IaaC expands SDK and Terraform toolkits

Privacy preference center

By clicking "Accept all" you allow cookies that improve your experience on our site, help us analyze site performance and usage, and enable us to show relevant marketing content. You can manage cookie settings below. By clicking “Confirm selection” you agree with the current settings.

Accept all

Reject All

Manage consent settings

Necessary cookies

Always Active

These cookies are essential for the website to function properly. They enable basic features like page navigation and secure access areas. Without these cookies, the website cannot function.

Ad storage cookies

These cookies help to make a website usable by enabling functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. They are also used to track user interactions with ads.

Analytics storage cookies

These cookies help us analyze website usage to improve performance. They track how visitors interact with the website, allowing us to optimize the user experience.

Personalization cookies

These cookies enable the website to remember user preferences and personalize content. They help tailor the website's experience to your interests.

Ad user data cookies

These cookies collect information about user interactions with ads on the website. The data is used to improve ad targeting and deliver relevant advertising.

Ad personalization cookies

These cookies track user behavior to personalize the ads displayed to you. They help ensure that the ads are relevant to your interests, improving your overall ad experience.

Confirm selection

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

All

Products

Solutions

Regions

Resources

Company

FAQ

Pages

Documentation

Compute That Behaves More Like Real Infrastructure

The netactuate_server resource now supports more complete lifecycle management for cloud VMs.

Server plan changes can scale in place when only the plan changes. Upgrades are handled automatically, while downsizes and ambiguous changes are gated behind allow_downsize_reboot so Terraform does not accidentally shrink or reboot a running server because of drift.

Server tagging is now first-class as well. You can declare tags directly on a VM:

tags = "api, production, sjc"

When configured, Terraform becomes authoritative for that server's tags. Missing tags are created automatically, tag order is normalized, and tag changes happen without rebuilding the VM.

We also added support for creating servers into a VPC (Virtual Private Cloud) at provision time. The workflow is explicit: create the VPC first, then build VMs into that VPC with vpc_id. The Provider exposes the VM's VPC private address through vpc_reserved_network and private_ip, which can then be used by backend pools and load balancers.

VPCs, Gateways, and Load Balancing

The Provider now includes a full VPC resource model.

You can declare isolated private networks with IPv4 and IPv6 ranges, DHCP nameservers, gateway firewall settings, default outbound SNAT, and managed bastion access. Once the VPC exists, Terraform can create backend VMs into it and wire them into internal services.

New VPC-related resources include:

netactuate_vpc

netactuate_vpc_ssh_key

netactuate_vpc_floating_ip

netactuate_vpc_backend_template

netactuate_vpc_gateway_dnat_rule

netactuate_vpc_gateway_snat_rule

netactuate_vpc_gateway_firewall_rule

On top of that, the Provider now manages both network and HTTP load balancer groups associated with VPCs.

Network load balancer groups support L4 forwarding with health checks and backend pools. HTTP load balancer groups add host/path routing, sticky sessions, active and passive health checks, SSL-to-backend, HTTPS redirect behavior, and TLS certificate support through netactuate_ssl_certificate.

This means a full private application pattern can now be described in Terraform: VPC first, backend VMs created into the VPC, private backend addresses exported into templates, public gateway IPs allocated, and load balancer groups routing traffic to those backends.

Storage: S3 and Ceph RBD

The Provider now covers both object and block storage.

For object storage, Terraform can create S3-compatible buckets and object stores, returning endpoints and credentials for applications, automation, or CI/CD workflows.

For block storage, Terraform can create Ceph RBD block namespaces and block volumes, exposing the information needed by clients and Kubernetes CSI workflows: monitors, pool, namespace, cluster ID, image name, and credentials.

New storage resources include:

netactuate_storage_bucket

netactuate_storage_object_store

netactuate_storage_block_namespace

netactuate_storage_block_volume

netactuate_storage_locations data source

Capacity expansion is supported where the platform allows it, while the Provider avoids implying unsafe bidirectional resize behavior.

Managed Kubernetes With NKE

NetActuate Kubernetes Engine is now represented directly in Terraform.

You can declare NKE clusters with Kubernetes version, location, worker plan, node bounds, autoscaling, dashboard settings, dual-stack options, and the required NKE billing contract. The Provider validates requested Kubernetes versions against the currently available version list, helping catch invalid version selections before provisioning.

New NKE resources and data sources include:

netactuate_nke_cluster

netactuate_nke_versions

netactuate_nke_kubeconfig

netactuate_nke_worker_nodes

The examples also show how NKE can be combined with Ceph RBD block namespaces to support Kubernetes persistent volumes through CSI.

Firewalls, Secrets, and Operational Glue

The Provider now manages reusable firewall sets, firewall rules, and VM firewall relationships.

Firewall rule changes use the platform's draft/publish model under the hood. Terraform handles creating or reusing a draft, applying the rule change, publishing it, and optionally syncing the result to VMs. That gives users a declarative interface while preserving the safer staged workflow used by the platform.

Secrets are now supported with a simple two-level model:

netactuate_secret_list

netactuate_secret_list_value

This makes it easier to group credentials and generated values from Terraform-managed infrastructure, such as S3 keys, RBD credentials, application secrets, or integration tokens.

Images, Bare Metal, and Quality-of-Life Improvements

The Provider also gained custom image management. You can snapshot an existing server into a reusable image, update image metadata, delete images, and look up existing images through a data source.

Bare-metal provisioning is now represented through netactuate_metal, including dedicated device provisioning, OS profile selection, build scripts, disk layout, and build-status waiting.

There are also several quality-of-life improvements across the Provider:

SSH keys can update in place
Location matching is more forgiving across codes and names
Server deletes retry around active utility jobs
VPC server deletion releases the VPC IP reservation after deletion
Provider examples now cover practical multi-resource workflows instead of isolated single-resource snippets

A Bigger Direction

Taken together, these changes move the NetActuate Terraform Provider from "create a VM" toward "declare an environment."

You can now model an edge VM with storage and firewall policy, a private VPC with internal backends and public load balancing, a managed Kubernetes cluster with persistent block storage, reusable secrets, custom images, and safer compute scaling behavior.

The GoNA SDK now backs these platform areas with typed operations, and the Terraform Provider turns those operations into repeatable infrastructure workflows.

Cloud Router and Magic Mesh deserve their own dedicated deep dive, so we'll cover those separately in the near future.