feat: Update schema variable to support full Apache Avro specification (#526)

Ak-sky · web-flow · commit 4d612ffed651 · 2026-02-25T13:12:27.000+05:30
* first commit

* feat: Update schemas variable to support full Apache Avro specification

* feat: Update schemas variable to support full Apache Avro specification

* docs: updated the type file

* addressed feedback

* addressed feedback

* addressed feedback
diff --git a/README.md b/README.md
@@ -161,7 +161,7 @@ You need the following permissions to run this module.
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the Event Streams instance is created. | `string` | n/a | yes |
 | <a name="input_resource_keys"></a> [resource\_keys](#input\_resource\_keys) | A list of service credential resource keys to be created for the Event Streams instance. | <pre>list(object({<br/>    name     = string<br/>    key_name = optional(string, null)<br/>    role     = optional(string, "Manager")<br/>    endpoint = optional(string, "public")<br/>  }))</pre> | `[]` | no |
 | <a name="input_schema_global_rule"></a> [schema\_global\_rule](#input\_schema\_global\_rule) | Schema global compatibility rule. Allowed values are 'NONE', 'FULL', 'FULL\_TRANSITIVE', 'FORWARD', 'FORWARD\_TRANSITIVE', 'BACKWARD', 'BACKWARD\_TRANSITIVE'. | `string` | `null` | no |
-| <a name="input_schemas"></a> [schemas](#input\_schemas) | The list of schema objects. Include the `schema_id` and the `type` and `name` of the schema in the `schema` object. | <pre>list(object(<br/>    {<br/>      schema_id = string<br/>      schema = object({<br/>        type = string<br/>        name = string<br/>        fields = optional(list(object({<br/>          name = string<br/>          type = string<br/>        })))<br/>      })<br/>    }<br/>  ))</pre> | `[]` | no |
+| <a name="input_schemas"></a> [schemas](#input\_schemas) | List of schema objects. Each schema must include `schema_id` and `schema` definition. Supports full Apache Avro specification with nested structures. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-ES_schema_registry#ES_apache_avro_data_format). | `any` | `[]` | no |
 | <a name="input_service_endpoints"></a> [service\_endpoints](#input\_service\_endpoints) | The type of service endpoints. Possible values: 'public', 'private', 'public-and-private'. | `string` | `"public"` | no |
 | <a name="input_skip_es_s2s_iam_authorization_policy"></a> [skip\_es\_s2s\_iam\_authorization\_policy](#input\_skip\_es\_s2s\_iam\_authorization\_policy) | Set to true to skip the creation of an IAM authorization policy that will allow all Event Streams instances in the given resource group access to read from the mirror source instance. This policy is required when creating a mirroring instance, and will only be created if a value is passed in the mirroring input. | `bool` | `false` | no |
 | <a name="input_skip_kms_iam_authorization_policy"></a> [skip\_kms\_iam\_authorization\_policy](#input\_skip\_kms\_iam\_authorization\_policy) | Set to true to skip the creation of an IAM authorization policy that permits all Event Streams database instances in the resource group to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the `kms_key_crn` variable. In addition, no policy is created if var.kms\_encryption\_enabled is set to false. | `bool` | `false` | no |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -18,24 +18,8 @@ module "event_streams" {
   source            = "../../"
   resource_group_id = module.resource_group.resource_group_id
   es_name           = "${var.prefix}-es"
-  schemas = [
-    {
-      schema_id = "my-es-schema_1"
-      schema = {
-        type = "string"
-        name = "name_1"
-      }
-    },
-    {
-      schema_id = "my-es-schema_2"
-      schema = {
-        type = "string"
-        name = "name_2"
-      }
-    }
-  ]
-  tags        = var.resource_tags
-  access_tags = var.access_tags
+  tags              = var.resource_tags
+  access_tags       = var.access_tags
   topics = [
     {
       name       = "topic-1"
diff --git a/examples/fscloud/main.tf b/examples/fscloud/main.tf
@@ -70,15 +70,81 @@ module "cbr_zone_schematics" {
 # #############################################################################
 
 module "event_streams" {
-  source                   = "../../modules/fscloud"
-  resource_group_id        = module.resource_group.resource_group_id
-  es_name                  = "${var.prefix}-es-fs"
-  kms_key_crn              = var.kms_key_crn
-  schemas                  = var.schemas
-  tags                     = var.resource_tags
-  topics                   = var.topics
-  create_timeout           = "6h"
-  metrics                  = ["topic", "partition", "consumers"]
+  source            = "../../modules/fscloud"
+  resource_group_id = module.resource_group.resource_group_id
+  es_name           = "${var.prefix}-es-fs"
+  kms_key_crn       = var.kms_key_crn
+  tags              = var.resource_tags
+  create_timeout    = "6h"
+  metrics           = ["topic", "partition", "consumers"]
+  schemas = [
+    {
+      schema_id = "job_events_cloud_sync_value_v1"
+      schema = {
+        type      = "record"
+        name      = "job_events_cloud_sync_value_v1"
+        namespace = "envelope"
+        fields = [
+          { name = "source", type = "string" },
+          { name = "subject", type = "string" },
+          { name = "time", type = "string" },
+          { name = "datacontenttype", type = "string", default = "application/json" },
+          { name = "producer", type = "string" },
+          {
+            name = "data"
+            type = {
+              type      = "record"
+              name      = "payload"
+              namespace = "payload"
+              fields = [
+                { name = "event_type", type = "string" },
+                { name = "job_id", type = "string" },
+                { name = "metadata", type = ["null", "string"], default = null },
+                { name = "monotonic_ns", type = "long" },
+                { name = "source_instance_id", type = "string" },
+                { name = "source_type_id", type = "string" },
+                { name = "sub_job_id", type = ["null", "string"], default = null }
+              ]
+            }
+          }
+        ]
+      }
+    },
+    {
+      schema_id = "my-es-schema_1"
+      schema = {
+        type = "record"
+        name = "book"
+        fields = [
+          {
+            name = "title"
+            type = "string"
+          },
+          {
+            name = "author"
+            type = "string"
+          }
+        ]
+      }
+    },
+    {
+      schema_id = "my-es-schema_2"
+      schema = {
+        type = "record"
+        name = "book"
+        fields = [
+          {
+            name = "author"
+            type = "string"
+          },
+          {
+            name = "title"
+            type = "string"
+          }
+        ]
+      }
+    }
+  ]
   mirroring_topic_patterns = ["topic-1", "topic-2"]
   mirroring = {
     source_crn   = var.event_streams_source_crn # Required for mirroring
diff --git a/examples/fscloud/variables.tf b/examples/fscloud/variables.tf
@@ -28,32 +28,6 @@ variable "resource_tags" {
   default     = []
 }
 
-variable "schemas" {
-  type = list(object(
-    {
-      schema_id = string
-      schema = object({
-        type = string
-        name = string
-      })
-    }
-  ))
-  description = "The list of schema object which contains schema id and format of the schema"
-  default     = []
-}
-
-variable "topics" {
-  type = list(object(
-    {
-      name       = string
-      partitions = number
-      config     = map(string)
-    }
-  ))
-  description = "List of topics. For lite plan only one topic is allowed."
-  default     = []
-}
-
 variable "kms_key_crn" {
   type        = string
   description = "The root key CRN of a Hyper Protect Crypto Service (HPCS) that you want to use for disk encryption. See https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs&interface=ui for more information on integrating HPCS with Event Streams instance."
diff --git a/modules/fscloud/README.md b/modules/fscloud/README.md
@@ -41,7 +41,7 @@ No resources.
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the Event Streams instance is created. | `string` | n/a | yes |
 | <a name="input_resource_keys"></a> [resource\_keys](#input\_resource\_keys) | A list of service credential resource keys to be created for the Event Streams instance. | <pre>list(object({<br/>    name     = string<br/>    role     = optional(string, "Reader")<br/>    endpoint = optional(string, "private")<br/>  }))</pre> | `[]` | no |
 | <a name="input_schema_global_rule"></a> [schema\_global\_rule](#input\_schema\_global\_rule) | Schema global compatibility rule. Allowed values are 'NONE', 'FULL', 'FULL\_TRANSITIVE', 'FORWARD', 'FORWARD\_TRANSITIVE', 'BACKWARD', 'BACKWARD\_TRANSITIVE'. | `string` | `null` | no |
-| <a name="input_schemas"></a> [schemas](#input\_schemas) | The list of schema objects. Include the `schema_id` and the `type` and `name` of the schema in the `schema` object. | <pre>list(object(<br/>    {<br/>      schema_id = string<br/>      schema = object({<br/>        type = string<br/>        name = string<br/>        fields = optional(list(object({<br/>          name = string<br/>          type = string<br/>        })))<br/>      })<br/>    }<br/>  ))</pre> | `[]` | no |
+| <a name="input_schemas"></a> [schemas](#input\_schemas) | List of schema objects. Each schema must include `schema_id` and `schema` definition. Supports full Apache Avro specification with nested structures. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-ES_schema_registry#ES_apache_avro_data_format). | `any` | `[]` | no |
 | <a name="input_skip_es_s2s_iam_authorization_policy"></a> [skip\_es\_s2s\_iam\_authorization\_policy](#input\_skip\_es\_s2s\_iam\_authorization\_policy) | Set to true to skip the creation of an Event Streams s2s IAM authorization policy to provision an Event Streams mirroring instance. This is required to read from the source cluster. This policy is required when creating mirroring instance. | `bool` | `false` | no |
 | <a name="input_skip_kms_iam_authorization_policy"></a> [skip\_kms\_iam\_authorization\_policy](#input\_skip\_kms\_iam\_authorization\_policy) | Set to true to skip the creation of an IAM authorization policy that permits all Event Streams database instances in the resource group to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the kms\_key\_crn variable. In addition, no policy is created if var.kms\_encryption\_enabled is set to false. | `bool` | `false` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | The list of tags associated with the Event Streams instance. | `list(string)` | `[]` | no |
diff --git a/modules/fscloud/variables.tf b/modules/fscloud/variables.tf
@@ -29,23 +29,10 @@ variable "region" {
 }
 
 variable "schemas" {
-  type = list(object(
-    {
-      schema_id = string
-      schema = object({
-        type = string
-        name = string
-        fields = optional(list(object({
-          name = string
-          type = string
-        })))
-      })
-    }
-  ))
-  description = "The list of schema objects. Include the `schema_id` and the `type` and `name` of the schema in the `schema` object."
+  type        = any
+  description = "List of schema objects. Each schema must include `schema_id` and `schema` definition. Supports full Apache Avro specification with nested structures. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-ES_schema_registry#ES_apache_avro_data_format)."
   default     = []
 }
-
 variable "schema_global_rule" {
   type        = string
   description = "Schema global compatibility rule. Allowed values are 'NONE', 'FULL', 'FULL_TRANSITIVE', 'FORWARD', 'FORWARD_TRANSITIVE', 'BACKWARD', 'BACKWARD_TRANSITIVE'."
diff --git a/solutions/security-enforced/DA-schemas-topics-cbr.md b/solutions/security-enforced/DA-schemas-topics-cbr.md
@@ -40,29 +40,77 @@ The following example includes all the configuration options for topics.
 ## Options with schemas <a name="options-with-schemas"></a>
 
 - `schema_id` (required): The unique ID to be assigned to schema. If this value is not specified, a generated UUID is assigned.
-- `schema` (required): The schema in JSON format. Supported parameters are: `type`, `name` and `fields` (optional).
+- `schema` (required): The schema definition as a JSON-compatible Terraform object. Supports all [Apache Avro](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-ES_schema_registry#ES_apache_avro_data_format) types including nested structures.
 
 The following example includes all the configuration options for schemas.
 
 ```hcl
 [
     {
-        schema_id = "my-es-schema_1"
-        schema = {
+      schema_id = "job_events_cloud_sync_value_v1"
+      schema = {
+        type      = "record"
+        name      = "job_events_cloud_sync_value_v1"
+        namespace = "envelope"
+        fields = [
+          { name = "source", type = "string" },
+          { name = "subject", type = "string" },
+          { name = "time", type = "string" },
+          { name = "datacontenttype", type = "string", default = "application/json" },
+          { name = "producer", type = "string" },
+          {
+            name = "data"
+            type = {
+              type      = "record"
+              name      = "payload"
+              namespace = "payload"
+              fields = [
+                { name = "event_type", type = "string" },
+                { name = "job_id", type = "string" },
+                { name = "metadata", type = ["null", "string"], default = null },
+                { name = "monotonic_ns", type = "long" },
+                { name = "source_instance_id", type = "string" },
+                { name = "source_type_id", type = "string" },
+                { name = "sub_job_id", type = ["null", "string"], default = null }
+              ]
+            }
+          }
+        ]
+      }
+    },
+    {
+      schema_id = "my-es-schema_1"
+      schema = {
+        type = "record"
+        name = "book"
+        fields = [
+          {
+            name = "title"
             type = "string"
-            name = "name_1"
-            fields = [{
-                name = "field_name"
-                type = "string"
-            }]
-        }
+          },
+          {
+            name = "author"
+            type = "string"
+          }
+        ]
+      }
     },
     {
-        schema_id = "my-es-schema_2"
-        schema = {
+      schema_id = "my-es-schema_2"
+      schema = {
+        type = "record"
+        name = "book"
+        fields = [
+          {
+            name = "author"
             type = "string"
-            name = "name_2"
-        }
+          },
+          {
+            name = "title"
+            type = "string"
+          }
+        ]
+      }
     }
 ]
 ```
diff --git a/solutions/security-enforced/variables.tf b/solutions/security-enforced/variables.tf
@@ -63,22 +63,11 @@ variable "access_tags" {
 }
 
 variable "schemas" {
-  type = list(object({
-    schema_id = string
-    schema = object({
-      type = string
-      name = string
-      fields = optional(list(object({
-        name = string
-        type = string
-      })))
-    })
-  }))
-  description = "The list of schema objects. Include the `schema_id`, `type` and `name` of the schema in the `schema` object. Learn more: https://github.com/terraform-ibm-modules/terraform-ibm-event-streams/tree/main/solutions/security-enforced/DA-schemas-topics-cbr.md#options-with-schemas."
+  type        = any
+  description = "List of schema objects. Each schema must include `schema_id` and `schema` definition. Supports full Apache Avro specification with nested structures. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-event-streams/tree/main/solutions/security-enforced/DA-schemas-topics-cbr.md#options-with-schemas)."
   default     = []
 }
 
-
 variable "schema_global_rule" {
   type        = string
   description = "Schema global compatibility rule. Allowed values are 'NONE', 'FULL', 'FULL_TRANSITIVE', 'FORWARD', 'FORWARD_TRANSITIVE', 'BACKWARD', 'BACKWARD_TRANSITIVE'."
diff --git a/variables.tf b/variables.tf
@@ -128,21 +128,16 @@ variable "skip_es_s2s_iam_authorization_policy" {
 }
 
 variable "schemas" {
-  type = list(object(
-    {
-      schema_id = string
-      schema = object({
-        type = string
-        name = string
-        fields = optional(list(object({
-          name = string
-          type = string
-        })))
-      })
-    }
-  ))
-  description = "The list of schema objects. Include the `schema_id` and the `type` and `name` of the schema in the `schema` object."
+  type        = any
+  description = "List of schema objects. Each schema must include `schema_id` and `schema` definition. Supports full Apache Avro specification with nested structures. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-ES_schema_registry#ES_apache_avro_data_format)."
   default     = []
+
+  validation {
+    condition = alltrue([
+      for s in var.schemas : s.schema_id != "" && s.schema != null
+    ])
+    error_message = "Each schema must have a 'schema_id' and a 'schema' definition."
+  }
 }
 
 variable "schema_global_rule" {
