This is a provider plug-in for Terraform to manage Infoblox NIOS (Network Identity Operating System) resources using Terraform infrastructure as code solutions. The plug-in enables lifecycle management of Infoblox NIOS DDI resources.
The latest version of Infoblox provider is v2.7.0
The provider plug-in has NIOS DDI resources represented as Terraform resources and data sources. The consolidated list of supported resources and data sources is as follows:
- Network view (
infoblox_network_view
) - Network container (
infoblox_ipv4_network_container
,infoblox_ipv6_network_container
) - Network (
infoblox_ipv4_network
,infoblox_ipv6_network
) - A-record (
infoblox_a_record
) - AAAA-record (
infoblox_aaaa_record
) - DNS View (
infoblox_dns_view
) - PTR-record (
infoblox_ptr_record
) - CNAME-record (
infoblox_cname_record
) - MX-record (
infoblox_mx_record
) - TXT-record (
infoblox_txt_record
) - SRV-record (
infoblox_srv_record
) - Zone Auth (
infoblox_zone_auth
) - Host record as a backend for the following operations:
- Allocation and deallocation of an IP address from a Network (
infoblox_ip_allocation
) - Association and disassociation of an IP address from a VM (
infoblox_ip_association
)
- Allocation and deallocation of an IP address from a Network (
- Zone Forward (
infoblox_zone_forward
)
All of the above resources are supported with comment
and ext_attrs
fields.
DNS records and the infoblox_ip_allocation
resources are supported with ttl
field.
A resource can manage its drift state by using the extensible attribute Terraform Internal ID
when its Reference ID is changed by any manual intervention.
- Network View (
infoblox_network_view
) - IPv4 Network (
infoblox_ipv4_network
) - IPv4 Network Container (
infoblox_ipv4_network_container
) - A-record (
infoblox_a_record
) - AAAA-record (
infoblox_aaaa_record
) - DNS View (
infoblox_dns_view
) - CNAME-record (
infoblox_cname_record
) - PTR-record (
infoblox_ptr_record
) - MX-record (
infoblox_mx_record
) - TXT-record (
infoblox_txt_record
) - SRV-record (
infoblox_srv_record
) - Zone Auth (
infoblox_zone_auth
) - Zone Forward (
infoblox_zone_forward
) - IPv6 Network (
infoblox_ipv6_network
) - IPv6 Network Container (
infoblox_ipv6_network_container
) - Host-record (
infoblox_host_record
)
All of the above data sources are supported with comment
and ext_attr
fields.
Data source of DNS records are supported with ttl
and zone
fields.
The comprehensive documentation of the plug-in is available at Terraform registry and on Infoblox internet site as well.
Whether you intend to use the published plug-in or the customized version that you have built by yourself, you must complete the following prerequisites:
- Install and set up a physical or virtual Infoblox NIOS appliance that is running on NIOS and has necessary licenses installed. To try out the plug-in, you can download and install the evaluation version of vNIOS from the Infoblox Download Center. For more information, see sections Downloading NIOS and Setting Up NIOS.
- Download and install Terraform (as of now, only version 0.14 is supported).
- Configure the access permissions for Terraform to interact with NIOS Grid objects.
- If you plan to develop a plug-in that includes features that are not in the published version, then install the infoblox-go-client and Go programming language.
- To use the Infoblox IPAM Plug-In for Terraform, you must either define the following extensible attributes in NIOS or
install the Cloud Network Automation license in the NIOS Grid, which adds the extensible attributes by default:
Tenant ID
: String TypeCMP Type
: String TypeCloud API Owned
: List Type (Values: True, False)
- To use the Infoblox IPAM Plug-In for Terraform, you must either define the extensible attribute
Terraform Internal ID
in NIOS or usesuper user
to execute the below cmd. It will create the read only extensible attributeTerraform Internal ID
. for more details refer to the Infoblox NIOS Documentation.curl -k -u <SUPERUSER>:<PASSWORD> -H "Content-Type: application/json" -X POST https://<NIOS_GRID_IP>/wapi/<WAPI_VERSION>/extensibleattributedef -d '{"name": "Terraform Internal ID", "flags": "CR", "type": "STRING", "comment": "Internal ID for Terraform Resource"}'
The limitations of Infoblox IPAM Plug-In for Terraform are as follows:
- Allocation and association through a fixed-address record are not supported.
- For
infoblox_ip_allocation
andinfoblox_ip_association
resources: creation of a host record with multiple IP addresses of the same type is not supported. But you can create a host record with a single IPv4 and IPv6 address (of both IP types at the same host record). - Authority delegation of IP addresses and DNS name spaces to a cloud platform appliance, is not supported.
- Inheritance of extensible attributes is not fully functional in this release. Infoblox supports only the retaining of inherited extensible attributes values in NIOS. The values are no longer deleted from NIOS as a result of any operation performed in Terraform.
- Configuring an A, AAAA, and a host record resource with both cidr and ip_addr parameters, or configuring a PTR record with a combination of cidr , ip_addr , and record_name parameters, may lead to unexpected behavior. For a consistent behavior, configure any one of the input parameters.
- Required extensible attributes specified in NIOS Grid Manager are not validated by the plug-in.
- In NIOS, the gateway IP addresses of networks created using the
infoblox_ipv4_network
andinfoblox_ipv6_network
resources display as "IPv4 Reservation" and "IPv6 Fixed Address" respectively. - Use of capital letters in the domain name of a Terraform resource may lead to unexpected results. For example, when you use a Terraform data source to search for a DNS record that has capital letters in its name, no results are returned if you specify the name in the same text case. You must specify the name in lower case.
- In plug-in versions prior to
v2.5.0
, the fetch functionality in data sources returns output for only one matching object even if it finds multiple objects matching the search criteria. - When using the Terraform
import
block for a resource, a new Terraform internal ID is assigned to the resource when theterraform plan
command is run for the first time. If a subsequentterraform apply
is aborted, the record will still retain theTerraform Internal ID
though the resource is not managed by Terraform.
- Infoblox recommends that you manage all resources supported by IPAM Plug-In for Terraform from Terraform only. Modifying a resource outside of Terraform may result in unexpected behavior.
- If you need to manage a large number of resources, Infoblox recommends that you manage them across multiple workspaces instead of using a single state file to manage all resources. For more information, see Managing Workspaces and Structuring Terraform Configuration.