.hcl
+++ /dev/null
@@ -1,44 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/vault" {
- version = "5.9.0"
- constraints = "5.9.0"
- hashes = [
- "h1:8wcXxEMo7XvCnrtZHSpAuWmRfYiZkWn2tssshB1BDzo=",
- "zh:16e23a37c0965938544af282a7bc13dabca445f462ab27829f98e936ace4d263",
- "zh:249fcf9da1a690fe9aa44a7421fad89a425afb0c2ce7eaf306d75daddd691af5",
- "zh:3d92af386049a229a428f21b938a22df61703447c8ceed65c73f111a64e627d2",
- "zh:4033fedf9d4f54f0aacf7c4a79e20978bcd67c0a8ab9411acd447db1469108a4",
- "zh:51c78d0dc378037bbaf3cd26ff29fae7c40d7b134b40d059b982257987c15f9f",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:86e414b7327343de676ec506d30c557a514dbd992b27a2670466adaf9ed69718",
- "zh:879c3a61ed8d183a68ddb590e63a7e0d6aab8d8044fd4a13658e7b1661395a9d",
- "zh:8d548617543ee2ce0340972a5df93e7ac37b7895d4bf506bd587f8daac58e6d6",
- "zh:8d75b3bbfd9a536c8c1d84504cb3d1c8e1a3fd30e377a51a6311476632363103",
- "zh:922f625a36642c49daa432e07c12e72ff75025e0b9afda8d7240f38c6789fe46",
- "zh:fbceae685b395acaff6c820ed7d7eaa6250ef4769e04481145dc50e09b89db2f",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.94.0"
- constraints = ">= 0.94.0"
- hashes = [
- "h1:ikFzd4yeJ1LR8ojP2PsZwiK2ZLhxBjRXkEg2HJrI07U=",
- "zh:06c8da7d8a048216e825fa7d1e45949c1bda2a5f53f9bb0556b83b6610703fe6",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:19e82636cfd52a65105e0cf030bc8a0c815082818ef953b84f9b1e349a87318c",
- "zh:24af9b7d2f1bb38f480b1aa8cf5e4ecf483bd4403642a9e8a5accbe1ae212feb",
- "zh:3b10850e9242bcd00c519ff4140130e8443002fd60b6dff90983e7cb1973b2c3",
- "zh:54837a0fa4ddbcf0b8407718f8823b831322deba3bd7ec8492e4578928f50633",
- "zh:5cfd6a6b1ca73826a03f8746ef84a5c4059648bc49abf8056c8e0f9b87800a23",
- "zh:6ab3bcfef6ff65b4ce76d333b4ad99e5f91991fcf5bddbe1958aadde6ee05eab",
- "zh:81b96dc29b055f15e475d8bc32482617a582785949b3c02f44ef15d19951f69c",
- "zh:85f478c2fcf10219263462d0f06b5cc41603b1edad813c336e100b3e0a55bfe8",
- "zh:9adbb7655fddfe4d4081746d0d7e39c3e8fbf8aa3d8b7d3b5164f30c16a6bd93",
- "zh:9c24b39e788283ead8a8ce1f013a47562ff0dc1ccb642a8e18644cbdcda0f1c4",
- "zh:a425f28d6a5f6f024cab56c848c55025e84a09db946f1b00a2655d9567251cea",
- "zh:f28aa62d2f06e08fe6d18ef9103a8164aa9278540779bebd61120f810c603c6b",
- ]
-}
diff --git a/examples/secretsmanager-vault-terraform-provider/main.tf b/examples/secretsmanager-vault-terraform-provider/main.tf
index bea426c..ddd4b6e 100644
--- a/examples/secretsmanager-vault-terraform-provider/main.tf
+++ b/examples/secretsmanager-vault-terraform-provider/main.tf
@@ -12,6 +12,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+provider "stackit" {
+ default_region = "eu01"
+ service_account_key_path = ""
+}
+
resource "stackit_secretsmanager_instance" "example" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-instance"
@@ -24,6 +29,16 @@ resource "stackit_secretsmanager_user" "example" {
write_enabled = true
}
+provider "vault" {
+ address = "https://prod.sm.eu01.stackit.cloud"
+ skip_child_token = true
+
+ auth_login_userpass {
+ username = stackit_secretsmanager_user.example.username
+ password = stackit_secretsmanager_user.example.password
+ }
+}
+
resource "stackit_observability_instance" "example" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-instance"
diff --git a/examples/secretsmanager-vault-terraform-provider/provider.tf b/examples/secretsmanager-vault-terraform-provider/provider.tf
deleted file mode 100644
index cf73ad6..0000000
--- a/examples/secretsmanager-vault-terraform-provider/provider.tf
+++ /dev/null
@@ -1,41 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">= 0.94.0"
- }
- vault = {
- source = "hashicorp/vault"
- version = "5.9.0"
- }
- }
-}
-
-provider "stackit" {
- default_region = "eu01"
- service_account_key_path = ""
-}
-
-provider "vault" {
- address = "https://prod.sm.eu01.stackit.cloud"
- skip_child_token = true
-
- auth_login_userpass {
- username = stackit_secretsmanager_user.example.username
- password = stackit_secretsmanager_user.example.password
- }
-}
diff --git a/examples/ske-encrypted-volumes/.terraform.lock.hcl b/examples/ske-encrypted-volumes/.terraform.lock.hcl
deleted file mode 100644
index 39718fe..0000000
--- a/examples/ske-encrypted-volumes/.terraform.lock.hcl
+++ /dev/null
@@ -1,44 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "3.1.0"
- constraints = ">= 3.1.0"
- hashes = [
- "h1:oodIAuFMikXNmEtil5MQgP4dfSctUBYQiGJfjbsF3NY=",
- "zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0",
- "zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20",
- "zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c",
- "zh:1678c982853ad461e65ccb5e79d585e13ed109dd47dab2a66d3a7a304faeef65",
- "zh:1c050a5c15e330457a9c18caacf61a923c59d663e13f2962e4b32f04fef523a0",
- "zh:2c55bcec83be58ec132c7cb0a1ac644758b800d794fdc636d53a0eada0358a3a",
- "zh:a062bb0aa316c08d8460c66a5d68da71da40de5d3bc3b31abcf3a1a9a19650f1",
- "zh:a26fdea0afaa9b247c73c0b42843ca51ba7db0ac2571f9d3d50dcabd20ca1b98",
- "zh:c872c9385a78d502bf5823d61cd3bb0f9a0585030e025eb12585c83451beeaa1",
- "zh:f180879af931182beee4c8c0d9dab62b81d86f17ddcbe3786ef4c7cec9163a4e",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f70f5789264069e0eef06f9b5d5fde955ef7206f7d446d1ce51a4c37a3f3e02f",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.94.0"
- constraints = ">= 0.94.0"
- hashes = [
- "h1:ikFzd4yeJ1LR8ojP2PsZwiK2ZLhxBjRXkEg2HJrI07U=",
- "zh:06c8da7d8a048216e825fa7d1e45949c1bda2a5f53f9bb0556b83b6610703fe6",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:19e82636cfd52a65105e0cf030bc8a0c815082818ef953b84f9b1e349a87318c",
- "zh:24af9b7d2f1bb38f480b1aa8cf5e4ecf483bd4403642a9e8a5accbe1ae212feb",
- "zh:3b10850e9242bcd00c519ff4140130e8443002fd60b6dff90983e7cb1973b2c3",
- "zh:54837a0fa4ddbcf0b8407718f8823b831322deba3bd7ec8492e4578928f50633",
- "zh:5cfd6a6b1ca73826a03f8746ef84a5c4059648bc49abf8056c8e0f9b87800a23",
- "zh:6ab3bcfef6ff65b4ce76d333b4ad99e5f91991fcf5bddbe1958aadde6ee05eab",
- "zh:81b96dc29b055f15e475d8bc32482617a582785949b3c02f44ef15d19951f69c",
- "zh:85f478c2fcf10219263462d0f06b5cc41603b1edad813c336e100b3e0a55bfe8",
- "zh:9adbb7655fddfe4d4081746d0d7e39c3e8fbf8aa3d8b7d3b5164f30c16a6bd93",
- "zh:9c24b39e788283ead8a8ce1f013a47562ff0dc1ccb642a8e18644cbdcda0f1c4",
- "zh:a425f28d6a5f6f024cab56c848c55025e84a09db946f1b00a2655d9567251cea",
- "zh:f28aa62d2f06e08fe6d18ef9103a8164aa9278540779bebd61120f810c603c6b",
- ]
-}
diff --git a/examples/ske-encrypted-volumes/main.tf b/examples/ske-encrypted-volumes/main.tf
index 55d2826..8e2d010 100644
--- a/examples/ske-encrypted-volumes/main.tf
+++ b/examples/ske-encrypted-volumes/main.tf
@@ -12,6 +12,18 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+provider "stackit" {
+ default_region = "eu01"
+ service_account_key_path = ""
+}
+
+provider "kubernetes" {
+ host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
+ client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
+ client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
+ cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
+}
+
resource "stackit_ske_cluster" "default" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "ske-enc-vol"
diff --git a/examples/ske-encrypted-volumes/provider.tf b/examples/ske-encrypted-volumes/provider.tf
deleted file mode 100644
index 7c46d2b..0000000
--- a/examples/ske-encrypted-volumes/provider.tf
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">= 0.94.0"
- }
- kubernetes = {
- source = "hashicorp/kubernetes"
- version = ">= 3.1.0"
- }
- }
-}
-
-provider "stackit" {
- default_region = "eu01"
- service_account_key_path = ""
-}
-
-provider "kubernetes" {
- host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
-}
diff --git a/examples/ske-external-secrets-sync/.terraform.lock.hcl b/examples/ske-external-secrets-sync/.terraform.lock.hcl
index f7f082b..fbb7035 100644
--- a/examples/ske-external-secrets-sync/.terraform.lock.hcl
+++ b/examples/ske-external-secrets-sync/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/helm" {
version = "2.17.0"
constraints = "2.17.0"
hashes = [
- "h1:K5FEjxvDnxb1JF1kG1xr8J3pNGxoaR3Z0IBG9Csm/Is=",
"h1:kQMkcPVvHOguOqnxoEU2sm1ND9vCHiT8TvZ2x6v/Rsw=",
"zh:06fb4e9932f0afc1904d2279e6e99353c2ddac0d765305ce90519af410706bd4",
"zh:104eccfc781fc868da3c7fec4385ad14ed183eb985c96331a1a937ac79c2d1a7",
@@ -27,7 +26,6 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
constraints = ">= 2.25.2"
hashes = [
"h1:P0c8knzZnouTNFIRij8IS7+pqd0OKaFDYX0j4GRsiqo=",
- "h1:vyHdH0p6bf9xp1NPePObAJkXTJb/I09FQQmmevTzZe0=",
"zh:02d55b0b2238fd17ffa12d5464593864e80f402b90b31f6e1bd02249b9727281",
"zh:20b93a51bfeed82682b3c12f09bac3031f5bdb4977c47c97a042e4df4fb2f9ba",
"zh:6e14486ecfaee38c09ccf33d4fdaf791409f90795c1b66e026c226fad8bc03c7",
@@ -47,7 +45,6 @@ provider "registry.terraform.io/hashicorp/random" {
version = "3.7.2"
constraints = "3.7.2"
hashes = [
- "h1:356j/3XnXEKr9nyicLUufzoF4Yr6hRy481KIxRVpK0c=",
"h1:KG4NuIBl1mRWU0KD/BGfCi1YN/j3F7H4YgeeM7iSdNs=",
"zh:14829603a32e4bc4d05062f059e545a91e27ff033756b48afbae6b3c835f508f",
"zh:1527fb07d9fea400d70e9e6eb4a2b918d5060d604749b6f1c361518e7da546dc",
@@ -67,7 +64,6 @@ provider "registry.terraform.io/hashicorp/random" {
provider "registry.terraform.io/hashicorp/vault" {
version = "5.8.0"
hashes = [
- "h1:eSJgYoJoVMce2xjJJCeAZnJELsC4RoqaotD0fgfn6dw=",
"h1:gk1cR+x1D+TEz05MKWmpp0p06+Trob5cN0eYU1vZGJs=",
"zh:18e79b42c8c155a5c541a45d54a6ccdeab23c404c239acdeed336a17cbfc2fd4",
"zh:241f50d1ea40030578034b4440e41676f1c9b5e8a2be5cd3afdb6e387914e0bf",
@@ -88,7 +84,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.90.0"
constraints = ">= 0.66.0"
hashes = [
- "h1:QgP6TOtucJ3A6fA51rdUvxhYGjl9RrWvXQZpjHTOuiU=",
"h1:W29Kv6XUxYssF2Gy8KcmTx3EFstt6k8sKgPRIBbq+qs=",
"zh:003af58a84884558bbb2fc40fcbefa6774ec20aa9e4b97cf3f950190a600afd2",
"zh:026ee9cef4670cf33369f8654c6b9b1d8c0e116ceb0b353c882be222951ecdd4",
diff --git a/examples/ske-gpu-operator/.terraform.lock.hcl b/examples/ske-gpu-operator/.terraform.lock.hcl
index 9772a39..2cebd8e 100644
--- a/examples/ske-gpu-operator/.terraform.lock.hcl
+++ b/examples/ske-gpu-operator/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/helm" {
version = "3.1.1"
hashes = [
"h1:47CqNwkxctJtL/N/JuEj+8QMg8mRNI/NWeKO5/ydfZU=",
- "h1:5b2ojWKT0noujHiweCds37ZreRFRQLNaErdJLusJN88=",
"zh:1a6d5ce931708aec29d1f3d9e360c2a0c35ba5a54d03eeaff0ce3ca597cd0275",
"zh:3411919ba2a5941801e677f0fea08bdd0ae22ba3c9ce3309f55554699e06524a",
"zh:81b36138b8f2320dc7f877b50f9e38f4bc614affe68de885d322629dd0d16a29",
@@ -26,7 +25,6 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
constraints = ">= 2.14.0"
hashes = [
"h1:P0c8knzZnouTNFIRij8IS7+pqd0OKaFDYX0j4GRsiqo=",
- "h1:vyHdH0p6bf9xp1NPePObAJkXTJb/I09FQQmmevTzZe0=",
"zh:02d55b0b2238fd17ffa12d5464593864e80f402b90b31f6e1bd02249b9727281",
"zh:20b93a51bfeed82682b3c12f09bac3031f5bdb4977c47c97a042e4df4fb2f9ba",
"zh:6e14486ecfaee38c09ccf33d4fdaf791409f90795c1b66e026c226fad8bc03c7",
@@ -44,10 +42,9 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.91.0"
- constraints = ">= 0.60.0"
+ constraints = "> 0.60.0"
hashes = [
"h1:8de9n+Roq6Z2Ltp9poBBBN9a4zSpx73VLpgFS5mTyoI=",
- "h1:RStdHSDwbtonYfg7mR5Y92v6fxIVX9FEz0UN+tm9kHI=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:0ed12db90276ccd2d6f87135b7dd078657823c3ca33121c6a157d0bdf08f801e",
"zh:160b32bcf1d01666784cf8469e10e0a38d4c3d24c80c0c5be470cc63ef27ea62",
diff --git a/examples/ske-kubernetes-terraform-provider/.terraform.lock.hcl b/examples/ske-kubernetes-terraform-provider/.terraform.lock.hcl
deleted file mode 100644
index de5a520..0000000
--- a/examples/ske-kubernetes-terraform-provider/.terraform.lock.hcl
+++ /dev/null
@@ -1,44 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "2.38.0"
- constraints = "~> 2.24"
- hashes = [
- "h1:5CkveFo5ynsLdzKk+Kv+r7+U9rMrNjfZPT3a0N/fhgE=",
- "zh:0af928d776eb269b192dc0ea0f8a3f0f5ec117224cd644bdacdc682300f84ba0",
- "zh:1be998e67206f7cfc4ffe77c01a09ac91ce725de0abaec9030b22c0a832af44f",
- "zh:326803fe5946023687d603f6f1bab24de7af3d426b01d20e51d4e6fbe4e7ec1b",
- "zh:4a99ec8d91193af961de1abb1f824be73df07489301d62e6141a656b3ebfff12",
- "zh:5136e51765d6a0b9e4dbcc3b38821e9736bd2136cf15e9aac11668f22db117d2",
- "zh:63fab47349852d7802fb032e4f2b6a101ee1ce34b62557a9ad0f0f0f5b6ecfdc",
- "zh:924fb0257e2d03e03e2bfe9c7b99aa73c195b1f19412ca09960001bee3c50d15",
- "zh:b63a0be5e233f8f6727c56bed3b61eb9456ca7a8bb29539fba0837f1badf1396",
- "zh:d39861aa21077f1bc899bc53e7233262e530ba8a3a2d737449b100daeb303e4d",
- "zh:de0805e10ebe4c83ce3b728a67f6b0f9d18be32b25146aa89116634df5145ad4",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:faf23e45f0090eef8ba28a8aac7ec5d4fdf11a36c40a8d286304567d71c1e7db",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.94.0"
- constraints = "~> 0.35"
- hashes = [
- "h1:ikFzd4yeJ1LR8ojP2PsZwiK2ZLhxBjRXkEg2HJrI07U=",
- "zh:06c8da7d8a048216e825fa7d1e45949c1bda2a5f53f9bb0556b83b6610703fe6",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:19e82636cfd52a65105e0cf030bc8a0c815082818ef953b84f9b1e349a87318c",
- "zh:24af9b7d2f1bb38f480b1aa8cf5e4ecf483bd4403642a9e8a5accbe1ae212feb",
- "zh:3b10850e9242bcd00c519ff4140130e8443002fd60b6dff90983e7cb1973b2c3",
- "zh:54837a0fa4ddbcf0b8407718f8823b831322deba3bd7ec8492e4578928f50633",
- "zh:5cfd6a6b1ca73826a03f8746ef84a5c4059648bc49abf8056c8e0f9b87800a23",
- "zh:6ab3bcfef6ff65b4ce76d333b4ad99e5f91991fcf5bddbe1958aadde6ee05eab",
- "zh:81b96dc29b055f15e475d8bc32482617a582785949b3c02f44ef15d19951f69c",
- "zh:85f478c2fcf10219263462d0f06b5cc41603b1edad813c336e100b3e0a55bfe8",
- "zh:9adbb7655fddfe4d4081746d0d7e39c3e8fbf8aa3d8b7d3b5164f30c16a6bd93",
- "zh:9c24b39e788283ead8a8ce1f013a47562ff0dc1ccb642a8e18644cbdcda0f1c4",
- "zh:a425f28d6a5f6f024cab56c848c55025e84a09db946f1b00a2655d9567251cea",
- "zh:f28aa62d2f06e08fe6d18ef9103a8164aa9278540779bebd61120f810c603c6b",
- ]
-}
diff --git a/examples/ske-nginx-rate-limit/.terraform.lock.hcl b/examples/ske-nginx-rate-limit/.terraform.lock.hcl
index 1c27261..1adc572 100644
--- a/examples/ske-nginx-rate-limit/.terraform.lock.hcl
+++ b/examples/ske-nginx-rate-limit/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/helm" {
version = "3.1.1"
hashes = [
"h1:47CqNwkxctJtL/N/JuEj+8QMg8mRNI/NWeKO5/ydfZU=",
- "h1:5b2ojWKT0noujHiweCds37ZreRFRQLNaErdJLusJN88=",
"zh:1a6d5ce931708aec29d1f3d9e360c2a0c35ba5a54d03eeaff0ce3ca597cd0275",
"zh:3411919ba2a5941801e677f0fea08bdd0ae22ba3c9ce3309f55554699e06524a",
"zh:81b36138b8f2320dc7f877b50f9e38f4bc614affe68de885d322629dd0d16a29",
@@ -26,7 +25,6 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
constraints = ">= 2.14.0"
hashes = [
"h1:P0c8knzZnouTNFIRij8IS7+pqd0OKaFDYX0j4GRsiqo=",
- "h1:vyHdH0p6bf9xp1NPePObAJkXTJb/I09FQQmmevTzZe0=",
"zh:02d55b0b2238fd17ffa12d5464593864e80f402b90b31f6e1bd02249b9727281",
"zh:20b93a51bfeed82682b3c12f09bac3031f5bdb4977c47c97a042e4df4fb2f9ba",
"zh:6e14486ecfaee38c09ccf33d4fdaf791409f90795c1b66e026c226fad8bc03c7",
@@ -45,7 +43,6 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
provider "registry.terraform.io/hashicorp/random" {
version = "3.8.1"
hashes = [
- "h1:Eexl06+6J+s75uD46+WnZtpJZYRVUMB0AiuPBifK6Jc=",
"h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
"zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
"zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
@@ -66,7 +63,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.90.0"
constraints = ">= 0.66.0"
hashes = [
- "h1:QgP6TOtucJ3A6fA51rdUvxhYGjl9RrWvXQZpjHTOuiU=",
"h1:W29Kv6XUxYssF2Gy8KcmTx3EFstt6k8sKgPRIBbq+qs=",
"zh:003af58a84884558bbb2fc40fcbefa6774ec20aa9e4b97cf3f950190a600afd2",
"zh:026ee9cef4670cf33369f8654c6b9b1d8c0e116ceb0b353c882be222951ecdd4",
diff --git a/examples/ske-observability-alerting-kube-state-metrics/.terraform.lock.hcl b/examples/ske-observability-alerting-kube-state-metrics/.terraform.lock.hcl
deleted file mode 100644
index 3e3b5bf..0000000
--- a/examples/ske-observability-alerting-kube-state-metrics/.terraform.lock.hcl
+++ /dev/null
@@ -1,64 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/helm" {
- version = "3.1.1"
- constraints = ">= 3.1.1"
- hashes = [
- "h1:5b2ojWKT0noujHiweCds37ZreRFRQLNaErdJLusJN88=",
- "zh:1a6d5ce931708aec29d1f3d9e360c2a0c35ba5a54d03eeaff0ce3ca597cd0275",
- "zh:3411919ba2a5941801e677f0fea08bdd0ae22ba3c9ce3309f55554699e06524a",
- "zh:81b36138b8f2320dc7f877b50f9e38f4bc614affe68de885d322629dd0d16a29",
- "zh:95a2a0a497a6082ee06f95b38bd0f0d6924a65722892a856cfd914c0d117f104",
- "zh:9d3e78c2d1bb46508b972210ad706dd8c8b106f8b206ecf096cd211c54f46990",
- "zh:a79139abf687387a6efdbbb04289a0a8e7eaca2bd91cdc0ce68ea4f3286c2c34",
- "zh:aaa8784be125fbd50c48d84d6e171d3fb6ef84a221dbc5165c067ce05faab4c8",
- "zh:afecd301f469975c9d8f350cc482fe656e082b6ab0f677d1a816c3c615837cc1",
- "zh:c54c22b18d48ff9053d899d178d9ffef7d9d19785d9bf310a07d648b7aac075b",
- "zh:db2eefd55aea48e73384a555c72bac3f7d428e24147bedb64e1a039398e5b903",
- "zh:ee61666a233533fd2be971091cecc01650561f1585783c381b6f6e8a390198a4",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "3.1.0"
- constraints = ">= 3.1.0"
- hashes = [
- "h1:oodIAuFMikXNmEtil5MQgP4dfSctUBYQiGJfjbsF3NY=",
- "zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0",
- "zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20",
- "zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c",
- "zh:1678c982853ad461e65ccb5e79d585e13ed109dd47dab2a66d3a7a304faeef65",
- "zh:1c050a5c15e330457a9c18caacf61a923c59d663e13f2962e4b32f04fef523a0",
- "zh:2c55bcec83be58ec132c7cb0a1ac644758b800d794fdc636d53a0eada0358a3a",
- "zh:a062bb0aa316c08d8460c66a5d68da71da40de5d3bc3b31abcf3a1a9a19650f1",
- "zh:a26fdea0afaa9b247c73c0b42843ca51ba7db0ac2571f9d3d50dcabd20ca1b98",
- "zh:c872c9385a78d502bf5823d61cd3bb0f9a0585030e025eb12585c83451beeaa1",
- "zh:f180879af931182beee4c8c0d9dab62b81d86f17ddcbe3786ef4c7cec9163a4e",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f70f5789264069e0eef06f9b5d5fde955ef7206f7d446d1ce51a4c37a3f3e02f",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.94.0"
- constraints = ">= 0.94.0"
- hashes = [
- "h1:ikFzd4yeJ1LR8ojP2PsZwiK2ZLhxBjRXkEg2HJrI07U=",
- "zh:06c8da7d8a048216e825fa7d1e45949c1bda2a5f53f9bb0556b83b6610703fe6",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:19e82636cfd52a65105e0cf030bc8a0c815082818ef953b84f9b1e349a87318c",
- "zh:24af9b7d2f1bb38f480b1aa8cf5e4ecf483bd4403642a9e8a5accbe1ae212feb",
- "zh:3b10850e9242bcd00c519ff4140130e8443002fd60b6dff90983e7cb1973b2c3",
- "zh:54837a0fa4ddbcf0b8407718f8823b831322deba3bd7ec8492e4578928f50633",
- "zh:5cfd6a6b1ca73826a03f8746ef84a5c4059648bc49abf8056c8e0f9b87800a23",
- "zh:6ab3bcfef6ff65b4ce76d333b4ad99e5f91991fcf5bddbe1958aadde6ee05eab",
- "zh:81b96dc29b055f15e475d8bc32482617a582785949b3c02f44ef15d19951f69c",
- "zh:85f478c2fcf10219263462d0f06b5cc41603b1edad813c336e100b3e0a55bfe8",
- "zh:9adbb7655fddfe4d4081746d0d7e39c3e8fbf8aa3d8b7d3b5164f30c16a6bd93",
- "zh:9c24b39e788283ead8a8ce1f013a47562ff0dc1ccb642a8e18644cbdcda0f1c4",
- "zh:a425f28d6a5f6f024cab56c848c55025e84a09db946f1b00a2655d9567251cea",
- "zh:f28aa62d2f06e08fe6d18ef9103a8164aa9278540779bebd61120f810c603c6b",
- ]
-}
diff --git a/examples/ske-observability-alerting-kube-state-metrics/main.tf b/examples/ske-observability-alerting-kube-state-metrics/main.tf
index 0194bc1..17520b1 100644
--- a/examples/ske-observability-alerting-kube-state-metrics/main.tf
+++ b/examples/ske-observability-alerting-kube-state-metrics/main.tf
@@ -12,6 +12,27 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+provider "stackit" {
+ default_region = "eu01"
+ service_account_key_path = ""
+}
+
+provider "kubernetes" {
+ host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
+ client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
+ client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
+ cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
+}
+
+provider "helm" {
+ kubernetes {
+ host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
+ client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
+ client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
+ cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
+ }
+}
+
resource "stackit_ske_cluster" "example" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example"
diff --git a/examples/ske-observability-alerting-kube-state-metrics/provider.tf b/examples/ske-observability-alerting-kube-state-metrics/provider.tf
deleted file mode 100644
index 430bb85..0000000
--- a/examples/ske-observability-alerting-kube-state-metrics/provider.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">= 0.94.0"
- }
- kubernetes = {
- source = "hashicorp/kubernetes"
- version = ">= 3.1.0"
- }
- helm = {
- source = "hashicorp/helm"
- version = ">= 3.1.1"
- }
- }
-}
-
-provider "stackit" {
- default_region = "eu01"
- service_account_key_path = ""
-}
-
-provider "kubernetes" {
- host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
-}
-
-provider "helm" {
- kubernetes = {
- host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
- }
-}
diff --git a/examples/ske-observability-log-alerts/.terraform.lock.hcl b/examples/ske-observability-log-alerts/.terraform.lock.hcl
deleted file mode 100644
index 3e3b5bf..0000000
--- a/examples/ske-observability-log-alerts/.terraform.lock.hcl
+++ /dev/null
@@ -1,64 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/helm" {
- version = "3.1.1"
- constraints = ">= 3.1.1"
- hashes = [
- "h1:5b2ojWKT0noujHiweCds37ZreRFRQLNaErdJLusJN88=",
- "zh:1a6d5ce931708aec29d1f3d9e360c2a0c35ba5a54d03eeaff0ce3ca597cd0275",
- "zh:3411919ba2a5941801e677f0fea08bdd0ae22ba3c9ce3309f55554699e06524a",
- "zh:81b36138b8f2320dc7f877b50f9e38f4bc614affe68de885d322629dd0d16a29",
- "zh:95a2a0a497a6082ee06f95b38bd0f0d6924a65722892a856cfd914c0d117f104",
- "zh:9d3e78c2d1bb46508b972210ad706dd8c8b106f8b206ecf096cd211c54f46990",
- "zh:a79139abf687387a6efdbbb04289a0a8e7eaca2bd91cdc0ce68ea4f3286c2c34",
- "zh:aaa8784be125fbd50c48d84d6e171d3fb6ef84a221dbc5165c067ce05faab4c8",
- "zh:afecd301f469975c9d8f350cc482fe656e082b6ab0f677d1a816c3c615837cc1",
- "zh:c54c22b18d48ff9053d899d178d9ffef7d9d19785d9bf310a07d648b7aac075b",
- "zh:db2eefd55aea48e73384a555c72bac3f7d428e24147bedb64e1a039398e5b903",
- "zh:ee61666a233533fd2be971091cecc01650561f1585783c381b6f6e8a390198a4",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "3.1.0"
- constraints = ">= 3.1.0"
- hashes = [
- "h1:oodIAuFMikXNmEtil5MQgP4dfSctUBYQiGJfjbsF3NY=",
- "zh:0215c5c60be62028c09a2f22458e89cda3ef5830a632299f1d401eb3538874b0",
- "zh:09ebb9f442431e278a310a9423f32caf467cb4b3cad3fe59573ca71fa7b14e20",
- "zh:0c4e5912f83bb35846ae0a9ae54fc320706ee61894cd21cc6b4181b1c5a2fa5c",
- "zh:1678c982853ad461e65ccb5e79d585e13ed109dd47dab2a66d3a7a304faeef65",
- "zh:1c050a5c15e330457a9c18caacf61a923c59d663e13f2962e4b32f04fef523a0",
- "zh:2c55bcec83be58ec132c7cb0a1ac644758b800d794fdc636d53a0eada0358a3a",
- "zh:a062bb0aa316c08d8460c66a5d68da71da40de5d3bc3b31abcf3a1a9a19650f1",
- "zh:a26fdea0afaa9b247c73c0b42843ca51ba7db0ac2571f9d3d50dcabd20ca1b98",
- "zh:c872c9385a78d502bf5823d61cd3bb0f9a0585030e025eb12585c83451beeaa1",
- "zh:f180879af931182beee4c8c0d9dab62b81d86f17ddcbe3786ef4c7cec9163a4e",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f70f5789264069e0eef06f9b5d5fde955ef7206f7d446d1ce51a4c37a3f3e02f",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.94.0"
- constraints = ">= 0.94.0"
- hashes = [
- "h1:ikFzd4yeJ1LR8ojP2PsZwiK2ZLhxBjRXkEg2HJrI07U=",
- "zh:06c8da7d8a048216e825fa7d1e45949c1bda2a5f53f9bb0556b83b6610703fe6",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:19e82636cfd52a65105e0cf030bc8a0c815082818ef953b84f9b1e349a87318c",
- "zh:24af9b7d2f1bb38f480b1aa8cf5e4ecf483bd4403642a9e8a5accbe1ae212feb",
- "zh:3b10850e9242bcd00c519ff4140130e8443002fd60b6dff90983e7cb1973b2c3",
- "zh:54837a0fa4ddbcf0b8407718f8823b831322deba3bd7ec8492e4578928f50633",
- "zh:5cfd6a6b1ca73826a03f8746ef84a5c4059648bc49abf8056c8e0f9b87800a23",
- "zh:6ab3bcfef6ff65b4ce76d333b4ad99e5f91991fcf5bddbe1958aadde6ee05eab",
- "zh:81b96dc29b055f15e475d8bc32482617a582785949b3c02f44ef15d19951f69c",
- "zh:85f478c2fcf10219263462d0f06b5cc41603b1edad813c336e100b3e0a55bfe8",
- "zh:9adbb7655fddfe4d4081746d0d7e39c3e8fbf8aa3d8b7d3b5164f30c16a6bd93",
- "zh:9c24b39e788283ead8a8ce1f013a47562ff0dc1ccb642a8e18644cbdcda0f1c4",
- "zh:a425f28d6a5f6f024cab56c848c55025e84a09db946f1b00a2655d9567251cea",
- "zh:f28aa62d2f06e08fe6d18ef9103a8164aa9278540779bebd61120f810c603c6b",
- ]
-}
diff --git a/examples/ske-observability-log-alerts/main.tf b/examples/ske-observability-log-alerts/main.tf
index 1be4fc0..21b3e6a 100644
--- a/examples/ske-observability-log-alerts/main.tf
+++ b/examples/ske-observability-log-alerts/main.tf
@@ -12,6 +12,27 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+provider "stackit" {
+ default_region = "eu01"
+ service_account_key_path = ""
+}
+
+provider "kubernetes" {
+ host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
+ client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
+ client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
+ cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
+}
+
+provider "helm" {
+ kubernetes {
+ host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
+ client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
+ client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
+ cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
+ }
+}
+
resource "stackit_ske_cluster" "example" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example"
diff --git a/examples/ske-observability-log-alerts/provider.tf b/examples/ske-observability-log-alerts/provider.tf
deleted file mode 100644
index 430bb85..0000000
--- a/examples/ske-observability-log-alerts/provider.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">= 0.94.0"
- }
- kubernetes = {
- source = "hashicorp/kubernetes"
- version = ">= 3.1.0"
- }
- helm = {
- source = "hashicorp/helm"
- version = ">= 3.1.1"
- }
- }
-}
-
-provider "stackit" {
- default_region = "eu01"
- service_account_key_path = ""
-}
-
-provider "kubernetes" {
- host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
-}
-
-provider "helm" {
- kubernetes = {
- host = yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.server
- client_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-certificate-data)
- client_key = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).users.0.user.client-key-data)
- cluster_ca_certificate = base64decode(yamldecode(stackit_ske_kubeconfig.example.kube_config).clusters.0.cluster.certificate-authority-data)
- }
-}
diff --git a/examples/ske-stackit-sfs-integration/.terraform.lock.hcl b/examples/ske-stackit-sfs-integration/.terraform.lock.hcl
index d3f19c1..75c9e75 100644
--- a/examples/ske-stackit-sfs-integration/.terraform.lock.hcl
+++ b/examples/ske-stackit-sfs-integration/.terraform.lock.hcl
@@ -5,7 +5,6 @@ provider "registry.terraform.io/stackitcloud/stackit" {
version = "0.79.0"
constraints = "0.79.0"
hashes = [
- "h1:AB51ok4llxeTmkVadjYpsafPbzSU5xEHLzcVBuVHxqc=",
"h1:l7AeT3WWi/u7QB7E1SaksYc5VjU9JS2LYc4OnavI3kw=",
"zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
"zh:1eb8276c0d8a4b5b92534020df0cb270ed7c4d91dfed6db089ee775b50a8f5e3",
diff --git a/examples/stackit-landing-zone/README.md b/examples/stackit-landing-zone/README.md
deleted file mode 100644
index 5173e22..0000000
--- a/examples/stackit-landing-zone/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-# STACKIT Landing Zone
-
-For the full Terraform Landing Zone implementation, please visit:
-[STACKIT Terraform Landing Zone Repository](https://github.com/stackitcloud/stackit-landing-zone)
diff --git a/examples/vpn-usecases/README.md b/examples/vpn-usecases/README.md
deleted file mode 100644
index 27e0755..0000000
--- a/examples/vpn-usecases/README.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# VPN Usecases
-
-> ⚠️ Note: Currently, we are still leveraging the restful provider to roll out managed VPN resources. Native integration for the STACKIT Terraform provider is a work in progress. We will update these examples once it is released.
-
-- [`STACKIT-STACKIT`](stackit-stackit)
-- [`STACKIT-GCP`](stackit-gcp)
-- [`STACKIT-AZURE`](stackit-azure)
diff --git a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/README.md b/examples/vpn-usecases/module/stackit-sna-with-debug-machine/README.md
deleted file mode 100644
index 509f3de..0000000
--- a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/README.md
+++ /dev/null
@@ -1,70 +0,0 @@
-# SNA with test-machine module
-
-This module is used to quickly spin up a sna with a test virtual machine. We use this module to debug vpn connectivity.
-
-> ⚠️ **SECURITY WARNING**
-> Be careful: By default, **port security is disabled** on the network interface to allow unrestricted traffic for debugging purposes. **Do not use this module in a production environment**.
-
-
-
-## Requirements
-
-| Name | Version |
-| ------------------------------------------------------------------ | -------- |
-| [stackit](#requirement_stackit) | >=0.95.0 |
-
-## Providers
-
-| Name | Version |
-| ------------------------------------------------------------ | -------- |
-| [stackit](#provider_stackit) | >=0.95.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
-| [stackit_network.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/network) | resource |
-| [stackit_network_area.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/network_area) | resource |
-| [stackit_network_area_region.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/network_area_region) | resource |
-| [stackit_network_interface.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/network_interface) | resource |
-| [stackit_public_ip.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/public_ip) | resource |
-| [stackit_resourcemanager_project.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/resourcemanager_project) | resource |
-| [stackit_server.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/server) | resource |
-| [stackit_volume.this](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/resources/volume) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-| --------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -------------- | ---------------------------------------- | :------: |
-| [machine_availability_zone](#input_machine_availability_zone) | The availability zone (e.g. eu01-1) | `string` | n/a | yes |
-| [machine_disk_performance_class](#input_machine_disk_performance_class) | Storage performance class | `string` | `"storage_premium_perf4"` | no |
-| [machine_disk_size](#input_machine_disk_size) | Boot volume size in GB | `number` | `20` | no |
-| [machine_image_id](#input_machine_image_id) | Image UUID (Default: Debian 12) | `string` | `"c751cde7-e648-4f81-9722-ce9c7848bed0"` | no |
-| [machine_ipv4_prefix](#input_machine_ipv4_prefix) | The IPv4 prefix for the test machine's network (CIDR notation). This must be a subnet within the defined SNA network ranges. | `string` | n/a | yes |
-| [machine_name](#input_machine_name) | name of the stackit test machine | `string` | n/a | yes |
-| [machine_network_name](#input_machine_network_name) | The name of the network where the test machine will be connected. | `string` | n/a | yes |
-| [machine_type](#input_machine_type) | Flavor of the machine | `string` | `"c2i.1"` | no |
-| [sna_default_nameserver](#input_sna_default_nameserver) | A list of STACKIT SNA default nameservers (IP addresses). | `list(string)` | [
"1.1.1.1"
]
| no |
-| [sna_name](#input_sna_name) | The name of the STACKIT Network Area (SNA). | `string` | n/a | yes |
-| [sna_network_range_prefix](#input_sna_network_range_prefix) | A list of STACKIT SNA network range prefixes in CIDR notation. | `list(string)` | [
"10.28.0.0/16"
]
| no |
-| [sna_transfer_range](#input_sna_transfer_range) | The STACKIT SNA transfer range in CIDR notation. | `string` | `"172.16.0.0/16"` | no |
-| [stackit_admin_email](#input_stackit_admin_email) | The email address of the project administrator. | `string` | n/a | yes |
-| [stackit_org_id](#input_stackit_org_id) | The STACKIT Organization ID (UUID). | `string` | n/a | yes |
-| [stackit_project_name](#input_stackit_project_name) | The name of the STACKIT project where the managed VPN and test machine will be deployed. | `string` | n/a | yes |
-
-## Outputs
-
-| Name | Description |
-| ----------------------------------------------------------------------------------------------- | ---------------------------------------------------------- |
-| [machine_network_ipv4](#output_machine_network_ipv4) | The IPv4 prefix of the machine's network. |
-| [machine_private_ipv4](#output_machine_private_ipv4) | The private IP address of the test machine. |
-| [machine_public_ip](#output_machine_public_ip) | The public IP address of the test machine. |
-| [project_id](#output_project_id) | The ID of the STACKIT project. |
-| [sna_id](#output_sna_id) | The ID of the STACKIT Network Area. |
-| [sna_network_range](#output_sna_network_range) | The network ranges (sna-ipv4) of the STACKIT Network Area. |
-
-
diff --git a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/debug-user.yml b/examples/vpn-usecases/module/stackit-sna-with-debug-machine/debug-user.yml
deleted file mode 100644
index 865ffb5..0000000
--- a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/debug-user.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-#cloud-config
-# ---------------------------------------------------------------------------
-# Example cloud-init for Linux instances (RHEL / Debian).
-# Creates a local admin user for initial access.
-#
-# IMPORTANT: Replace the password hash below with a hash of your own
-# secure password before deploying. Never use a shared or well-known
-# default password in production.
-#
-# Generate a SHA-512 hash on Linux/macOS:
-# openssl passwd -6 "YourPassword"
-# ---------------------------------------------------------------------------
-users:
- - name: debug
- groups: sudo
- shell: /bin/bash
- sudo: ["ALL=(ALL) NOPASSWD:ALL"]
- lock_passwd: false
- # debug123
- passwd: "$6$dIIA5b1oK7qi89.P$MH9SSMtnzCo8QvvUnVoCE5e1c7FY0NUgB4dpsv5JDq9zpRDiTpfiYtM5DitiJIuQWvZ7T1emTTgKaBufayaIW."
-
-chpasswd:
- expire: false
-
-ssh_pwauth: true
diff --git a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/main.tf b/examples/vpn-usecases/module/stackit-sna-with-debug-machine/main.tf
deleted file mode 100644
index a8f09c4..0000000
--- a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/main.tf
+++ /dev/null
@@ -1,96 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resource "stackit_network_area" "this" {
- name = var.sna_name
- organization_id = var.stackit_org_id
- labels = {
- "preview/routingtables" = "true"
- }
-}
-
-resource "stackit_network_area_region" "this" {
- organization_id = var.stackit_org_id
- network_area_id = stackit_network_area.this.network_area_id
- ipv4 = {
- transfer_network = var.sna_transfer_range
- network_ranges = [
- for prefix in var.sna_network_range_prefix : {
- prefix = prefix
- }
- ]
- default_nameservers = var.sna_default_nameserver
- }
-}
-
-resource "stackit_resourcemanager_project" "this" {
- parent_container_id = var.stackit_org_id
- name = var.stackit_project_name
- owner_email = var.stackit_admin_email
- labels = {
- "networkArea" = stackit_network_area.this.network_area_id
- }
-}
-
-resource "stackit_volume" "this" {
- project_id = stackit_resourcemanager_project.this.project_id
- name = "${var.machine_name}-volume"
- availability_zone = var.machine_availability_zone
- size = var.machine_disk_size
- performance_class = var.machine_disk_performance_class
- source = {
- type = "image"
- id = var.machine_image_id
- }
-}
-
-resource "stackit_network" "this" {
- name = var.machine_network_name
- project_id = stackit_resourcemanager_project.this.project_id
- ipv4_prefix = var.machine_ipv4_prefix
- ipv4_nameservers = var.sna_default_nameserver
-}
-
-resource "stackit_network_interface" "this" {
- project_id = stackit_resourcemanager_project.this.project_id
- network_id = stackit_network.this.network_id
- security = false
-}
-
-resource "stackit_server" "this" {
- project_id = stackit_resourcemanager_project.this.project_id
- name = var.machine_name
- availability_zone = var.machine_availability_zone
- machine_type = var.machine_type
-
- boot_volume = {
- source_type = "volume"
- source_id = stackit_volume.this.volume_id
- }
-
- agent = {
- provisioning_policy = "ALWAYS"
- }
-
- network_interfaces = [
- stackit_network_interface.this.network_interface_id
- ]
-
- user_data = file("${path.module}/debug-user.yml")
-}
-
-resource "stackit_public_ip" "this" {
- project_id = stackit_resourcemanager_project.this.project_id
- network_interface_id = stackit_network_interface.this.network_interface_id
-}
diff --git a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/outputs.tf b/examples/vpn-usecases/module/stackit-sna-with-debug-machine/outputs.tf
deleted file mode 100644
index ec2f79d..0000000
--- a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/outputs.tf
+++ /dev/null
@@ -1,43 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-output "sna_id" {
- description = "The ID of the STACKIT Network Area."
- value = stackit_network_area.this.network_area_id
-}
-
-output "project_id" {
- description = "The ID of the STACKIT project."
- value = stackit_resourcemanager_project.this.project_id
-}
-
-output "machine_public_ip" {
- description = "The public IP address of the test machine."
- value = stackit_public_ip.this.ip
-}
-
-output "machine_private_ipv4" {
- description = "The private IP address of the test machine."
- value = stackit_network_interface.this.ipv4
-}
-
-output "machine_network_ipv4" {
- description = "The IPv4 prefix of the machine's network."
- value = stackit_network.this.ipv4_prefix
-}
-
-output "sna_network_range" {
- description = "The network ranges (sna-ipv4) of the STACKIT Network Area."
- value = stackit_network_area_region.this.ipv4.network_ranges
-}
diff --git a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/provider.tf b/examples/vpn-usecases/module/stackit-sna-with-debug-machine/provider.tf
deleted file mode 100644
index edbbfce..0000000
--- a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/provider.tf
+++ /dev/null
@@ -1,22 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">=0.95.0"
- }
- }
-}
diff --git a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/variables.tf b/examples/vpn-usecases/module/stackit-sna-with-debug-machine/variables.tf
deleted file mode 100644
index a3fce06..0000000
--- a/examples/vpn-usecases/module/stackit-sna-with-debug-machine/variables.tf
+++ /dev/null
@@ -1,138 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-variable "stackit_org_id" {
- description = "The STACKIT Organization ID (UUID)."
- type = string
- validation {
- condition = can(regex("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$", var.stackit_org_id))
- error_message = "The stackit_org_id must be a valid UUID."
- }
-}
-
-variable "stackit_project_name" {
- description = "The name of the STACKIT project where the managed VPN and test machine will be deployed."
- type = string
- validation {
- condition = length(var.stackit_project_name) >= 1 && length(var.stackit_project_name) <= 63
- error_message = "The project name must be between 1 and 63 characters long."
- }
-}
-
-variable "stackit_admin_email" {
- description = "The email address of the project administrator."
- type = string
- validation {
- condition = can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", var.stackit_admin_email))
- error_message = "The stackit_admin_email must be a valid email address."
- }
-}
-
-variable "sna_name" {
- description = "The name of the STACKIT Network Area (SNA)."
- type = string
-}
-
-variable "sna_transfer_range" {
- description = "The STACKIT SNA transfer range in CIDR notation."
- type = string
- default = "172.16.0.0/16"
- validation {
- condition = can(cidrnetmask(var.sna_transfer_range))
- error_message = "The sna_transfer_range must be a valid CIDR notation."
- }
-}
-
-variable "sna_network_range_prefix" {
- description = "A list of STACKIT SNA network range prefixes in CIDR notation."
- type = list(string)
- default = ["10.28.0.0/16"]
- validation {
- condition = alltrue([for r in var.sna_network_range_prefix : can(cidrnetmask(r))])
- error_message = "All elements in sna_network_range_prefix must be valid CIDR notations."
- }
-}
-
-variable "sna_default_nameserver" {
- description = "A list of STACKIT SNA default nameservers (IP addresses)."
- type = list(string)
- default = ["1.1.1.1"]
- validation {
- condition = alltrue([for ns in var.sna_default_nameserver : can(regex("^((25[0-5]|(2[0-4]|1\\d|[1-9]|)\\d)\\.?\\b){4}$", ns))])
- error_message = "All elements in sna_default_nameserver must be valid IP addresses."
- }
-}
-
-variable "machine_network_name" {
- description = "The name of the network where the test machine will be connected."
- type = string
-}
-
-variable "machine_ipv4_prefix" {
- description = "The IPv4 prefix for the test machine's network (CIDR notation). This must be a subnet within the defined SNA network ranges."
- type = string
- validation {
- condition = can(cidrnetmask(var.machine_ipv4_prefix))
- error_message = "The machine_ipv4_prefix must be a valid CIDR notation."
- }
-}
-
-variable "machine_name" {
- type = string
- description = "name of the stackit test machine"
-}
-
-variable "machine_availability_zone" {
- description = "The availability zone (e.g. eu01-1)"
- type = string
-
- validation {
- condition = can(regex("^[a-z]{2}[0-9]{2}-[a-zA-Z0-9]+$", var.machine_availability_zone))
- error_message = "The availability zone must follow the STACKIT pattern (e.g., eu01-1, eu01-m)."
- }
-}
-
-variable "machine_type" {
- description = "Flavor of the machine"
- type = string
- default = "c2i.1"
-}
-
-variable "machine_image_id" {
- description = "Image UUID (Default: Debian 12)"
- type = string
- default = "c751cde7-e648-4f81-9722-ce9c7848bed0"
-
- validation {
- condition = can(regex("^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$", var.machine_image_id))
- error_message = "The image_id must be a valid UUID."
- }
-}
-
-variable "machine_disk_size" {
- description = "Boot volume size in GB"
- type = number
- default = 20
-
- validation {
- condition = var.machine_disk_size >= 1
- error_message = "The disk_size must be at least 1 GB."
- }
-}
-
-variable "machine_disk_performance_class" {
- description = "Storage performance class"
- type = string
- default = "storage_premium_perf4"
-}
diff --git a/examples/vpn-usecases/stackit-azure/.terraform.lock.hcl b/examples/vpn-usecases/stackit-azure/.terraform.lock.hcl
deleted file mode 100644
index e793dcf..0000000
--- a/examples/vpn-usecases/stackit-azure/.terraform.lock.hcl
+++ /dev/null
@@ -1,105 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/azurerm" {
- version = "4.72.0"
- constraints = "4.72.0"
- hashes = [
- "h1:QYnPAHT/PYheOOZz52ucHqw/ZO9PxWyPLtO7UD/jSMg=",
- "zh:073472587c3752e89738522814d2b4eb2fd69eb2cb19c5a5ead3c7d2eabdc279",
- "zh:1950effc0c315b6002c8cb6327b94fe59bda210e699367d9727bc66490d651d2",
- "zh:47c990db75658525de57c8955a05b4752b88f3a900fffac0e7661d4a749e94f2",
- "zh:610f2cbd6fab76750d8b093f03beabbb7162dc8c6affe0109f534ce240b3ff0f",
- "zh:6739d645fe548c5a489d711f7748f32368cf68d723d2c59d3f2e21456304d692",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:a277ab095cc8aff3aede9e43eca2a699936472ef90abb272adf3daa609eb9141",
- "zh:b1fdcdaf926c86de0d884beda90d78cb94a42ddede03a1f0b92c36b321d4f07e",
- "zh:c003f1f15e52c54e189301ae2c7d8dd65acb2e5a7527d201355f2757b5465ba9",
- "zh:c45f2d2206c0f8f71f207cd39eec73da9619d35932bbe1a5b8be7679c50a151e",
- "zh:d7040d8ec295481bc1d30346ed7f3075c40ede87c0fedf1db34dd91c1c367a10",
- "zh:e595f0b870cd5fd5debdc926fc1740201d2b66188b9b132dc598bdd6444e7348",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.9.0"
- hashes = [
- "h1:OO+IuvQJSPmWdN8AyyIEvPJbLvDQpgX/zbktoa9KsJE=",
- "zh:161ad0bd9a75768c82f53fb6e7172a9d8be2d4889b012645a34795031aaf1bf1",
- "zh:19dc9a5b17729725ccfc4f45b0500af0ee5bc6b6b160c7adb8f2bf617d2c80ea",
- "zh:269eda8fe42daa7974d5a34d166c3ba9defe80cde86c01e4dadcfdf2e1f05e5f",
- "zh:373f7c65566f8f2cc7f45d698654feb9d988996957e1266a69ca00c52d6d16d0",
- "zh:5599d16804c41c83009ec621b6d6b6f74e102f5827678a4750f8809055546b61",
- "zh:583be0440469a22bff70dcfa56593b01566860b29607437264adb51060cf46fc",
- "zh:5f211d8ec3f2e1f414870d9584bfe26e6995560ef81c748f8447a48164767398",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:7b547fd16216761ef86efc3ed516ac5ac0c5c42b7c7eb24a08cef2d93f69ed5e",
- "zh:7e7c0679daf2a382151d05068c8c3f0dae6b7b7dccf818827b73dd08638df2ef",
- "zh:8089dec888a8038b9b4fb23b3df7e1057293dbc5b60b42cc47ff690d69d4b61b",
- "zh:c51f15a031edfd6f23ce8ced3446ca7f8d8d647e2499890d7d5d10d5016d7257",
- "zh:c94784f005708890dc6895afd53636ec00ec1e430b15d41e5aebfb1d4b39bd04",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/time" {
- version = "0.14.0"
- hashes = [
- "h1:/hlxsUpuN/lvPTNL9+NyVGsOyRsK5NsxwFMsj5CdOp4=",
- "zh:12abfd6b800e4d7fa6db7310dec8ffd440b31993861ef188c7ed5260b3073937",
- "zh:23005521e800bb19e1597bf755c5f70d675d30b685d4255001ed5fa47d9df3f1",
- "zh:2fea249b582ae97cd1cc10385187ea50993bb47c28cc5df0305e57ceaabf0a10",
- "zh:322018d3b987b7aad08697178029a2bb667bed699e88328f0c89c52a2fd41341",
- "zh:32a08e98fce2d273cb9b2c89d6c54727cc9f0a32e15bfd896be4e02cc6b48f95",
- "zh:3db89aabd0e619616bd4b0f8b373a7586dfe60feffcea12a84a0bdbc445714b3",
- "zh:7488f56c81d742dc020f29063626c8f07ca188aa97be61e7307e8d62397020a2",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:7cb4067f2e7559b13f7562ef722f948950901eb37834873e98360ab28f66e9d7",
- "zh:9d552c8345f61e1b7db8e725144981345f18ac1014d58d6f5ddf0928a195fffb",
- "zh:a8e69fb6b97fc9d86fb19a9f4d42abe33c4a68e700b15387ce2e17d2b9934bed",
- "zh:aeeb900eb8dd0f790c60ea5c0e0c8d42bd6e4a54f391681d4decca15b544394b",
- "zh:c239c619101a8c95e1f14061eb973c57a8d15fa0e68878ced5bbd76858ee5b79",
- ]
-}
-
-provider "registry.terraform.io/magodo/restful" {
- version = "0.25.2"
- hashes = [
- "h1:gvoDTFfxp7n1B4Wsnx9IC7Ku8g8tdVR4mCC6TDX0Mws=",
- "zh:0513ff62fce41a59462f39e1c4636f3c87e6f8d24ee579075900d3e0f57f6992",
- "zh:1a3e39e6b8c7fd0f3983730944a029db8f00557922e337cff0567a07c5e74b45",
- "zh:2527c96fcc45458efc9eca1c66cee98269d80693b571c57baee783402bfbaa28",
- "zh:50cec9afe8b55629d1c94d477b26ff95de8cc8e3304f6c2bfc5dad3bccc6decc",
- "zh:89e94c0f312d0ef4213b46ee776a27f6a5d114520c08a4716f4fee4c26c16f91",
- "zh:9a9762ebaf9567a4aa34a1911f051527696241679e087137fcc7821e52b66483",
- "zh:a065be3488e24928199904f4a496974c03fdcf2b06fccf016e405b3068d5ef76",
- "zh:c62a1a6fb3c5135451f68ea4ed1f66d999ab654323d10526756e83f6f77d6bdf",
- "zh:cf01364f89b713dc10eb87098839317e6f2de222bec2597923cddbb07bdd9c13",
- "zh:dc0ac6a1e5e3199e1d35fb49f9de1d9325caa3c0d3e87ea8128295e19ac941c3",
- "zh:e55cf6e8230f081b7c8ade592c14f1b8b45ee0aaa14c2bde2da9531d819a4392",
- "zh:f333748916e68050c8935d760d6b9b469dd76eb94363af93562cbd076dba6ff5",
- "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
- "zh:fdfdca8b7976c1a8b1b6a3589b4bfec277beb6dfb40c5568271d42f0b2f88a9d",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.95.0"
- constraints = ">= 0.87.0, >= 0.95.0"
- hashes = [
- "h1:sKmc6SGKEFglXKLMtOluJkFm7tzQZKQV3/QxUbHug1E=",
- "zh:023edbb8ca984233bb51605a9005d4f7cb3365f0b11ddd68d911a1e30ccf64be",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:1fc43ed3055c4912e5b3ae2eba49dd5407beaa9ba6617612f317543f7d26ccd7",
- "zh:31e587a9f279661b74b139e2a964a7d1c54a4073d27d21c2f948e0e7ba4c0d04",
- "zh:37427a23800dff84c1b89d4985cb935c0112c59acd716d8920c160221c459061",
- "zh:3a575f5c7d1252d99aea9187923087e1d483b2b34e42c9f058f557ec28c45d84",
- "zh:44c7ee340e1a09d6f9a9873959f8283f0d73aee4a8c884f7b36985f943874b65",
- "zh:4fab8fe953a0d4c21589cd36d23afe072c6403e37620c82839f9f829139cbbbf",
- "zh:69fc061b3c7ea82d9e9a31d3665a535f6bb9dc3d6ff5b466f940d3d04a105e19",
- "zh:85ee00442eff70ea103a96276efb5e1485b661b0a1db08bcdbd28b11b1f966e6",
- "zh:9761ef1321c93cb3e4bc2499995b3e7ae910e2ae68b3228164dea73e9687ddb5",
- "zh:b158a4e4726a4d4c9f61c5dc71abb4ca3a621269e1d7af88ab36d34c3bcec66f",
- "zh:da37df9a426d83da8f6c1340104a6b9a7eef4a7e2589d0b70a89c574a1b3cc78",
- "zh:e6421b9a351b2c9b2ab2341f2c07d863eb2ed055b847ea839de96b0fd62baf97",
- ]
-}
diff --git a/examples/vpn-usecases/stackit-azure/010-provider.tf b/examples/vpn-usecases/stackit-azure/010-provider.tf
deleted file mode 100644
index 88f7674..0000000
--- a/examples/vpn-usecases/stackit-azure/010-provider.tf
+++ /dev/null
@@ -1,54 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">=0.95.0"
- }
- restful = {
- source = "magodo/restful"
- }
- azurerm = {
- source = "hashicorp/azurerm"
- version = "4.72.0"
- }
- }
-}
-
-provider "stackit" {
- default_region = var.stackit_region
- service_account_key_path = var.stackit_service_account_key_path
- enable_beta_resources = true
-}
-
-provider "azurerm" {
- features {}
- subscription_id = var.azure_subscription_id
-}
-
-ephemeral "stackit_access_token" "this" {}
-
-provider "restful" {
- alias = "stackit"
- base_url = "https://vpn.api.eu01.stackit.cloud"
- security = {
- http = {
- token = {
- token = ephemeral.stackit_access_token.this.access_token
- }
- }
- }
-}
diff --git a/examples/vpn-usecases/stackit-azure/020-variables.tf b/examples/vpn-usecases/stackit-azure/020-variables.tf
deleted file mode 100644
index ae3c32e..0000000
--- a/examples/vpn-usecases/stackit-azure/020-variables.tf
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-variable "stackit_org_id" {
- type = string
-}
-
-variable "stackit_region" {
- type = string
- default = "eu01"
-}
-
-variable "stackit_service_account_key_path" {
- type = string
-}
-
-variable "azure_subscription_id" {
- type = string
-}
-
-variable "stackit_admin_email" {
- type = string
-}
diff --git a/examples/vpn-usecases/stackit-azure/030-stackit-azure-vpn.tf b/examples/vpn-usecases/stackit-azure/030-stackit-azure-vpn.tf
deleted file mode 100644
index 2d3d7a2..0000000
--- a/examples/vpn-usecases/stackit-azure/030-stackit-azure-vpn.tf
+++ /dev/null
@@ -1,376 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# STACKIT Side (vpn-sna-01)
-module "vpn_sna_01" {
- source = "../module/stackit-sna-with-debug-machine"
- machine_availability_zone = "eu01-1"
- machine_ipv4_prefix = "10.10.10.0/24"
- machine_network_name = "vpn-sna-01"
- sna_name = "vpn-sna-01"
- machine_name = "vpn-sna-01"
- stackit_admin_email = var.stackit_admin_email
- stackit_org_id = var.stackit_org_id
- stackit_project_name = "vpn-sna-01"
- sna_network_range_prefix = [
- "10.10.0.0/16"
- ]
-}
-
-resource "restful_resource" "vpn_01_gateway" {
- provider = restful.stackit
- path = "/v1/projects/${module.vpn_sna_01.project_id}/regions/eu01/gateways"
- body = {
- availabilityZones = {
- tunnel1 = "eu01-1"
- tunnel2 = "eu01-2"
- }
- bgp = {
- localAsn = 64512
- overrideAdvertisedRoutes = ["10.10.0.0/16"]
- }
- displayName = "vpn01"
- labels = null
- planId = "p500"
- routingType = "BGP_ROUTE_BASED"
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-data "restful_resource" "vpn_01_gateway_status" {
- provider = restful.stackit
- id = "${restful_resource.vpn_01_gateway.id}/status"
-}
-
-resource "random_password" "vpn_psk" {
- length = 32
- special = false
-}
-
-# Azure Side
-resource "azurerm_resource_group" "rg" {
- name = "rg-vpn-test"
- location = "West Europe"
-}
-
-# 1. Azure VNet and Subnets
-resource "azurerm_virtual_network" "azure_vnet" {
- name = "azure-vpn-network"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
- address_space = ["10.11.0.0/16"]
-}
-
-resource "azurerm_subnet" "azure_gateway_subnet" {
- name = "GatewaySubnet" # MUST be exactly named GatewaySubnet
- resource_group_name = azurerm_resource_group.rg.name
- virtual_network_name = azurerm_virtual_network.azure_vnet.name
- address_prefixes = ["10.11.0.0/24"]
-}
-
-resource "azurerm_subnet" "azure_vm_subnet" {
- name = "vm-subnet"
- resource_group_name = azurerm_resource_group.rg.name
- virtual_network_name = azurerm_virtual_network.azure_vnet.name
- address_prefixes = ["10.11.1.0/24"]
-}
-
-# 2. Azure Public IPs (2 required for Active-Active HA VPN)
-resource "azurerm_public_ip" "azure_gw_pip1" {
- name = "azure-gw-pip1"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
- allocation_method = "Static"
- sku = "Standard"
- zones = ["1", "2", "3"]
-
- lifecycle {
- ignore_changes = [domain_name_label]
- }
-}
-
-resource "azurerm_public_ip" "azure_gw_pip2" {
- name = "azure-gw-pip2"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
- allocation_method = "Static"
- sku = "Standard"
- zones = ["1", "2", "3"]
-
- lifecycle {
- ignore_changes = [domain_name_label]
- }
-}
-
-# 3. Azure HA VPN Gateway
-resource "azurerm_virtual_network_gateway" "azure_gateway" {
- name = "azure-ha-vpn"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
-
- type = "Vpn"
- vpn_type = "RouteBased"
- active_active = true
- bgp_enabled = true
- sku = "VpnGw1AZ"
-
- bgp_settings {
- asn = 64513 # Azure's local ASN
- peering_addresses {
- ip_configuration_name = "vnetGatewayConfig1"
- apipa_addresses = ["169.254.21.2"]
- }
- peering_addresses {
- ip_configuration_name = "vnetGatewayConfig2"
- apipa_addresses = ["169.254.21.6"]
- }
- }
-
- ip_configuration {
- name = "vnetGatewayConfig1"
- public_ip_address_id = azurerm_public_ip.azure_gw_pip1.id
- private_ip_address_allocation = "Dynamic"
- subnet_id = azurerm_subnet.azure_gateway_subnet.id
- }
-
- ip_configuration {
- name = "vnetGatewayConfig2"
- public_ip_address_id = azurerm_public_ip.azure_gw_pip2.id
- private_ip_address_allocation = "Dynamic"
- subnet_id = azurerm_subnet.azure_gateway_subnet.id
- }
-}
-
-# 4. Azure Local Network Gateways (Represents the 2 STACKIT Tunnels)
-resource "azurerm_local_network_gateway" "stackit_tunnel1" {
- name = "stackit-tunnel-1"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
- gateway_address = data.restful_resource.vpn_01_gateway_status.output.tunnels[0].publicIP
-
- bgp_settings {
- asn = 64512
- bgp_peering_address = "169.254.21.1"
- }
-}
-
-resource "azurerm_local_network_gateway" "stackit_tunnel2" {
- name = "stackit-tunnel-2"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
- gateway_address = data.restful_resource.vpn_01_gateway_status.output.tunnels[1].publicIP
-
- bgp_settings {
- asn = 64512
- bgp_peering_address = "169.254.21.5"
- }
-}
-
-# 5. Azure VPN Connections
-resource "azurerm_virtual_network_gateway_connection" "azure_tunnel1" {
- name = "conn-to-stackit-tunnel1"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
-
- type = "IPsec"
- virtual_network_gateway_id = azurerm_virtual_network_gateway.azure_gateway.id
- local_network_gateway_id = azurerm_local_network_gateway.stackit_tunnel1.id
- shared_key = random_password.vpn_psk.result
- enable_bgp = true
-
- ipsec_policy {
- ike_encryption = "GCMAES256"
- ike_integrity = "SHA256"
- ipsec_encryption = "GCMAES256"
- ipsec_integrity = "GCMAES256"
- dh_group = "DHGroup14"
- pfs_group = "PFS14"
- sa_lifetime = 3600
- sa_datasize = 102400000
- }
-}
-
-resource "azurerm_virtual_network_gateway_connection" "azure_tunnel2" {
- name = "conn-to-stackit-tunnel2"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
-
- type = "IPsec"
- virtual_network_gateway_id = azurerm_virtual_network_gateway.azure_gateway.id
- local_network_gateway_id = azurerm_local_network_gateway.stackit_tunnel2.id
- shared_key = random_password.vpn_psk.result
- enable_bgp = true
-
- ipsec_policy {
- ike_encryption = "GCMAES256"
- ike_integrity = "SHA256"
- ipsec_encryption = "GCMAES256"
- ipsec_integrity = "GCMAES256"
- dh_group = "DHGroup14"
- pfs_group = "PFS14"
- sa_lifetime = 3600
- sa_datasize = 102400000
- }
-}
-
-# Connection from STACKIT to Azure
-resource "restful_resource" "vpn_01_connection" {
- provider = restful.stackit
- path = "${restful_resource.vpn_01_gateway.id}/connections"
- body = {
- displayName = "conn-to-azure"
- tunnel1 = {
- bgp = {
- remoteAsn = 64513
- }
- peering = {
- localAddress = "169.254.21.1"
- remoteAddress = "169.254.21.2"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = azurerm_public_ip.azure_gw_pip1.ip_address
- }
- tunnel2 = {
- bgp = {
- remoteAsn = 64513
- }
- peering = {
- localAddress = "169.254.21.5"
- remoteAddress = "169.254.21.6"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = azurerm_public_ip.azure_gw_pip2.ip_address
- }
- }
-
- lifecycle {
- ignore_changes = [
- body.tunnel1.preSharedKey,
- body.tunnel2.preSharedKey
- ]
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-# Azure Test VM & NSG
-resource "azurerm_network_security_group" "vm_nsg" {
- name = "test-vm-nsg"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
-
- security_rule {
- name = "Allow-STACKIT"
- priority = 100
- direction = "Inbound"
- access = "Allow"
- protocol = "*"
- source_port_range = "*"
- destination_port_range = "*"
- source_address_prefix = "10.10.0.0/16"
- destination_address_prefix = "*"
- }
-}
-
-resource "azurerm_network_interface" "vm_nic" {
- name = "test-vm-nic"
- location = azurerm_resource_group.rg.location
- resource_group_name = azurerm_resource_group.rg.name
-
- ip_configuration {
- name = "internal"
- subnet_id = azurerm_subnet.azure_vm_subnet.id
- private_ip_address_allocation = "Dynamic"
- }
-}
-
-resource "azurerm_network_interface_security_group_association" "vm_nsg_assoc" {
- network_interface_id = azurerm_network_interface.vm_nic.id
- network_security_group_id = azurerm_network_security_group.vm_nsg.id
-}
-
-resource "azurerm_linux_virtual_machine" "azure_test_vm" {
- name = "azure-vpn-test-vm"
- resource_group_name = azurerm_resource_group.rg.name
- location = azurerm_resource_group.rg.location
- size = "Standard_B1s"
- admin_username = "azureuser"
- admin_password = "VpnTestPassw0rd!"
- disable_password_authentication = false
-
- network_interface_ids = [
- azurerm_network_interface.vm_nic.id,
- ]
-
- os_disk {
- caching = "ReadWrite"
- storage_account_type = "Standard_LRS"
- }
-
- source_image_reference {
- publisher = "Canonical"
- offer = "0001-com-ubuntu-server-jammy"
- sku = "22_04-lts"
- version = "latest"
- }
-}
-
-# Outputs
-output "vpn01_public_ip" {
- value = module.vpn_sna_01.machine_public_ip
- description = "Connect here via SSH to ping Azure"
-}
-
-output "vpn01_private_ip" {
- value = module.vpn_sna_01.machine_private_ipv4
-}
-
-output "azure_test_vm_private_ip" {
- value = azurerm_linux_virtual_machine.azure_test_vm.private_ip_address
-}
-
-# Command to run a ping test without SSHing
-output "azure_run_command_ping_test" {
- value = "az vm run-command invoke --resource-group ${azurerm_resource_group.rg.name} --name ${azurerm_linux_virtual_machine.azure_test_vm.name} --command-id RunShellScript --scripts 'ping -c 4 ${module.vpn_sna_01.machine_private_ipv4}'"
- description = "Copy and paste this in your terminal to securely ping from the Azure VM to the STACKIT VM."
-}
diff --git a/examples/vpn-usecases/stackit-azure/MAINTAINERS.md b/examples/vpn-usecases/stackit-azure/MAINTAINERS.md
deleted file mode 100644
index 1aaefce..0000000
--- a/examples/vpn-usecases/stackit-azure/MAINTAINERS.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Maintainers
-
-General maintainers:
-
-- Mauritz Uphoff (mauritz.uphoff@digits.schwarz)
-
-This example is actively maintained. The owner is responsible for reviewing and updating dependencies and functionalities on a monthly basis.
-For questions, issues, or feature requests, please email general maintainers.
-Please include the BP name and version in your request. We will track your request as an issue.
diff --git a/examples/vpn-usecases/stackit-azure/README.md b/examples/vpn-usecases/stackit-azure/README.md
deleted file mode 100644
index 626bac6..0000000
--- a/examples/vpn-usecases/stackit-azure/README.md
+++ /dev/null
@@ -1,48 +0,0 @@
-# STACKIT-to-Azure HA VPN Gateway
-
-> ⚠️ azurerm_virtual_network_gateway.azure_gateway takes between 30-90mins
-
-This example demonstrates how to establish a secure, Highly Available (HA) IPsec VPN connection between a STACKIT Network Area (SNA) and Microsoft Azure.
-
-The connection uses **BGP (Border Gateway Protocol)** via an Azure Virtual Network Gateway (Active-Active mode) to automatically exchange and propagate routes dynamically between the two cloud environments.
-
-## Architecture
-
-This Terraform configuration provisions the following resources:
-
-- **STACKIT:** An SNA, a debug machine, and an HA VPN Gateway (`ASN 64512`).
-- **Azure:** A Resource Group, VNet, dedicated `GatewaySubnet`, an Active-Active Virtual Network Gateway (`ASN 64513`), two Local Network Gateways (representing STACKIT), and a private Ubuntu test VM.
-- **VPN Connection:** Two redundant IPsec tunnels using dynamically generated PSKs and Link-Local BGP peering (`169.254.x.x/30`).
-- **Security:** Azure Network Security Group (NSG) rules configured to allow inbound ICMP/SSH traffic specifically from the STACKIT network range.
-
-## Prerequisites
-
-- Configured STACKIT and Azure provider credentials.
-- Azure CLI (`az`) installed and authenticated for testing from the Azure side.
-
-## Outputs
-
-Once the deployment is complete, Terraform will output the following information to help you verify connectivity:
-
-- `vpn01_public_ip`: The public IP of the debug machine in STACKIT.
-- `vpn01_private_ip`: The private IP of the debug machine in STACKIT.
-- `azure_test_vm_private_ip`: The private IP of the test VM in Azure.
-- `azure_run_command_ping_test`: A pre-formatted Azure CLI command to test the connection.
-
-## How to Test the Connection
-
-You can verify the bi-directional tunnel is fully operational by following these steps:
-
-### 1. Test from Azure to STACKIT (Zero-Config)
-
-We utilize the Azure "Run Command" feature to execute a ping test directly inside the private Azure VM without needing SSH access or a Bastion host.
-
-Copy the command generated by the `azure_run_command_ping_test` output and run it in your terminal:
-
-```bash
-az vm run-command invoke \
- --resource-group rg-vpn-test \
- --name azure-vpn-test-vm \
- --command-id RunShellScript \
- --scripts 'ping -c 4 '
-```
diff --git a/examples/vpn-usecases/stackit-gcp/.terraform.lock.hcl b/examples/vpn-usecases/stackit-gcp/.terraform.lock.hcl
deleted file mode 100644
index a510f99..0000000
--- a/examples/vpn-usecases/stackit-gcp/.terraform.lock.hcl
+++ /dev/null
@@ -1,83 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/google" {
- version = "7.32.0"
- hashes = [
- "h1:hDMENgq6nxoM6ttxN1HNrqbYiyRV8avLmUuUe4QWvKY=",
- "zh:091afeeeb58035f26ebaec34755a15d56e3229c4ce6db2745c52ba2593204a30",
- "zh:15d6a375c49d023dd21e612610b12bf79fbc6459bc5ad64b989d2180e9931f7d",
- "zh:2c70ee949b01c0c7925618e36417ac5b9c1de91c66bb0bd956b2b2bd1d38a2b6",
- "zh:2e531cf6f3af847104df65675ebd9c9a7450ba91d8d21ff6ed04eeab6a5684e2",
- "zh:42fece780ef909136213762731c945d59c58dbaf92f64a46989102da9ebfa998",
- "zh:9008b13bec8c588ef41ec813c3d67d26acb22ada241d9dd9ed408687607726cc",
- "zh:a62e09bd551de8ea74b68c1eb44f9d7d0dc56957811915d46ec0a28254a30e0b",
- "zh:ad3d4419561d19e88b72ad4bedbbc73ee77f20acb594261be8f716bf1a89f947",
- "zh:af0c23df89e5fb815751c64c9a438527d6e0609df52fa7e281dbd90aa238270b",
- "zh:b4d1157559d04792441550ae79f13d16bd7cc3f80a9616cd9ef3f83466564ce4",
- "zh:db32528838dc9641981769012bdabf21e658756f1581ccbcd239aab0eb4aed11",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.8.1"
- hashes = [
- "h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
- "zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
- "zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
- "zh:229665ddf060aa0ed315597908483eee5b818a17d09b6417a0f52fd9405c4f57",
- "zh:2469d2e48f28076254a2a3fc327f184914566d9e40c5780b8d96ebf7205f8bc0",
- "zh:37d7eb334d9561f335e748280f5535a384a88675af9a9eac439d4cfd663bcb66",
- "zh:741101426a2f2c52dee37122f0f4a2f2d6af6d852cb1db634480a86398fa3511",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:a902473f08ef8df62cfe6116bd6c157070a93f66622384300de235a533e9d4a9",
- "zh:b85c511a23e57a2147355932b3b6dce2a11e856b941165793a0c3d7578d94d05",
- "zh:c5172226d18eaac95b1daac80172287b69d4ce32750c82ad77fa0768be4ea4b8",
- "zh:dab4434dba34aad569b0bc243c2d3f3ff86dd7740def373f2a49816bd2ff819b",
- "zh:f49fd62aa8c5525a5c17abd51e27ca5e213881d58882fd42fec4a545b53c9699",
- ]
-}
-
-provider "registry.terraform.io/magodo/restful" {
- version = "0.25.2"
- hashes = [
- "h1:gvoDTFfxp7n1B4Wsnx9IC7Ku8g8tdVR4mCC6TDX0Mws=",
- "zh:0513ff62fce41a59462f39e1c4636f3c87e6f8d24ee579075900d3e0f57f6992",
- "zh:1a3e39e6b8c7fd0f3983730944a029db8f00557922e337cff0567a07c5e74b45",
- "zh:2527c96fcc45458efc9eca1c66cee98269d80693b571c57baee783402bfbaa28",
- "zh:50cec9afe8b55629d1c94d477b26ff95de8cc8e3304f6c2bfc5dad3bccc6decc",
- "zh:89e94c0f312d0ef4213b46ee776a27f6a5d114520c08a4716f4fee4c26c16f91",
- "zh:9a9762ebaf9567a4aa34a1911f051527696241679e087137fcc7821e52b66483",
- "zh:a065be3488e24928199904f4a496974c03fdcf2b06fccf016e405b3068d5ef76",
- "zh:c62a1a6fb3c5135451f68ea4ed1f66d999ab654323d10526756e83f6f77d6bdf",
- "zh:cf01364f89b713dc10eb87098839317e6f2de222bec2597923cddbb07bdd9c13",
- "zh:dc0ac6a1e5e3199e1d35fb49f9de1d9325caa3c0d3e87ea8128295e19ac941c3",
- "zh:e55cf6e8230f081b7c8ade592c14f1b8b45ee0aaa14c2bde2da9531d819a4392",
- "zh:f333748916e68050c8935d760d6b9b469dd76eb94363af93562cbd076dba6ff5",
- "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
- "zh:fdfdca8b7976c1a8b1b6a3589b4bfec277beb6dfb40c5568271d42f0b2f88a9d",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.95.0"
- constraints = ">= 0.66.0, >= 0.87.0"
- hashes = [
- "h1:sKmc6SGKEFglXKLMtOluJkFm7tzQZKQV3/QxUbHug1E=",
- "zh:023edbb8ca984233bb51605a9005d4f7cb3365f0b11ddd68d911a1e30ccf64be",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:1fc43ed3055c4912e5b3ae2eba49dd5407beaa9ba6617612f317543f7d26ccd7",
- "zh:31e587a9f279661b74b139e2a964a7d1c54a4073d27d21c2f948e0e7ba4c0d04",
- "zh:37427a23800dff84c1b89d4985cb935c0112c59acd716d8920c160221c459061",
- "zh:3a575f5c7d1252d99aea9187923087e1d483b2b34e42c9f058f557ec28c45d84",
- "zh:44c7ee340e1a09d6f9a9873959f8283f0d73aee4a8c884f7b36985f943874b65",
- "zh:4fab8fe953a0d4c21589cd36d23afe072c6403e37620c82839f9f829139cbbbf",
- "zh:69fc061b3c7ea82d9e9a31d3665a535f6bb9dc3d6ff5b466f940d3d04a105e19",
- "zh:85ee00442eff70ea103a96276efb5e1485b661b0a1db08bcdbd28b11b1f966e6",
- "zh:9761ef1321c93cb3e4bc2499995b3e7ae910e2ae68b3228164dea73e9687ddb5",
- "zh:b158a4e4726a4d4c9f61c5dc71abb4ca3a621269e1d7af88ab36d34c3bcec66f",
- "zh:da37df9a426d83da8f6c1340104a6b9a7eef4a7e2589d0b70a89c574a1b3cc78",
- "zh:e6421b9a351b2c9b2ab2341f2c07d863eb2ed055b847ea839de96b0fd62baf97",
- ]
-}
diff --git a/examples/vpn-usecases/stackit-gcp/010-provider.tf b/examples/vpn-usecases/stackit-gcp/010-provider.tf
deleted file mode 100644
index eb7fb81..0000000
--- a/examples/vpn-usecases/stackit-gcp/010-provider.tf
+++ /dev/null
@@ -1,56 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">=0.95.0"
- }
- restful = {
- source = "magodo/restful"
- }
- google = {
- source = "hashicorp/google"
- version = "7.32.0"
- }
- }
-}
-
-provider "stackit" {
- default_region = var.stackit_region
- service_account_key_path = var.stackit_service_account_key_path
- enable_beta_resources = true
-}
-
-provider "google" {
- project = var.gcp_project
- region = "europe-west4"
- zone = "europe-west4-a"
- credentials = file(var.gcp_service_account_key_path)
-}
-
-ephemeral "stackit_access_token" "this" {}
-
-provider "restful" {
- alias = "stackit"
- base_url = "https://vpn.api.eu01.stackit.cloud"
- security = {
- http = {
- token = {
- token = ephemeral.stackit_access_token.this.access_token
- }
- }
- }
-}
diff --git a/examples/vpn-usecases/stackit-gcp/020-variables.tf b/examples/vpn-usecases/stackit-gcp/020-variables.tf
deleted file mode 100644
index 474bdbc..0000000
--- a/examples/vpn-usecases/stackit-gcp/020-variables.tf
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# load via *.auto.tfvars
-
-variable "stackit_org_id" {
- type = string
-}
-
-variable "stackit_region" {
- type = string
- default = "eu01"
-}
-
-variable "stackit_service_account_key_path" {
- type = string
-}
-
-variable "gcp_service_account_key_path" {
- type = string
-}
-
-variable "gcp_project" {
- type = string
-}
-
-variable "stackit_admin_email" {
- type = string
-}
diff --git a/examples/vpn-usecases/stackit-gcp/030-stackit-gcp-vpn.tf b/examples/vpn-usecases/stackit-gcp/030-stackit-gcp-vpn.tf
deleted file mode 100644
index 5f82603..0000000
--- a/examples/vpn-usecases/stackit-gcp/030-stackit-gcp-vpn.tf
+++ /dev/null
@@ -1,305 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# STACKIT Side (vpn-sna-01)
-module "vpn_sna_01" {
- source = "../module/stackit-sna-with-debug-machine"
- machine_availability_zone = "eu01-1"
- machine_ipv4_prefix = "10.10.10.0/24"
- machine_network_name = "vpn-sna-01"
- sna_name = "vpn-sna-01"
- machine_name = "vpn-sna-01"
- stackit_admin_email = var.stackit_admin_email
- stackit_org_id = var.stackit_org_id
- stackit_project_name = "vpn-sna-01"
- sna_network_range_prefix = [
- "10.10.0.0/16"
- ]
-}
-
-resource "restful_resource" "vpn_01_gateway" {
- provider = restful.stackit
- path = "/v1/projects/${module.vpn_sna_01.project_id}/regions/eu01/gateways"
- body = {
- availabilityZones = {
- tunnel1 = "eu01-1"
- tunnel2 = "eu01-2"
- }
- bgp = {
- localAsn = 64512
- overrideAdvertisedRoutes = ["10.10.0.0/16"]
- }
- displayName = "vpn01"
- labels = null
- planId = "p500"
- routingType = "BGP_ROUTE_BASED"
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-data "restful_resource" "vpn_01_gateway_status" {
- provider = restful.stackit
- id = "${restful_resource.vpn_01_gateway.id}/status"
-}
-
-resource "random_password" "vpn_psk" {
- length = 32
- special = false
-}
-
-# GCP VPC and Subnet
-resource "google_compute_network" "gcp_vpc" {
- name = "gcp-vpn-network"
- auto_create_subnetworks = false
-}
-
-resource "google_compute_subnetwork" "gcp_subnet" {
- name = "gcp-vpn-subnet"
- ip_cidr_range = "10.11.0.0/16"
- region = "europe-west4"
- network = google_compute_network.gcp_vpc.id
-}
-
-# GCP HA VPN Gateway
-resource "google_compute_ha_vpn_gateway" "gcp_gateway" {
- name = "gcp-ha-vpn"
- network = google_compute_network.gcp_vpc.id
- region = "europe-west4"
-}
-
-# GCP Cloud Router (for BGP)
-resource "google_compute_router" "gcp_router" {
- name = "gcp-router"
- network = google_compute_network.gcp_vpc.name
- region = "europe-west4"
- bgp {
- asn = 64513 # GCP's local ASN
- }
-}
-
-# GCP External VPN Gateway (Represents STACKIT in GCP)
-resource "google_compute_external_vpn_gateway" "stackit_gateway" {
- name = "stackit-external-gw"
- redundancy_type = "TWO_IPS_REDUNDANCY"
- description = "STACKIT VPN Gateway"
-
- # Fetching the public IPs from STACKIT
- interface {
- id = 0
- ip_address = data.restful_resource.vpn_01_gateway_status.output.tunnels[0].publicIP
- }
- interface {
- id = 1
- ip_address = data.restful_resource.vpn_01_gateway_status.output.tunnels[1].publicIP
- }
-}
-
-# GCP VPN Tunnels
-resource "google_compute_vpn_tunnel" "gcp_tunnel1" {
- name = "gcp-tunnel-1"
- region = "europe-west4"
- vpn_gateway = google_compute_ha_vpn_gateway.gcp_gateway.id
- peer_external_gateway = google_compute_external_vpn_gateway.stackit_gateway.id
- peer_external_gateway_interface = 0
- shared_secret = random_password.vpn_psk.result
- router = google_compute_router.gcp_router.id
- vpn_gateway_interface = 0
-}
-
-resource "google_compute_vpn_tunnel" "gcp_tunnel2" {
- name = "gcp-tunnel-2"
- region = "europe-west4"
- vpn_gateway = google_compute_ha_vpn_gateway.gcp_gateway.id
- peer_external_gateway = google_compute_external_vpn_gateway.stackit_gateway.id
- peer_external_gateway_interface = 1
- shared_secret = random_password.vpn_psk.result
- router = google_compute_router.gcp_router.id
- vpn_gateway_interface = 1
-}
-
-# GCP Cloud Router Interfaces & BGP Peers
-resource "google_compute_router_interface" "gcp_router_interface1" {
- name = "gcp-interface-1"
- router = google_compute_router.gcp_router.name
- region = "europe-west4"
- ip_range = "169.254.0.2/30" # GCP's local BGP IP
- vpn_tunnel = google_compute_vpn_tunnel.gcp_tunnel1.name
-}
-
-resource "google_compute_router_peer" "gcp_router_peer1" {
- name = "gcp-peer-1"
- router = google_compute_router.gcp_router.name
- region = "europe-west4"
- peer_ip_address = "169.254.0.1" # STACKIT's local BGP IP
- peer_asn = 64512 # STACKIT's ASN
- advertised_route_priority = 100
- interface = google_compute_router_interface.gcp_router_interface1.name
-}
-
-resource "google_compute_router_interface" "gcp_router_interface2" {
- name = "gcp-interface-2"
- router = google_compute_router.gcp_router.name
- region = "europe-west4"
- ip_range = "169.254.1.2/30"
- vpn_tunnel = google_compute_vpn_tunnel.gcp_tunnel2.name
-}
-
-resource "google_compute_router_peer" "gcp_router_peer2" {
- name = "gcp-peer-2"
- router = google_compute_router.gcp_router.name
- region = "europe-west4"
- peer_ip_address = "169.254.1.1"
- peer_asn = 64512
- advertised_route_priority = 100
- interface = google_compute_router_interface.gcp_router_interface2.name
-}
-
-# Connection from STACKIT to GCP
-resource "restful_resource" "vpn_01_connection" {
- provider = restful.stackit
- path = "${restful_resource.vpn_01_gateway.id}/connections"
- body = {
- displayName = "conn-to-gcp"
- tunnel1 = {
- bgp = {
- remoteAsn = 64513
- }
- peering = {
- localAddress = "169.254.0.1"
- remoteAddress = "169.254.0.2"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = google_compute_ha_vpn_gateway.gcp_gateway.vpn_interfaces[0].ip_address
- }
- tunnel2 = {
- bgp = {
- remoteAsn = 64513
- }
- peering = {
- localAddress = "169.254.1.1"
- remoteAddress = "169.254.1.2"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = google_compute_ha_vpn_gateway.gcp_gateway.vpn_interfaces[1].ip_address
- }
- }
-
- lifecycle {
- ignore_changes = [
- body.tunnel1.preSharedKey,
- body.tunnel2.preSharedKey
- ]
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-# GCP Test VM & Firewall Rules
-# Firewall: Allow Identity-Aware Proxy (IAP) to SSH into the VM
-resource "google_compute_firewall" "allow_iap_ssh" {
- name = "allow-iap-ssh"
- network = google_compute_network.gcp_vpc.name
-
- allow {
- protocol = "tcp"
- ports = ["22"]
- }
-
- source_ranges = ["35.235.240.0/20"]
- target_tags = ["test-vm"]
-}
-
-# Firewall: Allow STACKIT to ping/SSH into the GCP VM over the VPN
-resource "google_compute_firewall" "allow_stackit_vpn_traffic" {
- name = "allow-stackit-vpn-traffic"
- network = google_compute_network.gcp_vpc.name
-
- allow {
- protocol = "icmp"
- }
- allow {
- protocol = "tcp"
- ports = ["22"]
- }
-
- # Your STACKIT SNA range
- source_ranges = ["10.10.0.0/16"]
- target_tags = ["test-vm"]
-}
-
-# GCP Virtual Machine
-resource "google_compute_instance" "gcp_test_vm" {
- name = "gcp-vpn-test-vm"
- machine_type = "e2-micro"
- zone = "europe-west4-a"
-
- tags = ["test-vm"]
-
- boot_disk {
- initialize_params {
- image = "debian-cloud/debian-12"
- }
- }
-
- network_interface {
- subnetwork = google_compute_subnetwork.gcp_subnet.id
- # Omitting the 'access_config' block ensures this VM gets NO public IP address.
- }
-}
-
-# Outputs
-output "vpn01_public_ip" {
- value = module.vpn_sna_01.machine_public_ip
-}
-
-output "vpn01_private_ip" {
- value = module.vpn_sna_01.machine_private_ipv4
-}
-
-output "gcp_test_vm_private_ip" {
- value = google_compute_instance.gcp_test_vm.network_interface[0].network_ip
-}
-
-output "gcp_iap_command" {
- value = "gcloud compute ssh ${google_compute_instance.gcp_test_vm.name} --tunnel-through-iap"
-}
diff --git a/examples/vpn-usecases/stackit-gcp/MAINTAINERS.md b/examples/vpn-usecases/stackit-gcp/MAINTAINERS.md
deleted file mode 100644
index 1aaefce..0000000
--- a/examples/vpn-usecases/stackit-gcp/MAINTAINERS.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Maintainers
-
-General maintainers:
-
-- Mauritz Uphoff (mauritz.uphoff@digits.schwarz)
-
-This example is actively maintained. The owner is responsible for reviewing and updating dependencies and functionalities on a monthly basis.
-For questions, issues, or feature requests, please email general maintainers.
-Please include the BP name and version in your request. We will track your request as an issue.
diff --git a/examples/vpn-usecases/stackit-gcp/README.md b/examples/vpn-usecases/stackit-gcp/README.md
deleted file mode 100644
index d0c9f44..0000000
--- a/examples/vpn-usecases/stackit-gcp/README.md
+++ /dev/null
@@ -1,48 +0,0 @@
-# STACKIT-to-GCP HA VPN Gateway
-
-This example demonstrates how to establish a secure, Highly Available (HA) IPsec VPN connection between a STACKIT Network Area (SNA) and Google Cloud Platform (GCP).
-
-The connection uses **BGP (Border Gateway Protocol)** via a GCP Cloud Router to automatically exchange and propagate routes dynamically between the two cloud environments.
-
-## Architecture
-
-This Terraform configuration provisions the following resources:
-
-- **STACKIT:** An SNA, a debug machine, and an HA VPN Gateway (`ASN 64512`).
-- **GCP:** A VPC, a Subnet (`europe-west4`), an HA VPN Gateway, a Cloud Router (`ASN 64513`), and a private Debian test VM.
-- **VPN Connection:** Two redundant IPsec tunnels using dynamically generated PSKs and Link-Local BGP peering (`169.254.x.x/30`).
-- **Security:** GCP Firewall rules configured to allow Identity-Aware Proxy (IAP) SSH access and inbound ICMP/SSH traffic from the STACKIT network.
-
-## Prerequisites
-
-- Configured STACKIT and GCP provider credentials.
-- Google Cloud SDK (`gcloud` CLI) installed and authenticated for IAP testing.
-
-## How to Test the Connection
-
-Once `terraform apply` is complete, check the generated outputs. You can verify the bi-directional tunnel is fully operational by following these steps:
-
-### 1. Test from GCP to STACKIT
-
-Connect to the private GCP VM using Google's Identity-Aware Proxy (IAP) and ping the STACKIT debug machine.
-
-```bash
-# 1. SSH into the GCP test VM (copy this from the `gcp_iap_command` output)
-gcloud compute ssh gcp-vpn-test-vm --zone=europe-west4-a --tunnel-through-iap
-
-# 2. Ping the STACKIT private IP (copy from the `vpn01_private_ip` output)
-ping
-```
-
-### 2. Test from STACKIT to GCP
-
-Connect to the STACKIT debug machine using its public IP, then ping the private GCP VM across the VPN tunnel.
-
-```Bash
-# 1. SSH into the STACKIT debug machine
-ssh debug@
-# password debug123
-
-# 2. Ping the GCP private IP (copy from the `gcp_test_vm_private_ip` output)
-ping
-```
diff --git a/examples/vpn-usecases/stackit-stackit/.terraform.lock.hcl b/examples/vpn-usecases/stackit-stackit/.terraform.lock.hcl
deleted file mode 100644
index 489e1ef..0000000
--- a/examples/vpn-usecases/stackit-stackit/.terraform.lock.hcl
+++ /dev/null
@@ -1,87 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.8.1"
- hashes = [
- "h1:u8AKlWVDTH5r9YLSeswoVEjiY72Rt4/ch7U+61ZDkiQ=",
- "zh:08dd03b918c7b55713026037c5400c48af5b9f468f483463321bd18e17b907b4",
- "zh:0eee654a5542dc1d41920bbf2419032d6f0d5625b03bd81339e5b33394a3e0ae",
- "zh:229665ddf060aa0ed315597908483eee5b818a17d09b6417a0f52fd9405c4f57",
- "zh:2469d2e48f28076254a2a3fc327f184914566d9e40c5780b8d96ebf7205f8bc0",
- "zh:37d7eb334d9561f335e748280f5535a384a88675af9a9eac439d4cfd663bcb66",
- "zh:741101426a2f2c52dee37122f0f4a2f2d6af6d852cb1db634480a86398fa3511",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:a902473f08ef8df62cfe6116bd6c157070a93f66622384300de235a533e9d4a9",
- "zh:b85c511a23e57a2147355932b3b6dce2a11e856b941165793a0c3d7578d94d05",
- "zh:c5172226d18eaac95b1daac80172287b69d4ce32750c82ad77fa0768be4ea4b8",
- "zh:dab4434dba34aad569b0bc243c2d3f3ff86dd7740def373f2a49816bd2ff819b",
- "zh:f49fd62aa8c5525a5c17abd51e27ca5e213881d58882fd42fec4a545b53c9699",
- ]
-}
-
-provider "registry.terraform.io/magodo/restful" {
- version = "0.25.2"
- hashes = [
- "h1:gvoDTFfxp7n1B4Wsnx9IC7Ku8g8tdVR4mCC6TDX0Mws=",
- "zh:0513ff62fce41a59462f39e1c4636f3c87e6f8d24ee579075900d3e0f57f6992",
- "zh:1a3e39e6b8c7fd0f3983730944a029db8f00557922e337cff0567a07c5e74b45",
- "zh:2527c96fcc45458efc9eca1c66cee98269d80693b571c57baee783402bfbaa28",
- "zh:50cec9afe8b55629d1c94d477b26ff95de8cc8e3304f6c2bfc5dad3bccc6decc",
- "zh:89e94c0f312d0ef4213b46ee776a27f6a5d114520c08a4716f4fee4c26c16f91",
- "zh:9a9762ebaf9567a4aa34a1911f051527696241679e087137fcc7821e52b66483",
- "zh:a065be3488e24928199904f4a496974c03fdcf2b06fccf016e405b3068d5ef76",
- "zh:c62a1a6fb3c5135451f68ea4ed1f66d999ab654323d10526756e83f6f77d6bdf",
- "zh:cf01364f89b713dc10eb87098839317e6f2de222bec2597923cddbb07bdd9c13",
- "zh:dc0ac6a1e5e3199e1d35fb49f9de1d9325caa3c0d3e87ea8128295e19ac941c3",
- "zh:e55cf6e8230f081b7c8ade592c14f1b8b45ee0aaa14c2bde2da9531d819a4392",
- "zh:f333748916e68050c8935d760d6b9b469dd76eb94363af93562cbd076dba6ff5",
- "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
- "zh:fdfdca8b7976c1a8b1b6a3589b4bfec277beb6dfb40c5568271d42f0b2f88a9d",
- ]
-}
-
-provider "registry.terraform.io/mastercard/restapi" {
- version = "3.0.0"
- constraints = ">= 3.0.0"
- hashes = [
- "h1:y1I3azDHOqRySTyDHsb3Xh1waP/99KfykZRagbRx1qI=",
- "zh:0b63bd3c25a31f090a41933f90b7dd6e984add1c4261d8f5caa73f4d5aa065a4",
- "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7",
- "zh:2d31f322454d271eb328c2d3b3d41f426df98503982788be347799ddf68bf9bf",
- "zh:47dd97e3f43bb89ae4254bba90ffbc6d521338554a1f94961e21214dd801b81b",
- "zh:49636b072b9a30d15916468857bce91d39bc87bbba1c99fb3894fafa9409b8b4",
- "zh:5566605a8e16478bc66c1fec8dea0890586c084221161dc82b73d162d44c08a7",
- "zh:5859e0ad05aa6b3b108f0b718986e237a18d5176efea62d1ac1ef352561b4713",
- "zh:76129b89e2b56d8d2af8f6e10cc748bea4ee6ec1105e916f1254cd124f4dcf9c",
- "zh:bfc20b5fd03cb3243917e8cf360e5208284e757ab82f83c992da471ef16a0eab",
- "zh:d1d2363009253cdfe5795a48b6412bff11104fe6a52fb0a57e5a95fc765a161e",
- "zh:d1f0b981089ad709b73c4f989a9cd9118c4e3cb8fc0a2b303aa4d77cc5102a53",
- "zh:dbfddb2f407481a4e88fdc17739c805d9d9fff2451efcb9226572d59ed2e9128",
- "zh:df04a8c777d05896684171807b27c41befbf5f217f50b0e9b2b27164d4aacca5",
- "zh:e68b450c66efe55d1132585477fa71207680806edafb3792ca44d9695d0a1d75",
- "zh:f894e7e9913347e25e67d5d3bf91659c06877dd5fa11acf75820fa03fa34b8bd",
- ]
-}
-
-provider "registry.terraform.io/stackitcloud/stackit" {
- version = "0.95.0"
- constraints = ">= 0.66.0"
- hashes = [
- "h1:sKmc6SGKEFglXKLMtOluJkFm7tzQZKQV3/QxUbHug1E=",
- "zh:023edbb8ca984233bb51605a9005d4f7cb3365f0b11ddd68d911a1e30ccf64be",
- "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
- "zh:1fc43ed3055c4912e5b3ae2eba49dd5407beaa9ba6617612f317543f7d26ccd7",
- "zh:31e587a9f279661b74b139e2a964a7d1c54a4073d27d21c2f948e0e7ba4c0d04",
- "zh:37427a23800dff84c1b89d4985cb935c0112c59acd716d8920c160221c459061",
- "zh:3a575f5c7d1252d99aea9187923087e1d483b2b34e42c9f058f557ec28c45d84",
- "zh:44c7ee340e1a09d6f9a9873959f8283f0d73aee4a8c884f7b36985f943874b65",
- "zh:4fab8fe953a0d4c21589cd36d23afe072c6403e37620c82839f9f829139cbbbf",
- "zh:69fc061b3c7ea82d9e9a31d3665a535f6bb9dc3d6ff5b466f940d3d04a105e19",
- "zh:85ee00442eff70ea103a96276efb5e1485b661b0a1db08bcdbd28b11b1f966e6",
- "zh:9761ef1321c93cb3e4bc2499995b3e7ae910e2ae68b3228164dea73e9687ddb5",
- "zh:b158a4e4726a4d4c9f61c5dc71abb4ca3a621269e1d7af88ab36d34c3bcec66f",
- "zh:da37df9a426d83da8f6c1340104a6b9a7eef4a7e2589d0b70a89c574a1b3cc78",
- "zh:e6421b9a351b2c9b2ab2341f2c07d863eb2ed055b847ea839de96b0fd62baf97",
- ]
-}
diff --git a/examples/vpn-usecases/stackit-stackit/010-provider.tf b/examples/vpn-usecases/stackit-stackit/010-provider.tf
deleted file mode 100644
index 6e6d261..0000000
--- a/examples/vpn-usecases/stackit-stackit/010-provider.tf
+++ /dev/null
@@ -1,50 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-terraform {
- required_providers {
- stackit = {
- source = "stackitcloud/stackit"
- version = ">=0.95.0"
- }
- restapi = {
- source = "Mastercard/restapi"
- version = ">= 3.0.0"
- }
- restful = {
- source = "magodo/restful"
- }
- }
-}
-
-provider "stackit" {
- default_region = var.stackit_region
- service_account_key_path = var.stackit_service_account_key_path
- enable_beta_resources = true
- experiments = ["iam"]
-}
-
-ephemeral "stackit_access_token" "this" {}
-
-provider "restful" {
- alias = "stackit"
- base_url = "https://vpn.api.eu01.stackit.cloud"
- security = {
- http = {
- token = {
- token = ephemeral.stackit_access_token.this.access_token
- }
- }
- }
-}
diff --git a/examples/vpn-usecases/stackit-stackit/020-variables.tf b/examples/vpn-usecases/stackit-stackit/020-variables.tf
deleted file mode 100644
index a0f733d..0000000
--- a/examples/vpn-usecases/stackit-stackit/020-variables.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# load via *.auto.tfvars
-
-variable "stackit_org_id" {
- type = string
-}
-
-variable "stackit_region" {
- type = string
- default = "eu01"
-}
-
-variable "stackit_service_account_key_path" {
- type = string
-}
-
-variable "stackit_admin_email" {
- type = string
-}
diff --git a/examples/vpn-usecases/stackit-stackit/030-stackit-stackit-vpn.tf b/examples/vpn-usecases/stackit-stackit/030-stackit-stackit-vpn.tf
deleted file mode 100644
index 42c60eb..0000000
--- a/examples/vpn-usecases/stackit-stackit/030-stackit-stackit-vpn.tf
+++ /dev/null
@@ -1,255 +0,0 @@
-# Copyright 2026 Schwarz Digits Cloud GmbH & Co. KG
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-module "vpn_sna_01" {
- source = "../module/stackit-sna-with-debug-machine"
- machine_availability_zone = "eu01-1"
- machine_ipv4_prefix = "10.10.10.0/24"
- machine_network_name = "vpn-sna-01"
- sna_name = "vpn-sna-01"
- machine_name = "vpn-sna-01"
- stackit_admin_email = var.stackit_admin_email
- stackit_org_id = var.stackit_org_id
- stackit_project_name = "vpn-sna-01"
- sna_network_range_prefix = [
- "10.10.0.0/16"
- ]
-}
-
-module "vpn_sna_02" {
- source = "../module/stackit-sna-with-debug-machine"
- machine_availability_zone = "eu01-2"
- machine_ipv4_prefix = "10.11.11.0/24"
- machine_network_name = "vpn-sna-02"
- machine_name = "vpn-sna-02"
- sna_name = "vpn-sna-02"
- stackit_admin_email = var.stackit_admin_email
- stackit_org_id = var.stackit_org_id
- stackit_project_name = "vpn-sna-02"
- sna_network_range_prefix = [
- "10.11.0.0/16"
- ]
-}
-
-# Gateway 1 (vpn-sna-01)
-resource "restful_resource" "vpn_01_gateway" {
- provider = restful.stackit
- path = "/v1/projects/${module.vpn_sna_01.project_id}/regions/eu01/gateways"
- body = {
- availabilityZones = {
- tunnel1 = "eu01-1"
- tunnel2 = "eu01-2"
- }
- bgp = {
- localAsn = 64512
- overrideAdvertisedRoutes = ["10.10.0.0/16"]
- }
- displayName = "vpn01"
- labels = null
- planId = "p500"
- routingType = "BGP_ROUTE_BASED"
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-data "restful_resource" "vpn_01_gateway_status" {
- provider = restful.stackit
- id = "${restful_resource.vpn_01_gateway.id}/status"
-}
-
-# Gateway 2 (vpn-sna-02)
-resource "restful_resource" "vpn_02_gateway" {
- provider = restful.stackit
- path = "/v1/projects/${module.vpn_sna_02.project_id}/regions/eu01/gateways"
- body = {
- availabilityZones = {
- tunnel1 = "eu01-1"
- tunnel2 = "eu01-2"
- }
- bgp = {
- localAsn = 64513
- overrideAdvertisedRoutes = ["10.11.0.0/16"]
- }
- displayName = "vpn02"
- labels = null
- planId = "p500"
- routingType = "BGP_ROUTE_BASED"
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-data "restful_resource" "vpn_02_gateway_status" {
- provider = restful.stackit
- id = "${restful_resource.vpn_02_gateway.id}/status"
-}
-
-# Shared VPN Credentials
-resource "random_password" "vpn_psk" {
- length = 32
- special = false
-}
-
-# Connection from Gateway 1 to Gateway 2
-resource "restful_resource" "vpn_01_connection" {
- provider = restful.stackit
- path = "${restful_resource.vpn_01_gateway.id}/connections"
- body = {
- displayName = "conn-to-vpn02"
- tunnel1 = {
- bgp = {
- remoteAsn = 64513
- }
- peering = {
- localAddress = "169.254.0.1"
- remoteAddress = "169.254.0.2"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = data.restful_resource.vpn_02_gateway_status.output.tunnels[0].publicIP
- }
- tunnel2 = {
- bgp = {
- remoteAsn = 64513
- }
- peering = {
- localAddress = "169.254.1.1"
- remoteAddress = "169.254.1.2"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = data.restful_resource.vpn_02_gateway_status.output.tunnels[1].publicIP
- }
- }
-
- lifecycle {
- ignore_changes = [
- body.tunnel1.preSharedKey,
- body.tunnel2.preSharedKey
- ]
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-}
-
-# Connection from Gateway 2 to Gateway 1
-resource "restful_resource" "vpn_02_connection" {
- provider = restful.stackit
- path = "${restful_resource.vpn_02_gateway.id}/connections"
- body = {
- displayName = "conn-to-vpn01"
- tunnel1 = {
- bgp = {
- remoteAsn = 64512
- }
- peering = {
- localAddress = "169.254.0.2"
- remoteAddress = "169.254.0.1"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = data.restful_resource.vpn_01_gateway_status.output.tunnels[0].publicIP
- }
- tunnel2 = {
- bgp = {
- remoteAsn = 64512
- }
- peering = {
- localAddress = "169.254.1.2"
- remoteAddress = "169.254.1.1"
- }
- phase1 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- phase2 = {
- dhGroups = ["modp2048"]
- encryptionAlgorithms = ["aes256gcm16"]
- integrityAlgorithms = ["sha2_256"]
- }
- preSharedKey = random_password.vpn_psk.result
- remoteAddress = data.restful_resource.vpn_01_gateway_status.output.tunnels[1].publicIP
- }
- }
-
- read_path = "$(path)/$(body.id)"
- update_path = "$(path)/$(body.id)"
- update_method = "PUT"
- delete_path = "$(path)/$(body.id)"
- delete_method = "DELETE"
-
- lifecycle {
- ignore_changes = [
- body.tunnel1.preSharedKey,
- body.tunnel2.preSharedKey
- ]
- }
-}
-
-output "vpn01_public_ip" {
- value = module.vpn_sna_01.machine_public_ip
-}
-
-output "vpn01_private_ip" {
- value = module.vpn_sna_01.machine_private_ipv4
-}
-
-output "vpn02_public_ip" {
- value = module.vpn_sna_02.machine_public_ip
-}
-
-output "vpn02_private_ip" {
- value = module.vpn_sna_02.machine_private_ipv4
-}
diff --git a/examples/vpn-usecases/stackit-stackit/MAINTAINERS.md b/examples/vpn-usecases/stackit-stackit/MAINTAINERS.md
deleted file mode 100644
index 1aaefce..0000000
--- a/examples/vpn-usecases/stackit-stackit/MAINTAINERS.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Maintainers
-
-General maintainers:
-
-- Mauritz Uphoff (mauritz.uphoff@digits.schwarz)
-
-This example is actively maintained. The owner is responsible for reviewing and updating dependencies and functionalities on a monthly basis.
-For questions, issues, or feature requests, please email general maintainers.
-Please include the BP name and version in your request. We will track your request as an issue.
diff --git a/examples/vpn-usecases/stackit-stackit/README.md b/examples/vpn-usecases/stackit-stackit/README.md
deleted file mode 100644
index c091147..0000000
--- a/examples/vpn-usecases/stackit-stackit/README.md
+++ /dev/null
@@ -1,21 +0,0 @@
-# STACKIT-to-STACKIT VPN Gateway
-
-This example leverages the STACKIT VPN service to establish a secure, Highly Available (HA) connection between two separate STACKIT Network Areas (SNAs).
-
-The connection utilizes **BGP (Border Gateway Protocol)** to automatically propagate and learn routing information between the two networks.
-
-> **Note:** Currently, native SNA peering is not available in STACKIT. Therefore, provisioning a VPN connection is the required method to interconnect two SNAs. This will change in the future once native SNA peering is released.
-
-
-
-## How to Test the Connection
-
-Once the deployment is complete, you can verify the VPN tunnel using the provisioned debug machines:
-
-1. **SSH** into the first debug machine using its public IP (`vpn01_public_ip`).
-2. **Ping** the private IP of the second debug machine (`vpn02_private_ip`) across the tunnel.
-
-```bash
-# Example test command once connected to the vpn01 machine via SSH
-ping
-```
diff --git a/examples/vpn-usecases/stackit-stackit/docs/architecture.png b/examples/vpn-usecases/stackit-stackit/docs/architecture.png
deleted file mode 100644
index fe965d1..0000000
Binary files a/examples/vpn-usecases/stackit-stackit/docs/architecture.png and /dev/null differ
diff --git a/modules/test-machine/variables.tf b/modules/test-machine/variables.tf
index 6813331..a85ae88 100644
--- a/modules/test-machine/variables.tf
+++ b/modules/test-machine/variables.tf
@@ -15,70 +15,40 @@
variable "project_id" {
description = "The STACKIT Project ID"
type = string
-
- validation {
- condition = can(regex("^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$", var.project_id))
- error_message = "The project_id must be a valid UUID."
- }
}
variable "network_id" {
description = "The Network ID (UUID) where the machine should be spawned"
type = string
-
- validation {
- condition = can(regex("^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$", var.network_id))
- error_message = "The network_id must be a valid UUID."
- }
}
variable "name" {
description = "Hostname of the server"
type = string
default = "test-machine"
-
- validation {
- condition = can(regex("^[a-z0-9-]+$", var.name))
- error_message = "The machine name must contain only lowercase letters, numbers, and hyphens."
- }
}
variable "availability_zone" {
description = "The availability zone (e.g. eu01-1)"
type = string
-
- validation {
- condition = can(regex("^[a-z]{2}[0-9]{2}-[a-zA-Z0-9]+$", var.availability_zone))
- error_message = "The availability zone must follow the STACKIT pattern (e.g., eu01-1, eu01-m)."
- }
}
variable "machine_type" {
description = "Flavor of the machine"
type = string
- default = "c2i.1"
+ default = "g1.1"
}
variable "image_id" {
description = "Image UUID (Default: Debian 12)"
type = string
default = "c751cde7-e648-4f81-9722-ce9c7848bed0"
-
- validation {
- condition = can(regex("^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$", var.image_id))
- error_message = "The image_id must be a valid UUID."
- }
}
variable "disk_size" {
description = "Boot volume size in GB"
type = number
default = 50
-
- validation {
- condition = var.disk_size >= 1
- error_message = "The disk_size must be at least 1 GB."
- }
}
variable "disk_performance_class" {