diff --git a/README.md b/README.md index bbf6e9b..66c946d 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,9 @@ # Terraform modules for STACKIT resources +## Overview + +You can find general overview of Terraform in [ITDOC](https://itdoc.schwarz/display/STACKIT/Terraform+overview) + ## How to use You can find examples in README.md of each module folder, e.g. for [Redis](./redis/README.md) diff --git a/dns/providers.tf b/dns/providers.tf index 91238eb..96e3e65 100644 --- a/dns/providers.tf +++ b/dns/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.61.0" } } } diff --git a/grafana/contact-point-gchat/main.tf b/grafana/contact-point-gchat/main.tf index 6056258..bed73bf 100644 --- a/grafana/contact-point-gchat/main.tf +++ b/grafana/contact-point-gchat/main.tf @@ -1,6 +1,5 @@ resource "grafana_contact_point" "this" { name = var.contact_point_name - disable_provenance = true googlechat { url = var.gchat_url diff --git a/grafana/notification-policy/main.tf b/grafana/notification-policy/main.tf index 88df625..6ea9ebc 100644 --- a/grafana/notification-policy/main.tf +++ b/grafana/notification-policy/main.tf @@ -1,7 +1,6 @@ resource "grafana_notification_policy" "this" { contact_point = var.default_contact_point_uid group_by = var.group_by - disable_provenance = true dynamic "policy" { for_each = var.folder_policies diff --git a/mongodb/mongodb.tf b/mongodb/mongodb.tf index 010010c..5ee3a58 100644 --- a/mongodb/mongodb.tf +++ b/mongodb/mongodb.tf @@ -19,3 +19,30 @@ resource "stackit_mongodbflex_user" "this" { roles = var.mongodb_user_roles database = var.mongodb_user_database } + +# // Configure Secret Manager Provider +# provider "vault" { +# address = "https://prod.sm.eu01.stackit.cloud" +# skip_child_token = true +# auth_login_userpass { +# username = var.secret_manager_username +# password = var.secret_manager_password +# } +# } + +# // Store MongoDB Credentials in Secret Manager +# resource "vault_kv_secret_v2" "mongodb_cred_save" { +# mount = var.secret_manager_instance_id +# name = var.mongodb_secrets_path +# cas = 1 +# delete_all_versions = true +# data_json = jsonencode( +# { +# username = stackit_mongodbflex_user.mongodb_user.username, +# password = stackit_mongodbflex_user.mongodb_user.password, +# host = stackit_mongodbflex_user.mongodb_user.host, +# port = stackit_mongodbflex_user.mongodb_user.port, +# uri = stackit_mongodbflex_user.mongodb_user.uri +# } +# ) +# } diff --git a/mongodb/providers.tf b/mongodb/providers.tf index 91238eb..792bab1 100644 --- a/mongodb/providers.tf +++ b/mongodb/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.50.0" } } } diff --git a/mongodb/variables.tf b/mongodb/variables.tf index b3f127f..e69bd6f 100644 --- a/mongodb/variables.tf +++ b/mongodb/variables.tf @@ -30,9 +30,7 @@ variable "mongodb_instance_flavor" { variable "mongodb_instance_options" { description = "options for mongodb" type = object({ - type = string - snapshot_retention_days = number - point_in_time_window_hours = number + type = string }) } diff --git a/objectstorage/providers.tf b/objectstorage/providers.tf index 91238eb..792bab1 100644 --- a/objectstorage/providers.tf +++ b/objectstorage/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.50.0" } } } diff --git a/observability/providers.tf b/observability/providers.tf index 14b0fba..b96dabd 100644 --- a/observability/providers.tf +++ b/observability/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.50.0" } grafana = { source = "grafana/grafana" diff --git a/postgres/outputs.tf b/postgres/outputs.tf index bf89a2a..e846bfb 100644 --- a/postgres/outputs.tf +++ b/postgres/outputs.tf @@ -3,14 +3,6 @@ output "postgres_instance_id" { value = stackit_postgresflex_instance.this.instance_id } -locals { - # Build a map: username => db_name - user_to_db = { - for db in var.postgres_databases : - db.user_name => db.db_name - } -} - # Postgres Credential Output output "postgres_credentials" { value = { @@ -20,9 +12,9 @@ output "postgres_credentials" { username = u.username password = u.password port = u.port - db_name = stackit_postgresflex_database.this[local.user_to_db[u.username]].name + db_name = stackit_postgresflex_database.this[u.username].name uri = u.uri } } sensitive = true -} +} \ No newline at end of file diff --git a/postgres/providers.tf b/postgres/providers.tf index 91238eb..792bab1 100644 --- a/postgres/providers.tf +++ b/postgres/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.50.0" } } } diff --git a/postgres/variables.tf b/postgres/variables.tf index f1906fa..886fd59 100644 --- a/postgres/variables.tf +++ b/postgres/variables.tf @@ -55,26 +55,10 @@ variable "postgres_instance_region" { # Postgres User and DB Configs variable "postgres_databases" { - description = "list of users and databases" - type = list(object({ - db_name = string # db name inside the instance - user_name = string # username and owner for postgres db - user_roles = list(string) # List of database access levels for the user. Supported values are: login, createdb. + description = "list of users and databases" + type = list(object({ + db_name = string # db name inside the instance + user_name = string # username and owner for postgres db + user_roles = list(string) # List of database access levels for the user. Supported values are: login, createdb. })) - - # ----------------------------------------------------------------- - # Validation: each db_name must be unique - # ----------------------------------------------------------------- - validation { - condition = length(distinct([for db in var.postgres_databases : db.db_name])) == length(var.postgres_databases) - error_message = "Each db_name must be unique." - } - - # ----------------------------------------------------------------- - # Validation: each user_name must be unique - # ----------------------------------------------------------------- - validation { - condition = length(distinct([for db in var.postgres_databases : db.user_name])) == length(var.postgres_databases) - error_message = "Each user_name must be unique." - } -} +} \ No newline at end of file diff --git a/rabbitmq/providers.tf b/rabbitmq/providers.tf index 91238eb..792bab1 100644 --- a/rabbitmq/providers.tf +++ b/rabbitmq/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.50.0" } } } diff --git a/redis/providers.tf b/redis/providers.tf index 83a86da..1d527de 100644 --- a/redis/providers.tf +++ b/redis/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.50.0" } } diff --git a/secrets-manager/providers.tf b/secrets-manager/providers.tf index 636035d..419a151 100644 --- a/secrets-manager/providers.tf +++ b/secrets-manager/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "0.43.3" } } } \ No newline at end of file diff --git a/service-account/providers.tf b/service-account/providers.tf index 91238eb..28dfab1 100644 --- a/service-account/providers.tf +++ b/service-account/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.59.0" } } } diff --git a/ske-cluster/providers.tf b/ske-cluster/providers.tf index 91238eb..c3406cd 100644 --- a/ske-cluster/providers.tf +++ b/ske-cluster/providers.tf @@ -2,7 +2,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.74.0" + version = "~> 0.62.0" } } }