Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update(cloud-databases): Make Service Endpoints Required and send warning when public endpoints are in use #5402

Merged
merged 9 commits into from
Sep 12, 2024
Merged

update(cloud-databases): Make Service Endpoints Required and send warning when public endpoints are in use #5402

merged 9 commits into from
Sep 12, 2024

Conversation

omaraibrahim
Copy link
Collaborator

@omaraibrahim omaraibrahim commented May 31, 2024
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Relates OR Closes #0000

Example of Warning in terraform plan When Public Endpoints are in Use:

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # ibm_database.elasticsearch will be updated in-place
  ~ resource "ibm_database" "elasticsearch" {
        id                      = "crn:v1:bluemix:public:databases-for-elasticsearch:us-south:a/40ddc34a953a8c02f10987b59085b60e:678da497-8106-46ab-8823-7e60b0398afd::"
        name                    = "omar-test-icd-elasticsearch-05-30"
      ~ service_endpoints       = "public" -> "private"
        tags                    = []
        # (16 unchanged attributes hidden)

        # (2 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
╷
│ Warning: IBM recommends using private endpoints only to improve security by restricting access to your database to the IBM Cloud private network. For more information, please refer to our security best practices, https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-manage-security-compliance.
│ 
│   with ibm_database.elasticsearch,
│   on main.tf line 44, in resource "ibm_database" "elasticsearch":
│   44: resource "ibm_database" "elasticsearch" {
│

Example of Warning in terraform apply after user set service endpoints to public:

 Warning: IBM recommends using private endpoints only to improve security by restricting access to your database to the IBM Cloud private network. For more information, please refer to our security best practices, https://cloud.ibm.com/docs/cloud-databases?topic=cloud-databases-manage-security-compliance.
│ 
│   with ibm_database.elasticsearch,
│   on main.tf line 44, in resource "ibm_database" "elasticsearch":
│   44: resource "ibm_database" "elasticsearch" {
│ 
╵

Example of Error when user left out service_endpoints:

╷
│ Error: Missing required argument
│ 
│   on main.tf line 44, in resource "ibm_database" "elasticsearch":
│   44: resource "ibm_database" "elasticsearch" {
│ 
│ The argument "service_endpoints" is required, but no definition was found.

Output from acceptance testing:

$ make testacc TEST=./ibm/service/database
--- PASS: TestValidateUserPassword (0.00s)
--- PASS: TestValidateRBACRole (0.00s)
--- PASS: TestAppendSwitchoverWarning (0.00s)
--- PASS: TestPublicServiceEndpointsWarning (0.00s)
--- PASS: TestAccIBMDatabaseConnectionDataSourceBasic (647.50s)
--- PASS: TestAccIBMDatabaseInstanceEtcdImport (475.67s)
--- PASS: TestAccIBMDatabaseInstanceRedisImport (510.50s)
--- PASS: TestAccIBMDatabaseInstancePostgresImport (617.13s)
--- PASS: TestAccIBMDatabaseDataSource_basic (708.68s)
--- PASS: TestAccIBMDatabaseInstance_Redis_Basic (932.09s)
--- PASS: TestAccIBMDatabaseInstanceRabbitmqImport (372.72s)
--- PASS: TestAccIBMDatabaseInstance_Rabbitmq_Basic (1331.18s)
--- PASS: TestAccIBMDatabaseInstance_ElasticsearchPlatinum_Group (1479.86s)
--- PASS: TestAccIBMDatabaseInstanceElasticsearchPlatinumImport (3738.51s)
--- PASS: TestAccIBMDatabaseInstance_ElasticsearchPlatinum_Basic (1005.96s)
--- PASS: TestAccIBMDatabaseInstance_Etcd_Basic (5107.58s)
--- PASS: TestAccIBMMysqlDatabaseInstanceBasic (3526.58s)
--- PASS: TestAccIBMDatabaseInstanceMongodbBasic (3695.07s)
--- PASS: TestAccIBMDatabaseInstancePostgresPITR (1343.35s)
--- PASS: TestAccIBMDatabaseInstance_ElasticsearchPlatinum_Node (1772.69s)
...

make testacc TEST=./ibm/service/database TESTARGS='-run=TestAccIBMDatabaseInstance_Rabbitmq_Basic'
--- PASS: TestAccIBMDatabaseInstance_Rabbitmq_Basic (649.87s)
PASS
ok  	github.com/IBM-Cloud/terraform-provider-ibm/ibm/service/database	651.479s

make testacc TEST=./ibm/service/database TESTARGS='-run=TestAccIBMDatabaseInstance_Elasticsearch_Basic'
--- PASS: TestAccIBMDatabaseInstance_Elasticsearch_Basic (1359.22s)
PASS
ok  	github.com/IBM-Cloud/terraform-provider-ibm/ibm/service/database	1360.896s

make testacc TEST=./ibm/service/database TESTARGS='-run=TestAccIBMDatabaseInstanceMongodbBasic'
--- PASS: TestAccIBMDatabaseInstanceMongodbBasic (782.25s)
PASS
ok  	github.com/IBM-Cloud/terraform-provider-ibm/ibm/service/database	783.853s

make testacc TEST=./ibm/service/database TESTARGS='-run=TestAccIBMDatabaseInstance_Redis_Basic'
--- PASS: TestAccIBMDatabaseInstance_Redis_Basic (686.74s)
PASS
ok  	github.com/IBM-Cloud/terraform-provider-ibm/ibm/service/database	688.063s

make testacc TEST=./ibm/service/database TESTARGS='-run=TestAccIBMMysqlDatabaseInstanceBasic'
--- PASS: TestAccIBMMysqlDatabaseInstanceBasic (841.64s)
PASS
ok  	github.com/IBM-Cloud/terraform-provider-ibm/ibm/service/database	843.264s

@omaraibrahim omaraibrahim marked this pull request as ready for review June 12, 2024 16:03
@omaraibrahim omaraibrahim reopened this Aug 19, 2024
alexhemard
alexhemard approved these changes Sep 12, 2024
View reviewed changes
Copy link
Collaborator

@alexhemard alexhemard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@omaraibrahim omaraibrahim merged commit d04d432 into master Sep 12, 2024
1 check passed
srikant-sahu pushed a commit to srikant-sahu/terraform-provider-ibm that referenced this pull request Sep 24, 2024
@omaraibrahim
update(cloud-databases): Make Service Endpoints Required and send war…
a5fecff 
…ning when public endpoints are in use (IBM-Cloud#5402)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexhemard alexhemard alexhemard approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@omaraibrahim @alexhemard