fix: update code comment around auth policy scoping (#506)

main.tf

@@ -80,11 +80,12 @@ locals {
 # Create Virtual Servers
 ##############################################################################
 
+# NOTE: The below auth policy cannot be scoped to a source resource group due to
+# the fact that the Block storage volume does not yet exist in the resource group.
+
 resource "ibm_iam_authorization_policy" "block_storage_policy" {
-  count               = var.kms_encryption_enabled == false || var.skip_iam_authorization_policy ? 0 : 1
-  source_service_name = "server-protect"
-  # commented the following as policy is not working as expected with this option. Related support case - https://cloud.ibm.com/unifiedsupport/cases?number=CS3514707
-  # source_resource_group_id  = var.resource_group_id
+  count                       = var.kms_encryption_enabled == false || var.skip_iam_authorization_policy ? 0 : 1
+  source_service_name         = "server-protect"
   target_service_name         = "hs-crypto"
   target_resource_instance_id = var.existing_kms_instance_guid
   roles                       = ["Reader"]

module-metadata.json

@@ -439,7 +439,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 83
+        "line": 86
       }
     },
     "ibm_is_floating_ip.secondary_fip": {
@@ -456,7 +456,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 161
+        "line": 162
       }
     },
     "ibm_is_floating_ip.vsi_fip": {
@@ -473,7 +473,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 153
+        "line": 154
       }
     },
     "ibm_is_instance.vsi": {
@@ -496,7 +496,7 @@
       },
       "pos": {
         "filename": "main.tf",
-        "line": 94
+        "line": 95
       }
     },
     "ibm_is_lb.lb": {