IaC Bazaar
Get started
Alibaba CloudPlan-validated

Alibaba Cloud VPC Foundation

Multi-AZ VPC with vSwitches, NAT gateway, SNAT, security groups, and flow logs.

terraformAlt & Specialty Clouds#alicloud

Compare Virtual Private Cloud (VPC) across clouds →

alicloud-vpc-foundationterraform v1.7

Verification

Plan-validated

Passed: module logic verified on a mocked plan — inputs, validation rules, conditional creation and outputs resolve (no real provider, no cloud).

Conformance

  • Static validation (fmt · validate · tflint)
  • Security scan clean (Checkov)
  • Plan tests (mocked: validation rules · outputs)

Provenance

  • SHA-256 checksum
  • Signature (pending)

Functional

  • Live test pending (no cloud run yet)

Last verified 2026-06-28 · how we verify

Documentation

alicloud-vpc-foundation

A production-ready Alibaba Cloud (Aliyun) network foundation: a multi-AZ VPC with vSwitches, an enhanced NAT gateway (EIP + per-vSwitch SNAT for outbound-only internet egress), a least-privilege base security group, and optional VPC flow logs into Log Service (SLS).

Status: static-validated, live-test pending. Validated with tofu validate + tflint + checkov against the aliyun/alicloud provider. Not yet applied against a live Alibaba Cloud account (no sandbox subscription), so it ships under live-test quarantine.

Design & secure defaults

  • No inbound exposure by default. The base security group allows egress and (optionally) intra-group traffic; nothing is reachable from the internet until you declare ingress_rules.
  • Outbound-only egress. Only vSwitches with nat = true get SNAT internet access through the NAT gateway — there is no Internet Gateway, so instances are never directly addressable.
  • Enhanced NAT (nat_type = "Enhanced"), the current generation; the bound EIP is billed PayByTraffic, so nat_eip_bandwidth_mbps is a ceiling.
  • Flow logs are opt-in and validated: enabling them without an existing SLS project/logstore fails at plan time via a precondition.

Provider

aliyun/alicloud >= 1.0, < 2.0. Requires Terraform/OpenTofu >= 1.6.

License

Commercial — LicenseRef-IaCBazaar-Commercial. See the IaC Bazaar terms.

Usage code & full reference unlock after purchase

The complete copy-paste usage, the full input/output reference, and operational notes ship with your licence — shown here and bundled in the download.

  • Usage
  • Key inputs
  • Outputs