Updates Metric Router validation condition

README.md

@@ -198,9 +198,9 @@ No resources.
 | <a name="input_enable_platform_metrics"></a> [enable\_platform\_metrics](#input\_enable\_platform\_metrics) | Receive platform metrics in the provisioned IBM Cloud Monitoring instance. | `bool` | `true` | no |
 | <a name="input_global_event_routing_settings"></a> [global\_event\_routing\_settings](#input\_global\_event\_routing\_settings) | Global settings for event routing | <pre>object({<br/>    default_targets           = optional(list(string), [])<br/>    metadata_region_primary   = string<br/>    metadata_region_backup    = optional(string)<br/>    permitted_target_regions  = list(string)<br/>    private_api_endpoint_only = optional(bool, false)<br/>  })</pre> | `null` | no |
 | <a name="input_logs_routing_tenant_regions"></a> [logs\_routing\_tenant\_regions](#input\_logs\_routing\_tenant\_regions) | Pass a list of regions to create a tenant for that is targetted to the Cloud Logs instance created by this module. To manage platform logs that are generated by IBM Cloud® services in a region of IBM Cloud, you must create a tenant in each region that you operate. Leave the list empty if you don't want to create any tenants. | `list(any)` | `[]` | no |
-| <a name="input_metrics_router_routes"></a> [metrics\_router\_routes](#input\_metrics\_router\_routes) | List of routes for IBM Metrics Router. | <pre>list(object({<br/>    name = string<br/>    rules = list(object({<br/>      action = string<br/>      targets = list(object({<br/>        id = string<br/>      }))<br/>      inclusion_filters = list(object({<br/>        operand  = string<br/>        operator = string<br/>        values   = list(string)<br/>      }))<br/>    }))<br/>  }))</pre> | `[]` | no |
-| <a name="input_metrics_router_settings"></a> [metrics\_router\_settings](#input\_metrics\_router\_settings) | Global settings for Metrics Routing. | <pre>object({<br/>    default_targets = list(object({<br/>      id = string<br/>    }))<br/>    permitted_target_regions  = list(string)<br/>    primary_metadata_region   = string<br/>    backup_metadata_region    = string<br/>    private_api_endpoint_only = bool<br/>  })</pre> | `null` | no |
-| <a name="input_metrics_router_targets"></a> [metrics\_router\_targets](#input\_metrics\_router\_targets) | List of Metrics Router targets to be created. | <pre>list(object({<br/>    destination_crn                     = string<br/>    target_name                         = string<br/>    target_region                       = string<br/>    skip_mrouter_sysdig_iam_auth_policy = optional(bool, false)<br/>  }))</pre> | `[]` | no |
+| <a name="input_metrics_router_routes"></a> [metrics\_router\_routes](#input\_metrics\_router\_routes) | List of routes for IBM Metrics Router. | <pre>list(object({<br/>    name = string<br/>    rules = list(object({<br/>      action = optional(string, "send")<br/>      targets = list(object({<br/>        id = string<br/>      }))<br/>      inclusion_filters = list(object({<br/>        operand  = string<br/>        operator = string<br/>        values   = list(string)<br/>      }))<br/>    }))<br/>  }))</pre> | `[]` | no |
+| <a name="input_metrics_router_settings"></a> [metrics\_router\_settings](#input\_metrics\_router\_settings) | Global settings for Metrics Routing. | <pre>object({<br/>    default_targets = optional(list(object({<br/>      id = string<br/>    })))<br/>    permitted_target_regions  = optional(list(string))<br/>    primary_metadata_region   = optional(string)<br/>    backup_metadata_region    = optional(string)<br/>    private_api_endpoint_only = optional(bool, false)<br/>  })</pre> | `null` | no |
+| <a name="input_metrics_router_targets"></a> [metrics\_router\_targets](#input\_metrics\_router\_targets) | List of Metrics Router targets to be created. | <pre>list(object({<br/>    destination_crn                     = string<br/>    target_name                         = string<br/>    target_region                       = optional(string)<br/>    skip_mrouter_sysdig_iam_auth_policy = optional(bool, false)<br/>  }))</pre> | `[]` | no |
 | <a name="input_region"></a> [region](#input\_region) | The IBM Cloud region where instances will be created. | `string` | `"us-south"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The id of the IBM Cloud resource group where the instance(s) will be created. | `string` | `null` | no |
 | <a name="input_skip_logs_routing_auth_policy"></a> [skip\_logs\_routing\_auth\_policy](#input\_skip\_logs\_routing\_auth\_policy) | Whether to create an IAM authorization policy that permits Logs Routing Sender access to the IBM Cloud Logs. | `bool` | `false` | no |

modules/metrics_routing/README.md

@@ -97,9 +97,9 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_metrics_router_routes"></a> [metrics\_router\_routes](#input\_metrics\_router\_routes) | List of routes for IBM Metrics Router | <pre>list(object({<br/>    name = string<br/>    rules = list(object({<br/>      action = string<br/>      targets = optional(list(object({<br/>        id = optional(string)<br/>      })), [])<br/>      inclusion_filters = list(object({<br/>        operand  = string<br/>        operator = string<br/>        values   = list(string)<br/>      }))<br/>    }))<br/>  }))</pre> | `[]` | no |
-| <a name="input_metrics_router_settings"></a> [metrics\_router\_settings](#input\_metrics\_router\_settings) | Global settings for Metrics Routing | <pre>object({<br/>    permitted_target_regions  = list(string)<br/>    primary_metadata_region   = string<br/>    backup_metadata_region    = string<br/>    private_api_endpoint_only = bool<br/>    default_targets = optional(list(object({<br/>      id = string<br/>    })), [])<br/>  })</pre> | `null` | no |
-| <a name="input_metrics_router_targets"></a> [metrics\_router\_targets](#input\_metrics\_router\_targets) | List of Metrics Router targets to be created. | <pre>list(object({<br/>    destination_crn                     = string<br/>    target_name                         = string<br/>    target_region                       = string<br/>    skip_mrouter_sysdig_iam_auth_policy = optional(bool, false)<br/>  }))</pre> | `[]` | no |
+| <a name="input_metrics_router_routes"></a> [metrics\_router\_routes](#input\_metrics\_router\_routes) | List of routes for IBM Metrics Router | <pre>list(object({<br/>    name = string<br/>    rules = list(object({<br/>      action = optional(string, "send")<br/>      targets = list(object({<br/>        id = string<br/>      }))<br/>      inclusion_filters = list(object({<br/>        operand  = string<br/>        operator = string<br/>        values   = list(string)<br/>      }))<br/>    }))<br/>  }))</pre> | `[]` | no |
+| <a name="input_metrics_router_settings"></a> [metrics\_router\_settings](#input\_metrics\_router\_settings) | Global settings for Metrics Routing | <pre>object({<br/>    permitted_target_regions  = optional(list(string))<br/>    primary_metadata_region   = optional(string)<br/>    backup_metadata_region    = optional(string)<br/>    private_api_endpoint_only = optional(bool, false)<br/>    default_targets = optional(list(object({<br/>      id = string<br/>    })))<br/>  })</pre> | `null` | no |
+| <a name="input_metrics_router_targets"></a> [metrics\_router\_targets](#input\_metrics\_router\_targets) | List of Metrics Router targets to be created. | <pre>list(object({<br/>    destination_crn                     = string<br/>    target_name                         = string<br/>    target_region                       = optional(string)<br/>    skip_mrouter_sysdig_iam_auth_policy = optional(bool, false)<br/>  }))</pre> | `[]` | no |
 
 ### Outputs
 

modules/metrics_routing/variables.tf

@@ -2,7 +2,7 @@ variable "metrics_router_targets" {
   type = list(object({
     destination_crn                     = string
     target_name                         = string
-    target_region                       = string
+    target_region                       = optional(string)
     skip_mrouter_sysdig_iam_auth_policy = optional(bool, false)
   }))
   default     = []
@@ -13,10 +13,10 @@ variable "metrics_router_routes" {
   type = list(object({
     name = string
     rules = list(object({
-      action = string
-      targets = optional(list(object({
-        id = optional(string)
-      })), [])
+      action = optional(string, "send")
+      targets = list(object({
+        id = string
+      }))
       inclusion_filters = list(object({
         operand  = string
         operator = string
@@ -30,26 +30,46 @@ variable "metrics_router_routes" {
   validation {
     condition = length(var.metrics_router_routes) == 0 || alltrue([
       for route in var.metrics_router_routes : (
-        length(route.rules) <= 4 &&
+        length(route.rules) <= 10 &&
         alltrue([
           for rule in route.rules : length(rule.inclusion_filters) <= 5
         ])
       )
     ])
-    error_message = "The metrics_router_routes list can be empty or contain routes with up to 4 rules, and each rule's inclusion_filters must have less than 5 items."
+    error_message = "The 'metrics_router_routes' list can be empty or contain routes with up to 10 rules, and each rule's 'inclusion_filters' must have less than 5 items."
+  }
+  validation {
+    condition = length(var.metrics_router_routes) == 0 || alltrue([
+      for route in var.metrics_router_routes : alltrue([
+        for rule in route.rules :
+        rule.action != "send" || length(rule.targets) > 0
+      ])
+    ])
+    error_message = "Each rule with action 'send' must have at least one target defined in 'targets'."
   }
 }
 
 variable "metrics_router_settings" {
   type = object({
-    permitted_target_regions  = list(string)
-    primary_metadata_region   = string
-    backup_metadata_region    = string
-    private_api_endpoint_only = bool
+    permitted_target_regions  = optional(list(string))
+    primary_metadata_region   = optional(string)
+    backup_metadata_region    = optional(string)
+    private_api_endpoint_only = optional(bool, false)
     default_targets = optional(list(object({
       id = string
-    })), [])
+    })))
   })
   description = "Global settings for Metrics Routing"
   default     = null
+
+  validation {
+    error_message = "Valid regions for 'permitted_target_regions' are: us-south, eu-de, us-east, eu-es, eu-gb, au-syd, br-sao, ca-tor, jp-tok, jp-osa"
+    condition = (var.metrics_router_settings == null ?
+      true :
+      alltrue([
+        for region in var.metrics_router_settings.permitted_target_regions :
+        contains(["jp-osa", "au-syd", "jp-tok", "eu-de", "eu-gb", "eu-es", "us-south", "ca-tor", "us-east", "br-sao"], region)
+      ])
+    )
+  }
 }

variables.tf

@@ -310,7 +310,7 @@ variable "metrics_router_targets" {
   type = list(object({
     destination_crn                     = string
     target_name                         = string
-    target_region                       = string
+    target_region                       = optional(string)
     skip_mrouter_sysdig_iam_auth_policy = optional(bool, false)
   }))
   default     = []
@@ -321,7 +321,7 @@ variable "metrics_router_routes" {
   type = list(object({
     name = string
     rules = list(object({
-      action = string
+      action = optional(string, "send")
       targets = list(object({
         id = string
       }))
@@ -338,13 +338,13 @@ variable "metrics_router_routes" {
 
 variable "metrics_router_settings" {
   type = object({
-    default_targets = list(object({
+    default_targets = optional(list(object({
       id = string
-    }))
-    permitted_target_regions  = list(string)
-    primary_metadata_region   = string
-    backup_metadata_region    = string
-    private_api_endpoint_only = bool
+    })))
+    permitted_target_regions  = optional(list(string))
+    primary_metadata_region   = optional(string)
+    backup_metadata_region    = optional(string)
+    private_api_endpoint_only = optional(bool, false)
   })
   description = "Global settings for Metrics Routing."
   default     = null