feat: remove reserved_ips support for DA solution (#675)<br> - removed input variable for DA solution for reserved_ips<br> - adjusted DA documentation and adopter usage

* fix: enhanced description and docs

* fix: removed reserved_ips from DA code as not needed

---------

Co-authored-by: shemau <[email protected]>

Author: vbontempi

ibm_catalog.json

@@ -81,9 +81,6 @@
             },
             {
               "key": "service_endpoints"
-            },
-            {
-              "key": "reserved_ips"
             }
           ],
           "iam_permissions": [

modules/reserved-ips/README.md

@@ -1,10 +1,23 @@
-# Reserved IP's Module
+# Reserved IPs Module
 
-The module creates reserved IPs (https://cloud.ibm.com/docs/vpc?topic=vpc-managing-ip-addresses) on existing subnets. Reserved IPs can be assigned to your resources, for example VPE endpoint gateways.
+The module creates a set of reserved IPs (https://cloud.ibm.com/docs/vpc?topic=vpc-managing-ip-addresses) on VPC existing subnets. Reserved IPs can be assigned to your resources, for example Virtual Private Endpoint gateways.
 
 The module supports the following actions:
 - Create reserved IP addresses
 
+It supports two different ways to specify the Reserved IPs to create:
+- by filling the input parameter `var.endpoint_ip_list` with a list of elements with the following attributes:
+   - `ip_name`: unique name to use for the key of the map representing the reserved IPs structure in output
+   - `subnet_id`: ID of the VPC subnet to create the reserved IP
+   - `name`: name of the Reserved IP resource name
+- by filling the input parameters `var.subnet_zone_list`, `var.reserved_ip_cloud_services` and `var.cloud_service_by_crn` with the respective attributes: the module logic combines the two lists `var.reserved_ip_cloud_services` and `var.cloud_service_by_crn` into a single list of services by extracting the expected services details and then combines this list with the `var.subnet_zone_list` list to allocate a Reserved IP for each subnet and for each service, by generating a unique `ip_name` key for each element of the map
+
+In both the cases the output of the module is:
+- `endpoint_ip_list` with the map of service name & subnet ID to create and bind to the Reserved IPs as map values of the related map key
+- `reserved_ip_map` with the map of the Reserved IPs resources created for each of the service name & subnet ID elements of the previous list, mapped by the unique map key.
+
+The module supports also you to associate existing Reserved IPs resources from your VPC through `var.reserved_ips` with specific gateways: in order to associate an existing Reserved IP to a specific gateway add an element to this list with two attributes, the unique map key used or generated for the `endpoint_ip_list` and the related Reserved IP instance to associate it with.
+
 ### Usage
 
 ```hcl
@@ -98,7 +111,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_cloud_service_by_crn"></a> [cloud\_service\_by\_crn](#input\_cloud\_service\_by\_crn) | List of cloud service CRNs. Each CRN will have a unique endpoint gateways created. For a list of supported services, see the docs [here](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-supported-services). | <pre>list(<br/>    object({<br/>      name = string # service name<br/>      crn  = string # service crn<br/>    })<br/>  )</pre> | `[]` | no |
-| <a name="input_endpoint_ip_list"></a> [endpoint\_ip\_list](#input\_endpoint\_ip\_list) | List of IPs to create. Each object contains an ip name and subnet id | <pre>list(<br/>    object({<br/>      ip_name      = string # reserved ip name<br/>      subnet_id    = string # subnet id<br/>      gateway_name = string # gateway name<br/>      name         = string # ip name<br/>    })<br/>  )</pre> | `[]` | no |
+| <a name="input_endpoint_ip_list"></a> [endpoint\_ip\_list](#input\_endpoint\_ip\_list) | List of IPs to create. Each object contains an ip name and subnet id | <pre>list(<br/>    object({<br/>      ip_name   = string # reserved ip name<br/>      subnet_id = string # subnet id<br/>      name      = string # ip name<br/>    })<br/>  )</pre> | `[]` | no |
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | The prefix that you would like to append to your resources. Value is only used if no value is passed for the `vpe_name` option in the `reserved_ip_cloud_services` input variable. | `string` | `"vpe"` | no |
 | <a name="input_region"></a> [region](#input\_region) | The region to be used in the reserved ip naming convention. | `string` | `"us-south"` | no |
 | <a name="input_reserved_ip_cloud_services"></a> [reserved\_ip\_cloud\_services](#input\_reserved\_ip\_cloud\_services) | List of cloud services to create reserved ips for. The keys are the service names, the values (all optional) give some level of control on the created VPEs. | <pre>set(object({<br/>    service_name = string<br/>    vpe_name     = optional(string),<br/>  }))</pre> | `[]` | no |

modules/reserved-ips/variables.tf

@@ -65,10 +65,9 @@ variable "endpoint_ip_list" {
   description = "List of IPs to create. Each object contains an ip name and subnet id"
   type = list(
     object({
-      ip_name      = string # reserved ip name
-      subnet_id    = string # subnet id
-      gateway_name = string # gateway name
-      name         = string # ip name
+      ip_name   = string # reserved ip name
+      subnet_id = string # subnet id
+      name      = string # ip name
     })
   )
   default = []

solutions/fully-configurable/DA-types.md

@@ -1,34 +1,39 @@
 # Configuring complex inputs for Virtual Private Endpoint Gateways
 
-Several optional input variables in the IBM Cloud [VPE Gateway deployable architecture](https://cloud.ibm.com/catalog#deployable_architecture) use complex object types. You specify these inputs when you configure deployable architecture.
+IBM Cloud® Virtual Private Endpoints (VPE) for VPC enables you to connect to supported IBM Cloud services from your Virtual Privte Cloud (VPC) network by using the IP addresses of your choosing, allocated from a subnet within your VPC. For more details about Virtual Private Endpoint Gateways please refer to this [documentation page](https://cloud.ibm.com/docs/vpc?topic=vpc-about-vpe)
 
-You can specify a set of IBM Cloud services to create VPE endpoint gateways for. At least one of `cloud_services` or `cloud_service_by_crn` must be specified.
+IBM Cloud services either offer a service specific target or an instance specific target for the VPE gateway. In order to target a service specific endpoint, the service should be included in the `cloud_services` block. In order to target an instance specific endpoint the service CRN should be included in the `cloud_service_by_crn` block.
 
-- [Cloud Services by name](#cloud-services) (`cloud_services`)
-- [Cloud Services by CRN](#cloud-service-by-crn) (`cloud_service_by_crn`)
-- [Reserved IPs](#reserved-ips) (`reserved_ips`)
+For more details about the IBM Cloud services, their VPE configuration information and about creating gateways to Non-IBM Cloud services please refer to [this documentation page](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-supported-services)
 
-## Cloud Services by name <a name="cloud-services"></a>
+As alternative, the CLI command `ibmcloud is endpoint-gateway-targets` returns a list of IBM Cloud services supported in a specific region, including the services' names and their CRNs
 
-You can specify a set of IBM Cloud services by service name to create VPE Endpoint Gateways for. Use `cloud-services` for services that offer general service endpoints.
+- [cloud_services](#cloud-services) : this input parameter allows to create a VPE gateway to a IBM Cloud service by specifying its service name
+- [cloud_service_by_crn](#cloud-service-by-crn) : this input parameter allows to create a VPE gateway to a IBM Cloud service its service CRN (Cloud Resource Name)
+
+## VPE gateway to Cloud Services by service name <a name="cloud-services"></a>
+
+By setting up this input parameter you can create VPE gateways in your VPC instance by specifying the name of the IBM Cloud services.
+
+**Important note: ** you can use this structure only for IBM Cloud services offering global service endpoints.
 
 - Variable name: `cloud_services`.
-- Type: A list of objects that represent IBM Cloud services
-- Default value: An empty list (`[]`)
+- Type: A list of objects that represent IBM Cloud services with attributes `service_name`, `vpe_name` and `allow_dns_resolution_binding`
+- Default value: the default value is an empty list (`[]`)
 
-### Options for cloud_service
+### cloud_service attributes
 
-- `service_name` (required): The IBM Cloud service name.
-- `vpe_name` (optional): Full control on the VPE name. If not specified, the VPE name will be computed based on prefix, vpc name and service name.
-- `allow_dns_resolution_binding` (optional): Indicates whether to allow this endpoint gateway to participate in DNS resolution bindings with a VPC that has dns.enable_hub set to true.
+- `service_name` (required): The IBM Cloud service name as per [this documentation page](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-supported-services) or the name value returned by the CLI command `ibmcloud is endpoint-gateway-targets`
+- `vpe_name` (optional): The desired name to assigne to the VPE gateway. If not specified, the VPE name will be computed based on prefix, vpc name and service name.
+- `allow_dns_resolution_binding` (optional): Indicates whether to allow this endpoint gateway to participate in DNS resolution bindings. For more details please refer to this [documentation page](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-dns-sharing-configure-hub&interface=ui). If not set default value is `true`.
 
-### Example service credential
+### Example for cloud_services input parameter
 
 ```hcl
 [
   {
-    "service_name": "kms",
-    "vpe_name": "kms-gateway",
+    "service_name": "global-search-tagging",
+    "vpe_name": "global-search-gateway",
     "allow_dns_resolution_binding": false
   },
   {
@@ -37,56 +42,33 @@ You can specify a set of IBM Cloud services by service name to create VPE Endpoi
 ]
 ```
 
-## Cloud Service by CRN <a name="cloud-service-by-crn"></a>
+## VPE gateway to Cloud Services by service CRN <a name="cloud-service-by-crn"></a>
 
-You can specify a set of IBM Cloud services by CRN to create VPE Endpoint Gateways for. Use `cloud-service-by-crn` for services that generate instance specific VPE gateway targets.
+By setting up this input parameter you can create VPE gateways in your VPC instance by specifying the IBM Cloud services CRNs.
 
 - Variable name: `cloud_service_by_crn`.
-- Type: A list of objects that represent IBM Cloud services
-- Default value: An empty list (`[]`)
+- Type: A list of objects that represent IBM Cloud services with attributes `crn`, `vpe_name`, `service_name` and `allow_dns_resolution_binding`
+- Default value: the default value is an empty list (`[]`)
 
 ### Options for cloud_service_by_crn
 
-- `crn` (required): IBM Cloud service CRN.
-- `vpe_name` (optional): Full control on the VPE name. If not specified, the VPE name will be computed based on prefix, vpc name and service name.
-- `service_name` (optional):
-- `allow_dns_resolution_binding` (optional): Indicates whether to allow this endpoint gateway to participate in DNS resolution bindings with a VPC that has dns.enable_hub set to true.
+- `crn` (mandatory): IBM Cloud service CRN as per [this documentation page](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-supported-services))or the CRN value returned by the CLI command `ibmcloud is endpoint-gateway-targets`
+- `vpe_name` (optional): The desired name to assigne to the VPE gateway. If not specified, the VPE name will be computed based on prefix, vpc name and service name.
+- `service_name` (optional): The name of the service used to compute the name of the VPE gateway. If not provided the name is extracted from the CRN.
+- `allow_dns_resolution_binding` (optional): Indicates whether to allow this endpoint gateway to participate in DNS resolution bindings. For more details please refer to this [documentation page](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-dns-sharing-configure-hub&interface=ui). If not set default value is `true`.
 
-### Example cloud_service_by_crn
+### Example for cloud_service_by_crn
 
 ```hcl
 [
   {
-    "crn": "crn:version:cname:ctype:service-name:location:scope:service-instance::",
-    "vpe_name": "service-gateway",
-    "service_name": "service-name",
+    "crn": "crn:v1:bluemix:public:kms:eu-es:::endpoint:private.eu-es.kms.cloud.ibm.com",
+    "vpe_name": "kms-eu-es-gateway",
+    "service_name": "kms",
     "allow_dns_resolution_binding": false
   },
   {
-    "crn": "crn:version:cname:ctype:service-name:location:scope:service-instance::"
+    "crn": " crn:v1:bluemix:public:iam-svcs:global:::endpoint:private.iam.cloud.ibm.com"
   }
 ]
 ```
-
-## Reserved IPs <a name="reserved-ips"></a>
-
-Map of existing reserved IP names and values. If you wish to create your reserved ips independently and not create new ones you can first run the `reserved-ips` submodule and then copy the output `reserved_ip_map` here."
-
-- Variable name: `reserved_ips`
-- Type: A map of existing reserved IP names and ids
-- Default value: An empty map (`{}`)
-
-### Example reserved IPs
-
-The following example shows values for both disk and memory for the `reserved_ips` input.
-
-```hcl
-{
-  "vpc-cloud-object-storage-1" = "0717-12345678-1234-1234-1234-123456789abc"
-  "vpc-cloud-object-storage-2" = "0727-12345678-1234-1234-1234-123456789abc"
-  "vpc-cloud-object-storage-3" = "0737-12345678-1234-1234-1234-123456789abc"
-  "vpc-kms-1" = "0717-12345678-1234-1234-1234-123456789abc"
-  "vpc-kms-2" = "0727-12345678-1234-1234-1234-123456789abc"
-  "vpc-kms-3" = "0737-12345678-1234-1234-1234-123456789abc"
-}
-```

solutions/fully-configurable/main.tf

@@ -45,5 +45,5 @@ module "vpe" {
   cloud_services       = var.cloud_services
   cloud_service_by_crn = var.cloud_service_by_crn
   service_endpoints    = var.service_endpoints
-  reserved_ips         = var.reserved_ips
+  reserved_ips         = {} # from a DA usage perspective this map is not needed
 }

solutions/fully-configurable/variables.tf

@@ -127,12 +127,4 @@ variable "service_endpoints" {
   }
 }
 
-variable "reserved_ips" {
-  description = "Map of existing reserved IP names and values. If you wish to create your reserved ips independently and not create new ones you can first run the `reserved-ips` submodule and then copy the output `reserved_ip_map` here. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-vpe-gateway/tree/main/solutions/fully-configurable/DA-types.md#reserved_ips)."
-  type = object({
-    name = optional(string) # reserved ip name
-  })
-  default = {}
-}
-
 ##############################################################################