feat: added latest serviceRef (#433)

Author: Ak-sky

modules/cbr-service-profile/main.tf

@@ -12,7 +12,7 @@ locals {
   # tflint-ignore: terraform_unused_declarations
   validate_zone_inputs = ((length(var.zone_vpc_crn_list) == 0) && (length(var.zone_service_ref_list) == 0)) ? tobool("Error: Provide a valid zone vpc and/or service references") : true
   # tflint-ignore: terraform_unused_declarations
-  validate_location_and_service_name = (length(setintersection(["compliance", "directlink", "iam-groups", "containers-kubernetes", "user-management"], var.zone_service_ref_list)) > 0 && var.location != null) ? tobool("Error: The services 'compliance','directlink','iam-groups','containers-kubernetes','user-management' does not support location") : true
+  validate_location_and_service_name = (length(setintersection(["directlink", "globalcatalog-collection", "iam-groups", "user-management"], var.zone_service_ref_list)) > 0 && var.location != null) ? tobool("Error: The services 'directlink', 'globalcatalog-collection', 'iam-groups' and 'user-management' does not support location") : true
 
 
 

modules/cbr-service-profile/variables.tf

@@ -26,8 +26,8 @@ variable "zone_service_ref_list" {
         "databases-for-redis", "directlink",
         "iam-groups", "is", "messagehub",
         "messages-for-rabbitmq", "schematics", "secrets-manager", "server-protect", "user-management",
-        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat"],
-      service_ref)
+        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat",
+      "cloudantnosqldb", "globalcatalog-collection", "sysdig-monitor", "sysdig-secure", "toolchain"], service_ref)
     ])
     error_message = "Provide a valid service reference for zone creation"
   }

modules/fscloud/README.md

@@ -25,7 +25,7 @@ The module also pre-create CBR zone for each service in the account as a best pr
 Important: In order to avoid unexpected breakage in the account against which this module is executed, the CBR rule enforcement mode is set to 'report' (or 'disabled' for services not supporting 'report' mode) by default. It is recommended to test out this module first with these default, and then use the `target_service_details` variable to set the enforcement mode to "enabled" gradually by service. The [usage example](../../examples/fscloud/) demonstrates how to set the enforcement mode to 'enabled' for the key protect ("kms") service.
 
 ## Note
-The services 'compliance', 'directlink', 'iam-groups', 'containers-kubernetes', 'user-management' does not support restriction per location.
+The services 'directlink', 'globalcatalog-collection', 'iam-groups' and 'user-management' does not support restriction per location.
 
 ### Usage
 
@@ -108,7 +108,7 @@ module "cbr_fscloud" {
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | Prefix to append to all vpc\_zone\_list, service\_ref\_zone\_list and cbr\_rule\_description created by this submodule | `string` | n/a | yes |
 | <a name="input_skip_specific_services_for_zone_creation"></a> [skip\_specific\_services\_for\_zone\_creation](#input\_skip\_specific\_services\_for\_zone\_creation) | Provide a list of service references for which zone creation is not required | `list(string)` | `[]` | no |
 | <a name="input_target_service_details"></a> [target\_service\_details](#input\_target\_service\_details) | Details of the target service for which a rule is created. The key is the service name. | <pre>map(object({<br>    description      = optional(string)<br>    target_rg        = optional(string)<br>    instance_id      = optional(string)<br>    enforcement_mode = string<br>    tags             = optional(list(string))<br>    region           = optional(string)<br>    global_deny      = optional(bool, true)<br>  }))</pre> | `{}` | no |
-| <a name="input_zone_service_ref_list"></a> [zone\_service\_ref\_list](#input\_zone\_service\_ref\_list) | (Optional) Customized name of the zone for the service reference. If not provided, default zone name with the prefix will be created. | <pre>object({<br>    cloud-object-storage        = optional(string)<br>    codeengine                  = optional(string)<br>    containers-kubernetes       = optional(string)<br>    databases-for-cassandra     = optional(string)<br>    databases-for-elasticsearch = optional(string)<br>    databases-for-enterprisedb  = optional(string)<br>    databases-for-etcd          = optional(string)<br>    databases-for-mongodb       = optional(string)<br>    databases-for-mysql         = optional(string)<br>    databases-for-postgresql    = optional(string)<br>    databases-for-redis         = optional(string)<br>    directlink                  = optional(string)<br>    iam-groups                  = optional(string)<br>    is                          = optional(string)<br>    messagehub                  = optional(string)<br>    messages-for-rabbitmq       = optional(string)<br>    schematics                  = optional(string)<br>    secrets-manager             = optional(string)<br>    server-protect              = optional(string)<br>    user-management             = optional(string)<br>    apprapp                     = optional(string)<br>    compliance                  = optional(string)<br>    event-notifications         = optional(string)<br>    logdna                      = optional(string)<br>    logdnaat                    = optional(string)<br>  })</pre> | <pre>{<br>  "apprapp": null,<br>  "cloud-object-storage": null,<br>  "codeengine": null,<br>  "compliance": null,<br>  "containers-kubernetes": null,<br>  "databases-for-cassandra": null,<br>  "databases-for-elasticsearch": null,<br>  "databases-for-enterprisedb": null,<br>  "databases-for-etcd": null,<br>  "databases-for-mongodb": null,<br>  "databases-for-mysql": null,<br>  "databases-for-postgresql": null,<br>  "databases-for-redis": null,<br>  "directlink": null,<br>  "event-notifications": null,<br>  "iam-groups": null,<br>  "is": null,<br>  "logdna": null,<br>  "logdnaat": null,<br>  "messagehub": null,<br>  "messages-for-rabbitmq": null,<br>  "schematics": null,<br>  "secrets-manager": null,<br>  "server-protect": null,<br>  "user-management": null<br>}</pre> | no |
+| <a name="input_zone_service_ref_list"></a> [zone\_service\_ref\_list](#input\_zone\_service\_ref\_list) | (Optional) Customized name of the zone for the service reference. If not provided, default zone name with the prefix will be created. | <pre>object({<br>    cloud-object-storage        = optional(string)<br>    codeengine                  = optional(string)<br>    containers-kubernetes       = optional(string)<br>    databases-for-cassandra     = optional(string)<br>    databases-for-elasticsearch = optional(string)<br>    databases-for-enterprisedb  = optional(string)<br>    databases-for-etcd          = optional(string)<br>    databases-for-mongodb       = optional(string)<br>    databases-for-mysql         = optional(string)<br>    databases-for-postgresql    = optional(string)<br>    databases-for-redis         = optional(string)<br>    directlink                  = optional(string)<br>    iam-groups                  = optional(string)<br>    is                          = optional(string)<br>    messagehub                  = optional(string)<br>    messages-for-rabbitmq       = optional(string)<br>    schematics                  = optional(string)<br>    secrets-manager             = optional(string)<br>    server-protect              = optional(string)<br>    user-management             = optional(string)<br>    apprapp                     = optional(string)<br>    compliance                  = optional(string)<br>    event-notifications         = optional(string)<br>    logdna                      = optional(string)<br>    logdnaat                    = optional(string)<br>    cloudantnosqldb             = optional(string)<br>    globalcatalog-collection    = optional(string)<br>    sysdig-monitor              = optional(string)<br>    sysdig-secure               = optional(string)<br>    toolchain                   = optional(string)<br>  })</pre> | <pre>{<br>  "apprapp": null,<br>  "cloud-object-storage": null,<br>  "cloudantnosqldb": null,<br>  "codeengine": null,<br>  "compliance": null,<br>  "containers-kubernetes": null,<br>  "databases-for-cassandra": null,<br>  "databases-for-elasticsearch": null,<br>  "databases-for-enterprisedb": null,<br>  "databases-for-etcd": null,<br>  "databases-for-mongodb": null,<br>  "databases-for-mysql": null,<br>  "databases-for-postgresql": null,<br>  "databases-for-redis": null,<br>  "directlink": null,<br>  "event-notifications": null,<br>  "globalcatalog-collection": null,<br>  "iam-groups": null,<br>  "is": null,<br>  "logdna": null,<br>  "logdnaat": null,<br>  "messagehub": null,<br>  "messages-for-rabbitmq": null,<br>  "schematics": null,<br>  "secrets-manager": null,<br>  "server-protect": null,<br>  "sysdig-monitor": null,<br>  "sysdig-secure": null,<br>  "toolchain": null,<br>  "user-management": null<br>}</pre> | no |
 | <a name="input_zone_vpc_crn_list"></a> [zone\_vpc\_crn\_list](#input\_zone\_vpc\_crn\_list) | (List) VPC CRN for the zones | `list(string)` | n/a | yes |
 
 ### Outputs

modules/fscloud/main.tf

@@ -147,7 +147,7 @@ locals {
           ref = {
             account_id   = data.ibm_iam_account_settings.iam_account_settings.account_id
             service_name = service_ref
-            location     = (service_ref == "compliance" || service_ref == "directlink" || service_ref == "iam-groups" || service_ref == "user-management" || service_ref == "containers-kubernetes") ? null : var.location
+            location     = (service_ref == "directlink" || service_ref == "globalcatalog-collection" || service_ref == "user-management" || service_ref == "iam-groups") ? null : var.location
           }
         }
       ]

modules/fscloud/variables.tf

@@ -95,6 +95,11 @@ variable "zone_service_ref_list" {
     event-notifications         = optional(string)
     logdna                      = optional(string)
     logdnaat                    = optional(string)
+    cloudantnosqldb             = optional(string)
+    globalcatalog-collection    = optional(string)
+    sysdig-monitor              = optional(string)
+    sysdig-secure               = optional(string)
+    toolchain                   = optional(string)
   })
   default = {
     cloud-object-storage        = null
@@ -122,6 +127,11 @@ variable "zone_service_ref_list" {
     event-notifications         = null
     logdna                      = null
     logdnaat                    = null
+    cloudantnosqldb             = null
+    globalcatalog-collection    = null
+    sysdig-monitor              = null
+    sysdig-secure               = null
+    toolchain                   = null
   }
   validation {
     condition = alltrue([
@@ -133,8 +143,8 @@ variable "zone_service_ref_list" {
         "databases-for-redis", "directlink",
         "iam-groups", "is", "messagehub",
         "messages-for-rabbitmq", "schematics", "secrets-manager", "server-protect", "user-management",
-        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat"],
-      service_ref)
+        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat",
+      "cloudantnosqldb", "globalcatalog-collection", "sysdig-monitor", "sysdig-secure", "toolchain"], service_ref)
     ])
     error_message = "Provide a valid service reference for zone creation"
   }
@@ -165,9 +175,9 @@ variable "custom_rule_contexts_by_service" {
           "databases-for-redis", "directlink",
           "iam-groups", "is", "messagehub",
           "messages-for-rabbitmq", "schematics", "secrets-manager", "server-protect", "user-management",
-          "apprapp", "compliance", "event-notifications", "logdna", "logdnaat"],
+          "apprapp", "compliance", "event-notifications", "logdna", "logdnaat",
+          "cloudantnosqldb", "globalcatalog-collection", "sysdig-monitor", "sysdig-secure", "toolchain"],
       ref)]]
-
     ]))
     error_message = "Provide a valid service reference for zone creation"
   }
@@ -236,7 +246,8 @@ variable "existing_serviceref_zone" {
         "databases-for-redis", "directlink",
         "iam-groups", "is", "messagehub",
         "messages-for-rabbitmq", "schematics", "secrets-manager", "server-protect", "user-management",
-      "apprapp", "compliance", "event-notifications", "logdna", "logdnaat"], key)
+        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat",
+      "cloudantnosqldb", "globalcatalog-collection", "sysdig-monitor", "sysdig-secure", "toolchain"], key)
     ])
     error_message = "Provide a valid service reference"
   }
@@ -269,8 +280,8 @@ variable "skip_specific_services_for_zone_creation" {
         "databases-for-redis", "directlink",
         "iam-groups", "is", "messagehub",
         "messages-for-rabbitmq", "schematics", "secrets-manager", "server-protect", "user-management",
-        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat"],
-      service_ref)
+        "apprapp", "compliance", "event-notifications", "logdna", "logdnaat",
+      "cloudantnosqldb", "globalcatalog-collection", "sysdig-monitor", "sysdig-secure", "toolchain"], service_ref)
     ])
     error_message = "Provide a valid service reference for zone creation"
   }