Skip to content

Commit 735b566

Browse files
maheshwarishikhamaheshwarishikha
authored
fix: update variable to align with acl changes (#517)
1 parent fd01dff commit 735b566

File tree

7 files changed

+20
-12
lines changed

7 files changed

+20
-12
lines changed

dynamic_values.tf

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,8 +57,10 @@ module "unit_tests" {
5757
network_cidr = "1.2.3.4/5"
5858
network_acls = [
5959
{
60-
name = "acl"
61-
add_cluster_rules = true
60+
name = "acl"
61+
add_ibm_cloud_internal_rules = true
62+
add_vpc_connectivity_rules = true
63+
prepend_ibm_rules = true
6264
rules = [
6365
{
6466
name = "test-rule"

dynamic_values/network_acls.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,9 @@ locals {
99
rules = flatten([
1010
[
1111
# These rules cannot be added in a conditional operator due to inconsistant typing
12-
# This will add all cluster rules if the acl object contains add_cluster rules
12+
# This will add all cluster_rules if the acl object contains prepend_ibm_rules as true
1313
for rule in local.cluster_rules :
14-
rule if network_acl.add_cluster_rules == true
14+
rule if network_acl.prepend_ibm_rules == true
1515
],
1616
network_acl.rules
1717
])

dynamic_values/variables.tf

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -123,8 +123,10 @@ variable "network_acls" {
123123
description = "direct reference to network acls"
124124
type = list(
125125
object({
126-
name = string
127-
add_cluster_rules = optional(bool)
126+
name = string
127+
add_ibm_cloud_internal_rules = optional(bool)
128+
add_vpc_connectivity_rules = optional(bool)
129+
prepend_ibm_rules = optional(bool)
128130
rules = list(
129131
object({
130132
name = string

landing-zone-submodule/management-vpc/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ No resources.
3737
| <a name="input_enable_vpc_flow_logs"></a> [enable\_vpc\_flow\_logs](#input\_enable\_vpc\_flow\_logs) | Enable VPC Flow Logs, it will create Flow logs collector if set to true | `bool` | `false` | no |
3838
| <a name="input_existing_cos_bucket_name"></a> [existing\_cos\_bucket\_name](#input\_existing\_cos\_bucket\_name) | Name of the COS bucket to collect VPC flow logs | `string` | `null` | no |
3939
| <a name="input_existing_cos_instance_guid"></a> [existing\_cos\_instance\_guid](#input\_existing\_cos\_instance\_guid) | GUID of the COS instance to create Flow log collector | `string` | `null` | no |
40-
| <a name="input_network_acls"></a> [network\_acls](#input\_network\_acls) | List of network ACLs to create with VPC | <pre>list(<br> object({<br> name = string<br> add_cluster_rules = optional(bool)<br> rules = list(<br> object({<br> name = string<br> action = string<br> destination = string<br> direction = string<br> source = string<br> tcp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> udp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> icmp = optional(<br> object({<br> type = optional(number)<br> code = optional(number)<br> })<br> )<br> })<br> )<br> })<br> )</pre> | <pre>[<br> {<br> "add_ibm_cloud_internal_rules": true,<br> "add_vpc_connectivity_rules": true,<br> "name": "management-acl",<br> "prepend_ibm_rules": true,<br> "rules": []<br> }<br>]</pre> | no |
40+
| <a name="input_network_acls"></a> [network\_acls](#input\_network\_acls) | List of network ACLs to create with VPC | <pre>list(<br> object({<br> name = string<br> add_ibm_cloud_internal_rules = optional(bool)<br> add_vpc_connectivity_rules = optional(bool)<br> prepend_ibm_rules = optional(bool)<br> rules = list(<br> object({<br> name = string<br> action = string<br> destination = string<br> direction = string<br> source = string<br> tcp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> udp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> icmp = optional(<br> object({<br> type = optional(number)<br> code = optional(number)<br> })<br> )<br> })<br> )<br> })<br> )</pre> | <pre>[<br> {<br> "add_ibm_cloud_internal_rules": true,<br> "add_vpc_connectivity_rules": true,<br> "name": "management-acl",<br> "prepend_ibm_rules": true,<br> "rules": []<br> }<br>]</pre> | no |
4141
| <a name="input_network_cidr"></a> [network\_cidr](#input\_network\_cidr) | Network CIDR for the VPC. This is used to manage network ACL rules for cluster provisioning. | `string` | `"10.0.0.0/8"` | no |
4242
| <a name="input_prefix"></a> [prefix](#input\_prefix) | The prefix that you would like to append to your resources | `string` | `"management"` | no |
4343
| <a name="input_region"></a> [region](#input\_region) | The region to which to deploy the VPC | `string` | `"au-syd"` | no |

landing-zone-submodule/management-vpc/variables.tf

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -102,8 +102,10 @@ variable "network_acls" {
102102
description = "List of network ACLs to create with VPC"
103103
type = list(
104104
object({
105-
name = string
106-
add_cluster_rules = optional(bool)
105+
name = string
106+
add_ibm_cloud_internal_rules = optional(bool)
107+
add_vpc_connectivity_rules = optional(bool)
108+
prepend_ibm_rules = optional(bool)
107109
rules = list(
108110
object({
109111
name = string

landing-zone-submodule/workload-vpc/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ No resources.
3838
| <a name="input_enable_vpc_flow_logs"></a> [enable\_vpc\_flow\_logs](#input\_enable\_vpc\_flow\_logs) | Enable VPC Flow Logs, it will create Flow logs collector if set to true | `bool` | `false` | no |
3939
| <a name="input_existing_cos_bucket_name"></a> [existing\_cos\_bucket\_name](#input\_existing\_cos\_bucket\_name) | Name of the COS bucket to collect VPC flow logs | `string` | `null` | no |
4040
| <a name="input_existing_cos_instance_guid"></a> [existing\_cos\_instance\_guid](#input\_existing\_cos\_instance\_guid) | GUID of the COS instance to create Flow log collector | `string` | `null` | no |
41-
| <a name="input_network_acls"></a> [network\_acls](#input\_network\_acls) | List of network ACLs to create with VPC | <pre>list(<br> object({<br> name = string<br> add_cluster_rules = optional(bool)<br> rules = list(<br> object({<br> name = string<br> action = string<br> destination = string<br> direction = string<br> source = string<br> tcp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> udp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> icmp = optional(<br> object({<br> type = optional(number)<br> code = optional(number)<br> })<br> )<br> })<br> )<br> })<br> )</pre> | <pre>[<br> {<br> "add_ibm_cloud_internal_rules": true,<br> "add_vpc_connectivity_rules": true,<br> "name": "workload-acl",<br> "prepend_ibm_rules": true,<br> "rules": []<br> }<br>]</pre> | no |
41+
| <a name="input_network_acls"></a> [network\_acls](#input\_network\_acls) | List of network ACLs to create with VPC | <pre>list(<br> object({<br> name = string<br> add_ibm_cloud_internal_rules = optional(bool)<br> add_vpc_connectivity_rules = optional(bool)<br> prepend_ibm_rules = optional(bool)<br> rules = list(<br> object({<br> name = string<br> action = string<br> destination = string<br> direction = string<br> source = string<br> tcp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> udp = optional(<br> object({<br> port_max = optional(number)<br> port_min = optional(number)<br> source_port_max = optional(number)<br> source_port_min = optional(number)<br> })<br> )<br> icmp = optional(<br> object({<br> type = optional(number)<br> code = optional(number)<br> })<br> )<br> })<br> )<br> })<br> )</pre> | <pre>[<br> {<br> "add_ibm_cloud_internal_rules": true,<br> "add_vpc_connectivity_rules": true,<br> "name": "workload-acl",<br> "prepend_ibm_rules": true,<br> "rules": []<br> }<br>]</pre> | no |
4242
| <a name="input_network_cidr"></a> [network\_cidr](#input\_network\_cidr) | Network CIDR for the VPC. This is used to manage network ACL rules for cluster provisioning. | `string` | `"10.0.0.0/8"` | no |
4343
| <a name="input_prefix"></a> [prefix](#input\_prefix) | The prefix that you would like to append to your resources | `string` | `"workload"` | no |
4444
| <a name="input_region"></a> [region](#input\_region) | The region to which to deploy the VPC | `string` | `"au-syd"` | no |

landing-zone-submodule/workload-vpc/variables.tf

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -102,8 +102,10 @@ variable "network_acls" {
102102
description = "List of network ACLs to create with VPC"
103103
type = list(
104104
object({
105-
name = string
106-
add_cluster_rules = optional(bool)
105+
name = string
106+
add_ibm_cloud_internal_rules = optional(bool)
107+
add_vpc_connectivity_rules = optional(bool)
108+
prepend_ibm_rules = optional(bool)
107109
rules = list(
108110
object({
109111
name = string

0 commit comments

Comments
 (0)