chore: Update module for CF org and space setup

released/modules/btp-cf/btp-cf-env-instance/btp_env_cf.tf

@@ -84,3 +84,5 @@ resource "cloudfoundry_org_role" "billing_role" {
   type     = "organization_auditor"
   org      = btp_subaccount_environment_instance.cf.platform_id
 }
+
+

released/modules/btp-cf/btp-cf-org-space/README.md

@@ -0,0 +1,14 @@
+# Module: modules - btp cloudfoundry org and space setup
+
+## Overview
+
+This module performs the following tasks:
+- Creates a Cloud Foundry environment instance in a subaccount.
+- Assigns users to the newly created Cloud Foundry environment (CF org).
+- Creates a space in the newly created Cloud Foundry org.
+- Assigns users to the newly created space.
+
+## Prerequisites
+
+The following requirements must be met before using this module:
+- The subaccount must be entitled to the `cloudfoundry` service with the desired plan. The default plan is `standard`.

released/modules/btp-cf/btp-cf-org-space/btp_cf_org_space.tf

@@ -0,0 +1,134 @@
+# ------------------------------------------------------------------------------------------------------
+# Define the required providers for this module
+# ------------------------------------------------------------------------------------------------------
+terraform {
+  required_providers {
+    btp = {
+      source  = "sap/btp"
+      version = "~> 1.4.0"
+    }
+    cloudfoundry = {
+      source  = "SAP/cloudfoundry"
+      version = "0.2.1-beta"
+    }
+  }
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Fetch all available environments for the subaccount
+# ------------------------------------------------------------------------------------------------------
+data "btp_subaccount_environments" "all" {
+  subaccount_id = var.subaccount_id
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Take the landscape label from the first CF environment if no environment label is provided
+# ------------------------------------------------------------------------------------------------------
+resource "null_resource" "cache_target_environment" {
+  triggers = {
+    label = length(var.environment_label) > 0 ? var.environment_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label
+  }
+
+  lifecycle {
+    ignore_changes = all
+  }
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Create the Cloud Foundry environment instance
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount_environment_instance" "cf" {
+  subaccount_id    = var.subaccount_id
+  name             = var.instance_name
+  environment_type = "cloudfoundry"
+  service_name     = "cloudfoundry"
+  plan_name        = var.plan_name
+  landscape_label  = null_resource.cache_target_environment.triggers.label
+  parameters = jsonencode({
+    instance_name = var.cf_org_name
+  })
+  timeouts = {
+    create = "1h"
+    update = "35m"
+    delete = "30m"
+  }
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Create the Cloud Foundry org users
+# ------------------------------------------------------------------------------------------------------
+resource "cloudfoundry_org_role" "org_role" {
+  for_each   = var.cf_org_admins
+  username   = each.value
+  type       = "organization_user"
+  org        = btp_subaccount_environment_instance.cf.platform_id
+  origin     = var.origin
+  depends_on = [btp_subaccount_environment_instance.cf]
+}
+
+resource "cloudfoundry_org_role" "manager_role" {
+  for_each   = var.cf_org_admins
+  username   = each.value
+  type       = "organization_manager"
+  org        = btp_subaccount_environment_instance.cf.platform_id
+  origin     = var.origin
+  depends_on = [cloudfoundry_org_role.org_role]
+}
+
+resource "cloudfoundry_org_role" "auditor_role" {
+  for_each = var.cf_org_auditors
+  username = each.value
+  type     = "organization_auditor"
+  org      = btp_subaccount_environment_instance.cf.platform_id
+}
+
+resource "cloudfoundry_org_role" "billing_role" {
+  for_each = var.cf_org_billing_managers
+  username = each.value
+  type     = "organization_auditor"
+  org      = btp_subaccount_environment_instance.cf.platform_id
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Create the Cloud Foundry space
+# ------------------------------------------------------------------------------------------------------
+resource "cloudfoundry_space" "space" {
+  depends_on = [btp_subaccount_environment_instance.cf]
+  name       = var.space_name
+  org        = btp_subaccount_environment_instance.cf.platform_id
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Create the CF users
+# ------------------------------------------------------------------------------------------------------
+resource "cloudfoundry_space_role" "manager" {
+  for_each   = var.cf_space_managers
+  username   = each.value
+  type       = "space_manager"
+  space      = cloudfoundry_space.space.id
+  origin     = var.origin
+  depends_on = [cloudfoundry_org_role.manager_role]
+}
+
+
+resource "cloudfoundry_space_role" "developer" {
+  for_each   = var.cf_space_developers
+  username   = each.value
+  type       = "space_developer"
+  space      = cloudfoundry_space.space.id
+  origin     = var.origin
+  depends_on = [cloudfoundry_org_role.manager_role]
+}
+
+resource "cloudfoundry_space_role" "auditor" {
+  for_each   = var.cf_space_auditors
+  username   = each.value
+  type       = "space_auditor"
+  space      = cloudfoundry_space.space.id
+  origin     = var.origin
+  depends_on = [cloudfoundry_org_role.manager_role]
+}
+
+
+
+

released/modules/btp-cf/btp-cf-org-space/btp_cf_org_space_outputs.tf

@@ -0,0 +1,14 @@
+output "cf_env_instance_id" {
+  value       = btp_subaccount_environment_instance.cf.id
+  description = "ID of the Cloud Foundry environment instance."
+}
+
+output "cf_org_id" {
+  value       = btp_subaccount_environment_instance.cf.platform_id
+  description = "ID of the Cloud Foundry org."
+}
+
+output "cf_api_endpoint" {
+  value       = lookup(jsondecode(btp_subaccount_environment_instance.cf.labels), "API Endpoint", "not found")
+  description = "API endpoint of the Cloud Foundry environment."
+}

released/modules/btp-cf/btp-cf-org-space/btp_cf_org_space_variables.tf

@@ -0,0 +1,88 @@
+variable "instance_name" {
+  type        = string
+  description = "Name of the Cloud Foundry environment instance."
+  validation {
+    condition     = can(regex("^[a-zA-Z0-9_\\-\\.]{1,32}$", var.instance_name))
+    error_message = "Please provide a valid instance name (^[a-zA-Z0-9_\\-\\.]{1,32})."
+  }
+}
+
+variable "subaccount_id" {
+  type        = string
+  description = "ID of the subaccount where the Cloud Foundry environment shall be enabled."
+}
+
+variable "plan_name" {
+  type        = string
+  description = "Desired service plan for the Cloud Foundry environment instance."
+  default     = "standard"
+}
+
+variable "environment_label" {
+  type        = string
+  description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available."
+  default     = ""
+}
+
+variable "cf_org_name" {
+  type        = string
+  description = "Name of the Cloud Foundry org."
+
+  validation {
+    condition     = can(regex("^.{1,255}$", var.cf_org_name))
+    error_message = "The Cloud Foundry org name must not be emtpy and not exceed 255 characters."
+  }
+}
+
+variable "cf_org_admins" {
+  type        = set(string)
+  description = "Defines the colleagues who are added to the Cloud Foundry organization as users."
+}
+
+variable "cf_org_managers" {
+  type        = set(string)
+  description = "List of Cloud Foundry org managers."
+}
+
+variable "cf_org_billing_managers" {
+  type        = set(string)
+  description = "List of Cloud Foundry org billing managers."
+}
+
+variable "cf_org_auditors" {
+  type        = set(string)
+  description = "List of Cloud Foundry org auditors."
+}
+
+variable "cf_org_id" {
+  type        = string
+  description = "The ID of the Cloud Foundry org."
+}
+
+variable "origin" {
+  type        = string
+  description = "The identity provider for the UAA user"
+}
+variable "space_name" {
+  type        = string
+  description = "The name of the Cloud Foundry space."
+  default     = "dev"
+}
+
+variable "cf_space_managers" {
+  type        = set(string)
+  description = "The list of Cloud Foundry space managers."
+  default     = []
+}
+
+variable "cf_space_developers" {
+  type        = set(string)
+  description = "The list of Cloud Foundry space developers."
+  default     = []
+}
+
+variable "cf_space_auditors" {
+  type        = set(string)
+  description = "The list of Cloud Foundry space auditors."
+  default     = []
+}

released/usecases/multi_provider_setup/main.tf

@@ -21,31 +21,23 @@ resource "btp_subaccount_entitlement" "entitlement-taskcenter" {
 # Create Cloud Foundry environment
 ###
 module "cloudfoundry_environment" {
-  source = "../../modules/environment/cloudfoundry/envinstance_cf"
-
+  source                  = "../../modules/btp-cf/btp-cf-org-space"
   subaccount_id           = btp_subaccount.subaccount.id
   instance_name           = var.cloudfoundry_org_name
   cf_org_name             = var.cloudfoundry_org_name
-  cf_org_managers         = []
+  cf_org_admins           = var.cf_org_admins
+  cf_org_managers         = var.cf_org_admins
   cf_org_billing_managers = []
   cf_org_auditors         = []
-}
-
-###
-# Create Cloud Foundry space and assign users
-###
-module "cloudfoundry_space" {
-  source              = "../../modules/environment/cloudfoundry/space_cf"
-  cf_org_id           = module.cloudfoundry_environment.cf_org_id
-  name                = var.cloudfoundry_space_name
-  cf_space_managers   = var.cloudfoundry_space_managers
-  cf_space_developers = var.cloudfoundry_space_developers
-  cf_space_auditors   = var.cloudfoundry_space_auditors
+  space_name              = var.space_name
+  cf_org_id               = module.cloudfoundry_environment.cf_org_id
+  cf_space_managers       = var.cf_space_managers
+  cf_space_developers     = var.cf_space_developers
+  origin                  = var.origin
 }
 
 ###
 # Assign the subaccount roles to the users
-###
 resource "btp_subaccount_role_collection_assignment" "subaccount-administrators" {
   subaccount_id        = btp_subaccount.subaccount.id
   role_collection_name = "Subaccount Administrator"
@@ -58,4 +50,4 @@ resource "btp_subaccount_role_collection_assignment" "subaccount-service-adminis
   role_collection_name = "Subaccount Service Administrator"
   for_each             = var.subaccount_service_admins
   user_name            = each.value
-}
+}

released/usecases/multi_provider_setup/provider.tf

@@ -6,8 +6,8 @@ terraform {
       version = "~> 1.4.0"
     }
     cloudfoundry = {
-      source  = "cloudfoundry-community/cloudfoundry"
-      version = "0.53.1"
+      source  = "SAP/cloudfoundry"
+      version = "0.2.1-beta"
     }
   }
 }
@@ -19,4 +19,4 @@ provider "btp" {
 // Configuration is described in https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs
 provider "cloudfoundry" {
   api_url = "https://api.cf.${var.region}.hana.ondemand.com"
-}
+}

released/usecases/multi_provider_setup/users.tfvars

@@ -1,7 +1,8 @@
 # see documentation at https://developer.hashicorp.com/terraform/language/values/variables#assigning-values-to-root-module-variables
-
-cloudfoundry_space_managers   = ["john.doe@test.com"]
-cloudfoundry_space_developers = ["john.doe@test.com"]
-cloudfoundry_space_auditors   = ["john.doe@test.com"]
-subaccount_admins             = ["john.doe@test.com"]
-subaccount_service_admins     = ["john.doe@test.com"]
+origin                    = "Name of the Identity provider"
+cf_org_admins             = ["john.doe@test.com"]
+cf_space_managers         = ["john.doe@test.com"]
+cf_space_developers       = ["john.doe@test.com"]
+cf_space_auditors         = ["john.doe@test.com"]
+subaccount_admins         = ["john.doe@test.com"]
+subaccount_service_admins = ["john.doe@test.com"]

released/usecases/multi_provider_setup/variables.tf

@@ -62,17 +62,28 @@ variable "cloudfoundry_space_name" {
 ###
 # User and Roles for subaccount and Cloud Foundry
 ###
-variable "cloudfoundry_space_managers" {
-  type        = list(string)
+variable "cf_org_admins" {
+  type        = set(string)
+  description = "The List of usres that shall be CF Org users"
+}
+
+variable "space_name" {
+  type        = string
+  description = "The name of the cloud foundry org."
+  default     = "tf-cforg"
+}
+
+variable "cf_space_managers" {
+  type        = set(string)
   description = "The list of users that shall be CF space managers."
 }
 
-variable "cloudfoundry_space_developers" {
+variable "cf_space_developers" {
   type        = list(string)
   description = "The list of users that shall be CF space developers."
 }
 
-variable "cloudfoundry_space_auditors" {
+variable "cf_space_auditors" {
   type        = list(string)
   description = "The list of users that shall be CF space auditors."
 }
@@ -86,3 +97,8 @@ variable "subaccount_service_admins" {
   type        = set(string)
   description = "The list of users that shall be subaccount admins."
 }
+
+variable "origin" {
+  type        = string
+  description = "The identity provider for the UAA user"
+}