You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
feat: Added new input iam_token_only. If set to true, disables Kafka's SASL PLAIN authentication method, only allowing clients to authenticate with SASL OAUTHBEARER via IAM access token. For more information, see: https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-security. Only allowed for enterprise plans.<br>UPGRADE NOTE: When updating to this version, you will see an expected update for the parameters_json configuration which is adding the new iam_token_only input (#381)
Copy file name to clipboardexpand all lines: README.md
+1
Original file line number
Diff line number
Diff line change
@@ -144,6 +144,7 @@ You need the following permissions to run this module.
144
144
| <aname="input_create_timeout"></a> [create\_timeout](#input\_create\_timeout)| The timeout value for creating an Event Streams instance. Specify `3h` for an Enterprise plan instance. Add 1 h for each level of non-default throughput. Add 30 min for each level of non-default storage size. |`string`|`"3h"`| no |
145
145
| <aname="input_delete_timeout"></a> [delete\_timeout](#input\_delete\_timeout)| The timeout value for deleting an Event Streams instance. |`string`|`"15m"`| no |
146
146
| <aname="input_es_name"></a> [es\_name](#input\_es\_name)| The name to give the Event Streams instance created by this module. |`string`| n/a | yes |
147
+
| <aname="input_iam_token_only"></a> [iam\_token\_only](#input\_iam\_token\_only)| If set to true, disables Kafka's SASL PLAIN authentication method, only allowing clients to authenticate with SASL OAUTHBEARER via IAM access token. For more information, see: https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-security. Only allowed for enterprise plans. |`bool`|`false`| no |
147
148
| <aname="input_kms_encryption_enabled"></a> [kms\_encryption\_enabled](#input\_kms\_encryption\_enabled)| Set this to true to control the encryption keys used to encrypt the data that you store in IBM Cloud® Databases. If set to false, the data is encrypted by using randomly generated keys. For more info on Key Protect integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect. For more info on HPCS integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs|`bool`|`false`| no |
148
149
| <aname="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn)| The root key CRN of the key management service (Key Protect or Hyper Protect Crypto Services) to use to encrypt the payload data. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-managing_encryption) about integrating Hyper Protect Crypto Services with Event Streams. |`string`|`null`| no |
149
150
| <aname="input_metrics"></a> [metrics](#input\_metrics)| Enhanced metrics to activate, as list of strings. Only allowed for enterprise plans. Allowed values: 'topic', 'partition', 'consumers'. |`list(string)`|`[]`| no |
Copy file name to clipboardexpand all lines: main.tf
+9-5
Original file line number
Diff line number
Diff line change
@@ -30,11 +30,13 @@ locals {
30
30
validate_mirroring_topics=var.mirroring==null&& var.mirroring_topic_patterns!=null?tobool("When passing values for var.mirroring_topic_patterns, values must also be passed for var.mirroring.") :true
31
31
# tflint-ignore: terraform_unused_declarations
32
32
validate_mirroring_config=var.mirroring!=null&& var.mirroring_topic_patterns==null?tobool("When passing values for var.mirroring, values must also be passed for var.mirroring_topic_patterns.") :true
Copy file name to clipboardexpand all lines: modules/fscloud/README.md
+1
Original file line number
Diff line number
Diff line change
@@ -31,6 +31,7 @@ No resources.
31
31
| <aname="input_create_timeout"></a> [create\_timeout](#input\_create\_timeout)| The timeout value for creating an Event Streams instance. Specify `3h` for an Enterprise plan instance. Add 1 h for each level of non-default throughput. Add 30 min for each level of non-default storage size. |`string`|`"3h"`| no |
32
32
| <aname="input_delete_timeout"></a> [delete\_timeout](#input\_delete\_timeout)| The timeout value for deleting an Event Streams instance. |`string`|`"15m"`| no |
33
33
| <aname="input_es_name"></a> [es\_name](#input\_es\_name)| The name of the Event Streams instance. |`string`| n/a | yes |
34
+
| <aname="input_iam_token_only"></a> [iam\_token\_only](#input\_iam\_token\_only)| If set to true, disables Kafka's SASL PLAIN authentication method, only allowing clients to authenticate with SASL OAUTHBEARER via IAM access token. For more information, see: https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-security. Only allowed for enterprise plans. |`bool`|`false`| no |
34
35
| <aname="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn)| The root key CRN of the key management service (Key Protect or Hyper Protect Crypto Services) to use to encrypt the payload data. |`string`| n/a | yes |
35
36
| <aname="input_metrics"></a> [metrics](#input\_metrics)| Enhanced metrics to activate, as list of strings. Allowed values: 'topic', 'partition', 'consumers'. |`list(string)`|`[]`| no |
36
37
| <a name="input_mirroring"></a> [mirroring](#input\_mirroring) | Event Streams mirroring configuration. Required only if creating mirroring instance. For more information on mirroring, see https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring. | <pre>object({<br/> source_crn = string<br/> source_alias = string<br/> target_alias = string<br/> options = optional(object({<br/> topic_name_transform = object({<br/> type = string<br/> rename = optional(object({<br/> add_prefix = optional(string)<br/> add_suffix = optional(string)<br/> remove_prefix = optional(string)<br/> remove_suffix = optional(string)<br/> }))<br/> })<br/> group_id_transform = object({<br/> type = string<br/> rename = optional(object({<br/> add_prefix = optional(string)<br/> add_suffix = optional(string)<br/> remove_prefix = optional(string)<br/> remove_suffix = optional(string)<br/> }))<br/> })<br/> }))<br/> })</pre> | `null` | no |
Copy file name to clipboardexpand all lines: modules/fscloud/variables.tf
+6
Original file line number
Diff line number
Diff line change
@@ -163,6 +163,12 @@ variable "mirroring" {
163
163
default=null
164
164
}
165
165
166
+
variable"iam_token_only" {
167
+
type=bool
168
+
description="If set to true, disables Kafka's SASL PLAIN authentication method, only allowing clients to authenticate with SASL OAUTHBEARER via IAM access token. For more information, see: https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-security. Only allowed for enterprise plans."
169
+
default=false
170
+
}
171
+
166
172
variable"create_timeout" {
167
173
type=string
168
174
description="The timeout value for creating an Event Streams instance. Specify `3h` for an Enterprise plan instance. Add 1 h for each level of non-default throughput. Add 30 min for each level of non-default storage size."
description="If set to true, disables Kafka's SASL PLAIN authentication method, only allowing clients to authenticate with SASL OAUTHBEARER via IAM access token. For more information, see: https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-security. Only allowed for enterprise plans."
259
+
default=false
260
+
}
261
+
256
262
variable"create_timeout" {
257
263
type=string
258
264
description="The timeout value for creating an Event Streams instance. Specify `3h` for an Enterprise plan instance. Add 1 h for each level of non-default throughput. Add 30 min for each level of non-default storage size."
Copy file name to clipboardexpand all lines: variables.tf
+6
Original file line number
Diff line number
Diff line change
@@ -261,3 +261,9 @@ variable "mirroring" {
261
261
})
262
262
default=null
263
263
}
264
+
265
+
variable"iam_token_only" {
266
+
type=bool
267
+
description="If set to true, disables Kafka's SASL PLAIN authentication method, only allowing clients to authenticate with SASL OAUTHBEARER via IAM access token. For more information, see: https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-security. Only allowed for enterprise plans."
0 commit comments