diff --git a/released/discovery_center/mission_3585/README.md b/released/discovery_center/mission_3585/README.md index 66120e3d..6e9b5f55 100644 --- a/released/discovery_center/mission_3585/README.md +++ b/released/discovery_center/mission_3585/README.md @@ -1,64 +1,63 @@ -# Discovery Center mission - Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App - -## Overview - -This sample shows how to set up your SAP BTP account for the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/missiondetail/3585/) - -## Content of setup - -The setup comprises the following resources: - -- Creation of the SAP BTP subaccount -- Enablement of Cloudfoundry Environment - [see available regions and endpoints](https://help.sap.com/docs/btp/sap-business-technology-platform/regions-and-api-endpoints-available-for-cloud-foundry-environment) -- Entitlements of services - * SAP Business Application Studio - * SAP Build Work Zone, standard edition - * Continous Integration & Delivery - Optional -- Subscriptions to applications -- Role collection assignments to users - -## Deploying the resources - -Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html) - -To deploy the resources you must: - -1. Set the environment variables BTP_USERNAME and BTP_PASSWORD to pass credentials to the BTP provider to authenticate and interact with your BTP environments. - - ```bash - export BTP_USERNAME= - export BTP_PASSWORD= - ``` - -2. Change the variables in the `sample.tfvars` file to meet your requirements - - > The minimal set of parameters you should specify (besides user_email and password) is global account (i.e. its subdomain) and the used custom_idp and all user assignments - - > ⚠ NOTE: You should pay attention **specifically** to the users defined in the samples.tfvars whether they already exist in your SAP BTP accounts. Otherwise, you might get error messages like, e.g., `Error: The user could not be found: jane.doe@test.com`. - - -3. Initialize your workspace: - - ```bash - terraform init - ``` - -4. You can check what Terraform plans to apply based on your configuration: - - ```bash - terraform plan -var-file="sample.tfvars" - ``` - -6. Apply your configuration to provision the resources: - - ```bash - terraform apply -var-file="sample.tfvars" - ``` - -## When finished - -You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command: - -```bash -terraform destroy -var-file="sample.tfvars" -``` +# Discovery Center Mission: Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App + +## Overview + +This sample shows how to setup your SAP BTP account for the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/protected/index.html#/missiondetail/3585) for your Enterprise BTP Account. + +The respective setup of a trial account is described in [SAP-samples/btp-terraform-samples/tree/main/released/discovery_center/mission_3585_trial/README.md](https://github.com/SAP-samples/btp-terraform-samples/tree/main/released/discovery_center/mission_3585_trial/README.md) + +## Content of setup + +The setup comprises the following resources: + +- Creation of the SAP BTP subaccount +- Entitlements of services +- Subscriptions to applications +- Role collection assignments to users + +## Deploying the resources + +Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html) + +To deploy the resources you must: + +1. Set your credentials as environment variables + + ```bash + export BTP_USERNAME ='' + export BTP_PASSWORD ='' + ``` + +2. Change the variables in the `sample.tfvars` file to meet your requirements + + > The minimal set of parameters you should specify (besides user_email and password) is global account (i.e. its subdomain) and all user assignments + +3. Then initialize your workspace: + + ```bash + terraform init + ``` + +4. You can check what Terraform plans to apply based on your configuration: + + ```bash + terraform plan -var-file="sample.tfvars" + ``` + +5. Apply your configuration to provision the resources: + + ```bash + terraform apply -var-file="sample.tfvars" + ``` + +6. Verify e.g., in [BTP Cockpit](https://cockpit.btp.cloud.sap) that a new subaccount with a SAP Business Application Studio subscription has been created and respective users were assigned to role collections + +With this you have completed the quick account setup as described in the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/protected/index.html#/missiondetail/3585). + +## In the end + +You probably want to remove the assets after trying them out to avoid unnecessary costs. To do so execute the following command: + +```bash +terraform destroy -var-file="sample.tfvars" +``` \ No newline at end of file diff --git a/released/discovery_center/mission_3585/main.tf b/released/discovery_center/mission_3585/main.tf index dafdd428..51e93ec1 100644 --- a/released/discovery_center/mission_3585/main.tf +++ b/released/discovery_center/mission_3585/main.tf @@ -17,26 +17,33 @@ resource "btp_subaccount" "dc_mission" { # SERVICES # ------------------------------------------------------------------------------------------------------ # +locals { + # optional + service_name__cicd_service = "cicd-service" +} # ------------------------------------------------------------------------------------------------------ -# Setup cicd-service (not running in CF environment) +# Setup cicd-service (SAP Continuous Integration and Delivery), (not running in CF environment) # ------------------------------------------------------------------------------------------------------ # Entitle resource "btp_subaccount_entitlement" "cicd_service" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - service_name = "cicd-service" - plan_name = "default" + service_name = local.service_name__cicd_service + plan_name = var.service_plan__cicd_service } # Get serviceplan_id for cicd-service with plan_name "default" data "btp_subaccount_service_plan" "cicd_service" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - offering_name = "cicd-service" - name = "default" + offering_name = local.service_name__cicd_service + name = var.service_plan__cicd_service depends_on = [btp_subaccount_entitlement.cicd_service] } # Create service instance resource "btp_subaccount_service_instance" "cicd_service" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - serviceplan_id = data.btp_subaccount_service_plan.cicd_service.id + serviceplan_id = data.btp_subaccount_service_plan.cicd_service[0].id name = "default_cicd-service" # Subscription to the cicd-app subscription is required for creating the service instance # See as well https://help.sap.com/docs/continuous-integration-and-delivery/sap-continuous-integration-and-delivery/optional-enabling-api-usage?language=en-US @@ -47,20 +54,27 @@ resource "btp_subaccount_service_instance" "cicd_service" { # APP SUBSCRIPTIONS # ------------------------------------------------------------------------------------------------------ # +locals { + service_name__sapappstudio = "sapappstudio" + # optional + service_name__sap_launchpad = "SAPLaunchpad" + service_name__cicd_app = "cicd-app" + +} # ------------------------------------------------------------------------------------------------------ -# Setup sapappstudio +# Setup sapappstudio (SAP Business Application Studio) # ------------------------------------------------------------------------------------------------------ # Entitle resource "btp_subaccount_entitlement" "sapappstudio" { subaccount_id = btp_subaccount.dc_mission.id - service_name = "sapappstudio" - plan_name = "standard-edition" + service_name = local.service_name__sapappstudio + plan_name = var.service_plan__sapappstudio } # Subscribe (depends on subscription of standard-edition) resource "btp_subaccount_subscription" "sapappstudio" { subaccount_id = btp_subaccount.dc_mission.id - app_name = "sapappstudio" - plan_name = "standard-edition" + app_name = local.service_name__sapappstudio + plan_name = var.service_plan__sapappstudio depends_on = [btp_subaccount_entitlement.sapappstudio] } @@ -69,15 +83,18 @@ resource "btp_subaccount_subscription" "sapappstudio" { # ------------------------------------------------------------------------------------------------------ # Entitle resource "btp_subaccount_entitlement" "sap_launchpad" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - service_name = "SAPLaunchpad" - plan_name = "standard" + service_name = local.service_name__sap_launchpad + plan_name = var.service_plan__sap_launchpad + amount = var.service_plan__sap_launchpad == "free" ? 1 : null } # Subscribe resource "btp_subaccount_subscription" "sap_launchpad" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - app_name = "SAPLaunchpad" - plan_name = "standard" + app_name = local.service_name__sap_launchpad + plan_name = var.service_plan__sap_launchpad depends_on = [btp_subaccount_entitlement.sap_launchpad] } @@ -86,45 +103,26 @@ resource "btp_subaccount_subscription" "sap_launchpad" { # ------------------------------------------------------------------------------------------------------ # Entitle resource "btp_subaccount_entitlement" "cicd_app" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - service_name = "cicd-app" - plan_name = "default" + service_name = local.service_name__cicd_app + plan_name = var.service_plan__cicd_app + amount = var.service_plan__cicd_app == "free" ? 1 : null } # Subscribe resource "btp_subaccount_subscription" "cicd_app" { + count = var.use_optional_resources ? 1 : 0 subaccount_id = btp_subaccount.dc_mission.id - app_name = "cicd-app" - plan_name = "default" + app_name = local.service_name__cicd_app + plan_name = var.service_plan__cicd_app depends_on = [btp_subaccount_entitlement.cicd_app] } -# ------------------------------------------------------------------------------------------------------ -# USERS AND ROLES -# ------------------------------------------------------------------------------------------------------ -# -# Get all available subaccount roles -data "btp_subaccount_roles" "all" { - subaccount_id = btp_subaccount.dc_mission.id - depends_on = [btp_subaccount_subscription.sap_launchpad, btp_subaccount_subscription.sapappstudio, btp_subaccount_subscription.cicd_app] -} - -# ------------------------------------------------------------------------------------------------------ -# Assign role collection "Launchpad_Admin" -# ------------------------------------------------------------------------------------------------------ -resource "btp_subaccount_role_collection_assignment" "launchpad_admin" { - for_each = toset("${var.launchpad_admins}") - subaccount_id = btp_subaccount.dc_mission.id - role_collection_name = "Launchpad_Admin" - user_name = each.value - depends_on = [btp_subaccount_subscription.sap_launchpad] -} - - # ------------------------------------------------------------------------------------------------------ # Assign role collection "Subaccount Administrator" # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "subaccount_admin" { - for_each = toset("${var.subaccount_admins}") + for_each = toset(var.subaccount_admins) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Subaccount Administrator" user_name = each.value @@ -135,7 +133,7 @@ resource "btp_subaccount_role_collection_assignment" "subaccount_admin" { # Assign role collection "Business_Application_Studio_Administrator" # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "bas_admins" { - for_each = toset("${var.bas_admins}") + for_each = toset(var.bas_admins) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Business_Application_Studio_Administrator" user_name = each.value @@ -146,18 +144,32 @@ resource "btp_subaccount_role_collection_assignment" "bas_admins" { # Assign role collection "Business_Application_Studio_Developer" # ------------------------------------------------------------------------------------------------------ resource "btp_subaccount_role_collection_assignment" "bas_developer" { - for_each = toset("${var.bas_developers}") + for_each = toset(var.bas_developers) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "Business_Application_Studio_Developer" user_name = each.value depends_on = [btp_subaccount_subscription.sapappstudio] } +# ------------------------------------------------------------------------------------------------------ +# Assign role collection "Launchpad_Admin" +# ------------------------------------------------------------------------------------------------------ +# optional app subscription +resource "btp_subaccount_role_collection_assignment" "launchpad_admin" { + for_each = toset(var.use_optional_resources == true ? var.launchpad_admins : []) + subaccount_id = btp_subaccount.dc_mission.id + role_collection_name = "Launchpad_Admin" + user_name = each.value + depends_on = [btp_subaccount_subscription.sap_launchpad] +} + # ------------------------------------------------------------------------------------------------------ # Assign role collection "CICD Service Administrator" # ------------------------------------------------------------------------------------------------------ +# optional app subscription + resource "btp_subaccount_role_collection_assignment" "cicd_admins" { - for_each = toset("${var.cicd_admins}") + for_each = toset(var.use_optional_resources == true ? var.cicd_admins : []) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "CICD Service Administrator" user_name = each.value @@ -167,8 +179,9 @@ resource "btp_subaccount_role_collection_assignment" "cicd_admins" { # ------------------------------------------------------------------------------------------------------ # Assign role collection "CICD Service Developer" # ------------------------------------------------------------------------------------------------------ +# optional app subscription resource "btp_subaccount_role_collection_assignment" "cicd_developers" { - for_each = toset("${var.cicd_developers}") + for_each = toset(var.use_optional_resources == true ? var.cicd_developers : []) subaccount_id = btp_subaccount.dc_mission.id role_collection_name = "CICD Service Developer" user_name = each.value diff --git a/released/discovery_center/mission_3585/outputs.tf b/released/discovery_center/mission_3585/outputs.tf index 1d4e2ec8..bcad8672 100644 --- a/released/discovery_center/mission_3585/outputs.tf +++ b/released/discovery_center/mission_3585/outputs.tf @@ -3,17 +3,21 @@ output "subaccount_id" { description = "The Global Account subdomain id." } -output "cicd_app_subscription_url" { - value = btp_subaccount_subscription.cicd_app.subscription_url - description = "Continuous Integration & Delivery subscription URL." -} - output "sapappstudio_subscription_url" { value = btp_subaccount_subscription.sapappstudio.subscription_url description = "SAP Business Application Studio subscription URL." } output "sap_launchpad_subscription_url" { - value = btp_subaccount_subscription.sap_launchpad.subscription_url + value = var.use_optional_resources ? btp_subaccount_subscription.sap_launchpad[0].subscription_url : null description = "SAP Build Work Zone, standard edition subscription URL." } + +output "cicd_service_id" { + value = var.use_optional_resources ? btp_subaccount_service_instance.cicd_service[0].id : null +} + +output "cicd_app_subscription_url" { + value = var.use_optional_resources ? btp_subaccount_subscription.cicd_app[0].subscription_url : null + description = "Continuous Integration & Delivery subscription URL." +} \ No newline at end of file diff --git a/released/discovery_center/mission_3585/provider.tf b/released/discovery_center/mission_3585/provider.tf index 7f0e34b9..d1351409 100644 --- a/released/discovery_center/mission_3585/provider.tf +++ b/released/discovery_center/mission_3585/provider.tf @@ -8,9 +8,6 @@ terraform { } provider "btp" { - # Comment out the idp in case you need it to connect to your global account - # ------------------------------------------------------------------------- - # idp = var.custom_idp globalaccount = var.globalaccount cli_server_url = var.cli_server_url } diff --git a/released/discovery_center/mission_3585/sample.tfvars b/released/discovery_center/mission_3585/sample.tfvars index 0f197faa..1d01adcf 100644 --- a/released/discovery_center/mission_3585/sample.tfvars +++ b/released/discovery_center/mission_3585/sample.tfvars @@ -4,9 +4,6 @@ # Your global account subdomain globalaccount = "xxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxxx-xxxxxx" -# The CLI server URL (needs to be set to null if you are using the default CLI server) -cli_server_url = null - # Region for your subaccount region = "us10" @@ -18,10 +15,10 @@ subaccount_name = "SAP Discovery Center Mission 3585" # ------------------------------------------------------------------------------------------------------ subaccount_admins = ["another.user@test.com"] +bas_admins = ["another.user@test.com", "you@test.com"] +bas_developers = ["another.user@test.com", "you@test.com"] + launchpad_admins = ["another.user@test.com", "you@test.com"] cicd_admins = ["another.user@test.com", "you@test.com"] -cicd_developers = ["another.user@test.com", "you@test.com"] - -bas_admins = ["another.user@test.com", "you@test.com"] -bas_developers = ["another.user@test.com", "you@test.com"] +cicd_developers = ["another.user@test.com", "you@test.com"] \ No newline at end of file diff --git a/released/discovery_center/mission_3585/variables.tf b/released/discovery_center/mission_3585/variables.tf index fbd8bec0..6b0f716d 100644 --- a/released/discovery_center/mission_3585/variables.tf +++ b/released/discovery_center/mission_3585/variables.tf @@ -1,26 +1,90 @@ +# ------------------------------------------------------------------------------------------------------ +# Account variables +# ------------------------------------------------------------------------------------------------------ variable "globalaccount" { type = string description = "The globalaccount subdomain where the sub account shall be created." } -variable "subaccount_name" { - type = string - description = "The subaccount name." - default = "My SAP DC mission subaccount." -} - variable "cli_server_url" { type = string description = "The BTP CLI server URL." default = "https://cli.btp.cloud.sap" } +variable "custom_idp" { + type = string + description = "The custom identity provider for the subaccount." + default = "sap.ids" +} + variable "region" { type = string description = "The region where the subaccount shall be created in." default = "us10" } +variable "subaccount_name" { + type = string + description = "The subaccount name." + default = "My SAP DC mission subaccount." +} + +variable "use_optional_resources" { + type = bool + description = "optional resources are ignored if value is false" + default = true +} + +# ------------------------------------------------------------------------------------------------------ +# service plans +# ------------------------------------------------------------------------------------------------------ +variable "service_plan__cicd_service" { + type = string + description = "The plan for service 'SAP Continuous Integration and Delivery' with technical name 'cicd-service'" + default = "default" + validation { + condition = contains(["default"], var.service_plan__cicd_service) + error_message = "Invalid value for service_plan__cicd_service. Only 'default' is allowed." + } +} + +# ------------------------------------------------------------------------------------------------------ +# app subscription plans +# ------------------------------------------------------------------------------------------------------ +variable "service_plan__sapappstudio" { + type = string + description = "The plan for app subscription 'SAP Business Application Studio' with technical name 'sapappstudio'" + default = "standard-edition" + validation { + condition = contains(["standard-edition"], var.service_plan__sapappstudio) + error_message = "Invalid value for service_plan__sapappstudio. Only 'standard-edition' is allowed." + } +} + +variable "service_plan__sap_launchpad" { + type = string + description = "The plan for app subscription 'SAP Build Work Zone, standard edition' with technical name 'SAPLaunchpad'" + default = "free" + validation { + condition = contains(["free", "standard"], var.service_plan__sap_launchpad) + error_message = "Invalid value for service_plan__sap_launchpad. Only 'free' and 'standard' are allowed." + } +} + +variable "service_plan__cicd_app" { + type = string + description = "The plan for app subscription 'SAP Continuous Integration and Delivery' with technical name 'cicd-app'" + default = "free" + validation { + condition = contains(["build-code", "free", "default"], var.service_plan__cicd_app) + error_message = "Invalid value for service_plan__cicd_app. Only 'build-code', 'free' and 'standard' are allowed." + } +} + +# ------------------------------------------------------------------------------------------------------ +# User lists +# ------------------------------------------------------------------------------------------------------ variable "subaccount_admins" { type = list(string) description = "Defines the colleagues who are added to each subaccount as emergency administrators." @@ -85,10 +149,4 @@ variable "cicd_admins" { condition = length([for email in var.cicd_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.cicd_admins) error_message = "Please enter a valid email address." } -} - -variable "custom_idp" { - type = string - description = "The custom identity provider for the subaccount." - default = "sap.ids" -} +} \ No newline at end of file diff --git a/released/discovery_center/mission_3585_trial/README.md b/released/discovery_center/mission_3585_trial/README.md new file mode 100644 index 00000000..171173e7 --- /dev/null +++ b/released/discovery_center/mission_3585_trial/README.md @@ -0,0 +1,76 @@ +# Discovery Center Mission: Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App + +## Overview + +This sample shows how to setup your SAP BTP account for the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/protected/index.html#/missiondetail/3585) for your trial account. + +The respective setup of an Enterprise account is described in [SAP-samples/btp-terraform-samples/tree/main/released/discovery_center/mission_3585/README.md](https://github.com/SAP-samples/btp-terraform-samples/tree/main/released/discovery_center/mission_3585_trial/README.md) + +## Important: Trial Account Prerequisites + +Contrary to an Enterprise account (where the setup will happen in a newly created subaccount, where entitlements are added), we make the assumption that in your trial account there is already a subaccount (by default named 'trial') with all the required service entitlements and not already in use! + +In a newly created trial account this is already true and you are good to go immediately with this setup. + +But if you have already used services and/or setup subscriptions in your trial account, you have to make sure that you free up these resources to start with this setup here (i.e. delete the corresponding services/subscriptions used for this Discover Center Mission setup). Otherwise the setup would fail! + +For this mission setup the following resource (app subscription) is used: + +- SAP Build Work Zone, standard edition (Subscription) + +You could delete these resources in your [BTP Trial Cockpit](https://cockpit.btp.cloud.sap/trial) on the corresponding trial subaccount pages +- Services > Instances and Subscriptions + +## Content of setup + +The setup comprises the following resources: + +- Subscription to applications +- Role collection assignments to users + +## Deploying the resources + +Make sure that you are familiar with SAP BTP and know both the [Get Started with btp-terraform-samples](https://github.com/SAP-samples/btp-terraform-samples/blob/main/GET_STARTED.md) and the [Get Started with the Terraform Provider for BTP](https://developers.sap.com/tutorials/btp-terraform-get-started.html) + +To deploy the resources you must: + +1. Set your credentials as environment variables + + ```bash + export BTP_USERNAME ='' + export BTP_PASSWORD ='' + ``` + +2. Change the variables in the `sample.tfvars` file to meet your requirements + + > The minimal set of parameters you should specify (besides user_email and password) is global account (i.e. its subdomain), trial subaccount ID and all user assignments + +3. Then initialize your workspace: + + ```bash + terraform init + ``` + +4. You can check what Terraform plans to apply based on your configuration: + + ```bash + terraform plan -var-file="sample.tfvars" + ``` + +5. Apply your configuration to provision the resources: + + ```bash + terraform apply -var-file="sample.tfvars" + ``` + +6. Verify e.g., in [BTP Trial Cockpit](https://cockpit.btp.cloud.sap/trial) that SAP Build Workzone subscriptions have been created and respective users were assigned to role collections + +With this you have completed the quick account setup as described in the Discovery Center Mission - [Get Started on SAP BTP with SAPUI5/Fiori - Create a Hello World App](https://discovery-center.cloud.sap/protected/index.html#/missiondetail/3585). + +## In the end + +You probably want to remove the assets after trying them out. To do so execute the following command: + +```bash +terraform destroy -var-file="sample.tfvars" +``` \ No newline at end of file diff --git a/released/discovery_center/mission_3585_trial/main.tf b/released/discovery_center/mission_3585_trial/main.tf new file mode 100644 index 00000000..2310a8ef --- /dev/null +++ b/released/discovery_center/mission_3585_trial/main.tf @@ -0,0 +1,80 @@ +# ------------------------------------------------------------------------------------------------------ +# Subaccount setup for DC mission 3585 +# ------------------------------------------------------------------------------------------------------ +# Setup subaccount domain (to ensure uniqueness in BTP global account) +resource "random_uuid" "uuid" {} + +# ------------------------------------------------------------------------------------------------------ +# Creation of subaccount +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount" "dc_mission" { + count = var.subaccount_id == "" ? 1 : 0 + name = var.subaccount_name + subdomain = join("-", ["dc-mission-3585", random_uuid.uuid.result]) + region = lower(var.region) +} + +data "btp_subaccount" "dc_mission" { + id = var.subaccount_id != "" ? var.subaccount_id : btp_subaccount.dc_mission[0].id +} + +# ------------------------------------------------------------------------------------------------------ +# SERVICES +# ------------------------------------------------------------------------------------------------------ + +# ------------------------------------------------------------------------------------------------------ +# APP SUBSCRIPTIONS +# ------------------------------------------------------------------------------------------------------ +# +locals { + service_name__sap_launchpad = "SAPLaunchpad" +} +# ------------------------------------------------------------------------------------------------------ +# Setup SAPLaunchpad (SAP Build Work Zone, standard edition) +# ------------------------------------------------------------------------------------------------------ +# Entitle +resource "btp_subaccount_entitlement" "sap_launchpad" { + subaccount_id = data.btp_subaccount.dc_mission.id + service_name = local.service_name__sap_launchpad + plan_name = var.service_plan__sap_launchpad + amount = var.service_plan__sap_launchpad == "free" ? 1 : null +} +# Subscribe +resource "btp_subaccount_subscription" "sap_launchpad" { + subaccount_id = data.btp_subaccount.dc_mission.id + app_name = local.service_name__sap_launchpad + plan_name = var.service_plan__sap_launchpad + depends_on = [btp_subaccount_entitlement.sap_launchpad] +} +data "btp_subaccount_subscription" "sap_launchpad" { + subaccount_id = data.btp_subaccount.dc_mission.id + app_name = local.service_name__sap_launchpad + plan_name = var.service_plan__sap_launchpad + depends_on = [btp_subaccount_subscription.sap_launchpad] +} + +# ------------------------------------------------------------------------------------------------------ +# USERS AND ROLES +# ------------------------------------------------------------------------------------------------------ +# +# ------------------------------------------------------------------------------------------------------ +# Assign role collection "Subaccount Administrator" +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "subaccount_admin" { + for_each = toset("${var.subaccount_admins}") + subaccount_id = data.btp_subaccount.dc_mission.id + role_collection_name = "Subaccount Administrator" + user_name = each.value + depends_on = [btp_subaccount.dc_mission] +} + +# ------------------------------------------------------------------------------------------------------ +# Assign role collection "Launchpad_Admin" +# ------------------------------------------------------------------------------------------------------ +resource "btp_subaccount_role_collection_assignment" "launchpad_admin" { + for_each = toset("${var.launchpad_admins}") + subaccount_id = data.btp_subaccount.dc_mission.id + role_collection_name = "Launchpad_Admin" + user_name = each.value + depends_on = [btp_subaccount_subscription.sap_launchpad] +} \ No newline at end of file diff --git a/released/discovery_center/mission_3585_trial/outputs.tf b/released/discovery_center/mission_3585_trial/outputs.tf new file mode 100644 index 00000000..020a442b --- /dev/null +++ b/released/discovery_center/mission_3585_trial/outputs.tf @@ -0,0 +1,9 @@ +output "subaccount_id" { + value = data.btp_subaccount.dc_mission.id + description = "The Global Account subdomain id." +} + +output "sap_launchpad_subscription_url" { + value = data.btp_subaccount_subscription.sap_launchpad.subscription_url + description = "SAP Build Work Zone, standard edition subscription URL." +} \ No newline at end of file diff --git a/released/discovery_center/mission_3585_trial/provider.tf b/released/discovery_center/mission_3585_trial/provider.tf new file mode 100644 index 00000000..d1351409 --- /dev/null +++ b/released/discovery_center/mission_3585_trial/provider.tf @@ -0,0 +1,13 @@ +terraform { + required_providers { + btp = { + source = "SAP/btp" + version = "~> 1.5.0" + } + } +} + +provider "btp" { + globalaccount = var.globalaccount + cli_server_url = var.cli_server_url +} diff --git a/released/discovery_center/mission_3585_trial/sample.tfvars b/released/discovery_center/mission_3585_trial/sample.tfvars new file mode 100644 index 00000000..86f32910 --- /dev/null +++ b/released/discovery_center/mission_3585_trial/sample.tfvars @@ -0,0 +1,17 @@ +# ------------------------------------------------------------------------------------------------------ +# Provider configuration +# ------------------------------------------------------------------------------------------------------ +# Your global account subdomain +globalaccount = "" // trial-ga + +# Region for your trial subaccount +region = "us10" + +# Name of your sub account +subaccount_id = "" + +# ------------------------------------------------------------------------------------------------------ +# USER ROLES +# ------------------------------------------------------------------------------------------------------ +subaccount_admins = ["another.user@test.com"] +launchpad_admins = ["another.user@test.com", "you@test.com"] \ No newline at end of file diff --git a/released/discovery_center/mission_3585_trial/variables.tf b/released/discovery_center/mission_3585_trial/variables.tf new file mode 100644 index 00000000..41eb1226 --- /dev/null +++ b/released/discovery_center/mission_3585_trial/variables.tf @@ -0,0 +1,76 @@ +# ------------------------------------------------------------------------------------------------------ +# Account variables +# ------------------------------------------------------------------------------------------------------ +variable "globalaccount" { + type = string + description = "The globalaccount subdomain where the sub account shall be created." +} + +variable "cli_server_url" { + type = string + description = "The BTP CLI server URL." + default = "https://cli.btp.cloud.sap" +} + +variable "custom_idp" { + type = string + description = "The custom identity provider for the subaccount." + default = "sap.ids" +} + +variable "region" { + type = string + description = "The region where the subaccount shall be created in." + default = "us10" +} + +variable "subaccount_name" { + type = string + description = "The subaccount name." + default = "My SAP DC mission subaccount." +} + +variable "subaccount_id" { + type = string + description = "The subaccount ID." + default = "" +} + + +# ------------------------------------------------------------------------------------------------------ +# app subscription plans +# ------------------------------------------------------------------------------------------------------ +variable "service_plan__sap_launchpad" { + type = string + description = "The plan for app subscription 'SAP Build Work Zone, standard edition' with technical name 'SAPLaunchpad'" + default = "standard" + validation { + condition = contains(["standard"], var.service_plan__sap_launchpad) + error_message = "Invalid value for service_plan__sap_launchpad. Only 'standard' is allowed." + } +} + +# ------------------------------------------------------------------------------------------------------ +# User lists +# ------------------------------------------------------------------------------------------------------ +variable "subaccount_admins" { + type = list(string) + description = "Defines the colleagues who are added to each subaccount as emergency administrators." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.subaccount_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.subaccount_admins) + error_message = "Please enter a valid email address for the subaccount admins." + } +} + +variable "launchpad_admins" { + type = list(string) + description = "Defines the colleagues who are Launchpad Admins." + + # add validation to check if admins contains a list of valid email addresses + validation { + condition = length([for email in var.launchpad_admins : can(regex("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", email))]) == length(var.launchpad_admins) + error_message = "Please enter a valid email address." + } +} \ No newline at end of file