fix: Update text for inputs and outputs (#38)

* Update text for inputs and outputs

* update test stays as standard cos_plan

* set expiry days back to 7 for update test until  is supported by cos module

* update descriptions and docs link

* rename reference-architecture directory

* Add reference architecture documentation

* update cloudability_custom_role_name description

* address reviewer comments

.gitignore

@@ -66,6 +66,10 @@ terraform.rc
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
 
+# Draw.io files
+*.drawio.bkp
+*.drawio.dtmp
+
 # Dependency directories (remove the comment below to include it)
 # vendor/
 

main.tf

@@ -11,12 +11,14 @@ data "ibm_enterprises" "enterprises" {
   }
 }
 locals {
-  should_fetch_enterprise = var.is_enterprise_account && var.enterprise_id == null
-  enterprise              = local.should_fetch_enterprise ? data.ibm_enterprises.enterprises[0].enterprises[0] : null
-  enterprise_id           = local.enterprise != null ? local.enterprise.id : var.enterprise_id
-  enterprise_account_id   = data.ibm_iam_account_settings.billing_exports_account.account_id
-  cos_bucket_crn          = module.cos_bucket.bucket_crn
-  bucket_storage_class    = var.cos_plan == "cos-one-rate-plan" ? "onerate_active" : var.bucket_storage_class
+  should_fetch_enterprise     = var.is_enterprise_account && var.enterprise_id == null
+  enterprise                  = local.should_fetch_enterprise ? data.ibm_enterprises.enterprises[0].enterprises[0] : null
+  enterprise_id               = local.enterprise != null ? local.enterprise.id : var.enterprise_id
+  enterprise_account_id       = data.ibm_iam_account_settings.billing_exports_account.account_id
+  cos_bucket_crn              = module.cos_bucket.bucket_crn
+  bucket_storage_class        = var.cos_plan == "cos-one-rate-plan" ? "onerate_active" : var.bucket_storage_class
+  create_key_protect_instance = var.existing_kms_instance_guid == null
+  create_cos_instance         = var.existing_cos_instance_id == null
 }
 
 module "resource_group" {
@@ -35,11 +37,11 @@ module "cos_bucket" {
   resource_group_id                   = module.resource_group.resource_group_id
   resource_tags                       = var.resource_tags
   region                              = var.region
-  create_key_protect_instance         = var.create_key_protect_instance
+  create_key_protect_instance         = local.create_key_protect_instance
   key_protect_instance_name           = var.key_protect_instance_name
   key_ring_name                       = var.key_ring_name
   key_name                            = var.key_name
-  create_cos_instance                 = var.create_cos_instance
+  create_cos_instance                 = local.create_cos_instance
   cos_instance_name                   = var.cos_instance_name
   cos_plan                            = var.cos_plan
   access_tags                         = var.access_tags
@@ -103,7 +105,7 @@ module "cloudability_onboarding" {
     restapi = restapi.cloudability
   }
   source = "./modules/cloudability-onboarding"
-  # needed to execute an ibmcloud cli script to check that billing exports have been writted to the cos bucket
+  # needed to execute an ibmcloud cli script to check that billing exports have been writted to the Object Storage bucket
   ibmcloud_api_key    = var.ibmcloud_api_key
   cos_bucket_prefix   = var.cos_folder
   cos_bucket_location = var.region

modules/billing-exports/README.md

@@ -90,9 +90,9 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_billing_account_id"></a> [billing\_account\_id](#input\_billing\_account\_id) | Account id which billing exports are enabled in. Defaults to the account id of the api key | `string` | `null` | no |
-| <a name="input_cos_bucket_crn"></a> [cos\_bucket\_crn](#input\_cos\_bucket\_crn) | CRN of the COS bucket | `string` | n/a | yes |
-| <a name="input_cos_bucket_location"></a> [cos\_bucket\_location](#input\_cos\_bucket\_location) | location of the cos bucket | `string` | n/a | yes |
-| <a name="input_cos_folder"></a> [cos\_folder](#input\_cos\_folder) | Folder in the COS bucket to store the account data | `string` | `"IBMCloud-Billing-Reports"` | no |
+| <a name="input_cos_bucket_crn"></a> [cos\_bucket\_crn](#input\_cos\_bucket\_crn) | CRN of the Object Storage bucket | `string` | n/a | yes |
+| <a name="input_cos_bucket_location"></a> [cos\_bucket\_location](#input\_cos\_bucket\_location) | location of the Object Storage bucket | `string` | n/a | yes |
+| <a name="input_cos_folder"></a> [cos\_folder](#input\_cos\_folder) | Folder in the Object Storage bucket to store the account data | `string` | `"IBMCloud-Billing-Reports"` | no |
 | <a name="input_interval"></a> [interval](#input\_interval) | Billing granularity | `string` | `"daily"` | no |
 | <a name="input_report_types"></a> [report\_types](#input\_report\_types) | billing report types | `list(string)` | `null` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | resource\_group\_id for the polcicy creation of the service to service authorization | `string` | `null` | no |

modules/billing-exports/variables.tf

@@ -16,12 +16,12 @@ variable "resource_group_id" {
 
 variable "cos_bucket_crn" {
   type        = string
-  description = "CRN of the COS bucket"
+  description = "CRN of the Object Storage bucket"
 }
 
 variable "cos_bucket_location" {
   type        = string
-  description = "location of the cos bucket"
+  description = "location of the Object Storage bucket"
 }
 
 variable "interval" {
@@ -32,7 +32,7 @@ variable "interval" {
 
 variable "cos_folder" {
   type        = string
-  description = "Folder in the COS bucket to store the account data"
+  description = "Folder in the Object Storage bucket to store the account data"
   default     = "IBMCloud-Billing-Reports"
 }
 

modules/cloudability-bucket-access/README.md

@@ -1,5 +1,5 @@
 <!-- Update the title -->
-# Apptio cloudability COS bucket access
+# Apptio cloudability Object Storage bucket access
 
 <!-- Add a description of module(s) in this repo -->
 This module grants the IBM Cloudability ServiceID access to the bucket containing the billing exports (see [Exporting your usage data for continual insights](https://cloud.ibm.com/docs/billing-usage?topic=billing-usage-exporting-your-usage&interface=terraform)). The module uses [iam custom roles](https://cloud.ibm.com/docs/account?topic=account-custom-roles&interface=ui) so that Apptio cloudability has only the minimum required access to the storage bucket.
@@ -87,9 +87,9 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_bucket_crn"></a> [bucket\_crn](#input\_bucket\_crn) | crn of the cos bucket. Required if policy\_granularity is `resource` or `instance` | `string` | `null` | no |
-| <a name="input_cloudability_custom_role_name"></a> [cloudability\_custom\_role\_name](#input\_cloudability\_custom\_role\_name) | name of the custom role created access granted to cloudability service id to read from the billing reports cos bucket | `string` | `"CloudabilityStorageCustomRole"` | no |
-| <a name="input_policy_granularity"></a> [policy\_granularity](#input\_policy\_granularity) | Whether access to the cos bucket is controlled at the bucket (resource), cos instance (serviceInstance), or resource-group (resourceGroup). Note: `resource_group_id` is required in the case of the `resourceGroup`. `bucket_crn` is required otherwise. | `string` | `"resource"` | no |
+| <a name="input_bucket_crn"></a> [bucket\_crn](#input\_bucket\_crn) | crn of the Object Storage bucket. Required if policy\_granularity is `resource` or `instance` | `string` | `null` | no |
+| <a name="input_cloudability_custom_role_name"></a> [cloudability\_custom\_role\_name](#input\_cloudability\_custom\_role\_name) | Name of the custom role which grants access to the Cloudability service id to read the billing reports from the object storage bucket | `string` | `"CloudabilityStorageCustomRole"` | no |
+| <a name="input_policy_granularity"></a> [policy\_granularity](#input\_policy\_granularity) | Whether access to the Object Storage bucket is controlled at the bucket (resource), cos instance (serviceInstance), or resource-group (resourceGroup). Note: `resource_group_id` is required in the case of the `resourceGroup`. `bucket_crn` is required otherwise. | `string` | `"resource"` | no |
 | <a name="input_resource_group_id"></a> [resource\_group\_id](#input\_resource\_group\_id) | The resource group that the cos buckets are deployed in. Required if `policy_granularity` is "resource-group". Not used otherwise. | `string` | `null` | no |
 | <a name="input_use_existing_iam_custom_role"></a> [use\_existing\_iam\_custom\_role](#input\_use\_existing\_iam\_custom\_role) | Whether the iam\_custom\_roles should be created or if they already exist and the they should be linked with a datasource | `bool` | `false` | no |
 

modules/cloudability-bucket-access/variables.tf

@@ -1,6 +1,6 @@
 variable "bucket_crn" {
   type        = string
-  description = "crn of the cos bucket. Required if policy_granularity is `resource` or `instance`"
+  description = "crn of the Object Storage bucket. Required if policy_granularity is `resource` or `instance`"
   default     = null
 }
 
@@ -12,7 +12,7 @@ variable "resource_group_id" {
 
 variable "policy_granularity" {
   type        = string
-  description = "Whether access to the cos bucket is controlled at the bucket (resource), cos instance (serviceInstance), or resource-group (resourceGroup). Note: `resource_group_id` is required in the case of the `resourceGroup`. `bucket_crn` is required otherwise. "
+  description = "Whether access to the Object Storage bucket is controlled at the bucket (resource), cos instance (serviceInstance), or resource-group (resourceGroup). Note: `resource_group_id` is required in the case of the `resourceGroup`. `bucket_crn` is required otherwise. "
   default     = "resource"
   validation {
     condition     = contains(["resource", "serviceInstance", "resourceGroup"], var.policy_granularity)
@@ -28,6 +28,6 @@ variable "use_existing_iam_custom_role" {
 
 variable "cloudability_custom_role_name" {
   type        = string
-  description = "name of the custom role created access granted to cloudability service id to read from the billing reports cos bucket"
+  description = "Name of the custom role which grants access to the Cloudability service id to read the billing reports from the object storage bucket"
   default     = "CloudabilityStorageCustomRole"
 }

modules/cloudability-enterprise-access/README.md

@@ -31,7 +31,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_cloudability_custom_role_name"></a> [cloudability\_custom\_role\_name](#input\_cloudability\_custom\_role\_name) | name of the custom role to granting access to a cloudability service id to read the enterprise information | `string` | `"CloudabilityListAccCustomRole"` | no |
+| <a name="input_cloudability_custom_role_name"></a> [cloudability\_custom\_role\_name](#input\_cloudability\_custom\_role\_name) | Name of the custom role which grants access to the Cloudability service ID to read the enterprise information. Only used if `is_enterprise_account` is `true`. | `string` | `"CloudabilityListAccCustomRole"` | no |
 | <a name="input_enterprise_id"></a> [enterprise\_id](#input\_enterprise\_id) | Guid for the enterprise account id | `string` | `null` | no |
 | <a name="input_skip_cloudability_billing_policy"></a> [skip\_cloudability\_billing\_policy](#input\_skip\_cloudability\_billing\_policy) | Whether policy which grants cloudability access to view the billing service. This may be true if the policy already exists because it was created by a previous run. | `bool` | `false` | no |
 | <a name="input_use_existing_iam_custom_role"></a> [use\_existing\_iam\_custom\_role](#input\_use\_existing\_iam\_custom\_role) | Whether the iam\_custom\_roles should be created or if they already exist and the they should be linked with a datasource | `bool` | `false` | no |

modules/cloudability-enterprise-access/variables.tf

@@ -17,6 +17,6 @@ variable "skip_cloudability_billing_policy" {
 
 variable "cloudability_custom_role_name" {
   type        = string
-  description = "name of the custom role to granting access to a cloudability service id to read the enterprise information"
+  description = "Name of the custom role which grants access to the Cloudability service ID to read the enterprise information. Only used if `is_enterprise_account` is `true`."
   default     = "CloudabilityListAccCustomRole"
 }

modules/cloudability-onboarding/README.md

@@ -89,8 +89,8 @@ statement instead the previous block.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_cloudability_host"></a> [cloudability\_host](#input\_cloudability\_host) | IBM Cloudability host name as described in https://help.apptio.com/en-us/cloudability/api/v3/getting_started_with_the_cloudability.htm#authentication | `string` | `"api.cloudability.com"` | no |
-| <a name="input_cos_bucket_crn"></a> [cos\_bucket\_crn](#input\_cos\_bucket\_crn) | CRN of the COS bucket | `string` | n/a | yes |
-| <a name="input_cos_bucket_location"></a> [cos\_bucket\_location](#input\_cos\_bucket\_location) | Location of the cos bucket. | `string` | n/a | yes |
+| <a name="input_cos_bucket_crn"></a> [cos\_bucket\_crn](#input\_cos\_bucket\_crn) | CRN of the Object Storage bucket | `string` | n/a | yes |
+| <a name="input_cos_bucket_location"></a> [cos\_bucket\_location](#input\_cos\_bucket\_location) | Location of the Object Storage bucket. | `string` | n/a | yes |
 | <a name="input_cos_bucket_prefix"></a> [cos\_bucket\_prefix](#input\_cos\_bucket\_prefix) | name of the manifest file in the cost report | `string` | `"IBMCloud-Billing-Reports"` | no |
 | <a name="input_cos_instance_name"></a> [cos\_instance\_name](#input\_cos\_instance\_name) | The name to give the cloud object storage instance that will be provisioned by this module. If not specified then the instance name is retrieved from the instance crn from the bucket | `string` | `null` | no |
 | <a name="input_cost_report_name"></a> [cost\_report\_name](#input\_cost\_report\_name) | name of the manifest file in the cost report | `string` | `"manifest"` | no |

modules/cloudability-onboarding/scripts/wait_for_billing_exports.sh

@@ -22,7 +22,7 @@ for ((i = 1; i <= number_of_tries; i++)); do
   # Count is used to verify that a file exists in the bucket. It is parsed into a number
   # shellcheck disable=SC2034
   count=$(($(ibmcloud cos objects --bucket "$bucket_name" --prefix "$bucket_prefix" --region "$region" --json | jq -r  ".Contents? | length")+0))
-  echo "Waiting for billing reports to exist in cos bucket '$bucket_name'... ($${i}/$${number_of_tries})"
+  echo "Waiting for billing reports to exist in Object Storage bucket '$bucket_name'... ($${i}/$${number_of_tries})"
   # shellcheck disable=SC2071
   # shellcheck disable=SC2050
   if [[ count > 0 ]]; then

modules/cloudability-onboarding/variables.tf

@@ -18,12 +18,12 @@ variable "cost_report_name" {
 
 variable "cos_bucket_crn" {
   type        = string
-  description = "CRN of the COS bucket"
+  description = "CRN of the Object Storage bucket"
 }
 
 variable "cos_bucket_location" {
   type        = string
-  description = "Location of the cos bucket."
+  description = "Location of the Object Storage bucket."
 }
 
 variable "cos_bucket_prefix" {