DevOps
Terraform for AIX on IBM Power Systems Virtual Server
Provision AIX on IBM Power Systems Virtual Server with Terraform: PowerVS instances, NIM-style image management, SAN volumes, and hybrid VPN.
1 min read
DevOps
Terraform for IBM z/OS Mainframes: Hybrid Cloud Patterns
Integrate IBM z/OS mainframes with Terraform: Wazi as a Service on IBM Cloud, Zowe APIs, and surrounding hybrid cloud infrastructure.
LLuca Berton1 min read
IBM z/OS still runs the world's payments, insurance, and core banking. Terraform doesn't manage z/OS the way it manages an EC2 instance, but on IBM Cloud the IBM-Cloud/ibm provider can provision Wazi as a Service (cloud-hosted z/OS dev sandboxes) and the surrounding hybrid networking, VPN, and IAM.
IBM Cloud Provider
#terraform {
required_providers {
ibm = { source = "IBM-Cloud/ibm", version = "~> 1.70" }
}
}
provider "ibm" {
ibmcloud_api_key = var.ibm_api_key
region = "us-south"
}Wazi as a Service Sandbox
#resource "ibm_resource_instance" "wazi" {
name = "wazi-dev-1"
service = "wazi-as-a-service"
plan = "standard"
location = "us-south"
resource_group_id = data.ibm_resource_group.dev.id
}Hybrid Connectivity (Direct Link to On-Prem Mainframe)
#resource "ibm_dl_gateway" "to_mainframe" {
bgp_asn = 64999
global = true
metered = false
name = "dl-zos-corp"
speed_mbps = 1000
type = "dedicated"
cross_connect_router = "lon04-xcr01.dal09.bluemix.net"
location_name = "dal09"
customer_name = "Acme Bank"
carrier_name = "MyCarrier"
}Cloud-Side APIs Calling z/OS via Zowe
#The Zowe API Mediation Layer fronts CICS, IMS, JES on z/OS. Terraform provisions the API gateway, secrets, and observability that surround it:
resource "ibm_secrets_manager_secret" "zowe_creds" {
instance_id = ibm_resource_instance.sm.guid
region = "us-south"
secret_type = "iam_credentials"
name = "zowe-api-creds"
}Best Practices
#- Wazi for dev/test, real LPARs for prod — Terraform helps the cloud sandbox; real LPARs change via z/OSMF and operators.
- Treat z/OS as a service to call, not a host to provision — Terraform manages the API and network.
- Use Direct Link (not VPN-over-internet) for production traffic to and from z/OS.
- Keep RACF/ACF2 changes out of Terraform — they live in mainframe security tooling.
Related
##Terraform#IBM z/OS#Mainframe#IBM Cloud#Zowe
Related articles
DevOps
Terraform for IBM i on Power Systems Virtual Server
Provision IBM i (Power Systems) on IBM Cloud with Terraform: PowerVS instances, Db2 for i, FlashCopy storage, and hybrid networking.
1 min read
DevOps
Deploy OpenClaw AI on AWS EC2 with Terraform and EBS Storage
Deploy OpenClaw AI on AWS EC2 with Terraform: Ubuntu 24.04, gp3 EBS for persistent agent data, SSH key pair, security group, and user-data bootstrap.
3 min read
DevOps
Terraform for Android App Backends on Firebase and GCP
Provision Android app backends with Terraform: Firebase Auth, Firestore, FCM push, Cloud Run APIs, and Play Integrity API on Google Cloud.
1 min read