Skip to content

Commit 803c097

Browse files
Ak-skyAk-sky
authored
feat: added latest service targets (#436)
1 parent 88ff923 commit 803c097

File tree

2 files changed

+34
-19
lines changed

2 files changed

+34
-19
lines changed

modules/fscloud/main.tf

Lines changed: 32 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,31 @@ locals {
9595
},
9696
"compliance" : {
9797
"enforcement_mode" : "report"
98+
},
99+
"IAM" : {
100+
"enforcement_mode" : "report"
101+
"service_group_id" : "IAM"
102+
},
103+
"context-based-restrictions" : {
104+
"enforcement_mode" : "report"
105+
},
106+
"globalcatalog-collection" : {
107+
"enforcement_mode" : "report"
108+
},
109+
"logdna" : {
110+
"enforcement_mode" : "report"
111+
},
112+
"logdnaat" : {
113+
"enforcement_mode" : "report"
114+
},
115+
"mqcloud" : {
116+
"enforcement_mode" : "disabled"
117+
},
118+
"sysdig-monitor" : {
119+
"enforcement_mode" : "report"
120+
},
121+
"sysdig-secure" : {
122+
"enforcement_mode" : "report"
98123
}
99124
}
100125

@@ -332,6 +357,11 @@ locals {
332357
operator = "stringEquals",
333358
value = data.ibm_iam_account_settings.iam_account_settings.account_id
334359
},
360+
try(value.service_group_id, null) != null ? {
361+
name = "service_group_id",
362+
operator = "stringEquals",
363+
value = value.service_group_id
364+
} : {},
335365
try(value.target_rg, null) != null ? {
336366
name = "resourceGroupId",
337367
operator = "stringEquals",
@@ -347,11 +377,11 @@ locals {
347377
operator = "stringEquals",
348378
value = value.region
349379
} : {},
350-
{
380+
try(value.service_group_id, null) == null ? {
351381
name = "serviceName",
352382
operator = "stringEquals",
353383
value = lookup(local.fake_service_names, key, key)
354-
}
384+
} : {}
355385
] }
356386
}
357387

modules/fscloud/variables.tf

Lines changed: 2 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -196,29 +196,14 @@ variable "target_service_details" {
196196
validation {
197197
condition = alltrue([
198198
for target_service_name, _ in var.target_service_details :
199-
contains(["iam-groups", "iam-access-management", "iam-identity",
200-
"user-management", "cloud-object-storage", "codeengine",
201-
"container-registry", "databases-for-cassandra",
202-
"databases-for-enterprisedb", "databases-for-elasticsearch",
203-
"databases-for-etcd", "databases-for-mongodb",
204-
"databases-for-mysql", "databases-for-postgresql", "databases-for-redis",
205-
"directlink", "dns-svcs", "messagehub", "kms", "containers-kubernetes", "containers-kubernetes-cluster", "containers-kubernetes-management",
206-
"messages-for-rabbitmq", "secrets-manager", "transit", "is",
207-
"schematics", "apprapp", "event-notifications", "compliance", "hs-crypto"], target_service_name)
199+
contains(["IAM", "apprapp", "cloud-object-storage", "codeengine", "compliance", "container-registry", "containers-kubernetes", "containers-kubernetes-cluster", "containers-kubernetes-management", "context-based-restrictions", "databases-for-cassandra", "databases-for-elasticsearch", "databases-for-enterprisedb", "databases-for-etcd", "databases-for-mongodb", "databases-for-mysql", "databases-for-postgresql", "databases-for-redis", "directlink", "dns-svcs", "event-notifications", "globalcatalog-collection", "hs-crypto", "iam-access-management", "iam-groups", "iam-identity", "is", "kms", "logdna", "logdnaat", "messagehub", "messages-for-rabbitmq", "mqcloud", "schematics", "secrets-manager", "sysdig-monitor", "sysdig-secure", "transit", "user-management"], target_service_name)
208200
])
209201
error_message = "Provide a valid target service name that is supported by context-based restrictions"
210202
}
211203
validation {
212204
condition = alltrue([
213205
for target_service_name, attributes in var.target_service_details :
214-
contains(["iam-identity", "codeengine",
215-
"container-registry", "databases-for-cassandra",
216-
"databases-for-enterprisedb", "databases-for-elasticsearch",
217-
"databases-for-etcd", "databases-for-mongodb",
218-
"databases-for-mysql", "databases-for-postgresql", "databases-for-redis", "messagehub",
219-
"containers-kubernetes", "containers-kubernetes-cluster", "containers-kubernetes-management",
220-
"messages-for-rabbitmq", "secrets-manager", "is",
221-
"apprapp", "event-notifications", "hs-crypto"], target_service_name) if attributes.region != null
206+
contains(["cloud-object-storage", "codeengine", "container-registry", "containers-kubernetes", "containers-kubernetes-cluster", "containers-kubernetes-management", "databases-for-cassandra", "databases-for-elasticsearch", "databases-for-enterprisedb", "databases-for-etcd", "databases-for-mongodb", "databases-for-mysql", "databases-for-postgresql", "databases-for-redis", "event-notifications", "hs-crypto", "iam-identity", "is", "logdna", "logdnaat", "messagehub", "messages-for-rabbitmq", "mqcloud", "secrets-manager", "sysdig-monitor", "sysdig-secure"], target_service_name) if attributes.region != null
222207
])
223208
error_message = "Provide a valid target service name that supports region attribute."
224209
}

0 commit comments

Comments
 (0)