terraform-ibm-modules · ocofaigh · Nov 29, 2024 · Oct 29, 2024 · Oct 29, 2024 · Oct 29, 2024
@@ -22,6 +22,7 @@ The Event Streams service supports payload data encryption that uses a root key
     * [Basic example](./examples/basic)
     * [Complete example with topics and schema creation.](./examples/complete)
     * [Financial Services Cloud profile example](./examples/fscloud)
+    * [Mirroring example](./examples/mirroring)
 * [Contributing](#contributing)
 <!-- END OVERVIEW HOOK -->
 
@@ -119,6 +120,7 @@ You need the following permissions to run this module.
 
 | Name | Type |
 |------|------|
+| [ibm_event_streams_mirroring_config.es_mirroring_config](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/event_streams_mirroring_config) | resource |
 | [ibm_event_streams_schema.es_schema](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/event_streams_schema) | resource |
 | [ibm_event_streams_topic.es_topic](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/event_streams_topic) | resource |
 | [ibm_iam_authorization_policy.kms_policy](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/iam_authorization_policy) | resource |
@@ -140,6 +142,8 @@ You need the following permissions to run this module.
 | <a name="input_kms_encryption_enabled"></a> [kms\_encryption\_enabled](#input\_kms\_encryption\_enabled) | Set this to true to control the encryption keys used to encrypt the data that you store in IBM Cloud® Databases. If set to false, the data is encrypted by using randomly generated keys. For more info on Key Protect integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect. For more info on HPCS integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs | `bool` | `false` | no |
 | <a name="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn) | The root key CRN of the key management service (Key Protect or Hyper Protect Crypto Services) to use to encrypt the payload data. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-managing_encryption) about integrating Hyper Protect Crypto Services with Event Streams. | `string` | `null` | no |
 | <a name="input_metrics"></a> [metrics](#input\_metrics) | Enhanced metrics to activate, as list of strings. Only allowed for enterprise plans. Allowed values: 'topic', 'partition', 'consumers'. | `list(string)` | `[]` | no |
+| <a name="input_mirroring_enabled"></a> [mirroring\_enabled](#input\_mirroring\_enabled) | Set this to true to enable mirroring. Mirroring enables messages in one Event Streams service instance to be continuously copied to a second instance to increase resiliency. See https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring | `bool` | `false` | no |
+| <a name="input_mirroring_topic_list"></a> [mirroring\_topic\_list](#input\_mirroring\_topic\_list) | The list of the topics to set in instance. Required only if var.mirroring\_enabled is set to true | `list(string)` | `[]` | no |
 | <a name="input_plan"></a> [plan](#input\_plan) | The plan for the Event Streams instance. Possible values: `lite`, `standard`, `enterprise-3nodes-2tb`. | `string` | `"standard"` | no |
 | <a name="input_region"></a> [region](#input\_region) | The region where the Event Streams are created. | `string` | `"us-south"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the Event Streams instance is created. | `string` | n/a | yes |
@@ -163,6 +167,7 @@ You need the following permissions to run this module.
 | <a name="output_kafka_broker_version"></a> [kafka\_broker\_version](#output\_kafka\_broker\_version) | The Kafka version |
 | <a name="output_kafka_brokers_sasl"></a> [kafka\_brokers\_sasl](#output\_kafka\_brokers\_sasl) | (Array of Strings) Kafka brokers use for interacting with Kafka native API |
 | <a name="output_kafka_http_url"></a> [kafka\_http\_url](#output\_kafka\_http\_url) | The API endpoint to interact with Event Streams REST API |
+| <a name="output_mirroring_config_id"></a> [mirroring\_config\_id](#output\_mirroring\_config\_id) | The ID of the mirroring config in CRN format |
 | <a name="output_service_credentials_json"></a> [service\_credentials\_json](#output\_service\_credentials\_json) | The service credentials JSON map. |
 | <a name="output_service_credentials_object"></a> [service\_credentials\_object](#output\_service\_credentials\_object) | The service credentials object. |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

diff --git a/examples/mirroring/README.md b/examples/mirroring/README.md
@@ -0,0 +1,8 @@
+# Mirroring example
+
+An end-to-end example that creates an IBM Event Streams for IBM Cloud instance and a mirroring instance.
+
+This example uses the IBM Cloud Terraform provider to create the following infrastructure.
+
+- A new resource group, if one is not passed in.
+- A instance of Event Streams in the provided resource group and region with mirror enabled.
diff --git a/examples/mirroring/main.tf b/examples/mirroring/main.tf
@@ -0,0 +1,25 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.1.6"
+  # if an existing resource group is not set (null) create a new one using prefix
+  resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
+  existing_resource_group_name = var.resource_group
+}
+
+##############################################################################
+# Events-streams-instance
+##############################################################################
+
+module "event_streams_mirror" {
+  source            = "../../"
+  resource_group_id = module.resource_group.resource_group_id
+  es_name           = "${var.prefix}-mirror"
+  tags              = var.resource_tags
+  plan              = "enterprise-3nodes-2tb"
+  mirroring_enabled = true
+  mirroring_topic_list = ["topic-1", "topic-2"]
+}
diff --git a/examples/mirroring/outputs.tf b/examples/mirroring/outputs.tf
@@ -0,0 +1,43 @@
+##############################################################################
+# Outputs
+##############################################################################
+
+output "resource_group_name" {
+  description = "Resource group name"
+  value       = module.resource_group.resource_group_name
+}
+
+output "resource_group_id" {
+  description = "Resource group ID"
+  value       = module.resource_group.resource_group_id
+}
+
+output "crn" {
+  description = "Event Streams instance crn"
+  value       = module.event_streams_mirror.crn
+}
+
+output "guid" {
+  description = "Event Streams instance guid"
+  value       = module.event_streams_mirror.guid
+}
+
+output "kafka_brokers_sasl" {
+  description = "(Array of Strings) Kafka brokers use for interacting with Kafka native API"
+  value       = module.event_streams_mirror.kafka_brokers_sasl
+}
+
+output "kafka_http_url" {
+  description = "The API endpoint to interact with Event Streams REST API"
+  value       = module.event_streams_mirror.kafka_http_url
+}
+
+output "kafka_broker_version" {
+  description = "The Kafka version"
+  value       = module.event_streams_mirror.kafka_broker_version
+}
+
+output "mirroring_config_id" {
+  description = "The ID of the mirroring config in CRN format"
+  value = module.event_streams_mirror.mirroring_config_id
+}
diff --git a/examples/mirroring/provider.tf b/examples/mirroring/provider.tf
@@ -0,0 +1,4 @@
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = var.region
+}
diff --git a/examples/mirroring/variables.tf b/examples/mirroring/variables.tf
@@ -0,0 +1,29 @@
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The IBM Cloud API key."
+  sensitive   = true
+}
+
+variable "region" {
+  type        = string
+  description = "The region where the Event Streams mirroring instance is created."
+  default     = "us-south"
+}
+
+variable "prefix" {
+  type        = string
+  description = "The prefix to apply to all resources created by this example."
+  default     = "event-streams"
+}
+
+variable "resource_group" {
+  type        = string
+  description = "An existing resource group name to use for this example. If not specified, a new resource group is created."
+  default     = null
+}
+
+variable "resource_tags" {
+  type        = list(string)
+  description = "The list of tags associated with the Event Steams instance."
+  default     = []
+}
diff --git a/examples/mirroring/version.tf b/examples/mirroring/version.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.3.0"
+  required_providers {
+    ibm = {
+      source  = "IBM-Cloud/ibm"
+      version = "= 1.71.0-beta1"
+    }
+  }
+}
@@ -5,7 +5,7 @@
 locals {
   # Validation (approach based on https://github.com/hashicorp/terraform/issues/25609#issuecomment-1057614400)
   # tflint-ignore: terraform_unused_declarations
-  validate_kms_plan = var.kms_key_crn != null && var.plan != "enterprise-3nodes-2tb" ? tobool("kms encryption is only supported for enterprise plan") : true
+  validate_kms_plan = (var.kms_key_crn != null || var.mirroring_enabled) && var.plan != "enterprise-3nodes-2tb" ? tobool("kms encryption and mirroring are only supported for enterprise plan") : true
   # tflint-ignore: terraform_unused_declarations
   validate_kms_values = !var.kms_encryption_enabled && var.kms_key_crn != null ? tobool("When passing values for var.kms_key_crn, you must set var.kms_encryption_enabled to true. Otherwise unset them to use default encryption") : true
   # tflint-ignore: terraform_unused_declarations
@@ -18,6 +18,10 @@ locals {
   validate_storage_size_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.storage_size != 2048) ? tobool("Storage size value cannot be changed in lite and standard plan. Default value is 2048.") : true
   # tflint-ignore: terraform_unused_declarations
   validate_service_end_points_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.service_endpoints != "public") ? tobool("Service endpoint cannot be changed in lite and standard plan. Default is public.") : true
+  # tflint-ignore: terraform_unused_declarations
+  validate_mirroring_values = !var.mirroring_enabled && var.mirroring_topic_list != null ? tobool("When passing values for var.mirroring_topic_list, you must set var.mirroring_enabled to true.") : true
+  # tflint-ignore: terraform_unused_declarations
+  validate_mirroring_vars = var.mirroring_enabled && var.mirroring_topic_list == null ? tobool("When setting var.mirroring_enabled to true, list of topics must be passed for var.mirroring_topic_list") : true
   # Determine what KMS service is being used for database encryption
   kms_service = var.kms_key_crn != null ? (
     can(regex(".*kms.*", var.kms_key_crn)) ? "kms" : (
@@ -166,3 +170,9 @@ locals {
     }
   } : null
 }
+
+resource "ibm_event_streams_mirroring_config" "es_mirroring_config" {
+  count                    = var.mirroring_enabled ? 1 : 0
+  resource_instance_id     = ibm_resource_instance.es_instance.id
+  mirroring_topic_patterns = var.mirroring_topic_list
+}
@@ -43,3 +43,8 @@ output "service_credentials_object" {
   value       = local.service_credentials_object
   sensitive   = true
 }
+
+output "mirroring_config_id" {
+  description = "The ID of the mirroring config in CRN format"
+  value       = var.mirroring_enabled ? ibm_event_streams_mirroring_config.es_mirroring_config[0].id : null
+}
@@ -13,6 +13,8 @@ import (
 
 const completeExampleTerraformDir = "examples/complete"
 const quickstartSolutionTerraformDir = "solutions/quickstart"
+const mirroringExampleTerraformDir = "examples/mirroring"
+
 
 // Use existing group for tests
 const resourceGroup = "geretain-test-event-streams"
@@ -80,3 +82,13 @@ func TestRunQuickstartSolution(t *testing.T) {
 	assert.Nil(t, err, "This should not have errored")
 	assert.NotNil(t, output, "Expected some output")
 }
+
+func TestRunMirroringExample(t *testing.T) {
+	t.Parallel()
+
+	options := setupOptions(t, "es-mirror", mirroringExampleTerraformDir)
+
+	output, err := options.RunTestConsistency()
+	assert.Nil(t, err, "This should not have errored")
+	assert.NotNil(t, output, "Expected some output")
+}
@@ -201,3 +201,15 @@ variable "metrics" {
   }
   default = []
 }
+
+variable "mirroring_enabled" {
+  type        = bool
+  description = "Set this to true to enable mirroring. Mirroring enables messages in one Event Streams service instance to be continuously copied to a second instance to increase resiliency. See https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring."
+  default     = false
+}
+
+variable "mirroring_topic_list" {
+  type        = list(string)
+  description = "The list of the topics to set in instance. Required only if var.mirroring_enabled is set to true."
+  default     = []
+}