generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmain.tf
73 lines (66 loc) · 2.9 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
########################################################################
# IBM Cloud Metric Routing
#########################################################################
# metric routing to cloud monitoring s2s auth policy
resource "ibm_iam_authorization_policy" "metrics_router_cloud_monitoring" {
for_each = { for target in var.metrics_router_targets : target.target_name => target if !target.skip_mrouter_sysdig_iam_auth_policy }
source_service_name = "metrics-router"
target_service_name = "sysdig-monitor"
target_resource_instance_id = regex(".*:(.*)::", each.value.destination_crn)[0]
roles = ["Supertenant Metrics Publisher"]
description = "Permit metrics routing service Supertenant Metrics Publisher access to Cloud Monitoring instance ${each.value.destination_crn}"
}
resource "time_sleep" "wait_for_cloud_monitoring_auth_policy" {
depends_on = [ibm_iam_authorization_policy.metrics_router_cloud_monitoring]
create_duration = "30s"
}
resource "ibm_metrics_router_target" "metrics_router_targets" {
depends_on = [time_sleep.wait_for_cloud_monitoring_auth_policy]
for_each = { for target in var.metrics_router_targets : target.target_name => target }
destination_crn = each.value.destination_crn
name = each.key
region = each.value.target_region
}
resource "ibm_metrics_router_route" "metrics_router_routes" {
for_each = { for route in var.metrics_router_routes : route.name => route }
name = each.key
dynamic "rules" {
for_each = each.value.rules
content {
action = rules.value.action
dynamic "targets" {
for_each = length(rules.value.targets) > 0 ? rules.value.targets : []
content {
id = targets.value.id
}
}
dynamic "inclusion_filters" {
for_each = rules.value.inclusion_filters
content {
operand = inclusion_filters.value.operand
operator = inclusion_filters.value.operator
values = inclusion_filters.value.values
}
}
}
}
}
########################################################################
# Metrics Routing Global Settings
#########################################################################
resource "ibm_metrics_router_settings" "metrics_router_settings" {
count = length(var.metrics_router_settings == null ? [] : [1])
dynamic "default_targets" {
for_each = var.metrics_router_settings.default_targets
content {
id = default_targets.value.id
}
}
permitted_target_regions = var.metrics_router_settings.permitted_target_regions
primary_metadata_region = var.metrics_router_settings.primary_metadata_region
backup_metadata_region = var.metrics_router_settings.backup_metadata_region
private_api_endpoint_only = var.metrics_router_settings.private_api_endpoint_only
lifecycle {
create_before_destroy = true
}
}