Add account settings variation

ibm_catalog.json

@@ -175,6 +175,9 @@
             {
               "key": "enable_metrics_routing_to_cloud_monitoring"
             },
+            {
+              "key": "enable_primary_metadata_region"
+            },
             {
               "key": "metrics_routing_route_name"
             },
@@ -227,12 +230,8 @@
           "architecture": {
             "features": [
               {
-                "title": "Cloud Monitoring instance",
-                "description": "Creates and configures an instance of cloud monitoring."
-              },
-              {
-                "title": "Metric Routing route and target",
-                "description": "Configures an IBM Cloud Metrics Routing route with a cloud monitoring target."
+                "title": " ",
+                "description": "Configured to use IBM secure by default standards, but can be edited to fit your use case."
               }
             ],
             "diagrams": [
@@ -275,6 +274,88 @@
           ],
           "dependency_version_2": true,
           "terraform_version": "1.10.5"
+        },
+        {
+          "label": "Metrics Router account settings",
+          "name": "metrics-router-account-settings",
+          "index": 2,
+          "install_type": "fullstack",
+          "working_directory": "solutions/metrics-router-account-settings",
+          "configuration": [
+            {
+              "key": "ibmcloud_api_key"
+            },
+            {
+              "key": "region"
+            },
+            {
+              "key": "default_targets"
+            },
+            {
+              "key": "primary_metadata_region"
+            },
+            {
+              "key": "backup_metadata_region"
+            },
+            {
+              "key": "permitted_target_regions"
+            },
+            {
+              "key": "private_api_endpoint_only"
+            },
+            {
+              "key": "provider_visibility",
+              "hidden": true,
+              "options": [
+                {
+                  "displayname": "private",
+                  "value": "private"
+                },
+                {
+                  "displayname": "public",
+                  "value": "public"
+                },
+                {
+                  "displayname": "public-and-private",
+                  "value": "public-and-private"
+                }
+              ]
+            }
+          ],
+          "iam_permissions": [
+            {
+              "service_name": "All account management services",
+              "role_crns": [
+                "crn:v1:bluemix:public:iam::::role:Administrator"
+              ],
+              "notes": "Required for setting up foundational IBM Cloud account components such as IAM settings, trusted profiles, access groups, and resource groups."
+            },
+            {
+              "service_name": "metrics-router",
+              "role_crns": [
+                "crn:v1:bluemix:public:iam::::role:Administrator"
+              ],
+              "notes": "Required for managing metrics router account settings."
+            }
+          ],
+          "architecture": {
+            "features": [
+              {
+                "title": " ",
+                "description": "Configured to use IBM secure by default standards, but can be edited to fit your use case."
+              }
+            ],
+            "diagrams": [
+              {
+                "diagram": {
+                  "caption": "Metrics Router Account Settings",
+                  "url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-cloud-monitoring/refs/heads/main/reference-architecture/deployable-architecture-account-settings.svg",
+                  "type": "image/svg+xml"
+                },
+                "description": "This architecture supports configuring the IBM Cloud Metrics Router Account Settings."
+              }
+            ]
+          }
         }
       ]
     }

modules/metrics_routing/README.md

@@ -101,7 +101,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_metrics_router_routes"></a> [metrics\_router\_routes](#input\_metrics\_router\_routes) | List of routes for IBM Metrics Router | <pre>list(object({<br/>    name = string<br/>    rules = list(object({<br/>      action = optional(string, "send")<br/>      targets = optional(list(object({<br/>        id = string<br/>      })))<br/>      inclusion_filters = list(object({<br/>        operand  = string<br/>        operator = string<br/>        values   = list(string)<br/>      }))<br/>    }))<br/>  }))</pre> | `[]` | no |
-| <a name="input_metrics_router_settings"></a> [metrics\_router\_settings](#input\_metrics\_router\_settings) | The global account settings for Metrics Routing. To configure metrics routing, the account must have a `primary_metadata_region` set. You will be unable to view the account settings in the UI if `private_api_endpoint_only` is set to true. For more information, see https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui. | <pre>object({<br/>    permitted_target_regions  = optional(list(string))<br/>    primary_metadata_region   = optional(string)<br/>    backup_metadata_region    = optional(string)<br/>    private_api_endpoint_only = optional(bool, false)<br/>    default_targets = optional(list(object({<br/>      id = string<br/>    })))<br/>  })</pre> | `null` | no |
+| <a name="input_metrics_router_settings"></a> [metrics\_router\_settings](#input\_metrics\_router\_settings) | The global account settings for Metrics Routing. To configure metrics routing, the account must have a `primary_metadata_region` set. You will be unable to view the account settings in the UI if `private_api_endpoint_only` is set to true. For more information, see https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui. | <pre>object({<br/>    permitted_target_regions  = optional(list(string), [])<br/>    primary_metadata_region   = optional(string)<br/>    backup_metadata_region    = optional(string)<br/>    private_api_endpoint_only = optional(bool, false)<br/>    default_targets = optional(list(object({<br/>      id = string<br/>    })), [])<br/>  })</pre> | `null` | no |
 | <a name="input_metrics_router_targets"></a> [metrics\_router\_targets](#input\_metrics\_router\_targets) | List of Metrics Router targets to be created. | <pre>list(object({<br/>    destination_crn                 = string<br/>    target_name                     = string<br/>    target_region                   = optional(string)<br/>    skip_metrics_router_auth_policy = optional(bool, false)<br/>  }))</pre> | `[]` | no |
 
 ### Outputs

modules/metrics_routing/variables.tf

@@ -50,13 +50,13 @@ variable "metrics_router_routes" {
 
 variable "metrics_router_settings" {
   type = object({
-    permitted_target_regions  = optional(list(string))
+    permitted_target_regions  = optional(list(string), [])
     primary_metadata_region   = optional(string)
     backup_metadata_region    = optional(string)
     private_api_endpoint_only = optional(bool, false)
     default_targets = optional(list(object({
       id = string
-    })))
+    })), [])
   })
   description = "The global account settings for Metrics Routing. To configure metrics routing, the account must have a `primary_metadata_region` set. You will be unable to view the account settings in the UI if `private_api_endpoint_only` is set to true. For more information, see https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui."
   default     = null

solutions/fully-configurable/main.tf

@@ -30,6 +30,7 @@ locals {
   cloud_monitoring_instance_name = "${local.prefix}${var.cloud_monitoring_instance_name}"
   metrics_router_target_name     = "${local.prefix}${var.metrics_routing_target_name}"
   metrics_router_route_name      = "${local.prefix}${var.metrics_routing_route_name}"
+
   default_metrics_router_route = var.enable_metrics_routing_to_cloud_monitoring ? [{
     name = local.metrics_router_route_name
     rules = [{
@@ -68,5 +69,6 @@ module "metrics_routing" {
     }
   ]
 
-  metrics_router_routes = length(var.metrics_router_routes) != 0 ? var.metrics_router_routes : local.default_metrics_router_route
+  metrics_router_routes   = length(var.metrics_router_routes) != 0 ? var.metrics_router_routes : local.default_metrics_router_route
+  metrics_router_settings = var.enable_primary_metadata_region ? { primary_metadata_region = var.region } : null
 }

solutions/fully-configurable/variables.tf

@@ -116,6 +116,12 @@ variable "enable_metrics_routing_to_cloud_monitoring" {
   default     = true
 }
 
+variable "enable_primary_metadata_region" {
+  type        = bool
+  description = "Whether to configure `primary_metadata_region` of the IBM Cloud Metrics Router account settings."
+  default     = false
+}
+
 variable "metrics_router_routes" {
   type = list(object({
     name = string
@@ -132,7 +138,7 @@ variable "metrics_router_routes" {
     }))
   }))
   default     = []
-  description = "Routes for IBM Cloud Metrics Routing. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-observability-da/blob/main/solutions/instances/DA-types.md#metrics-router-routes-)"
+  description = "Routes for IBM Cloud Metrics Routing. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-cloud-monitoring/blob/main/solutions/fully-configurable/DA-types.md#metrics-router-routes-)"
 }
 
 variable "cbr_rules" {

solutions/metrics-router-account-settings/DA-types.md

@@ -0,0 +1,27 @@
+# Configuring complex inputs for Cloud Automation for Cloud Monitoring
+
+Several optional input variables in the IBM Cloud [Cloud Monitoring account settings deployable architecture](https://cloud.ibm.com/catalog#deployable_architecture) use complex object types. You specify these inputs when you configure deployable architecture.
+
+* [Metrics Router Default target](#default_targets) (`default_targets`)
+
+## Default targets <a name="default_targets"></a>
+
+The `default_targets` input variable allows you to provide a list of targets that will be configured as a target for IBM Cloud Metrics Routing. Refer [here](https://cloud.ibm.com/docs/metrics-router?topic=metrics-router-settings-about&interface=ui) for more information.
+
+* Variable name: `default_targets`.
+* Type: A list of objects. Each object represents a target.
+* Default value: An empty list (`[]`).
+
+### Options for default_targets
+
+* `id` (required):  The id of the Cloud Monitoring target.
+
+### Example route for default target configuration
+
+```hcl
+[
+    {
+        id = "c3af557f-fb0e-4476-85c3-0889e7fe7bc4"
+    }
+]
+```

solutions/metrics-router-account-settings/README.md

@@ -0,0 +1,3 @@
+# Cloud automation for Cloud Monitoring (Metrics Router Account Settings)
+
+:exclamation: **Important:** This solution is not intended to be called by other modules because it contains a provider configuration and is not compatible with the `for_each`, `count`, and `depends_on` arguments. For more information, see [Providers Within Modules](https://developer.hashicorp.com/terraform/language/modules/develop/providers).

solutions/metrics-router-account-settings/main.tf

@@ -0,0 +1,15 @@
+#######################################################################################################################
+# IBM Cloud Metrics Routing
+#######################################################################################################################
+
+module "metrics_router_account_settings" {
+  source = "../../modules/metrics_routing"
+
+  metrics_router_settings = {
+    default_targets           = var.default_targets
+    permitted_target_regions  = var.permitted_target_regions
+    primary_metadata_region   = var.primary_metadata_region
+    backup_metadata_region    = var.backup_metadata_region
+    private_api_endpoint_only = var.private_api_endpoint_only
+  }
+}

solutions/metrics-router-account-settings/outputs.tf

@@ -0,0 +1,8 @@
+##############################################################################
+# Outputs
+##############################################################################
+
+output "metrics_router_account_settings" {
+  description = "IBM Cloud metrics router account settings."
+  value       = module.metrics_router_account_settings.metrics_router_settings
+}

solutions/metrics-router-account-settings/providers.tf

@@ -0,0 +1,9 @@
+########################################################################################################################
+# Provider config
+########################################################################################################################
+
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = var.region
+  visibility       = var.provider_visibility
+}

solutions/metrics-router-account-settings/variables.tf

@@ -0,0 +1,62 @@
+########################################################################################################################
+# Common variables
+########################################################################################################################
+
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The IBM Cloud API key to deploy resources."
+  sensitive   = true
+}
+
+variable "provider_visibility" {
+  description = "Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints)."
+  type        = string
+  default     = "private"
+
+  validation {
+    condition     = contains(["public", "private", "public-and-private"], var.provider_visibility)
+    error_message = "Invalid visibility option. Allowed values are 'public', 'private', or 'public-and-private'."
+  }
+}
+
+variable "region" {
+  description = "The IBM Cloud region where Cloud monitoring instance will be created."
+  type        = string
+  default     = "us-south"
+}
+
+########################################################################################################################
+# IBM Cloud Metrics Routing
+########################################################################################################################
+
+variable "default_targets" {
+  description = "The default target locations, that is, 1 or more targets in the account, that will collect metrics from supported IBM Cloud Metrics Routing locations where you have not configured how you want to collect metrics. You can define up to 2 default targets per account. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-cloud-monitoring/blob/main/solutions/metrics-router-account-settings/DA-types.md#default-targets-)"
+  type = list(object({
+    id = string
+  }))
+  default = []
+}
+
+variable "primary_metadata_region" {
+  description = "The location in your IBM Cloud account where the IBM Cloud Metrics Routing account configuration metadata is stored. To store all your meta data in a single region. For new accounts, all target/route creation will fail until `primary_metadata_region` is set."
+  type        = string
+  default     = null
+}
+
+variable "backup_metadata_region" {
+  description = "You can also configure a backup location where the metadata is stored for recovery purposes. The `backup_metadata_region` can't be the same as `primary_metadata_region`."
+  type        = string
+  default     = null
+}
+
+variable "permitted_target_regions" {
+  description = "List of regions where metrics are allowed to be sent."
+  type        = list(string)
+  default     = []
+}
+
+variable "private_api_endpoint_only" {
+  description = "The type of endpoints that are allowed to manage the IBM Cloud Metrics Routing account configuration in the account. By default, public and private endpoints are enabled. When public endpoints are disabled, the IBM Cloud Metrics Routing UI will be inaccessible."
+  type        = bool
+  default     = false
+}

solutions/metrics-router-account-settings/version.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.9.0"
+  required_providers {
+    ibm = {
+      source  = "ibm-cloud/ibm"
+      version = "1.76.1"
+    }
+  }
+}

tests/pr_test.go

@@ -22,6 +22,7 @@ import (
 const resourceGroup = "geretain-test-resources"
 
 const fullyconfigurableDADir = "solutions/fully-configurable"
+const AccountSettingsDADir = "solutions/metrics-router-account-settings"
 
 var validRegions = []string{
 	"au-syd",
@@ -158,3 +159,44 @@ func TestRunUpgradeFullyConfigurable(t *testing.T) {
 		logger.Log(t, "END: Destroy (prereq resources)")
 	}
 }
+
+func TestRunAccountSettings(t *testing.T) {
+	t.Parallel()
+
+	region := validRegions[rand.Intn(len(validRegions))]
+	prefix := "mr"
+
+	// Verify ibmcloud_api_key variable is set
+	checkVariable := "TF_VAR_ibmcloud_api_key"
+	val, present := os.LookupEnv(checkVariable)
+	require.True(t, present, checkVariable+" environment variable not set")
+	require.NotEqual(t, "", val, checkVariable+" environment variable is empty")
+
+	permitted_target_regions := []string{"us-south", "eu-de", "us-east", "eu-es", "eu-gb", "au-syd", "br-sao", "ca-tor", "jp-tok", "jp-osa"}
+
+	options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
+		Testing: t,
+		Region:  region,
+		Prefix:  prefix,
+		TarIncludePatterns: []string{
+			"*.tf",
+			"modules/metrics_routing" + "/*.tf",
+			AccountSettingsDADir + "/*.tf",
+		},
+		TemplateFolder:         AccountSettingsDADir,
+		Tags:                   []string{"mr-da-test"},
+		DeleteWorkspaceOnFail:  false,
+		WaitJobCompleteMinutes: 60,
+	})
+
+	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
+		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
+		{Name: "region", Value: region, DataType: "string"},
+		{Name: "primary_metadata_region", Value: "eu-de", DataType: "string"},
+		{Name: "backup_metadata_region", Value: "us-east", DataType: "string"}, // The `backup_metadata_region` should not be same as `primary_metadata_region` so hard-coded the region here
+		{Name: "permitted_target_regions", Value: permitted_target_regions, DataType: "list(string)"},
+	}
+
+	err := options.RunSchematicTest()
+	assert.Nil(t, err, "This should not have errored")
+}