From 00eeab4b487730fe6da001e283eb4cf357e29715 Mon Sep 17 00:00:00 2001 From: shemau Date: Tue, 2 Jan 2024 11:14:22 +0000 Subject: [PATCH] fix: removed input variables `sysdig_crn` and `activity_tracker_crn` from the fscloud submodule as they were unused. If you wish to set a bucket up with metrics or activity tracking, use the optional `activity_tracking` and `metrics_monitoring` options in the `bucket_configs` input variable, as demonstrated in the [fscloud example](https://github.com/terraform-ibm-modules/terraform-ibm-cos/tree/main/examples/fscloud) (#490) --- examples/fscloud/main.tf | 15 ++++++++------- modules/fscloud/README.md | 2 -- modules/fscloud/main.tf | 2 -- modules/fscloud/variables.tf | 12 ------------ 4 files changed, 8 insertions(+), 23 deletions(-) diff --git a/examples/fscloud/main.tf b/examples/fscloud/main.tf index 8b2a8a9e..46587356 100644 --- a/examples/fscloud/main.tf +++ b/examples/fscloud/main.tf @@ -108,13 +108,11 @@ module "cbr_zone_schematics" { ############################################################################## module "cos_fscloud" { - source = "../../modules/fscloud" - resource_group_id = module.resource_group.resource_group_id - cos_instance_name = "${var.prefix}-cos" - cos_tags = var.resource_tags - sysdig_crn = module.observability_instances.cloud_monitoring_crn - activity_tracker_crn = local.at_crn - access_tags = var.access_tags + source = "../../modules/fscloud" + resource_group_id = module.resource_group.resource_group_id + cos_instance_name = "${var.prefix}-cos" + cos_tags = var.resource_tags + access_tags = var.access_tags # CBR rule only allowing the COS instance to be accessbile over the private endpoint from within the VPC # or from schematics @@ -162,6 +160,9 @@ module "cos_fscloud" { activity_tracking = { activity_tracker_crn = local.at_crn } + metrics_monitoring = { + metrics_monitoring_crn = module.observability_instances.cloud_monitoring_crn + } # CBR rule only allowing the COS bucket to be accessbile over the private endpoint from within the VPC cbr_rules = [{ diff --git a/modules/fscloud/README.md b/modules/fscloud/README.md index a00d91a4..9b6249f6 100644 --- a/modules/fscloud/README.md +++ b/modules/fscloud/README.md @@ -95,7 +95,6 @@ No resources. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [access\_tags](#input\_access\_tags) | A list of access tags to apply to the cos instance created by the module, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial for more details | `list(string)` | `[]` | no | -| [activity\_tracker\_crn](#input\_activity\_tracker\_crn) | Activity tracker crn for COS bucket. Only required if 'create\_cos\_bucket' is true. | `string` | `null` | no | | [bucket\_configs](#input\_bucket\_configs) | Cloud Object Storage bucket configurations | 
list(object({
    access_tags                   = optional(list(string), [])
    bucket_name                   = string
    kms_encryption_enabled        = optional(bool, true)
    kms_guid                      = optional(string, null)
    kms_key_crn                   = string
    skip_iam_authorization_policy = optional(bool, false)
    management_endpoint_type      = string
    cross_region_location         = optional(string, null)
    storage_class                 = optional(string, "smart")
    region_location               = optional(string, null)
    resource_group_id             = string
    resource_instance_id          = optional(string, null)

    activity_tracking = optional(object({
      read_data_events     = optional(bool, true)
      write_data_events    = optional(bool, true)
      activity_tracker_crn = optional(string, null)
    }))
    archive_rule = optional(object({
      enable = optional(bool, false)
      days   = optional(number, 20)
      type   = optional(string, "Glacier")
    }))
    expire_rule = optional(object({
      enable = optional(bool, false)
      days   = optional(number, 365)
    }))
    metrics_monitoring = optional(object({
      usage_metrics_enabled   = optional(bool, true)
      request_metrics_enabled = optional(bool, true)
      metrics_monitoring_crn  = optional(string, null)
    }))
    object_versioning = optional(object({
      enable = optional(bool, false)
    }))
    retention_rule = optional(object({
      default   = optional(number, 90)
      maximum   = optional(number, 350)
      minimum   = optional(number, 90)
      permanent = optional(bool, false)
    }))
    cbr_rules = optional(list(object({
      description = string
      account_id  = string
      rule_contexts = list(object({
        attributes = optional(list(object({
          name  = string
          value = string
      }))) }))
      enforcement_mode = string
      tags = optional(list(object({
        name  = string
        value = string
      })), [])
      operations = optional(list(object({
        api_types = list(object({
          api_type_id = string
        }))
      })))
    })), [])

  }))
| `[]` | no | | [cos\_instance\_name](#input\_cos\_instance\_name) | The name to give the cloud object storage instance that will be provisioned by this module. Only required if 'create\_cos\_instance' is true. | `string` | `null` | no | | [cos\_plan](#input\_cos\_plan) | Plan to be used for creating cloud object storage instance. Only used if 'create\_cos\_instance' it true. | `string` | `"standard"` | no | @@ -107,7 +106,6 @@ No resources. | [hmac\_key\_role](#input\_hmac\_key\_role) | The role you want to be associated with your new hmac key. Valid roles are 'Writer', 'Reader', 'Manager', 'Content Reader', 'Object Reader', 'Object Writer'. | `string` | `"Manager"` | no | | [instance\_cbr\_rules](#input\_instance\_cbr\_rules) | (Optional, list) List of CBR rule to create for the instance | 
list(object({
    description = string
    account_id  = string
    rule_contexts = list(object({
      attributes = optional(list(object({
        name  = string
        value = string
    }))) }))
    enforcement_mode = string
    tags = optional(list(object({
      name  = string
      value = string
    })), [])
    operations = optional(list(object({
      api_types = list(object({
        api_type_id = string
      }))
    })))
  }))
| `[]` | no | | [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where resources will be provisioned. | `string` | n/a | yes | -| [sysdig\_crn](#input\_sysdig\_crn) | Sysdig Monitoring crn for COS bucket. Only required if 'create\_cos\_bucket' is true. | `string` | `null` | no | ### Outputs diff --git a/modules/fscloud/main.tf b/modules/fscloud/main.tf index b64e8b9b..cc111a34 100644 --- a/modules/fscloud/main.tf +++ b/modules/fscloud/main.tf @@ -26,8 +26,6 @@ module "cos_instance" { hmac_key_role = var.hmac_key_role cos_plan = var.cos_plan cos_tags = var.cos_tags - sysdig_crn = var.sysdig_crn - activity_tracker_crn = var.activity_tracker_crn access_tags = var.access_tags } diff --git a/modules/fscloud/variables.tf b/modules/fscloud/variables.tf index e880813b..d5020f9d 100644 --- a/modules/fscloud/variables.tf +++ b/modules/fscloud/variables.tf @@ -63,18 +63,6 @@ variable "cos_plan" { } } -variable "activity_tracker_crn" { - type = string - description = "Activity tracker crn for COS bucket. Only required if 'create_cos_bucket' is true." - default = null -} - -variable "sysdig_crn" { - type = string - description = "Sysdig Monitoring crn for COS bucket. Only required if 'create_cos_bucket' is true." - default = null -} - ############################################################################## # COS bucket variables ##############################################################################