terraform-provider-ibm
terraform-provider-ibm copied to clipboard
Published
20 hours ago •
IBM-Cloud
IBM-Cloud
update(cloud-databases): Make Service Endpoints Required and send warning when public endpoints are in use
Community Note
- Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
- Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request
Relates OR Closes #0000
Example of Warning in terraform plan When Public Endpoints are in Use:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# ibm_database.elasticsearch will be updated in-place
~ resource "ibm_database" "elasticsearch" {
id = "crn:v1:bluemix:public:databases-for-elasticsearch:us-south:a/40ddc34a953a8c02f10987b59085b60e:678da497-8106-46ab-8823-7e60b0398afd::"
name = "omar-test-icd-elasticsearch-05-30"
~ service_endpoints = "public" -> "private"
tags = []
# (16 unchanged attributes hidden)
# (2 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
╷
│ Warning: IBM recommends using private endpoints only to improve security by restricting access to your database to the IBM Cloud private network. For more information, please refer to our security best practices, https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-manage-security-compliance.
│
│ with ibm_database.elasticsearch,
│ on main.tf line 44, in resource "ibm_database" "elasticsearch":
│ 44: resource "ibm_database" "elasticsearch" {
│
Example of Warning in terraform apply after user set service endpoints to public:
Warning: IBM recommends using private endpoints only to improve security by restricting access to your database to the IBM Cloud private network. For more information, please refer to our security best practices, https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-manage-security-compliance.
│
│ with ibm_database.elasticsearch,
│ on main.tf line 44, in resource "ibm_database" "elasticsearch":
│ 44: resource "ibm_database" "elasticsearch" {
│
╵
Example of Error when user left out service_endpoints:
╷
│ Error: Missing required argument
│
│ on main.tf line 44, in resource "ibm_database" "elasticsearch":
│ 44: resource "ibm_database" "elasticsearch" {
│
│ The argument "service_endpoints" is required, but no definition was found.
Output from acceptance testing:
$ make testacc TEST=./ibm/service/database
--- PASS: TestValidateUserPassword (0.00s)
--- PASS: TestValidateRBACRole (0.00s)
--- PASS: TestAppendSwitchoverWarning (0.00s)
--- PASS: TestPublicServiceEndpointsWarning (0.00s)
--- PASS: TestAccIBMDatabaseConnectionDataSourceBasic (647.50s)
--- PASS: TestAccIBMDatabaseInstanceEtcdImport (475.67s)
--- PASS: TestAccIBMDatabaseInstanceRedisImport (510.50s)
--- PASS: TestAccIBMDatabaseInstancePostgresImport (617.13s)
--- PASS: TestAccIBMDatabaseDataSource_basic (708.68s)
--- PASS: TestAccIBMDatabaseInstance_Redis_Basic (932.09s)
--- PASS: TestAccIBMDatabaseInstanceRabbitmqImport (372.72s)
--- PASS: TestAccIBMDatabaseInstance_Rabbitmq_Basic (1331.18s)
--- PASS: TestAccIBMDatabaseInstance_ElasticsearchPlatinum_Group (1479.86s)
--- PASS: TestAccIBMDatabaseInstanceElasticsearchPlatinumImport (3738.51s)
--- PASS: TestAccIBMDatabaseInstance_ElasticsearchPlatinum_Basic (1005.96s)
--- PASS: TestAccIBMDatabaseInstance_Etcd_Basic (5107.58s)
--- PASS: TestAccIBMMysqlDatabaseInstanceBasic (3526.58s)
--- PASS: TestAccIBMDatabaseInstanceMongodbBasic (3695.07s)
--- PASS: TestAccIBMDatabaseInstancePostgresPITR (1343.35s)
--- PASS: TestAccIBMDatabaseInstance_ElasticsearchPlatinum_Node (1772.69s)
...
