Skip to content

refactor: Split Observability DA into 3 DA's #1040

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 58 commits into from
Sep 2, 2025
Merged

refactor: Split Observability DA into 3 DA's #1040

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
5a14cb9
refactor: split observability DA in catalog json
vkuma17 Aug 15, 2025
72a349a
fixed dependencies
vkuma17 Aug 15, 2025
48d75ce
fix
vkuma17 Aug 21, 2025
82fdc5b
updated wrapper version
vkuma17 Aug 21, 2025
8ebe635
addressed review comments
vkuma17 Aug 21, 2025
a9a4113
modified testwrapper version
vkuma17 Aug 21, 2025
c0099a7
fix
vkuma17 Aug 21, 2025
d22d641
corrected mapping for cos
vkuma17 Aug 22, 2025
bea74c2
cloud logs on by default set to false
vkuma17 Aug 22, 2025
371a501
addressed review comments
vkuma17 Aug 22, 2025
d0857c7
skip permutation test
vkuma17 Aug 23, 2025
3561323
addressed review comments
vkuma17 Aug 25, 2025
111f1a5
added notes for iam permission
vkuma17 Aug 25, 2025
ffb6f0f
changed cloud logs to on by default
vkuma17 Aug 25, 2025
32012ec
modified diagram with scc wp
vkuma17 Aug 25, 2025
763235f
adding scc wp dependency
vkuma17 Aug 25, 2025
d958ca7
Update ibm_catalog.json
vkuma17 Aug 25, 2025
4c1ecfb
updated scc wp version
vkuma17 Aug 25, 2025
7ab15c0
Merge branch 'split-obs' of github.com:terraform-ibm-modules/terrafor…
vkuma17 Aug 25, 2025
c5a9f27
modified content
vkuma17 Aug 26, 2025
6803d91
addressed review comments
vkuma17 Aug 26, 2025
b087d1a
spell check
vkuma17 Aug 26, 2025
d4c1d1e
small correction in diagram
vkuma17 Aug 27, 2025
e07dce5
Update pr_test.go
vkuma17 Aug 27, 2025
ecec43b
Update pr_test.go
vkuma17 Aug 27, 2025
facc21f
configured batch settings for dependency permutation tests
vkuma17 Aug 27, 2025
fbc583d
retry config modified for project and catalog api calls
vkuma17 Aug 27, 2025
cf431bd
Update pr_test.go
vkuma17 Aug 27, 2025
4616b6c
changed retry logic
vkuma17 Aug 27, 2025
5b0d2e4
changed testwrapper version
vkuma17 Aug 28, 2025
eafb64c
updated go toolchain version
vkuma17 Aug 28, 2025
a5fe210
Update pr_test.go
vkuma17 Aug 28, 2025
d8a9ce3
Update submodule to latest version
vkuma17 Aug 28, 2025
3b7a62b
fixed precommit issues
vkuma17 Aug 28, 2025
4cf2b33
updated batch config
vkuma17 Aug 28, 2025
0813f9e
updated wrapper version
vkuma17 Aug 28, 2025
1d59c6c
running permutation test in paralle
vkuma17 Aug 29, 2025
c7ace61
Update pr_test.go
vkuma17 Aug 29, 2025
4d9bbc8
newer version of wrapper
vkuma17 Aug 29, 2025
3dd66ec
Merge branch 'split-obs' of github.com:terraform-ibm-modules/terrafor…
vkuma17 Aug 29, 2025
e40c4e0
batch config changed
vkuma17 Aug 30, 2025
7459857
Merge branch 'split-obs' of github.com:terraform-ibm-modules/terrafor…
vkuma17 Aug 30, 2025
acbd14e
batch config
vkuma17 Aug 31, 2025
a00320b
Update pr_test.go
vkuma17 Aug 31, 2025
ec8d20f
newer version of wrapper
vkuma17 Sep 1, 2025
7073b64
addressed review comment
vkuma17 Sep 1, 2025
74ac3ac
addressed review comment
vkuma17 Sep 1, 2025
31b45f2
Update ibmcloud-terratest-wrapper to v1.60.3
daniel-butler-irl Sep 1, 2025
5a16cef
modified diagram as per da rally
vkuma17 Sep 1, 2025
30c58be
Merge branch 'split-obs' of github.com:terraform-ibm-modules/terrafor…
vkuma17 Sep 1, 2025
4324e22
modified diagram
vkuma17 Sep 1, 2025
c802db9
modified diagram
vkuma17 Sep 1, 2025
10989b2
Update pr_test.go
vkuma17 Sep 1, 2025
3a63067
Update ibm_catalog.json
maheshwarishikha Sep 2, 2025
bf5a8d9
Update ibm_catalog.json
maheshwarishikha Sep 2, 2025
2607d6c
Update ibm_catalog.json
maheshwarishikha Sep 2, 2025
94c06b1
Update ibm_catalog.json
maheshwarishikha Sep 2, 2025
828ce15
Update ibm_catalog.json
maheshwarishikha Sep 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
129 changes: 111 additions & 18 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@
},
{
"title": "Optional Integrations",
"description": "This solution can be integrated with [Cloud automation for Observability](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-observability-a3137d28-79e0-479d-8a24-758ebd5a0eab-global) that supports configuring resources for logging, monitoring and activity tracker event routing."
"description": "This solution can be integrated with [Cloud automation for Cloud Monitoring](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-cloud-monitoring-73debdbf-894f-4c14-81c7-5ece3a70b67d-global) for monitoring, [Cloud automation for Cloud Logs](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-cloud-logs-63d8ae58-fbf3-41ce-b844-0fb5b85882ab-global) for collecting platform logs and [Cloud automation for Activity Tracker Event Routing](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-activity-tracker-918453c3-4f97-4583-8c4a-83ef12fc7916-global) to capture auditing events generated by VPC instance."
}
],
"support_details": "This product is in the community registry, support is handled through the [original repo](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc). If you experience issues, please open an issue in the repository [here](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/issues). Please note this product is not supported via the IBM Cloud Support Center.",
Expand Down Expand Up @@ -106,7 +106,7 @@
"url": "https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/main/reference-architecture/deployable-architecture-vpc.svg",
"type": "image/svg+xml"
},
"description": "This architecture supports provisioning and configuring a <b>Virtual Private Cloud (VPC)</b> environment. While the diagram illustrates a three-zone deployment, the VPC can also be provisioned in a single-zone or two-zone configuration, depending on your availability requirements.<br><br>The default configuration deploys a VPC with three zone subnets, configures the predefined ACLs, and attaches a public gateway with one of the subnets. Additional functionalities such as VPN gateway, VPE gateway, Flow Logs, security groups, etc., can be configured by providing the appropriate input values.<br><br>VPC Flow Logs are used to monitor and analyze traffic. To enable VPC Flow Logs, this solution automatically manages the following tasks:<br>- Provisions a Cloud Object Storage (COS) instance using the COS deployable architecture. Alternatively, you can provide an existing COS instance if available.<br>- Creates an object storage bucket to store flow logs in the provisioned or existing COS instance.<br>- Supports creation of keys for a Key Management Service (KMS) if a KMS-encrypted bucket is enabled for enhanced security. You can use an existing KMS instance or create a new Key Protect instance using the KMS deployable architecture.<br><br>In addition, you have an option to integrate with <b>Observability services</b>. [Cloud automation for Observability](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-observability-a3137d28-79e0-479d-8a24-758ebd5a0eab-global) provides robust monitoring and logging capabilities to deliver deep operational insights into your VPC deployment. You can use <b>IBM Cloud Activity Tracker Event Routing</b> to monitor how users and applications interact with the VPC, supporting compliance and auditability. <b>Cloud Logs</b> can be enabled to collect, view, and analyze platform logs related to the VPC components. Furthermore, <b>IBM Cloud Monitoring</b> captures essential metrics such as CPU and memory utilization, helping you proactively monitor system performance and resource consumption.<br><br>This modular design provides flexibility and serves as a secure baseline for deploying compute workloads."
"description": "This architecture supports provisioning and configuring a <b>Virtual Private Cloud (VPC)</b> environment. While the diagram illustrates a three-zone deployment, the VPC can also be provisioned in a single-zone or two-zone configuration, depending on your availability requirements.<br><br>The default configuration deploys a VPC with three zone subnets, configures the predefined ACLs, and attaches a public gateway with one of the subnets. Additional functionalities such as VPN gateway, VPE gateway, Flow Logs, security groups, etc., can be configured by providing the appropriate input values.<br><br>VPC Flow Logs are used to monitor and analyze traffic. To enable VPC Flow Logs, this solution automatically manages the following tasks:<br>- Provisions a Cloud Object Storage (COS) instance using the COS deployable architecture. Alternatively, you can provide an existing COS instance if available.<br>- Creates an object storage bucket to store flow logs in the provisioned or existing COS instance.<br>- Supports creation of keys for a Key Management Service (KMS) if a KMS-encrypted bucket is enabled for enhanced security. You can use an existing KMS instance or create a new Key Protect instance using the KMS deployable architecture.<br><br>In addition, you have an option to integrate with <b>Observability services</b> such as [Cloud automation for Cloud Monitoring](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-cloud-monitoring-73debdbf-894f-4c14-81c7-5ece3a70b67d-global) which provides robust monitoring capabilities and captures essential metrics such as CPU and memory utilization, helping you proactively monitor system performance and resource consumption, [Cloud automation for Activity Tracker Event Routing](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-activity-tracker-918453c3-4f97-4583-8c4a-83ef12fc7916-global) to monitor how users and applications interact with the VPC, supporting compliance and auditability, [Cloud automation for Cloud Logs](https://cloud.ibm.com/catalog/7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3/architecture/deploy-arch-ibm-cloud-logs-63d8ae58-fbf3-41ce-b844-0fb5b85882ab-global) can be enabled to collect, view, and analyze platform logs related to the VPC components."
}
]
},
Expand All @@ -122,8 +122,15 @@
"role_crns": [
"crn:v1:bluemix:public:iam::::role:Administrator"
],
"service_name": "iam-identity",
"notes": "[Optional] Required if Cloud automation for account configuration is enabled."
"service_name": "All Account Management services",
"notes": "Administrator access is required to create and delete resource groups."
},
{
"role_crns": [
"crn:v1:bluemix:public:iam::::role:Administrator"
],
"service_name": "All Identity and Access enabled services",
"notes": "[Optional] Required if context-based restrictions are created during account configuration."
},
{
"role_crns": [
Expand Down Expand Up @@ -154,15 +161,23 @@
"crn:v1:bluemix:public:iam::::role:Editor"
],
"service_name": "sysdig-monitor",
"notes": "[Optional] Required for consuming Observability deployable architecture which sets up Cloud monitoring."
"notes": "[Optional] Required to create an instance of Cloud Monitoring."
},
{
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"service_name": "logs",
"notes": "[Optional] Required for consuming Observability deployable architecture which sets up Cloud logs."
"notes": "[Optional] Required to create an instance of Cloud Logs."
},
{
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Writer",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"service_name": "atracker",
"notes": "[Optional] Required to set up activity tracker event routing of auditing events."
}
],
"configuration": [
Expand Down Expand Up @@ -558,7 +573,7 @@
],
"optional": true,
"on_by_default": true,
"version": "v5.1.4"
"version": "v5.1.19"
},
{
"name": "deploy-arch-ibm-cos",
Expand All @@ -570,7 +585,7 @@
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"input_mapping": [
{
"dependency_input": "resource_group_name",
"dependency_input": "existing_resource_group_name",
"version_input": "existing_resource_group_name",
"reference_version": true
},
Expand All @@ -590,38 +605,116 @@
],
"optional": true,
"on_by_default": true,
"version": "v9.0.2"
"version": "v10.2.1"
},
{
"name": "deploy-arch-ibm-observability",
"description": "Configure IBM Cloud Logs, Cloud Monitoring and Activity Tracker event routing for analysing logs and metrics generated by the VPC instance.",
"id": "a3137d28-79e0-479d-8a24-758ebd5a0eab-global",
"version": "v3.0.3",
"name": "deploy-arch-ibm-cloud-logs",
"description": "Configure IBM Cloud Logs instance to analyse the platform logs.",
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"flavors": [
"instances"
"fully-configurable"
],
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"id": "63d8ae58-fbf3-41ce-b844-0fb5b85882ab-global",
"version": "v1.6.11",
"optional": true,
"on_by_default": true,
"on_by_default": false,
"input_mapping": [
{
"dependency_input": "prefix",
"version_input": "prefix",
"reference_version": true
},
{
"dependency_input": "existing_cos_instance_crn",
"version_input": "existing_cos_instance_crn",
"reference_version": true
},
{
"dependency_input": "existing_kms_instance_crn",
"version_input": "existing_kms_instance_crn",
"reference_version": true
},
{
"dependency_input": "region",
"version_input": "region",
"reference_version": true
},
{
"dependency_input": "logs_routing_tenant_regions",
"version_input": "logs_routing_tenant_regions",
"reference_version": true
}
]
},
{
"name": "deploy-arch-ibm-cloud-monitoring",
"description": "Configure IBM Cloud Monitoring to collect the platform metrics.",
"id": "73debdbf-894f-4c14-81c7-5ece3a70b67d-global",
"version": "v1.6.4",
"flavors": [
"fully-configurable"
],
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"optional": true,
"on_by_default": true,
"input_mapping": [
{
"dependency_input": "enable_platform_metrics",
"version_input": "enable_platform_metrics",
"reference_version": true
},
{
"dependency_input": "logs_routing_tenant_regions",
"version_input": "logs_routing_tenant_regions",
"dependency_input": "prefix",
"version_input": "prefix",
"reference_version": true
},
{
"dependency_input": "region",
"version_input": "region",
"reference_version": true
},
{
"dependency_input": "existing_cos_instance_crn",
"version_input": "existing_cos_instance_crn",
"reference_version": true
},
{
"dependency_input": "existing_kms_instance_crn",
"version_input": "existing_kms_instance_crn",
"reference_version": true
}
]
},
{
"name": "deploy-arch-ibm-activity-tracker",
"description": "Configure Activity Tracker Event Routing to route the auditing events.",
"id": "918453c3-4f97-4583-8c4a-83ef12fc7916-global",
"version": "v1.2.12",
"flavors": [
"fully-configurable"
],
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"optional": true,
"on_by_default": true,
"input_mapping": [
{
"dependency_input": "prefix",
"version_input": "prefix",
"reference_version": true
},
{
"dependency_input": "region",
"version_input": "region",
"reference_version": true
},
{
"dependency_input": "existing_cos_instance_crn",
"version_input": "existing_cos_instance_crn",
"reference_version": true
},
{
"dependency_input": "existing_kms_instance_crn",
"version_input": "existing_kms_instance_crn",
"reference_version": true
}
]
Expand Down
20 changes: 10 additions & 10 deletions tests/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ toolchain go1.24.5
require (
github.com/gruntwork-io/terratest v0.50.0
github.com/stretchr/testify v1.10.0
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.58.5
github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.59.0
)

require (
Expand Down Expand Up @@ -38,7 +38,7 @@ require (
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-openapi/analysis v0.23.0 // indirect
github.com/go-openapi/errors v0.22.1 // indirect
github.com/go-openapi/errors v0.22.2 // indirect
github.com/go-openapi/jsonpointer v0.21.1 // indirect
github.com/go-openapi/jsonreference v0.21.0 // indirect
github.com/go-openapi/loads v0.22.0 // indirect
Expand All @@ -61,7 +61,7 @@ require (
github.com/hashicorp/go-safetemp v1.0.0 // indirect
github.com/hashicorp/go-version v1.7.0 // indirect
github.com/hashicorp/hcl/v2 v2.22.0 // indirect
github.com/hashicorp/terraform-json v0.25.0 // indirect
github.com/hashicorp/terraform-json v0.26.0 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
github.com/jinzhu/copier v0.4.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
Expand All @@ -84,19 +84,19 @@ require (
github.com/tmccombs/hcl2json v0.6.4 // indirect
github.com/ulikunitz/xz v0.5.11 // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/zclconf/go-cty v1.16.2 // indirect
github.com/zclconf/go-cty v1.16.3 // indirect
go.mongodb.org/mongo-driver v1.17.3 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/otel v1.35.0 // indirect
go.opentelemetry.io/otel/metric v1.35.0 // indirect
go.opentelemetry.io/otel/trace v1.35.0 // indirect
golang.org/x/crypto v0.40.0 // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.41.0 // indirect
golang.org/x/crypto v0.41.0 // indirect
golang.org/x/mod v0.26.0 // indirect
golang.org/x/net v0.42.0 // indirect
golang.org/x/sync v0.16.0 // indirect
golang.org/x/sys v0.34.0 // indirect
golang.org/x/text v0.27.0 // indirect
golang.org/x/tools v0.34.0 // indirect
golang.org/x/sys v0.35.0 // indirect
golang.org/x/text v0.28.0 // indirect
golang.org/x/tools v0.35.0 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
Expand Down
Loading