fix: updated usage section in readme for all the modules (#321)

Ak-sky · web-flow · commit 89e5cfe4d49b · 2023-10-17T09:33:51.000+01:00
diff --git a/README.md b/README.md
@@ -36,21 +36,52 @@ module "ibm_cbr" "zone" {
   source           = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module"
   version          = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
   name             = "zone_for_pg_access"
-  account_id       = data.ibm_iam_account_settings.iam_account_settings.account_id
+  account_id       = "defc0df06b644a9cabc6e44f55b3880s" # pragma: allowlist secret
   zone_description = "Zone created from terraform"
   addresses        = [{type  = "vpc",value = "vpc_crn"}]
 }
 
 module "ibm_cbr" "rule" {
   # replace main with version
-  source           = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module"
+  source           = "terraform-ibm-modules/cbr/ibm//modules/cbr-rule-module"
   version          = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
   name             = "rule_for_pg_access"
   rule_description = "rule from terraform"
   enforcement_mode = "enabled"
-  rule_contexts    = var.rule_contexts
-  resources        = var.pg_resource
-  operations       = []
+  rule_contexts    = [{
+                      attributes = [{
+                        name  = "networkZoneId"
+                        value = "93a51a1debe2674193217209601dde6f" # pragma: allowlist secret
+                      }]
+                     }]
+  resources        = [{
+                      attributes = [
+                        {
+                          name     = "accountId"
+                          value    = "defc0df06b644a9cabc6e44f55b3880s" # pragma: allowlist secret
+                          operator = "stringEquals"
+                        },
+                        {
+                          name     = "resourceGroupId",
+                          value    = "8ce996b5e6ed4592ac0e39f4105351d6" # pragma: allowlist secret
+                          operator = "stringEquals"
+                        },
+                        {
+                          name     = "serviceInstance"
+                          value    = "10732830-c128-48f0-aec6-c9eaa8d10c68" # pragma: allowlist secret
+                          operator = "stringEquals"
+                        },
+                        {
+                          name     = "serviceName"
+                          value    = "cloud-object-storage"
+                          operator = "stringEquals"
+                        }
+                       ]
+                     }]
+  operations       = [{ api_types = [{
+                        api_type_id = "crn:v1:bluemix:public:context-based-restrictions::::api-type:"
+                      }]
+                     }]
 }
 ```
 
diff --git a/modules/cbr-rule-module/README.md b/modules/cbr-rule-module/README.md
@@ -2,6 +2,53 @@
 
 Creates a rule for Context Based Restrictions
 
+### Usage
+
+```hcl
+module "ibm_cbr" "rule" {
+  # replace main with version
+  source           = "terraform-ibm-modules/cbr/ibm//modules/cbr-rule-module"
+  version          = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
+  name             = "rule_for_pg_access"
+  rule_description = "rule from terraform"
+  enforcement_mode = "enabled"
+  rule_contexts    = [{
+                      attributes = [{
+                        name  = "networkZoneId"
+                        value = "afe33d0061b6cea2c2e6f543111f5c8a" # pragma: allowlist secret
+                      }]
+                     }]
+  resources        = [{
+                      attributes = [
+                        {
+                          name     = "accountId"
+                          value    = "defc0df06b644a9cabc6e44f55b3880s"
+                          operator = "stringEquals"
+                        },
+                        {
+                          name     = "resourceGroupId",
+                          value    = "8ce996b5e6ed4592ac0e39f4105351d6" # pragma: allowlist secret
+                          operator = "stringEquals"
+                        },
+                        {
+                          name     = "serviceInstance"
+                          value    = "10732830-c128-48f0-aec6-c9eaa8d10c68"
+                          operator = "stringEquals"
+                        },
+                        {
+                          name     = "serviceName"
+                          value    = "cloud-object-storage"
+                          operator = "stringEquals"
+                        }
+                       ]
+                     }]
+  operations       = [{ api_types = [{
+                        api_type_id = "crn:v1:bluemix:public:context-based-restrictions::::api-type:"
+                      }]
+                     }]
+}
+```
+
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ### Requirements
 
diff --git a/modules/cbr-service-profile/README.md b/modules/cbr-service-profile/README.md
@@ -2,6 +2,27 @@
 
 Accepts a list of VPC crns / service references to create CBR zones and a list of target services, to create the rule matching these profiles.  It supports to target the service using name, account id, tags, resource group.
 
+### Usage
+
+```hcl
+module "cbr_rule_multi_service_profile" {
+  source           = "terraform-ibm-modules/cbr/ibm//modules/multi-service-profile"
+  version          = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
+  prefix                 = "multi-service-profile"
+  zone_service_ref_list  = ["cloud-object-storage", "containers-kubernetes", "server-protect"]
+  zone_vpc_crn_list      = ["crn:v1:bluemix:public:is:us-south:a/abac0df06b644a9cabc6e44f55b3880e::vpc:r006-069c6449-03a9-49f1-9070-4d23fc79285e"]
+  target_service_details = [
+                            {
+                              target_service_name = "secrets-manager",
+                              target_rg           = "a8cff104f1764e98aac9ab879198230a" # pragma: allowlist secret
+                              enforcement_mode    = "report"
+                            }
+                           ]
+  endpoints              = "private"
+  location               = "us-south"
+}
+```
+
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ### Requirements
 
diff --git a/modules/cbr-zone-module/README.md b/modules/cbr-zone-module/README.md
@@ -2,6 +2,19 @@
 
 Creates a zone for Context Based Restrictions
 
+### Usage
+
+```hcl
+module "ibm_cbr" "zone" {
+  source           = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module"
+  version          = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
+  name             = "zone_for_pg_access"
+  account_id       = "defc0df06b644a9cabc6e44f55b3880s"
+  zone_description = "Zone created from terraform"
+  addresses        = [{type  = "vpc",value = "vpc_crn"}]
+}
+```
+
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ### Requirements
 
diff --git a/modules/fscloud/README.md b/modules/fscloud/README.md
@@ -20,6 +20,41 @@ Important: In order to avoid unexpected breakage in the account against which th
 ## Note
 The services 'compliance', 'directlink', 'iam-groups', 'containers-kubernetes', 'user-management' does not support restriction per location.
 
+### Usage
+
+```hcl
+module "cbr_fscloud" {
+  source           = "terraform-ibm-modules/cbr/ibm//modules/fscloud"
+  version          = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
+  prefix                           = "fs-cbr"
+  zone_vpc_crn_list                = ["crn:v1:bluemix:public:is:us-south:a/abac0df06b644a9cabc6e44f55b3880e::vpc:r006-069c6449-03a9-49f1-9070-4d23fc79285e"]
+
+  # True or False to set prewired rule
+  allow_cos_to_kms                 = true
+  allow_block_storage_to_kms       = true
+  allow_roks_to_kms                = true
+  allow_icd_to_kms                 = true
+  allow_vpcs_to_container_registry = true
+  allow_vpcs_to_cos                = true
+  allow_at_to_cos                  = true
+  allow_iks_to_is                  = true
+
+  # Will skip the zone creation for service ref. present in the list
+  skip_specific_services_for_zone_creation = ["user-management", "iam-groups"]
+
+  target_service_details = {
+                            "kms" = {
+                              "enforcement_mode" = "enabled"
+                           }}
+
+  custom_rule_contexts_by_service = {
+                                    "schematics" = [{
+                                      endpointType = "public"
+                                      zone_ids     = "93a51a1debe2674193217209601dde6f" # pragma: allowlist secret
+                                    }]
+                                  }
+}
+```
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ### Requirements
