refactor: Improve User experience

README.md

@@ -117,7 +117,7 @@ For more information on access and permissions, see <https://cloud.ibm.com/docs/
 | <a name="input_config_aggregator_resource_collection_regions"></a> [config\_aggregator\_resource\_collection\_regions](#input\_config\_aggregator\_resource\_collection\_regions) | From which region do you want to collect configuration data? Only applies if `enable_config_aggregator` is set to true. | `list(string)` | <pre>[<br/>  "all"<br/>]</pre> | no |
 | <a name="input_config_aggregator_trusted_profile_name"></a> [config\_aggregator\_trusted\_profile\_name](#input\_config\_aggregator\_trusted\_profile\_name) | The name to give the trusted profile that will be created if `enable_config_aggregator` is set to `true`. | `string` | `"config-aggregator-trusted-profile"` | no |
 | <a name="input_enable_config_aggregator"></a> [enable\_config\_aggregator](#input\_enable\_config\_aggregator) | Set to true to enable configuration aggregator. By setting to true a trusted profile will be created with the required access to record configuration data from all resources across regions in your account. [Learn more](https://cloud.ibm.com/docs/app-configuration?topic=app-configuration-ac-configuration-aggregator). | `bool` | `false` | no |
-| <a name="input_region"></a> [region](#input\_region) | The region to provision the App Configuration service, valid regions are au-syd, jp-osa, jp-tok, eu-de, eu-gb, eu-es, us-east, us-south, ca-tor, br-sao, eu-fr2. | `string` | `"us-south"` | no |
+| <a name="input_region"></a> [region](#input\_region) | The region to provision the App Configuration service, valid regions are au-syd, jp-osa, jp-tok, eu-de, eu-gb, eu-es, us-east, us-south, ca-tor, br-sao, eu-fr2, ca-mon. | `string` | `"us-south"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where resources will be provisioned. | `string` | n/a | yes |
 
 ### Outputs

solutions/fully-configurable/DA-cbr_rules.md

@@ -1,12 +1,12 @@
 # Configuring context-based restrictions (CBRs)
 
-The `app_config_cbr_rules` input variable allows you to provide a rule for the target service to enforce access restrictions for the service based on the context of access requests. Contexts are criteria that include the network location of access requests, the endpoint type from where the request is sent, etc.
+The `cbr_rules` input variable allows you to provide a rule for the target service to enforce access restrictions for the service based on the context of access requests. Contexts are criteria that include the network location of access requests, the endpoint type from where the request is sent, etc.
 
-- Variable name: `app_config_cbr_rules`.
+- Variable name: `cbr_rules`.
 - Type: A list of objects. Allows only one object representing a rule for the target service
 - Default value: An empty list (`[]`).
 
-### Options for app_config_cbr_rules
+### Options for cbr_rules
 
   - `description` (required): The description of the rule to create.
   - `account_id` (required): The IBM Cloud Account ID
@@ -28,8 +28,8 @@ The `app_config_cbr_rules` input variable allows you to provide a rule for the t
 [
   {
     description      = "Restrict access to App Config from trusted network"
-    account_id       = "<AccountID>"
-    enforcement_mode = "enabled"
+    account_id       = "<REPLACE ME>"
+    enforcement_mode = "report"
     tags = [
       {
         name  = "env"
@@ -41,7 +41,7 @@ The `app_config_cbr_rules` input variable allows you to provide a rule for the t
         attributes = [
           {
             name  = "networkZoneId"
-            value = "<NetworkZoneID>"
+            value = "<REPLACE ME>"
           },
           {
             "name" : "endpointType",

solutions/fully-configurable/README.md

@@ -1,11 +1,3 @@
-# Cloud automation for App Configuration
-
-[![Catalog release](https://img.shields.io/badge/release-IBM%20Cloud%20Catalog-3662FF?logo=ibm)](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-apprapp-045c1169-d15a-4046-ae81-aa3d3348421f-global)
-
-This solution supports provisioning and configuring the following infrastructure:
-
-- App Config instance and collections
-- Optional context-based restrictions (CBR)
-- Configuration aggregator
+# Cloud automation for App Configuration (Fully configurable)
 
 :exclamation: **Important:** This solution is not intended to be called by other modules because it contains a provider configuration and is not compatible with the `for_each`, `count`, and `depends_on` arguments. For more information, see [Providers Within Modules](https://developer.hashicorp.com/terraform/language/modules/develop/providers).

solutions/fully-configurable/main.tf

@@ -31,5 +31,5 @@ module "app_config" {
   config_aggregator_enterprise_trusted_profile_template_name = "${local.prefix}${var.config_aggregator_enterprise_trusted_profile_template_name}"
   config_aggregator_enterprise_account_group_ids_to_assign   = var.config_aggregator_enterprise_account_group_ids_to_assign
   config_aggregator_enterprise_account_ids_to_assign         = var.config_aggregator_enterprise_account_ids_to_assign
-  cbr_rules                                                  = var.app_config_cbr_rules
+  cbr_rules                                                  = var.cbr_rules
 }

solutions/fully-configurable/provider.tf

@@ -1,5 +1,6 @@
 provider "ibm" {
-  ibmcloud_api_key = var.ibmcloud_api_key
-  region           = var.region
-  visibility       = var.provider_visibility
+  ibmcloud_api_key      = var.ibmcloud_api_key
+  region                = var.region
+  visibility            = var.provider_visibility
+  private_endpoint_type = (var.provider_visibility == "private" && var.region == "ca-mon") ? "vpe" : null
 }

solutions/fully-configurable/variables.tf

@@ -29,7 +29,7 @@ variable "existing_resource_group_name" {
 variable "prefix" {
   type        = string
   nullable    = true
-  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and can not contain consecutive hyphens ('--'). Example: prod-us-south. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-app-configuration/tree/main/solutions/fully-configurable/DA-prefix.md)."
+  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and can not contain consecutive hyphens ('--'). Example: prod-us-south. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/prefix.md)."
 
   validation {
     # - null and empty string is allowed
@@ -49,7 +49,7 @@ variable "prefix" {
 
 variable "region" {
   type        = string
-  description = "The region to provision resources to."
+  description = "The region to provision all resources in. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/region) about how to select different regions for different services."
   default     = "us-south"
   nullable    = false
 }
@@ -196,7 +196,7 @@ variable "config_aggregator_enterprise_account_ids_to_assign" {
 # Context-based restriction (CBR)
 ##############################################################
 
-variable "app_config_cbr_rules" {
+variable "cbr_rules" {
   type = list(object({
     description = string
     account_id  = string

tests/pr_test.go

@@ -30,6 +30,8 @@ var validRegions = []string{
 	"us-south",
 	"ca-tor",
 	"br-sao",
+	"eu-fr2",
+	"ca-mon",
 }
 
 func setupOptions(t *testing.T, prefix string, dir string) *testhelper.TestOptions {

variables.tf

@@ -8,13 +8,13 @@ variable "resource_group_id" {
 }
 
 variable "region" {
-  description = "The region to provision the App Configuration service, valid regions are au-syd, jp-osa, jp-tok, eu-de, eu-gb, eu-es, us-east, us-south, ca-tor, br-sao, eu-fr2."
+  description = "The region to provision the App Configuration service, valid regions are au-syd, jp-osa, jp-tok, eu-de, eu-gb, eu-es, us-east, us-south, ca-tor, br-sao, eu-fr2, ca-mon."
   type        = string
   default     = "us-south"
 
   validation {
-    condition     = contains(["au-syd", "jp-osa", "jp-tok", "eu-de", "eu-gb", "eu-es", "us-east", "us-south", "ca-tor", "br-sao", "eu-fr2"], var.region)
-    error_message = "Value for region must be one of the following: ${join(", ", ["jp-osa", "au-syd", "jp-tok", "eu-de", "eu-gb", "eu-es", "us-east", "us-south", "ca-tor", "br-sao", "eu-fr2"])}"
+    condition     = contains(["au-syd", "jp-osa", "jp-tok", "eu-de", "eu-gb", "eu-es", "us-east", "us-south", "ca-tor", "br-sao", "eu-fr2", "ca-mon"], var.region)
+    error_message = "Value for region must be one of the following: ${join(", ", ["jp-osa", "au-syd", "jp-tok", "eu-de", "eu-gb", "eu-es", "us-east", "us-south", "ca-tor", "br-sao", "eu-fr2", "ca-mon"])}"
   }
 }