feat: removed kms_region from the DA input as its now programmatically determined.<br>* The existing_kms_instance_guid input variable has been replaced by the existing_kms_instance_crn in the DA solution. The CRN should now be passed to it instead of the GUID. (#190)

Soaib024 · web-flow · commit e7ad0466cff8 · 2024-06-10T11:17:11.000+01:00
diff --git a/solutions/secure/catalogValidationValues.json.template b/solutions/secure/catalogValidationValues.json.template
@@ -4,6 +4,5 @@
   "tags": $TAGS,
   "name": $PREFIX,
   "resource_group_name": $PREFIX,
-  "existing_kms_instance_guid": $HPCS_US_SOUTH_GUID,
-  "kms_region": "us-south"
+  "existing_kms_instance_crn": $HPCS_US_SOUTH_CRN
 }
diff --git a/solutions/secure/main.tf b/solutions/secure/main.tf
@@ -1,3 +1,9 @@
+locals {
+  existing_kms_instance_crn_split = var.existing_kms_instance_crn != null ? split(":", var.existing_kms_instance_crn) : null
+  existing_kms_instance_guid      = var.existing_kms_instance_crn != null ? element(local.existing_kms_instance_crn_split, length(local.existing_kms_instance_crn_split) - 3) : null
+  existing_kms_instance_region    = var.existing_kms_instance_crn != null ? element(local.existing_kms_instance_crn_split, length(local.existing_kms_instance_crn_split) - 5) : null
+}
+
 module "resource_group" {
   source                       = "terraform-ibm-modules/resource-group/ibm"
   version                      = "1.1.5"
@@ -14,8 +20,8 @@ module "kms" {
   source                      = "terraform-ibm-modules/kms-all-inclusive/ibm"
   version                     = "4.13.2"
   create_key_protect_instance = false
-  region                      = var.kms_region
-  existing_kms_instance_guid  = var.existing_kms_instance_guid
+  region                      = local.existing_kms_instance_region
+  existing_kms_instance_guid  = local.existing_kms_instance_guid
   key_ring_endpoint_type      = var.kms_endpoint_type
   key_endpoint_type           = var.kms_endpoint_type
   keys = [
@@ -48,7 +54,7 @@ module "elasticsearch" {
   plan                          = var.plan
   skip_iam_authorization_policy = var.skip_iam_authorization_policy
   elasticsearch_version         = var.elasticsearch_version
-  existing_kms_instance_guid    = var.existing_kms_instance_guid
+  existing_kms_instance_guid    = local.existing_kms_instance_guid
   kms_key_crn                   = local.kms_key_crn
   access_tags                   = var.access_tags
   tags                          = var.tags
diff --git a/solutions/secure/variables.tf b/solutions/secure/variables.tf
@@ -98,12 +98,6 @@ variable "tags" {
   default     = []
 }
 
-variable "kms_region" {
-  type        = string
-  default     = "us-south"
-  description = "The region in which KMS instance exists."
-}
-
 variable "kms_endpoint_type" {
   type        = string
   description = "The type of endpoint to be used for commincating with the KMS instance. Allowed values are: 'public' or 'private' (default)"
@@ -120,8 +114,8 @@ variable "existing_kms_key_crn" {
   default     = null
 }
 
-variable "existing_kms_instance_guid" {
-  description = "The GUID of an existing Hyper Protect or Key Protect instance in the same account as the Elasticsearch database instance. Always used to create an authorization policy and if 'existing_kms_key_crn' is not specified also used to create a KMS root key"
+variable "existing_kms_instance_crn" {
+  description = "The CRN of an existing Hyper Protect or Key Protect instance in the same account as the Elasticsearch database instance. Always used to create an authorization policy and if 'existing_kms_key_crn' is not specified also used to create a KMS root key"
   type        = string
   default     = null
 }
diff --git a/tests/pr_test.go b/tests/pr_test.go
@@ -89,11 +89,11 @@ func setupOptionsSecureSolution(t *testing.T, prefix string) *testhelper.TestOpt
 	})
 
 	options.TerraformVars = map[string]interface{}{
-		"access_tags":                permanentResources["accessTags"],
-		"existing_kms_instance_guid": permanentResources["hpcs_south"],
-		"kms_endpoint_type":          "public",
-		"resource_group_name":        options.Prefix,
-		"name":                       options.Prefix,
+		"access_tags":               permanentResources["accessTags"],
+		"existing_kms_instance_crn": permanentResources["hpcs_south_crn"],
+		"kms_endpoint_type":         "public",
+		"resource_group_name":       options.Prefix,
+		"name":                      options.Prefix,
 	}
 
 	return options

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,5 @@`
`4`	`4`	`"tags": $TAGS,`
`5`	`5`	`"name": $PREFIX,`
`6`	`6`	`"resource_group_name": $PREFIX,`
`7`		`- "existing_kms_instance_guid": $HPCS_US_SOUTH_GUID,`
`8`		`- "kms_region": "us-south"`
	`7`	`+ "existing_kms_instance_crn": $HPCS_US_SOUTH_CRN`
`9`	`8`	`}`