diff --git a/released/discovery_center/mission_3252/main.tf b/released/discovery_center/mission_3252/main.tf index 85ce4b70..111fb954 100644 --- a/released/discovery_center/mission_3252/main.tf +++ b/released/discovery_center/mission_3252/main.tf @@ -1,61 +1,56 @@ -############################################################################################### -# Setup of names in accordance to naming convention -############################################################################################### +# ------------------------------------------------------------------------------------------------------ +# Subaccount setup for DC mission 3252 +# ------------------------------------------------------------------------------------------------------ +# Setup subaccount domain (to ensure uniqueness in BTP global account) resource "random_uuid" "uuid" {} locals { - random_uuid = random_uuid.uuid.result - project_subaccount_domain = lower(replace("mission-3252-${local.random_uuid}", "_", "-")) + random_uuid = random_uuid.uuid.result + subaccount_domain = lower(replace("mission-3260-${local.random_uuid}", "_", "-")) } -############################################################################################### +# ------------------------------------------------------------------------------------------------------ # Creation of subaccount -############################################################################################### +# ------------------------------------------------------------------------------------------------------ resource "btp_subaccount" "dc_mission" { + count = var.subaccount_id == "" ? 1 : 0 name = var.subaccount_name - subdomain = local.project_subaccount_domain - region = lower(var.region) + subdomain = local.subaccount_domain + region = var.region } -############################################################################################### -# Assignment of users as sub account administrators -############################################################################################### -resource "btp_subaccount_role_collection_assignment" "subaccount-admins" { - for_each = toset("${var.subaccount_admins}") - subaccount_id = btp_subaccount.dc_mission.id - role_collection_name = "Subaccount Administrator" - user_name = each.value +data "btp_subaccount" "dc_mission" { + id = var.subaccount_id != "" ? var.subaccount_id : btp_subaccount.dc_mission[0].id } -############################################################################################### -# Assignment of users as sub account service administrators -############################################################################################### -resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" { - for_each = toset("${var.subaccount_service_admins}") - subaccount_id = btp_subaccount.dc_mission.id - role_collection_name = "Subaccount Service Administrator" - user_name = each.value +# ------------------------------------------------------------------------------------------------------ +# SERVICES +# ------------------------------------------------------------------------------------------------------ +# +locals { + service_name__kymaruntime = "kymaruntime" } -###################################################################### -# Setup Kyma -###################################################################### +# ------------------------------------------------------------------------------------------------------ +# Setup kymaruntime (Kyma Runtime) +# ------------------------------------------------------------------------------------------------------ +# data "btp_regions" "all" {} -#we take the iaas provider for the first region associated with the subaccount +# we take the iaas provider for the first region associated with the subaccount locals { - subaccount_iaas_provider = [for region in data.btp_regions.all.values : region if region.region == btp_subaccount.dc_mission.region][0].iaas_provider + subaccount_iaas_provider = [for region in data.btp_regions.all.values : region if region.region == data.btp_subaccount.dc_mission.region][0].iaas_provider } - +# Entitle resource "btp_subaccount_entitlement" "kymaruntime" { - subaccount_id = btp_subaccount.dc_mission.id - service_name = "kymaruntime" + subaccount_id = data.btp_subaccount.dc_mission.id + service_name = local.service_name__kymaruntime plan_name = lower(local.subaccount_iaas_provider) amount = 1 } data "btp_subaccount_environments" "all" { - subaccount_id = btp_subaccount.dc_mission.id + subaccount_id = data.btp_subaccount.dc_mission.id depends_on = [btp_subaccount_entitlement.kymaruntime] } @@ -72,18 +67,42 @@ resource "null_resource" "cache_kyma_region" { locals { kyma_instance_parameters = var.kyma_instance_parameters != null ? var.kyma_instance_parameters : { - name = btp_subaccount.dc_mission.subdomain + name = data.btp_subaccount.dc_mission.subdomain region = null_resource.cache_kyma_region.triggers.region } } resource "btp_subaccount_environment_instance" "kyma" { - subaccount_id = btp_subaccount.dc_mission.id - name = var.kyma_instance_parameters != null ? var.kyma_instance_parameters.name : btp_subaccount.dc_mission.subdomain + subaccount_id = data.btp_subaccount.dc_mission.id + name = var.kyma_instance_parameters != null ? var.kyma_instance_parameters.name : data.btp_subaccount.dc_mission.subdomain environment_type = "kyma" - service_name = "kymaruntime" + service_name = local.service_name__kymaruntime plan_name = lower(local.subaccount_iaas_provider) parameters = jsonencode(local.kyma_instance_parameters) timeouts = var.kyma_instance_timeouts depends_on = [btp_subaccount_entitlement.kymaruntime] } + +# ------------------------------------------------------------------------------------------------------ +# USERS AND ROLES +# ------------------------------------------------------------------------------------------------------ +# +# ------------------------------------------------------------------------------------------------------ +# Assign role collection "Subaccount Administrator" +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "subaccount_admins" { + for_each = toset(var.subaccount_admins) + subaccount_id = data.btp_subaccount.dc_mission.id + role_collection_name = "Subaccount Administrator" + user_name = each.value +} + +# ------------------------------------------------------------------------------------------------------ +# Assign role collection "Subaccount Service Administrator" +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "subaccount_service_admins" { + for_each = toset(var.subaccount_service_admins) + subaccount_id = data.btp_subaccount.dc_mission.id + role_collection_name = "Subaccount Service Administrator" + user_name = each.value +} \ No newline at end of file diff --git a/released/discovery_center/mission_3252/outputs.tf b/released/discovery_center/mission_3252/outputs.tf index 0c4d5022..96849069 100644 --- a/released/discovery_center/mission_3252/outputs.tf +++ b/released/discovery_center/mission_3252/outputs.tf @@ -1,3 +1,3 @@ output "subaccount_id" { - value = btp_subaccount.dc_mission.id + value = data.btp_subaccount.dc_mission.id } diff --git a/released/discovery_center/mission_3252/provider.tf b/released/discovery_center/mission_3252/provider.tf index bfdba311..0d729c9d 100644 --- a/released/discovery_center/mission_3252/provider.tf +++ b/released/discovery_center/mission_3252/provider.tf @@ -12,7 +12,7 @@ terraform { provider "btp" { # Uncomment the idp in case you need it to connect to your global account # ------------------------------------------------------------------------- - idp = var.custom_idp + #idp = var.custom_idp globalaccount = var.globalaccount cli_server_url = var.cli_server_url } diff --git a/released/discovery_center/mission_3252/sample.tfvars b/released/discovery_center/mission_3252/sample.tfvars new file mode 100644 index 00000000..221dcc7b --- /dev/null +++ b/released/discovery_center/mission_3252/sample.tfvars @@ -0,0 +1,27 @@ +# ------------------------------------------------------------------------------------------------------ +# Provider configuration +# ------------------------------------------------------------------------------------------------------ +custom_idp = "<>.accounts.ondemand.com" + +# ------------------------------------------------------------------------------------------------------ +# Account settings +# ------------------------------------------------------------------------------------------------------ +globalaccount = "" +region = "eu10" +subaccount_name = "SAP Discovery Center Mission 3252" + +# ------------------------------------------------------------------------------------------------------ +# Use case specific configuration +# ------------------------------------------------------------------------------------------------------ +subaccount_admins = ["another-user@test.com", "you@test.com"] +subaccount_service_admins = ["another-user@test.com", "you@test.com"] + +# Kyma instance parameters. When set to null, the name will be set to the subaccount subdomain and the +# first available cluster region for the subaccount will be selected. +kyma_instance_parameters = { + name = "my-kyma-environment" + region = "eu-central-1" + machine_type = "mx5.xlarge" + auto_scaler_min = 3 + auto_scaler_max = 20 +} \ No newline at end of file diff --git a/released/discovery_center/mission_3252/samples.tfvars b/released/discovery_center/mission_3252/samples.tfvars deleted file mode 100644 index 8958cc76..00000000 --- a/released/discovery_center/mission_3252/samples.tfvars +++ /dev/null @@ -1,19 +0,0 @@ -# ------------------------------------------------------------------------------------------------------ -# Project specific configuration (please adapt!) -# ------------------------------------------------------------------------------------------------------ -# Your global account subdomain -globalaccount = "your global account id goes here eg. 0645xxxx-1xxx-4xxx-bxxx-4xxxxxxxxxxx" -subaccount_name = "DC Mission 3252 - Get Started with SAP BTP, Kyma runtime creating a Hello-World Function" -region = "eu10" -subaccount_admins = ["your.admin.email.address@your.company.com"] -subaccount_service_admins = ["your.admin.email.address@your.company.com"] - -# Kyma instance parameters. When set to null, the name will be set to the subaccount subdomain and the -# first available cluster region for the subaccount will be selected. -kyma_instance_parameters = { - name = "my-kyma-environment" - region = "eu-central-1" - machine_type = "mx5.xlarge" - auto_scaler_min = 3 - auto_scaler_max = 20 -} diff --git a/released/discovery_center/mission_3252/variables.tf b/released/discovery_center/mission_3252/variables.tf index e4d0eac6..5c37bb04 100644 --- a/released/discovery_center/mission_3252/variables.tf +++ b/released/discovery_center/mission_3252/variables.tf @@ -1,47 +1,44 @@ -###################################################################### -# Customer account setup -###################################################################### -# subaccount +# ------------------------------------------------------------------------------------------------------ +# Account variables +# ------------------------------------------------------------------------------------------------------ variable "globalaccount" { type = string - description = "The globalaccount subdomain." -} -# subaccount -variable "subaccount_name" { - type = string - description = "The subaccount name." - default = "DC Mission 3252 - Get Started with SAP BTP, Kyma runtime creating a Hello-World Function" -} -# Region -variable "region" { - type = string - description = "The region where the project account shall be created in." - default = "eu10" + description = "The globalaccount subdomain where the sub account shall be created." } -# CLI server variable "cli_server_url" { type = string description = "The BTP CLI server URL." - default = "https://cpcli.cf.eu10.hana.ondemand.com" + default = "https://cli.btp.cloud.sap" } variable "custom_idp" { type = string - description = "Defines the custom IDP to be used for the subaccount." + description = "The custom identity provider for the subaccount." default = "" } -variable "subaccount_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount administrators." +variable "region" { + type = string + description = "The region where the subaccount shall be created in." + default = "eu10" } -variable "subaccount_service_admins" { - type = list(string) - description = "Defines the colleagues who are added to each subaccount as subaccount service administrators." +variable "subaccount_name" { + type = string + description = "The subaccount name." + default = "My SAP DC mission subaccount." +} + +variable "subaccount_id" { + type = string + description = "The subaccount ID." + default = "" } +# ------------------------------------------------------------------------------------------------------ +# service parameters +# ------------------------------------------------------------------------------------------------------ variable "kyma_instance_parameters" { type = object({ name = string @@ -74,4 +71,17 @@ variable "kyma_instance_timeouts" { update = "35m" delete = "1h" } +} + +# ------------------------------------------------------------------------------------------------------ +# User lists +# ------------------------------------------------------------------------------------------------------ +variable "subaccount_admins" { + type = list(string) + description = "Defines the users who are added to subaccount as administrators." +} + +variable "subaccount_service_admins" { + type = list(string) + description = "Defines the users who are added to subaccount as service administrators." } \ No newline at end of file