fix(deps): update DA dependencies + example / tests cleanup

README.md

@@ -155,7 +155,7 @@ You need the following permissions to run this module.
 | <a name="input_data_storage"></a> [data\_storage](#input\_data\_storage) | A logs data bucket and a metrics bucket in IBM Cloud Object Storage to store your IBM Cloud Logs data for long term storage, search, analysis and alerting. | <pre>object({<br/>    logs_data = optional(object({<br/>      enabled              = optional(bool, false)<br/>      bucket_crn           = optional(string)<br/>      bucket_endpoint      = optional(string)<br/>      skip_cos_auth_policy = optional(bool, false)<br/>    }), {})<br/>    metrics_data = optional(object({<br/>      enabled              = optional(bool, false)<br/>      bucket_crn           = optional(string)<br/>      bucket_endpoint      = optional(string)<br/>      skip_cos_auth_policy = optional(bool, false)<br/>    }), {})<br/>    }<br/>  )</pre> | <pre>{<br/>  "logs_data": null,<br/>  "metrics_data": null<br/>}</pre> | no |
 | <a name="input_existing_event_notifications_instances"></a> [existing\_event\_notifications\_instances](#input\_existing\_event\_notifications\_instances) | List of Event Notifications instance details for routing critical events that occur in your IBM Cloud Logs. | <pre>list(object({<br/>    crn                  = string<br/>    integration_name     = optional(string)<br/>    skip_iam_auth_policy = optional(bool, false)<br/>  }))</pre> | `[]` | no |
 | <a name="input_instance_name"></a> [instance\_name](#input\_instance\_name) | The name of the IBM Cloud Logs instance to create. Defaults to 'cloud-logs-<region>' | `string` | `null` | no |
-| <a name="input_logs_routing_tenant_regions"></a> [logs\_routing\_tenant\_regions](#input\_logs\_routing\_tenant\_regions) | Pass a list of regions to create a tenant for that is targetted to the IBM Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. NOTE: You can only have 1 tenant per region in an account. | `list(any)` | `[]` | no |
+| <a name="input_logs_routing_tenant_regions"></a> [logs\_routing\_tenant\_regions](#input\_logs\_routing\_tenant\_regions) | Pass a list of regions to create a tenant for that is targeted to the IBM Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. NOTE: You can only have 1 tenant per region in an account. | `list(any)` | `[]` | no |
 | <a name="input_plan"></a> [plan](#input\_plan) | The IBM Cloud Logs plan to provision. Available: standard | `string` | `"standard"` | no |
 | <a name="input_policies"></a> [policies](#input\_policies) | Configuration of IBM Cloud Logs policies. | <pre>list(object({<br/>    logs_policy_name        = string<br/>    logs_policy_description = optional(string, null)<br/>    logs_policy_priority    = string<br/>    application_rule = optional(list(object({<br/>      name         = string<br/>      rule_type_id = string<br/>    })))<br/>    subsystem_rule = optional(list(object({<br/>      name         = string<br/>      rule_type_id = string<br/>    })))<br/>    log_rules = optional(list(object({<br/>      severities = list(string)<br/>    })))<br/>    archive_retention = optional(list(object({<br/>      id = string<br/>    })))<br/>  }))</pre> | `[]` | no |
 | <a name="input_region"></a> [region](#input\_region) | The IBM Cloud region where IBM Cloud logs instance will be created. | `string` | `"us-south"` | no |

examples/advanced/README.md

@@ -5,8 +5,11 @@
 
 Example that configures:
 
-- COS instance and KMS encrypted COS buckets
-- IBM Cloud Logs with Event Notifications integration
+- A new resource group if one is not passed
+- A Key Protect instance and root key
+- 2 Event Notifications instances
+- A COS instance and 2 KMS encrypted COS buckets (one for logs and one for metrics)
+- A context-based restriction (CBR) zone for the Schematics service
+- An IBM Cloud Logs instance with Event Notifications integration
 - IBM Cloud Logs policies
-- Key Protect instance and root key
-- A context-based restriction (CBR) rule to only allow cloud logs to be accessible from schematics
+- A context-based restriction (CBR) rule to only allow Cloud Logs to be accessible from the Schematics zone

ibm_catalog.json

@@ -424,13 +424,13 @@
               ],
               "optional": true,
               "on_by_default": true,
-              "version": "v1.6.4"
+              "version": "v1.7.2"
             },
             {
               "name": "deploy-arch-ibm-cos",
               "description": "Enable this to create an IBM Cloud Object Storage(COS) instance. The buckets to store logs and metrics will be created by the Cloud Logs deployable architecture.",
               "id": "68921490-2778-4930-ac6d-bae7be6cd958-global",
-              "version": "v10.2.1",
+              "version": "v10.2.21",
               "flavors": [
                 "instance"
               ],
@@ -458,7 +458,7 @@
               "name": "deploy-arch-ibm-kms",
               "description": "Enable when you want to create your own root keys to encrypt the buckets.",
               "id": "2cad4789-fa90-4886-9c9e-857081c273ee-global",
-              "version": "v5.1.19",
+              "version": "v5.1.27",
               "flavors": [
                 "fully-configurable"
               ],
@@ -486,11 +486,35 @@
                 }
               ]
             },
+            {
+              "name": "deploy-arch-ibm-event-notifications",
+              "description": "Configures lifecycle notifications for your Cloud Logs instance.",
+              "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
+              "flavors": [
+                "fully-configurable"
+              ],
+              "id": "c7ac3ee6-4f48-4236-b974-b0cd8c624a46-global",
+              "input_mapping": [
+                {
+                  "dependency_input": "prefix",
+                  "version_input": "prefix",
+                  "reference_version": true
+                },
+                {
+                  "dependency_input": "region",
+                  "version_input": "region",
+                  "reference_version": true
+                }
+              ],
+              "optional": true,
+              "on_by_default": true,
+              "version": "v2.7.2"
+            },
             {
               "name": "deploy-arch-ibm-account-infra-base",
               "description": "Enable to create a resource groups by default where all the resources will be provisioned and, when you enable the “with Account Settings” option, it also applies baseline security and governance settings. When disabled, provide your own resource group via the `existing_resource_group_name` input.",
               "id": "63641cec-6093-4b4f-b7b0-98d2f4185cd6-global",
-              "version": "v3.0.7",
+              "version": "v3.0.23",
               "flavors": [
                 "resource-group-only",
                 "resource-groups-with-account-settings"

modules/logs_policy/variables.tf

@@ -3,7 +3,7 @@
 #
 # logs_policy_name -The name of the IBM Cloud Logs policy to create.
 # logs_policy_description - Description of the IBM Cloud Logs policy to create.
-# logs_policy_priority - Select priority to determine the pipeline for the logs. High (priority value) sent to 'Priority insights' (TCO pipleine), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
+# logs_policy_priority - Select priority to determine the pipeline for the logs. High (priority value) sent to 'Priority insights' (TCO pipeline), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
 # application_rule - Define rules for matching applications to include in the policy configuration.
 # subsystem_rule - Define subsystem rules for matching applications to include in the policy configuration.
 # log_rules - Define the log severities to include in the policy configuration.
@@ -104,7 +104,7 @@ variable "policies" {
           can(regex("^[\\p{L}\\p{N}\\p{P}\\p{Z}\\p{S}\\p{M}]+$", rule.name)) && length(rule.name) <= 4096 && length(rule.name) > 1]))
         : true)
     ])
-    error_message = "The name of the subsytem_rule does not meet the required criteria."
+    error_message = "The name of the subsystem_rule does not meet the required criteria."
   }
 
   validation {

solutions/fully-configurable/DA-types.md

@@ -55,7 +55,7 @@ The `cloud_logs_policies` input variable allows you to provide a list of policie
 
 * `logs_policy_name` (required): The unique policy name.
 * `logs_policy_description` (optional): The description of the policy to create.
-* `logs_policy_priority` (required): The priority to determine the pipeline for the logs. Allowed values are: type_unspecified, type_block, type_low, type_medium, type_high. High (priority value) sent to 'Priority insights' (TCO pipleine), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
+* `logs_policy_priority` (required): The priority to determine the pipeline for the logs. Allowed values are: type_unspecified, type_block, type_low, type_medium, type_high. High (priority value) sent to 'Priority insights' (TCO pipeline), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
 * `application_rule` (optional): The rules to include in the policy configuration for matching applications.
 * `subsystem_rule` (optional): The subsystem rules to include in the policy configuration for matching applications.
 * `log_rules` (required): The log severities to include in the policy configuration.
@@ -67,7 +67,7 @@ The `cloud_logs_policies` input variable allows you to provide a list of policie
 [
   {
     logs_policy_name     = "logs-policy-1"
-    logs_policy_description = "Send info and debug logs of the application (name starts with `test-system-app`) and the subsytem (name starts with `test-sub-system`) logs to Store nad search pipeline"
+    logs_policy_description = "Send info and debug logs of the application (name starts with `test-system-app`) and the subsystem (name starts with `test-sub-system`) logs to Store nad search pipeline"
     logs_policy_priority = "type_low"
     application_rule = [{
       name         = "test-system-app"

solutions/fully-configurable/variables.tf

@@ -302,7 +302,7 @@ variable "existing_event_notifications_instances" {
 variable "logs_routing_tenant_regions" {
   type        = list(any)
   default     = []
-  description = "Pass a list of regions to create a tenant for that is targetted to the Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. NOTE: You can only have 1 tenant per region in an account."
+  description = "Pass a list of regions to create a tenant for that is targeted to the Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. NOTE: You can only have 1 tenant per region in an account."
   nullable    = false
 }
 
@@ -317,7 +317,7 @@ variable "skip_logs_routing_auth_policy" {
 #
 # logs_policy_name -The name of the IBM Cloud Logs policy to create.
 # logs_policy_description - Description of the IBM Cloud Logs policy to create.
-# logs_policy_priority - Select priority to determine the pipeline for the logs. High (priority value) sent to 'Priority insights' (TCO pipleine), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
+# logs_policy_priority - Select priority to determine the pipeline for the logs. High (priority value) sent to 'Priority insights' (TCO pipeline), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
 # application_rule - Define rules for matching applications to include in the policy configuration.
 # subsystem_rule - Define subsystem rules for matching applications to include in the policy configuration.
 # log_rules - Define the log severities to include in the policy configuration.
@@ -418,7 +418,7 @@ variable "logs_policies" {
           can(regex("^[\\p{L}\\p{N}\\p{P}\\p{Z}\\p{S}\\p{M}]+$", rule.name)) && length(rule.name) <= 4096 && length(rule.name) > 1]))
         : true)
     ])
-    error_message = "The name of the subsytem_rule does not meet the required criteria."
+    error_message = "The name of the subsystem_rule does not meet the required criteria."
   }
 
   validation {

solutions/security-enforced/variables.tf

@@ -210,7 +210,7 @@ variable "existing_event_notifications_instances" {
 variable "logs_routing_tenant_regions" {
   type        = list(any)
   default     = []
-  description = "Pass a list of regions to create a tenant for that is targetted to the Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. NOTE: You can only have 1 tenant per region in an account."
+  description = "Pass a list of regions to create a tenant for that is targeted to the Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. NOTE: You can only have 1 tenant per region in an account."
   nullable    = false
 }
 
@@ -225,7 +225,7 @@ variable "skip_logs_routing_auth_policy" {
 #
 # logs_policy_name -The name of the IBM Cloud Logs policy to create.
 # logs_policy_description - Description of the IBM Cloud Logs policy to create.
-# logs_policy_priority - Select priority to determine the pipeline for the logs. High (priority value) sent to 'Priority insights' (TCO pipleine), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
+# logs_policy_priority - Select priority to determine the pipeline for the logs. High (priority value) sent to 'Priority insights' (TCO pipeline), Medium to 'Analyze and alert', Low to 'Store and search', Blocked are not sent to any pipeline.
 # application_rule - Define rules for matching applications to include in the policy configuration.
 # subsystem_rule - Define subsystem rules for matching applications to include in the policy configuration.
 # log_rules - Define the log severities to include in the policy configuration.
@@ -326,7 +326,7 @@ variable "logs_policies" {
           can(regex("^[\\p{L}\\p{N}\\p{P}\\p{Z}\\p{S}\\p{M}]+$", rule.name)) && length(rule.name) <= 4096 && length(rule.name) > 1]))
         : true)
     ])
-    error_message = "The name of the subsytem_rule does not meet the required criteria."
+    error_message = "The name of the subsystem_rule does not meet the required criteria."
   }
 
   validation {

tests/other_test.go

@@ -3,11 +3,9 @@ package test
 
 import (
 	"math/rand"
-	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic"
 )
@@ -19,19 +17,10 @@ const basicExampleDir = "examples/basic"
 func TestRunAdvancedExample(t *testing.T) {
 	t.Parallel()
 
-	region := validRegions[rand.Intn(len(validRegions))]
-	prefix := "icl-adv"
-
-	// Verify ibmcloud_api_key variable is set
-	checkVariable := "TF_VAR_ibmcloud_api_key"
-	val, present := os.LookupEnv(checkVariable)
-	require.True(t, present, checkVariable+" environment variable not set")
-	require.NotEqual(t, "", val, checkVariable+" environment variable is empty")
-
 	options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
 		Testing: t,
-		Region:  region,
-		Prefix:  prefix,
+		Region:  validRegions[rand.Intn(len(validRegions))],
+		Prefix:  "icl-adv",
 		TarIncludePatterns: []string{
 			"*.tf",
 			"modules/logs_policy" + "/*.tf",
@@ -42,11 +31,12 @@ func TestRunAdvancedExample(t *testing.T) {
 		Tags:                   []string{"icl-adv-test"},
 		DeleteWorkspaceOnFail:  false,
 		WaitJobCompleteMinutes: 60,
+		TerraformVersion:       terraformVersion,
 	})
 
 	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
 		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
-		{Name: "region", Value: region, DataType: "string"},
+		{Name: "region", Value: options.Region, DataType: "string"},
 		{Name: "resource_group", Value: resourceGroup, DataType: "string"},
 		{Name: "resource_tags", Value: options.Tags, DataType: "list(string)"},
 		{Name: "access_tags", Value: permanentResources["accessTags"], DataType: "list(string)"},
@@ -57,21 +47,16 @@ func TestRunAdvancedExample(t *testing.T) {
 	assert.Nil(t, err, "This should not have errored")
 }
 
-func setupOptions(t *testing.T, prefix string, dir string) *testhelper.TestOptions {
+func TestRunBasicExample(t *testing.T) {
+	t.Parallel()
+
 	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
 		Testing:       t,
-		TerraformDir:  dir,
-		Prefix:        prefix,
+		TerraformDir:  "icl-basic",
+		Prefix:        basicExampleDir,
 		ResourceGroup: resourceGroup,
 		Region:        validRegions[rand.Intn(len(validRegions))],
 	})
-	return options
-}
-
-func TestRunBasicExample(t *testing.T) {
-	t.Parallel()
-
-	options := setupOptions(t, "icl-basic", basicExampleDir)
 
 	output, err := options.RunTestConsistency()
 	assert.Nil(t, err, "This should not have errored")