|
57 | 57 | }, |
58 | 58 | "configuration": [ |
59 | 59 | { |
60 | | - "key": "ibmcloud_api_key" |
| 60 | + "key": "ibmcloud_api_key", |
| 61 | + "type": "password", |
| 62 | + "description": "The API key to use for IBM Cloud.", |
| 63 | + "required": true |
61 | 64 | }, |
62 | 65 | { |
63 | 66 | "key": "existing_kms_root_key_crn", |
| 67 | + "type": "string", |
| 68 | + "default_value": "__NULL__", |
| 69 | + "description": "The key CRN of a root key, existing in the KMS instance passed in `var.existing_kms_instance_crn`, which will be used to encrypt the data encryption keys which are then used to encrypt the data. The code will create the key if one is not passed in.", |
64 | 70 | "required": true |
65 | 71 | }, |
66 | 72 | { |
67 | 73 | "key": "use_existing_resource_group", |
| 74 | + "type": "boolean", |
| 75 | + "default_value": false, |
| 76 | + "description": "Whether to use an existing resource group.", |
68 | 77 | "required": true |
69 | 78 | }, |
70 | 79 | { |
71 | 80 | "key": "resource_group_name", |
| 81 | + "type": "string", |
| 82 | + "default_value": "__NOT_SET__", |
| 83 | + "description": "The name of a new or an existing resource group in which to provision the Databases for Elasicsearch in. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
72 | 84 | "required": true |
| 85 | + }, |
| 86 | + { |
| 87 | + "key": "add_bucket_name_suffix", |
| 88 | + "type": "boolean", |
| 89 | + "default_value": true, |
| 90 | + "description": "Whether to add a randomly generated 4-character suffix to the newly provisioned Object Storage bucket name. Used only if not using an existing bucket. Set to `false` if you want full control over bucket naming by using the `cos_bucket_name` variable.", |
| 91 | + "required": false |
| 92 | + }, |
| 93 | + { |
| 94 | + "key": "archive_days", |
| 95 | + "type": "number", |
| 96 | + "default_value": "__NULL__", |
| 97 | + "description": "Specifies the number of days when the archive rule action takes effect. This must be set to null when when using var.cross_region_location as archive data is not supported with this feature.", |
| 98 | + "required": false |
| 99 | + }, |
| 100 | + { |
| 101 | + "key": "cos_bucket_name", |
| 102 | + "type": "string", |
| 103 | + "default_value": "base-event-notifications-bucket", |
| 104 | + "description": "The name to use when creating the Object Storage bucket for the storage of failed delivery events. Bucket names are globally unique. If `add_bucket_name_suffix` is set to `true`, a random 4 character string is added to this name to help ensure that the bucket name is unique. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 105 | + "required": false |
| 106 | + }, |
| 107 | + { |
| 108 | + "key": "cos_bucket_region", |
| 109 | + "type": "string", |
| 110 | + "default_value": "__NULL__", |
| 111 | + "description": "The COS bucket region. If you pass a value for this variable, you must set the value of `cross_region_location` to null. If `cross_region_location` and `cos_bucket_region` are both set to null, then `region` will be used.", |
| 112 | + "required": false |
| 113 | + }, |
| 114 | + { |
| 115 | + "key": "cos_instance_access_tags", |
| 116 | + "type": "array", |
| 117 | + "default_value": "[]", |
| 118 | + "description": "The list of access tags to apply to the Object Storage instance. Only used if not supplying an existing instance.", |
| 119 | + "required": false |
| 120 | + }, |
| 121 | + { |
| 122 | + "key": "cos_instance_name", |
| 123 | + "type": "string", |
| 124 | + "default_value": "base-event-notifications-cos", |
| 125 | + "description": "The name to use when creating the Object Storage instance. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 126 | + "required": false |
| 127 | + }, |
| 128 | + { |
| 129 | + "key": "cos_instance_tags", |
| 130 | + "type": "array", |
| 131 | + "default_value": "[]", |
| 132 | + "description": "The optional list of tags to add to the Object Storage instance. Only used if not supplying an existing instance.", |
| 133 | + "required": false |
| 134 | + }, |
| 135 | + { |
| 136 | + "key": "cos_key_name", |
| 137 | + "type": "string", |
| 138 | + "default_value": "en-cos-key", |
| 139 | + "description": "The name of the key which will be created for the Event Notifications. Not used if supplying an existing key. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 140 | + "required": false |
| 141 | + }, |
| 142 | + { |
| 143 | + "key": "cos_key_ring_name", |
| 144 | + "type": "string", |
| 145 | + "default_value": "en-cos-key-ring", |
| 146 | + "description": "The name of the key ring which will be created for Object Storage. Not used if supplying an existing key or if `existing_cos_bucket_name` is specified. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 147 | + "required": false |
| 148 | + }, |
| 149 | + { |
| 150 | + "key": "cos_plan", |
| 151 | + "type": "string", |
| 152 | + "default_value": "standard", |
| 153 | + "description": "The plan that is used for creating the Object Storage instance. Available values: `lite`, `standard` and `cos-one-rate-plan`.", |
| 154 | + "required": false |
| 155 | + }, |
| 156 | + { |
| 157 | + "key": "cross_region_location", |
| 158 | + "type": "string", |
| 159 | + "default_value": "__NULL__", |
| 160 | + "description": "Specify the cross-regional bucket location. Possiblevalues: `us`, `eu`, and `ap`. If you pass a value for this variable, you must set the value of `cos_bucket_region` to null. If `cross_region_location` and `cos_bucket_region` are both set to null, then `region` will be used.", |
| 161 | + "required": false |
| 162 | + }, |
| 163 | + { |
| 164 | + "key": "en_key_name", |
| 165 | + "type": "string", |
| 166 | + "default_value": "en-key", |
| 167 | + "description": "The name for the key that will be created for the Event Notifications. Not used if an existing key is specfied. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 168 | + "required": false |
| 169 | + }, |
| 170 | + { |
| 171 | + "key": "en_key_ring_name", |
| 172 | + "type": "string", |
| 173 | + "default_value": "en-key-ring", |
| 174 | + "description": "The name of the key ring which will be created for the Event Notifications instance. Not used if supplying an existing key. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 175 | + "required": false |
| 176 | + }, |
| 177 | + { |
| 178 | + "key": "event_notification_name", |
| 179 | + "type": "string", |
| 180 | + "default_value": "base-event-notifications", |
| 181 | + "description": "The name of the Event Notifications instance that is created by this solution. If a `prefix` input variable is specified, it is added to this name in the `<prefix>-value` format.", |
| 182 | + "required": false |
| 183 | + }, |
| 184 | + { |
| 185 | + "key": "existing_cos_bucket_name", |
| 186 | + "type": "string", |
| 187 | + "default_value": "__NULL__", |
| 188 | + "description": "The name of an existing bucket inside the existing Object Storage instance. If not supplied, a new bucket is created.", |
| 189 | + "required": false |
| 190 | + }, |
| 191 | + { |
| 192 | + "key": "existing_cos_endpoint", |
| 193 | + "type": "string", |
| 194 | + "default_value": "__NULL__", |
| 195 | + "description": "The endpoint URL for your bucket region. [Learn more](https://cloud.ibm.com/docs/cloud-object-storage?topic=cloud-object-storage-endpoints). Only required if using an existing bucket with the `existing_cos_bucket_name` variable.", |
| 196 | + "required": false |
| 197 | + }, |
| 198 | + { |
| 199 | + "key": "existing_cos_instance_crn", |
| 200 | + "type": "string", |
| 201 | + "default_value": "__NULL__", |
| 202 | + "description": "The CRN of an IBM Cloud Object Storage instance. If not supplied, a new instance is created.", |
| 203 | + "required": false |
| 204 | + }, |
| 205 | + { |
| 206 | + "key": "existing_en_instance_crn", |
| 207 | + "type": "string", |
| 208 | + "default_value": "__NULL__", |
| 209 | + "description": "The CRN of existing event notification instance. If not supplied, a new instance is created.", |
| 210 | + "required": false |
| 211 | + }, |
| 212 | + { |
| 213 | + "key": "existing_kms_instance_crn", |
| 214 | + "type": "string", |
| 215 | + "default_value": "__NULL__", |
| 216 | + "description": "The CRN of the KMS instance (Hyper Protect Crypto Services or Key Protect instance). If the KMS instance is in different account you must also provide a value for `ibmcloud_kms_api_key`. Not required if passing an existing instance using the `existing_en_instance_crn` input.", |
| 217 | + "required": false |
| 218 | + }, |
| 219 | + { |
| 220 | + "key": "existing_monitoring_crn", |
| 221 | + "type": "string", |
| 222 | + "default_value": "__NULL__", |
| 223 | + "description": "The CRN of an IBM Cloud Monitoring instance used to monitor the IBM Cloud Object Storage bucket that is used for storing failed events. If no value passed, metrics are sent to the instance associated to the container's location unless otherwise specified in the Metrics Router service configuration. Ignored if using existing Object Storage bucket.", |
| 224 | + "required": false |
| 225 | + }, |
| 226 | + { |
| 227 | + "key": "existing_secrets_manager_endpoint_type", |
| 228 | + "type": "string", |
| 229 | + "default_value": "private", |
| 230 | + "description": "The endpoint type to use if `existing_secrets_manager_instance_crn` is specified. Possible values: public, private.", |
| 231 | + "required": false |
| 232 | + }, |
| 233 | + { |
| 234 | + "key": "existing_secrets_manager_instance_crn", |
| 235 | + "type": "string", |
| 236 | + "default_value": "__NULL__", |
| 237 | + "description": "The CRN of existing secrets manager to use to create service credential secrets for Event Notification instance.", |
| 238 | + "required": false |
| 239 | + }, |
| 240 | + { |
| 241 | + "key": "ibmcloud_kms_api_key", |
| 242 | + "type": "password", |
| 243 | + "description": "The IBM Cloud API key that can create a root key and key ring in the key management service (KMS) instance. If not specified, the 'ibmcloud_api_key' variable is used. Specify this key if the instance in `existing_kms_instance_crn` is in an account that's different from the Event Notifications instance. Leave this input empty if the same account owns both instances.", |
| 244 | + "required": false |
| 245 | + }, |
| 246 | + { |
| 247 | + "key": "kms_endpoint_type", |
| 248 | + "type": "string", |
| 249 | + "default_value": "private", |
| 250 | + "description": "The type of the endpoint that is used for communicating with the KMS instance. Possible values: `public` or `private` (default). Only used if not supplying an existing root key.", |
| 251 | + "required": false |
| 252 | + }, |
| 253 | + { |
| 254 | + "key": "kms_endpoint_url", |
| 255 | + "type": "string", |
| 256 | + "default_value": "__NULL__", |
| 257 | + "description": "The KMS endpoint URL to use when you configure KMS encryption. The Hyper Protect Crypto Services endpoint URL format is `https://api.private.<REGION>.hs-crypto.cloud.ibm.com:<port>` and the Key Protect endpoint URL format is `https://<REGION>.kms.cloud.ibm.com`. Not required if passing an existing instance using the `existing_en_instance_crn` input.", |
| 258 | + "required": false |
| 259 | + }, |
| 260 | + { |
| 261 | + "key": "management_endpoint_type_for_bucket", |
| 262 | + "type": "string", |
| 263 | + "default_value": "private", |
| 264 | + "description": "The type of endpoint for the IBM Terraform provider to use to manage Object Storage buckets. Available values: `public`, `private`, `direct`. Make sure to enable virtual routing and forwarding in your account if you specify `private`, and that the Terraform runtime has access to the IBM Cloud private network.", |
| 265 | + "required": false |
| 266 | + }, |
| 267 | + { |
| 268 | + "key": "prefix", |
| 269 | + "type": "string", |
| 270 | + "default_value": "__NULL__", |
| 271 | + "description": "(Optional) Prefix to add to all resources created by this solution.", |
| 272 | + "required": false |
| 273 | + }, |
| 274 | + { |
| 275 | + "key": "region", |
| 276 | + "type": "string", |
| 277 | + "default_value": "us-south", |
| 278 | + "description": "The region in which the Event Notifications resources are provisioned.", |
| 279 | + "required": false |
| 280 | + }, |
| 281 | + { |
| 282 | + "key": "retention_enabled", |
| 283 | + "type": "boolean", |
| 284 | + "default_value": false, |
| 285 | + "description": "Set to `true` to skip the creation of an IAM authorization policy that permits all Event Notifications instances in the resource group to read the encryption key from the KMS instance.", |
| 286 | + "required": false |
| 287 | + }, |
| 288 | + { |
| 289 | + "key": "service_credential_names", |
| 290 | + "type": "object", |
| 291 | + "default_value": "{}", |
| 292 | + "description": "The mapping of names and roles for service credentials that you want to create for the Event Notifications instance. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-event-notifications/tree/main/solutions/standard/DA-types.md#service-credential-secrets", |
| 293 | + "required": false |
| 294 | + }, |
| 295 | + { |
| 296 | + "key": "service_credential_secrets", |
| 297 | + "type": "array", |
| 298 | + "default_value": "[]", |
| 299 | + "description": "Service credential secrets configuration for Event Notification. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-event-notifications/tree/main/solutions/standard/DA-types.md#service-credential-secrets).", |
| 300 | + "required": false |
| 301 | + }, |
| 302 | + { |
| 303 | + "key": "service_endpoints", |
| 304 | + "type": "string", |
| 305 | + "default_value": "public-and-private", |
| 306 | + "description": "Specify whether you want to enable public, or both public and private service endpoints. Possible values: `public`, `public-and-private`", |
| 307 | + "required": false |
| 308 | + }, |
| 309 | + { |
| 310 | + "key": "service_plan", |
| 311 | + "type": "string", |
| 312 | + "default_value": "standard", |
| 313 | + "description": "The pricing plan of the Event Notifications instance. Possible values: `Lite`, `Standard`", |
| 314 | + "required": false |
| 315 | + }, |
| 316 | + { |
| 317 | + "key": "skip_cos_kms_auth_policy", |
| 318 | + "type": "boolean", |
| 319 | + "default_value": false, |
| 320 | + "description": "Set to true to skip the creation of an IAM authorization policy that permits the COS instance to read the encryption key from the KMS instance. If set to false, pass in a value for the KMS instance in the `existing_kms_instance_crn` variable. If a value is specified for `ibmcloud_kms_api_key`, the policy is created in the KMS account.", |
| 321 | + "required": false |
| 322 | + }, |
| 323 | + { |
| 324 | + "key": "skip_en_cos_auth_policy", |
| 325 | + "type": "boolean", |
| 326 | + "default_value": false, |
| 327 | + "description": "Set to `true` to skip the creation of an IAM authorization policy that permits the Event Notifications instance `Object Writer` and `Reader` access to the given Object Storage bucket. Set to `true` to use an existing policy.", |
| 328 | + "required": false |
| 329 | + }, |
| 330 | + { |
| 331 | + "key": "skip_en_kms_auth_policy", |
| 332 | + "type": "boolean", |
| 333 | + "default_value": false, |
| 334 | + "description": "Set to true to skip the creation of an IAM authorization policy that permits the Event Notifications instance to read the encryption key from the KMS instance. If a value is specified for `ibmcloud_kms_api_key`, the policy is created in the KMS account.", |
| 335 | + "required": false |
| 336 | + }, |
| 337 | + { |
| 338 | + "key": "skip_en_sm_auth_policy", |
| 339 | + "type": "boolean", |
| 340 | + "default_value": false, |
| 341 | + "description": "Whether an IAM authorization policy is created for Secrets Manager instance to create a service credential secrets for Event Notification.If set to false, the Secrets Manager instance passed by the user is granted the Key Manager access to the Event Notifications instance created by the Deployable Architecture. Set to `true` to use an existing policy. The value of this is ignored if any value for 'existing_secrets_manager_instance_crn' is not passed.", |
| 342 | + "required": false |
| 343 | + }, |
| 344 | + { |
| 345 | + "key": "tags", |
| 346 | + "type": "array", |
| 347 | + "default_value": "[]", |
| 348 | + "description": "The list of tags to add to the Event Notifications instance.", |
| 349 | + "required": false |
73 | 350 | } |
74 | 351 | ], |
75 | 352 | "iam_permissions": [ |
|
0 commit comments