diff --git a/.catalog-onboard-pipeline.yaml b/.catalog-onboard-pipeline.yaml index d53da4d..005d46e 100644 --- a/.catalog-onboard-pipeline.yaml +++ b/.catalog-onboard-pipeline.yaml @@ -13,3 +13,6 @@ offerings: # instance_id: 1c7d5f78-9262-44c3-b779-b28fe4d88c37 # region: us-south # scope_resource_group_var_name: existing_resource_group_name + - name: metrics-routing-account-settings + mark_ready: true + install_type: fullstack diff --git a/ibm_catalog.json b/ibm_catalog.json index 113e90a..8bb9c9d 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -180,6 +180,9 @@ { "key": "enable_metrics_routing_to_cloud_monitoring" }, + { + "key": "enable_primary_metadata_region" + }, { "key": "metrics_routing_route_name" }, @@ -232,12 +235,8 @@ "architecture": { "features": [ { - "title": "Cloud Monitoring instance", - "description": "Creates and configures an instance of cloud monitoring." - }, - { - "title": "Metric Routing route and target", - "description": "Configures an IBM Cloud Metrics Routing route with a cloud monitoring target." + "title": " ", + "description": "Configures IBM Cloud Monitoring and Metrics Routing route with a cloud monitoring target." } ], "diagrams": [ @@ -247,7 +246,7 @@ "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-cloud-monitoring/refs/heads/main/reference-architecture/deployable-architecture-cloud-monitoring.svg", "type": "image/svg+xml" }, - "description": "This architecture supports creating and configuring IBM Cloud Monitoring resources & Metrics Routing route with a cloud monitoring target" + "description": "This architecture supports creating and configuring IBM Cloud Monitoring resources & Metrics Routing route with a cloud monitoring target." } ] }, @@ -280,6 +279,97 @@ ], "dependency_version_2": true, "terraform_version": "1.10.5" + }, + { + "label": "Metrics Routing account settings", + "name": "metrics-routing-account-settings", + "index": 2, + "install_type": "fullstack", + "working_directory": "solutions/metrics-routing-account-settings", + "configuration": [ + { + "key": "ibmcloud_api_key" + }, + { + "key": "default_targets", + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } + }, + { + "key": "primary_metadata_region" + }, + { + "key": "backup_metadata_region" + }, + { + "key": "permitted_target_regions", + "custom_config": { + "grouping": "deployment", + "original_grouping": "deployment", + "config_constraints": { + "type": "string" + } + } + }, + { + "key": "private_api_endpoint_only" + }, + { + "key": "provider_visibility", + "hidden": true, + "options": [ + { + "displayname": "private", + "value": "private" + }, + { + "displayname": "public", + "value": "public" + }, + { + "displayname": "public-and-private", + "value": "public-and-private" + } + ] + } + ], + "iam_permissions": [ + { + "service_name": "All account management services", + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ] + }, + { + "service_name": "metrics-router", + "role_crns": [ + "crn:v1:bluemix:public:iam::::role:Administrator" + ] + } + ], + "architecture": { + "features": [ + { + "title": " ", + "description": "Configures account settings for IBM Cloud Metrics Routing." + } + ], + "diagrams": [ + { + "diagram": { + "caption": "Metrics Routing account settings", + "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-cloud-monitoring/refs/heads/main/reference-architecture/deployable-architecture-account-settings.svg", + "type": "image/svg+xml" + }, + "description": "This architecture supports configuring the IBM Cloud Metrics Routing Account Settings." + } + ] + } } ] } diff --git a/modules/metrics_routing/README.md b/modules/metrics_routing/README.md index 2be91b4..aae906a 100644 --- a/modules/metrics_routing/README.md +++ b/modules/metrics_routing/README.md @@ -101,7 +101,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [metrics\_router\_routes](#input\_metrics\_router\_routes) | List of routes for IBM Metrics Router | 
list(object({
    name = string
    rules = list(object({
      action = optional(string, "send")
      targets = optional(list(object({
        id = string
      })))
      inclusion_filters = list(object({
        operand  = string
        operator = string
        values   = list(string)
      }))
    }))
  }))
| `[]` | no | -| [metrics\_router\_settings](#input\_metrics\_router\_settings) | The global account settings for Metrics Routing. To configure metrics routing, the account must have a `primary_metadata_region` set. You will be unable to view the account settings in the UI if `private_api_endpoint_only` is set to true. For more information, see https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui. | 
object({
    permitted_target_regions  = optional(list(string))
    primary_metadata_region   = optional(string)
    backup_metadata_region    = optional(string)
    private_api_endpoint_only = optional(bool, false)
    default_targets = optional(list(object({
      id = string
    })))
  })
| `null` | no | +| [metrics\_router\_settings](#input\_metrics\_router\_settings) | The global account settings for Metrics Routing. To configure metrics routing, the account must have a `primary_metadata_region` set. You will be unable to view the account settings in the UI if `private_api_endpoint_only` is set to true. For more information, see https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui. | 
object({
    permitted_target_regions  = optional(list(string), [])
    primary_metadata_region   = optional(string)
    backup_metadata_region    = optional(string)
    private_api_endpoint_only = optional(bool, false)
    default_targets           = optional(list(string), [])
  })
| `null` | no | | [metrics\_router\_targets](#input\_metrics\_router\_targets) | List of Metrics Router targets to be created. | 
list(object({
    destination_crn                 = string
    target_name                     = string
    target_region                   = optional(string)
    skip_metrics_router_auth_policy = optional(bool, false)
  }))
| `[]` | no | ### Outputs diff --git a/modules/metrics_routing/main.tf b/modules/metrics_routing/main.tf index 2952a4f..3ddc370 100644 --- a/modules/metrics_routing/main.tf +++ b/modules/metrics_routing/main.tf @@ -73,7 +73,7 @@ resource "ibm_metrics_router_settings" "metrics_router_settings" { dynamic "default_targets" { for_each = var.metrics_router_settings.default_targets content { - id = default_targets.value.id + id = default_targets.value } } permitted_target_regions = var.metrics_router_settings.permitted_target_regions diff --git a/modules/metrics_routing/variables.tf b/modules/metrics_routing/variables.tf index 93f30de..4b3e5dc 100644 --- a/modules/metrics_routing/variables.tf +++ b/modules/metrics_routing/variables.tf @@ -50,13 +50,11 @@ variable "metrics_router_routes" { variable "metrics_router_settings" { type = object({ - permitted_target_regions = optional(list(string)) + permitted_target_regions = optional(list(string), []) primary_metadata_region = optional(string) backup_metadata_region = optional(string) private_api_endpoint_only = optional(bool, false) - default_targets = optional(list(object({ - id = string - }))) + default_targets = optional(list(string), []) }) description = "The global account settings for Metrics Routing. To configure metrics routing, the account must have a `primary_metadata_region` set. You will be unable to view the account settings in the UI if `private_api_endpoint_only` is set to true. For more information, see https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui." default = null diff --git a/reference-architecture/deployable-architecture-account-settings.svg b/reference-architecture/deployable-architecture-account-settings.svg new file mode 100644 index 0000000..6b5d402 --- /dev/null +++ b/reference-architecture/deployable-architecture-account-settings.svg @@ -0,0 +1,4 @@ + + + +IBM Cloud
IBM Cloud Metrics Router Setting
IBM Cloud Metrics Router SettingText is not SVG - cannot display diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf index 10c7c99..9775415 100644 --- a/solutions/fully-configurable/main.tf +++ b/solutions/fully-configurable/main.tf @@ -30,6 +30,7 @@ locals { cloud_monitoring_instance_name = "${local.prefix}${var.cloud_monitoring_instance_name}" metrics_router_target_name = "${local.prefix}${var.metrics_routing_target_name}" metrics_router_route_name = "${local.prefix}${var.metrics_routing_route_name}" + default_metrics_router_route = var.enable_metrics_routing_to_cloud_monitoring ? [{ name = local.metrics_router_route_name rules = [{ @@ -68,5 +69,6 @@ module "metrics_routing" { } ] - metrics_router_routes = length(var.metrics_router_routes) != 0 ? var.metrics_router_routes : local.default_metrics_router_route + metrics_router_routes = length(var.metrics_router_routes) != 0 ? var.metrics_router_routes : local.default_metrics_router_route + metrics_router_settings = var.enable_primary_metadata_region ? { primary_metadata_region = var.region } : null } diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf index e2a1115..3d4526d 100644 --- a/solutions/fully-configurable/variables.tf +++ b/solutions/fully-configurable/variables.tf @@ -121,6 +121,12 @@ variable "enable_metrics_routing_to_cloud_monitoring" { default = true } +variable "enable_primary_metadata_region" { + type = bool + description = "When set to `true`, sets `primary_metadata_region` to `region`, storing Metrics Router metadata in that region. When `false`, no region is set and the default global region is used. For new accounts, creating targets and routes will fail until primary_metadata_region is set, so it is recommended to default enable_primary_metadata_region to true. [Learn more](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-getting-started#configuring_account_settings)." + default = true +} + variable "metrics_router_routes" { type = list(object({ name = string @@ -137,7 +143,7 @@ variable "metrics_router_routes" { })) })) default = [] - description = "Routes for IBM Cloud Metrics Routing. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-observability-da/blob/main/solutions/instances/DA-types.md#metrics-router-routes-)" + description = "Routes for IBM Cloud Metrics Routing. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-cloud-monitoring/blob/main/solutions/fully-configurable/DA-types.md#metrics-router-routes-)" } variable "cbr_rules" { diff --git a/solutions/metrics-routing-account-settings/README.md b/solutions/metrics-routing-account-settings/README.md new file mode 100644 index 0000000..c1b144a --- /dev/null +++ b/solutions/metrics-routing-account-settings/README.md @@ -0,0 +1,3 @@ +# Cloud automation for Cloud Monitoring (Metrics Router Account Settings) + +:exclamation: **Important:** This solution is not intended to be called by other modules because it contains a provider configuration and is not compatible with the `for_each`, `count`, and `depends_on` arguments. For more information, see [Providers Within Modules](https://developer.hashicorp.com/terraform/language/modules/develop/providers). diff --git a/solutions/metrics-routing-account-settings/catalogValidationValues.json.template b/solutions/metrics-routing-account-settings/catalogValidationValues.json.template new file mode 100644 index 0000000..f48a7e3 --- /dev/null +++ b/solutions/metrics-routing-account-settings/catalogValidationValues.json.template @@ -0,0 +1,3 @@ +{ + "ibmcloud_api_key": $VALIDATION_APIKEY +} diff --git a/solutions/metrics-routing-account-settings/main.tf b/solutions/metrics-routing-account-settings/main.tf new file mode 100644 index 0000000..9374d99 --- /dev/null +++ b/solutions/metrics-routing-account-settings/main.tf @@ -0,0 +1,15 @@ +####################################################################################################################### +# IBM Cloud Metrics Routing +####################################################################################################################### + +module "metrics_router_account_settings" { + source = "../../modules/metrics_routing" + + metrics_router_settings = { + default_targets = var.default_targets + permitted_target_regions = var.permitted_target_regions + primary_metadata_region = var.primary_metadata_region + backup_metadata_region = var.backup_metadata_region + private_api_endpoint_only = var.private_api_endpoint_only + } +} diff --git a/solutions/metrics-routing-account-settings/outputs.tf b/solutions/metrics-routing-account-settings/outputs.tf new file mode 100644 index 0000000..5a5d092 --- /dev/null +++ b/solutions/metrics-routing-account-settings/outputs.tf @@ -0,0 +1,8 @@ +############################################################################## +# Outputs +############################################################################## + +output "metrics_router_account_settings" { + description = "IBM Cloud metrics router account settings." + value = module.metrics_router_account_settings.metrics_router_settings +} diff --git a/solutions/metrics-routing-account-settings/providers.tf b/solutions/metrics-routing-account-settings/providers.tf new file mode 100644 index 0000000..a9bbe5d --- /dev/null +++ b/solutions/metrics-routing-account-settings/providers.tf @@ -0,0 +1,8 @@ +######################################################################################################################## +# Provider config +######################################################################################################################## + +provider "ibm" { + ibmcloud_api_key = var.ibmcloud_api_key + visibility = var.provider_visibility +} diff --git a/solutions/metrics-routing-account-settings/variables.tf b/solutions/metrics-routing-account-settings/variables.tf new file mode 100644 index 0000000..6bf33b2 --- /dev/null +++ b/solutions/metrics-routing-account-settings/variables.tf @@ -0,0 +1,54 @@ +######################################################################################################################## +# Common variables +######################################################################################################################## + +variable "ibmcloud_api_key" { + type = string + description = "The IBM Cloud API key with access to configure Metrics Routing account settings." + sensitive = true +} + +variable "provider_visibility" { + description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)." + type = string + default = "private" + + validation { + condition = contains(["public", "private", "public-and-private"], var.provider_visibility) + error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'." + } +} + +######################################################################################################################## +# IBM Cloud Metrics Routing +######################################################################################################################## + +variable "default_targets" { + description = "Where metrics that are not explicitly managed in the account's routing rules are routed. You can define up to 2 default targets per account. Consider defining a second default target to collect data in a backup location." + type = list(string) + default = [] +} + +variable "primary_metadata_region" { + description = "Storage location for target, route, and settings metadata in your IBM Cloud account. To store all configuration metadata in a single region, set this value explicitly. For new accounts, creating targets and routes will fail until `primary_metadata_region` is set. If set to `null`, no change is made to the current value." + type = string + default = null +} + +variable "backup_metadata_region" { + description = "You can also configure a backup location where the metadata is stored for recovery purposes. The `backup_metadata_region` can't be the same as `primary_metadata_region`." + type = string + default = null +} + +variable "permitted_target_regions" { + description = "Controls where targets collecting platform metrics can be located. To allow targets in any region (i.e., No restrictions), configure this field as an empty list `[]`." + type = list(string) + default = [] +} + +variable "private_api_endpoint_only" { + description = "Public endpoints can be disabled for managing IBM Cloud Metrics Routing configuration via the CLI or REST API. When public endpoints are disabled, the IBM Cloud Metrics Routing UI will be inaccessible." + type = bool + default = false +} diff --git a/solutions/metrics-routing-account-settings/version.tf b/solutions/metrics-routing-account-settings/version.tf new file mode 100644 index 0000000..437cc4d --- /dev/null +++ b/solutions/metrics-routing-account-settings/version.tf @@ -0,0 +1,9 @@ +terraform { + required_version = ">= 1.9.0" + required_providers { + ibm = { + source = "ibm-cloud/ibm" + version = "1.76.1" + } + } +} diff --git a/tests/pr_test.go b/tests/pr_test.go index d1bc5ee..bea7dfa 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -15,6 +15,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/common" + "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic" ) @@ -22,6 +23,11 @@ import ( const resourceGroup = "geretain-test-resources" const fullyconfigurableDADir = "solutions/fully-configurable" +const AccountSettingsDADir = "solutions/metrics-routing-account-settings" + +var IgnoreUpdates = []string{ + "module.metrics_routing[0].ibm_metrics_router_settings.metrics_router_settings[0]", +} var validRegions = []string{ "au-syd", @@ -63,10 +69,14 @@ func TestRunFullyConfigurable(t *testing.T) { "modules/metrics_routing" + "/*.tf", fullyconfigurableDADir + "/*.tf", }, + TemplateFolder: fullyconfigurableDADir, Tags: []string{"icm-da-test"}, DeleteWorkspaceOnFail: false, WaitJobCompleteMinutes: 60, + IgnoreUpdates: testhelper.Exemptions{ // Ignore for consistency check + List: IgnoreUpdates, + }, }) options.TerraformVars = []testschematic.TestSchematicTerraformVar{ @@ -166,3 +176,37 @@ func TestRunUpgradeFullyConfigurable(t *testing.T) { logger.Log(t, "END: Destroy (prereq resources)") } } + +func TestRunAccountSettings(t *testing.T) { + t.Parallel() + + prefix := "mr" + + // Verify ibmcloud_api_key variable is set + checkVariable := "TF_VAR_ibmcloud_api_key" + val, present := os.LookupEnv(checkVariable) + require.True(t, present, checkVariable+" environment variable not set") + require.NotEqual(t, "", val, checkVariable+" environment variable is empty") + + options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ + Testing: t, + Prefix: prefix, + TarIncludePatterns: []string{ + "*.tf", + "modules/metrics_routing" + "/*.tf", + AccountSettingsDADir + "/*.tf", + }, + TemplateFolder: AccountSettingsDADir, + Tags: []string{"mr-da-test"}, + DeleteWorkspaceOnFail: false, + WaitJobCompleteMinutes: 60, + }) + + options.TerraformVars = []testschematic.TestSchematicTerraformVar{ + {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, + {Name: "primary_metadata_region", Value: "eu-de", DataType: "string"}, + } + + err := options.RunSchematicTest() + assert.Nil(t, err, "This should not have errored") +}