Full chain of deploy added

examples/basic/provider.tf

@@ -1,8 +1,5 @@
-########################################################################################################################
-# Provider config
-########################################################################################################################
-
 provider "ibm" {
   ibmcloud_api_key = var.ibmcloud_api_key
   region           = var.region
 }
+

examples/complete/README.md

@@ -0,0 +1,43 @@
+# Complete Example: SCC-WP with App Config and Trusted Profiles
+
+This example demonstrates the full deployment of:
+
+- IBM Cloud App Configuration
+- IBM Cloud Security and Compliance Center Workload Protection (SCC-WP)
+- IAM Trusted Profile Template with 3 Trusted Profiles
+- Template assignment to account groups
+- Configuration Aggregator to link SCC-WP with App Config
+
+---
+
+## Flow Overview
+
+1. Create or reuse a resource group  
+   A resource group is created.
+
+2. Deploy App Config  
+   App Config is deployed along with a collection for organizing features and properties.
+
+3. Deploy SCC Workload Protection  
+   SCC-WP is deployed with the `graduated-tier` plan (customizable via variable).
+
+4. Create a Trusted Profile Template with 3 profiles
+   - App Config - Enterprise  
+     For IAM template management across the enterprise.
+   - App Config - General  
+     For reading platform and IAM services.
+   - SCC-WP Profile  
+     For integrating SCC-WP with App Config and enterprise usage.
+
+5. Assign the template to account groups  
+
+6. Create SCC-WP Config Aggregator  
+   The aggregator connects SCC-WP to App Config and uses the enterprise trusted profile and template ID to enforce secure access.
+
+---
+
+## Usage
+
+terraform init
+terraform apply
+

examples/complete/main.tf

@@ -0,0 +1,71 @@
+provider "ibm" {
+  region           = var.region
+  ibmcloud_api_key = var.ibmcloud_api_key
+}
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.1.6"
+
+  resource_group_name         = var.resource_group == null ? "${var.prefix}-rg" : null
+  existing_resource_group_name = var.resource_group
+}
+
+data "ibm_iam_account_settings" "iam_account_settings" {}
+
+module "scc_wp" {
+  source  = "terraform-ibm-modules/scc-workload-protection/ibm"
+  version = "1.0.0"
+
+  name                 = var.prefix
+  region               = var.region
+  scc_wp_service_plan  = "graduated-tier"
+  resource_group_id    = module.resource_group.resource_group_id
+  resource_tags        = var.resource_tags
+  access_tags          = var.access_tags
+}
+
+module "app_config" {
+  source  = "terraform-ibm-modules/app-configuration/ibm"
+  version = "1.0.0"
+
+  region            = var.region
+  resource_group_id = module.resource_group.resource_group_id
+  app_config_name   = "${var.prefix}-app-config"
+  app_config_tags   = var.resource_tags
+
+  app_config_collections = [
+    {
+      name          = "${var.prefix}-collection"
+      collection_id = "${var.prefix}-collection"
+      description   = "Collection for ${var.prefix}"
+    }
+  ]
+}
+
+module "trusted_profiles" {
+  source  = "terraform-ibm-modules/trusted-profile-enterprise/ibm"
+  version = "1.0.0"
+
+  region                  = var.region
+  app_config_crn          = module.app_config.app_config_crn
+  scc_wp_crn              = module.scc_wp.wp_instance_crn
+  ibmcloud_api_key        = var.ibmcloud_api_key
+  onboard_account_groups  = var.onboard_account_groups
+  account_group_ids       = var.account_group_ids
+}
+
+module "scc_wp_config_aggregator" {
+  source  = "terraform-ibm-modules/scc-wp-config-aggregator/ibm"
+  version = "1.0.0"
+
+  app_config_instance_guid        = module.app_config.app_config_guid
+  region                          = var.region
+  enterprise_id                   = var.enterprise_id
+  template_id                     = module.trusted_profiles.trusted_profile_template_id
+  enterprise_trusted_profile_id   = module.trusted_profiles.trusted_profile_app_config_enterprise.profile_id
+  general_trusted_profile_id      = module.trusted_profiles.trusted_profile_app_config_general.profile_id
+
+  depends_on = [module.trusted_profiles]
+}
+

examples/complete/main.tfOLD

@@ -0,0 +1,64 @@
+provider "ibm" {
+  region           = var.region
+  ibmcloud_api_key = var.ibmcloud_api_key
+}
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.1.6"
+  resource_group_name = var.resource_group == null ? "${var.prefix}-rg" : null
+  existing_resource_group_name = var.resource_group
+}
+
+data "ibm_iam_account_settings" "iam_account_settings" {}
+
+module "scc_wp" {
+  source            = "../.."
+  name              = var.prefix
+  region            = var.region
+  scc_wp_service_plan  = "graduated-tier"
+  resource_group_id = module.resource_group.resource_group_id
+  resource_tags     = var.resource_tags
+  access_tags       = var.access_tags
+}
+
+module "app_config" {
+  source            = "../../../terraform-ibm-app-configuration"
+  region            = var.region
+  resource_group_id = module.resource_group.resource_group_id
+  app_config_name   = "${var.prefix}-app-config"
+  app_config_tags   = var.resource_tags
+
+  app_config_collections = [
+    {
+      name          = "${var.prefix}-collection"
+      collection_id = "${var.prefix}-collection"
+      description   = "Collection for ${var.prefix}"
+    }
+  ]
+}
+
+module "trusted_profiles" {
+  source              = "../../../terraform-ibm-trusted-profile/examples/enterprise"
+  region              = var.region
+  app_config_crn      = module.app_config.app_config_crn
+  scc_wp_crn          = module.scc_wp.wp_instance_crn
+  ibmcloud_api_key    = var.ibmcloud_api_key
+  onboard_account_groups   = var.onboard_account_groups
+  account_group_ids        = var.account_group_ids
+}
+
+
+
+module "scc_wp_config_aggregator" {
+  source = "../../../terraform-ibm-app-configuration/modules/scc_wp_config_aggregator"
+
+  app_config_instance_guid        = module.app_config.app_config_guid
+  region                          = var.region
+  enterprise_id                   = var.enterprise_id
+  template_id                     = module.trusted_profiles.trusted_profile_template_id
+  enterprise_trusted_profile_id  = module.trusted_profiles.trusted_profile_app_config_enterprise.profile_id
+  general_trusted_profile_id     = module.trusted_profiles.trusted_profile_app_config_general.profile_id
+  depends_on = [module.trusted_profiles]
+}
+

examples/complete/outputs.tf

@@ -0,0 +1,23 @@
+output "scc_wp_crn" {
+  description = "CRN of the SCC Workload Protection instance"
+  value       = module.scc_wp.wp_instance_crn
+}
+output "scc_wp_config_aggregator_id" {
+  value = module.scc_wp_config_aggregator.scc_wp_config_aggregator_id
+}
+output "trusted_profile_template_id" {
+  value = module.trusted_profiles.trusted_profile_template_id
+}
+
+output "trusted_profile_enterprise_id" {
+  value = module.trusted_profiles.trusted_profile_app_config_enterprise.profile_id
+}
+
+output "app_config_guid" {
+  value = module.app_config.app_config_guid
+}
+
+output "app_config_crn" {
+  value = module.app_config.app_config_crn
+}
+

examples/complete/variables.tf

@@ -0,0 +1,55 @@
+
+variable "region" {
+  type = string
+}
+
+variable "prefix" {
+  type = string
+}
+
+
+variable "onboard_account_groups" {
+  type        = bool
+  default     = true
+  description = "Whether to onboard all account groups to the template."
+}
+
+variable "account_group_ids" {
+  type        = list(string)
+  default     = [] # ✅ ← IMPORTANT : éviter les prompts inutiles
+  description = "Liste des ID de groupes de comptes à assigner au modèle. Utilisé uniquement si onboard_account_groups est false."
+}
+
+
+variable "resource_group" {
+  type    = string
+  default = null
+}
+
+variable "resource_tags" {
+  type = list(string)
+  default = []
+}
+
+variable "access_tags" {
+  type = list(string)
+  default = []
+}
+
+variable "enterprise_id" {
+  type        = string
+  description = "Enterprise ID for App Configuration aggregator"
+}
+
+variable "template_id" {
+  description = "The ID of the trusted profile template (optional if created later)"
+  type        = string
+  default     = null
+}
+
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "IBM Cloud API key"
+  sensitive   = true
+}
+

examples/complete/version.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_version = ">= 1.3.0"
+
+  required_providers {
+    ibm = {
+      source  = "ibm-cloud/ibm"
+      version = ">= 1.65.0, < 2.0.0"
+    }
+  }
+}
+

outputs.tf

@@ -1,6 +1,9 @@
 ########################################################################################################################
 # Outputs
 ########################################################################################################################
+output "wp_instance_crn" {
+  value = ibm_resource_instance.scc_wp.crn
+}
 
 output "name" {
   description = "Name of created SCC WP instance."

variables.tf

@@ -26,7 +26,7 @@ variable "name" {
 variable "scc_wp_service_plan" {
   description = "IBM service pricing plan."
   type        = string
-  default     = "free-trial"
+  default     = "graduated-tier"
   validation {
     error_message = "Plan for SCC Workload Protection instances can only be `free-trial` or `graduated-tier`."
     condition = contains(