diff --git a/README.md b/README.md
index 7aff809..36f2bcb 100644
--- a/README.md
+++ b/README.md
@@ -22,6 +22,7 @@ The Event Streams service supports payload data encryption that uses a root key
* [Basic example](./examples/basic)
* [Complete example with topics and schema creation.](./examples/complete)
* [Financial Services Cloud profile example](./examples/fscloud)
+ * [Mirroring example](./examples/mirroring)
* [Contributing](#contributing)
@@ -106,7 +107,7 @@ You need the following permissions to run this module.
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
-| [ibm](#requirement\_ibm) | >= 1.70.0, <2.0.0 |
+| [ibm](#requirement\_ibm) | >= 1.71.0, <2.0.0 |
| [time](#requirement\_time) | >= 0.9.1 |
### Modules
@@ -114,18 +115,24 @@ You need the following permissions to run this module.
| Name | Source | Version |
|------|--------|---------|
| [cbr\_rule](#module\_cbr\_rule) | terraform-ibm-modules/cbr/ibm//modules/cbr-rule-module | 1.28.1 |
+| [es\_guid\_crn\_parser](#module\_es\_guid\_crn\_parser) | terraform-ibm-modules/common-utilities/ibm//modules/crn-parser | 1.1.0 |
### Resources
| Name | Type |
|------|------|
+| [ibm_event_streams_mirroring_config.es_mirroring_config](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/event_streams_mirroring_config) | resource |
| [ibm_event_streams_schema.es_schema](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/event_streams_schema) | resource |
| [ibm_event_streams_topic.es_topic](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/event_streams_topic) | resource |
+| [ibm_iam_authorization_policy.en_service_policy](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/iam_authorization_policy) | resource |
| [ibm_iam_authorization_policy.kms_policy](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/iam_authorization_policy) | resource |
+| [ibm_iam_authorization_policy.mirroring_policy](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/iam_authorization_policy) | resource |
| [ibm_resource_instance.es_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) | resource |
| [ibm_resource_key.service_credentials](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_key) | resource |
| [ibm_resource_tag.es_access_tag](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_tag) | resource |
-| [time_sleep.wait_for_authorization_policy](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
+| [time_sleep.wait_for_en_service_policy](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
+| [time_sleep.wait_for_kms_authorization_policy](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
+| [time_sleep.wait_for_mirroring_authorization_policy](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
### Inputs
@@ -140,6 +147,9 @@ You need the following permissions to run this module.
| [kms\_encryption\_enabled](#input\_kms\_encryption\_enabled) | Set this to true to control the encryption keys used to encrypt the data that you store in IBM Cloud® Databases. If set to false, the data is encrypted by using randomly generated keys. For more info on Key Protect integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-key-protect. For more info on HPCS integration, see https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-hpcs | `bool` | `false` | no |
| [kms\_key\_crn](#input\_kms\_key\_crn) | The root key CRN of the key management service (Key Protect or Hyper Protect Crypto Services) to use to encrypt the payload data. [Learn more](https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-managing_encryption) about integrating Hyper Protect Crypto Services with Event Streams. | `string` | `null` | no |
| [metrics](#input\_metrics) | Enhanced metrics to activate, as list of strings. Only allowed for enterprise plans. Allowed values: 'topic', 'partition', 'consumers'. | `list(string)` | `[]` | no |
+| [mirroring](#input\_mirroring) | Mirroring configuration | object({
source_crn = string
source_alias = string
target_alias = string
}) | `null` | no |
+| [mirroring\_enabled](#input\_mirroring\_enabled) | Set this to true to enable mirroring. Mirroring enables messages in one Event Streams service instance to be continuously copied to a second instance to increase resiliency. See https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring. | `bool` | `false` | no |
+| [mirroring\_topic\_patterns](#input\_mirroring\_topic\_patterns) | The list of the topics to set in instance. Required only if var.mirroring\_enabled is set to true. | `list(string)` | `null` | no |
| [plan](#input\_plan) | The plan for the Event Streams instance. Possible values: `lite`, `standard`, `enterprise-3nodes-2tb`. | `string` | `"standard"` | no |
| [region](#input\_region) | The region where the Event Streams are created. | `string` | `"us-south"` | no |
| [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the Event Streams instance is created. | `string` | n/a | yes |
@@ -163,6 +173,8 @@ You need the following permissions to run this module.
| [kafka\_broker\_version](#output\_kafka\_broker\_version) | The Kafka version |
| [kafka\_brokers\_sasl](#output\_kafka\_brokers\_sasl) | (Array of Strings) Kafka brokers use for interacting with Kafka native API |
| [kafka\_http\_url](#output\_kafka\_http\_url) | The API endpoint to interact with Event Streams REST API |
+| [mirroring\_config\_id](#output\_mirroring\_config\_id) | The ID of the mirroring config in CRN format |
+| [mirroring\_topic\_patterns](#output\_mirroring\_topic\_patterns) | Mirroring topic patterns |
| [service\_credentials\_json](#output\_service\_credentials\_json) | The service credentials JSON map. |
| [service\_credentials\_object](#output\_service\_credentials\_object) | The service credentials object. |
diff --git a/examples/basic/version.tf b/examples/basic/version.tf
index 9279e8c..1a06bdf 100644
--- a/examples/basic/version.tf
+++ b/examples/basic/version.tf
@@ -3,7 +3,7 @@ terraform {
required_providers {
ibm = {
source = "IBM-Cloud/ibm"
- version = "= 1.70.0"
+ version = "= 1.71.0"
}
}
}
diff --git a/examples/complete/version.tf b/examples/complete/version.tf
index 56d317d..5e41cfe 100644
--- a/examples/complete/version.tf
+++ b/examples/complete/version.tf
@@ -4,7 +4,7 @@ terraform {
# Use latest version of provider in non-basic examples to verify latest version works with module
ibm = {
source = "IBM-Cloud/ibm"
- version = ">= 1.70.0"
+ version = ">= 1.71.0"
}
}
}
diff --git a/examples/fscloud/outputs.tf b/examples/fscloud/outputs.tf
index d000e52..8e53bdb 100644
--- a/examples/fscloud/outputs.tf
+++ b/examples/fscloud/outputs.tf
@@ -43,3 +43,13 @@ output "service_credentials_object" {
value = module.event_streams.service_credentials_object
sensitive = true
}
+
+output "mirroring_config_id" {
+ description = "The ID of the mirroring config in CRN format"
+ value = module.event_streams.mirroring_config_id
+}
+
+output "mirroring_topic_patterns" {
+ description = "Mirroring topic patterns"
+ value = module.event_streams.mirroring_topic_patterns
+}
diff --git a/examples/fscloud/version.tf b/examples/fscloud/version.tf
index 29e820c..5e41cfe 100644
--- a/examples/fscloud/version.tf
+++ b/examples/fscloud/version.tf
@@ -4,7 +4,7 @@ terraform {
# Use latest version of provider in non-basic examples to verify latest version works with module
ibm = {
source = "IBM-Cloud/ibm"
- version = ">= 1.70.1"
+ version = ">= 1.71.0"
}
}
}
diff --git a/examples/mirroring/README.md b/examples/mirroring/README.md
new file mode 100644
index 0000000..8b88311
--- /dev/null
+++ b/examples/mirroring/README.md
@@ -0,0 +1,9 @@
+# Mirroring example
+
+An end-to-end example that creates an IBM Event Streams for IBM Cloud instance and a mirroring instance.
+
+This example uses the IBM Cloud Terraform provider to create the following infrastructure.
+
+- A new resource group, if one is not passed in.
+- A instance of Event Streams in the provided resource group and region.
+- A instance of Event Streams in the provided resource group and region with mirroring enabled.
diff --git a/examples/mirroring/main.tf b/examples/mirroring/main.tf
new file mode 100644
index 0000000..e30bdfe
--- /dev/null
+++ b/examples/mirroring/main.tf
@@ -0,0 +1,42 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+ source = "terraform-ibm-modules/resource-group/ibm"
+ version = "1.1.6"
+ # if an existing resource group is not set (null) create a new one using prefix
+ resource_group_name = var.resource_group == null ? "${var.prefix}-resource-group" : null
+ existing_resource_group_name = var.resource_group
+}
+
+##############################################################################
+# Events-streams-source-instance
+##############################################################################
+module "source_event_streams" {
+ source = "../../"
+ resource_group_id = module.resource_group.resource_group_id
+ es_name = "${var.prefix}-es"
+ tags = var.resource_tags
+ plan = "enterprise-3nodes-2tb"
+}
+
+##############################################################################
+# Events-streams-mirroring-instance
+##############################################################################
+
+module "event_streams_mirror" {
+ depends_on = [module.source_event_streams]
+ source = "../../"
+ resource_group_id = module.resource_group.resource_group_id
+ es_name = "${var.prefix}-mirror"
+ tags = var.resource_tags
+ plan = "enterprise-3nodes-2tb"
+ mirroring_enabled = true
+ mirroring_topic_patterns = ["topic-1", "topic-2"]
+ mirroring = {
+ source_crn = module.source_event_streams.crn
+ source_alias = "source-alias"
+ target_alias = "target-alias"
+ }
+}
diff --git a/examples/mirroring/outputs.tf b/examples/mirroring/outputs.tf
new file mode 100644
index 0000000..027984f
--- /dev/null
+++ b/examples/mirroring/outputs.tf
@@ -0,0 +1,48 @@
+##############################################################################
+# Outputs
+##############################################################################
+
+output "resource_group_name" {
+ description = "Resource group name"
+ value = module.resource_group.resource_group_name
+}
+
+output "resource_group_id" {
+ description = "Resource group ID"
+ value = module.resource_group.resource_group_id
+}
+
+output "crn" {
+ description = "Event Streams mirror instance crn"
+ value = module.event_streams_mirror.crn
+}
+
+output "guid" {
+ description = "Event Streams instance guid"
+ value = module.event_streams_mirror.guid
+}
+
+output "kafka_brokers_sasl" {
+ description = "(Array of Strings) Kafka brokers use for interacting with Kafka native API"
+ value = module.event_streams_mirror.kafka_brokers_sasl
+}
+
+output "kafka_http_url" {
+ description = "The API endpoint to interact with Event Streams REST API"
+ value = module.event_streams_mirror.kafka_http_url
+}
+
+output "kafka_broker_version" {
+ description = "The Kafka version"
+ value = module.event_streams_mirror.kafka_broker_version
+}
+
+output "mirroring_config_id" {
+ description = "The ID of the mirroring config in CRN format"
+ value = module.event_streams_mirror.mirroring_config_id
+}
+
+output "mirroring_topic_patterns" {
+ description = "Mirroring topic patterns"
+ value = module.event_streams_mirror.mirroring_topic_patterns
+}
diff --git a/examples/mirroring/provider.tf b/examples/mirroring/provider.tf
new file mode 100644
index 0000000..df45ef5
--- /dev/null
+++ b/examples/mirroring/provider.tf
@@ -0,0 +1,4 @@
+provider "ibm" {
+ ibmcloud_api_key = var.ibmcloud_api_key
+ region = var.region
+}
diff --git a/examples/mirroring/variables.tf b/examples/mirroring/variables.tf
new file mode 100644
index 0000000..3bf090e
--- /dev/null
+++ b/examples/mirroring/variables.tf
@@ -0,0 +1,29 @@
+variable "ibmcloud_api_key" {
+ type = string
+ description = "The IBM Cloud API key."
+ sensitive = true
+}
+
+variable "region" {
+ type = string
+ description = "The region where the Event Streams mirroring instance is created."
+ default = "us-south"
+}
+
+variable "prefix" {
+ type = string
+ description = "The prefix to apply to all resources created by this example."
+ default = "event-streams"
+}
+
+variable "resource_group" {
+ type = string
+ description = "An existing resource group name to use for this example. If not specified, a new resource group is created."
+ default = null
+}
+
+variable "resource_tags" {
+ type = list(string)
+ description = "The list of tags associated with the Event Steams instance."
+ default = []
+}
diff --git a/examples/mirroring/version.tf b/examples/mirroring/version.tf
new file mode 100644
index 0000000..80e3e65
--- /dev/null
+++ b/examples/mirroring/version.tf
@@ -0,0 +1,9 @@
+terraform {
+ required_version = ">= 1.3.0"
+ required_providers {
+ ibm = {
+ source = "IBM-Cloud/ibm"
+ version = ">= 1.71.0"
+ }
+ }
+}
diff --git a/main.tf b/main.tf
index 138222c..2863e9e 100644
--- a/main.tf
+++ b/main.tf
@@ -5,7 +5,7 @@
locals {
# Validation (approach based on https://github.com/hashicorp/terraform/issues/25609#issuecomment-1057614400)
# tflint-ignore: terraform_unused_declarations
- validate_kms_plan = var.kms_key_crn != null && var.plan != "enterprise-3nodes-2tb" ? tobool("kms encryption is only supported for enterprise plan") : true
+ validate_kms_plan = (var.kms_key_crn != null || var.mirroring_enabled || length(var.metrics) > 0) && var.plan != "enterprise-3nodes-2tb" ? tobool("kms encryption, mirroring and metrics are only supported for enterprise plan") : true
# tflint-ignore: terraform_unused_declarations
validate_kms_values = !var.kms_encryption_enabled && var.kms_key_crn != null ? tobool("When passing values for var.kms_key_crn, you must set var.kms_encryption_enabled to true. Otherwise unset them to use default encryption") : true
# tflint-ignore: terraform_unused_declarations
@@ -18,25 +18,20 @@ locals {
validate_storage_size_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.storage_size != 2048) ? tobool("Storage size value cannot be changed in lite and standard plan. Default value is 2048.") : true
# tflint-ignore: terraform_unused_declarations
validate_service_end_points_lite_standard = ((var.plan == "lite" || var.plan == "standard") && var.service_endpoints != "public") ? tobool("Service endpoint cannot be changed in lite and standard plan. Default is public.") : true
+ # tflint-ignore: terraform_unused_declarations
+ validate_mirroring_values = !var.mirroring_enabled && (var.mirroring != null || var.mirroring_topic_patterns != null) ? tobool("When passing values for var.mirroring_topic_patterns/mirroring, you must set var.mirroring_enabled to true.") : true
+ # tflint-ignore: terraform_unused_declarations
+ validate_mirroring_vars = var.mirroring_enabled && (var.mirroring == null || var.mirroring_topic_patterns == null) ? tobool("When setting var.mirroring_enabled to true, values must be passed for var.mirroring_topic_patterns and var.mirroring") : true
# Determine what KMS service is being used for database encryption
kms_service = var.kms_key_crn != null ? (
can(regex(".*kms.*", var.kms_key_crn)) ? "kms" : (
can(regex(".*hs-crypto.*", var.kms_key_crn)) ? "hs-crypto" : null
)
) : null
- # tflint-ignore: terraform_unused_declarations
- validate_metrics = var.plan != "enterprise-3nodes-2tb" && length(var.metrics) > 0 ? tobool("metrics are only supported for enterprise plan") : true
-}
-
-# workaround for https://github.com/IBM-Cloud/terraform-provider-ibm/issues/4478
-resource "time_sleep" "wait_for_authorization_policy" {
- depends_on = [ibm_iam_authorization_policy.kms_policy]
-
- create_duration = "30s"
}
resource "ibm_resource_instance" "es_instance" {
- depends_on = [time_sleep.wait_for_authorization_policy]
+ depends_on = [time_sleep.wait_for_kms_authorization_policy, time_sleep.wait_for_es_service_policy]
name = var.es_name
service = "messagehub"
plan = var.plan
@@ -49,13 +44,11 @@ resource "ibm_resource_instance" "es_instance" {
delete = var.delete_timeout
}
- parameters_json = var.plan != "enterprise-3nodes-2tb" ? null : var.kms_key_crn != null ? jsonencode(
+ parameters_json = var.plan != "enterprise-3nodes-2tb" ? jsonencode(
{
service-endpoints = var.service_endpoints
throughput = tostring(var.throughput)
storage_size = tostring(var.storage_size)
- metrics = var.metrics
- kms_key_crn = var.kms_key_crn
}
) : jsonencode(
{
@@ -63,6 +56,8 @@ resource "ibm_resource_instance" "es_instance" {
throughput = tostring(var.throughput)
storage_size = tostring(var.storage_size)
metrics = var.metrics
+ kms_key_crn = var.kms_key_crn
+ mirroring = var.mirroring
}
)
}
@@ -101,7 +96,7 @@ resource "ibm_resource_tag" "es_access_tag" {
}
##############################################################################
-# IAM Authorization Policy
+# IAM Authorization Polices
##############################################################################
# Create IAM Authorization Policies to allow messagehub to access kms for the encryption key
@@ -115,6 +110,57 @@ resource "ibm_iam_authorization_policy" "kms_policy" {
description = "Allow all Event Streams instances in the resource group ${var.resource_group_id} to read from the ${local.kms_service} instance GUID ${var.existing_kms_instance_guid}"
}
+# workaround for https://github.com/IBM-Cloud/terraform-provider-ibm/issues/4478
+resource "time_sleep" "wait_for_kms_authorization_policy" {
+ count = var.kms_encryption_enabled == false || var.skip_iam_authorization_policy ? 0 : 1
+ depends_on = [ibm_iam_authorization_policy.kms_policy]
+
+ create_duration = "30s"
+}
+
+# Create s2s at service level for provisioning mirroring instance
+resource "ibm_iam_authorization_policy" "es_service_policy" {
+ count = var.mirroring_enabled ? 1 : 0
+ source_service_name = "messagehub"
+ target_service_name = "messagehub"
+ roles = ["Reader"]
+ description = "Required for provisioning mirroring instance."
+}
+
+# workaround for https://github.com/IBM-Cloud/terraform-provider-ibm/issues/4478
+resource "time_sleep" "wait_for_es_service_policy" {
+ depends_on = [ibm_iam_authorization_policy.es_service_policy]
+
+ create_duration = "30s"
+}
+
+# Parse GUID from source ES instance
+module "es_guid_crn_parser" {
+ count = var.mirroring_enabled ? 1 : 0
+ source = "terraform-ibm-modules/common-utilities/ibm//modules/crn-parser"
+ version = "1.1.0"
+ crn = var.mirroring.source_crn
+}
+
+# Create IAM Authorization Policies to allow mirroring EN instance to access source EN instance
+resource "ibm_iam_authorization_policy" "mirroring_policy" {
+ depends_on = [ibm_resource_instance.es_instance]
+ count = var.mirroring_enabled ? 1 : 0
+ source_service_name = "messagehub"
+ source_resource_instance_id = ibm_resource_instance.es_instance.guid
+ target_service_name = "messagehub"
+ target_resource_instance_id = module.es_guid_crn_parser[0].service_instance
+ roles = ["Reader"]
+ description = "Allow an Event Streams mirroring instance ${ibm_resource_instance.es_instance.guid} to read from the source Event Streams instance ${module.es_guid_crn_parser[0].service_instance}."
+}
+
+# workaround for https://github.com/IBM-Cloud/terraform-provider-ibm/issues/4478
+resource "time_sleep" "wait_for_mirroring_authorization_policy" {
+ depends_on = [ibm_iam_authorization_policy.mirroring_policy]
+
+ create_duration = "30s"
+}
+
##############################################################################
# Context Based Restrictions
##############################################################################
@@ -166,3 +212,10 @@ locals {
}
} : null
}
+
+resource "ibm_event_streams_mirroring_config" "es_mirroring_config" {
+ depends_on = [ibm_resource_instance.es_instance, time_sleep.wait_for_mirroring_authorization_policy]
+ count = var.mirroring_enabled ? 1 : 0
+ resource_instance_id = ibm_resource_instance.es_instance.id
+ mirroring_topic_patterns = var.mirroring_topic_patterns
+}
diff --git a/modules/fscloud/README.md b/modules/fscloud/README.md
index 7605bc2..0f23091 100644
--- a/modules/fscloud/README.md
+++ b/modules/fscloud/README.md
@@ -10,7 +10,7 @@ The default values in this profile were scanned by [IBM Code Risk Analyzer (CRA)
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
-| [ibm](#requirement\_ibm) | >= 1.70.0, <2.0.0 |
+| [ibm](#requirement\_ibm) | >= 1.71.0, <2.0.0 |
### Modules
@@ -32,6 +32,9 @@ No resources.
| [existing\_kms\_instance\_guid](#input\_existing\_kms\_instance\_guid) | The GUID of the Hyper Protect Crypto service in which the key specified in var.kms\_key\_crn is coming from | `string` | n/a | yes |
| [kms\_key\_crn](#input\_kms\_key\_crn) | The root key CRN of the key management service (Key Protect or Hyper Protect Crypto Services) to use to encrypt the payload data. | `string` | n/a | yes |
| [metrics](#input\_metrics) | Enhanced metrics to activate, as list of strings. Allowed values: 'topic', 'partition', 'consumers'. | `list(string)` | `[]` | no |
+| [mirroring](#input\_mirroring) | Mirroring configuration | object({
source_crn = string
source_alias = string
target_alias = string
}) | `null` | no |
+| [mirroring\_enabled](#input\_mirroring\_enabled) | Set this to true to enable mirroring. Mirroring enables messages in one Event Streams service instance to be continuously copied to a second instance to increase resiliency. See https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring. | `bool` | `false` | no |
+| [mirroring\_topic\_patterns](#input\_mirroring\_topic\_patterns) | The list of the topics to set in instance. Required only if var.mirroring\_enabled is set to true. | `list(string)` | `null` | no |
| [region](#input\_region) | The region where the Event Streams are created. | `string` | `"us-south"` | no |
| [resource\_group\_id](#input\_resource\_group\_id) | The resource group ID where the Event Streams instance is created. | `string` | n/a | yes |
| [schemas](#input\_schemas) | The list of schema objects. Include the `schema_id` and the `type` and `name` of the schema in the `schema` object. | list(object(
{
schema_id = string
schema = object({
type = string
name = string
fields = optional(list(object({
name = string
type = string
})))
})
}
))
| `[]` | no |
@@ -49,6 +52,8 @@ No resources.
| [kafka\_broker\_version](#output\_kafka\_broker\_version) | The Kafka version |
| [kafka\_brokers\_sasl](#output\_kafka\_brokers\_sasl) | (Array of Strings) Kafka brokers use for interacting with Kafka native API |
| [kafka\_http\_url](#output\_kafka\_http\_url) | The API endpoint to interact with Event Streams REST API |
+| [mirroring\_config\_id](#output\_mirroring\_config\_id) | The ID of the mirroring config in CRN format |
+| [mirroring\_topic\_patterns](#output\_mirroring\_topic\_patterns) | Mirroring topic patterns |
| [service\_credentials\_json](#output\_service\_credentials\_json) | Service credentials json map |
| [service\_credentials\_object](#output\_service\_credentials\_object) | Service credentials object |
diff --git a/modules/fscloud/main.tf b/modules/fscloud/main.tf
index fb58a44..0aa315b 100644
--- a/modules/fscloud/main.tf
+++ b/modules/fscloud/main.tf
@@ -15,5 +15,7 @@ module "event_streams" {
service_credential_names = var.service_credential_names
metrics = var.metrics
kms_encryption_enabled = true
-
+ mirroring_enabled = var.mirroring_enabled
+ mirroring_topic_patterns = var.mirroring_topic_patterns
+ mirroring = var.mirroring
}
diff --git a/modules/fscloud/outputs.tf b/modules/fscloud/outputs.tf
index 30f9379..034776a 100644
--- a/modules/fscloud/outputs.tf
+++ b/modules/fscloud/outputs.tf
@@ -43,3 +43,13 @@ output "service_credentials_object" {
value = module.event_streams.service_credentials_object
sensitive = true
}
+
+output "mirroring_config_id" {
+ description = "The ID of the mirroring config in CRN format"
+ value = module.event_streams.mirroring_config_id
+}
+
+output "mirroring_topic_patterns" {
+ description = "Mirroring topic patterns"
+ value = module.event_streams.mirroring_topic_patterns
+}
diff --git a/modules/fscloud/variables.tf b/modules/fscloud/variables.tf
index 1be0c4b..9400725 100644
--- a/modules/fscloud/variables.tf
+++ b/modules/fscloud/variables.tf
@@ -99,3 +99,29 @@ variable "metrics" {
description = "Enhanced metrics to activate, as list of strings. Allowed values: 'topic', 'partition', 'consumers'."
default = []
}
+
+##############################################################
+# Mirroring
+##############################################################
+
+variable "mirroring_enabled" {
+ type = bool
+ description = "Set this to true to enable mirroring. Mirroring enables messages in one Event Streams service instance to be continuously copied to a second instance to increase resiliency. See https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring."
+ default = false
+}
+
+variable "mirroring_topic_patterns" {
+ type = list(string)
+ description = "The list of the topics to set in instance. Required only if var.mirroring_enabled is set to true."
+ default = null
+}
+
+variable "mirroring" {
+ description = "Mirroring configuration"
+ type = object({
+ source_crn = string
+ source_alias = string
+ target_alias = string
+ })
+ default = null
+}
diff --git a/modules/fscloud/version.tf b/modules/fscloud/version.tf
index 5383f9a..bc2af96 100644
--- a/modules/fscloud/version.tf
+++ b/modules/fscloud/version.tf
@@ -7,7 +7,7 @@ terraform {
# tflint-ignore: terraform_unused_required_providers
ibm = {
source = "IBM-Cloud/ibm"
- version = ">= 1.70.0, <2.0.0"
+ version = ">= 1.71.0, <2.0.0"
}
}
}
diff --git a/outputs.tf b/outputs.tf
index 2c86136..9606034 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -4,7 +4,7 @@
output "id" {
description = "Event Streams instance id"
- value = ibm_resource_instance.es_instance.id
+ value = ibm_resource_instance.es_instance
}
output "crn" {
@@ -43,3 +43,13 @@ output "service_credentials_object" {
value = local.service_credentials_object
sensitive = true
}
+
+output "mirroring_config_id" {
+ description = "The ID of the mirroring config in CRN format"
+ value = var.mirroring_enabled ? ibm_event_streams_mirroring_config.es_mirroring_config[0].id : null
+}
+
+output "mirroring_topic_patterns" {
+ description = "Mirroring topic patterns"
+ value = var.mirroring_enabled ? ibm_event_streams_mirroring_config.es_mirroring_config[0].mirroring_topic_patterns : null
+}
diff --git a/tests/pr_test.go b/tests/pr_test.go
index 5edb5b5..68a13a3 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -13,6 +13,7 @@ import (
const completeExampleTerraformDir = "examples/complete"
const quickstartSolutionTerraformDir = "solutions/quickstart"
+const mirroringExampleTerraformDir = "examples/mirroring"
// Use existing group for tests
const resourceGroup = "geretain-test-event-streams"
@@ -80,3 +81,13 @@ func TestRunQuickstartSolution(t *testing.T) {
assert.Nil(t, err, "This should not have errored")
assert.NotNil(t, output, "Expected some output")
}
+
+func TestRunMirroringExample(t *testing.T) {
+ t.Parallel()
+
+ options := setupOptions(t, "es-mirror", mirroringExampleTerraformDir)
+
+ output, err := options.RunTestConsistency()
+ assert.Nil(t, err, "This should not have errored")
+ assert.NotNil(t, output, "Expected some output")
+}
diff --git a/variables.tf b/variables.tf
index 1e5c64d..01e81f9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -201,3 +201,25 @@ variable "metrics" {
}
default = []
}
+
+variable "mirroring_enabled" {
+ type = bool
+ description = "Set this to true to enable mirroring. Mirroring enables messages in one Event Streams service instance to be continuously copied to a second instance to increase resiliency. See https://cloud.ibm.com/docs/EventStreams?topic=EventStreams-mirroring."
+ default = false
+}
+
+variable "mirroring_topic_patterns" {
+ type = list(string)
+ description = "The list of the topics to set in instance. Required only if var.mirroring_enabled is set to true."
+ default = null
+}
+
+variable "mirroring" {
+ description = "Mirroring configuration"
+ type = object({
+ source_crn = string
+ source_alias = string
+ target_alias = string
+ })
+ default = null
+}
diff --git a/version.tf b/version.tf
index e8ac7f0..ae953f3 100644
--- a/version.tf
+++ b/version.tf
@@ -4,7 +4,7 @@ terraform {
# Use "greater than or equal to" range in modules
ibm = {
source = "IBM-Cloud/ibm"
- version = ">= 1.70.0, <2.0.0"
+ version = ">= 1.71.0, <2.0.0"
}
time = {
source = "hashicorp/time"