|
59 | 59 | "dependency_version_2": true, |
60 | 60 | "dependencies": [ |
61 | 61 | { |
62 | | - "flavors": [ |
63 | | - "standard" |
64 | | - ], |
65 | | - "id": "95fccffc-ae3b-42df-b6d9-80be5914d852-global", |
66 | | - "name": "deploy-arch-ibm-slz-ocp", |
67 | | - "version": ">=1.0.0", |
68 | | - "optional": true |
69 | | - }, |
70 | | - { |
71 | | - "flavors": [ |
72 | | - "standard" |
73 | | - ], |
74 | | - "id": "9fc0fa64-27af-4fed-9dce-47b3640ba739-global", |
75 | 62 | "name": "deploy-arch-ibm-slz-vpc", |
76 | | - "version": ">=1.0.0", |
77 | | - "optional": true |
78 | | - }, |
79 | | - { |
| 63 | + "description": "Configure the VPC and subnets required to deploy VPN Server.", |
| 64 | + "id": "9fc0fa64-27af-4fed-9dce-47b3640ba739-global", |
| 65 | + "version": "v8.7.0", |
80 | 66 | "flavors": [ |
81 | | - "standard" |
| 67 | + "fully-configurable" |
82 | 68 | ], |
83 | | - "id": "ef663980-4c71-4fac-af4f-4a510a9bcf68-global", |
84 | | - "name": "deploy-arch-ibm-slz-vsi", |
85 | | - "version": ">=1.0.0", |
86 | | - "optional": true |
| 69 | + "catalog_id": "1082e7d2-5e2f-0a11-a3bc-f88a8e1931fc", |
| 70 | + "optional": true, |
| 71 | + "on_by_default": true, |
| 72 | + "input_mapping": [ |
| 73 | + { |
| 74 | + "dependency_input": "prefix", |
| 75 | + "version_input": "prefix", |
| 76 | + "reference_version": true |
| 77 | + }, |
| 78 | + { |
| 79 | + "dependency_input": "existing_resource_group_name", |
| 80 | + "version_input": "existing_resource_group_name", |
| 81 | + "reference_version": true |
| 82 | + }, |
| 83 | + { |
| 84 | + "dependency_input": "region", |
| 85 | + "version_input": "region", |
| 86 | + "reference_version": true |
| 87 | + }, |
| 88 | + { |
| 89 | + "dependency_output": "subnet_ids", |
| 90 | + "version_input": "existing_subnet_ids" |
| 91 | + }, |
| 92 | + { |
| 93 | + "dependency_output": "vpc_crn", |
| 94 | + "version_input": "existing_vpc_crn" |
| 95 | + }, |
| 96 | + { |
| 97 | + "dependency_input": "subnets", |
| 98 | + "version_input": "subnets", |
| 99 | + "reference_version": true |
| 100 | + }, |
| 101 | + { |
| 102 | + "dependency_input": "network_acls", |
| 103 | + "version_input": "network_acls", |
| 104 | + "reference_version": true |
| 105 | + } |
| 106 | + ] |
87 | 107 | }, |
88 | 108 | { |
| 109 | + "name": "deploy-arch-secrets-manager-private-cert", |
| 110 | + "description": "Configures secrets manager instance, private certificate engine and VPN server certificate. Client certificate will not get created and will have to be created manually.", |
| 111 | + "id": "422283a7-9cb2-4149-8093-a36a799e1d27-global", |
| 112 | + "version": "v1.7.0", |
89 | 113 | "flavors": [ |
90 | 114 | "fully-configurable" |
91 | 115 | ], |
92 | 116 | "catalog_id": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3", |
93 | | - "id": "6d6ebc76-7bbd-42f5-8bc7-78f4fabd5944-global", |
94 | | - "name": "deploy-arch-ibm-secrets-manager", |
95 | | - "version": ">=1.0.0", |
96 | | - "optional": true |
| 117 | + "optional": true, |
| 118 | + "on_by_default": true, |
| 119 | + "ignore_auto_referencing": [ |
| 120 | + "*" |
| 121 | + ], |
| 122 | + "input_mapping": [ |
| 123 | + { |
| 124 | + "dependency_input": "prefix", |
| 125 | + "version_input": "prefix", |
| 126 | + "reference_version": true |
| 127 | + }, |
| 128 | + { |
| 129 | + "dependency_output": "secrets_manager_crn", |
| 130 | + "version_input": "existing_secrets_manager_instance_crn" |
| 131 | + }, |
| 132 | + { |
| 133 | + "dependency_input": "prefix", |
| 134 | + "version_input": "prefix", |
| 135 | + "reference_version": true |
| 136 | + }, |
| 137 | + { |
| 138 | + "dependency_input": "secrets_manager_region", |
| 139 | + "version_input": "region", |
| 140 | + "reference_version": true |
| 141 | + }, |
| 142 | + { |
| 143 | + "dependency_input": "secrets_manager_service_plan", |
| 144 | + "version_input": "secrets_manager_service_plan", |
| 145 | + "reference_version": true |
| 146 | + }, |
| 147 | + { |
| 148 | + "dependency_input": "root_ca_name", |
| 149 | + "version_input": "root_ca_name", |
| 150 | + "reference_version": true |
| 151 | + }, |
| 152 | + { |
| 153 | + "dependency_input": "root_ca_common_name", |
| 154 | + "version_input": "root_ca_common_name", |
| 155 | + "reference_version": true |
| 156 | + }, |
| 157 | + { |
| 158 | + "dependency_input": "intermediate_ca_name", |
| 159 | + "version_input": "intermediate_ca_name", |
| 160 | + "reference_version": true |
| 161 | + }, |
| 162 | + { |
| 163 | + "dependency_input": "intermediate_ca_common_name", |
| 164 | + "version_input": "intermediate_ca_common_name", |
| 165 | + "reference_version": true |
| 166 | + }, |
| 167 | + { |
| 168 | + "dependency_input": "certificate_template_name", |
| 169 | + "version_input": "certificate_template_name", |
| 170 | + "reference_version": true |
| 171 | + }, |
| 172 | + { |
| 173 | + "dependency_input": "template_max_ttl", |
| 174 | + "version_input": "template_max_ttl", |
| 175 | + "reference_version": true |
| 176 | + }, |
| 177 | + { |
| 178 | + "version_input": "enable_certificate_auth", |
| 179 | + "value": false |
| 180 | + }, |
| 181 | + { |
| 182 | + "dependency_output": "secret_crn", |
| 183 | + "version_input": "existing_secrets_manager_cert_crn" |
| 184 | + } |
| 185 | + ] |
97 | 186 | } |
98 | 187 | ], |
99 | 188 | "configuration": [ |
|
102 | 191 | }, |
103 | 192 | { |
104 | 193 | "key": "prefix", |
| 194 | + "required": true, |
| 195 | + "default_value": "dev", |
| 196 | + "random_string": { |
| 197 | + "length": 4 |
| 198 | + }, |
105 | 199 | "value_constraints": [ |
106 | 200 | { |
107 | 201 | "type": "regex", |
108 | | - "description": "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen ('-'), and cannot contain consecutive hyphens ('--'). It should not exceed 16 characters.", |
| 202 | + "description": "Prefix must begin with a lowercase letter and may contain only lowercase letters, digits, and hyphens '-'. It must not end with a hyphen('-'), and cannot contain consecutive hyphens ('--'). It should not exceed 16 characters.", |
109 | 203 | "value": "^$|^__NULL__$|^[a-z](?!.*--)(?:[a-z0-9-]{0,14}[a-z0-9])?$" |
110 | 204 | } |
111 | 205 | ] |
|
124 | 218 | "config_constraints": { |
125 | 219 | "identifier": "rg_name" |
126 | 220 | } |
| 221 | + } |
| 222 | + }, |
| 223 | + { |
| 224 | + "key": "region", |
| 225 | + "required": true, |
| 226 | + "type": "string", |
| 227 | + "custom_config": { |
| 228 | + "config_constraints": { |
| 229 | + "generationType": "2" |
| 230 | + }, |
| 231 | + "grouping": "deployment", |
| 232 | + "original_grouping": "deployment", |
| 233 | + "type": "vpc_region" |
127 | 234 | }, |
128 | | - "default_value": "Default", |
129 | | - "description": "The name of an existing resource group to provision the resources." |
| 235 | + "description": "Region in which all resources will be deployed. [Learn More](https://terraform-ibm-modules.github.io/documentation/#/region).", |
| 236 | + "virtual": true, |
| 237 | + "default_value": "us-south" |
| 238 | + }, |
| 239 | + { |
| 240 | + "key": "subnets", |
| 241 | + "default_value": "{\n zone-1 = [\n {\n name = \"subnet-a\"\n cidr = \"10.10.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-2 = [\n {\n name = \"subnet-b\"\n cidr = \"10.20.10.0/24\"\n public_gateway = true\n acl_name = \"vpc-acl\"\n no_addr_prefix = false\n }\n ],\n zone-3 = []\n }", |
| 242 | + "description": "List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addresses. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-).", |
| 243 | + "required": false, |
| 244 | + "virtual": true, |
| 245 | + "custom_config": { |
| 246 | + "grouping": "deployment", |
| 247 | + "original_grouping": "deployment", |
| 248 | + "type": "code_editor" |
| 249 | + } |
| 250 | + }, |
| 251 | + { |
| 252 | + "key": "network_acls", |
| 253 | + "type": "list(object)", |
| 254 | + "default_value": "[\n {\n name = \"vpc-acl\"\n add_ibm_cloud_internal_rules = true\n add_vpc_connectivity_rules = true\n prepend_ibm_rules = true\n rules = [\n {\n name = \"allow-all-443-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n tcp = {\n port_min = 443\n port_max = 443\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-80-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n tcp = {\n port_min = 80\n port_max = 80\n source_port_min = 80\n source_port_max = 80\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-ingress-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n tcp = {\n source_port_min = 30000\n source_port_max = 32767\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-443-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n tcp = {\n source_port_min = 443\n source_port_max = 443\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-80-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n tcp = {\n source_port_min = 80\n source_port_max = 80\n port_min = 80\n port_max = 80\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-all-ingress-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n tcp = {\n port_min = 30000\n port_max = 32767\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-udp-80-443-inbound\"\n action = \"allow\"\n direction = \"inbound\"\n udp = {\n port_min = 80\n port_max = 443\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n },\n {\n name = \"allow-udp-all-outbound\"\n action = \"allow\"\n direction = \"outbound\"\n udp = {\n port_min = 1\n port_max = 65535\n source_port_min = 1\n source_port_max = 65535\n }\n destination = \"0.0.0.0/0\"\n source = \"0.0.0.0/0\"\n }\n ]\n }\n]", |
| 255 | + "description": "The list of ACLs to create. Provide at least one rule for each ACL. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#network-acls-).", |
| 256 | + "required": false, |
| 257 | + "virtual": true, |
| 258 | + "custom_config": { |
| 259 | + "type": "code_editor", |
| 260 | + "grouping": "deployment", |
| 261 | + "original_grouping": "deployment" |
| 262 | + } |
| 263 | + }, |
| 264 | + { |
| 265 | + "key": "secrets_manager_service_plan", |
| 266 | + "required": true, |
| 267 | + "virtual": true, |
| 268 | + "type": "string", |
| 269 | + "options": [ |
| 270 | + { |
| 271 | + "displayname": "Standard", |
| 272 | + "value": "standard" |
| 273 | + }, |
| 274 | + { |
| 275 | + "displayname": "Trial", |
| 276 | + "value": "trial" |
| 277 | + } |
| 278 | + ], |
| 279 | + "default_value": "standard", |
| 280 | + "description": "The pricing plan to use when provisioning a Secrets Manager instance. Possible values: `standard`, `trial`. You can create only one Trial instance of Secrets Manager per account. Before you can create a new Trial instance, you must delete the existing Trial instance and its reclamation. [Learn more](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-create-instance&interface=ui#upgrade-instance-standard)." |
130 | 281 | }, |
131 | 282 | { |
132 | 283 | "key": "existing_secrets_manager_instance_crn" |
133 | 284 | }, |
134 | 285 | { |
135 | 286 | "key": "existing_secrets_manager_cert_crn" |
136 | 287 | }, |
| 288 | + { |
| 289 | + "key": "root_ca_name", |
| 290 | + "type": "string", |
| 291 | + "required": false, |
| 292 | + "virtual": true, |
| 293 | + "default_value": "root-ca", |
| 294 | + "description": "The name of the Root Certificate Authority you want to create." |
| 295 | + }, |
| 296 | + { |
| 297 | + "key": "root_ca_common_name", |
| 298 | + "type": "string", |
| 299 | + "required": false, |
| 300 | + "virtual": true, |
| 301 | + "default_value": "example-root.com", |
| 302 | + "description": "The common name of the Root Certificate Authority you want to create." |
| 303 | + }, |
| 304 | + { |
| 305 | + "key": "intermediate_ca_name", |
| 306 | + "type": "string", |
| 307 | + "required": false, |
| 308 | + "virtual": true, |
| 309 | + "default_value": "intermediate-ca", |
| 310 | + "description": "The name of the Intermediate Certificate Authority you want to create." |
| 311 | + }, |
| 312 | + { |
| 313 | + "key": "intermediate_ca_common_name", |
| 314 | + "type": "string", |
| 315 | + "required": false, |
| 316 | + "virtual": true, |
| 317 | + "default_value": "example-int.com", |
| 318 | + "description": "The common name of the Intermediate Certificate Authority you want to create." |
| 319 | + }, |
| 320 | + { |
| 321 | + "key": "certificate_template_name", |
| 322 | + "type": "string", |
| 323 | + "required": false, |
| 324 | + "virtual": true, |
| 325 | + "default_value": "template", |
| 326 | + "description": "The name of the Certificate Template you want to create." |
| 327 | + }, |
| 328 | + { |
| 329 | + "key": "template_max_ttl", |
| 330 | + "type": "string", |
| 331 | + "required": false, |
| 332 | + "virtual": true, |
| 333 | + "default_value": "8760h", |
| 334 | + "description": "Max TTL for the certificate template you want to create." |
| 335 | + }, |
137 | 336 | { |
138 | 337 | "key": "private_cert_engine_config_root_ca_common_name" |
139 | 338 | }, |
|
0 commit comments