terraform-ibm-modules · mukulpalit-ibm · Nov 13, 2025
@@ -94,12 +94,12 @@ No modules.
 | <a name="input_cert_ttl"></a> [cert\_ttl](#input\_cert\_ttl) | Optional, Time-to-live (TTL) to assign to a private certificate | `string` | `"364d"` | no |
 | <a name="input_cert_uri_sans"></a> [cert\_uri\_sans](#input\_cert\_uri\_sans) | Optional, URI Subject Alternative Names (SANs) to define for the CA certificate, in a comma-delimited list | `string` | `null` | no |
 | <a name="input_cert_version_custom_metadata"></a> [cert\_version\_custom\_metadata](#input\_cert\_version\_custom\_metadata) | Optional, Custom version metadata for the certificate to be created | `map(string)` | `{}` | no |
+| <a name="input_endpoint_type"></a> [endpoint\_type](#input\_endpoint\_type) | The endpoint type to communicate with the provided secrets manager instance. Possible values are `public` or `private` | `string` | `"public"` | no |
 | <a name="input_exclude_cn_from_sans"></a> [exclude\_cn\_from\_sans](#input\_exclude\_cn\_from\_sans) | Optional, Controls whether the common name is excluded from Subject Alternative Names (SANs). If set to true, the common name is not included in DNS or Email SANs if they apply | `bool` | `false` | no |
 | <a name="input_private_key_format"></a> [private\_key\_format](#input\_private\_key\_format) | Optional, Format of the generated private key | `string` | `"der"` | no |
 | <a name="input_return_format"></a> [return\_format](#input\_return\_format) | Optional, Format of the returned data | `string` | `"pem"` | no |
 | <a name="input_secrets_manager_guid"></a> [secrets\_manager\_guid](#input\_secrets\_manager\_guid) | Secrets Manager GUID | `string` | n/a | yes |
 | <a name="input_secrets_manager_region"></a> [secrets\_manager\_region](#input\_secrets\_manager\_region) | Region the Secrets Manager instance is in | `string` | n/a | yes |
-| <a name="input_service_endpoints"></a> [service\_endpoints](#input\_service\_endpoints) | Service endpoint type to communicate with the provided secrets manager instance. Possible values are `public` or `private` | `string` | `"public"` | no |
 
 ### Outputs
 

@@ -57,5 +57,5 @@ module "secrets_manager_private_certificate" {
   cert_common_name       = "terraform-modules.ibm.com"
   secrets_manager_guid   = local.sm_guid
   secrets_manager_region = local.sm_region
-  service_endpoints      = "private"
+  endpoint_type          = "private"
 }
@@ -177,7 +177,7 @@
               "description": "The pricing plan to use when provisioning a Secrets Manager instance. Possible values: `standard`, `trial`. You can create only one Trial instance of Secrets Manager per account. Before you can create a new Trial instance, you must delete the existing Trial instance and its reclamation. [Learn more](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-create-instance&interface=ui#upgrade-instance-standard)."
             },
             {
-              "key": "service_endpoints",
+              "key": "endpoint_type",
               "options": [
                 {
                   "displayname": "private",

@@ -18,7 +18,7 @@ resource "ibm_sm_private_certificate" "secrets_manager_private_certificate" {
   format                  = var.return_format
   private_key_format      = var.private_key_format
   exclude_cn_from_sans    = var.exclude_cn_from_sans
-  endpoint_type           = var.service_endpoints
+  endpoint_type           = var.endpoint_type
 
   rotation {
     auto_rotate = var.cert_rotation.auto_rotate

@@ -19,7 +19,7 @@ module "secret_group" {
   secrets_manager_guid     = local.existing_secrets_manager_guid
   secret_group_name        = local.cert_secret_group_name
   secret_group_description = "Secret group for storing private certificate"
-  endpoint_type            = var.service_endpoints
+  endpoint_type            = var.endpoint_type
 }
 
 module "secrets_manager_private_cert" {
@@ -46,5 +46,5 @@ module "secrets_manager_private_cert" {
   return_format                = var.return_format
   private_key_format           = var.private_key_format
   exclude_cn_from_sans         = var.exclude_cn_from_sans
-  service_endpoints            = var.service_endpoints
+  endpoint_type                = var.endpoint_type
 }
@@ -277,12 +277,12 @@ variable "exclude_cn_from_sans" {
   default     = false
 }
 
-variable "service_endpoints" {
+variable "endpoint_type" {
   type        = string
-  description = "Service endpoint type to communicate with the provided secrets manager instance. Possible values are `public` or `private`."
+  description = "The endpoint type to communicate with the provided secrets manager instance. Possible values are `public` or `private`."
   default     = "private"
   validation {
-    condition     = contains(["public", "private"], var.service_endpoints)
-    error_message = "The specified service_endpoints is not a valid selection!"
+    condition     = contains(["public", "private"], var.endpoint_type)
+    error_message = "The specified endpoint_type is not a valid selection!"
   }
 }
@@ -250,12 +250,12 @@ variable "secrets_manager_region" {
   description = "Region the Secrets Manager instance is in"
 }
 
-variable "service_endpoints" {
+variable "endpoint_type" {
   type        = string
-  description = "Service endpoint type to communicate with the provided secrets manager instance. Possible values are `public` or `private`"
+  description = "The endpoint type to communicate with the provided secrets manager instance. Possible values are `public` or `private`"
   default     = "public"
   validation {
-    condition     = contains(["public", "private"], var.service_endpoints)
-    error_message = "The specified service_endpoints is not a valid selection!"
+    condition     = contains(["public", "private"], var.endpoint_type)
+    error_message = "The specified endpoint_type is not a valid selection!"
   }
 }