terraform-ibm-modules
diff --git a/‎.secrets.baseline‎
Lines changed: 13 additions & 2 deletions b/‎.secrets.baseline‎
Lines changed: 13 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 84 additions & 128 deletions b/‎README.md‎
Lines changed: 84 additions & 128 deletions
diff --git a/‎common-dev-assets‎ b/‎common-dev-assets‎
diff --git a/‎cra-tf-validate-ignore-rules.json‎
Lines changed: 15 additions & 2 deletions b/‎cra-tf-validate-ignore-rules.json‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎examples/backup/README.md‎
Lines changed: 7 additions & 0 deletions b/‎examples/backup/README.md‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎examples/backup/main.tf‎
Lines changed: 38 additions & 0 deletions b/‎examples/backup/main.tf‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎examples/backup/outputs.tf‎
Lines changed: 17 additions & 0 deletions b/‎examples/backup/outputs.tf‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎examples/default/provider.tf‎ renamed to ‎examples/backup/provider.tf‎ b/‎examples/default/provider.tf‎ renamed to ‎examples/backup/provider.tf‎
diff --git a/‎examples/backup/variables.tf‎
Lines changed: 47 additions & 0 deletions b/‎examples/backup/variables.tf‎
Lines changed: 47 additions & 0 deletions
diff --git a/‎examples/default/version.tf‎ renamed to ‎examples/backup/version.tf‎
Lines changed: 1 addition & 1 deletion b/‎examples/default/version.tf‎ renamed to ‎examples/backup/version.tf‎
Lines changed: 1 addition & 1 deletion
@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-06-03T03:40:11Z",
+  "generated_at": "2023-06-07T13:09:19Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -76,7 +76,18 @@
       "name": "TwilioKeyDetector"
     }
   ],
-  "results": {},
+  "results": {
+    "module-metadata.json": [
+      {
+        "hashed_secret": "99075eb0baa8cfda1cae029da06b57b93cc13a31",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 468,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ]
+  },
   "version": "0.13.1+ibm.61.dss",
   "word_list": {
     "file": null,
 
@@ -1,3 +1,16 @@
 {
-    "scc_rules": []
-}
+    "scc_rules": [
+      {
+        "scc_rule_id": "rule-9b2d8054-bc93-44fd-901b-91f677287e84",
+        "description": "Check whether Databases for PostgreSQL network access is restricted to a specific IP range",
+        "ignore_reason": "This module supports restricting network access using Context Based Restrictions (CBRs), however SCC does not yet support scanning for CBR rules, hence the rule currently fails. SCC CBR support is being tracked in AHA SCC-961",
+        "is_valid": true
+      },
+      {
+        "scc_rule_id": "rule-216e2449-27d7-4afc-929a-b66e196a9cf9",
+        "description": "Check whether Flow Logs for VPC are enabled",
+        "ignore_reason": "This rule is not relevant to the module itself, just the VPC resource is used in the example that is scanned",
+        "is_valid": false
+      }
+    ]
+  }
@@ -0,0 +1,7 @@
+# Restore from backup example
+
+This example provides an end-to-end executable flow of how a Enterprise DB can be created from a backup instance. This example uses the IBM Cloud terraform provider to:
+
+- Create a new resource group if one is not passed in.
+- Create a new ICD Enterprise database instance if no existing backup crn is provided.
+- Create a restored ICD Enterprise database instance pointing to the backup of the first instance.
@@ -0,0 +1,38 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+  source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-resource-group.git?ref=v1.0.5"
+  # if an existing resource group is not set (null) create a new one using prefix
+  resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
+  existing_resource_group_name = var.resource_group
+}
+
+module "enterprise_db" {
+  count             = var.enterprise_db_backup_crn != null ? 0 : 1
+  source            = "../.."
+  resource_group_id = module.resource_group.resource_group_id
+  name              = "${var.prefix}-edb"
+  edb_version       = var.edb_version
+  region            = var.region
+  resource_tags     = var.resource_tags
+  access_tags       = var.access_tags
+}
+
+data "ibm_database_backups" "backup_database" {
+  count         = var.enterprise_db_backup_crn != null ? 0 : 1
+  deployment_id = module.enterprise_db[0].id
+}
+
+# New enterprise db instance pointing to the backup instance
+module "restored_enterprise_db" {
+  source            = "../.."
+  resource_group_id = module.resource_group.resource_group_id
+  name              = "${var.prefix}-edb-restored"
+  edb_version       = var.edb_version
+  region            = var.region
+  resource_tags     = var.resource_tags
+  access_tags       = var.access_tags
+  backup_crn        = var.enterprise_db_backup_crn == null ? data.ibm_database_backups.backup_database[0].backups[0].backup_id : var.enterprise_db_backup_crn
+}
@@ -0,0 +1,17 @@
+##############################################################################
+# Outputs
+##############################################################################
+output "id" {
+  description = "Enterprise DB instance id"
+  value       = var.enterprise_db_backup_crn == null ? module.enterprise_db[0].id : null
+}
+
+output "restored_enterprise_db_id" {
+  description = "Restored Enterprise DB instance id"
+  value       = module.restored_enterprise_db.id
+}
+
+output "restored_enterprise_db_version" {
+  description = "Restored Enterprise DB instance version"
+  value       = module.restored_enterprise_db.version
+}
@@ -0,0 +1,47 @@
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The IBM Cloud API Key"
+  sensitive   = true
+}
+
+variable "region" {
+  type        = string
+  description = "Region to provision all resources created by this example."
+  default     = "us-south"
+}
+
+variable "prefix" {
+  type        = string
+  description = "Prefix to append to all resources created by this example"
+  default     = "edb-res"
+}
+
+variable "edb_version" {
+  description = "Version of the Enterprise DB instance. If no value passed, the current ICD preferred version is used."
+  type        = string
+  default     = null
+}
+
+variable "resource_group" {
+  type        = string
+  description = "An existing resource group name to use for this example, if unset a new resource group will be created"
+  default     = null
+}
+
+variable "resource_tags" {
+  type        = list(string)
+  description = "Optional list of tags to be added to created resources"
+  default     = []
+}
+
+variable "access_tags" {
+  type        = list(string)
+  description = "A list of access tags to apply to the Enterprise DB instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details"
+  default     = []
+}
+
+variable "enterprise_db_backup_crn" {
+  type        = string
+  description = "The existing CRN of a backup resource to restore from. If null then it will create a new instance first and then create another instance pointing to the backup of the first instance."
+  default     = null
+}
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.0.0"
+  required_version = ">= 1.3.0"
   required_providers {
     # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
     ibm = {