Terraform VCD Provider 3.5.0
By: Date: 13/01/2022 Categories: VMware Tags:

New Terraform VMware Cloud Director Provider release – 3.5.0 with support for tenant operations for the NSX-T Advanced Load Balancer (ALB) and many other features.

Additional way of connecting to VCD with API Token

VCD 10.3.1 adds the capability of generating an API access token for provider and tenant. These tokens cannot be used directly to authenticate against a VCD: users should first exchange the token for a bearer token using a REST API call and then connect as usual with the new token. The VCD Terraform plugin 3.5.0, however, makes things simpler by exchanging the API token for a bearer token and use it transparently. All users need to do is providing the following in the provider block:

provider "vcd" {
    user      = "none"
    password  = "none"
    api_token = "NsqWSrgFCHFWMdZJO1t3hmt9SwlOajAJ" # token received from administrator
    auth_type = "api_token"
    # [...]

Ability to set Lease for a vApp

The vcd_vapp resource and corresponding data source add the ability of setting the lease period for run time and storage. The lease is indicated in seconds. A lease of 0 means that the vApp takes the default lease as it was set in the parent organization.

resource "vcd_vapp" "my-vapp" {
    name = "my-vapp"
    # [...]
    lease  {
        runtime_lease_in_sec = 60 * 60 * 24 * 30 # extends the runtime lease to 30 days
        storage_lease_in_sec = 60 * 60 * 24 * 7  # extends the storage lease to 7 days

Initial VDC Group support

This release adds ability for providers and Org users (with certain rights) to create and manage NSX-T VDC Groups. Here is a quick example on how to configure one using Terraform:

data "vcd_org_vdc" "startVdc" {
  name = "existingVdc"
data "vcd_org_vdc" "additionalVdc" {
  name = "oneMoreVdc"
resource "vcd_vdc_group" "new-vdc-group" {
  org                   = "myOrg"
  name                  = "newVdcGroup"
  description           = "my description"
  starting_vdc_id       = data.vcd_org_vdc.startVdc.id
  participating_vdc_ids = [data.vcd_org_vdc.startVdc.id, data.vcd_org_vdc.additionalVdc.id]
  dfw_enabled           = true
  default_policy_status = true

Only System Administrator and Org Users with rights View VDC Group,  Configure VDC Group,  vDC Group: Configure Logging,  Organization vDC Distributed Firewall: Enable/Disable can manage VDC groups using this resource.

NSX-T Advanced Load Balancer

Terraform provider VCD release 3.4.0 introduced resources to configure NSX-T ALB infrastructure for
providers. The latest release 3.5.0 continued to evolve the NSX-T ALB support, but this time it focused
on NSX-T Edge Gateway side of configuration. It is now complete with 4 new resources and data sources in 3.5.0:

vcd_nsxt_alb_settings and vcd_nsxt_alb_edgegateway_service_engine_group still require provider
interaction to enable ALB on a particular Edge Gateway, but vcd_nsxt_alb_pool and vcd_nsxt_alb_virtual_service
are made for tenants and this is where actual load balancer configuration happens.

Please see examples how to reference them in the new Load Balancer resources here: