diff --git a/released/discovery_center/mission_4024_trial/step1/main.tf b/released/discovery_center/mission_4024_trial/step1/main.tf index 8f4b9610..e40c0249 100644 --- a/released/discovery_center/mission_4024_trial/step1/main.tf +++ b/released/discovery_center/mission_4024_trial/step1/main.tf @@ -1,15 +1,12 @@ +# ------------------------------------------------------------------------------------------------------ +# Subaccount setup for DC mission 4024 (trial) +# ------------------------------------------------------------------------------------------------------ +# Setup subaccount domain (to ensure uniqueness in BTP global account) resource "random_uuid" "uuid" {} locals { random_uuid = random_uuid.uuid.result subaccount_domain = "dcmission4024${local.random_uuid}" - - # used (mandatory) services - service_name__sap_build_apps = "sap-build-apps" - service_name__sap_launchpad = "SAPLaunchpad" - service_name__destination = "destination" - # optional, if custom idp is used - service_name__sap_identity_services_onboarding = "sap-identity-services-onboarding" } # ------------------------------------------------------------------------------------------------------ @@ -31,8 +28,80 @@ data "btp_subaccount" "subaccount" { id = data.btp_subaccount.dc_mission.id } # ------------------------------------------------------------------------------------------------------ -# SERVICES/SUBSCRIPTIONS +# SERVICES # ------------------------------------------------------------------------------------------------------ +# +locals { + service_name__destination = "destination" + # optional + service_name__application_runtime = "APPLICATION_RUNTIME" +} +# ------------------------------------------------------------------------------------------------------ +# Setup destination (Destination Service) +# ------------------------------------------------------------------------------------------------------ +# Entitle +resource "btp_subaccount_entitlement" "destination" { + subaccount_id = data.btp_subaccount.dc_mission.id + service_name = local.service_name__destination + plan_name = var.service_plan__destination +} + +# Get plan for destination service +data "btp_subaccount_service_plan" "by_name" { + subaccount_id = data.btp_subaccount.dc_mission.id + name = var.service_plan__destination + offering_name = local.service_name__destination + depends_on = [btp_subaccount_subscription.sap_launchpad] +} + +# Create destination for Visual Cloud Functions +resource "btp_subaccount_service_instance" "vcf_destination" { + subaccount_id = data.btp_subaccount.dc_mission.id + serviceplan_id = data.btp_subaccount_service_plan.by_name.id + name = "SAP-Build-Apps-Runtime" + parameters = jsonencode({ + HTML5Runtime_enabled = true + init_data = { + subaccount = { + existing_destinations_policy = "update" + destinations = [ + { + Name = "SAP-Build-Apps-Runtime" + Type = "HTTP" + Description = "Endpoint to SAP Build Apps runtime" + URL = "https://${data.btp_subaccount.subaccount.subdomain}.cr1.${data.btp_subaccount.subaccount.region}.apps.build.cloud.sap/" + ProxyType = "Internet" + Authentication = "NoAuthentication" + "HTML5.ForwardAuthToken" = true + } + ] + } + } + }) +} + +# ------------------------------------------------------------------------------------------------------ +# Setup APPLICATION_RUNTIME (Cloud Foundry Runtime) +# ------------------------------------------------------------------------------------------------------ +# Entitle +resource "btp_subaccount_entitlement" "application_runtime" { + count = var.use_optional_resources ? 1 : 0 + subaccount_id = data.btp_subaccount.dc_mission.id + service_name = local.service_name__application_runtime + plan_name = var.service_plan__application_runtime + amount = 1 +} + +# ------------------------------------------------------------------------------------------------------ +# APP SUBSCRIPTIONS +# ------------------------------------------------------------------------------------------------------ +# +locals { + service_name__sap_build_apps = "sap-build-apps" + service_name__sap_launchpad = "SAPLaunchpad" + # optional, if custom idp is used + service_name__sap_identity_services_onboarding = "sap-identity-services-onboarding" +} # ------------------------------------------------------------------------------------------------------ # Setup sap-identity-services-onboarding (Cloud Identity Services) # ------------------------------------------------------------------------------------------------------ @@ -69,7 +138,7 @@ resource "btp_subaccount_entitlement" "sap_build_apps" { depends_on = [btp_subaccount_trust_configuration.fully_customized] } # Subscribe -resource "btp_subaccount_subscription" "sap-build-apps" { +resource "btp_subaccount_subscription" "sap_build_apps" { subaccount_id = data.btp_subaccount.dc_mission.id app_name = "sap-appgyver-ee" plan_name = var.service_plan__sap_build_apps @@ -84,7 +153,6 @@ resource "btp_subaccount_entitlement" "sap_launchpad" { subaccount_id = data.btp_subaccount.dc_mission.id service_name = local.service_name__sap_launchpad plan_name = var.service_plan__sap_launchpad - #amount = var.service_plan__sap_launchpad == "free" ? 1 : null } # Subscribe @@ -95,50 +163,6 @@ resource "btp_subaccount_subscription" "sap_launchpad" { depends_on = [btp_subaccount_entitlement.sap_launchpad] } -# ------------------------------------------------------------------------------------------------------ -# Setup destination (Destination Service) -# ------------------------------------------------------------------------------------------------------ -# Entitle -resource "btp_subaccount_entitlement" "destination" { - subaccount_id = data.btp_subaccount.dc_mission.id - service_name = local.service_name__destination - plan_name = var.service_plan__destination -} - -# Get plan for destination service -data "btp_subaccount_service_plan" "by_name" { - subaccount_id = data.btp_subaccount.dc_mission.id - name = var.service_plan__destination - offering_name = local.service_name__destination - depends_on = [btp_subaccount_subscription.sap_launchpad] -} - -# Create destination for Visual Cloud Functions -resource "btp_subaccount_service_instance" "vcf_destination" { - subaccount_id = data.btp_subaccount.dc_mission.id - serviceplan_id = data.btp_subaccount_service_plan.by_name.id - name = "SAP-Build-Apps-Runtime" - parameters = jsonencode({ - HTML5Runtime_enabled = true - init_data = { - subaccount = { - existing_destinations_policy = "update" - destinations = [ - { - Name = "SAP-Build-Apps-Runtime" - Type = "HTTP" - Description = "Endpoint to SAP Build Apps runtime" - URL = "https://${data.btp_subaccount.subaccount.subdomain}.cr1.${data.btp_subaccount.subaccount.region}.apps.build.cloud.sap/" - ProxyType = "Internet" - Authentication = "NoAuthentication" - "HTML5.ForwardAuthToken" = true - } - ] - } - } - }) -} - # ------------------------------------------------------------------------------------------------------ # USERS AND ROLES # ------------------------------------------------------------------------------------------------------ @@ -146,7 +170,7 @@ resource "btp_subaccount_service_instance" "vcf_destination" { # Get all roles in the subaccount data "btp_subaccount_roles" "all" { subaccount_id = data.btp_subaccount.dc_mission.id - depends_on = [btp_subaccount_subscription.sap-build-apps] + depends_on = [btp_subaccount_subscription.sap_build_apps] } # ------------------------------------------------------------------------------------------------------ # Assign role collection "Subaccount Administrator" @@ -263,12 +287,16 @@ resource "btp_subaccount_role_collection_assignment" "build_apps_registry_develo depends_on = [btp_subaccount_role_collection.build_apps_registry_developer] } +# ------------------------------------------------------------------------------------------------------ +# Assign role collection "Launchpad_Admin" +# ------------------------------------------------------------------------------------------------------ # Assign users resource "btp_subaccount_role_collection_assignment" "launchpad_admin" { for_each = toset("${var.launchpad_admins}") subaccount_id = data.btp_subaccount.dc_mission.id role_collection_name = "Launchpad_Admin" user_name = each.value + origin = btp_subaccount_trust_configuration.fully_customized.origin depends_on = [btp_subaccount_subscription.sap_launchpad] } diff --git a/released/discovery_center/mission_4024_trial/step1/outputs.tf b/released/discovery_center/mission_4024_trial/step1/outputs.tf index d375243d..b828e17e 100644 --- a/released/discovery_center/mission_4024_trial/step1/outputs.tf +++ b/released/discovery_center/mission_4024_trial/step1/outputs.tf @@ -4,6 +4,6 @@ output "subaccount_id" { } output "sap_build_apps_subscription_url" { - value = btp_subaccount_subscription.sap-build-apps.subscription_url + value = btp_subaccount_subscription.sap_build_apps.subscription_url description = "The subscription_url of build app." } \ No newline at end of file diff --git a/released/discovery_center/mission_4024_trial/step1/sample.tfvars b/released/discovery_center/mission_4024_trial/step1/sample.tfvars index 496b60f9..af3fd5ac 100644 --- a/released/discovery_center/mission_4024_trial/step1/sample.tfvars +++ b/released/discovery_center/mission_4024_trial/step1/sample.tfvars @@ -1,11 +1,16 @@ # ------------------------------------------------------------------------------------------------------ # Account settings # ------------------------------------------------------------------------------------------------------ -globalaccount = "your-globalaccount-subdomain" -region = "us10" +# Your global account subdomain +globalaccount = "" // trial-ga + +# Region for your trial subaccount +region = "us10" + +subaccount_id = "" # ------------------------------------------------------------------------------------------------------ -# Use case specific configuration +# Use case specific role assignments # ------------------------------------------------------------------------------------------------------ subaccount_admins = ["jane.doe@test.com"] launchpad_admins = ["jane.doe@test.com"] diff --git a/released/discovery_center/mission_4024_trial/step1/variables.tf b/released/discovery_center/mission_4024_trial/step1/variables.tf index b4aa93b0..045b2a71 100644 --- a/released/discovery_center/mission_4024_trial/step1/variables.tf +++ b/released/discovery_center/mission_4024_trial/step1/variables.tf @@ -9,25 +9,25 @@ variable "globalaccount" { variable "cli_server_url" { type = string description = "The BTP CLI server URL." - default = "https://cpcli.cf.eu10.hana.ondemand.com" + default = "https://cli.btp.cloud.sap" } variable "custom_idp" { type = string - description = "Defines the custom IDP to be used for the subaccount" + description = "The custom identity provider for the subaccount." default = "" } variable "region" { type = string - description = "The region where the sub account shall be created in." + description = "The region where the subaccount shall be created in." default = "us10" } variable "subaccount_name" { type = string description = "The subaccount name." - default = "My SAP Build Apps subaccount" + default = "My SAP DC mission subaccount." } variable "subaccount_id" { @@ -36,29 +36,15 @@ variable "subaccount_id" { default = "" } +variable "use_optional_resources" { + type = bool + description = "optional resources are ignored if value is false" + default = true +} + # ------------------------------------------------------------------------------------------------------ # service plans # ------------------------------------------------------------------------------------------------------ -variable "service_plan__sap_build_apps" { - type = string - description = "The plan for SAP Build Apps subscription" - default = "free" - validation { - condition = contains(["free", "standard", "partner"], var.service_plan__sap_build_apps) - error_message = "Invalid value for service_plan__sap_build_apps. Only 'free', 'standard' and 'partner' are allowed." - } -} - -variable "service_plan__sap_launchpad" { - type = string - description = "The plan for service 'SAP Build Work Zone, standard edition' with technical name 'SAPLaunchpad'" - default = "standard" - validation { - condition = contains(["standard"], var.service_plan__sap_launchpad) - error_message = "Invalid value for service_plan__sap_launchpad. Only 'standard' is allowed." - } -} - variable "service_plan__destination" { type = string description = "The plan for service 'Destination Service' with technical name 'destination'" @@ -69,6 +55,19 @@ variable "service_plan__destination" { } } +variable "service_plan__application_runtime" { + type = string + description = "The plan for service 'Cloud Foundry Runtime' with technical name 'APPLICATION_RUNTIME'" + default = "MEMORY" + validation { + condition = contains(["MEMORY"], var.service_plan__application_runtime) + error_message = "Invalid value for service_plan__application_runtime. Only 'MEMORY' is allowed." + } +} + +# ------------------------------------------------------------------------------------------------------ +# app subscription plans +# ------------------------------------------------------------------------------------------------------ variable "service_plan__sap_identity_services_onboarding" { type = string description = "The plan for service 'Cloud Identity Services' with technical name 'sap-identity-services-onboarding'" @@ -79,6 +78,26 @@ variable "service_plan__sap_identity_services_onboarding" { } } +variable "service_plan__sap_build_apps" { + type = string + description = "The plan for SAP Build Apps subscription" + default = "free" + validation { + condition = contains(["free", "standard", "partner"], var.service_plan__sap_build_apps) + error_message = "Invalid value for service_plan__sap_build_apps. Only 'free', 'standard' and 'partner' are allowed." + } +} + +variable "service_plan__sap_launchpad" { + type = string + description = "The plan for service 'SAP Build Work Zone, standard edition' with technical name 'SAPLaunchpad'" + default = "standard" + validation { + condition = contains(["standard"], var.service_plan__sap_launchpad) + error_message = "Invalid value for service_plan__sap_launchpad. Only 'standard' is allowed." + } +} + # ------------------------------------------------------------------------------------------------------ # User lists # ------------------------------------------------------------------------------------------------------ diff --git a/released/discovery_center/mission_4024_trial/step2/sample.tfvars b/released/discovery_center/mission_4024_trial/step2/sample.tfvars index b16acea0..326124dd 100644 --- a/released/discovery_center/mission_4024_trial/step2/sample.tfvars +++ b/released/discovery_center/mission_4024_trial/step2/sample.tfvars @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------------ # Account settings # ------------------------------------------------------------------------------------------------------ -globalaccount = "<>" -subaccount_id = "<>" +globalaccount = "" // trial-ga +subaccount_id = ""