You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|[ibm_database_connection.database_connection](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/data-sources/database_connection)| data source |
@@ -115,7 +115,7 @@ To attach access management tags to resources in this module, you need the follo
| <aname="input_access_tags"></a> [access\_tags](#input\_access\_tags)| A list of access tags to apply to the MySQL instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details |`list(string)`|`[]`| no |
117
117
| <aname="input_admin_pass"></a> [admin\_pass](#input\_admin\_pass)| The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. |`string`|`null`| no |
118
-
| <a name="input_auto_scaling"></a> [auto\_scaling](#input\_auto\_scaling) | Optional rules to allow the database to increase resources in response to usage. Only a single autoscaling block is allowed. Make sure you understand the effects of autoscaling, especially for production environments. See https://ibm.biz/autoscaling-considerations in the IBM Cloud Docs. | <pre>object({<br/> disk = object({<br/> capacity_enabled = optional(bool, false)<br/> free_space_less_than_percent = optional(number, 10)<br/> io_above_percent = optional(number, 90)<br/> io_enabled = optional(bool, false)<br/> io_over_period = optional(string, "15m")<br/> rate_increase_percent = optional(number, 10)<br/> rate_limit_mb_per_member = optional(number, 3670016)<br/> rate_period_seconds = optional(number, 900)<br/> rate_units = optional(string, "mb")<br/> })<br/> memory = object({<br/> io_above_percent = optional(number, 90)<br/> io_enabled = optional(bool, false)<br/> io_over_period = optional(string, "15m")<br/> rate_increase_percent = optional(number, 10)<br/> rate_limit_mb_per_member = optional(number, 114688)<br/> rate_period_seconds = optional(number, 900)<br/> rate_units = optional(string, "mb")<br/> })<br/> })</pre> | `null` | no |
118
+
| <a name="input_auto_scaling"></a> [auto\_scaling](#input\_auto\_scaling) | Optional rules to allow the database to increase resources in response to usage. Only a single autoscaling block is allowed. Make sure you understand the effects of autoscaling, especially for production environments. See https://cloud.ibm.com/docs/databases-for-mysql?topic=databases-for-mysql-autoscaling-mysql&interface=ui in the IBM Cloud Docs. | <pre>object({<br/> disk = object({<br/> capacity_enabled = optional(bool, false)<br/> free_space_less_than_percent = optional(number, 10)<br/> io_above_percent = optional(number, 90)<br/> io_enabled = optional(bool, false)<br/> io_over_period = optional(string, "15m")<br/> rate_increase_percent = optional(number, 10)<br/> rate_limit_mb_per_member = optional(number, 3670016)<br/> rate_period_seconds = optional(number, 900)<br/> rate_units = optional(string, "mb")<br/> })<br/> memory = object({<br/> io_above_percent = optional(number, 90)<br/> io_enabled = optional(bool, false)<br/> io_over_period = optional(string, "15m")<br/> rate_increase_percent = optional(number, 10)<br/> rate_limit_mb_per_member = optional(number, 114688)<br/> rate_period_seconds = optional(number, 900)<br/> rate_units = optional(string, "mb")<br/> })<br/> })</pre> | `null` | no |
119
119
| <aname="input_backup_crn"></a> [backup\_crn](#input\_backup\_crn)| The CRN of a backup resource to restore from. The backup is created by a database deployment with the same service ID. The backup is loaded after provisioning and the new deployment starts up that uses that data. A backup CRN is in the format crn:v1:<…>:backup:. If omitted, the database is provisioned empty. |`string`|`null`| no |
120
120
| <aname="input_backup_encryption_key_crn"></a> [backup\_encryption\_key\_crn](#input\_backup\_encryption\_key\_crn)| The CRN of a Key Protect or Hyper Protect Crypto Services encryption key that you want to use for encrypting the disk that holds deployment backups. Applies only if `use_ibm_owned_encryption_key` is false and `use_same_kms_key_for_backups` is false. If no value is passed, and `use_same_kms_key_for_backups` is true, the value of `kms_key_crn` is used. Alternatively set `use_default_backup_encryption_key` to true to use the IBM Cloud Databases default encryption. Bare in mind that backups encryption is only available in certain regions. See [Bring your own key for backups](https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect&interface=ui#key-byok) and [Using the HPCS Key for Backup encryption](https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs#use-hpcs-backups). |`string`|`null`| no |
121
121
| <aname="input_cbr_rules"></a> [cbr\_rules](#input\_cbr\_rules)| (Optional, list) List of CBR rules to create | <pre>list(object({<br/> description = string<br/> account_id = string<br/> rule_contexts = list(object({<br/> attributes = optional(list(object({<br/> name = string<br/> value = string<br/> }))) }))<br/> enforcement_mode = string<br/> tags = optional(list(object({<br/> name = string<br/> value = string<br/> })))<br/> }))</pre> |`[]`| no |
@@ -125,7 +125,7 @@ To attach access management tags to resources in this module, you need the follo
125
125
| <aname="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn)| The CRN of a Key Protect or Hyper Protect Crypto Services encryption key to encrypt your data. Applies only if `use_ibm_owned_encryption_key` is false. By default this key is used for both deployment data and backups, but this behaviour can be altered using the `use_same_kms_key_for_backups` and `backup_encryption_key_crn` inputs. Bare in mind that backups encryption is only available in certain regions. See [Bring your own key for backups](https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect&interface=ui#key-byok) and [Using the HPCS Key for Backup encryption](https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs#use-hpcs-backups). |`string`|`null`| no |
126
126
| <aname="input_member_host_flavor"></a> [member\_host\_flavor](#input\_member\_host\_flavor)| Allocated host flavor per member. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/database#host_flavor). |`string`|`null`| no |
127
127
| <aname="input_members"></a> [members](#input\_members)| Allocated number of members. Members can be scaled up but not down. |`number`|`3`| no |
128
-
| <aname="input_memory_mb"></a> [memory\_mb](#input\_memory\_mb)| Allocated memory per-member. [Learn more](https://cloud.ibm.com/docs/databases-for-mysql?topic=databases-for-mysql-resources-scaling)|`number`|`4096`| no |
128
+
| <aname="input_memory_mb"></a> [memory\_mb](#input\_memory\_mb)| Allocated memory permember. [Learn more](https://cloud.ibm.com/docs/databases-for-mysql?topic=databases-for-mysql-resources-scaling)|`number`|`4096`| no |
129
129
| <aname="input_mysql_version"></a> [mysql\_version](#input\_mysql\_version)| Version of the MySQL instance to provision. If no value is passed, the current preferred version of IBM Cloud Databases is used. |`string`|`null`| no |
130
130
| <aname="input_name"></a> [name](#input\_name)| The name given to the MySQL instance. |`string`| n/a | yes |
131
131
| <aname="input_pitr_id"></a> [pitr\_id](#input\_pitr\_id)| (Optional) The ID of the source deployment MySQL instance that you want to recover back to. The MySQL instance is expected to be in an up and in running state. |`string`|`null`| no |
@@ -135,7 +135,7 @@ To attach access management tags to resources in this module, you need the follo
135
135
| <aname="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id)| The resource group ID where the MySQL instance will be created. |`string`| n/a | yes |
136
136
| <aname="input_service_credential_names"></a> [service\_credential\_names](#input\_service\_credential\_names)| Map of name, role for service credentials that you want to create for the database |`map(string)`|`{}`| no |
137
137
| <aname="input_service_endpoints"></a> [service\_endpoints](#input\_service\_endpoints)| Specify whether you want to enable the public, private, or both service endpoints. Supported values are 'public', 'private', or 'public-and-private'. |`string`|`"private"`| no |
138
-
| <aname="input_skip_iam_authorization_policy"></a> [skip\_iam\_authorization\_policy](#input\_skip\_iam\_authorization\_policy)| Set to true to skip the creation of an IAM authorization policy that permits all MySQL database instances in the resource group to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the existing\_kms\_instance\_guid variable. In addition, no policy is created if var.kms\_encryption\_enabled is set to false. |`bool`|`false`| no |
138
+
| <aname="input_skip_iam_authorization_policy"></a> [skip\_iam\_authorization\_policy](#input\_skip\_iam\_authorization\_policy)| Set to true to skip the creation of IAM authorization policies that permits all Databases for MySQL instances in the given resource group 'Reader' access to the Key Protect or Hyper Protect Crypto Services key that was provided in the `kms_key_crn` and `backup_encryption_key_crn` inputs. This policy is required in order to enable KMS encryption, so only skip creation if there is one already present in your account. No policy is created if `use_ibm_owned_encryption_key` is true. |`bool`|`false`| no |
139
139
| <aname="input_tags"></a> [tags](#input\_tags)| Optional list of tags to be added to the MySQL instance. |`list(string)`|`[]`| no |
140
140
| <aname="input_use_default_backup_encryption_key"></a> [use\_default\_backup\_encryption\_key](#input\_use\_default\_backup\_encryption\_key)| When `use_ibm_owned_encryption_key` is set to false, backups will be encrypted with either the key specified in `kms_key_crn`, or in `backup_encryption_key_crn` if a value is passed. If you do not want to use your own key for backups encryption, you can set this to `true` to use the IBM Cloud Databases default encryption for backups. Alternatively set `use_ibm_owned_encryption_key` to true to use the default encryption for both backups and deployment data. |`bool`|`false`| no |
141
141
| <aname="input_use_ibm_owned_encryption_key"></a> [use\_ibm\_owned\_encryption\_key](#input\_use\_ibm\_owned\_encryption\_key)| IBM Cloud Databases will secure your deployment's data at rest automatically with an encryption key that IBM hold. Alternatively, you may select your own Key Management System instance and encryption key (Key Protect or Hyper Protect Crypto Services) by setting this to false. If setting to false, a value must be passed for the `kms_key_crn` input. |`bool`|`true`| no |
# More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml
2
2
version: "v1"
3
3
CRA_TARGETS:
4
-
- CRA_TARGET: "solutions/standard"# Target directory for CRA scan. If not provided, the CRA Scan will not be run.
4
+
- CRA_TARGET: "solutions/fully-configurable"# Target directory for CRA scan. If not provided, the CRA Scan will not be run.
5
5
CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json"# CRA Ignore file to use. If not provided, it checks the repo root directory for `cra-tf-validate-ignore-rules.json`
6
6
PROFILE_ID: "fe96bd4d-9b37-40f2-b39f-a62760e326a3"# SCC profile ID (currently set to 'IBM Cloud Framework for Financial Services' '1.7.0' profile).
7
7
CRA_ENVIRONMENT_VARIABLES: # An optional map of environment variables for CRA, where the key is the variable name and value is the value. Useful for providing TF_VARs.
0 commit comments