diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md index 40a1612..bf87e34 100644 --- a/RELEASE-NOTES.md +++ b/RELEASE-NOTES.md @@ -1,3 +1,16 @@ +# February 28, 2024 Release Notes - 0.1.4 + +## Updates + +### Events Module +1. Networking events updated: + - Delete event for Local Peering Gateway renamed to *com.oraclecloud.virtualnetwork.deletelocalpeeringgateway.end*. + - Event *com.oraclecloud.servicegateway.deleteservicegateway.begin* removed. +2. The reserved key "TENANCY-ROOT" has been introduced. It is used for referring to the root compartment OCID and can be assigned to *default_compartment_id* and *compartment_id* and *metric_compartment_id* attributes. + +### Alarms Module +1. The reserved key "TENANCY-ROOT" has been introduced. It is used for referring to the root compartment OCID and can be assigned to *default_compartment_id* and *compartment_id* attributes. + # January 10, 2024 Release Notes - 0.1.3 ## Added diff --git a/alarms/README.md b/alarms/README.md index e23c75f..07b5a13 100644 --- a/alarms/README.md +++ b/alarms/README.md @@ -82,7 +82,7 @@ For referring to a specific module version, append *ref=\* to the *sou ## Module Functioning In this module, alarms are defined using the *alarms_configuration* object, that supports the following attributes: -- **default_compartment_id**: the default compartment for all resources managed by this module. It can be overriden by *compartment_id* attribute in each resource. This attribute is overloaded. It can be assigned either a literal OCID or a reference (a key) to an OCID. +- **default_compartment_id**: the default compartment for all resources managed by this module. It can be overriden by *compartment_id* attribute in each resource. This attribute is overloaded. It can be assigned either a literal OCID or a reference (a key) to an OCID. The reserved key "TENANCY-ROOT" references the root compartment OCID. When "TENANCY-ROOT" is utilized, variable *tenancy_ocid* is required. - **default_defined_tags**: the default defined tags that are applied to all resources managed by this module. It can be overriden by *defined_tags* attribute in each resource. - **default_freeform_tags**: the default freeform tags that are applied to all resources managed by this module. It can be overriden by *freeform_tags* attribute in each resource. - **alarms**: define the alarms to capture and where to send them. diff --git a/alarms/SPEC.md b/alarms/SPEC.md index 9b409cd..2a25c3f 100644 --- a/alarms/SPEC.md +++ b/alarms/SPEC.md @@ -32,6 +32,7 @@ No modules. | [enable\_output](#input\_enable\_output) | Whether Terraform should enable the module output. | `bool` | `true` | no | | [module\_name](#input\_module\_name) | The module name. | `string` | `"alarms"` | no | | [streams\_dependency](#input\_streams\_dependency) | A map of objects containing the externally managed streams this module may depend on. All map objects must have the same type and must contain at least an 'id' attribute (representing the topic OCID) of string type. | `map(any)` | `null` | no | +| [tenancy\_ocid](#input\_tenancy\_ocid) | The tenancy OCID | `string` | `null` | no | | [topics\_dependency](#input\_topics\_dependency) | A map of objects containing the externally managed topics this module may depend on. All map objects must have the same type and must contain at least an 'id' attribute (representing the topic OCID) of string type. | `map(any)` | `null` | no | ## Outputs diff --git a/alarms/examples/external-dependency/README.md b/alarms/examples/external-dependency/README.md index d1706d7..e157cae 100644 --- a/alarms/examples/external-dependency/README.md +++ b/alarms/examples/external-dependency/README.md @@ -18,11 +18,11 @@ Note: ** is the bucket specified by *oci_shared_config_bucket* vari 1. Rename *input.auto.tfvars.template* to *\.auto.tfvars*, where *\* is any name of your choice. 2. Within *\.auto.tfvars*, provide tenancy connectivity information and adjust the *alarms_configuration* input variable, by making the appropriate substitutions: - - Replace *\* placeholders by the appropriate compartment references, expected to be found in the OCI Object Storage object specified by *oci_compartments_object*. + - Replace *\* placeholders by the appropriate compartment references, expected to be found in the OCI Object Storage object specified by *oci_compartments_object*. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. - Replace *\* placeholders by the appropriate topic references, expected to be found in the OCI Object Storage object specified by *oci_topics_object*. - Replace *\* placeholder by the OCI Object Storage bucket for configuration sharing across modules. - - Replace *\* placeholder by the OCI Object Storage object with the compartments references. This object is tipically stored in OCI Object Storage by the module that manages compartments. - - Replace *\* placeholder by the OCI Object Storage object to hold topic references. This object is tipically stored in OCI Object Storage by the module that manages topics. + - Replace *\* placeholder by the OCI Object Storage object with the compartments references. This object is typically stored in OCI Object Storage by the module that manages compartments. + - Replace *\* placeholder by the OCI Object Storage object to hold topic references. This object is typically stored in OCI Object Storage by the module that manages topics. Refer to [Alarms' module README.md](../../README.md) for overall attributes usage. diff --git a/alarms/examples/external-dependency/input.auto.tfvars.template b/alarms/examples/external-dependency/input.auto.tfvars.template index 3916612..72cedd0 100644 --- a/alarms/examples/external-dependency/input.auto.tfvars.template +++ b/alarms/examples/external-dependency/input.auto.tfvars.template @@ -1,11 +1,11 @@ # Copyright (c) 2023 Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -#-------------------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ # 1. Rename this file to .auto.tfvars, where is a name of your choice. # 2. Provide values for "Tenancy Connectivity Variables". # 3. Replace placeholders by the appropriate compartment references, -# expected to be found in the OCI Object Storage object specified in oci_compartments_dependency. +# expected to be found in the OCI Object Storage object specified in oci_compartments_dependency. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. # 4. Replace placeholders by the appropriate topic references, # expected to be found in the OCI Object Storage object specified in oci_topics_dependency. # 5. Replace placeholder by the OCI Object Storage bucket for configuration sharing across modules. @@ -13,7 +13,7 @@ # object is tipically stored in OCI Object Storage by the module that manages compartments. # 7. Replace placeholder by the OCI Object Storage object to with the topic references. This # object is tipically stored in OCI Object Storage by the module that manages topics. -#-------------------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- #--------------------------------------- # Tenancy Connectivity Variables @@ -21,7 +21,7 @@ tenancy_ocid = "" # Get this from OCI Console (after logging in, go to top-right-most menu item and click option "Tenancy: "). user_ocid = "" # Get this from OCI Console (after logging in, go to top-right-most menu item and click option "My profile"). -fingerprint = "" # The fingerprint can be gathered from your user account. In the "My profile page, click "API keys" on the menu in left hand side). +fingerprint = "" # The fingerprint can be gathered from your user account. In the "My profile page, click "API keys" on the menu in left hand side. private_key_path = "" # This is the full path on your local system to the API signing private key. private_key_password = "" # This is the password that protects the private key, if any. region = "" # This is your region, where all other events are created. It can be the same as home_region. diff --git a/alarms/examples/external-dependency/variables.tf b/alarms/examples/external-dependency/variables.tf index 27138b6..24c2b2a 100644 --- a/alarms/examples/external-dependency/variables.tf +++ b/alarms/examples/external-dependency/variables.tf @@ -28,6 +28,7 @@ variable "alarms_configuration" { pending_duration = optional(string) # the period of time the condition must persist before the alarm is fired. Default is 5 minutes: "PT5M" metric_compartment_id = optional(string) # the compartment containing the metric being evaluated by the alarm. compartment_id is used if undefined. This attribute is overloaded: it can be either a compartment OCID or a reference (a key) to the compartment OCID. message_format = optional(string) # format to use for notification messages sent from this alarm. Valid formats are: "RAW", "PRETTY_JSON", "ONS_OPTIMIZED". Default is "PRETTY_JSON". + repeat_notification_critical_alarms = optional(string) #option to repeat critical alarms })) destination_topic_ids = optional(list(string)) # List of topics to send alarms to. This attribute is overloaded: values can be either topic OCIDs or references (keys) to the topics OCIDs. The references are first looked up in the topics attribute and then in the topics_dependency object. destination_stream_ids = optional(list(string)) # List of streams to send alarms to. This attribute is overloaded: values can be either stream OCIDs or references (keys) to the streams OCIDs. The references are first looked up in the streams attribute and then in the streams_dependency object. diff --git a/alarms/examples/supplied_alarms/README.md b/alarms/examples/supplied_alarms/README.md index 40ae980..6d5f546 100644 --- a/alarms/examples/supplied_alarms/README.md +++ b/alarms/examples/supplied_alarms/README.md @@ -12,7 +12,8 @@ The picture below shows side by side how the various attributes in *alarms_confi 1. Rename *input.auto.tfvars.template* to *\.auto.tfvars*, where *\* is any name of your choice. 2. Within *\.auto.tfvars*, provide tenancy connectivity information and adjust the *alarms_configuration* input variable, by making the appropriate substitutions: - - Replace *\*, *\*, *\* placeholders by appropriate compartment and topic OCIDs. + - Replace *\*, *\* placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. + - Replace *\* placeholders by appropriate topic OCIDs. Refer to [Alarms' module README.md](../../README.md) for overall attributes usage. diff --git a/alarms/examples/supplied_alarms/input.auto.tfvars.template b/alarms/examples/supplied_alarms/input.auto.tfvars.template index 908b13d..075d650 100644 --- a/alarms/examples/supplied_alarms/input.auto.tfvars.template +++ b/alarms/examples/supplied_alarms/input.auto.tfvars.template @@ -1,12 +1,12 @@ # Copyright (c) 2023 Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -#-------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- # 1. Rename this file to .auto.tfvars, where is a name of your choice. # 2. Provide values for "Tenancy Connectivity Variables". -# 3. Replace , , placeholders -# by appropriate compartment and topic OCIDs. -#-------------------------------------------------------------------------------------------------------------------------------------- +# 3. Replace , by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. +# 4. Replace by appropriate topic OCIDs. +#------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- #--------------------------------------- # Tenancy Connectivity Variables @@ -24,7 +24,7 @@ region = "" # This is your region, where #--------------------------------------- alarms_configuration = { - default_compartment_ocid = "" + default_compartment_ocid = "" # You can utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. #default_defined_tags = null #default_freeform_tags = null @@ -37,7 +37,7 @@ alarms_configuration = { query = "CpuUtilization[1m].mean() > 80" namespace = "oci_computeagent" pending_duration = "PT6M" # 6 minutes - metric_compartment_ocid = "" + metric_compartment_ocid = "" # You can utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. severity = "CRITICAL" message_format = "ONS_OPTIMIZED" repeat_frequency_for_critical_alarms = "PT4H" # 4 hours diff --git a/alarms/examples/supplied_alarms/main.tf b/alarms/examples/supplied_alarms/main.tf index 0df1836..bbd2cd8 100644 --- a/alarms/examples/supplied_alarms/main.tf +++ b/alarms/examples/supplied_alarms/main.tf @@ -4,4 +4,5 @@ module "supplied_alarms" { source = "../../" alarms_configuration = var.alarms_configuration + tenancy_ocid = var.tenancy_ocid } diff --git a/alarms/examples/vision/README.md b/alarms/examples/vision/README.md index d9aa17d..12992d2 100644 --- a/alarms/examples/vision/README.md +++ b/alarms/examples/vision/README.md @@ -8,7 +8,7 @@ This example shows how to deploy alarms in OCI for a hypothetical Vision entity 1. Rename *input.auto.tfvars.template* to *\.auto.tfvars*, where *\* is any name of your choice. 2. Within *\.auto.tfvars*, provide tenancy connectivity information and adjust the *alarms_configuration* input variable, by making the appropriate substitutions: - - Replace *\* placeholders by appropriate compartment OCIDs. + - Replace *\* placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. - Replace *email.address@example.com* by actual email addresses. Refer to [Alarms' module README.md](../../README.md) for overall attributes usage. diff --git a/alarms/examples/vision/input.auto.tfvars.template b/alarms/examples/vision/input.auto.tfvars.template index 2623e10..55e3268 100644 --- a/alarms/examples/vision/input.auto.tfvars.template +++ b/alarms/examples/vision/input.auto.tfvars.template @@ -1,12 +1,12 @@ # Copyright (c) 2023 Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -#-------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------- # 1. Rename this file to .auto.tfvars, where is a name of your choice. # 2. Provide values for "Tenancy Connectivity Variables". -# 3. Replace placeholders by appropriate compartment OCIDs. +# 3. Replace placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. # 4. Replace email.address@example.com by actual email addresses. -#-------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------- #--------------------------------------- # Tenancy Connectivity Variables @@ -14,7 +14,7 @@ tenancy_ocid = "" # Get this from OCI Console (after logging in, go to top-right-most menu item and click option "Tenancy: "). user_ocid = "" # Get this from OCI Console (after logging in, go to top-right-most menu item and click option "My profile"). -fingerprint = "" # The fingerprint can be gathered from your user account. In the "My profile page, click "API keys" on the menu in left hand side). +fingerprint = "" # The fingerprint can be gathered from your user account. In the "My profile page, click "API keys" on the menu in left hand side. private_key_path = "" # This is the full path on your local system to the API signing private key. private_key_password = "" # This is the password that protects the private key, if any. region = "" # This is your region, where all other events are created. It can be the same as home_region. @@ -24,7 +24,7 @@ region = "" # This is your region, where #--------------------------------------- alarms_configuration = { - default_compartment_id = "" + default_compartment_id = "" # You can utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. #default_defined_tags = null #default_freeform_tags = null diff --git a/alarms/examples/vision/main.tf b/alarms/examples/vision/main.tf index 29b8338..7ae817b 100644 --- a/alarms/examples/vision/main.tf +++ b/alarms/examples/vision/main.tf @@ -4,4 +4,5 @@ module "vision_alarms" { source = "../../" alarms_configuration = var.alarms_configuration + tenancy_ocid = var.tenancy_ocid } diff --git a/alarms/main.tf b/alarms/main.tf index 80de3aa..786f684 100644 --- a/alarms/main.tf +++ b/alarms/main.tf @@ -3,12 +3,15 @@ locals { + tenancy_root_key = "TENANCY-ROOT" + subscriptions = flatten([ for topic_key, topic in(var.alarms_configuration["topics"] != null ? var.alarms_configuration["topics"] : {}) : [ for subs in(topic["subscriptions"] != null ? topic["subscriptions"] : []) : [ for value in subs["values"] : { key = "${topic_key}.${value}" - compartment_id = topic.compartment_id != null ? (length(regexall("^ocid1.*$", topic.compartment_id)) > 0 ? topic.compartment_id : var.compartments_dependency[topic.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + #compartment_id = topic.compartment_id != null ? (length(regexall("^ocid1.*$", topic.compartment_id)) > 0 ? topic.compartment_id : var.compartments_dependency[topic.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + compartment_id = topic.compartment_id != null ? topic.compartment_id : var.alarms_configuration.default_compartment_id protocol = upper(subs.protocol) endpoint = value topic_id = oci_ons_notification_topic.these[topic_key].id @@ -29,17 +32,25 @@ resource "oci_monitoring_alarm" "these" { lifecycle { precondition { condition = each.value.preconfigured_alarm_type != null ? contains(keys(local.preconfigured_alarms), each.value.preconfigured_alarm_type) : true - error_message = "VALIDATION FAILURE" + error_message = "VALIDATION FAILURE in alarm \"${each.key}\": invalid \"preconfigured_alarm_type\" ${coalesce(each.value.preconfigured_alarm_type,"__void__")}. Valid values are: ${join(", ",keys(local.preconfigured_alarms))} (case insensitive)." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in alarm \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.alarms_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in alarm \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"alarms_configuration's\" \"default_compartment_id\" attribute." } } - compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : (upper(var.alarms_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id)) destinations = each.value.destination_topic_ids != null || each.value.destination_stream_ids != null ? setunion( each.value.destination_topic_ids != null ? ([for id in each.value.destination_topic_ids : length(regexall("^ocid1.*$", id)) > 0 ? id : contains(keys(oci_ons_notification_topic.these),id) ? oci_ons_notification_topic.these[id].id : var.topics_dependency[id].id]) : [], each.value.destination_stream_ids != null ? ([for id in each.value.destination_stream_ids : length(regexall("^ocid1.*$", id)) > 0 ? id : contains(keys(oci_streaming_stream.these),id) ? oci_streaming_stream.these[id].id : var.streams_dependency[id].id]) : [] ) : null display_name = each.value.display_name is_enabled = each.value.is_enabled != null ? each.value.is_enabled : true - metric_compartment_id = each.value.supplied_alarm != null ? (each.value.supplied_alarm.metric_compartment_id != null ? (length(regexall("^ocid1.*$", each.value.supplied_alarm.metric_compartment_id)) > 0 ? each.value.supplied_alarm.metric_compartment_id : var.compartments_dependency[each.value.supplied_alarm.metric_compartment_id].id) : (each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id))) : (each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id)) + metric_compartment_id = each.value.supplied_alarm != null ? (each.value.supplied_alarm.metric_compartment_id != null ? (length(regexall("^ocid1.*$", each.value.supplied_alarm.metric_compartment_id)) > 0 ? each.value.supplied_alarm.metric_compartment_id : (upper(each.value.supplied_alarm.metric_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.supplied_alarm.metric_compartment_id].id)) : (each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : (upper(var.alarms_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id)))) : (each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : (upper(var.alarms_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id))) namespace = each.value.supplied_alarm != null ? each.value.supplied_alarm.namespace : local.preconfigured_alarms[each.value.preconfigured_alarm_type].namespace query = each.value.supplied_alarm != null ? each.value.supplied_alarm.query : local.preconfigured_alarms[each.value.preconfigured_alarm_type].query severity = each.value.supplied_alarm != null ? each.value.supplied_alarm.severity != null ? each.value.supplied_alarm.severity : "CRITICAL" : local.preconfigured_alarms[each.value.preconfigured_alarm_type].severity @@ -52,7 +63,18 @@ resource "oci_monitoring_alarm" "these" { resource "oci_ons_notification_topic" "these" { for_each = var.alarms_configuration["topics"] != null ? var.alarms_configuration["topics"] : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + lifecycle { + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.alarms_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"alarms_configuration's\" \"default_compartment_id\" attribute." + } + } + #compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : (upper(var.alarms_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id)) name = each.value.name description = each.value.description != null ? each.value.description : each.value.name defined_tags = each.value.defined_tags != null ? each.value.defined_tags : var.alarms_configuration.default_defined_tags @@ -69,10 +91,19 @@ resource "oci_ons_subscription" "these" { lifecycle { precondition { condition = contains(local.subscription_protocols, upper(each.value.protocol)) - error_message = "VALIDATION FAILURE : \"${each.value.protocol}\" value is invalid for \"protocol\" attribute. Valid values are ${join(", ", local.subscription_protocols)} (case insensitive)." + error_message = "VALIDATION FAILURE in topic subscription \"${each.key}\": \"${each.value.protocol}\" value is invalid for \"protocol\" attribute. Valid values are ${join(", ", local.subscription_protocols)} (case insensitive)." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic subscription \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.alarms_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic subscription \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"alarms_configuration's\" \"default_compartment_id\" attribute." } } - compartment_id = each.value.compartment_id + #compartment_id = each.value.compartment_id + compartment_id = length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id) topic_id = each.value.topic_id endpoint = each.value.endpoint protocol = each.value.protocol @@ -82,7 +113,18 @@ resource "oci_ons_subscription" "these" { resource "oci_streaming_stream" "these" { for_each = var.alarms_configuration["streams"] != null ? var.alarms_configuration["streams"] : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + lifecycle { + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in stream \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.alarms_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in stream \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"alarms_configuration's\" \"default_compartment_id\" attribute." + } + } + #compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id) + compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.alarms_configuration.default_compartment_id)) > 0 ? var.alarms_configuration.default_compartment_id : (upper(var.alarms_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.alarms_configuration.default_compartment_id].id)) name = each.value.name partitions = each.value.num_partitions != null ? each.value.num_partitions : 1 retention_in_hours = each.value.log_retention_in_hours != null ? each.value.log_retention_in_hours : 24 diff --git a/alarms/variables.tf b/alarms/variables.tf index 02238d9..59dc936 100644 --- a/alarms/variables.tf +++ b/alarms/variables.tf @@ -1,6 +1,12 @@ # Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +variable "tenancy_ocid" { + description = "The tenancy OCID" + type = string + default = null +} + variable "alarms_configuration" { description = "Alarms configuration settings, defining all aspects to manage alarms in OCI. Please see the comments within each attribute for details." type = object({ @@ -21,7 +27,7 @@ variable "alarms_configuration" { pending_duration = optional(string) # the period of time the condition must persist before the alarm is fired. Default is 5 minutes: "PT5M" metric_compartment_id = optional(string) # the compartment containing the metric being evaluated by the alarm. compartment_id is used if undefined. This attribute is overloaded: it can be either a compartment OCID or a reference (a key) to the compartment OCID. message_format = optional(string) # format to use for notification messages sent from this alarm. Valid formats are: "RAW", "PRETTY_JSON", "ONS_OPTIMIZED". Default is "PRETTY_JSON". - repeat_frequency_for_critical_alarms = optional(string) #option to repeat critical alarms + repeat_notification_critical_alarms = optional(string) #option to repeat critical alarms })) destination_topic_ids = optional(list(string)) # List of topics to send alarms to. This attribute is overloaded: values can be either topic OCIDs or references (keys) to the topics OCIDs. The references are first looked up in the topics attribute and then in the topics_dependency object. destination_stream_ids = optional(list(string)) # List of streams to send alarms to. This attribute is overloaded: values can be either stream OCIDs or references (keys) to the streams OCIDs. The references are first looked up in the streams attribute and then in the streams_dependency object. diff --git a/events/README.md b/events/README.md index f6363da..3059670 100644 --- a/events/README.md +++ b/events/README.md @@ -86,9 +86,9 @@ For referring to a specific module version, append *ref=\* to the *sou ## Module Functioning In this module, events are defined using the *events_configuration* object, that supports the following attributes: -- **default_compartment_id**: the default compartment for all resources managed by this module. It can be overriden by *compartment_id* attribute in each resource. This attribute is overloaded: it can be either a compartment OCID or a reference (a key) to the compartment OCID. -- **default_defined_tags**: the default defined tags that are applied to all resources managed by this module. It can be overriden by *defined_tags* attribute in each resource. -- **default_freeform_tags**: the default freeform tags that are applied to all resources managed by this module. It can be overriden by *freeform_tags* attribute in each resource. +- **default_compartment_id**: the default compartment for all resources managed by this module. It can be overridden by *compartment_id* attribute in each resource. This attribute is overloaded: it can be either a compartment OCID or a reference (a key) to the compartment OCID. The reserved key "TENANCY-ROOT" references the root compartment OCID. When "TENANCY-ROOT" is utilized, variable *tenancy_ocid* is required. +- **default_defined_tags**: the default defined tags that are applied to all resources managed by this module. It can be overridden by *defined_tags* attribute in each resource. +- **default_freeform_tags**: the default freeform tags that are applied to all resources managed by this module. It can be overridden by *freeform_tags* attribute in each resource. - **event_rules**: define the event types to capture and where to send them. **Each event rule is defined as an object whose key must be unique and must not be changed once defined**. As a convention, use uppercase strings for the keys. - **topics**: define the topics managed by this module that can be used as event destinations. **Each topic is defined as an object whose key must be unique and must not be changed once defined**. As a convention, use uppercase strings for the keys. - **streams**: define the streams managed by this module that can be used as event destinations. **Each stream is defined as an object whose key must be unique and must not be changed once defined**. As a convention, use uppercase strings for the keys. diff --git a/events/SPEC.md b/events/SPEC.md index b7ed8f2..553dc59 100644 --- a/events/SPEC.md +++ b/events/SPEC.md @@ -33,6 +33,7 @@ No modules. | [functions\_dependency](#input\_functions\_dependency) | A map of objects containing the externally managed OCI functions this module may depend on. All map objects must have the same type and must contain at least an 'id' attribute (representing the topic OCID) of string type. | `map(any)` | `null` | no | | [module\_name](#input\_module\_name) | The module name. | `string` | `"events"` | no | | [streams\_dependency](#input\_streams\_dependency) | A map of objects containing the externally managed streams this module may depend on. All map objects must have the same type and must contain at least an 'id' attribute (representing the topic OCID) of string type. | `map(any)` | `null` | no | +| [tenancy\_ocid](#input\_tenancy\_ocid) | The tenancy OCID | `string` | `null` | no | | [topics\_dependency](#input\_topics\_dependency) | A map of objects containing the externally managed topics this module may depend on. All map objects must have the same type and must contain at least an 'id' attribute (representing the topic OCID) of string type. | `map(any)` | `null` | no | ## Outputs diff --git a/events/examples/api-gateway-events/README.md b/events/examples/api-gateway-events/README.md index f13e492..90514e3 100644 --- a/events/examples/api-gateway-events/README.md +++ b/events/examples/api-gateway-events/README.md @@ -8,7 +8,7 @@ This example shows how to manage events related to API Gateway deployments in Or 1. Rename *input.auto.tfvars.template* to *\.auto.tfvars*, where *\* is any name of your choice. 2. Within *\.auto.tfvars*, provide tenancy connectivity information and adjust the *events_configuration* input variable, by making the appropriate substitutions: - - Replace *\* placeholders by appropriate compartment OCIDs. + - Replace *\* placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. - Replace *\* placeholder by an appropriate compartment OCID. - Replace *email.address@example.com* by actual email addresses. diff --git a/events/examples/api-gateway-events/input.auto.tfvars.template b/events/examples/api-gateway-events/input.auto.tfvars.template index a71cca8..6713cc4 100644 --- a/events/examples/api-gateway-events/input.auto.tfvars.template +++ b/events/examples/api-gateway-events/input.auto.tfvars.template @@ -1,13 +1,13 @@ # Copyright (c) 2023 Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -#-------------------------------------------------------------------------------------------------------------------------------------- +#--------------------------------------------------------------------------------------------------------------------------------------------------------------------- # 1. Rename this file to .auto.tfvars, where is a name of your choice. # 2. Provide values for "Tenancy Connectivity Variables". -# 3. Replace placeholders by appropriate compartment OCIDs. +# 3. Replace placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. # 4. Replace placeholder by appropriate compartment OCID. # 5. Replace email.address@example.com by actual email addresses. -#-------------------------------------------------------------------------------------------------------------------------------------- +#--------------------------------------------------------------------------------------------------------------------------------------------------------------------- #--------------------------------------- # Tenancy Connectivity Variables diff --git a/events/examples/external-dependency/README.md b/events/examples/external-dependency/README.md index cb8ad66..1bd9009 100644 --- a/events/examples/external-dependency/README.md +++ b/events/examples/external-dependency/README.md @@ -19,7 +19,6 @@ Note: ** is the bucket specified by *oci_shared_config_bucket* vari 1. Rename *input.auto.tfvars.template* to *\.auto.tfvars*, where *\* is any name of your choice. 2. Within *\.auto.tfvars*, provide tenancy connectivity information and adjust the *events_configuration* input variable, by making the appropriate substitutions: - - Replace *\* placeholders by the Root compartment (tenancy) OCID. - Replace *\* placeholders by the appropriate compartment references, expected to be found in the OCI Object Storage object specified by *oci_compartments_object*. - Replace *\* placeholders by the appropriate topic references, expected to be found in the OCI Object Storage object specified by *oci_topics_object*. - Replace *\* placeholder by the OCI Object Storage bucket for configuration sharing across modules. diff --git a/events/examples/external-dependency/input.auto.tfvars.template b/events/examples/external-dependency/input.auto.tfvars.template index 586a54c..830c57a 100644 --- a/events/examples/external-dependency/input.auto.tfvars.template +++ b/events/examples/external-dependency/input.auto.tfvars.template @@ -4,16 +4,15 @@ #------------------------------------------------------------------------------------------------------------------------------------------- # 1. Rename this file to .auto.tfvars, where is a name of your choice. # 2. Provide values for "Tenancy Connectivity Variables". -# 3. Replace placeholders by your Root compartment OCID. -# 4. Replace placeholders by the appropriate compartment references, +# 3. Replace placeholders by the appropriate compartment references, # expected to be found in the OCI Object Storage object specified in oci_compartments_dependency. -# 5. Replace placeholders by the appropriate topic references, +# 4. Replace placeholders by the appropriate topic references, # expected to be found in the OCI Object Storage object specified in oci_topics_dependency. -# 6. Replace placeholder by the OCI Object Storage bucket for configuration sharing across modules. -# 7. Replace placeholder by the OCI Object Storage object with the compartments references. This -# object is tipically stored in OCI Object Storage by the module that manages compartments. -# 8. Replace placeholder by the OCI Object Storage object to with the topic references. This -# object is tipically stored in OCI Object Storage by the module that manages topics. +# 5. Replace placeholder by the OCI Object Storage bucket for configuration sharing across modules. +# 6. Replace placeholder by the OCI Object Storage object with the compartments references. This +# object is typically stored in OCI Object Storage by the module that manages compartments. +# 7. Replace placeholder by the OCI Object Storage object to with the topic references. This +# object is typically stored in OCI Object Storage by the module that manages topics. #------------------------------------------------------------------------------------------------------------------------------------------- #--------------------------------------- @@ -35,7 +34,7 @@ region = "" # This is your region, where events_configuration = { - default_compartment_id = "" #Root compartment + default_compartment_id = "TENANCY-ROOT" #default_defined_tags = null #default_freeform_tags = null @@ -89,7 +88,7 @@ events_configuration = { home_region_events_configuration = { - default_compartment_id = "" #Root compartment + default_compartment_id = "TENANCY-ROOT" event_rules = { IAM-EVENTS-KEY = { diff --git a/events/examples/vision/README.md b/events/examples/vision/README.md index c6bcd1d..bad0582 100644 --- a/events/examples/vision/README.md +++ b/events/examples/vision/README.md @@ -10,7 +10,7 @@ It creates two sets of event rules in the specified home region and region. IAM 1. Rename *input.auto.tfvars.template* to *\.auto.tfvars*, where *\* is any name of your choice. 2. Within *\.auto.tfvars*, provide tenancy connectivity information and adjust the *events_configuration* input variable, by making the appropriate substitutions: - - Replace *\* placeholders by appropriate compartment OCIDs. + - Replace *\* placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. - Replace *\email.address@example.com\* by actual email addresses. Refer to [Events module README.md](../../README.md) for overall attributes usage. diff --git a/events/examples/vision/input.auto.tfvars.template b/events/examples/vision/input.auto.tfvars.template index 116b776..9cf4202 100644 --- a/events/examples/vision/input.auto.tfvars.template +++ b/events/examples/vision/input.auto.tfvars.template @@ -1,12 +1,12 @@ # Copyright (c) 2023 Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -#-------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------- # 1. Rename this file to .auto.tfvars, where is a name of your choice. # 2. Provide values for "Tenancy Connectivity Variables". -# 3. Replace placeholders by appropriate compartment OCIDs. +# 3. Replace placeholders by appropriate compartment OCIDs. Or utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. # 4. Replace email.address@example.com by actual email addresses. -#-------------------------------------------------------------------------------------------------------------------------------------- +#------------------------------------------------------------------------------------------------------------------------------------------------------------------- #--------------------------------------- # Tenancy Connectivity Variables @@ -27,7 +27,7 @@ region = "" # This is your region, where events_configuration = { - default_compartment_id = "" + default_compartment_id = "" # You can utilize the reserved key "TENANCY-ROOT" for the root compartment OCID. #default_defined_tags = null #default_freeform_tags = null diff --git a/events/examples/vision/main.tf b/events/examples/vision/main.tf index ba2d2e8..8dc1c7f 100644 --- a/events/examples/vision/main.tf +++ b/events/examples/vision/main.tf @@ -4,10 +4,12 @@ module "vision_events" { source = "../../" events_configuration = var.events_configuration + tenancy_ocid = var.tenancy_ocid } module "vision_home_region_events" { source = "../../" providers = { oci = oci.home } events_configuration = var.home_region_events_configuration + tenancy_ocid = var.tenancy_ocid } \ No newline at end of file diff --git a/events/main.tf b/events/main.tf index 05c1523..b4550eb 100644 --- a/events/main.tf +++ b/events/main.tf @@ -3,12 +3,15 @@ locals { + tenancy_root_key = "TENANCY-ROOT" + subscriptions = flatten([ for topic_key, topic in (var.events_configuration["topics"] != null ? var.events_configuration["topics"] : {}) : [ for subs in (topic["subscriptions"] != null ? topic["subscriptions"] : []) : [ for value in subs["values"] : { key = "${topic_key}.${value}" - compartment_id = topic.compartment_id != null ? (length(regexall("^ocid1.*$", topic.compartment_id)) > 0 ? topic.compartment_id : var.compartments_dependency[topic.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + #compartment_id = topic.compartment_id != null ? (length(regexall("^ocid1.*$", topic.compartment_id)) > 0 ? topic.compartment_id : var.compartments_dependency[topic.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + compartment_id = topic.compartment_id != null ? topic.compartment_id : var.events_configuration.default_compartment_id protocol = upper(subs.protocol) endpoint = value topic_id = oci_ons_notification_topic.these[topic_key].id @@ -68,11 +71,19 @@ resource "oci_events_rule" "these" { precondition { #-- This precondition checks if values in preconfigured_events_categories attributes are valid. condition = each.value.preconfigured_events_categories != null ? length(setintersection(keys(local.preconfigured_events),[for category in each.value.preconfigured_events_categories : lower(category)])) == length([for category in each.value.preconfigured_events_categories : lower(category)]) : true - error_message = "VALIDATION FAILURE : \"${each.value.preconfigured_events_categories != null ? join(",",setsubtract([for category in each.value.preconfigured_events_categories : lower(category)],keys(local.preconfigured_events))) : ""}\" value is invalid for \"preconfigured_events_categories\" attribute. Valid values are ${join(", ",keys(local.preconfigured_events))} (case insensitive)." + error_message = "VALIDATION FAILURE in event \"${each.key}\": \"${each.value.preconfigured_events_categories != null ? join(",",setsubtract([for category in each.value.preconfigured_events_categories : lower(category)],keys(local.preconfigured_events))) : ""}\" value is invalid for \"preconfigured_events_categories\" attribute. Valid values are ${join(", ",keys(local.preconfigured_events))} (case insensitive)." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in event \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.events_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in event \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"events_configuration's\" \"default_compartment_id\" attribute." } } - compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == "TENANCY-ROOT" ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : (upper(var.events_configuration.default_compartment_id) == "TENANCY-ROOT" ? var.tenancy_ocid : var.compartments_dependency[var.events_configuration.default_compartment_id].id)) display_name = each.value.event_display_name description = each.value.event_description != null ? each.value.event_description : each.value.event_display_name condition = each.value.supplied_events != null ? jsonencode({"eventType":each.value.supplied_events,"data":local.filters[each.key]}) : jsonencode({"eventType":flatten(concat([for category in each.value.preconfigured_events_categories : local.preconfigured_events[lower(category)].conditions])),"data":local.filters[each.key]}) @@ -118,7 +129,18 @@ resource "oci_events_rule" "these" { resource "oci_ons_notification_topic" "these" { for_each = var.events_configuration["topics"] != null ? var.events_configuration["topics"] : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + lifecycle { + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.events_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"events_configuration's\" \"default_compartment_id\" attribute." + } + } + #compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : (upper(var.events_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.events_configuration.default_compartment_id].id)) name = each.value.name description = each.value.description != null ? each.value.description : each.value.name defined_tags = each.value.defined_tags != null ? each.value.defined_tags : var.events_configuration.default_defined_tags @@ -135,10 +157,19 @@ resource "oci_ons_subscription" "these" { lifecycle { precondition { condition = contains(local.subscription_protocols,upper(each.value.protocol)) - error_message = "VALIDATION FAILURE : \"${each.value.protocol}\" value is invalid for \"protocol\" attribute. Valid values are ${join(", ",local.subscription_protocols)} (case insensitive)." + error_message = "VALIDATION FAILURE in topic subscription \"${each.key}\": \"${each.value.protocol}\" value is invalid for \"protocol\" attribute. Valid values are ${join(", ",local.subscription_protocols)} (case insensitive)." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic subscription \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.events_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in topic subscription \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"events_configuration's\" \"default_compartment_id\" attribute." } } - compartment_id = each.value.compartment_id + #compartment_id = each.value.compartment_id + compartment_id = length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id) topic_id = each.value.topic_id endpoint = each.value.endpoint protocol = each.value.protocol @@ -148,7 +179,18 @@ resource "oci_ons_subscription" "these" { resource "oci_streaming_stream" "these" { for_each = var.events_configuration["streams"] != null ? var.events_configuration["streams"] : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + lifecycle { + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id != null && upper(coalesce(each.value.compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in stream \"${each.key}\": variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in attribute \"compartment_id\"." + } + precondition { + condition = var.tenancy_ocid == null && each.value.compartment_id == null && upper(coalesce(var.events_configuration.default_compartment_id,"__void__")) == local.tenancy_root_key ? false : true + error_message = "VALIDATION FAILURE in stream \"${each.key}\": as attribute \"compartment_id\" is absent, variable \"tenancy_ocid\" is required when the \"${local.tenancy_root_key}\" key word is used to reference the root compartment in \"events_configuration's\" \"default_compartment_id\" attribute." + } + } + #compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartments_dependency[each.value.compartment_id].id) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : var.compartments_dependency[var.events_configuration.default_compartment_id].id) + compartment_id = each.value.compartment_id != null ? (length(regexall("^ocid1.*$", each.value.compartment_id)) > 0 ? each.value.compartment_id : (upper(each.value.compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[each.value.compartment_id].id)) : (length(regexall("^ocid1.*$", var.events_configuration.default_compartment_id)) > 0 ? var.events_configuration.default_compartment_id : (upper(var.events_configuration.default_compartment_id) == local.tenancy_root_key ? var.tenancy_ocid : var.compartments_dependency[var.events_configuration.default_compartment_id].id)) name = each.value.name partitions = each.value.num_partitions != null ? each.value.num_partitions : 1 retention_in_hours = each.value.log_retention_in_hours != null ? each.value.log_retention_in_hours : 24 diff --git a/events/preconfigured_events.tf b/events/preconfigured_events.tf index a189380..8bc06b4 100644 --- a/events/preconfigured_events.tf +++ b/events/preconfigured_events.tf @@ -54,7 +54,7 @@ locals { "com.oraclecloud.virtualnetwork.updateinternetgateway", "com.oraclecloud.virtualnetwork.changeinternetgatewaycompartment", "com.oraclecloud.virtualnetwork.createlocalpeeringgateway", - "com.oraclecloud.virtualnetwork.deletelocalpeeringgateway", + "com.oraclecloud.virtualnetwork.deletelocalpeeringgateway.end", "com.oraclecloud.virtualnetwork.updatelocalpeeringgateway", "com.oraclecloud.virtualnetwork.changelocalpeeringgatewaycompartment", "com.oraclecloud.natgateway.createnatgateway", @@ -62,7 +62,6 @@ locals { "com.oraclecloud.natgateway.updatenatgateway", "com.oraclecloud.natgateway.changenatgatewaycompartment", "com.oraclecloud.servicegateway.createservicegateway", - "com.oraclecloud.servicegateway.deleteservicegateway.begin", "com.oraclecloud.servicegateway.deleteservicegateway.end", "com.oraclecloud.servicegateway.attachserviceid", "com.oraclecloud.servicegateway.detachserviceid", diff --git a/events/variables.tf b/events/variables.tf index 61f850b..2bf77d6 100644 --- a/events/variables.tf +++ b/events/variables.tf @@ -1,6 +1,12 @@ # Copyright (c) 2023 Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +variable "tenancy_ocid" { + description = "The tenancy OCID" + type = string + default = null +} + variable "events_configuration" { description = "Events configuration settings, defining all aspects to manage events in OCI. Please see the comments within each attribute for details." type = object({ diff --git a/release.txt b/release.txt index 7693c96..446ba66 100644 --- a/release.txt +++ b/release.txt @@ -1 +1 @@ -0.1.3 \ No newline at end of file +0.1.4 \ No newline at end of file