From 7aff83ec5ebea6adfbefda23dee3090791f3c35d Mon Sep 17 00:00:00 2001 From: raagamounica Date: Wed, 19 Nov 2025 13:25:42 +0530 Subject: [PATCH 1/4] chore: updating the description for existing test --- solutions/fully-configurable/variables.tf | 2 +- variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf index 3cde8a6..7337a55 100644 --- a/solutions/fully-configurable/variables.tf +++ b/solutions/fully-configurable/variables.tf @@ -18,7 +18,7 @@ variable "existing_monitoring_crn" { type = string nullable = true default = null - description = "To collect and analyze metrics and security data on hosts using both Monitoring and Workload Protection, pass the CRN of an existing IBM Cloud Monitoring instance to create a connection between instances. Both instances must be in the same region. [Learn more](https://www.ibm.com/products/cloud-monitoring)" + description = "To collect and analyze metrics and security data on hosts using both Monitoring and Workload Protection, pass the CRN of an existing IBM Cloud Monitoring instance to create the connection. Once the connection is created, the Monitoring instance CRN cannot be changed. Learn more](https://www.ibm.com/products/cloud-monitoring)" validation { condition = anytrue([ diff --git a/variables.tf b/variables.tf index 61d05d8..a1a0a52 100644 --- a/variables.tf +++ b/variables.tf @@ -69,7 +69,7 @@ variable "access_tags" { variable "cloud_monitoring_instance_crn" { type = string - description = "To collect and analyze metrics and security data on hosts using both Monitoring and Workload Protection, pass the CRN of an existing IBM Cloud Monitoring instance to create a connection between instances. Both instances must be in the same region." + description = "To collect and analyze metrics and security data on hosts using both Monitoring and Workload Protection, pass the CRN of an existing IBM Cloud Monitoring instance to create the connection. Once the connection is created, the Monitoring instance CRN cannot be changed." default = null validation { From 1ff65146179a566891d0d31050b90d662e5f6411 Mon Sep 17 00:00:00 2001 From: raagamounica Date: Thu, 20 Nov 2025 14:57:31 +0530 Subject: [PATCH 2/4] chore: ignoring parameter cloud_monitoring_connected_instance through lifecycle block --- main.tf | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 032f93c..d96eb86 100644 --- a/main.tf +++ b/main.tf @@ -20,7 +20,12 @@ resource "ibm_resource_instance" "scc_wp" { location = var.region tags = var.resource_tags parameters = { - cloud_monitoring_connected_instance : var.cloud_monitoring_instance_crn + cloud_monitoring_connected_instance = var.cloud_monitoring_instance_crn + } + lifecycle { + ignore_changes = [ + parameters["cloud_monitoring_connected_instance"] + ] } } From 9ab14de74c0120e2be2062775e24c15e3306e72f Mon Sep 17 00:00:00 2001 From: raagamounica Date: Thu, 20 Nov 2025 19:38:31 +0530 Subject: [PATCH 3/4] fix: update Readme.md file --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 47bd716..73ddd27 100644 --- a/README.md +++ b/README.md @@ -17,9 +17,9 @@ A module for provisioning an [IBM Cloud Security and Compliance Center Workload * [Submodules](./modules) * [account_check](./modules/account_check) * [Examples](./examples) - *
Advanced example
Deploy to IBM Cloud button
- *
Basic example
Deploy to IBM Cloud button
- *
Enterprise example with CSPM enabled
Deploy to IBM Cloud button
+ * [Advanced example](./examples/advanced) + * [Basic example](./examples/basic) + * [Enterprise example with CSPM enabled](./examples/enterprise) * [Contributing](#contributing) @@ -137,7 +137,7 @@ statement instead the previous block. | [access\_tags](#input\_access\_tags) | A list of access tags to apply to the SCC WP instance created by the module. For more information, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial. | `list(string)` | `[]` | no | | [app\_config\_crn](#input\_app\_config\_crn) | The CRN of an existing App Config instance to use with the SCC Workload Protection instance. Required if `cspm_enabled` is true. NOTE: Ensure the App Config instance has configuration aggregator enabled. | `string` | `null` | no | | [cbr\_rules](#input\_cbr\_rules) | The context-based restrictions rule to create. Only one rule is allowed. | 
list(object({
    description = string
    account_id  = string
    tags = optional(list(object({
      name  = string
      value = string
    })), [])
    rule_contexts = list(object({
      attributes = optional(list(object({
        name  = string
        value = string
    }))) }))
    enforcement_mode = string
  }))
| `[]` | no | -| [cloud\_monitoring\_instance\_crn](#input\_cloud\_monitoring\_instance\_crn) | To collect and analyze metrics and security data on hosts using both Monitoring and Workload Protection, pass the CRN of an existing IBM Cloud Monitoring instance to create a connection between instances. Both instances must be in the same region. | `string` | `null` | no | +| [cloud\_monitoring\_instance\_crn](#input\_cloud\_monitoring\_instance\_crn) | To collect and analyze metrics and security data on hosts using both Monitoring and Workload Protection, pass the CRN of an existing IBM Cloud Monitoring instance to create the connection. Once the connection is created, the Monitoring instance CRN cannot be changed. | `string` | `null` | no | | [cspm\_enabled](#input\_cspm\_enabled) | Enable Cloud Security Posture Management (CSPM) for the Workload Protection instance. This will create a trusted profile associated with the SCC Workload Protection instance that has viewer / reader access to the App Config service and viewer access to the Enterprise service. [Learn more](https://cloud.ibm.com/docs/workload-protection?topic=workload-protection-about). | `bool` | `true` | no | | [name](#input\_name) | The name to give the SCC Workload Protection instance that will be provisioned by this module. | `string` | n/a | yes | | [region](#input\_region) | IBM Cloud region where all resources will be deployed | `string` | `"us-south"` | no | From 841a47b04428be5aefea246d43eb6ffbd9263ad5 Mon Sep 17 00:00:00 2001 From: raagamounica Date: Thu, 20 Nov 2025 19:40:11 +0530 Subject: [PATCH 4/4] fix: update Readme.md file --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 73ddd27..b4a66fd 100644 --- a/README.md +++ b/README.md @@ -17,9 +17,9 @@ A module for provisioning an [IBM Cloud Security and Compliance Center Workload * [Submodules](./modules) * [account_check](./modules/account_check) * [Examples](./examples) - * [Advanced example](./examples/advanced) - * [Basic example](./examples/basic) - * [Enterprise example with CSPM enabled](./examples/enterprise) + *
Advanced example
Deploy to IBM Cloud button
+ *
Basic example
Deploy to IBM Cloud button
+ *
Enterprise example with CSPM enabled
Deploy to IBM Cloud button
* [Contributing](#contributing)