Skip to content

terraform-ibm-modules/terraform-ibm-appid

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

201 Commits
.github
.github
 
 
common-dev-assets @ 2365130
common-dev-assets @ 2365130
 
 
examples
examples
 
 
images
images
 
 
modules/fscloud
modules/fscloud
 
 
reference-architecture
reference-architecture
 
 
solutions/secure
solutions/secure
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.releaserc
.releaserc
 
 
.secrets.baseline
.secrets.baseline
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
ci
ci
 
 
cra-config.yaml
cra-config.yaml
 
 
cra-tf-validate-ignore-rules.json
cra-tf-validate-ignore-rules.json
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
renovate.json
renovate.json
 
 
variables.tf
variables.tf
 
 
version.tf
version.tf
 
 

Repository files navigation

IBM AppID

Stable (With quality checks) latest release pre-commit Renovate enabled semantic-release

This module creates an IBM AppID instance and a resource key.

More information about the IBM AppID can be found here

Note: This module creates random password for the new users. Set self_service_enabled to true to give users permission to change their passwords.

Overview

terraform-ibm-appid

Usage

provider "ibm" {
  ibmcloud_api_key = "XXXXXXXXXX"
  region           = "us-south"
}

module "appid" {
  source            = "terraform-ibm-modules/appid/ibm"
  version           = "latest" # Replace "latest" with a release version to lock into a specific release
  resource_group_id = "xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX"
  appid_name        = "my-appid"
  region            = "us-south"
}

Required IAM access policies

Requirements

Name Version
terraform >= 1.3.0
ibm >= 1.49.0, < 2.0.0
random >= 3.6.0, <4.0.0
time >= 0.8.0, <1.0.0

Modules

No modules.

Resources

Name Type
ibm_appid_cloud_directory_user.user resource
ibm_appid_idp_cloud_directory.cd resource
ibm_appid_mfa.mf resource
ibm_iam_authorization_policy.policy resource
ibm_resource_instance.appid resource
ibm_resource_key.resource_keys resource
random_password.password resource
time_sleep.wait_for_authorization_policy resource

Inputs

Name Description Type Default Required
appid_name Name of the AppID resource. string n/a yes
existing_kms_instance_guid The GUID of the Hyper Protect or Key Protect instance in which the key specified in kms_key_crn is coming from. Only required if skip_iam_authorization_policy is 'false'. string null no
identity_confirm_access_mode Identity confirm access mode for Cloud Directory (CD). Allowed values are FULL, RESTRICTIVE and OFF. string "OFF" no
identity_field Identity field for Cloud Directory (CD). Allowed values are email and userName. string "email" no
is_idp_cloud_directory_active Set this to true to set IDP Cloud Directory active. bool true no
is_mfa_active Set this to true to set MFA in IDP Cloud Directory active. bool true no
kms_encryption_enabled Set this to true to control the encryption keys used to encrypt the data that you store for AppID. If set to false, the data is encrypted by using randomly generated keys. For more info on securing data in AppID, see https://cloud.ibm.com/docs/appid?topic=appid-mng-data bool false no
kms_key_crn The root key CRN of a Key Management Services like Key Protect or Hyper Protect Crypto Service (HPCS) that you want to use for disk encryption. Only used if kms_encryption_enabled is set to true. string null no
plan Plan for the AppID resource. string "graduated-tier" no
region Region for the AppID resource. string n/a yes
reset_password_enabled Set this to true to enable password resets. bool false no
reset_password_notification_enabled Set this to true to enable password notifications. bool false no
resource_group_id Resource group ID for the AppID resources. string n/a yes
resource_keys The definition of any resource keys to be generated. Valid service roles are Writer, Reader and Manager. 
list(object({
    name           = string
    role           = optional(string, "Reader")
    service_id_crn = optional(string)
  }))
 [] no
resource_tags Optional list of tags to be added to created resources list(string) [] no
self_service_enabled Set this to true to allow users to change password and edit user details. bool false no
signup_enabled Set this to true to allow users to signup. bool false no
skip_iam_authorization_policy Set to true to skip the creation of an IAM authorization policy that permits AppID instance in the given resource group to read the encryption key from the Hyper Protect or Key Protect instance passed in var.existing_kms_instance_guid. If set to 'false', a value must be passed for var.existing_kms_instance_guid. No policy is created if var.kms_encryption_enabled is set to 'false'. bool false no
users List of users to add. list(string) [] no
welcome_enabled Set this to true to send welcome emails to the new users. bool false no

Outputs

Name Description
appid_crn AppID instance CRN.
appid_name AppID instance name.
dashboard_url AppID dashboard url.
id AppID instance ID.
tenant_id AppID instance guid, also called as tenant_id.
user_subjects The user's identifier.

Contributing

You can report issues and request features for this module in GitHub issues in the module repo. See Report an issue or request a feature.

To set up your local development environment, see Local development setup in the project documentation.

About

Creates an IBM AppID instance.

Topics

terraform stable core-team ibm-cloud appid terraform-module supported

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

0 stars

Watchers

16 watching

Forks

0 forks
Report repository

Releases 23

v1.2.19 Latest
Jun 22, 2024
+ 22 releases

Packages

No packages published

Contributors 7

Languages