From af3f8f1b53922153c9d08610ad8dad94de6fa1fa Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Thu, 29 Aug 2024 12:01:00 -0400
Subject: [PATCH 1/5] feat: added new example

---
 .secrets.baseline                        |  2 +-
 README.md                                |  1 +
 catalogValidationValues.json.template    |  1 -
 examples/specific-zone-only/README.md    |  8 +++++
 examples/specific-zone-only/main.tf      | 40 ++++++++++++++++++++++++
 examples/specific-zone-only/outputs.tf   | 13 ++++++++
 examples/specific-zone-only/provider.tf  |  4 +++
 examples/specific-zone-only/variables.tf | 35 +++++++++++++++++++++
 examples/specific-zone-only/version.tf   | 10 ++++++
 9 files changed, 112 insertions(+), 2 deletions(-)
 delete mode 100644 catalogValidationValues.json.template
 create mode 100644 examples/specific-zone-only/README.md
 create mode 100644 examples/specific-zone-only/main.tf
 create mode 100644 examples/specific-zone-only/outputs.tf
 create mode 100644 examples/specific-zone-only/provider.tf
 create mode 100644 examples/specific-zone-only/variables.tf
 create mode 100644 examples/specific-zone-only/version.tf

diff --git a/.secrets.baseline b/.secrets.baseline
index 8244938c..539f1f71 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-12-19T10:03:18Z",
+  "generated_at": "2024-08-29T15:52:09Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
diff --git a/README.md b/README.md
index badeb234..77289a06 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,7 @@ This module creates the following IBM Cloud&reg; Virtual Private Cloud (VPC) net
     * [Hub and Spoke VPC with manual DNS resolver Example](./examples/hub-spoke-manual-resolver)
     * [Landing Zone example](./examples/landing_zone)
     * [No Prefix Example](./examples/no-prefix)
+    * [Specific Zone Only Example](./examples/specific-zone-only)
 * [Contributing](#contributing)
 <!-- END OVERVIEW HOOK -->
 
diff --git a/catalogValidationValues.json.template b/catalogValidationValues.json.template
deleted file mode 100644
index f89a1d5b..00000000
--- a/catalogValidationValues.json.template
+++ /dev/null
@@ -1 +0,0 @@
-{"ibmcloud_api_key": $VALIDATION_APIKEY, "resource_group": $RG_NAME, "resource_tags": $TAGS, "prefix": $PREFIX}
diff --git a/examples/specific-zone-only/README.md b/examples/specific-zone-only/README.md
new file mode 100644
index 00000000..99a05f35
--- /dev/null
+++ b/examples/specific-zone-only/README.md
@@ -0,0 +1,8 @@
+# Specific Zone Only Example
+
+A simple example to provision a Secure Landing Zone (SLZ) Virtual Private Cloud (VPC) in a specific zone other than Zone 1. Also, shows how to use public gateways with a specific zone. In this example Zone 2 is used.
+
+The following resources are provisioned by this example:
+
+* A new resource group, if an existing one is not passed in.
+* An IBM Virtual Private Cloud (VPC) with a publicly exposed subnet.
diff --git a/examples/specific-zone-only/main.tf b/examples/specific-zone-only/main.tf
new file mode 100644
index 00000000..af7b57cb
--- /dev/null
+++ b/examples/specific-zone-only/main.tf
@@ -0,0 +1,40 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.1.5"
+  # if an existing resource group is not set (null) create a new one using prefix
+  resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
+  existing_resource_group_name = var.resource_group
+}
+
+#############################################################################
+# Provision VPC
+#############################################################################
+
+module "slz_vpc" {
+  source            = "../../"
+  resource_group_id = module.resource_group.resource_group_id
+  region            = var.region
+  name              = var.name
+  prefix            = var.prefix
+  tags              = var.resource_tags
+  subnets = {
+    zone-1 = []
+    zone-2 = [
+      {
+        name           = "subnet-a"
+        cidr           = "10.10.10.0/24"
+        public_gateway = true
+        acl_name       = "vpc-acl"
+      }
+    ]
+  }
+  use_public_gateways = {
+    zone-1 = false
+    zone-2 = true
+    zone-3 = false
+  }
+}
diff --git a/examples/specific-zone-only/outputs.tf b/examples/specific-zone-only/outputs.tf
new file mode 100644
index 00000000..5bd99a5c
--- /dev/null
+++ b/examples/specific-zone-only/outputs.tf
@@ -0,0 +1,13 @@
+##############################################################################
+# Outputs
+##############################################################################
+
+output "vpc_id" {
+  value       = module.slz_vpc.vpc_id
+  description = "VPC id"
+}
+
+output "vpc_crn" {
+  value       = module.slz_vpc.vpc_crn
+  description = "VPC crn"
+}
diff --git a/examples/specific-zone-only/provider.tf b/examples/specific-zone-only/provider.tf
new file mode 100644
index 00000000..df45ef50
--- /dev/null
+++ b/examples/specific-zone-only/provider.tf
@@ -0,0 +1,4 @@
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = var.region
+}
diff --git a/examples/specific-zone-only/variables.tf b/examples/specific-zone-only/variables.tf
new file mode 100644
index 00000000..30cff2bf
--- /dev/null
+++ b/examples/specific-zone-only/variables.tf
@@ -0,0 +1,35 @@
+variable "ibmcloud_api_key" {
+  description = "APIkey that's associated with the account to provision resources to"
+  type        = string
+  sensitive   = true
+}
+
+variable "region" {
+  description = "The region to which to deploy the VPC"
+  type        = string
+  default     = "us-south"
+}
+
+variable "prefix" {
+  description = "The prefix that you would like to append to your resources"
+  type        = string
+  default     = "basic-slz-vpc"
+}
+
+variable "name" {
+  description = "The name of the vpc"
+  type        = string
+  default     = "vpc"
+}
+
+variable "resource_group" {
+  type        = string
+  description = "An existing resource group name to use for this example, if unset a new resource group will be created"
+  default     = null
+}
+
+variable "resource_tags" {
+  description = "List of Tags for the resource created"
+  type        = list(string)
+  default     = null
+}
diff --git a/examples/specific-zone-only/version.tf b/examples/specific-zone-only/version.tf
new file mode 100644
index 00000000..eefd78de
--- /dev/null
+++ b/examples/specific-zone-only/version.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.3.0, <1.7.0"
+  required_providers {
+    # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
+    ibm = {
+      source  = "IBM-Cloud/ibm"
+      version = "1.59.0"
+    }
+  }
+}

From 91fbdffa5c5ed47d0a547f98cee8c592a69943fc Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Wed, 11 Sep 2024 13:14:22 -0400
Subject: [PATCH 2/5] test: add new test'

---
 examples/specific-zone-only/main.tf    | 22 ++++++++++++++++++++++
 examples/specific-zone-only/outputs.tf | 20 ++++++++++++++++++++
 tests/other_test.go                    | 15 +++++++++++++++
 tests/pr_test.go                       |  1 +
 4 files changed, 58 insertions(+)

diff --git a/examples/specific-zone-only/main.tf b/examples/specific-zone-only/main.tf
index af7b57cb..3734fe44 100644
--- a/examples/specific-zone-only/main.tf
+++ b/examples/specific-zone-only/main.tf
@@ -37,4 +37,26 @@ module "slz_vpc" {
     zone-2 = true
     zone-3 = false
   }
+  network_acls = [{
+    name                         = "my-acl"
+    add_ibm_cloud_internal_rules = false
+    add_vpc_connectivity_rules   = false
+    prepend_ibm_rules            = false
+    rules = [{
+      name        = "inbound"
+      action      = "allow"
+      source      = "0.0.0.0/0"
+      destination = "0.0.0.0/0"
+      direction   = "inbound"
+      },
+      {
+        name        = "outbound"
+        action      = "allow"
+        source      = "0.0.0.0/0"
+        destination = "0.0.0.0/0"
+        direction   = "outbound"
+      }
+    ]
+    }
+  ]
 }
diff --git a/examples/specific-zone-only/outputs.tf b/examples/specific-zone-only/outputs.tf
index 5bd99a5c..6a40638b 100644
--- a/examples/specific-zone-only/outputs.tf
+++ b/examples/specific-zone-only/outputs.tf
@@ -11,3 +11,23 @@ output "vpc_crn" {
   value       = module.slz_vpc.vpc_crn
   description = "VPC crn"
 }
+
+output "network_acls" {
+  value       = module.slz_vpc.network_acls
+  description = "VPC network ACLs"
+}
+
+output "public_gateways" {
+  value       = module.slz_vpc.public_gateways
+  description = "VPC public gateways"
+}
+
+output "subnet_zone_list" {
+  value       = module.slz_vpc.subnet_zone_list
+  description = "VPC subnet zone list"
+}
+
+output "subnet_detail_map" {
+  value       = module.slz_vpc.subnet_detail_map
+  description = "VPC subnet detail map"
+}
diff --git a/tests/other_test.go b/tests/other_test.go
index 5458ec6d..914b090b 100644
--- a/tests/other_test.go
+++ b/tests/other_test.go
@@ -38,3 +38,18 @@ func TestRunHubAndSpokeDelegatedExample(t *testing.T) {
 	assert.Nil(t, err, "This should not have errored")
 	assert.NotNil(t, output, "Expected some output")
 }
+
+func TestRunSpecificZoneExample(t *testing.T) {
+	t.Parallel()
+
+	options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
+		Testing:       t,
+		TerraformDir:  specificZoneExampleTerraformDir,
+		Prefix:        "spec-zone-slz",
+		ResourceGroup: resourceGroup,
+	})
+
+	output, err := options.RunTestConsistency()
+	assert.Nil(t, err, "This should not have errored")
+	assert.NotNil(t, output, "Expected some output")
+}
diff --git a/tests/pr_test.go b/tests/pr_test.go
index 7e6843b8..c9771e61 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -23,6 +23,7 @@ const defaultExampleTerraformDir = "examples/default"
 const landingZoneExampleTerraformDir = "examples/landing_zone"
 const hubAndSpokeDelegatedExampleTerraformDir = "examples/hub-spoke-delegated-resolver"
 const existingVPCExampleTerraformDir = "examples/existing_vpc"
+const specificZoneExampleTerraformDir = "examples/specific-zone-only"
 const resourceGroup = "geretain-test-resources"
 
 // Define a struct with fields that match the structure of the YAML data

From 5fb09106973cf8ee51fab130ce2aea15a874fdc5 Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Wed, 11 Sep 2024 14:27:34 -0400
Subject: [PATCH 3/5] docs: readme update

---
 examples/specific-zone-only/README.md | 2 +-
 examples/specific-zone-only/main.tf   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/examples/specific-zone-only/README.md b/examples/specific-zone-only/README.md
index 99a05f35..1da76489 100644
--- a/examples/specific-zone-only/README.md
+++ b/examples/specific-zone-only/README.md
@@ -1,6 +1,6 @@
 # Specific Zone Only Example
 
-A simple example to provision a Secure Landing Zone (SLZ) Virtual Private Cloud (VPC) in a specific zone other than Zone 1. Also, shows how to use public gateways with a specific zone. In this example Zone 2 is used.
+A simple example to provision a Secure Landing Zone (SLZ) Virtual Private Cloud (VPC) in a specific zone other than Zone 1. Also, shows how to use public gateways with a specific zone. In this example Zone 2 is used. A network ACL is specifically defined to allow all internet traffic.
 
 The following resources are provisioned by this example:
 
diff --git a/examples/specific-zone-only/main.tf b/examples/specific-zone-only/main.tf
index 3734fe44..388e2601 100644
--- a/examples/specific-zone-only/main.tf
+++ b/examples/specific-zone-only/main.tf
@@ -28,7 +28,7 @@ module "slz_vpc" {
         name           = "subnet-a"
         cidr           = "10.10.10.0/24"
         public_gateway = true
-        acl_name       = "vpc-acl"
+        acl_name       = "my-acl"
       }
     ]
   }

From f720f554469498a4542a8293e66a9ac7987cd0e4 Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Wed, 2 Oct 2024 15:10:11 -0400
Subject: [PATCH 4/5] chore: version adjusts

---
 examples/specific-zone-only/main.tf    | 2 +-
 examples/specific-zone-only/version.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/examples/specific-zone-only/main.tf b/examples/specific-zone-only/main.tf
index 388e2601..9d1aa425 100644
--- a/examples/specific-zone-only/main.tf
+++ b/examples/specific-zone-only/main.tf
@@ -4,7 +4,7 @@
 
 module "resource_group" {
   source  = "terraform-ibm-modules/resource-group/ibm"
-  version = "1.1.5"
+  version = "1.1.6"
   # if an existing resource group is not set (null) create a new one using prefix
   resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
   existing_resource_group_name = var.resource_group
diff --git a/examples/specific-zone-only/version.tf b/examples/specific-zone-only/version.tf
index eefd78de..fa870dd3 100644
--- a/examples/specific-zone-only/version.tf
+++ b/examples/specific-zone-only/version.tf
@@ -1,5 +1,5 @@
 terraform {
-  required_version = ">= 1.3.0, <1.7.0"
+  required_version = ">= 1.3.0"
   required_providers {
     # Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
     ibm = {

From a42ba9bb03bf356202538cdf7df568ce55eb534e Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Tue, 8 Oct 2024 13:30:19 -0400
Subject: [PATCH 5/5] fix: change example acl name

---
 examples/specific-zone-only/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/examples/specific-zone-only/main.tf b/examples/specific-zone-only/main.tf
index 9d1aa425..c9a91d5a 100644
--- a/examples/specific-zone-only/main.tf
+++ b/examples/specific-zone-only/main.tf
@@ -28,7 +28,7 @@ module "slz_vpc" {
         name           = "subnet-a"
         cidr           = "10.10.10.0/24"
         public_gateway = true
-        acl_name       = "my-acl"
+        acl_name       = "${var.prefix}-acl"
       }
     ]
   }
@@ -38,7 +38,7 @@ module "slz_vpc" {
     zone-3 = false
   }
   network_acls = [{
-    name                         = "my-acl"
+    name                         = "${var.prefix}-acl"
     add_ibm_cloud_internal_rules = false
     add_vpc_connectivity_rules   = false
     prepend_ibm_rules            = false