You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jun 17, 2025. It is now read-only.
| <aname="input_access_tags"></a> [access\_tags](#input\_access\_tags)| A list of access tags to apply to the Enterprise DB instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details |`list(string)`|`[]`| no |
98
98
| <aname="input_admin_pass"></a> [admin\_pass](#input\_admin\_pass)| The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. |`string`|`null`| no |
99
-
| <a name="input_auto_scaling"></a> [auto\_scaling](#input\_auto\_scaling) | Optional rules to allow the database to increase resources in response to usage. Only a single autoscaling block is allowed. Make sure you understand the effects of autoscaling, especially for production environments. See https://ibm.biz/autoscaling-considerations in the IBM Cloud Docs. | <pre>object({<br> disk = object({<br> capacity_enabled = optional(bool, false)<br> free_space_less_than_percent = optional(number, 10)<br> io_above_percent = optional(number, 90)<br> io_enabled = optional(bool, false)<br> io_over_period = optional(string, "15m")<br> rate_increase_percent = optional(number, 10)<br> rate_limit_mb_per_member = optional(number, 3670016)<br> rate_period_seconds = optional(number, 900)<br> rate_units = optional(string, "mb")<br> })<br> memory = object({<br> io_above_percent = optional(number, 90)<br> io_enabled = optional(bool, false)<br> io_over_period = optional(string, "15m")<br> rate_increase_percent = optional(number, 10)<br> rate_limit_mb_per_member = optional(number, 114688)<br> rate_period_seconds = optional(number, 900)<br> rate_units = optional(string, "mb")<br> })<br> })</pre> | `null` | no |
99
+
| <a name="input_auto_scaling"></a> [auto\_scaling](#input\_auto\_scaling) | Optional rules to allow the database to increase resources in response to usage. Only a single autoscaling block is allowed. Make sure you understand the effects of autoscaling, especially for production environments. See https://ibm.biz/autoscaling-considerations in the IBM Cloud Docs. | <pre>object({<br/> disk = object({<br/> capacity_enabled = optional(bool, false)<br/> free_space_less_than_percent = optional(number, 10)<br/> io_above_percent = optional(number, 90)<br/> io_enabled = optional(bool, false)<br/> io_over_period = optional(string, "15m")<br/> rate_increase_percent = optional(number, 10)<br/> rate_limit_mb_per_member = optional(number, 3670016)<br/> rate_period_seconds = optional(number, 900)<br/> rate_units = optional(string, "mb")<br/> })<br/> memory = object({<br/> io_above_percent = optional(number, 90)<br/> io_enabled = optional(bool, false)<br/> io_over_period = optional(string, "15m")<br/> rate_increase_percent = optional(number, 10)<br/> rate_limit_mb_per_member = optional(number, 114688)<br/> rate_period_seconds = optional(number, 900)<br/> rate_units = optional(string, "mb")<br/> })<br/> })</pre> | `null` | no |
100
100
| <aname="input_backup_crn"></a> [backup\_crn](#input\_backup\_crn)| The CRN of a backup resource to restore from. The backup is created by a database deployment with the same service ID. The backup is loaded after provisioning and the new deployment starts up that uses that data. A backup CRN is in the format crn:v1:<…>:backup:. If omitted, the database is provisioned empty. |`string`|`null`| no |
101
101
| <aname="input_backup_encryption_key_crn"></a> [backup\_encryption\_key\_crn](#input\_backup\_encryption\_key\_crn)| The CRN of a KMS (Key Protect or Hyper Protect Crypto Services) key to use for encrypting the disk that holds deployment backups. Only used if var.kms\_encryption\_enabled is set to true. There are limitation per region on the type of KMS service (Key Protect or Hyper Protect Crypto Services) and region for those services. See https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect&interface=ui#key-byok and https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs#use-hpcs-backups|`string`|`null`| no |
102
-
| <aname="input_cbr_rules"></a> [cbr\_rules](#input\_cbr\_rules)| (Optional, list) List of CBR rules to create | <pre>list(object({<br> description = string<br> account_id = string<br> rule_contexts = list(object({<br> attributes = optional(list(object({<br> name = string<br> value = string<br> }))) }))<br> enforcement_mode = string<br> }))</pre> |`[]`| no |
| <aname="input_edb_version"></a> [edb\_version](#input\_edb\_version)| Version of the Enterprise DB instance to provision. If no value is passed, the current preferred version of IBM Cloud Databases is used. For our version policy, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-versioning-policy for more details |`string`|`null`| no |
105
105
| <aname="input_existing_kms_instance_guid"></a> [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid)| The GUID of the Hyper Protect Crypto Services or Key Protect instance in which the key specified in var.kms\_key\_crn and var.backup\_encryption\_key\_crn is coming from. Only required if var.kms\_encryption\_enabled is true, var.skip\_iam\_authorization\_policy is false, and passing a value for var.kms\_key\_crn, var.backup\_encryption\_key\_crn, or both. |`string`|`null`| no |
106
106
| <aname="input_kms_encryption_enabled"></a> [kms\_encryption\_enabled](#input\_kms\_encryption\_enabled)| Set this to true to control the encryption keys used to encrypt the data that you store in IBM Cloud® Databases. If set to false, the data is encrypted by using randomly generated keys. For more info on Key Protect integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect. For more info on HPCS integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs|`bool`|`false`| no |
@@ -121,7 +121,7 @@ To attach access management tags to resources in this module, you need the follo
121
121
| <aname="input_service_endpoints"></a> [service\_endpoints](#input\_service\_endpoints)| Specify whether you want to enable the public, private, or both service endpoints. Supported values are 'public', 'private', or 'public-and-private'. |`string`|`"private"`| no |
122
122
| <aname="input_skip_iam_authorization_policy"></a> [skip\_iam\_authorization\_policy](#input\_skip\_iam\_authorization\_policy)| Set to true to skip the creation of an IAM authorization policy that permits all Enterprise database instances in the resource group to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the existing\_kms\_instance\_guid variable. In addition, no policy is created if var.kms\_encryption\_enabled is set to false. |`bool`|`false`| no |
123
123
| <aname="input_use_default_backup_encryption_key"></a> [use\_default\_backup\_encryption\_key](#input\_use\_default\_backup\_encryption\_key)| Set to true to use default ICD randomly generated keys. |`bool`|`false`| no |
124
-
| <aname="input_users"></a> [users](#input\_users)| A list of users that you want to create on the database. Multiple blocks are allowed. The user password must be in the range of 10-32 characters. Be warned that in most case using IAM service credentials (via the var.service\_credential\_names) is sufficient to control access to the Enterprise Db instance. This blocks creates native enterprise database users, more info on that can be found here https://cloud.ibm.com/docs/databases-for-enterprisedb?topic=databases-for-enterprisedb-user-management&interface=api| <pre>list(object({<br> name = string<br> password = string # pragma: allowlist secret<br> type = optional(string)<br> role = optional(string)<br> }))</pre> |`[]`| no |
124
+
| <aname="input_users"></a> [users](#input\_users)| A list of users that you want to create on the database. Multiple blocks are allowed. The user password must be in the range of 10-32 characters. Be warned that in most case using IAM service credentials (via the var.service\_credential\_names) is sufficient to control access to the Enterprise Db instance. This blocks creates native enterprise database users, more info on that can be found here https://cloud.ibm.com/docs/databases-for-enterprisedb?topic=databases-for-enterprisedb-user-management&interface=api| <pre>list(object({<br/> name = string<br/> password = string # pragma: allowlist secret<br/> type = optional(string)<br/> role = optional(string)<br/> }))</pre> |`[]`| no |
0 commit comments