A comprehensive Terraform module for provisioning and managing infrastructure on ArvanCloud IaaS platform. This project enables you to automate the creation of security groups with firewall rules, private networks, virtual machines (VMs), and storage volumes with a simple, declarative configuration.
Terraform automatically fetches the ArvanCloud provider from terraform.arvancloud.ir/arvancloud/iaas.
For secrets and sensitive variables, define them as GitHub Secrets using this guide. Refer to SETUP.md for instructions on setting up the required secrets and variables.
Edit the terraform.tfvars file and set the following values for the test environment.
apikey = "apikey xxxxxxx-xxxxxx-xxxxx-xxxx-xxxxxxxxx'"
region = "ir-thr-ba1" # or one of the other regions
ssh_key_name = "your-ssh-key-name"Define your desired security groups with firewall rules in the security_group_list section:
security_group_list = [
{
name = "web-server-sg"
description = "Security group for web servers"
rules = [
{
direction = "ingress"
protocol = "tcp"
port_range_min = 22
port_range_max = 22
remote_ip_prefix = "0.0.0.0/0"
description = "Allow SSH"
},
{
direction = "ingress"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
description = "Allow HTTP"
},
{
direction = "ingress"
protocol = "tcp"
port_range_min = 443
port_range_max = 443
remote_ip_prefix = "0.0.0.0/0"
description = "Allow HTTPS"
}
]
}
]Define your desired networks in the network_list section:
network_list = [
{
name = "my-network"
description = "Network description"
cidr = "10.110.255.0/24"
dns_servers = ["185.206.92.250", "188.121.112.78"]
}
]Define your desired servers in the vm_list section:
vm_list = [
{
name = "server-1"
plan = "g6-4-4-0"
distro = "ubuntu"
distro_version = "24.04"
count = 1
disk_size = 40
network = "my-network"
security_group = "default"
floating_ip = false
public_ip = true
volumes = []
}
]Important Note: You cannot use both floating_ip and public_ip at the same time.
Define your desired volumes in the volumes_list section:
volumes_list = [
{
name = "my-volume"
size = 50
ssd = true
}
]terraform initterraform planterraform applyterraform destroy| Variable | Type | Description |
|---|---|---|
apikey |
string | API Key from ArvanCloud panel |
region |
string | Desired region (ir-thr-ba1, ir-tbz-sh1, ir-tbz-fo1, ir-thr-si1) |
ssh_key_name |
string | SSH key name in ArvanCloud panel |
{
name = string # Security Group name
description = string # Description of the security group
rules = [
{
direction = string # "ingress" or "egress"
protocol = string # "tcp", "udp", "icmp", or null for all
port_range_min = number # Starting port number
port_range_max = number # Ending port number
remote_ip_prefix = string # CIDR notation (e.g., "0.0.0.0/0", "10.0.0.0/8")
description = string # Optional description for the rule
}
]
}{
name = string # Network name
description = string # Description
cidr = string # Network CIDR (e.g., "10.110.255.0/24")
dns_servers = list(string) # List of DNS servers
}{
name = string # Server name
plan = string # Server flavor (e.g., "g6-4-4-0", "eco-1-1-0")
distro = string # Linux distribution (ubuntu, centos, ...)
distro_version = string # Distribution version (e.g., "24.04")
count = number # Number of servers
disk_size = number # Disk size (GB)
network = string # Network name
security_group = string # Security Group name
floating_ip = bool # Use Floating IP
public_ip = bool # Use Public IP
volumes = list(string) # List of volumes
}{
name = string # Volume name
size = number # Volume size (GB)
ssd = bool # Use SSD (true) or HDD (false)
}curl 'https://napi.arvancloud.ir/ecc/v1/regions/ir-thr-ba1/sizes' -H 'Authorization: apikey xxxxxxx-xxxxxx-xxxxx-xxxx-xxxxxxxxx' | jq
After running terraform apply, you can access various outputs to get information about your infrastructure. The outputs are organized into several categories for easy access:
| Category | Description | Key Outputs |
|---|---|---|
| Network Information | Details about private networks | network_details, network_ids, network_cidrs |
| VM Information | Details about virtual machines | vm_details, all_vm_ids, all_vm_names, total_vm_count |
| Security Group Information | Details about security groups and firewall rules | security_group_details, security_group_summary, security_group_ids |
| Mappings | Relationships between resources | network_to_vms_mapping, security_group_to_vms_mapping, vm_network_assignment |
| IP Configuration | IP address information | vm_ip_configuration, vms_with_public_ip, vms_with_floating_ip |
| Statistics | Resource counts and summaries | resource_summary, resource_counts, quick_reference |
| SSH & Volumes | Connection and storage information | ssh_key_info, vm_volume_configuration |
Here are the available outputs:
terraform outputGet a quick overview of all resources:
terraform output quick_referenceView summary statistics:
terraform output resource_summary
terraform output resource_counts# Detailed network information
terraform output network_details
# Network IDs mapping
terraform output network_ids
# Network CIDR blocks
terraform output network_cidrs# Detailed VM information
terraform output vm_details
# All VM IDs
terraform output all_vm_ids
# All VM names
terraform output all_vm_names
# VM count by group
terraform output vm_count_by_group
# Total VM count
terraform output total_vm_count# Detailed security group information
terraform output security_group_details
# Security group IDs
terraform output security_group_ids
# Security group summary (shows which VMs use which security groups)
terraform output security_group_summary
# Security group to VM mapping
terraform output security_group_to_vms_mapping# See which VMs are connected to which networks
terraform output network_to_vms_mapping
# Network assignment for each VM group
terraform output vm_network_assignment# IP configuration for each VM group
terraform output vm_ip_configuration
# VMs with public IP
terraform output vms_with_public_ip
# VMs with floating IP
terraform output vms_with_floating_ip
# VMs with private IP only
terraform output vms_private_only# SSH key information
terraform output ssh_key_info
# Volume configuration
terraform output vm_volume_configuration# Complete network module outputs
terraform output network
# Complete VM module outputs
terraform output vm
# Complete security group module outputs
terraform output security_groupsGet all VM IDs for automation:
terraform output -json all_vm_ids | jq -r '.[]'Find which VMs are using a specific security group:
terraform output security_group_to_vms_mapping | grep "web-server-sg" -A 10Get network CIDR for a specific network:
terraform output -json network_cidrs | jq '."my-network"'Count total resources:
terraform output resource_countsGet quick overview in JSON format:
terraform output -json quick_reference- Security Groups: Security groups are created automatically by Terraform. The security group name in
vm_listmust match the name defined insecurity_group_list - Number of Volumes: The number of volumes must match the number of VMs (one volume per VM)
- Floating IP vs Public IP: You cannot use both at the same time
- Network Name: The network name in
vm_listmust match the network name innetwork_list - Firewall Rules: Rules are applied automatically when security groups are created. You can define multiple rules per security group
If you receive an API Key error, make sure:
- The API Key is correct
- The API Key is active in ArvanCloud panel
- Necessary permissions have been granted to the API Key
If you receive an SSH Key error:
- Make sure the SSH Key is defined in ArvanCloud panel
- The SSH Key name in
terraform.tfvarsmatches the name in the panel
If you receive a Security Group error:
- Make sure the security group name in
vm_listmatches a name insecurity_group_list - Verify that firewall rules are properly formatted (direction, protocol, port ranges, CIDR)
- Check that the security group is created before VMs try to use it (Terraform handles dependencies automatically)