fix: renamed existing_kms_crn to existing_kms_instance_crn<br>* removed kms_region as its now programatically detected<br>* renamed existing_resource_group to use_existing_resource_group (#28)

Author: iamar7

cra-config.yaml

@@ -6,4 +6,4 @@ CRA_TARGETS:
     PROFILE_ID: "bfacb71d-4b84-41ac-9825-e8a3a3eb7405" # SCC profile ID (currently set to IBM Cloud Framework for Financial Services 1.6.0 profile).
     CRA_ENVIRONMENT_VARIABLES:
         TF_VAR_resource_group_name: "test"
-        TF_VAR_existing_kms_crn: "XXXX:hs-crypto:XXXXXXX:XXXXX:XXXXX"
+        TF_VAR_existing_kms_instance_crn: "XXXX:hs-crypto:XXXXXXX:XXXXX:XXXXX"

ibm_catalog.json

@@ -58,6 +58,51 @@
                     }
                 ]
             },
+            "configuration" : [
+              {
+                "key": "existing_cos_kms_key_crn",
+                "required": true
+              },
+              {
+                "key": "region",
+                "required": true,
+                "default_value": "",
+                "options": [
+                  {
+                    "displayname": "Dallas (us-south)",
+                    "value": "us-south"
+                  },
+                  {
+                    "displayname": "Frankfurt (eu-de)",
+                    "value": "eu-de"
+                  },
+                  {
+                    "displayname": "London (eu-gb)",
+                    "value": "eu-gb"
+                  },
+                  {
+                    "displayname": "Madrid (eu-es)",
+                    "value": "eu-es"
+                  },
+                  {
+                    "displayname": "Osaka (jp-osa)",
+                    "value": "jp-osa"
+                  },
+                  {
+                    "displayname": "Sydney (au-syd)",
+                    "value": "au-syd"
+                  },
+                  {
+                    "displayname": "Tokyo (jp-tok)",
+                    "value": "jp-tok"
+                  },
+                  {
+                    "displayname": "Washington (us-east)",
+                    "value": "us-east"
+                  }
+                ]
+              }
+            ],
             "architecture": {
               "descriptions": "This architecture supports deployment of Log Analysis and Cloud Monitoring instances on IBM Cloud and Activity Tracker event routing to a COS bucket target.",
               "features": [

solutions/instances/catalogValidationValues.json.template

@@ -1,6 +1,5 @@
 {
   "ibmcloud_api_key": $VALIDATION_APIKEY,
   "resource_group_name": $PREFIX,
-  "existing_kms_crn": $HPCS_US_SOUTH_CRN,
-  "kms_region": "us-south"
+  "existing_kms_instance_crn": $HPCS_US_SOUTH_CRN
 }

solutions/instances/main.tf

@@ -3,10 +3,11 @@
 #######################################################################################################################
 
 locals {
-  archive_api_key = var.log_archive_api_key == null ? var.ibmcloud_api_key : var.log_archive_api_key
+  archive_api_key    = var.log_archive_api_key == null ? var.ibmcloud_api_key : var.log_archive_api_key
+  default_cos_region = var.cos_region != null ? var.cos_region : var.region
 
   cos_instance_crn            = var.existing_cos_instance_crn != null ? var.existing_cos_instance_crn : module.cos_instance[0].cos_instance_crn
-  existing_kms_guid           = var.existing_kms_crn != null ? element(split(":", var.existing_kms_crn), length(split(":", var.existing_kms_crn)) - 3) : length(local.bucket_config_map) == 2 ? null : tobool("The CRN of the existing KMS is not provided.")
+  existing_kms_guid           = var.existing_kms_instance_crn != null ? element(split(":", var.existing_kms_instance_crn), length(split(":", var.existing_kms_instance_crn)) - 3) : length(local.bucket_config_map) == 2 ? null : tobool("The CRN of the existing KMS is not provided.")
   cos_instance_guid           = var.existing_cos_instance_crn == null ? module.cos_instance[0].cos_instance_guid : element(split(":", var.existing_cos_instance_crn), length(split(":", var.existing_cos_instance_crn)) - 3)
   archive_cos_bucket_name     = var.existing_log_archive_cos_bucket_name != null ? var.existing_log_archive_cos_bucket_name : module.cos_bucket[0].buckets[var.log_archive_cos_bucket_name].bucket_name
   archive_cos_bucket_endpoint = var.existing_log_archive_cos_bucket_endpoint != null ? var.existing_log_archive_cos_bucket_endpoint : module.cos_bucket[0].buckets[var.log_archive_cos_bucket_name].s3_endpoint_private
@@ -44,11 +45,13 @@ locals {
     days   = 366
   } : null
 
-  kms_service = var.existing_kms_crn != null ? (
-    can(regex(".*kms.*", var.existing_kms_crn)) ? "kms" : (
-      can(regex(".*hs-crypto.*", var.existing_kms_crn)) ? "hs-crypto" : null
+  kms_service = var.existing_kms_instance_crn != null ? (
+    can(regex(".*kms.*", var.existing_kms_instance_crn)) ? "kms" : (
+      can(regex(".*hs-crypto.*", var.existing_kms_instance_crn)) ? "hs-crypto" : null
     )
   ) : null
+
+  kms_region = (length(local.bucket_config_map) != 0) ? (var.existing_cos_kms_key_crn == null ? element(split(":", var.existing_kms_instance_crn), length(split(":", var.existing_kms_instance_crn)) - 5) : null) : null
 }
 
 #######################################################################################################################
@@ -58,8 +61,8 @@ locals {
 module "resource_group" {
   source                       = "terraform-ibm-modules/resource-group/ibm"
   version                      = "1.1.5"
-  resource_group_name          = var.existing_resource_group == false ? var.resource_group_name : null
-  existing_resource_group_name = var.existing_resource_group == true ? var.resource_group_name : null
+  resource_group_name          = var.use_existing_resource_group == false ? var.resource_group_name : null
+  existing_resource_group_name = var.use_existing_resource_group == true ? var.resource_group_name : null
 }
 
 #######################################################################################################################
@@ -100,7 +103,7 @@ module "observability_instance" {
       bucket_name                       = local.cos_target_bucket_name
       endpoint                          = local.cos_target_bucket_endpoint
       instance_id                       = local.cos_instance_crn
-      target_region                     = var.cos_region
+      target_region                     = local.default_cos_region
       target_name                       = "cos-target"
       skip_atracker_cos_iam_auth_policy = false
       service_to_service_enabled        = true
@@ -131,7 +134,7 @@ module "kms" {
   source                      = "terraform-ibm-modules/kms-all-inclusive/ibm"
   version                     = "4.8.5"
   create_key_protect_instance = false
-  region                      = var.kms_region
+  region                      = local.kms_region
   existing_kms_instance_guid  = local.existing_kms_guid
   key_ring_endpoint_type      = var.kms_endpoint_type
   key_endpoint_type           = var.kms_endpoint_type
@@ -215,7 +218,7 @@ module "cos_bucket" {
       management_endpoint_type      = var.management_endpoint_type_for_bucket
       storage_class                 = value.class
       resource_instance_id          = local.cos_instance_crn
-      region_location               = var.cos_region
+      region_location               = local.default_cos_region
       force_delete                  = true
       archive_rule                  = local.archive_rule
       expire_rule                   = local.expire_rule

solutions/instances/provider.tf

@@ -26,11 +26,11 @@ provider "logdna" {
 provider "ibm" {
   alias            = "cos"
   ibmcloud_api_key = var.ibmcloud_api_key
-  region           = var.cos_region
+  region           = local.default_cos_region
 }
 
 provider "ibm" {
   alias            = "kms"
   ibmcloud_api_key = var.ibmcloud_api_key
-  region           = var.kms_region
+  region           = local.kms_region
 }

solutions/instances/variables.tf

@@ -8,7 +8,7 @@ variable "ibmcloud_api_key" {
   sensitive   = true
 }
 
-variable "existing_resource_group" {
+variable "use_existing_resource_group" {
   type        = bool
   description = "Whether to use an existing resource group."
   default     = false
@@ -23,6 +23,11 @@ variable "region" {
   description = "Region where observability resources will be created"
   type        = string
   default     = "us-south"
+
+  validation {
+    condition     = contains(["us-south", "us-east", "jp-osa", "jp-tok", "eu-de", "eu-es", "eu-gb", "au-syd"], var.region)
+    error_message = "The specified region is not a valid selection!"
+  }
 }
 
 ##############################################################################
@@ -124,8 +129,8 @@ variable "add_bucket_name_suffix" {
 
 variable "cos_region" {
   type        = string
-  default     = "us-south"
-  description = "The Cloud Object Storage region."
+  default     = null
+  description = "The Cloud Object Storage region. If no value is provided, it defaults to the value specified in the 'region' input variable."
 }
 
 variable "cos_instance_name" {
@@ -245,16 +250,10 @@ variable "management_endpoint_type_for_bucket" {
 # KMS variables
 ########################################################################################################################
 
-variable "kms_region" {
-  type        = string
-  default     = "us-south"
-  description = "The region in which KMS instance exists."
-}
-
-variable "existing_kms_crn" {
+variable "existing_kms_instance_crn" {
   type        = string
   default     = null
-  description = "The CRN of the KMS instance used for the COS bucket root Key. Only required if not supplying an existing KMS root key and if 'skip_cos_kms_auth_policy' is true."
+  description = "The CRN of the KMS instance used for the COS bucket root Key. Only required if not supplying an existing KMS root key. Not required if existing bucket details are passed as an input."
 }
 
 variable "existing_cos_kms_key_crn" {

tests/pr_test.go

@@ -30,9 +30,12 @@ const agentsKubeconfigDir = "solutions/agents/kubeconfig"
 
 // Current supported regions for Observability instances
 var validRegions = []string{
+	"au-syd",
 	"eu-de",
 	"eu-es",
 	"eu-gb",
+	"jp-osa",
+	"jp-tok",
 	"us-south",
 	"us-east",
 }
@@ -76,8 +79,7 @@ func TestInstancesInSchematics(t *testing.T) {
 	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
 		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
 		{Name: "resource_group_name", Value: options.Prefix, DataType: "string"},
-		{Name: "existing_kms_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"},
-		{Name: "kms_region", Value: "us-south", DataType: "string"}, // KMS instance is in us-south
+		{Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"},
 		{Name: "cos_region", Value: region, DataType: "string"},
 		{Name: "cos_instance_tags", Value: options.Tags, DataType: "list(string)"},
 		{Name: "log_analysis_tags", Value: options.Tags, DataType: "list(string)"},
@@ -104,9 +106,8 @@ func TestRunUpgradeSolutionInstances(t *testing.T) {
 	options.TerraformVars = map[string]interface{}{
 		"resource_group_name":                 options.Prefix,
 		"cos_instance_access_tags":            permanentResources["accessTags"],
-		"existing_kms_crn":                    permanentResources["hpcs_south_crn"],
+		"existing_kms_instance_crn":           permanentResources["hpcs_south_crn"],
 		"kms_endpoint_type":                   "public",
-		"kms_region":                          "us-south",
 		"management_endpoint_type_for_bucket": "public",
 		"log_analysis_service_endpoints":      "public-and-private",
 		"cloud_monitoring_service_endpoints":  "public",