diff --git a/README.md b/README.md
index 16d2b854..b5271ff4 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,7 @@ See in particular the [fscloud module](./modules/fscloud/) that enables creating
* [Multi resource rule example](./examples/multi-resource-rule)
* [Multi-zone example](./examples/multizone-rule)
* [Pre-wired CBR configuration for FS Cloud example](./examples/fscloud)
+ * [Zone example](./examples/update-existing-zone-addresses)
* [Zone example](./examples/zone)
* [Contributing](#contributing)
@@ -103,7 +104,7 @@ You need the following permissions to run this module.
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
-| [ibm](#requirement\_ibm) | >= 1.65.0, < 2.0.0 |
+| [ibm](#requirement\_ibm) | >= 1.69.0, < 2.0.0 |
### Modules
@@ -136,12 +137,12 @@ You need the following permissions to run this module.
| Name | Description |
|------|-------------|
-| [rule\_crn](#output\_rule\_crn) | CBR rule resource instance crn |
-| [rule\_href](#output\_rule\_href) | CBR rule resource href |
-| [rule\_id](#output\_rule\_id) | CBR rule resource instance id |
-| [zone\_crn](#output\_zone\_crn) | cbr\_zone resource instance crn |
-| [zone\_href](#output\_zone\_href) | cbr\_zone resource instance link |
-| [zone\_id](#output\_zone\_id) | cbr\_zone resource instance id |
+| [rule\_crn](#output\_rule\_crn) | CBR rule crn |
+| [rule\_href](#output\_rule\_href) | CBR rule href |
+| [rule\_id](#output\_rule\_id) | CBR rule id |
+| [zone\_crn](#output\_zone\_crn) | cbr\_zone crn |
+| [zone\_href](#output\_zone\_href) | cbr\_zone link |
+| [zone\_id](#output\_zone\_id) | cbr\_zone id |
diff --git a/examples/multi-service-profile/outputs.tf b/examples/multi-service-profile/outputs.tf
index 8a15a0d2..76c2f002 100644
--- a/examples/multi-service-profile/outputs.tf
+++ b/examples/multi-service-profile/outputs.tf
@@ -4,7 +4,7 @@
output "zone_ids" {
value = module.cbr_rule_multi_service_profile[*].zone_ids
- description = "CBR zone resource instance id(s)"
+ description = "CBR zone id(s)"
}
output "zone_crns" {
@@ -24,12 +24,12 @@ output "rule_ids" {
output "rule_crns" {
value = module.cbr_rule_multi_service_profile[*].rule_crns
- description = "CBR rule resource instance crn(s)"
+ description = "CBR rule crn(s)"
}
output "rule_hrefs" {
value = module.cbr_rule_multi_service_profile[*].rule_hrefs
- description = "CBR rule resource instance href(s)"
+ description = "CBR rule href(s)"
}
output "vpc_crn" {
diff --git a/examples/multi-service-profile/version.tf b/examples/multi-service-profile/version.tf
index 9aa7522b..709d2743 100644
--- a/examples/multi-service-profile/version.tf
+++ b/examples/multi-service-profile/version.tf
@@ -5,7 +5,7 @@ terraform {
# module's version.tf (zone or multi zone rule), and 1 example that will always use the latest provider version (fscloud multi service profile and multi resource rule).
ibm = {
source = "IBM-Cloud/ibm"
- version = ">= 1.65.0"
+ version = ">= 1.69.0"
}
}
diff --git a/examples/multizone-rule/outputs.tf b/examples/multizone-rule/outputs.tf
index b4bdf8f1..1a26e0c4 100644
--- a/examples/multizone-rule/outputs.tf
+++ b/examples/multizone-rule/outputs.tf
@@ -4,17 +4,17 @@
output "zone_id" {
value = module.cbr_zone[*].zone_id
- description = "CBR zone resource instance id"
+ description = "CBR zone id"
}
output "zone_crn" {
value = module.cbr_zone[*].zone_crn
- description = "CBR zone resource instance crn"
+ description = "CBR zone crn"
}
output "zone_href" {
value = module.cbr_zone[*].zone_href
- description = "CBR zone resource instance href"
+ description = "CBR zone href"
}
output "cos_guid" {
@@ -34,7 +34,7 @@ output "resource_group_id" {
output "rule_id" {
value = module.cbr_rule.rule_id
- description = "CBR rule resource instance id"
+ description = "CBR rule id"
}
output "rule_description" {
@@ -44,10 +44,10 @@ output "rule_description" {
output "rule_crn" {
value = module.cbr_rule.rule_crn
- description = "CBR rule resource instance crn"
+ description = "CBR rule crn"
}
output "rule_href" {
value = module.cbr_rule.rule_href
- description = "CBR rule resource instance href"
+ description = "CBR rule href"
}
diff --git a/examples/multizone-rule/version.tf b/examples/multizone-rule/version.tf
index 71303aa0..0a3fa0b4 100644
--- a/examples/multizone-rule/version.tf
+++ b/examples/multizone-rule/version.tf
@@ -5,7 +5,7 @@ terraform {
# module's version.tf (zone or multi zone rule), and 1 example that will always use the latest provider version (fscloud multi service profile and multi resource rule).
ibm = {
source = "IBM-Cloud/ibm"
- version = "1.65.0"
+ version = "1.69.0"
}
}
}
diff --git a/examples/update-existing-zone-addresses/README.md b/examples/update-existing-zone-addresses/README.md
new file mode 100644
index 00000000..10f407a7
--- /dev/null
+++ b/examples/update-existing-zone-addresses/README.md
@@ -0,0 +1,9 @@
+# Zone example
+
+Example that creates a zone for context-based restrictions. This example uses the IBM Cloud Provider to automate the following infrastructure:
+
+- Creates 2 VPCs.
+- Creates 2 Public Gateways.
+- Creates 2 VPC Subnets.
+- Creates a CBR Zone for the VPC.
+- Updates an existing CBR Zone created above with new addresses containing another VPC created above and a `compliance` serviceRef.
diff --git a/examples/update-existing-zone-addresses/main.tf b/examples/update-existing-zone-addresses/main.tf
new file mode 100644
index 00000000..1270a3ab
--- /dev/null
+++ b/examples/update-existing-zone-addresses/main.tf
@@ -0,0 +1,108 @@
+##############################################################################
+# Get Cloud Account ID
+##############################################################################
+
+data "ibm_iam_account_settings" "iam_account_settings" {
+}
+
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+ source = "terraform-ibm-modules/resource-group/ibm"
+ version = "1.1.6"
+ # if an existing resource group is not set (null) create a new one using prefix
+ resource_group_name = var.resource_group == null ? "${var.prefix}-resource-group" : null
+ existing_resource_group_name = var.resource_group
+}
+
+##############################################################################
+# VPCs
+##############################################################################
+resource "ibm_is_vpc" "example_vpc" {
+ name = "${var.prefix}-vpc"
+ resource_group = module.resource_group.resource_group_id
+ tags = var.resource_tags
+}
+
+resource "ibm_is_public_gateway" "testacc_gateway" {
+ name = "${var.prefix}-pgateway"
+ vpc = ibm_is_vpc.example_vpc.id
+ zone = "${var.region}-1"
+ resource_group = module.resource_group.resource_group_id
+}
+
+resource "ibm_is_subnet" "testacc_subnet" {
+ name = "${var.prefix}-subnet"
+ vpc = ibm_is_vpc.example_vpc.id
+ zone = "${var.region}-1"
+ public_gateway = ibm_is_public_gateway.testacc_gateway.id
+ total_ipv4_address_count = 256
+ resource_group = module.resource_group.resource_group_id
+}
+
+resource "ibm_is_vpc" "example_new_vpc" {
+ name = "${var.prefix}-new-vpc"
+ resource_group = module.resource_group.resource_group_id
+ tags = var.resource_tags
+}
+
+resource "ibm_is_public_gateway" "testacc_new_gateway" {
+ name = "${var.prefix}-new-pgateway"
+ vpc = ibm_is_vpc.example_new_vpc.id
+ zone = "${var.region}-1"
+ resource_group = module.resource_group.resource_group_id
+}
+
+resource "ibm_is_subnet" "testacc_new_subnet" {
+ name = "${var.prefix}-new-subnet"
+ vpc = ibm_is_vpc.example_new_vpc.id
+ zone = "${var.region}-1"
+ public_gateway = ibm_is_public_gateway.testacc_new_gateway.id
+ total_ipv4_address_count = 256
+ resource_group = module.resource_group.resource_group_id
+}
+
+##############################################################################
+# CBR zone & rule creation
+##############################################################################
+
+locals {
+ zone_address_details = [{
+ type = "vpc", # to bind a specific vpc to the zone
+ value = resource.ibm_is_vpc.example_vpc.crn,
+ }, {
+ type = "serviceRef" # to bind a service reference type should be 'serviceRef'
+ ref = {
+ account_id = data.ibm_iam_account_settings.iam_account_settings.account_id
+ service_name = "secrets-manager" # secrets manager service reference.
+ }
+ }]
+
+ new_zone_address_details = [{
+ type = "vpc", # to bind a specific vpc to the zone
+ value = resource.ibm_is_vpc.example_new_vpc.crn,
+ }, {
+ type = "serviceRef" # to bind a service reference type should be 'serviceRef'
+ ref = {
+ account_id = data.ibm_iam_account_settings.iam_account_settings.account_id
+ service_name = "compliance" # SCC service reference.
+ }
+ }]
+}
+
+module "ibm_cbr_zone" {
+ source = "../../modules/cbr-zone-module"
+ name = "${var.prefix}-cbr-zone"
+ account_id = data.ibm_iam_account_settings.iam_account_settings.account_id
+ zone_description = var.zone_description
+ addresses = local.zone_address_details
+}
+
+module "update_cbr_zone" {
+ source = "../../modules/cbr-zone-module"
+ use_existing_cbr_zone = true
+ existing_zone_id = module.ibm_cbr_zone.zone_id
+ addresses = local.new_zone_address_details
+}
diff --git a/examples/update-existing-zone-addresses/outputs.tf b/examples/update-existing-zone-addresses/outputs.tf
new file mode 100644
index 00000000..784e6a4f
--- /dev/null
+++ b/examples/update-existing-zone-addresses/outputs.tf
@@ -0,0 +1,53 @@
+# # ##############################################################################
+# # # Outputs
+# # ##############################################################################
+
+output "vpc_id" {
+ value = resource.ibm_is_vpc.example_vpc.id
+ description = "VPC id"
+}
+
+output "new_vpc_id" {
+ value = resource.ibm_is_vpc.example_new_vpc.id
+ description = "New VPC id"
+}
+
+output "vpc_crn" {
+ value = resource.ibm_is_vpc.example_vpc.crn
+ description = "VPC crn"
+}
+
+output "new_vpc_crn" {
+ value = resource.ibm_is_vpc.example_new_vpc.crn
+ description = "New VPC crn"
+}
+
+output "account_id" {
+ description = "account id"
+ value = data.ibm_iam_account_settings.iam_account_settings.id
+}
+
+output "zone_name" {
+ value = module.ibm_cbr_zone.zone_names
+ description = "cbr_zone name"
+}
+
+output "zone_description" {
+ value = module.ibm_cbr_zone.zone_description
+ description = "cbr_zone description"
+}
+
+output "zone_id" {
+ value = module.ibm_cbr_zone.zone_id
+ description = "cbr_zone id"
+}
+
+output "zone_crn" {
+ value = module.ibm_cbr_zone.zone_crn
+ description = "cbr_zone crn"
+}
+
+output "zone_href" {
+ value = module.ibm_cbr_zone.zone_href
+ description = "cbr_zone href"
+}
diff --git a/examples/update-existing-zone-addresses/provider.tf b/examples/update-existing-zone-addresses/provider.tf
new file mode 100644
index 00000000..df45ef50
--- /dev/null
+++ b/examples/update-existing-zone-addresses/provider.tf
@@ -0,0 +1,4 @@
+provider "ibm" {
+ ibmcloud_api_key = var.ibmcloud_api_key
+ region = var.region
+}
diff --git a/examples/update-existing-zone-addresses/variables.tf b/examples/update-existing-zone-addresses/variables.tf
new file mode 100644
index 00000000..423b159d
--- /dev/null
+++ b/examples/update-existing-zone-addresses/variables.tf
@@ -0,0 +1,37 @@
+variable "ibmcloud_api_key" {
+ type = string
+ description = "The IBM Cloud API Key"
+ sensitive = true
+}
+
+variable "prefix" {
+ type = string
+ description = "Prefix to append to all resources created by this example"
+}
+
+variable "region" {
+ description = "Name of the Region to deploy into"
+ type = string
+}
+
+variable "resource_group" {
+ type = string
+ description = "An existing resource group name to use for this example, if unset a new resource group will be created"
+ default = null
+}
+
+variable "resource_tags" {
+ type = list(string)
+ description = "Optional list of tags to be added to created resources"
+ default = []
+}
+
+##############################################################
+# CBR
+##############################################################
+
+variable "zone_description" {
+ type = string
+ description = "(Optional, String) The description of the zone"
+ default = "Zone from automation"
+}
diff --git a/examples/update-existing-zone-addresses/version.tf b/examples/update-existing-zone-addresses/version.tf
new file mode 100644
index 00000000..0a3fa0b4
--- /dev/null
+++ b/examples/update-existing-zone-addresses/version.tf
@@ -0,0 +1,11 @@
+terraform {
+ required_version = ">= 1.3.0"
+ required_providers {
+ # Ensure that there is always 1 example locked into the lowest provider version of the range defined in the main
+ # module's version.tf (zone or multi zone rule), and 1 example that will always use the latest provider version (fscloud multi service profile and multi resource rule).
+ ibm = {
+ source = "IBM-Cloud/ibm"
+ version = "1.69.0"
+ }
+ }
+}
diff --git a/examples/zone/outputs.tf b/examples/zone/outputs.tf
index c6a2575b..be4fa009 100644
--- a/examples/zone/outputs.tf
+++ b/examples/zone/outputs.tf
@@ -19,25 +19,25 @@ output "account_id" {
output "zone_name" {
value = module.ibm_cbr_zone.zone_names
- description = "cbr_zone resource instance name"
+ description = "cbr_zone name"
}
output "zone_description" {
value = module.ibm_cbr_zone.zone_description
- description = "cbr_zone resource instance description"
+ description = "cbr_zone description"
}
output "zone_id" {
value = module.ibm_cbr_zone.zone_id
- description = "cbr_zone resource instance id"
+ description = "cbr_zone id"
}
output "zone_crn" {
value = module.ibm_cbr_zone.zone_crn
- description = "cbr_zone resource instance crn"
+ description = "cbr_zone crn"
}
output "zone_href" {
value = module.ibm_cbr_zone.zone_href
- description = "cbr_zone resource instance href"
+ description = "cbr_zone href"
}
diff --git a/examples/zone/version.tf b/examples/zone/version.tf
index 71303aa0..0a3fa0b4 100644
--- a/examples/zone/version.tf
+++ b/examples/zone/version.tf
@@ -5,7 +5,7 @@ terraform {
# module's version.tf (zone or multi zone rule), and 1 example that will always use the latest provider version (fscloud multi service profile and multi resource rule).
ibm = {
source = "IBM-Cloud/ibm"
- version = "1.65.0"
+ version = "1.69.0"
}
}
}
diff --git a/modules/cbr-rule-module/README.md b/modules/cbr-rule-module/README.md
index 4c2bb698..bddd4655 100644
--- a/modules/cbr-rule-module/README.md
+++ b/modules/cbr-rule-module/README.md
@@ -81,8 +81,8 @@ No modules.
| Name | Description |
|------|-------------|
-| [rule\_crn](#output\_rule\_crn) | CBR rule resource instance crn |
-| [rule\_description](#output\_rule\_description) | CBR rule resource instance description |
-| [rule\_href](#output\_rule\_href) | CBR rule resource href |
-| [rule\_id](#output\_rule\_id) | CBR rule resource instance id |
+| [rule\_crn](#output\_rule\_crn) | CBR rule crn |
+| [rule\_description](#output\_rule\_description) | CBR rule description |
+| [rule\_href](#output\_rule\_href) | CBR rule href |
+| [rule\_id](#output\_rule\_id) | CBR rule id |
diff --git a/modules/cbr-rule-module/outputs.tf b/modules/cbr-rule-module/outputs.tf
index ac32eba9..a57d79fb 100644
--- a/modules/cbr-rule-module/outputs.tf
+++ b/modules/cbr-rule-module/outputs.tf
@@ -4,20 +4,20 @@
output "rule_description" {
value = ibm_cbr_rule.cbr_rule.description
- description = "CBR rule resource instance description"
+ description = "CBR rule description"
}
output "rule_id" {
value = ibm_cbr_rule.cbr_rule.id
- description = "CBR rule resource instance id"
+ description = "CBR rule id"
}
output "rule_crn" {
value = ibm_cbr_rule.cbr_rule.crn
- description = "CBR rule resource instance crn"
+ description = "CBR rule crn"
}
output "rule_href" {
value = ibm_cbr_rule.cbr_rule.href
- description = "CBR rule resource href"
+ description = "CBR rule href"
}
diff --git a/modules/cbr-service-profile/README.md b/modules/cbr-service-profile/README.md
index 3989a46d..33941205 100644
--- a/modules/cbr-service-profile/README.md
+++ b/modules/cbr-service-profile/README.md
@@ -71,5 +71,5 @@ module "cbr_rule_multi_service_profile" {
| [rule\_ids](#output\_rule\_ids) | CBR rule id(s) |
| [zone\_crns](#output\_zone\_crns) | CBR zone crn(s) |
| [zone\_hrefs](#output\_zone\_hrefs) | CBR zone href(s) |
-| [zone\_ids](#output\_zone\_ids) | CBR zone resource instance id(s) |
+| [zone\_ids](#output\_zone\_ids) | CBR zone id(s) |
diff --git a/modules/cbr-service-profile/outputs.tf b/modules/cbr-service-profile/outputs.tf
index b4f1b809..6efe1313 100644
--- a/modules/cbr-service-profile/outputs.tf
+++ b/modules/cbr-service-profile/outputs.tf
@@ -4,7 +4,7 @@
output "zone_ids" {
value = module.cbr_zone[*].zone_id
- description = "CBR zone resource instance id(s)"
+ description = "CBR zone id(s)"
}
output "zone_crns" {
diff --git a/modules/cbr-zone-module/README.md b/modules/cbr-zone-module/README.md
index 673dac76..074b0ce4 100644
--- a/modules/cbr-zone-module/README.md
+++ b/modules/cbr-zone-module/README.md
@@ -1,10 +1,11 @@
# CBR Zone Module
-Creates a zone for Context Based Restrictions
+Creates a zone for Context Based Restrictions or updates addresses in an existing zone.
### Usage
```hcl
+# Creates a new zone
module "ibm_cbr" "zone" {
source = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module"
version = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
@@ -15,13 +16,24 @@ module "ibm_cbr" "zone" {
}
```
+```hcl
+# Updates an existing zone with new addresses
+module "ibm_cbr" "zone" {
+ source = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module"
+ version = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific
+ use_existing_cbr_zone = true
+ zone_id = "7714beceb512dffef0746cd0e4105309" # pragma: allowlist secret
+ addresses = [{type = "vpc",value = "vpc_crn"}]
+}
+```
+
### Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
-| [ibm](#requirement\_ibm) | >= 1.65.0, < 2.0.0 |
+| [ibm](#requirement\_ibm) | >= 1.69.0, < 2.0.0 |
### Modules
@@ -32,6 +44,7 @@ No modules.
| Name | Type |
|------|------|
| [ibm_cbr_zone.cbr_zone](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/cbr_zone) | resource |
+| [ibm_cbr_zone_addresses.update_cbr_zone_address](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/cbr_zone_addresses) | resource |
### Inputs
@@ -40,16 +53,18 @@ No modules.
| [account\_id](#input\_account\_id) | (Optional, String) The id of the account owning this zone | `string` | `null` | no |
| [addresses](#input\_addresses) | (List) The list of addresses in the zone | list(object({
type = optional(string)
value = optional(string)
ref = optional(object({
account_id = string
location = optional(string)
service_instance = optional(string)
service_name = optional(string)
service_type = optional(string)
}))
})) | `[]` | no |
| [excluded\_addresses](#input\_excluded\_addresses) | (Optional, List) The list of excluded addresses in the zone | list(object({
type = optional(string)
value = optional(string)
})) | `[]` | no |
+| [existing\_zone\_id](#input\_existing\_zone\_id) | Provide an existing CBR zone ID | `string` | `null` | no |
| [name](#input\_name) | (Optional, String) The name of the zone | `string` | `null` | no |
+| [use\_existing\_cbr\_zone](#input\_use\_existing\_cbr\_zone) | Whether to update CBR zone using existing zone ID. This allows the inclusion of one or more addresses in an existing zone | `bool` | `false` | no |
| [zone\_description](#input\_zone\_description) | (Optional, String) The description of the zone | `string` | `null` | no |
### Outputs
| Name | Description |
|------|-------------|
-| [zone\_crn](#output\_zone\_crn) | CBR zone resource instance crn |
-| [zone\_description](#output\_zone\_description) | CBR zone resource instance description |
-| [zone\_href](#output\_zone\_href) | CBR zone resource instance link |
-| [zone\_id](#output\_zone\_id) | CBR zone resource instance id |
-| [zone\_names](#output\_zone\_names) | CBR zone resource instance name |
+| [zone\_crn](#output\_zone\_crn) | CBR zone resource crn |
+| [zone\_description](#output\_zone\_description) | CBR zone resource description |
+| [zone\_href](#output\_zone\_href) | CBR zone resource link |
+| [zone\_id](#output\_zone\_id) | CBR zone resource id |
+| [zone\_names](#output\_zone\_names) | CBR zone resource name |
diff --git a/modules/cbr-zone-module/main.tf b/modules/cbr-zone-module/main.tf
index b0f8924f..ec22b664 100644
--- a/modules/cbr-zone-module/main.tf
+++ b/modules/cbr-zone-module/main.tf
@@ -4,7 +4,15 @@
# Creates CBR Zone
##############################################################################
+locals {
+ # tflint-ignore: terraform_unused_declarations
+ validate_zone_id_values = !var.use_existing_cbr_zone && (var.account_id == null || var.name == null) ? tobool("When passing values for var.zone_id, you must set var.use_existing_cbr_zone to true.") : true
+ # tflint-ignore: terraform_unused_declarations
+ validate_zone_id_vars = var.use_existing_cbr_zone && var.existing_zone_id == null ? tobool("When setting var.use_existing_cbr_zone to true, a value must be passed for var.zone_id.") : true
+}
+
resource "ibm_cbr_zone" "cbr_zone" {
+ count = var.use_existing_cbr_zone ? 0 : 1
account_id = var.account_id
name = var.name
description = var.zone_description
@@ -37,3 +45,27 @@ resource "ibm_cbr_zone" "cbr_zone" {
}
}
}
+
+resource "ibm_cbr_zone_addresses" "update_cbr_zone_address" {
+ count = var.use_existing_cbr_zone ? 1 : 0
+
+ zone_id = var.existing_zone_id
+ dynamic "addresses" {
+ for_each = var.addresses
+ iterator = address
+ content {
+ type = address.value["type"]
+ value = address.value["value"]
+ dynamic "ref" {
+ for_each = address.value["ref"] == null ? [] : ["true"]
+ content {
+ account_id = address.value["ref"].account_id
+ location = address.value["ref"].location
+ service_instance = address.value["ref"].service_instance
+ service_name = address.value["ref"].service_name
+ service_type = address.value["ref"].service_type
+ }
+ }
+ }
+ }
+}
diff --git a/modules/cbr-zone-module/outputs.tf b/modules/cbr-zone-module/outputs.tf
index a397c774..4a32d53f 100644
--- a/modules/cbr-zone-module/outputs.tf
+++ b/modules/cbr-zone-module/outputs.tf
@@ -1,28 +1,28 @@
-##############################################################################
-# Outputs
-##############################################################################
+# ##############################################################################
+# # Outputs
+# ##############################################################################
output "zone_names" {
- value = ibm_cbr_zone.cbr_zone.name
- description = "CBR zone resource instance name"
+ value = var.existing_zone_id == null ? ibm_cbr_zone.cbr_zone[0].name : null
+ description = "CBR zone resource name"
}
output "zone_description" {
- value = var.zone_description
- description = "CBR zone resource instance description"
+ value = var.existing_zone_id == null ? var.zone_description : null
+ description = "CBR zone resource description"
}
output "zone_id" {
- value = ibm_cbr_zone.cbr_zone.id
- description = "CBR zone resource instance id"
+ value = var.existing_zone_id == null ? ibm_cbr_zone.cbr_zone[0].id : ibm_cbr_zone_addresses.update_cbr_zone_address[0].id
+ description = "CBR zone resource id"
}
output "zone_crn" {
- value = ibm_cbr_zone.cbr_zone.crn
- description = "CBR zone resource instance crn"
+ value = var.existing_zone_id == null ? ibm_cbr_zone.cbr_zone[0].crn : null
+ description = "CBR zone resource crn"
}
output "zone_href" {
- value = ibm_cbr_zone.cbr_zone.href
- description = "CBR zone resource instance link"
+ value = var.existing_zone_id == null ? ibm_cbr_zone.cbr_zone[0].href : null
+ description = "CBR zone resource link"
}
diff --git a/modules/cbr-zone-module/variables.tf b/modules/cbr-zone-module/variables.tf
index cc887f6b..d2f7fce4 100644
--- a/modules/cbr-zone-module/variables.tf
+++ b/modules/cbr-zone-module/variables.tf
@@ -216,3 +216,19 @@ variable "excluded_addresses" {
error_message = "Value should be a valid as per the type"
}
}
+
+variable "existing_zone_id" {
+ type = string
+ validation {
+ condition = var.existing_zone_id == null || (can(regex("^[0-9a-fA-F]{32}$", var.existing_zone_id)))
+ error_message = "Value should be a valid zone ID with 32 alphanumeric characters"
+ }
+ description = "Provide an existing CBR zone ID"
+ default = null
+}
+
+variable "use_existing_cbr_zone" {
+ type = bool
+ description = "Whether to update CBR zone using existing zone ID. This allows the inclusion of one or more addresses in an existing zone"
+ default = false
+}
diff --git a/modules/cbr-zone-module/version.tf b/modules/cbr-zone-module/version.tf
index 13a189ce..31d60c7e 100644
--- a/modules/cbr-zone-module/version.tf
+++ b/modules/cbr-zone-module/version.tf
@@ -4,7 +4,7 @@ terraform {
# Pin to the lowest provider version of the range defined in the main module's version.tf to ensure lowest version still works
ibm = {
source = "IBM-Cloud/ibm"
- version = ">= 1.65.0, < 2.0.0"
+ version = ">= 1.69.0, < 2.0.0"
}
}
}
diff --git a/outputs.tf b/outputs.tf
index 071e92bf..8d6fe76b 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -4,30 +4,30 @@
output "zone_id" {
value = join("", ibm_cbr_zone.cbr_zone[*].id)
- description = "cbr_zone resource instance id"
+ description = "cbr_zone id"
}
output "zone_crn" {
value = join("", ibm_cbr_zone.cbr_zone[*].crn)
- description = "cbr_zone resource instance crn"
+ description = "cbr_zone crn"
}
output "zone_href" {
value = join("", ibm_cbr_zone.cbr_zone[*].href)
- description = "cbr_zone resource instance link"
+ description = "cbr_zone link"
}
output "rule_id" {
value = join("", ibm_cbr_rule.cbr_rule[*].id)
- description = "CBR rule resource instance id"
+ description = "CBR rule id"
}
output "rule_crn" {
value = join("", ibm_cbr_rule.cbr_rule[*].crn)
- description = "CBR rule resource instance crn"
+ description = "CBR rule crn"
}
output "rule_href" {
value = join("", ibm_cbr_rule.cbr_rule[*].href)
- description = "CBR rule resource href"
+ description = "CBR rule href"
}
diff --git a/tests/pr_test.go b/tests/pr_test.go
index 0f00da7b..8486d7ee 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -21,6 +21,7 @@ const zoneExampleTerraformDir = "examples/zone"
const completeExampleTerraformDir = "examples/multizone-rule"
const multiServiceExampleTerraformDir = "examples/multi-service-profile"
const fsCloudExampleTerraformDir = "examples/fscloud"
+const updateExistingCBRZone = "examples/update-existing-zone-addresses"
const permanentResourcesYaml = "../common-dev-assets/common-go-assets/common-permanent-resources.yaml"
func TestRunZoneExample(t *testing.T) {
@@ -311,6 +312,20 @@ func TestFSCloudInSchematics(t *testing.T) {
assert.Nil(t, err, "This should not have errored")
}
+func TestRunUpdateCBRZone(t *testing.T) {
+ t.Parallel()
+
+ options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
+ Testing: t,
+ TerraformDir: updateExistingCBRZone,
+ Prefix: "upd-zones",
+ })
+
+ output, err := options.RunTestConsistency()
+ assert.Nil(t, err, "This should not have errored")
+ assert.NotNil(t, output, "Expected some output")
+}
+
func TestRunUpgradeExample(t *testing.T) {
t.Parallel()
diff --git a/version.tf b/version.tf
index 9a6aedb0..d5264a99 100644
--- a/version.tf
+++ b/version.tf
@@ -4,7 +4,7 @@ terraform {
ibm = {
source = "IBM-Cloud/ibm"
# Use "greater than or equal to" range in modules
- version = ">= 1.65.0, < 2.0.0"
+ version = ">= 1.69.0, < 2.0.0"
}
}
}