terraform-ibm-modules · ocofaigh · Jun 11, 2025 · May 19, 2025 · May 19, 2025 · May 19, 2025
@@ -103,16 +103,16 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_access_key"></a> [access\_key](#input\_access\_key) | Access key used by the IBM Cloud Monitoring agent to communicate with the instance | `string` | n/a | yes |
-| <a name="input_access_key_secret_name"></a> [access\_key\_secret\_name](#input\_access\_key\_secret\_name) | The name of a Kubernetes or OpenShift Secret that contains the Sysdig agent access key under the key `access-key`.<br/><br/>This variable allows you to reference an existing secret in your cluster, rather than providing the access key directly in your Terraform configuration. This is recommended for improved security and to avoid exposing sensitive credentials in your Terraform state files.<br/><br/>- If set to a non-null value, the agent will use the access key from the specified secret.<br/>- If set to `null` (the default), the value from the `access_key` variable will be used instead.<br/><br/>Example usage:<br/>  - Set to `"sysdig-agent-access"` if you have a secret named `sysdig-agent-access` in your target namespace.<br/>  - The secret must contain a data entry named `access-key`. | `string` | `null` | no |
+| <a name="input_access_key_secret_name"></a> [access\_key\_secret\_name](#input\_access\_key\_secret\_name) | The name of a Kubernetes or OpenShift Secret that contains the Sysdig agent access key under the key `access-key`. This variable allows you to reference an existing secret in your cluster, rather than providing the access key directly in your Terraform configuration. This is recommended for improved security and to avoid exposing sensitive credentials in your Terraform state files. | `string` | `null` | no |
 | <a name="input_add_cluster_name"></a> [add\_cluster\_name](#input\_add\_cluster\_name) | If true, configure the cloud monitoring agent to attach a tag containing the cluster name to all metric data. This tag is added in the format `ibm-containers-kubernetes-cluster-name: cluster_name`. | `bool` | `true` | no |
 | <a name="input_agent_image_repository"></a> [agent\_image\_repository](#input\_agent\_image\_repository) | The image repository to pull the Cloud Monitoring agent image from. | `string` | `"agent-slim"` | no |
 | <a name="input_agent_image_tag_digest"></a> [agent\_image\_tag\_digest](#input\_agent\_image\_tag\_digest) | The image tag digest to use for the Cloud Monitoring agent. | `string` | `"13.9.2@sha256:0dcdb6d70bab60dae4bf5f70c338f2feb9daeba514f1b8ad513ed24724c2a04d"` | no |
 | <a name="input_agent_limits_cpu"></a> [agent\_limits\_cpu](#input\_agent\_limits\_cpu) | Specifies the CPU limit for the agent. | `string` | `"1"` | no |
 | <a name="input_agent_limits_memory"></a> [agent\_limits\_memory](#input\_agent\_limits\_memory) | Specifies the memory limit for the agent. | `string` | `"1024Mi"` | no |
 | <a name="input_agent_requests_cpu"></a> [agent\_requests\_cpu](#input\_agent\_requests\_cpu) | Specifies the CPU requested to run in a node for the agent. | `string` | `"1"` | no |
 | <a name="input_agent_requests_memory"></a> [agent\_requests\_memory](#input\_agent\_requests\_memory) | Specifies the memory requested to run in a node for the agent. | `string` | `"1024Mi"` | no |
-| <a name="input_agent_tags"></a> [agent\_tags](#input\_agent\_tags) | Map of tags to associate to all metrics that the agent collects. NOTE: Use the `add_cluster_name` boolean variable to add the cluster name as a tag. | `map(string)` | `{}` | no |
-| <a name="input_blacklisted_ports"></a> [blacklisted\_ports](#input\_blacklisted\_ports) | To blacklist ports, include the ports you wish to block network traffic and metrics from network ports. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_block_ports). | `list(number)` | `[]` | no |
+| <a name="input_agent_tags"></a> [agent\_tags](#input\_agent\_tags) | Map of tags to associate to all metrics that the agent collects. NOTE: Use the `add_cluster_name` boolean variable to add the cluster name as a tag, e.g `{'ibm-containers-kubernetes-cluster-name': 'cluster_name'}.` | `map(string)` | `{}` | no |
+| <a name="input_blacklisted_ports"></a> [blacklisted\_ports](#input\_blacklisted\_ports) | To block network traffic and metrics from network ports, pass the list of ports from which you want to filter out any data. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_block_ports). | `list(number)` | `[]` | no |
 | <a name="input_chart"></a> [chart](#input\_chart) | The name of the Helm chart to deploy. | `string` | `"sysdig-deploy"` | no |
 | <a name="input_chart_location"></a> [chart\_location](#input\_chart\_location) | The location of the Cloud Monitoring agent helm chart. | `string` | `"https://charts.sysdig.com"` | no |
 | <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | The version of the Cloud Monitoring agent helm chart to deploy. | `string` | `"1.84.3"` | no |

@@ -58,18 +58,7 @@ variable "access_key" {
 
 variable "access_key_secret_name" {
   type        = string
-  description = <<-EOT
-    The name of a Kubernetes or OpenShift Secret that contains the Sysdig agent access key under the key `access-key`.
-
-    This variable allows you to reference an existing secret in your cluster, rather than providing the access key directly in your Terraform configuration. This is recommended for improved security and to avoid exposing sensitive credentials in your Terraform state files.
-
-    - If set to a non-null value, the agent will use the access key from the specified secret.
-    - If set to `null` (the default), the value from the `access_key` variable will be used instead.
-
-    Example usage:
-      - Set to `"sysdig-agent-access"` if you have a secret named `sysdig-agent-access` in your target namespace.
-      - The secret must contain a data entry named `access-key`.
-  EOT
+  description = "The name of a Kubernetes or OpenShift Secret that contains the Sysdig agent access key under the key `access-key`. This variable allows you to reference an existing secret in your cluster, rather than providing the access key directly in your Terraform configuration. This is recommended for improved security and to avoid exposing sensitive credentials in your Terraform state files."
   default     = null
   nullable    = true
 }
@@ -88,7 +77,7 @@ variable "cloud_monitoring_instance_endpoint_type" {
 
 variable "blacklisted_ports" {
   type        = list(number)
-  description = "To blacklist ports, include the ports you wish to block network traffic and metrics from network ports. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_block_ports)."
+  description = "To block network traffic and metrics from network ports, pass the list of ports from which you want to filter out any data. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_block_ports)."
   default     = []
 }
 
@@ -102,7 +91,7 @@ variable "metrics_filter" {
 }
 
 variable "agent_tags" {
-  description = "Map of tags to associate to all metrics that the agent collects. NOTE: Use the `add_cluster_name` boolean variable to add the cluster name as a tag."
+  description = "Map of tags to associate to all metrics that the agent collects. NOTE: Use the `add_cluster_name` boolean variable to add the cluster name as a tag, e.g `{'ibm-containers-kubernetes-cluster-name': 'cluster_name'}."
   type        = map(string)
   default     = {}
 }

@@ -66,18 +66,7 @@ variable "access_key" {
 
 variable "access_key_secret_name" {
   type        = string
-  description = <<-EOT
-    The name of a Kubernetes or OpenShift Secret that contains the Sysdig agent access key under the key `access-key`.
-
-    This variable allows you to reference an existing secret in your cluster, rather than providing the access key directly in your Terraform configuration. This is recommended for improved security and to avoid exposing sensitive credentials in your Terraform state files.
-
-    - If set to a non-null value, the agent will use the access key from the specified secret.
-    - If set to `null` (the default), the value from the `access_key` variable will be used instead.
-
-    Example usage:
-      - Set to `"sysdig-agent-access"` if you have a secret named `sysdig-agent-access` in your target namespace.
-      - The secret must contain a data entry named `access-key`.
-  EOT
+  description = "The name of a Kubernetes or OpenShift Secret that contains the Sysdig agent access key under the key `access-key`. This variable allows you to reference an existing secret in your cluster, rather than providing the access key directly in your Terraform configuration. This is recommended for improved security and to avoid exposing sensitive credentials in your Terraform state files."
   default     = null
   nullable    = true
 }
@@ -100,7 +89,7 @@ variable "cloud_monitoring_instance_endpoint_type" {
 
 variable "blacklisted_ports" {
   type        = list(number)
-  description = "To blacklist ports, include the ports you wish to block network traffic and metrics from network ports. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_block_ports)."
+  description = "To block network traffic and metrics from network ports, pass the list of ports from which you want to filter out any data. [Learn more](https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_block_ports)."
   default     = []
 }
 
@@ -128,7 +117,7 @@ variable "container_filter" {
 }
 
 variable "agent_tags" {
-  description = "Map of tags to associate to all metrics that the agent collects. NOTE: Use the `add_cluster_name` boolean variable to add the cluster name as a tag."
+  description = "Map of tags to associate to all metrics that the agent collects. NOTE: Use the `add_cluster_name` boolean variable to add the cluster name as a tag, e.g `{'ibm-containers-kubernetes-cluster-name': 'cluster_name'}."
   type        = map(string)
   default     = {}
 }