feat: introduce management_endpoint_type_for_bucket input parameter (#…

…351) Introduce the input parameter `management_endpoint_type_for_bucket` allowing to specify the type of endpoint (private, public, direct) to use to connect to COS. This parameter was previously known as `bucket_endpoint` in versions 5.X
terraform-ibm-modules · Apr 17, 2023 · c2d7fd4 · c2d7fd4
1 parent 87da432
commit c2d7fd4
Show file tree

Hide file tree

Showing 6 changed files with 74 additions and 39 deletions.
diff --git a/README.md b/README.md
@@ -140,6 +140,7 @@ You need the following permissions to run this module.
 | <a name="input_hmac_key_role"></a> [hmac\_key\_role](#input\_hmac\_key\_role) | The role you want to be associated with your new hmac key. Valid roles are 'Writer', 'Reader', 'Manager', 'Content Reader', 'Object Reader', 'Object Writer'. | `string` | `"Manager"` | no |
 | <a name="input_instance_cbr_rules"></a> [instance\_cbr\_rules](#input\_instance\_cbr\_rules) | (Optional, list) List of CBR rules to create for the instance | <pre>list(object({<br>    description = string<br>    account_id  = string<br>    rule_contexts = list(object({<br>      attributes = optional(list(object({<br>        name  = string<br>        value = string<br>    }))) }))<br>    enforcement_mode = string<br>    tags = optional(list(object({<br>      name  = string<br>      value = string<br>    })), [])<br>    operations = optional(list(object({<br>      api_types = list(object({<br>        api_type_id = string<br>      }))<br>    })))<br>  }))</pre> | `[]` | no |
 | <a name="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn) | CRN of the KMS Key to use to encrypt the data in the COS Bucket. Required if var.encryption\_enabled and var.create\_cos\_bucket are true. | `string` | `null` | no |
+| <a name="input_management_endpoint_type_for_bucket"></a> [management\_endpoint\_type\_for\_bucket](#input\_management\_endpoint\_type\_for\_bucket) | The type of endpoint for the IBM terraform provider to use to manage the bucket. (public, private, direct) | `string` | `"public"` | no |
 | <a name="input_object_versioning_enabled"></a> [object\_versioning\_enabled](#input\_object\_versioning\_enabled) | Enable object versioning to keep multiple versions of an object in a bucket. Cannot be used with retention rule. Only used if 'create\_cos\_bucket' is true. | `bool` | `false` | no |
 | <a name="input_region"></a> [region](#input\_region) | The region to provision the bucket. If you pass a value for this, do not pass one for var.cross\_region\_location. | `string` | `"us-south"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where resources will be provisioned. | `string` | n/a | yes |

diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -105,16 +105,17 @@ module "cbr_zone" {
 # - Monitoring
 # - Activity Tracking
 module "cos_bucket1" {
-  source                     = "../../"
-  resource_group_id          = module.resource_group.resource_group_id
-  region                     = var.region
-  cross_region_location      = null
-  cos_instance_name          = "${var.prefix}-cos"
-  cos_tags                   = var.resource_tags
-  bucket_name                = "${var.prefix}-bucket-1"
-  existing_kms_instance_guid = module.key_protect_all_inclusive.key_protect_guid
-  kms_key_crn                = module.key_protect_all_inclusive.keys["${local.key_ring_name}.${local.key_name}"].crn
-  sysdig_crn                 = module.observability_instances.sysdig_crn
+  source                              = "../../"
+  resource_group_id                   = module.resource_group.resource_group_id
+  region                              = var.region
+  cross_region_location               = null
+  cos_instance_name                   = "${var.prefix}-cos"
+  cos_tags                            = var.resource_tags
+  bucket_name                         = "${var.prefix}-bucket-1"
+  management_endpoint_type_for_bucket = var.management_endpoint_type_for_bucket
+  existing_kms_instance_guid          = module.key_protect_all_inclusive.key_protect_guid
+  kms_key_crn                         = module.key_protect_all_inclusive.keys["${local.key_ring_name}.${local.key_name}"].crn
+  sysdig_crn                          = module.observability_instances.sysdig_crn
   # disable retention for test environments - enable for stage/prod
   retention_enabled    = false
   activity_tracker_crn = local.at_crn
@@ -170,16 +171,17 @@ module "cos_bucket1" {
 # - Monitoring
 # - Activity Tracking
 module "cos_bucket2" {
-  source                   = "../../"
-  bucket_name              = "${var.prefix}-bucket-2"
-  resource_group_id        = module.resource_group.resource_group_id
-  region                   = null
-  cross_region_location    = var.cross_region_location
-  archive_days             = null
-  sysdig_crn               = module.observability_instances.sysdig_crn
-  activity_tracker_crn     = local.at_crn
-  create_cos_instance      = false
-  existing_cos_instance_id = module.cos_bucket1.cos_instance_id
+  source                              = "../../"
+  bucket_name                         = "${var.prefix}-bucket-2"
+  management_endpoint_type_for_bucket = var.management_endpoint_type_for_bucket
+  resource_group_id                   = module.resource_group.resource_group_id
+  region                              = null
+  cross_region_location               = var.cross_region_location
+  archive_days                        = null
+  sysdig_crn                          = module.observability_instances.sysdig_crn
+  activity_tracker_crn                = local.at_crn
+  create_cos_instance                 = false
+  existing_cos_instance_id            = module.cos_bucket1.cos_instance_id
   # disable retention for test environments - enable for stage/prod
   retention_enabled = false
   kms_key_crn       = module.key_protect_all_inclusive.keys["${local.key_ring_name}.${local.key_name}"].crn

diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf
@@ -39,6 +39,12 @@ variable "cross_region_location" {
   }
 }
 
+variable "management_endpoint_type_for_bucket" {
+  type        = string
+  description = "The type of endpoint for the IBM terraform provider to use to manage the bucket. (public, private, direct)"
+  default     = "public"
+}
+
 variable "resource_group" {
   type        = string
   description = "An existing resource group name to use for this example, if unset a new resource group will be created"

diff --git a/main.tf b/main.tf
@@ -164,6 +164,7 @@ resource "ibm_cos_bucket" "cos_bucket1" {
   resource_instance_id  = local.cos_instance_id
   region_location       = var.region
   cross_region_location = var.cross_region_location
+  endpoint_type         = var.management_endpoint_type_for_bucket
   storage_class         = var.bucket_storage_class
   dynamic "retention_rule" {
     for_each = local.retention_enabled

diff --git a/module-metadata.json b/module-metadata.json
@@ -7,7 +7,7 @@
       "description": "Activity tracker crn for COS bucket (Optional)",
       "pos": {
         "filename": "variables.tf",
-        "line": 192
+        "line": 202
       }
     },
     "archive_days": {
@@ -17,7 +17,7 @@
       "default": 90,
       "pos": {
         "filename": "variables.tf",
-        "line": 170
+        "line": 180
       }
     },
     "archive_type": {
@@ -27,7 +27,7 @@
       "default": "Glacier",
       "pos": {
         "filename": "variables.tf",
-        "line": 176
+        "line": 186
       }
     },
     "bucket_cbr_rules": {
@@ -45,7 +45,7 @@
       ],
       "pos": {
         "filename": "variables.tf",
-        "line": 230
+        "line": 240
       }
     },
     "bucket_name": {
@@ -205,7 +205,7 @@
       ],
       "pos": {
         "filename": "variables.tf",
-        "line": 214
+        "line": 224
       }
     },
     "existing_cos_instance_id": {
@@ -226,7 +226,7 @@
       ],
       "pos": {
         "filename": "variables.tf",
-        "line": 208
+        "line": 218
       },
       "immutable": true,
       "computed": true
@@ -238,7 +238,7 @@
       "default": 365,
       "pos": {
         "filename": "variables.tf",
-        "line": 186
+        "line": 196
       }
     },
     "hmac_key_name": {
@@ -285,7 +285,7 @@
       ],
       "pos": {
         "filename": "variables.tf",
-        "line": 255
+        "line": 265
       }
     },
     "kms_key_crn": {
@@ -297,18 +297,32 @@
       ],
       "pos": {
         "filename": "variables.tf",
-        "line": 220
+        "line": 230
       },
       "immutable": true
     },
+    "management_endpoint_type_for_bucket": {
+      "name": "management_endpoint_type_for_bucket",
+      "type": "string",
+      "description": "The type of endpoint for the IBM terraform provider to use to manage the bucket. (public, private, direct)",
+      "default": "public",
+      "source": [
+        "ibm_cos_bucket.cos_bucket1.endpoint_type"
+      ],
+      "pos": {
+        "filename": "variables.tf",
+        "line": 122
+      },
+      "options": "public,private,direct"
+    },
     "object_versioning_enabled": {
       "name": "object_versioning_enabled",
       "type": "bool",
       "description": "Enable object versioning to keep multiple versions of an object in a bucket. Cannot be used with retention rule. Only used if 'create_cos_bucket' is true.",
       "default": false,
       "pos": {
         "filename": "variables.tf",
-        "line": 164
+        "line": 174
       }
     },
     "region": {
@@ -364,7 +378,7 @@
       "default": 90,
       "pos": {
         "filename": "variables.tf",
-        "line": 128
+        "line": 138
       }
     },
     "retention_enabled": {
@@ -374,7 +388,7 @@
       "default": true,
       "pos": {
         "filename": "variables.tf",
-        "line": 122
+        "line": 132
       }
     },
     "retention_maximum": {
@@ -384,7 +398,7 @@
       "default": 350,
       "pos": {
         "filename": "variables.tf",
-        "line": 138
+        "line": 148
       }
     },
     "retention_minimum": {
@@ -394,7 +408,7 @@
       "default": 90,
       "pos": {
         "filename": "variables.tf",
-        "line": 148
+        "line": 158
       }
     },
     "retention_permanent": {
@@ -404,7 +418,7 @@
       "default": false,
       "pos": {
         "filename": "variables.tf",
-        "line": 158
+        "line": 168
       }
     },
     "skip_iam_authorization_policy": {
@@ -414,7 +428,7 @@
       "default": false,
       "pos": {
         "filename": "variables.tf",
-        "line": 280
+        "line": 290
       }
     },
     "sysdig_crn": {
@@ -423,7 +437,7 @@
       "description": "Sysdig Monitoring crn for COS bucket (Optional)",
       "pos": {
         "filename": "variables.tf",
-        "line": 198
+        "line": 208
       }
     }
   },
@@ -565,6 +579,7 @@
         "bucket_name": "bucket_name",
         "count": "encryption_enabled",
         "cross_region_location": "cross_region_location",
+        "endpoint_type": "management_endpoint_type_for_bucket",
         "region_location": "region",
         "storage_class": "bucket_storage_class"
       },
@@ -706,7 +721,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 235
+        "line": 236
       }
     },
     "instance_cbr_rule": {
@@ -783,7 +798,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 269
+        "line": 270
       }
     }
   }

diff --git a/variables.tf b/variables.tf
@@ -119,6 +119,16 @@ variable "bucket_storage_class" {
   }
 }
 
+variable "management_endpoint_type_for_bucket" {
+  description = "The type of endpoint for the IBM terraform provider to use to manage the bucket. (public, private, direct)"
+  type        = string
+  default     = "public"
+  validation {
+    condition     = contains(["public", "private", "direct"], var.management_endpoint_type_for_bucket)
+    error_message = "The specified management_endpoint_type_for_bucket is not a valid selection!"
+  }
+}
+
 variable "retention_enabled" {
   description = "Retention enabled for COS bucket. Only used if 'create_cos_bucket' is true."
   type        = bool