From 122c2cf3747d908ac791b7b96f93549e31ddbba0 Mon Sep 17 00:00:00 2001
From: Aayush-Abhyarthi <122350533+Aayush-Abhyarthi@users.noreply.github.com>
Date: Wed, 24 Jan 2024 17:06:41 +0530
Subject: [PATCH] fix: updated variable validation for `bucket_configs` in
 fscloud submodule (#507)

---
 modules/fscloud/main.tf      | 1 -
 modules/fscloud/variables.tf | 5 +++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/modules/fscloud/main.tf b/modules/fscloud/main.tf
index 6fb54c2b..dd065281 100644
--- a/modules/fscloud/main.tf
+++ b/modules/fscloud/main.tf
@@ -6,7 +6,6 @@ locals {
       validate_sysdig_set         = can(bucket.metrics_monitoring.metrics_monitoring_crn) ? bucket.metrics_monitoring.metrics_monitoring_crn == null ? tobool("When metrics_monitoring is set, metrics_monitoring_crn must be provided.") : null : null,
       validate_hpcs_instance_guid = bucket.skip_iam_authorization_policy == false && bucket.kms_guid == null ? tobool("'kms_guid' must be provided if 'skip_iam_authorization_policy' is set to false") : null,
       validate_hpcs_key_crn       = bucket.kms_key_crn == null ? tobool("When kms_encryption_enabled is set, kms_key_crn must be provided.") : null,
-      validate_kms_encryption     = !bucket.kms_encryption_enabled ? tobool("kms_encryption_enabled must be set to true for all buckets.") : null,
     }
   ]
 }
diff --git a/modules/fscloud/variables.tf b/modules/fscloud/variables.tf
index ef361fc0..b228f299 100644
--- a/modules/fscloud/variables.tf
+++ b/modules/fscloud/variables.tf
@@ -137,6 +137,11 @@ variable "bucket_configs" {
   }))
   description = "Cloud Object Storage bucket configurations"
   default     = []
+
+  validation {
+    condition     = length([for bucket_config in var.bucket_configs : true if contains([true], bucket_config.kms_encryption_enabled)]) == length(var.bucket_configs)
+    error_message = "The FSCloud submodule mandates that kms_encryption_enabled is set to true for all buckets in bucket_configs input variable value."
+  }
 }