terraform-ibm-modules
diff --git a/‎.secrets.baseline‎
Lines changed: 117 additions & 2 deletions b/‎.secrets.baseline‎
Lines changed: 117 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 5 additions & 102 deletions b/‎README.md‎
Lines changed: 5 additions & 102 deletions
diff --git a/‎cra-config.yaml‎
Lines changed: 6 additions & 4 deletions b/‎cra-config.yaml‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎cra-tf-validate-ignore-rules.json‎
Lines changed: 32 additions & 1 deletion b/‎cra-tf-validate-ignore-rules.json‎
Lines changed: 32 additions & 1 deletion
diff --git a/‎examples/advanced/README.md‎
Lines changed: 0 additions & 4 deletions b/‎examples/advanced/README.md‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎examples/advanced/main.tf‎
Lines changed: 0 additions & 3 deletions b/‎examples/advanced/main.tf‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎examples/advanced/outputs.tf‎
Lines changed: 0 additions & 23 deletions b/‎examples/advanced/outputs.tf‎
Lines changed: 0 additions & 23 deletions
diff --git a/‎examples/advanced/provider.tf‎
Lines changed: 0 additions & 8 deletions b/‎examples/advanced/provider.tf‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎examples/advanced/variables.tf‎
Lines changed: 0 additions & 29 deletions b/‎examples/advanced/variables.tf‎
Lines changed: 0 additions & 29 deletions
diff --git a/‎examples/advanced/version.tf‎
Lines changed: 0 additions & 12 deletions b/‎examples/advanced/version.tf‎
Lines changed: 0 additions & 12 deletions
@@ -3,7 +3,7 @@
     "files": "go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-12-09T06:39:44Z",
+  "generated_at": "2024-06-13T19:58:20Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -76,7 +76,122 @@
       "name": "TwilioKeyDetector"
     }
   ],
-  "results": {},
+  "results": {
+    "solutions/e2e/templates/web-tier-init-tmplt.tftpl": [
+      {
+        "hashed_secret": "6235e904bcd8535d8bf5b7c3ef87afa7c21d5ed9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 44,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "ae497b0268a38a3e6c1390baf56f91f7015dc50f",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 45,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "474ef2f046dca2a4895eb5f280839bf6160f0132",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 46,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "05b44b38e974221fa67b37e097593c2da7aaf006",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 47,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "bd0abd68140d64b19aa1e869d90f195157c9cae0",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 48,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "c819bfb777b1a5094c98f6ab973afa08a64e8924",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 49,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "8b994f82cf3b0ceb82627495d16172f2d67f1013",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 50,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "0c069d6d2e6300200de7fa11ca5e765e09841a23",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 51,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "586339f74a4656604577622995f36cf84278f608",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 52,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "5afc7fb8c9927f2c11767190a378d4544ec1db1b",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 53,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "bb140e22f846ff4f24f84c2bfce1254507936775",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 54,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "3cdcc0e0f07e981eba21aef9cbe5a932e0fa1382",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 55,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "39a789e5c094470afa97883f3303a35a12b9da9c",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 56,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "33ba075473fac188552ccd9938e0f024178ff9fc",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 58,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      }
+    ]
+  },
   "version": "0.13.1+ibm.62.dss",
   "word_list": {
     "file": null,
 
@@ -1,5 +1,5 @@
 <!-- Update this title with a descriptive name. Use sentence case. -->
-# Terraform modules template project
+# Web app Multi-Zone Resiliency Deployable Architecture
 
 <!--
 Update status and "latest release" badges:
@@ -12,109 +12,12 @@ Update status and "latest release" badges:
 [![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://renovatebot.com/)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
-<!--
-Add a description of modules in this repo.
-Expand on the repo short description in the .github/settings.yml file.
-
-For information, see "Module names and descriptions" at
-https://terraform-ibm-modules.github.io/documentation/#/implementation-guidelines?id=module-names-and-descriptions
--->
-
-TODO: Replace this with a description of the modules in this repo.
-
-
-<!-- The following content is automatically populated by the pre-commit hook -->
-<!-- BEGIN OVERVIEW HOOK -->
-## Overview
-* [terraform-ibm-web-app-mzr-da](#terraform-ibm-web-app-mzr-da)
-* [Examples](./examples)
-    * [Advanced example](./examples/advanced)
-    * [Basic example](./examples/basic)
-* [Contributing](#contributing)
-<!-- END OVERVIEW HOOK -->
-
-
-<!--
-If this repo contains any reference architectures, uncomment the heading below and link to them.
-(Usually in the `/reference-architectures` directory.)
-See "Reference architecture" in the public documentation at
-https://terraform-ibm-modules.github.io/documentation/#/implementation-guidelines?id=reference-architecture
--->
-<!-- ## Reference architectures -->
-
-
-<!-- Replace this heading with the name of the root level module (the repo name) -->
-## terraform-ibm-web-app-mzr-da
-
-### Usage
-
-<!--
-Add an example of the use of the module in the following code block.
-
-Use real values instead of "var.<var_name>" or other placeholder values
-unless real values don't help users know what to change.
--->
-
-```hcl
-
-```
-
-### Required IAM access policies
-
-<!-- PERMISSIONS REQUIRED TO RUN MODULE
-If this module requires permissions, uncomment the following block and update
-the sample permissions, following the format.
-Replace the sample Account and IBM Cloud service names and roles with the
-information in the console at
-Manage > Access (IAM) > Access groups > Access policies.
--->
-
-<!--
-You need the following permissions to run this module:
-
-- IAM services
-    - **Sample IBM Cloud** service
-        - `Editor` platform access
-        - `Manager` platform access
-- Account management services
-    - **Sample account management** service
-        - `Editor` platform access
--->
-
-<!-- NO PERMISSIONS FOR MODULE
-If no permissions are required for the module, uncomment the following
-statement instead the previous block.
--->
-
-<!-- No permissions are needed to run this module.-->
-
-
-<!-- The following content is automatically populated by the pre-commit hook -->
-<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
-### Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-
-### Modules
-
-No modules.
-
-### Resources
-
-No resources.
-
-### Inputs
-
-No inputs.
-
-### Outputs
+This repository contains the following infrastructure as code solutions:
+- [Web app Multi-Zone Resiliency Deployable Architecture](./solutions/e2e)
 
-No outputs.
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+**NB:** These solutions are not intended to be called by one or more other modules since they contain a provider configurations, meaning they are not compatible with the `for_each`, `count`, and `depends_on` arguments. For more information see [Providers Within Modules](https://developer.hashicorp.com/terraform/language/modules/develop/providers)
 
-<!-- Leave this section as is so that your module has a link to local development environment set-up steps for contributors to follow -->
+<!-- Leave this section as is so that your module has a link to local development environment set up steps for contributors to follow -->
 ## Contributing
 
 You can report issues and request features for this module in GitHub issues in the module repo. See [Report an issue or request a feature](https://github.com/terraform-ibm-modules/.github/blob/main/.github/SUPPORT.md).
 
@@ -1,11 +1,13 @@
 # More info about this file at https://github.com/terraform-ibm-modules/common-pipeline-assets/blob/main/.github/workflows/terraform-test-pipeline.md#cra-config-yaml
 version: "v1"
 CRA_TARGETS:
-  - CRA_TARGET: "examples/advanced" # Target directory for CRA scan. If not provided, the CRA Scan will not be run.
+  - CRA_TARGET: "solutions/e2e" # Target directory for CRA scan. If not provided, the CRA Scan will not be run.
     CRA_IGNORE_RULES_FILE: "cra-tf-validate-ignore-rules.json" # CRA Ignore file to use. If not provided, it checks the repo root directory for `cra-tf-validate-ignore-rules.json`
     PROFILE_ID: "0e6e7b5a-817d-4344-ab6f-e5d7a9c49520" # SCC profile ID (currently set to the FSCloud 1.4.0 profile).
     # SCC_INSTANCE_ID: "" # The SCC instance ID to use to download profile for CRA scan. If not provided, a default global value will be used.
     # SCC_REGION: "" # The IBM Cloud region that the SCC instance is in. If not provided, a default global value will be used.
-    # CRA_ENVIRONMENT_VARIABLES:  # An optional map of environment variables for CRA, where the key is the variable name and value is the value. Useful for providing TF_VARs.
-    #   TF_VAR_sample: "sample value"
-    #   TF_VAR_other:  "another value"
+    CRA_ENVIRONMENT_VARIABLES: # An optional map of environment variables for CRA, where the key is the variable name and value is the value. Useful for providing TF_VARs.
+      TF_VAR_prefix: "web-app"
+      TF_VAR_region: "us-east"
+      TF_VAR_ssh_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDb8qoH4U47+79ssT6FdsOIxxZY8/oxWc66WPwqHfpjCgDRP3Rc1uq2YEKIRJba2DzNFnf+byinH0O9hwjKZ/3l7HxNtvQZXdCnT79TOT/wGbcHBV8ZUTBkUOx67ryS0F5bKDdMDWdsWkMXkRb8AAsJWLAeuFsfMYQjMBLmvrMsRRB6GG+97jF18ghqHjuBTX1FNF9fcytEaz7WfP8KrgSYRcQOauIVlMJyOmh3gZl84u14SXwQKhQrdvqt47ZErKH+fbsgxfOvvmYgr5RktKjbmi+lyBkxRM7//BaKcPw5saThf1MiEesJxIqyL16DW9LXdWei74xHNuF65K03y975Qr9CtPkr1rGgxwU2ksqLy1NN5TnF4erd1VSuLZ5BLov7JRJ2K17ttt0agp9VmkjRFIivOek= some-user@testing-box"
+      TF_VAR_ssh_private_key: "some_key"
@@ -1,3 +1,34 @@
 {
-    "scc_rules": []
+    "scc_rules": [
+        {
+            "scc_rule_id": "rule-0e5151b1-9caf-433c-b4e5-be3d505e458e",
+            "description": "Check whether Application Load Balancer for VPC is configured with multiple members in the pool",
+            "ignore_reason": "This rule is not relevant to since the autoscale vsi are not attached at provision time",
+            "is_valid": true
+        },
+        {
+            "scc_rule_id": "rule-8c923215-afdc-41b1-886c-64ce78741f8c",
+            "description": "Check whether Application Load Balancer for VPC has health check configured when created",
+            "ignore_reason": "Health check is configured on Application Load Balancer",
+            "is_valid": true
+        },
+        {
+            "scc_rule_id": "rule-65b61a0f-ffdb-41ba-873d-ad329e7fc0ee",
+            "description": "Check whether Application Load Balancer for VPC is configured to convert HTTP client requests to HTTPS",
+            "ignore_reason": "This rule is not relevant since example is using a tcp listener",
+            "is_valid": true
+        },
+        {
+            "scc_rule_id": "rule-d544f217-3723-4376-b3aa-037c5f201e8d",
+            "description": "Check whether Application Load Balancer for VPC uses HTTPS (SSL & TLS) instead of HTTP",
+            "ignore_reason": "This rule is not relevant since example is using a tcp listener",
+            "is_valid": true
+        },
+        {
+            "scc_rule_id": "rule-8cbd597c-7471-42bd-9c88-36b2696456e9",
+            "description": "Check whether Cloud Object Storage network access is restricted to a specific IP range",
+            "ignore_reason": "In order for this rule to pass, Context Based Restrictions (CBRs) support needs to be added to the module (tracking in https://github.ibm.com/GoldenEye/issues/issues/5626). Even after that is added, there is still a dependency on SCC to support scanning for CBR rules. SCC CBR support is being tracked in https://github.ibm.com/project-fortress/pm/issues/11800.",
+            "is_valid": true
+        }
+    ]
 }