3252 Polished the QAS enabled Mission

released/discovery_center/mission_3252/main.tf

@@ -1,61 +1,56 @@
-###############################################################################################
-# Setup of names in accordance to naming convention
-###############################################################################################
+# ------------------------------------------------------------------------------------------------------
+# Subaccount setup for DC mission 3252
+# ------------------------------------------------------------------------------------------------------
+# Setup subaccount domain (to ensure uniqueness in BTP global account)
 resource "random_uuid" "uuid" {}
 
 locals {
-  random_uuid               = random_uuid.uuid.result
-  project_subaccount_domain = lower(replace("mission-3252-${local.random_uuid}", "_", "-"))
+  random_uuid       = random_uuid.uuid.result
+  subaccount_domain = lower(replace("mission-3260-${local.random_uuid}", "_", "-"))
 }
 
-###############################################################################################
+# ------------------------------------------------------------------------------------------------------
 # Creation of subaccount
-###############################################################################################
+# ------------------------------------------------------------------------------------------------------
 resource "btp_subaccount" "dc_mission" {
+  count     = var.subaccount_id == "" ? 1 : 0
   name      = var.subaccount_name
-  subdomain = local.project_subaccount_domain
-  region    = lower(var.region)
+  subdomain = local.subaccount_domain
+  region    = var.region
 }
 
-###############################################################################################
-# Assignment of users as sub account administrators
-###############################################################################################
-resource "btp_subaccount_role_collection_assignment" "subaccount-admins" {
-  for_each             = toset("${var.subaccount_admins}")
-  subaccount_id        = btp_subaccount.dc_mission.id
-  role_collection_name = "Subaccount Administrator"
-  user_name            = each.value
+data "btp_subaccount" "dc_mission" {
+  id = var.subaccount_id != "" ? var.subaccount_id : btp_subaccount.dc_mission[0].id
 }
 
-###############################################################################################
-# Assignment of users as sub account service administrators
-###############################################################################################
-resource "btp_subaccount_role_collection_assignment" "subaccount-service-admins" {
-  for_each             = toset("${var.subaccount_service_admins}")
-  subaccount_id        = btp_subaccount.dc_mission.id
-  role_collection_name = "Subaccount Service Administrator"
-  user_name            = each.value
+# ------------------------------------------------------------------------------------------------------
+# SERVICES
+# ------------------------------------------------------------------------------------------------------
+#
+locals {
+  service_name__kymaruntime = "kymaruntime"
 }
 
-######################################################################
-# Setup Kyma
-######################################################################
+# ------------------------------------------------------------------------------------------------------
+# Setup kymaruntime (Kyma Runtime)
+# ------------------------------------------------------------------------------------------------------
+#
 data "btp_regions" "all" {}
 
-#we take the iaas provider for the first region associated with the subaccount 
+# we take the iaas provider for the first region associated with the subaccount 
 locals {
-  subaccount_iaas_provider = [for region in data.btp_regions.all.values : region if region.region == btp_subaccount.dc_mission.region][0].iaas_provider
+  subaccount_iaas_provider = [for region in data.btp_regions.all.values : region if region.region == data.btp_subaccount.dc_mission.region][0].iaas_provider
 }
-
+# Entitle
 resource "btp_subaccount_entitlement" "kymaruntime" {
-  subaccount_id = btp_subaccount.dc_mission.id
-  service_name  = "kymaruntime"
+  subaccount_id = data.btp_subaccount.dc_mission.id
+  service_name  = local.service_name__kymaruntime
   plan_name     = lower(local.subaccount_iaas_provider)
   amount        = 1
 }
 
 data "btp_subaccount_environments" "all" {
-  subaccount_id = btp_subaccount.dc_mission.id
+  subaccount_id = data.btp_subaccount.dc_mission.id
   depends_on    = [btp_subaccount_entitlement.kymaruntime]
 }
 
@@ -72,18 +67,42 @@ resource "null_resource" "cache_kyma_region" {
 
 locals {
   kyma_instance_parameters = var.kyma_instance_parameters != null ? var.kyma_instance_parameters : {
-    name   = btp_subaccount.dc_mission.subdomain
+    name   = data.btp_subaccount.dc_mission.subdomain
     region = null_resource.cache_kyma_region.triggers.region
   }
 }
 
 resource "btp_subaccount_environment_instance" "kyma" {
-  subaccount_id    = btp_subaccount.dc_mission.id
-  name             = var.kyma_instance_parameters != null ? var.kyma_instance_parameters.name : btp_subaccount.dc_mission.subdomain
+  subaccount_id    = data.btp_subaccount.dc_mission.id
+  name             = var.kyma_instance_parameters != null ? var.kyma_instance_parameters.name : data.btp_subaccount.dc_mission.subdomain
   environment_type = "kyma"
-  service_name     = "kymaruntime"
+  service_name     = local.service_name__kymaruntime
   plan_name        = lower(local.subaccount_iaas_provider)
   parameters       = jsonencode(local.kyma_instance_parameters)
   timeouts         = var.kyma_instance_timeouts
   depends_on       = [btp_subaccount_entitlement.kymaruntime]
 }
+
+# ------------------------------------------------------------------------------------------------------
+#  USERS AND ROLES
+# ------------------------------------------------------------------------------------------------------
+#
+# ------------------------------------------------------------------------------------------------------
+# Assign role collection "Subaccount Administrator"
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount_role_collection_assignment" "subaccount_admins" {
+  for_each             = toset(var.subaccount_admins)
+  subaccount_id        = data.btp_subaccount.dc_mission.id
+  role_collection_name = "Subaccount Administrator"
+  user_name            = each.value
+}
+
+# ------------------------------------------------------------------------------------------------------
+# Assign role collection "Subaccount Service Administrator"
+# ------------------------------------------------------------------------------------------------------
+resource "btp_subaccount_role_collection_assignment" "subaccount_service_admins" {
+  for_each             = toset(var.subaccount_service_admins)
+  subaccount_id        = data.btp_subaccount.dc_mission.id
+  role_collection_name = "Subaccount Service Administrator"
+  user_name            = each.value
+}

released/discovery_center/mission_3252/outputs.tf

@@ -1,3 +1,3 @@
 output "subaccount_id" {
-  value = btp_subaccount.dc_mission.id
+  value = data.btp_subaccount.dc_mission.id
 }

released/discovery_center/mission_3252/provider.tf

@@ -12,7 +12,7 @@ terraform {
 provider "btp" {
   # Uncomment the idp in case you need it to connect to your global account
   # -------------------------------------------------------------------------
-  idp            = var.custom_idp
+  #idp           = var.custom_idp
   globalaccount  = var.globalaccount
   cli_server_url = var.cli_server_url
 }

released/discovery_center/mission_3252/sample.tfvars

@@ -0,0 +1,27 @@
+# ------------------------------------------------------------------------------------------------------
+# Provider configuration
+# ------------------------------------------------------------------------------------------------------
+custom_idp = "<<tenant-id>>.accounts.ondemand.com"
+
+# ------------------------------------------------------------------------------------------------------
+# Account settings
+# ------------------------------------------------------------------------------------------------------
+globalaccount   = "<your-global-account-subdomain>"
+region          = "eu10"
+subaccount_name = "SAP Discovery Center Mission 3252"
+
+# ------------------------------------------------------------------------------------------------------
+# Use case specific configuration
+# ------------------------------------------------------------------------------------------------------
+subaccount_admins         = ["another-user@test.com", "you@test.com"]
+subaccount_service_admins = ["another-user@test.com", "you@test.com"]
+
+# Kyma instance parameters. When set to null, the name will be set to the subaccount subdomain and the
+# first available cluster region for the subaccount will be selected.
+kyma_instance_parameters = {
+  name            = "my-kyma-environment"
+  region          = "eu-central-1"
+  machine_type    = "mx5.xlarge"
+  auto_scaler_min = 3
+  auto_scaler_max = 20
+}

released/discovery_center/mission_3252/variables.tf

@@ -1,47 +1,44 @@
-######################################################################
-# Customer account setup
-######################################################################
-# subaccount
+# ------------------------------------------------------------------------------------------------------
+# Account variables
+# ------------------------------------------------------------------------------------------------------
 variable "globalaccount" {
   type        = string
-  description = "The globalaccount subdomain."
-}
-# subaccount
-variable "subaccount_name" {
-  type        = string
-  description = "The subaccount name."
-  default     = "DC Mission 3252 - Get Started with SAP BTP, Kyma runtime creating a Hello-World Function"
-}
-# Region
-variable "region" {
-  type        = string
-  description = "The region where the project account shall be created in."
-  default     = "eu10"
+  description = "The globalaccount subdomain where the sub account shall be created."
 }
 
-# CLI server
 variable "cli_server_url" {
   type        = string
   description = "The BTP CLI server URL."
-  default     = "https://cpcli.cf.eu10.hana.ondemand.com"
+  default     = "https://cli.btp.cloud.sap"
 }
 
 variable "custom_idp" {
   type        = string
-  description = "Defines the custom IDP to be used for the subaccount."
+  description = "The custom identity provider for the subaccount."
   default     = ""
 }
 
-variable "subaccount_admins" {
-  type        = list(string)
-  description = "Defines the colleagues who are added to each subaccount as subaccount administrators."
+variable "region" {
+  type        = string
+  description = "The region where the subaccount shall be created in."
+  default     = "eu10"
 }
 
-variable "subaccount_service_admins" {
-  type        = list(string)
-  description = "Defines the colleagues who are added to each subaccount as subaccount service administrators."
+variable "subaccount_name" {
+  type        = string
+  description = "The subaccount name."
+  default     = "My SAP DC mission subaccount."
+}
+
+variable "subaccount_id" {
+  type        = string
+  description = "The subaccount ID."
+  default     = ""
 }
 
+# ------------------------------------------------------------------------------------------------------
+# service parameters
+# ------------------------------------------------------------------------------------------------------
 variable "kyma_instance_parameters" {
   type = object({
     name            = string
@@ -74,4 +71,17 @@ variable "kyma_instance_timeouts" {
     update = "35m"
     delete = "1h"
   }
+}
+
+# ------------------------------------------------------------------------------------------------------
+# User lists
+# ------------------------------------------------------------------------------------------------------
+variable "subaccount_admins" {
+  type        = list(string)
+  description = "Defines the users who are added to subaccount as administrators."
+}
+
+variable "subaccount_service_admins" {
+  type        = list(string)
+  description = "Defines the users who are added to subaccount as service administrators."
 }