Security and Compliance Center Workload Protection module

A module for provisioning an IBM Cloud Security and Compliance Center Workload Protection instance. The module will always create a Manager resource key that connects to the SCC WP instance.

Overview

• terraform-ibm-scc-workload-protection
• Examples
  • Advanced example
  • Basic example
• Contributing

terraform-ibm-scc-workload-protection

Usage

module "scc_wp" {
  source                        = "terraform-ibm-modules/scc-workload-protection/ibm"
  version                       = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
  name                          = "my-scc-wp-service"
  region                        = "us-south"
  resource_group_id             = "65xxxxxxxxxxxxxxxa3fd"
  resource_key_tags             = ["scc-wp-tag"]
  cloud_monitoring_instance_crn = "crn:v1:bluemix:public:sysdig-monitor:us-south:a/xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX:xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX::"
}

Required IAM access policies

Requirements

Name	Version
terraform	>= 1.3.0
ibm	>= 1.58.1, <2.0.0

Modules

No modules.

Resources

Name	Type
ibm_resource_instance.scc_wp	resource
ibm_resource_key.scc_wp_resource_key	resource
ibm_resource_tag.scc_wp_access_tag	resource

Inputs

Name	Description	Type	Default	Required
access_tags	A list of access tags to apply to the SCC WP instance created by the module. For more information, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial.	list(string)	[]	no
cloud_monitoring_instance_crn	The CRN of an IBM Cloud Monitoring instance to connect to the SCC Workload Protection instance.	string	null	no
name	The name to give the SCC Workload Protection instance that will be provisioned by this module.	string	n/a	yes
region	IBM Cloud region where all resources will be deployed	string	"us-south"	no
resource_group_id	The resource group ID where resources will be provisioned.	string	n/a	yes
resource_key_name	The name to give the IBM Cloud SCC WP resource key.	string	"SCCWPManagerKey"	no
resource_key_tags	Tags associated with the IBM Cloud SCC WP resource key.	list(string)	[]	no
resource_tags	Optional list of tags to be added to created SCC WP instance.	list(string)	[]	no
scc_wp_service_plan	IBM service pricing plan.	string	"free-trial"	no

Outputs

Name	Description
access_key	Workload Protection instance access key.
api_endpoint	API endpoint.
crn	CRN of created SCC WP instance.
guid	GUID of created SCC WP instance.
id	ID of created SCC WP instance.
ingestion_endpoint	Ingestion endpoint.
name	Name of created SCC WP instance.

Contributing

You can report issues and request features for this module in GitHub issues in the module repo. See Report an issue or request a feature.

To set up your local development environment, see Local development setup in the project documentation.