fix: added a fix to avoid errors in DA when using existing resources (#267)

Author: shemau

solutions/standard/README.md

@@ -1,10 +1,16 @@
 # Event Notifications solution
 
-This solution that configures the following infrastructure:
+When `existing_en_instance_crn` is not passed, this solution configures the following infrastructure:
 
-- Creates a resource group, if one is not passed in.
-- Provisions and configures an Event Notifications instance.
-- Provisions an IBM Cloud Object Storage instance to connect to an Event Notifications instance and collect events that fail delivery.
-- Configures KMS encryption by using an existing root key. Optionally creates a key ring and key in an existing instance.
+- a resource group, if one is not passed in.
+- optionally a KMS key ring and key for IBM Event Notifications encryption
+- optionally a KMS key ring and key for IBM Cloud Object Storage encryption
+- optionally an IBM Cloud Object Storage instance
+- optionally an IBM Cloud Object Storage bucket to collect events that fail delivery
+- an IBM Event Notifications instance
+
+When `existing_en_instance_crn` is passed, this solution ignores ALL other inputs and sets the outputs based on the CRN.
+
+- required inputs MUST still be set, but will be ignored.
 
 :exclamation: **Important:** This solution is not intended to be called by one or more other modules because it contains a provider configuration and is not compatible with the `for_each`, `count`, and `depends_on` arguments. For more information, see [Providers Within Modules](https://developer.hashicorp.com/terraform/language/modules/develop/providers).

solutions/standard/main.tf

@@ -3,6 +3,7 @@
 ########################################################################################################################
 
 module "resource_group" {
+  count                        = var.existing_en_instance_crn == null ? 1 : 0
   source                       = "terraform-ibm-modules/resource-group/ibm"
   version                      = "1.1.6"
   resource_group_name          = var.use_existing_resource_group == false ? (var.prefix != null ? "${var.prefix}-${var.resource_group_name}" : var.resource_group_name) : null
@@ -14,6 +15,8 @@ module "resource_group" {
 #######################################################################################################################
 
 locals {
+  # If a KMS key is passed, or an existing EN CRN is passed; do not create keys
+  create_kms_keys                  = var.existing_kms_root_key_crn != null || var.existing_en_instance_crn != null ? false : true
   parsed_existing_kms_root_key_crn = var.existing_kms_root_key_crn != null ? split(":", var.existing_kms_root_key_crn) : []
   existing_kms_root_key_id         = length(local.parsed_existing_kms_root_key_crn) > 0 ? local.parsed_existing_kms_root_key_crn[length(local.parsed_existing_kms_root_key_crn) - 1] : null
   parsed_existing_kms_instance_crn = var.existing_kms_instance_crn != null ? split(":", var.existing_kms_instance_crn) : []
@@ -73,7 +76,7 @@ module "kms" {
   providers = {
     ibm = ibm.kms
   }
-  count                       = var.existing_kms_root_key_crn != null ? 0 : 1 # no need to create any KMS resources if passing an existing key
+  count                       = local.create_kms_keys ? 1 : 0
   source                      = "terraform-ibm-modules/kms-all-inclusive/ibm"
   version                     = "4.15.13"
   create_key_protect_instance = false
@@ -118,24 +121,26 @@ module "kms" {
 #######################################################################################################################
 
 locals {
+  # If a bucket namme is passed, or an existing EN CRN is passed; do not create bucket (or instance)
+  create_cos_bucket = var.existing_cos_bucket_name != null || var.existing_en_instance_crn != null ? false : true
   # tflint-ignore: terraform_unused_declarations
   validate_cos_regions        = var.cos_bucket_region != null && var.cross_region_location != null ? tobool("Cannot provide values for var.cos_bucket_region and var.cross_region_location") : true
-  cos_bucket_name             = var.existing_cos_bucket_name != null ? var.existing_cos_bucket_name : (var.prefix != null ? "${var.prefix}-${var.cos_bucket_name}" : var.cos_bucket_name)
-  cos_bucket_name_with_suffix = var.existing_cos_bucket_name != null ? var.existing_cos_bucket_name : module.cos[0].bucket_name
+  cos_bucket_name             = var.existing_cos_bucket_name != null ? var.existing_cos_bucket_name : local.create_cos_bucket ? (var.prefix != null ? "${var.prefix}-${var.cos_bucket_name}" : var.cos_bucket_name) : null
+  cos_bucket_name_with_suffix = var.existing_cos_bucket_name != null ? var.existing_cos_bucket_name : local.create_cos_bucket ? module.cos[0].bucket_name : null
   cos_bucket_region           = var.cos_bucket_region != null ? var.cos_bucket_region : var.cross_region_location != null ? null : var.region
   cos_instance_name           = var.prefix != null ? "${var.prefix}-${var.cos_instance_name}" : var.cos_instance_name
 }
 
 module "cos" {
-  count                               = var.existing_cos_bucket_name != null ? 0 : 1
+  count                               = local.create_cos_bucket ? 1 : 0
   source                              = "terraform-ibm-modules/cos/ibm"
   version                             = "8.11.13"
   create_cos_instance                 = var.existing_cos_instance_crn == null ? true : false
-  create_cos_bucket                   = var.existing_cos_bucket_name == null ? true : false
+  create_cos_bucket                   = local.create_cos_bucket
   existing_cos_instance_id            = var.existing_cos_instance_crn
   skip_iam_authorization_policy       = local.create_cross_account_auth_policy || var.skip_cos_kms_auth_policy
   add_bucket_name_suffix              = var.add_bucket_name_suffix
-  resource_group_id                   = module.resource_group.resource_group_id
+  resource_group_id                   = module.resource_group[0].resource_group_id
   region                              = local.cos_bucket_region
   cross_region_location               = var.cross_region_location
   cos_instance_name                   = local.cos_instance_name
@@ -158,9 +163,8 @@ module "cos" {
 ########################################################################################################################
 
 locals {
-  # KMS Related
-  existing_kms_instance_crn = var.existing_kms_instance_crn != null ? var.existing_kms_instance_crn : null
-  cos_endpoint              = var.existing_cos_bucket_name == null ? "https://${module.cos[0].s3_endpoint_public}" : var.existing_cos_endpoint
+  # COS Related
+  cos_endpoint = var.existing_cos_bucket_name == null ? (local.create_cos_bucket ? "https://${module.cos[0].s3_endpoint_public}" : null) : var.existing_cos_endpoint
   # Event Notification Related
   parsed_existing_en_instance_crn = var.existing_en_instance_crn != null ? split(":", var.existing_en_instance_crn) : []
   existing_en_guid                = length(local.parsed_existing_en_instance_crn) > 0 ? local.parsed_existing_en_instance_crn[7] : null
@@ -174,7 +178,7 @@ data "ibm_resource_instance" "existing_en" {
 module "event_notifications" {
   count                    = var.existing_en_instance_crn != null ? 0 : 1
   source                   = "../.."
-  resource_group_id        = module.resource_group.resource_group_id
+  resource_group_id        = module.resource_group[0].resource_group_id
   region                   = var.region
   name                     = var.prefix != null ? "${var.prefix}-${var.event_notification_name}" : var.event_notification_name
   plan                     = var.service_plan
@@ -184,7 +188,7 @@ module "event_notifications" {
   # KMS Related
   kms_encryption_enabled    = true
   kms_endpoint_url          = var.kms_endpoint_url
-  existing_kms_instance_crn = local.existing_kms_instance_crn
+  existing_kms_instance_crn = var.existing_kms_instance_crn
   root_key_id               = local.en_kms_key_id
   skip_en_kms_auth_policy   = local.create_cross_account_auth_policy || var.skip_en_kms_auth_policy
   # COS Related

solutions/standard/moved.tf

@@ -7,3 +7,8 @@ moved {
   from = module.event_notifications
   to   = module.event_notifications[0]
 }
+
+moved {
+  from = module.resource_group
+  to   = module.resource_group[0]
+}