IaC Bazaar
Get started
VultrPlan-validated

Vultr Compute Stack

Instances with VPC, firewall, block storage, and reserved IP.

terraformAlt & Specialty Clouds#vultr

Compare Virtual Machines across clouds →

vultr-compute-stackterraform v1.7

Verification

Plan-validated

Passed: module logic verified on a mocked plan — inputs, validation rules, conditional creation and outputs resolve (no real provider, no cloud).

Conformance

  • Static validation (fmt · validate · tflint)
  • No applicable security policies for this provider
  • Plan tests (mocked: validation rules · outputs)

Provenance

  • SHA-256 checksum
  • Signature (pending)

Functional

  • Live test pending (no cloud run yet)

Last verified 2026-06-28 · how we verify

Documentation

vultr-compute-stack

A Vultr compute stack: N identical instances on a private VPC behind a default-deny cloud firewall, with optional per-instance block storage and an optional reserved (static) IP that survives instance rebuilds.

Status: static-validated, live-test pending. Validated with tofu validate + tflint + checkov against the vultr/vultr provider. Not yet applied against a live Vultr account, so it ships under live-test quarantine.

Design & secure defaults

  • SSH closed by default. Vultr firewall groups deny inbound traffic that matches no rule, so SSH stays shut until you list allowed_ssh_cidrs. Add arbitrary firewall_rules for everything else.
  • Private networking. Instances join a dedicated VPC (created unless you pass an existing vpc_id); set disable_public_ipv4 = true for VPC-only or IPv6-only fleets.
  • Backups on by default (backups_enabled = true) with a configurable schedule — turn off for ephemeral environments.
  • Optional persistence: block_storage_size_gb attaches a live NVMe (or HDD) volume per instance; create_reserved_ip pins a static IPv4 to instance 1.

Usage

module "compute" {
  source = "github.com/ITfreak/iacbazaar//artifacts/terraform/vultr-compute-stack"

  name              = "app"
  region            = "ewr"
  instance_count    = 2
  allowed_ssh_cidrs = ["203.0.113.10/32"]
  ssh_key_ids       = ["<vultr-ssh-key-id>"]
}

See examples/basic for a complete configuration.

Key inputs

VariableDescriptionDefault
nameResource name prefixrequired
regionVultr region id (e.g. ewr, ams)required
instance_countNumber of instances (1-50)1
planVultr plan idvc2-1c-1gb
os_idOS id (2284 = Ubuntu 24.04)2284
ssh_key_idsSSH keys installed at boot[]
allowed_ssh_cidrsCIDRs allowed to reach tcp/22[] (closed)
firewall_rulesExtra firewall rules map{}
vpc_id / vpc_subnet / vpc_subnet_maskUse existing VPC, or define the created onenull / 10.16.0.0 / 24
block_storage_size_gb / block_storage_typePer-instance volumenull / high_perf
backups_enabledAutomatic backupstrue
create_reserved_ipStatic IP on instance 1false

Outputs

instance_ids, instance_labels, instance_main_ips, instance_internal_ips, vpc_id, firewall_group_id, block_storage_ids, reserved_ip, reserved_ip_id.

Provider

vultr/vultr >= 2.0, < 3.0. Requires Terraform/OpenTofu >= 1.6.

License

Commercial — LicenseRef-IaCBazaar-Commercial. See the IaC Bazaar terms.