generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathmain.tf
92 lines (82 loc) · 3.9 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#######################################################################################
# This file creates an event streams resource instance, topics, partitions and schema.
#######################################################################################
locals {
# Validation (approach based on https://github.com/hashicorp/terraform/issues/25609#issuecomment-1057614400)
# tflint-ignore: terraform_unused_declarations
validate_kms_plan = var.kms_key_crn != null && var.plan != "enterprise-3nodes-2tb" ? tobool("kms encryption is only supported for enterprise plan") : true
# tflint-ignore: terraform_unused_declarations
validate_throughput_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.throughput != 150) ? tobool("Throughput value cannot be changed in lite and standard plan. Default value is 150.") : true
# tflint-ignore: terraform_unused_declarations
validate_storage_size_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.storage_size != 2048) ? tobool("Storage size value cannot be changed in lite and standard plan. Default value is 2048.") : true
# tflint-ignore: terraform_unused_declarations
validate_service_end_points_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.service_endpoints != "public") ? tobool("Service endpoint cannot be changed in lite and standard plan. Default is public.") : true
}
resource "ibm_resource_instance" "es_instance" {
name = var.es_name
service = "messagehub"
plan = var.plan
location = var.region
resource_group_id = var.resource_group_id
tags = var.tags
timeouts {
create = var.create_timeout
update = var.update_timeout
delete = var.delete_timeout
}
parameters = {
service-endpoints = var.service_endpoints
throughput = var.throughput
storage_size = var.storage_size
kms_key_crn = var.kms_key_crn
}
}
##############################################################################
# SCHEMA
##############################################################################
resource "ibm_event_streams_schema" "es_schema" {
count = length(var.schemas) * (var.plan == "enterprise-3nodes-2tb" ? 1 : 0)
resource_instance_id = ibm_resource_instance.es_instance.id
schema_id = var.schemas[count.index].schema_id
schema = jsonencode(var.schemas[count.index].schema)
}
##############################################################################
# TOPIC
##############################################################################
resource "ibm_event_streams_topic" "es_topic" {
count = length(var.topics)
resource_instance_id = ibm_resource_instance.es_instance.id
name = var.topics[count.index].name
partitions = var.topics[count.index].partitions
config = var.topics[count.index].config
}
##############################################################################
# Context Based Restrictions
##############################################################################
module "cbr_rule" {
count = length(var.cbr_rules) > 0 ? length(var.cbr_rules) : 0
source = "terraform-ibm-modules/cbr/ibm//modules/cbr-rule-module"
version = "1.18.1"
rule_description = var.cbr_rules[count.index].description
enforcement_mode = var.cbr_rules[count.index].enforcement_mode
rule_contexts = var.cbr_rules[count.index].rule_contexts
resources = [{
attributes = [
{
name = "accountId"
value = var.cbr_rules[count.index].account_id
operator = "stringEquals"
},
{
name = "serviceInstance"
value = ibm_resource_instance.es_instance.guid
operator = "stringEquals"
},
{
name = "serviceName"
value = "messagehub"
operator = "stringEquals"
}
]
}]
}