clean-up code for usage in quick-account-setup (mission 3260)

released/discovery_center/mission_3260/main.tf

@@ -4,26 +4,36 @@
 resource "random_uuid" "uuid" {}
 
 locals {
-  random_uuid               = random_uuid.uuid.result
-  project_subaccount_domain = "discoverycenter-tf-sap-ms-${local.random_uuid}"
-  project_subaccount_cf_org = substr(replace("${local.project_subaccount_domain}", "-", ""), 0, 32)
+  random_uuid       = random_uuid.uuid.result
+  subaccount_domain = lower(replace("mission-3260-${local.random_uuid}", "_", "-"))
+  subaccount_cf_org = length(var.cf_org_name) > 0 ? var.cf_org_name : substr(replace("${local.subaccount_domain}", "-", ""), 0, 32)
 }
 
 # ------------------------------------------------------------------------------------------------------
 # Creation of subaccount
 # ------------------------------------------------------------------------------------------------------
-resource "btp_subaccount" "project" {
+resource "btp_subaccount" "dc_mission" {
   name      = var.subaccount_name
-  subdomain = local.project_subaccount_domain
+  subdomain = local.subaccount_domain
   region    = lower(var.region)
 }
 
+# ------------------------------------------------------------------------------------------------------
+# Assign custom IDP to sub account (if custom_idp is set)
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount_trust_configuration" "fully_customized" {
+  # Only create trust configuration if custom_idp has been set 
+  count             = var.custom_idp == "" ? 0 : 1
+  subaccount_id     = btp_subaccount.dc_mission.id
+  identity_provider = var.custom_idp
+}
+
 # ------------------------------------------------------------------------------------------------------
 # Assignment of users as sub account administrators
 # ------------------------------------------------------------------------------------------------------
 resource "btp_subaccount_role_collection_assignment" "subaccount-admins" {
-  for_each             = toset("${var.subaccount_admins}")
-  subaccount_id        = btp_subaccount.project.id
+  for_each             = toset(var.subaccount_admins)
+  subaccount_id        = btp_subaccount.dc_mission.id
   role_collection_name = "Subaccount Administrator"
   user_name            = each.value
 }
@@ -32,47 +42,63 @@ resource "btp_subaccount_role_collection_assignment" "subaccount-admins" {
 # Assignment of users as sub account service administrators
 # ------------------------------------------------------------------------------------------------------
 resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" {
-  for_each             = toset("${var.subaccount_service_admins}")
-  subaccount_id        = btp_subaccount.project.id
+  for_each             = toset(var.subaccount_service_admins)
+  subaccount_id        = btp_subaccount.dc_mission.id
   role_collection_name = "Subaccount Service Administrator"
   user_name            = each.value
 }
 
+
+# ------------------------------------------------------------------------------------------------------
+# CLOUDFOUNDRY PREPARATION
+# ------------------------------------------------------------------------------------------------------
+#
+# Fetch all available environments for the subaccount
+data "btp_subaccount_environments" "all" {
+  subaccount_id = btp_subaccount.dc_mission.id
+}
+# ------------------------------------------------------------------------------------------------------
+# Take the landscape label from the first CF environment if no environment label is provided
+# (this replaces the previous null_resource)
+# ------------------------------------------------------------------------------------------------------
+resource "terraform_data" "replacement" {
+  input = length(var.cf_landscape_label) > 0 ? var.cf_landscape_label : [for env in data.btp_subaccount_environments.all.values : env if env.service_name == "cloudfoundry" && env.environment_type == "cloudfoundry"][0].landscape_label
+}
 # ------------------------------------------------------------------------------------------------------
 # Creation of Cloud Foundry environment
 # ------------------------------------------------------------------------------------------------------
-module "cloudfoundry_environment" {
-  source                  = "../../modules/environment/cloudfoundry/envinstance_cf"
-  subaccount_id           = btp_subaccount.project.id
-  instance_name           = local.project_subaccount_cf_org
-  plan_name               = "standard"
-  cf_org_name             = local.project_subaccount_cf_org
-  cf_org_auditors         = []
-  cf_org_billing_managers = []
-  cf_org_managers         = []
-
+resource "btp_subaccount_environment_instance" "cloudfoundry" {
+  subaccount_id    = btp_subaccount.dc_mission.id
+  name             = local.subaccount_cf_org
+  environment_type = "cloudfoundry"
+  service_name     = "cloudfoundry"
+  plan_name        = "standard"
+  landscape_label  = terraform_data.replacement.output
+  parameters = jsonencode({
+    instance_name = local.subaccount_cf_org
+  })
 }
 
 # ------------------------------------------------------------------------------------------------------
 # Create service instance - SAP Build Process Automation service
 # ------------------------------------------------------------------------------------------------------
 resource "btp_subaccount_entitlement" "bpa" {
-  subaccount_id = btp_subaccount.project.id
+  subaccount_id = btp_subaccount.dc_mission.id
   service_name  = "process-automation"
   plan_name     = "free"
 }
 
 resource "btp_subaccount_subscription" "bpa" {
-  subaccount_id = btp_subaccount.project.id
+  subaccount_id = btp_subaccount.dc_mission.id
   app_name      = "process-automation"
   plan_name     = "free"
   depends_on    = [btp_subaccount_entitlement.bpa]
 }
 
 # Assign users to Role Collection: ProcessAutomationAdmin
 resource "btp_subaccount_role_collection_assignment" "bpa_admin" {
-  for_each             = toset("${var.subaccount_service_admins}")
-  subaccount_id        = btp_subaccount.project.id
+  for_each             = toset(var.business_process_automation_admins)
+  subaccount_id        = btp_subaccount.dc_mission.id
   role_collection_name = "ProcessAutomationAdmin"
   user_name            = each.value
   depends_on           = [btp_subaccount_subscription.bpa]

released/discovery_center/mission_3260/outputs.tf

@@ -1,9 +1,14 @@
 output "subaccount_id" {
-  value       = btp_subaccount.project.id
-  description = "The ID of the project subaccount."
+  value       = btp_subaccount.dc_mission.id
+  description = "The ID of the subaccount."
 }
 
-output "org_id" {
-  value       = module.cloudfoundry_environment.cf_org_id
+output "cf_org_id" {
+  value       = jsondecode(btp_subaccount_environment_instance.cloudfoundry.labels)["Org ID"]
   description = "The Cloudfoundry org ID."
 }
+
+output "bpa_url" {
+  value       = btp_subaccount_subscription.bpa.subscription_url
+  description = "Subscription URL for SAP Business Process Automation"
+}

released/discovery_center/mission_3260/provider.tf

@@ -5,26 +5,12 @@ terraform {
       source  = "sap/btp"
       version = "~> 1.4.0"
     }
-    cloudfoundry = {
-      source  = "cloudfoundry-community/cloudfoundry"
-      version = "~>0.53.1"
-    }
   }
 }
 
 # Please checkout documentation on how best to authenticate against SAP BTP
 # via the Terraform provider for SAP BTP
 provider "btp" {
-  globalaccount = var.globalaccount
-}
-
-# Get the Cloudfoundry API endpoint
-module "cloudfoundry_api" {
-  source            = "../../modules/environment/cloudfoundry/apiurl_cf"
-  environment_label = var.cf_environment_label
-}
-
-// Configuration is described in https://registry.terraform.io/providers/cloudfoundry-community/cloudfoundry/latest/docs
-provider "cloudfoundry" {
-  api_url = module.cloudfoundry_api.api_url
+  globalaccount  = var.globalaccount
+  cli_server_url = var.cli_server_url
 }

released/discovery_center/mission_3260/samples.tfvars

@@ -2,13 +2,15 @@
 # Provider configuration
 # ------------------------------------------------------------------------------------------------------
 # Your global account subdomain
-globalaccount        = "youraccount"
-region               = "us10"
-subaccount_name      = "Discovery Center mission - build Events-to-Business actions"
-cf_environment_label = "cf-us10"
+globalaccount   = "youraccount"
+region          = "us10"
+subaccount_name = "Discovery Center mission 3260 - build Events-to-Business actions"
+#cf_landscape_label = "cf-us10"
+#custom_idp         = "xxxx"
 
 # ------------------------------------------------------------------------------------------------------
 # Project specific configuration (please adapt!)
 # ------------------------------------------------------------------------------------------------------
-subaccount_admins         = ["jane.doe@test.com", "john.doe@test.com"]
-subaccount_service_admins = ["jane.doe@test.com", "john.doe@test.com"]
+subaccount_admins                  = ["another.user@test.com"]
+subaccount_service_admins          = ["another.user@test.com"]
+business_process_automation_admins = ["another.user@test.com", "you@test.com"]

released/discovery_center/mission_3260/variables.tf

@@ -13,17 +13,43 @@ variable "subaccount_name" {
   description = "The subaccount name."
   default     = "UC - Build resilient BTP Apps"
 }
+
+variable "subaccount_id" {
+  type        = string
+  description = "The subaccount ID."
+  default     = ""
+}
+
+variable "cli_server_url" {
+  type        = string
+  description = "Defines the CLI server URL"
+  default     = "https://cli.btp.cloud.sap"
+}
+
+variable "custom_idp" {
+  type        = string
+  description = "Defines the custom IdP"
+  default     = ""
+}
+
 # Region
 variable "region" {
   type        = string
   description = "The region where the project account shall be created in."
   default     = "us10"
 }
+
+variable "cf_org_name" {
+  type        = string
+  description = "The Cloud Foundry Org name from the Cloud Foundry environment instance."
+  default     = ""
+}
+
 # Cloudfoundry environment label
-variable "cf_environment_label" {
+variable "cf_landscape_label" {
   type        = string
-  description = "The Cloudfoundry environment label"
-  default     = "cf-us10"
+  description = "In case there are multiple environments available for a subaccount, you can use this label to choose with which one you want to go. If nothing is given, we take by default the first available."
+  default     = ""
 }
 
 variable "subaccount_admins" {
@@ -37,3 +63,9 @@ variable "subaccount_service_admins" {
   description = "Defines the colleagues who are added to each subaccount as subaccount service administrators."
   default     = ["jane.doe@test.com", "john.doe@test.com"]
 }
+
+variable "business_process_automation_admins" {
+  type        = list(string)
+  description = "Defines the colleagues who are added as administrators for the SAP Business Process Automation."
+  default     = ["jane.doe@test.com", "john.doe@test.com"]
+}

released/discovery_center/mission_4024/main.tf

@@ -265,7 +265,7 @@ resource "btp_subaccount_entitlement" "destination" {
 
 # Assign users to Role Collection: Launchpad_Admin
 resource "btp_subaccount_role_collection_assignment" "launchpad_admin" {
-  for_each             = toset("${var.emergency_admins}")
+  for_each             = toset(var.emergency_admins)
   subaccount_id        = data.btp_subaccount.project.id
   role_collection_name = "Launchpad_Admin"
   user_name            = each.value