Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add account infrastructure base for resource group creation #53

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
+114 −46
Open

feat: add account infrastructure base for resource group creation #53

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 3 additions & 1 deletion catalogValidationValues.json.template
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
{
"ibmcloud_api_key": $VALIDATION_APIKEY,
"prefix": $PREFIX,
"resource_group_name": $PREFIX,
"audit_resource_group_name": "{{PREFIX}}-audit",
"observability_resource_group_name": "{{PREFIX}}-observability",
"security_resource_group_name": "{{PREFIX}}-security",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what your trying to do here is not supported. However since a prefix value is added to these groups, you can just add any text in here and prefix value will ensure they are unique for every test, so they dont clash

"sm_service_plan": "trial",
"enable_platform_logs_metrics": false
}
33 changes: 25 additions & 8 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,13 +146,6 @@
"description": "An identifier prepended to resources that are provisioned. Must begin with a lowercase letter and end with a lowercase letter or number.",
"required": true
},
{
"key": "use_existing_resource_group",
"type": "boolean",
"default_value": false,
"description": "Whether to use an existing resource group. If set to `false, a resource group is created.",
"required": true
},
{
"key": "region",
"type": "string",
Expand All @@ -175,7 +168,19 @@
]
},
{
"key": "resource_group_name",
"key": "audit_resource_group_name",
"type": "string",
"default_value": "__NULL__",
"required": true
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing description

},
{
"key": "observability_resource_group_name",
"type": "string",
"default_value": "__NULL__",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing description

"required": true
},
{
"key": "security_resource_group_name",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing description

"type": "string",
"default_value": "__NULL__",
"required": true
Expand Down Expand Up @@ -244,6 +249,18 @@
}
],
"outputs": [
{
"key": "audit_resource_group_name",
"description": "The Name of the audit Resource Group."
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would need to follow our editorial guidelines -

something like: "The name of the resource group that is created by this solution. The actual name is prefixed with the value of the input 'prefix'. All resources created by this solution are deployed in this resource group. "

},
{
"key": "observability_resource_group_name",
"description": "The Name of the observability Resource Group."
},
{
"key": "security_resource_group_name",
"description": "The Name of the security Resource Group."
},
{
"key": "key_management_service_instance_crn",
"description": "The CRN of the Hyper Protect Crypto Service instance or Key Protect instance."
Expand Down
123 changes: 86 additions & 37 deletions stack_definition.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,25 +10,32 @@
"custom_config": {}
},
{
"name": "use_existing_resource_group",
"name": "region",
"required": true,
"type": "boolean",
"type": "string",
"hidden": false,
"default": false,
"description": "Whether to use an existing resource group.",
"default": "us-south",
"description": "The region to deploy the Deployable Architecture",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The region in which all resources are deployed.

"custom_config": {}
},
{
"name": "region",
"name": "audit_resource_group_name",
"required": true,
"type": "string",
"hidden": false,
"default": "us-south",
"description": "The region to deploy the Deployable Architecture",
"default": "__NOT_SET__",
"custom_config": {}
},
{
"name": "resource_group_name",
"name": "observability_resource_group_name",
"required": true,
"type": "string",
"hidden": false,
"default": "__NOT_SET__",
"custom_config": {}
},
{
"name": "security_resource_group_name",
"required": true,
"type": "string",
"hidden": false,
Expand Down Expand Up @@ -84,15 +91,45 @@
}
],
"members": [
{
"inputs": [
{
"name": "audit_resource_group_name",
"value": "ref:../../inputs/audit_resource_group_name"
},
{
"name": "observability_resource_group_name",
"value": "ref:../../inputs/observability_resource_group_name"
},
{
"name": "security_resource_group_name",
"value": "ref:../../inputs/security_resource_group_name"
},
{
"name": "prefix",
"value": "ref:../../inputs/prefix"
},
{
"name": "provision_trusted_profile_projects",
"value": false
},
{
"name": "skip_iam_account_settings",
"value": true
}
],
"name": "1 - Resource groups",
"version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.7c956046-669e-4613-8e40-b2f8e1f559b7-global"
},
{
"inputs": [
{
"name": "resource_group_name",
"value": "ref:../../inputs/resource_group_name"
"value": "ref:../../members/1 - Resource groups/outputs/security_resource_group_name"
},
{
"name": "use_existing_resource_group",
"value": "ref:../../inputs/use_existing_resource_group"
"value": true
},
{
"name": "region",
Expand All @@ -103,14 +140,14 @@
"value": "ref:../../inputs/prefix"
}
],
"name": "1 - Key management",
"name": "2 - Key management",
"version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.e7f105c4-8af4-4238-a98d-e89999ff14c8-global"
},
{
"inputs": [
{
"name": "resource_group_name",
"value": "ref:../../members/1 - Key management/outputs/resource_group_name"
"value": "ref:../../members/1 - Resource groups/outputs/observability_resource_group_name"
},
{
"name": "use_existing_resource_group",
Expand All @@ -122,7 +159,7 @@
},
{
"name": "existing_kms_instance_crn",
"value": "ref:../../members/1 - Key management/outputs/kms_instance_crn"
"value": "ref:../../members/2 - Key management/outputs/kms_instance_crn"
},
{
"name": "cos_instance_name",
Expand All @@ -145,34 +182,34 @@
"value": "ref:../../inputs/enable_platform_logs_metrics"
}
],
"name": "2 - Observability",
"name": "3 - Observability",
"version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.756a5374-5be7-49b4-97f4-99d3b4011b54-global"
},
{
"inputs": [
{
"name": "existing_cos_instance_crn",
"value": "ref:../../members/2 - Observability/outputs/cos_instance_crn"
"value": "ref:../../members/3 - Observability/outputs/cos_instance_crn"
},
{
"name": "skip_cos_kms_auth_policy",
"value": true
},
{
"name": "kms_endpoint_url",
"value": "ref:../../members/1 - Key management/outputs/kp_private_endpoint"
"value": "ref:../../members/2 - Key management/outputs/kp_private_endpoint"
},
{
"name": "existing_kms_instance_crn",
"value": "ref:../../members/1 - Key management/outputs/kms_instance_crn"
"value": "ref:../../members/2 - Key management/outputs/kms_instance_crn"
},
{
"name": "kms_endpoint_type",
"value": "private"
},
{
"name": "resource_group_name",
"value": "ref:../../members/1 - Key management/outputs/resource_group_name"
"value": "ref:../../members/1 - Resource groups/outputs/audit_resource_group_name"
},
{
"name": "use_existing_resource_group",
Expand All @@ -187,14 +224,14 @@
"value": "ref:../../inputs/prefix"
}
],
"name": "3 - Event Notifications",
"name": "4 - Event Notifications",
"version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.f3c5e78c-4a87-44eb-9a4e-a7a03de30c51-global"
},
{
"inputs": [
{
"name": "resource_group_name",
"value": "ref:../../members/1 - Key management/outputs/resource_group_name"
"value": "ref:../../members/1 - Resource groups/outputs/security_resource_group_name"
},
{
"name": "use_existing_resource_group",
Expand All @@ -210,19 +247,19 @@
},
{
"name": "existing_kms_instance_crn",
"value": "ref:../../members/1 - Key management/outputs/kms_instance_crn"
"value": "ref:../../members/2 - Key management/outputs/kms_instance_crn"
},
{
"name": "existing_monitoring_crn",
"value": "ref:../../members/2 - Observability/outputs/cloud_monitoring_crn"
"value": "ref:../../members/3 - Observability/outputs/cloud_monitoring_crn"
},
{
"name": "existing_cos_instance_crn",
"value": "ref:../../members/2 - Observability/outputs/cos_instance_crn"
"value": "ref:../../members/3 - Observability/outputs/cos_instance_crn"
},
{
"name": "existing_en_crn",
"value": "ref:../../members/3 - Event Notifications/outputs/crn"
"value": "ref:../../members/4 - Event Notifications/outputs/crn"
},
{
"name": "kms_endpoint_type",
Expand All @@ -245,14 +282,14 @@
"value": "ref:../../inputs/en_email_list"
}
],
"name": "4a - Security and Compliance Center",
"name": "5a - Security and Compliance Center",
"version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.55673fb4-336d-4ab9-90cd-2d6268df813b-global"
},
{
"inputs": [
{
"name": "resource_group_name",
"value": "ref:../../members/1 - Key management/outputs/resource_group_name"
"value": "ref:../../members/1 - Resource groups/outputs/security_resource_group_name"
},
{
"name": "use_existing_resource_group",
Expand All @@ -268,11 +305,11 @@
},
{
"name": "existing_kms_instance_crn",
"value": "ref:../../members/1 - Key management/outputs/kms_instance_crn"
"value": "ref:../../members/2 - Key management/outputs/kms_instance_crn"
},
{
"name": "existing_event_notification_instance_crn",
"value": "ref:../../members/3 - Event Notifications/outputs/crn"
"value": "ref:../../members/4 - Event Notifications/outputs/crn"
},
{
"name": "existing_secrets_manager_crn",
Expand All @@ -283,42 +320,54 @@
"value": "ref:../../inputs/sm_service_plan"
}
],
"name": "4b - Secrets Manager",
"name": "5b - Secrets Manager",
"version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.506429ee-7013-4070-aa27-9e8ce8aa6b78-global"
}
],
"outputs": [
{
"name": "audit_resource_group_name",
"value": "ref:../../members/1 - Resource groups/outputs/audit_resource_group_name"
},
{
"name": "observability_resource_group_name",
"value": "ref:../../members/1 - Resource groups/outputs/observability_resource_group_name"
},
{
"name": "security_resource_group_name",
"value": "ref:../../members/1 - Resource groups/outputs/security_resource_group_name"
},
{
"name": "key_management_service_instance_crn",
"value": "ref:../../members/1 - Key management/outputs/kms_instance_crn"
"value": "ref:../../members/2 - Key management/outputs/kms_instance_crn"
},
{
"name": "secrets_manager_crn",
"value": "ref:../../members/4b - Secrets Manager/outputs/secrets_manager_crn"
"value": "ref:../../members/5b - Secrets Manager/outputs/secrets_manager_crn"
},
{
"name": "scc_crn",
"value": "ref:../../members/4a - Security and Compliance Center/outputs/scc_crn"
"value": "ref:../../members/5a - Security and Compliance Center/outputs/scc_crn"
},
{
"name": "monitoring_crn",
"value": "ref:../../members/2 - Observability/outputs/cloud_monitoring_crn"
"value": "ref:../../members/3 - Observability/outputs/cloud_monitoring_crn"
},
{
"name": "cos_instance_crn",
"value": "ref:../../members/2 - Observability/outputs/cos_instance_crn"
"value": "ref:../../members/3 - Observability/outputs/cos_instance_crn"
},
{
"name": "en_crn",
"value": "ref:../../members/3 - Event Notifications/outputs/crn"
"value": "ref:../../members/4 - Event Notifications/outputs/crn"
},
{
"name": "log_analysis_crn",
"value": "ref:../../members/2 - Observability/outputs/log_analysis_crn"
"value": "ref:../../members/3 - Observability/outputs/log_analysis_crn"
},
{
"name": "scc_workload_protection_crn",
"value": "ref:../../members/4a - Security and Compliance Center/outputs/crn"
"value": "ref:../../members/5a - Security and Compliance Center/outputs/crn"
}
]

Expand Down