You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|[ibm_database_connection.database_connection](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/data-sources/database_connection)| data source |
29
+
No resources.
38
30
39
31
### Inputs
40
32
@@ -43,25 +35,21 @@ The IBM Cloud Framework for Financial Services mandates the application of an in
43
35
| <aname="input_access_tags"></a> [access\_tags](#input\_access\_tags)| A list of access tags to apply to the MongoDB instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details |`list(string)`|`[]`| no |
44
36
| <aname="input_admin_pass"></a> [admin\_pass](#input\_admin\_pass)| The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters. |`string`|`null`| no |
45
37
| <a name="input_auto_scaling"></a> [auto\_scaling](#input\_auto\_scaling) | Optional rules to allow the database to increase resources in response to usage. Only a single autoscaling block is allowed. Make sure you understand the effects of autoscaling, especially for production environments. See https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-autoscaling&interface=cli#autoscaling-considerations in the IBM Cloud Docs. | <pre>object({<br> disk = object({<br> capacity_enabled = optional(bool, false)<br> free_space_less_than_percent = optional(number, 10)<br> io_above_percent = optional(number, 90)<br> io_enabled = optional(bool, false)<br> io_over_period = optional(string, "15m")<br> rate_increase_percent = optional(number, 10)<br> rate_limit_mb_per_member = optional(number, 3670016)<br> rate_period_seconds = optional(number, 900)<br> rate_units = optional(string, "mb")<br> })<br> memory = object({<br> io_above_percent = optional(number, 90)<br> io_enabled = optional(bool, false)<br> io_over_period = optional(string, "15m")<br> rate_increase_percent = optional(number, 10)<br> rate_limit_mb_per_member = optional(number, 114688)<br> rate_period_seconds = optional(number, 900)<br> rate_units = optional(string, "mb")<br> })<br> })</pre> | `null` | no |
46
-
| <aname="input_backup_encryption_key_crn"></a> [backup\_encryption\_key\_crn](#input\_backup\_encryption\_key\_crn)| The CRN of a Key Protect key that you want to use for encrypting the disk that holds deployment backups. Only used if var.kms\_encryption\_enabled is set to true. BYOK for backups is available only in US regions us-south and us-east, and in eu-de. Only keys in the us-south and eu-de are durable to region failures. To ensure that your backups are available even if a region failure occurs, use a key from us-south or eu-de. Hyper Protect Crypto Services for IBM Cloud Databases backups is not currently supported. If no value is passed here, the value passed for the 'kms\_key\_crn' variable is used. And if a HPCS value is passed for var.kms\_key\_crn, the database backup encryption uses the default encryption keys. |`string`|`null`| no |
47
38
| <aname="input_cbr_rules"></a> [cbr\_rules](#input\_cbr\_rules)| (Optional, list) List of CBR rules to create | <pre>list(object({<br> description = string<br> account_id = string<br> rule_contexts = list(object({<br> attributes = optional(list(object({<br> name = string<br> value = string<br> }))) }))<br> enforcement_mode = string<br> }))</pre> |`[]`| no |
| <aname="input_cpu_count"></a> [cpu\_count](#input\_cpu\_count)| Allocated dedicated CPU per member. For shared CPU, set to 0. For more information, see https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-pricing#mongodb-scale-member|`number`|`0`| no |
50
-
| <aname="input_disk_mb"></a> [disk\_mb](#input\_disk\_mb)| Allocated disk per member. For more information, see https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-pricing#mongodb-scale-member|`number`|`10240`| no |
51
-
| <aname="input_endpoints"></a> [endpoints](#input\_endpoints)| Specify whether you want to enable the public, private, or both service endpoints. Supported values are 'public', 'private', or 'public-and-private'. |`string`|`"private"`| no |
52
-
| <aname="input_existing_kms_instance_guid"></a> [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid)| The GUID of the Hyper Protect Crypto Services or Key Protect instance in which the key specified in var.kms\_key\_crn and var.backup\_encryption\_key\_crn is coming from. Required only if var.kms\_encryption\_enabled is set to true, var.skip\_iam\_authorization\_policy is set to false, and you pass a value for var.kms\_key\_crn, var.backup\_encryption\_key\_crn, or both. |`string`|`null`| no |
53
-
| <aname="input_instance_name"></a> [instance\_name](#input\_instance\_name)| The name to give the MongoDB instance. |`string`| n/a | yes |
54
-
| <aname="input_kms_encryption_enabled"></a> [kms\_encryption\_enabled](#input\_kms\_encryption\_enabled)| Set this to true to control the encryption keys used to encrypt the data that you store in IBM Cloud® Databases. If set to false, the data is encrypted by using randomly generated keys. For more info on Key Protect integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect. For more info on HPCS integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs|`bool`|`false`| no |
55
-
| <aname="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn)| The root key CRN of a Key Management Services like Key Protect or Hyper Protect Crypto Services (HPCS) that you want to use for disk encryption. Only used if var.kms\_encryption\_enabled is set to true. |`string`|`null`| no |
40
+
| <aname="input_cpu_count"></a> [cpu\_count](#input\_cpu\_count)| Allocated dedicated CPU per member. For shared CPU, set to 0. For more information, see https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-pricing#mongodb-scale-member|`number`|`6`| no |
41
+
| <aname="input_disk_mb"></a> [disk\_mb](#input\_disk\_mb)| Allocated disk per member. For more information, see https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-pricing#mongodb-scale-member|`number`|`20480`| no |
42
+
| <aname="input_existing_kms_instance_guid"></a> [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid)| The GUID of the Hyper Protect Crypto Services instance. |`string`| n/a | yes |
43
+
| <aname="input_instance_name"></a> [instance\_name](#input\_instance\_name)| Name of the mongodb instance |`string`| n/a | yes |
44
+
| <aname="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn)| The root key CRN of the Hyper Protect Crypto Service (HPCS) to use for disk encryption. |`string`| n/a | yes |
56
45
| <aname="input_members"></a> [members](#input\_members)| Allocated number of members |`number`|`3`| no |
57
-
| <aname="input_memory_mb"></a> [memory\_mb](#input\_memory\_mb)| Allocated memory per member. For more information, see https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-pricing#mongodb-scale-member|`number`|`1024`| no |
58
-
| <aname="input_mongodb_version"></a> [mongodb\_version](#input\_mongodb\_version)| The version of the MongoDB to provision. If no value passed, the current ICD preferred version is used. |`string`|`null`| no |
59
-
| <aname="input_plan"></a> [plan](#input\_plan)| The name of the service plan that you choose for your MongoDB instance |`string`|`"standard"`| no |
60
-
| <aname="input_plan_validation"></a> [plan\_validation](#input\_plan\_validation)| Enable or disable validating the database parameters for MongoDB during the plan phase. |`bool`|`true`| no |
61
-
| <aname="input_region"></a> [region](#input\_region)| The region where you want to deploy your instance. |`string`|`"us-south"`| no |
46
+
| <aname="input_memory_mb"></a> [memory\_mb](#input\_memory\_mb)| Allocated memory per member. For more information, see https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-pricing#mongodb-scale-member|`number`|`14336`| no |
47
+
| <aname="input_mongodb_version"></a> [mongodb\_version](#input\_mongodb\_version)| Version of the MongoDB instance. If no value is passed, the current preferred version of IBM Cloud Databases is used. |`string`|`null`| no |
48
+
| <aname="input_plan"></a> [plan](#input\_plan)| The name of the service plan that you choose for your MongoDB instance |`string`|`"enterprise"`| no |
49
+
| <aname="input_region"></a> [region](#input\_region)| The region where you want to deploy your instance. Must be the same region as the Hyper Protect Crypto Services instance. |`string`|`"us-south"`| no |
62
50
| <aname="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id)| The resource group ID where the MongoDB instance will be created. |`string`| n/a | yes |
63
51
| <aname="input_service_credential_names"></a> [service\_credential\_names](#input\_service\_credential\_names)| Map of name, role for service credentials that you want to create for the database |`map(string)`|`{}`| no |
64
-
| <aname="input_skip_iam_authorization_policy"></a> [skip\_iam\_authorization\_policy](#input\_skip\_iam\_authorization\_policy)| Set to true to skip the creation of an IAM authorization policy that permits all MongoDB database instances in the resource group to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the existing\_kms\_instance\_guid variable. In addition, no policy is created if var.kms\_encryption\_enabled is set to false. |`bool`|`false`| no |
52
+
| <aname="input_skip_iam_authorization_policy"></a> [skip\_iam\_authorization\_policy](#input\_skip\_iam\_authorization\_policy)| Set to true to skip the creation of an IAM authorization policy that permits all MongoDB database instances in the resource group to read the encryption key from the Hyper Protect Crypto Services instance. The HPCS instance is passed in through the var.existing\_kms\_instance\_guid variable. |`bool`|`false`| no |
65
53
| <aname="input_tags"></a> [tags](#input\_tags)| Optional list of tags to be added to the MongoDB instance. |`list(any)`|`[]`| no |
66
54
| <aname="input_users"></a> [users](#input\_users)| A list of users that you want to create on the database. Multiple blocks are allowed. The user password must be in the range of 10-32 characters. Be warned that in most case using IAM service credentials (via the var.service\_credential\_names) is sufficient to control access to the MongoDB instance. This blocks creates native MongoDB database users, more info on that can be found here https://cloud.ibm.com/docs/databases-for-mongodb?topic=databases-for-mongodb-user-management&interface=ui| <pre>list(object({<br> name = string<br> password = string # pragma: allowlist secret<br> type = string # "type" is required to generate the connection string for the outputs.<br> role = optional(string)<br> }))</pre> |`[]`| no |
67
55
@@ -72,9 +60,9 @@ The IBM Cloud Framework for Financial Services mandates the application of an in
72
60
| <aname="output_cbr_rule_ids"></a> [cbr\_rule\_ids](#output\_cbr\_rule\_ids)| CBR rule ids created to restrict MongoDB |
| <aname="output_hostname"></a> [hostname](#output\_hostname)|Database hostname. Only contains value when var.service\_credential\_names or var.users are set.|
0 commit comments