Skip to content

feat: added addons #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 5 commits into
base: main
Choose a base branch
from
+176 −3
Draft

feat: added addons #154

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d77c840
feat: added addons
Jul 22, 2025
3fcf658
Merge branch 'main' into addons
Vipin654 Jul 22, 2025
1c7dabf
addons
Jul 23, 2025
ef7f429
Merge branch 'addons' of github.com:terraform-ibm-modules/terraform-i…
Jul 23, 2025
bffce77
addons
Jul 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
179 changes: 176 additions & 3 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,12 +35,91 @@
"index": 1,
"working_directory": "solutions/fully-configurable",
"iam_permissions": [
{
"service_name": "sysdig-monitor",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "[Optional] Required for consuming Cloud Monitoring deployable architecture."
},
{
"service_name": "containers-kubernetes",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Viewer"
]
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "Required to create and edit OpenShift cluster and the related resources."
},
{
"service_name": "iam-identity",
"role_crns": [
"crn:v1:bluemix:public:iam::::role:Administrator",
"crn:v1:bluemix:public:iam-identity::::serviceRole:UserApiKeyCreator"
],
"notes": "Required to create the containers-kubernetes-key needed by the OpenShift cluster on IBM Cloud."
},
{
"service_name": "is.vpc",
"role_crns": [
"crn:v1:bluemix:public:iam::::role:Administrator"
],
"notes": "Required for creating Virtual Private Cloud(VPC)."
},
{
"service_name": "cloud-object-storage",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "Required to create Cloud Object Storage (COS) Instance."
},
{
"service_name": "hs-crypto",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "[Optional] Required if KMS encryption is enabled and IBM Hyper Protect Crypto Services is used to encrypt the Kubernetes Secrets and Object Storage bucket."
},
{
"service_name": "kms",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "[Optional] Required if KMS encryption is enabled and Key protect is used for encryption of Kubernetes Secrets and Object Storage bucket."
},
{
"service_name": "logs",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "[Optional] Required if you are consuming Observability deployable architecture which sets up Cloud logs."
},
{
"service_name": "logs-router",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Manager"
],
"notes": "[Optional] Required if you are consuming Observability deployable architecture which sets up Logs Routing."
},
{
"service_name": "atracker",
"role_crns": [
"crn:v1:bluemix:public:iam::::serviceRole:Writer",
"crn:v1:bluemix:public:iam::::role:Editor"
],
"notes": "[Optional] Required if you are consuming Observability deployable architecture which sets up Activity Tracker Event Routing."
},
{
"service_name": "secrets-manager",
"role_crns": [
"crn:v1:bluemix:public:iam::::role:Administrator",
"crn:v1:bluemix:public:iam::::serviceRole:Manager"
],
"notes": "[Optional] Required for creating an Secrets Manager instance. 'Manager' access required to create new secret groups."
}
],
"architecture": {
Expand Down Expand Up @@ -183,6 +262,21 @@
"key": "enable_kspm_analyzer",
"required": true
},
{
"key": "cluster_region",
"type": "string",
"custom_config": {
"config_constraints": {
"generationType": "2"
},
"grouping": "deployment",
"original_grouping": "deployment",
"type": "vpc_region"
},
"description": "Region in which cluster will be deployed. [Learn More](https://terraform-ibm-modules.github.io/documentation/#/region).",
"virtual": true,
"default_value": "us-south"
},
{
"key": "use_private_endpoint"
},
Expand Down Expand Up @@ -347,7 +441,86 @@
"key": "enable_universal_ebpf"
}
],
"install_type": "fullstack"
"install_type": "fullstack",
"dependencies": [
{
"name": "deploy-arch-ibm-cloud-monitoring",
"description": "Enable IBM Cloud Monitoring to gain operational visibility on applications running on OpenShift Cluster.",
"id": "73debdbf-894f-4c14-81c7-5ece3a70b67d-global",
"version": "v1.3.0",
"flavors": [
"fully-configurable"
],
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"optional": true,
"on_by_default": true,
"input_mapping": [
{
"dependency_input": "region",
"version_input": "instance_region",
"reference_version": true
},
{
"dependency_output": "cloud_monitoring_access_key",
"version_input": "access_key"
}
]
},
{
"name": "deploy-arch-ibm-base-ocp-vpc",
"description": "Configure the Red Hat OpenShift cluster on which monitoring agent will be installed.",
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"flavors": [
"fully-configurable"
],
"id": "1728a4fd-f561-4cf9-82ef-2b1eeb5da1a8-global",
"optional": true,
"on_by_default": true,
"input_mapping": [
{
"dependency_output": "cluster_id",
"version_input": "cluster_id"
},
{
"version_input": "is_vpc_cluster",
"value": true
},
{
"dependency_input": "region",
"version_input": "cluster_region",
"reference_version": true
},
{
"dependency_input": "cluster_config_endpoint_type",
"version_input": "cluster_config_endpoint_type",
"reference_version": true
}
],
"version": "v3.50.0"
},
{
"name": "deploy-arch-ibm-account-infra-base",
"description": "Cloud automation for Account Configuration organizes your IBM Cloud account with a ready-made set of resource groups by default and, when you enable the \"with Account Settings\" option, it also applies baseline security and governance settings. ",
"catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3",
"flavors": [
"resource-group-only",
"resource-groups-with-account-settings"
],
"default_flavor": "resource-group-only",
"id": "63641cec-6093-4b4f-b7b0-98d2f4185cd6-global",
"input_mapping": [
{
"dependency_output": "workload_resource_group_id",
"version_input": "cluster_resource_group_id"
}
],
"optional": true,
"on_by_default": false,
"version": "v3.0.7"
}
],
"dependency_version_2": true,
"terraform_version": "1.10.5"
}
]
}
Expand Down