terraform-iaas-api-basic-ha-vrrp/03-network.tf

/*
Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>

Use of this source code is governed by an MIT-style
license that can be found in the LICENSE file or at
https://opensource.org/licenses/MIT.
*/

# Create vNET Network
resource "stackit_network" "default" {
  project_id       = var.STACKIT_PROJECT_ID
  ipv4_prefix      = "10.1.2.0/24"
  name             = "default"
  ipv4_nameservers = ["9.9.9.9", "1.1.1.1"]
}

# Security Group
resource "stackit_security_group" "active-passive" {
  project_id = var.STACKIT_PROJECT_ID
  name       = "ha-active-passive"
}

resource "stackit_security_group_rule" "icmp" {
  project_id        = var.STACKIT_PROJECT_ID
  security_group_id = stackit_security_group.active-passive.security_group_id
  direction         = "ingress"
  icmp_parameters = {
    code = 0
    type = 8
  }
  protocol = {
    name = "icmp"
  }
}

resource "stackit_security_group_rule" "ssh" {
  project_id        = var.STACKIT_PROJECT_ID
  security_group_id = stackit_security_group.active-passive.security_group_id
  direction         = "ingress"
  port_range = {
    min = 22
    max = 22
  }
  protocol = {
    name = "tcp"
  }
}

resource "stackit_security_group_rule" "http" {
  project_id        = var.STACKIT_PROJECT_ID
  security_group_id = stackit_security_group.active-passive.security_group_id
  direction         = "ingress"
  port_range = {
    min = 80
    max = 80
  }
  protocol = {
    name = "tcp"
  }
}

resource "stackit_security_group_rule" "vrrp" {
  project_id        = var.STACKIT_PROJECT_ID
  security_group_id = stackit_security_group.active-passive.security_group_id
  direction         = "ingress"
  protocol = {
    name = "vrrp"
  }
}