Skip to content

Commit fef71c3

Browse files
vkuma17vkuma17
authored
feat: updated DA input variable names (#290)
1 parent db0da54 commit fef71c3

File tree

3 files changed

+131
-145
lines changed

3 files changed

+131
-145
lines changed

ibm_catalog.json

Lines changed: 77 additions & 75 deletions
Original file line numberDiff line numberDiff line change
@@ -62,72 +62,48 @@
6262
{
6363
"key": "ibmcloud_api_key"
6464
},
65-
{
66-
"key": "provider_visibility",
67-
"options": [
68-
{
69-
"displayname": "private",
70-
"value": "private"
71-
},
72-
{
73-
"displayname": "public",
74-
"value": "public"
75-
},
76-
{
77-
"displayname": "public-and-private",
78-
"value": "public-and-private"
79-
}
80-
]
81-
},
82-
{
83-
"key": "use_existing_resource_group"
84-
},
85-
{
86-
"key": "resource_group_name",
87-
"required": true
88-
},
8965
{
9066
"key": "region",
9167
"required": true,
9268
"options": [
9369
{
94-
"displayname": "Osaka",
70+
"displayname": "Osaka (jp-osa)",
9571
"value": "jp-osa"
9672
},
9773
{
98-
"displayname": "Sydney",
74+
"displayname": "Sydney (au-syd)",
9975
"value": "au-syd"
10076
},
10177
{
102-
"displayname": "Tokyo",
78+
"displayname": "Tokyo (jp-tok)",
10379
"value": "jp-tok"
10480
},
10581
{
106-
"displayname": "Frankfurt",
82+
"displayname": "Frankfurt (eu-de)",
10783
"value": "eu-de"
10884
},
10985
{
110-
"displayname": "London",
86+
"displayname": "London (eu-gb)",
11187
"value": "eu-gb"
11288
},
11389
{
114-
"displayname": "Mardrid",
90+
"displayname": "Madrid (eu-es)",
11591
"value": "eu-es"
11692
},
11793
{
118-
"displayname": "Dallas",
94+
"displayname": "Dallas (us-south)",
11995
"value": "us-south"
12096
},
12197
{
122-
"displayname": "Toronto",
98+
"displayname": "Toronto (ca-tor)",
12399
"value": "ca-tor"
124100
},
125101
{
126-
"displayname": "Washington DC",
102+
"displayname": "Washington DC (us-east)",
127103
"value": "us-east"
128104
},
129105
{
130-
"displayname": "Sao Paulo",
106+
"displayname": "Sao Paulo (br-sao)",
131107
"value": "br-sao"
132108
}
133109
]
@@ -137,9 +113,51 @@
137113
"required": true,
138114
"description": "Prefix to add to all resources created by this solution. To not use any prefix value, you can enter the string `__NULL__`."
139115
},
116+
{
117+
"key": "use_existing_resource_group",
118+
"required": true
119+
},
120+
{
121+
"key": "resource_group_name",
122+
"required": true
123+
},
124+
{
125+
"key": "existing_kms_instance_crn",
126+
"required": true
127+
},
128+
{
129+
"key": "provider_visibility",
130+
"options": [
131+
{
132+
"displayname": "private",
133+
"value": "private"
134+
},
135+
{
136+
"displayname": "public",
137+
"value": "public"
138+
},
139+
{
140+
"displayname": "public-and-private",
141+
"value": "public-and-private"
142+
}
143+
]
144+
},
140145
{
141146
"key": "secrets_manager_instance_name"
142147
},
148+
{
149+
"key": "existing_secrets_manager_crn"
150+
},
151+
{
152+
"key": "secrets_manager_tags",
153+
"custom_config": {
154+
"grouping": "deployment",
155+
"original_grouping": "deployment",
156+
"config_constraints": {
157+
"type": "string"
158+
}
159+
}
160+
},
143161
{
144162
"key": "service_plan",
145163
"options": [
@@ -153,82 +171,54 @@
153171
}
154172
]
155173
},
156-
{
157-
"key": "secret_manager_tags"
158-
},
159174
{
160175
"key": "iam_engine_enabled"
161176
},
162177
{
163178
"key": "iam_engine_name"
164179
},
165180
{
166-
"key": "public_engine_enabled"
167-
},
168-
{
169-
"key": "public_engine_name"
181+
"key": "public_cert_engine_enabled"
170182
},
171183
{
172-
"key": "cis_id"
184+
"key": "public_cert_engine_internet_services_crn"
173185
},
174186
{
175-
"key": "dns_provider_name"
187+
"key": "public_cert_engine_dns_provider_config_name"
176188
},
177189
{
178-
"key": "ca_name"
190+
"key": "public_cert_engine_lets_encrypt_config_ca_name"
179191
},
180192
{
181193
"key": "acme_letsencrypt_private_key"
182194
},
183195
{
184-
"key": "private_engine_enabled"
196+
"key": "private_cert_engine_enabled"
185197
},
186198
{
187-
"key": "private_engine_name"
199+
"key": "private_cert_engine_config_root_ca_name"
188200
},
189201
{
190-
"key": "root_ca_name"
202+
"key": "private_cert_engine_config_root_ca_common_name"
191203
},
192204
{
193-
"key": "root_ca_common_name"
205+
"key": "private_cert_engine_config_root_ca_max_ttl"
194206
},
195207
{
196-
"key": "root_ca_max_ttl"
208+
"key": "private_cert_engine_config_intermediate_ca_name"
197209
},
198210
{
199-
"key": "intermediate_ca_name"
211+
"key": "private_cert_engine_config_template_name"
200212
},
201213
{
202-
"key": "certificate_template_name"
214+
"key": "existing_secrets_manager_kms_key_crn"
203215
},
204216
{
205217
"key": "skip_kms_iam_authorization_policy"
206218
},
207-
{
208-
"key": "enable_event_notification"
209-
},
210-
{
211-
"key": "existing_secrets_manager_crn"
212-
},
213219
{
214220
"key": "ibmcloud_kms_api_key"
215221
},
216-
{
217-
"key": "sm_en_email_list"
218-
},
219-
{
220-
"key": "sm_en_from_email"
221-
},
222-
{
223-
"key": "sm_en_reply_to_email"
224-
},
225-
{
226-
"key": "existing_secrets_manager_kms_key_crn"
227-
},
228-
{
229-
"key": "existing_kms_instance_crn",
230-
"required": true
231-
},
232222
{
233223
"key": "kms_endpoint_type",
234224
"options": [
@@ -249,10 +239,22 @@
249239
"key": "kms_key_name"
250240
},
251241
{
252-
"key": "existing_event_notification_instance_crn"
242+
"key": "enable_event_notifications"
243+
},
244+
{
245+
"key": "event_notifications_email_list"
246+
},
247+
{
248+
"key": "event_notifications_from_email"
249+
},
250+
{
251+
"key": "event_notifications_reply_to_email"
252+
},
253+
{
254+
"key": "existing_event_notifications_instance_crn"
253255
},
254256
{
255-
"key": "skip_event_notification_iam_authorization_policy"
257+
"key": "skip_event_notifications_iam_authorization_policy"
256258
},
257259
{
258260
"key":"cbr_rules"

solutions/standard/main.tf

Lines changed: 23 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ locals {
55
# tflint-ignore: terraform_unused_declarations
66
validate_resource_group = (var.existing_secrets_manager_crn == null && var.resource_group_name == null) ? tobool("Resource group name can not be null if existing secrets manager CRN is not set.") : true
77
# tflint-ignore: terraform_unused_declarations
8-
validate_event_notifications = (var.existing_event_notification_instance_crn == null && var.enable_event_notification) ? tobool("To enable event notifications, an existing event notifications CRN must be set.") : true
8+
validate_event_notifications = (var.existing_event_notifications_instance_crn == null && var.enable_event_notifications) ? tobool("To enable event notifications, an existing event notifications CRN must be set.") : true
99
prefix = var.prefix != null ? (var.prefix != "" ? var.prefix : null) : null
1010
}
1111

@@ -107,15 +107,15 @@ module "secrets_manager" {
107107
region = var.region
108108
secrets_manager_name = try("${local.prefix}-${var.secrets_manager_instance_name}", var.secrets_manager_instance_name)
109109
service_plan = var.service_plan
110-
sm_tags = var.secret_manager_tags
110+
sm_tags = var.secrets_manager_tags
111111
# kms dependency
112112
existing_kms_instance_guid = local.existing_kms_guid
113113
kms_key_crn = local.kms_key_crn
114114
skip_kms_iam_authorization_policy = var.skip_kms_iam_authorization_policy || local.create_cross_account_auth_policy
115115
# event notifications dependency
116-
enable_event_notification = var.enable_event_notification
117-
existing_en_instance_crn = var.existing_event_notification_instance_crn
118-
skip_en_iam_authorization_policy = var.skip_event_notification_iam_authorization_policy
116+
enable_event_notification = var.enable_event_notifications
117+
existing_en_instance_crn = var.existing_event_notifications_instance_crn
118+
skip_en_iam_authorization_policy = var.skip_event_notifications_iam_authorization_policy
119119
cbr_rules = var.cbr_rules
120120
}
121121

@@ -130,16 +130,10 @@ module "iam_secrets_engine" {
130130
endpoint_type = "private"
131131
}
132132

133-
locals {
134-
# tflint-ignore: terraform_unused_declarations
135-
validate_public_secret_engine = var.public_engine_enabled && var.public_engine_name == null ? tobool("When setting var.public_engine_enabled to true, a value must be passed for var.public_engine_name") : true
136-
# tflint-ignore: terraform_unused_declarations
137-
validate_private_secret_engine = var.private_engine_enabled && var.private_engine_name == null ? tobool("When setting var.private_engine_enabled to true, a value must be passed for var.private_engine_name") : true
138-
}
139133

140134
# Configure an IBM Secrets Manager public certificate engine for an existing IBM Secrets Manager instance.
141135
module "secrets_manager_public_cert_engine" {
142-
count = var.public_engine_enabled ? 1 : 0
136+
count = var.public_cert_engine_enabled ? 1 : 0
143137
source = "terraform-ibm-modules/secrets-manager-public-cert-engine/ibm"
144138
version = "1.0.2"
145139
providers = {
@@ -148,27 +142,27 @@ module "secrets_manager_public_cert_engine" {
148142
}
149143
secrets_manager_guid = local.secrets_manager_guid
150144
region = local.secrets_manager_region
151-
internet_services_crn = var.cis_id
145+
internet_services_crn = var.public_cert_engine_internet_services_crn
152146
ibmcloud_cis_api_key = var.ibmcloud_api_key
153-
dns_config_name = var.dns_provider_name
154-
ca_config_name = var.ca_name
147+
dns_config_name = var.public_cert_engine_dns_provider_config_name
148+
ca_config_name = var.public_cert_engine_lets_encrypt_config_ca_name
155149
acme_letsencrypt_private_key = var.acme_letsencrypt_private_key
156150
service_endpoints = "private"
157151
}
158152

159153

160154
# Configure an IBM Secrets Manager private certificate engine for an existing IBM Secrets Manager instance.
161155
module "private_secret_engine" {
162-
count = var.private_engine_enabled ? 1 : 0
156+
count = var.private_cert_engine_enabled ? 1 : 0
163157
source = "terraform-ibm-modules/secrets-manager-private-cert-engine/ibm"
164158
version = "1.3.5"
165159
secrets_manager_guid = local.secrets_manager_guid
166160
region = var.region
167-
root_ca_name = var.root_ca_name
168-
root_ca_common_name = var.root_ca_common_name
169-
root_ca_max_ttl = var.root_ca_max_ttl
170-
intermediate_ca_name = var.intermediate_ca_name
171-
certificate_template_name = var.certificate_template_name
161+
root_ca_name = var.private_cert_engine_config_root_ca_name
162+
root_ca_common_name = var.private_cert_engine_config_root_ca_common_name
163+
root_ca_max_ttl = var.private_cert_engine_config_root_ca_max_ttl
164+
intermediate_ca_name = var.private_cert_engine_config_intermediate_ca_name
165+
certificate_template_name = var.private_cert_engine_config_template_name
172166
endpoint_type = "private"
173167
}
174168

@@ -182,28 +176,28 @@ data "ibm_resource_instance" "existing_sm" {
182176
#######################################################################################################################
183177

184178
locals {
185-
parsed_existing_en_instance_crn = var.existing_event_notification_instance_crn != null ? split(":", var.existing_event_notification_instance_crn) : []
179+
parsed_existing_en_instance_crn = var.existing_event_notifications_instance_crn != null ? split(":", var.existing_event_notifications_instance_crn) : []
186180
existing_en_guid = length(local.parsed_existing_en_instance_crn) > 0 ? local.parsed_existing_en_instance_crn[7] : null
187181
}
188182

189183
data "ibm_en_destinations" "en_destinations" {
190184
# if existing SM instance CRN is passed (!= null), then never do data lookup for EN destinations
191-
count = var.existing_secrets_manager_crn == null && var.enable_event_notification ? 1 : 0
185+
count = var.existing_secrets_manager_crn == null && var.enable_event_notifications ? 1 : 0
192186
instance_guid = local.existing_en_guid
193187
}
194188

195189
# workaround for https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5533
196190
resource "time_sleep" "wait_for_secrets_manager" {
197191
# if existing SM instance CRN is passed (!= null), then never work with EN
198-
count = var.existing_secrets_manager_crn == null && var.enable_event_notification ? 1 : 0
192+
count = var.existing_secrets_manager_crn == null && var.enable_event_notifications ? 1 : 0
199193
depends_on = [module.secrets_manager]
200194

201195
create_duration = "30s"
202196
}
203197

204198
resource "ibm_en_topic" "en_topic" {
205199
# if existing SM instance CRN is passed (!= null), then never create EN topic
206-
count = var.existing_secrets_manager_crn == null && var.enable_event_notification ? 1 : 0
200+
count = var.existing_secrets_manager_crn == null && var.enable_event_notifications ? 1 : 0
207201
depends_on = [time_sleep.wait_for_secrets_manager]
208202
instance_guid = local.existing_en_guid
209203
name = "Secrets Manager Topic"
@@ -219,17 +213,17 @@ resource "ibm_en_topic" "en_topic" {
219213

220214
resource "ibm_en_subscription_email" "email_subscription" {
221215
# if existing SM instance CRN is passed (!= null), then never create EN email subscription
222-
count = var.existing_secrets_manager_crn == null && var.enable_event_notification && length(var.sm_en_email_list) > 0 ? 1 : 0
216+
count = var.existing_secrets_manager_crn == null && var.enable_event_notifications && length(var.event_notifications_email_list) > 0 ? 1 : 0
223217
instance_guid = local.existing_en_guid
224218
name = "Email for Secrets Manager Subscription"
225219
description = "Subscription for Secret Manager Events"
226220
destination_id = [for s in toset(data.ibm_en_destinations.en_destinations[count.index].destinations) : s.id if s.type == "smtp_ibm"][0]
227221
topic_id = ibm_en_topic.en_topic[count.index].topic_id
228222
attributes {
229223
add_notification_payload = true
230-
reply_to_mail = var.sm_en_reply_to_email
224+
reply_to_mail = var.event_notifications_reply_to_email
231225
reply_to_name = "Secret Manager Event Notifications Bot"
232-
from_name = var.sm_en_from_email
233-
invited = var.sm_en_email_list
226+
from_name = var.event_notifications_from_email
227+
invited = var.event_notifications_email_list
234228
}
235229
}

0 commit comments

Comments
 (0)