-yellowgreen?style=plastic){kind=icon}
Create an App Configuration instance and optionally allows for multiple App Configuration Collections to be created.
module "app_config" {
source = "terraform-ibm-modules/app-configuration/ibm"
version = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
resource_group_id = "65xxxxxxxxxxxxxxxa3fd"
region = "us-south"
app_config_name = "my-app-config-name"
app_config_plan = "lite"
app_config_service_endpoints = "public"
app_config_tags = ["list", "of", "tags"]
app_config_collections = [
{
name = "my-app-config-collection-name",
collection_id = "my-app-config-collection-id",
description = "Collection for app config instance",
tags = "tag for collection"
},
{
name = "second-collection-name",
collection_id = "second-collection-id",
description = "Another Collection for app config instance",
tags = "another tag"
}
]
}You need the following permissions to run this module.
- Account Management
- All Resource Groups service
Viewerplatform access
- IAM Services
- App Configuration service
Administratorplatform accessManagerservice access
- App Configuration service
- All Resource Groups service
For more information on access and permissions, see https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions#apprapp-roles
| Name | Version |
|---|---|
| terraform | >= 1.9.0 |
| ibm | >= 1.76.1, < 2.0.0 |
| Name | Source | Version |
|---|---|---|
| cbr_rule | terraform-ibm-modules/cbr/ibm//modules/cbr-rule-module | 1.28.0 |
| config_aggregator_trusted_profile | terraform-ibm-modules/trusted-profile/ibm | 2.1.1 |
| config_aggregator_trusted_profile_enterprise | terraform-ibm-modules/trusted-profile/ibm | 2.1.1 |
| config_aggregator_trusted_profile_template | terraform-ibm-modules/trusted-profile/ibm//modules/trusted-profile-template | 2.2.0 |
| Name | Type |
|---|---|
| ibm_app_config_collection.collections | resource |
| ibm_config_aggregator_settings.config_aggregator_settings | resource |
| ibm_iam_custom_role.template_assignment_reader | resource |
| ibm_resource_instance.app_config | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app_config_collections | A list of collections to be added to the App Configuration instance | list(object({ |
[] |
no |
| app_config_name | Name for the App Configuration service instance | string |
n/a | yes |
| app_config_plan | Plan for the App Configuration service instance, valid plans are lite, standardv2, and enterprise. | string |
"lite" |
no |
| app_config_service_endpoints | Service Endpoints for the App Configuration service instance, valid endpoints are public or public-and-private. | string |
"public-and-private" |
no |
| app_config_tags | Optional list of tags to be added to the App Config instance. | list(string) |
[] |
no |
| cbr_rules | The list of context-based restriction rules to create. | list(object({ |
[] |
no |
| config_aggregator_enterprise_account_group_ids_to_assign | A list of enterprise account group IDs to assign the trusted profile template to in order for the accounts to be scanned. Supports passing the string 'all' in the list to assign to all account groups. Only applies if enable_config_aggregator is true and a value is being passed for config_aggregator_enterprise_id. |
list(string) |
[ |
no |
| config_aggregator_enterprise_id | If the account is an enterprise account, this value should be set to the enterprise ID (NOTE: This is different to the account ID). | string |
null |
no |
| config_aggregator_enterprise_trusted_profile_name | The name to give the enterprise viewer trusted profile with that will be created if enable_config_aggregator is set to true and a value is passed for config_aggregator_enterprise_id. |
string |
"config-aggregator-enterprise-trusted-profile" |
no |
| config_aggregator_enterprise_trusted_profile_template_name | The name to give the trusted profile template that will be created if enable_config_aggregator is set to true and a value is passed for config_aggregator_enterprise_id. |
string |
"config-aggregator-trusted-profile-template" |
no |
| config_aggregator_resource_collection_regions | From which region do you want to collect configuration data? Only applies if enable_config_aggregator is set to true. |
list(string) |
[ |
no |
| config_aggregator_trusted_profile_name | The name to give the trusted profile that will be created if enable_config_aggregator is set to true. |
string |
"config-aggregator-trusted-profile" |
no |
| enable_config_aggregator | Set to true to enable configuration aggregator. By setting to true a trusted profile will be created with the required access to record configuration data from all resources across regions in your account. Learn more. | bool |
false |
no |
| region | The region to provision the App Configuration service, valid regions are us-south, us-east, eu-gb, and au-syd. | string |
"us-south" |
no |
| resource_group_id | The resource group ID where resources will be provisioned. | string |
n/a | yes |
| Name | Description |
|---|---|
| app_config_account_id | Account ID of the App Configuration instance |
| app_config_collection_ids | List of IDs for the collections in the App Configuration instance |
| app_config_crn | CRN of the App Configuration instance |
| app_config_guid | GUID of the App Configuration instance |
| app_config_id | ID of the App Configuration instance |
| config_aggregator_enterprise_trusted_profile_id | ID of the config aggregator trusted profile for enterprise access |
| config_aggregator_enterprise_trusted_profile_template_id | ID of the config aggregator trusted profile enterprise template ID |
| config_aggregator_trusted_profile_id | ID of the config aggregator trusted profile |
You can report issues and request features for this module in GitHub issues in the module repo. See Report an issue or request a feature.
To set up your local development environment, see Local development setup in the project documentation.