fix: fixed bug where prefix was not being used in instance name in the DA (#76)

kierramarie · web-flow · commit 1b8cf96b0d72 · 2025-08-07T18:27:49.000+01:00
diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -23,14 +23,14 @@
         "log"
       ],
       "short_description": "Creates and configures an instance of IBM Cloud Logs",
-      "long_description": "This architecture supports creating and configuring [IBM Cloud Logs](https://www.ibm.com/products/cloud-logs) resources. IBM Cloud Logs is a scalable logging service that persists logs and provides users with capabilities for querying, tailing, and visualizing logs. \n  Logs are comprised of events that are typically human-readable and have different formats, for example, unstructured text, JSON, delimiter-separated values, key-value pairs, and so on. The IBM Cloud Logs service can manage general purpose application logs, platform logs, or structured audit events. IBM Cloud Logs can be used with logs from both IBM Cloud services and customer applications.",
+      "long_description": "This architecture supports creating and configuring [IBM Cloud Logs](https://www.ibm.com/products/cloud-logs) resources. IBM Cloud Logs is a scalable logging service that persists logs and provides users with capabilities for querying, tailing, and visualizing logs. \n  Logs are comprised of events that are typically human-readable and have different formats, for example, unstructured text, JSON, delimiter-separated values, key-value pairs, and so on. The IBM Cloud Logs service can manage general purpose application logs, platform logs, or structured audit events. IBM Cloud Logs can be used with logs from both IBM Cloud services and customer applications.\n\nℹ️ This Terraform-based automation is part of a broader suite of IBM-maintained Infrastructure as Code (IaC) assets, each following the naming pattern \"Cloud automation for servicename\" and focusing on single IBM Cloud service. These single-service deployable architectures can be used on their own to streamline and automate service deployments through an [IaC approach](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-understanding-projects), or assembled together into a broader [automated IaC stack](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-config-stack) to automate the deployment of an end-to-end solution architecture.",
       "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-cloud-logs/blob/main/README.md",
       "offering_icon_url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-cloud-logs/refs/heads/main/images/cloud-logs-icon.svg",
       "provider_name": "IBM",
       "features": [
         {
           "title": "Cloud Logs",
-          "description": "Get started with provisioning an instance of IBM Cloud Logs. Explore more about IBM Cloud Logs [here](https://www.ibm.com/products/cloud-logs)."
+          "description": "Get started with provisioning an instance of IBM Cloud Logs. Explore more about IBM Cloud Logs [here](https://cloud.ibm.com/docs/cloud-logs?topic=cloud-logs-getting-started)."
         },
         {
           "title": "Object Storage buckets for Cloud Logs",
@@ -49,7 +49,7 @@
           "description": "Creates and configures policies for the Cloud Logs instance."
         }
       ],
-      "support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in that repository [https://github.com/terraform-ibm-modules/terraform-ibm-cloud-logs/issues](https://github.com/terraform-ibm-modules/terraform-ibm-cloud-logs/issues). Please note this product is not supported via the IBM Cloud Support Center.",
+      "support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in that repository [here](https://github.com/terraform-ibm-modules/terraform-ibm-cloud-logs/issues). Please note this product is not supported via the IBM Cloud Support Center.",
       "flavors": [
         {
           "label": "Fully configurable",
@@ -345,26 +345,26 @@
               ]
             },
             {
-              "role_crns": [
-                "crn:v1:bluemix:public:iam::::role:Administrator"
-              ],
-              "service_name": "iam-identity",
-              "notes": "[Optional] Required if creating COS buckets in a separate account from the account Cloud Logs is created in."
+              "role_crns": ["crn:v1:bluemix:public:iam::::role:Viewer"],
+              "service_name": "Resource group only",
+              "notes": "Viewer access is required in the resource group you want to provision in."
+            },
+            {
+              "role_crns": ["crn:v1:bluemix:public:iam::::role:Administrator"],
+              "service_name": "All Account Management services",
+              "notes": "[Optional] Required for consuming Account Configuration deployable architecture which creates resource group."
+            },
+            {
+              "role_crns": ["crn:v1:bluemix:public:iam::::role:Administrator"],
+              "service_name": "All Identity and Access enabled services",
+              "notes": "[Optional] Required for consuming Account Configuration deployable architecture which creates resource group with account setting."
             }
           ],
           "architecture": {
             "features": [
               {
-                "title": "cloud logs instance",
-                "description": "Creates and configures an instance of cloud logs."
-              },
-              {
-                "title": "KMS Keys and Key Rings",
-                "description": "Supports the creation of Keys and Key Rings for encrypting object storage bucket."
-              },
-              {
-                "title": "Object Storage buckets",
-                "description": "Creates buckets required for the Cloud Logs instance."
+                "title": " ",
+                "description": "Configured to use IBM secure by default standards, but can be edited to fit your use case."
               }
             ],
             "diagrams": [
@@ -374,7 +374,7 @@
                   "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-cloud-logs/refs/heads/main/reference-architecture/deployable-architecture-cloud-logs.svg",
                   "type": "image/svg+xml"
                 },
-                "description": "This solution deploys an IBM Cloud Logs instance on IBM Cloud.<br><br> It creates an IBM Cloud Object Storage instance and provisions a storage bucket required to store logs and metrics data. Alternatively, you can provide details of an existing IBM Cloud Object Storage instance. <br><br> In addition, it enables encryption for the object storage bucket by provisioning an IBM Key Protect service instance, where a Key Ring and associated Key are created to manage encryption through IBM Cloud Key Management Services (KMS). You can also choose to provide an existing KMS instance.<br><br>"
+                "description": "This architecture supports the creation and configuration of an IBM Cloud Logs instance.<br><br> A Cloud Object Storage (COS) instance is required for this topology. Within this instance, two Object Storage buckets will be created to store logs and metrics data. The [Cloud automation for Object Storage](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-cos-68921490-2778-4930-ac6d-bae7be6cd958-global) architecture supports the provisioning of a Cloud Object Storage instance. Alternatively, you can provide the details of an existing Cloud Object Storage instance.<br><br> Additionally, the Object Storage buckets can be encrypted using IBM Cloud Key Management Services (KMS) to enhance security. The [Cloud automation for Key Protect](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-kms-2cad4789-fa90-4886-9c9e-857081c273ee-global) architecture supports the provisioning of a KMS instance where a Key Ring and associated Key will be created by this solution to manage encryption. Alternatively, you may choose to provide the details of an existing KMS instance."
               }
             ]
           },
@@ -717,12 +717,6 @@
                 "crn:v1:bluemix:public:iam::::role:Editor"
               ]
             },
-            {
-              "service_name": "resource-group",
-              "role_crns": [
-                "crn:v1:bluemix:public:iam::::role:Viewer"
-              ]
-            },
             {
               "service_name": "event-notifications",
               "role_crns": [
@@ -731,62 +725,16 @@
               ]
             },
             {
-              "role_crns": [
-                "crn:v1:bluemix:public:iam::::role:Administrator"
-              ],
-              "service_name": "iam-identity",
-              "notes": "[Optional] Required if creating COS buckets in a separate account from the account Cloud Logs is created in."
+              "role_crns": ["crn:v1:bluemix:public:iam::::role:Viewer"],
+              "service_name": "Resource group only",
+              "notes": "Viewer access is required in the resource group you want to provision in."
             }
           ],
           "architecture": {
             "features": [
               {
-                "title": "Cloud Logs instance creation",
-                "description": "Yes"
-              },
-              {
-                "title": "Use existing Cloud Logs instance",
-                "description": "No"
-              },
-              {
-                "title": "New resource group creation",
-                "description": "No"
-              },
-              {
-                "title": "Use existing resource group",
-                "description": "Yes"
-              },
-              {
-                "title": "COS instance creation",
-                "description": "No"
-              },
-              {
-                "title": "COS bucket creation",
-                "description": "Yes"
-              },
-              {
-                "title": "Enforced KMS encryption",
-                "description": "Yes"
-              },
-              {
-                "title": "KMS instance creation",
-                "description": "No"
-              },
-              {
-                "title": "KMS key ring and key creation",
-                "description": "Yes"
-              },
-              {
-                "title": "Use existing KMS key",
-                "description": "Yes"
-              },
-              {
-                "title": "IAM s2s auth policies creation",
-                "description": "Yes"
-              },
-              {
-                "title": "Event Notifications integration",
-                "description": "Yes"
+                "title": " ",
+                "description": "Configured to use IBM secure by default standards that can't be changed."
               }
             ],
             "diagrams": [
@@ -796,7 +744,7 @@
                   "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-cloud-logs/refs/heads/main/reference-architecture/deployable-architecture-cloud-logs.svg",
                   "type": "image/svg+xml"
                 },
-                "description": "This architecture supports creating and configuring IBM Cloud Logs resources"
+                "description": "This architecture supports the creation and configuration of an IBM Cloud Logs instance.<br><br> An existing Cloud Object Storage (COS) instance is required for this topology. Within this instance, two Object Storage buckets will be created to store logs and metrics data. <br><br> By default, both Object Storage buckets will be encrypted to enhance security."
               }
             ]
           },
diff --git a/reference-architecture/deployable-architecture-cloud-logs.svg b/reference-architecture/deployable-architecture-cloud-logs.svg
diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf
@@ -13,9 +13,10 @@ module "resource_group" {
 #######################################################################################################################
 
 locals {
-  prefix            = var.prefix != null ? trimspace(var.prefix) != "" ? "${var.prefix}-" : "" : ""
-  create_cloud_logs = var.existing_cloud_logs_crn == null
-  cloud_logs_crn    = local.create_cloud_logs ? module.cloud_logs[0].crn : var.existing_cloud_logs_crn
+  prefix                   = var.prefix != null ? trimspace(var.prefix) != "" ? "${var.prefix}-" : "" : ""
+  cloud_logs_instance_name = "${local.prefix}${var.cloud_logs_instance_name}"
+  create_cloud_logs        = var.existing_cloud_logs_crn == null
+  cloud_logs_crn           = local.create_cloud_logs ? module.cloud_logs[0].crn : var.existing_cloud_logs_crn
   # Even though we're only performing a comparison (var.ibmcloud_cos_api_key != null),
   # Terraform treats the entire value as "tainted" due to sensitivity.
   # Later, in the cloud_logs module, where the data_storage input variable is used in a for_each loop,
@@ -30,7 +31,7 @@ module "cloud_logs" {
   source                                 = "../.."
   resource_group_id                      = module.resource_group.resource_group_id
   region                                 = var.region
-  instance_name                          = var.cloud_logs_instance_name
+  instance_name                          = local.cloud_logs_instance_name
   plan                                   = "standard" # not a variable because there is only one option
   resource_tags                          = var.cloud_logs_resource_tags
   access_tags                            = var.cloud_logs_access_tags
diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf
@@ -17,24 +17,33 @@ variable "existing_resource_group_name" {
 variable "prefix" {
   type        = string
   nullable    = true
-  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and can not contain consecutive hyphens ('--'). Example: cl-02. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/prefix.md)"
+  description = "The prefix to be added to all resources created by this solution. To skip using a prefix, set this value to null or an empty string. The prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It should not exceed 16 characters, must not end with a hyphen('-'), and can not contain consecutive hyphens ('--'). Example: prod-0205-icl. [Learn more](https://terraform-ibm-modules.github.io/documentation/#/prefix.md)."
 
   validation {
-    condition = var.prefix == null || var.prefix == "" ? true : alltrue([
-      can(regex("^[a-z][-a-z0-9]*[a-z0-9]$", var.prefix)), length(regexall("--", var.prefix)) == 0
-    ])
+    # - null and empty string is allowed
+    # - Must not contain consecutive hyphens (--): length(regexall("--", var.prefix)) == 0
+    # - Starts with a lowercase letter: [a-z]
+    # - Contains only lowercase letters (a–z), digits (0–9), and hyphens (-)
+    # - Must not end with a hyphen (-): [a-z0-9]
+    condition = (var.prefix == null || var.prefix == "" ? true :
+      alltrue([
+        can(regex("^[a-z][-a-z0-9]*[a-z0-9]$", var.prefix)),
+        length(regexall("--", var.prefix)) == 0
+      ])
+    )
     error_message = "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--')."
   }
 
   validation {
-    condition     = var.prefix == null || var.prefix == "" ? true : length(var.prefix) <= 16
+    # must not exceed 16 characters in length
+    condition     = length(var.prefix) <= 16
     error_message = "Prefix must not exceed 16 characters."
   }
 }
 
 variable "provider_visibility" {
-  description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
   type        = string
+  description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
   default     = "private"
 
   validation {
@@ -245,7 +254,7 @@ variable "existing_cloud_logs_crn" {
 
 variable "cloud_logs_instance_name" {
   type        = string
-  description = "The name of the IBM Cloud Logs instance to create."
+  description = "The name of the IBM Cloud Logs instance to create. If a prefix input variable is specified, the prefix is added to the name in the `<prefix>-<instance_name>` format."
   default     = "cloud-logs"
 }
 
