Release 0.1.7 (#9)

* Replace README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Release 0.1.4 * Release 0.1.5 * feat: public key string now supported * fix: correct attr name is type * doc: Updated License file * doc: Updated Readme * doc: Updated Contributing * doc: Added Security file * Update README.md * feat: release notes and release bump * Update tf version and corresponding documentations * update providers.tf in examples * chore: release notes and version bump * feat: module tag updated to ocilz-terraform-module * chore: release notes and SPECs updated --------- Signed-off-by: Andre Correa <andre.correa@oracle.com> Co-authored-by: CINTHIA JIMENEZ <cinthia.jimenez@oracle.com> Co-authored-by: Josh Hammer <josh.hammer@oracle.com> Co-authored-by: Yupei Yang <yupei.yang@oracle.com>
oci-landing-zones · Aug 28, 2024 · 920ce47 · 920ce47
1 parent 6ee68fc
commit 920ce47
Show file tree

Hide file tree

Showing 28 changed files with 60 additions and 121 deletions.
diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md
@@ -1,11 +1,16 @@
+# August 27, 2024 Release Notes - 0.1.7
+
+## Updates
+1. All modules now require Terraform binary equal or greater than 1.3.0.
+2. *cislz-terraform-module* tag renamed to *ocilz-terraform-module*.
+
 # July 19, 2024 Release Notes - 0.1.6
 
 ## Updates
 1. Aligned [README.md](./README.md) structure to Oracle's GitHub organizations requirements.
 2. [Bastion module](./bastion/)
     - In addition to an SSH public key path, an SSH public key literal string can now be used for defining Bastion sessions (*default_ssh_public_key* and *ssh_public_key* attributes).
 
-
 # May 22, 2024 Release Notes - 0.1.5
 
 ## Updates

diff --git a/bastion/README.md b/bastion/README.md
@@ -19,6 +19,12 @@ Check the [examples](./examples/) folder for actual module usage.
 - [Known Issues](#issues)
 
 ## <a name="requirements">Requirements</a>
+
+### Terraform Version >= 1.3.0
+This module requires Terraform binary version 1.3.0 or greater, as it relies on Optional Object Type Attributes feature. 
+The feature shortens the amount of input values in complex object types, by having Terraform automatically inserting a 
+default value for any missing optional attributes.
+
 ### IAM Permissions
 
 This module requires the following IAM permissions:

diff --git a/bastion/metadata.tf b/bastion/metadata.tf
@@ -3,5 +3,5 @@
 
 #-- Used to inform module and release number.
 locals {
-    cislz_module_tag = {"cislz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
+    cislz_module_tag = {"ocilz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
 }
diff --git a/cloud-guard/README.md b/cloud-guard/README.md
@@ -15,6 +15,12 @@ Check the [examples](./examples/) folder for fully runnable examples.
 - [Known Issues](#issues)
 
 ## <a name="requirements">Requirements</a>
+
+### Terraform Version >= 1.3.0
+This module requires Terraform binary version 1.3.0 or greater, as it relies on Optional Object Type Attributes feature.
+The feature shortens the amount of input values in complex object types, by having Terraform automatically inserting a
+default value for any missing optional attributes.
+
 ### IAM Permissions
 
 This module requires the following OCI IAM permission:
@@ -23,27 +29,6 @@ This module requires the following OCI IAM permission:
 allow group <group> to manage cloud-guard-family in tenancy
 ```
 
-### Terraform Version < 1.3.x and Optional Object Type Attributes
-This module relies on [Terraform Optional Object Type Attributes feature](https://developer.hashicorp.com/terraform/language/expressions/type-constraints#optional-object-type-attributes), which is experimental from Terraform 0.14.x to 1.2.x. It shortens the amount of input values in complex object types, by having Terraform automatically inserting a default value for any missing optional attributes. The feature has been promoted and it is no longer experimental in Terraform 1.3.x.
-
-**As is, this module can only be used with Terraform versions up to 1.2.x**, because it can be consumed by other modules via [OCI Resource Manager service](https://docs.oracle.com/en-us/iaas/Content/ResourceManager/home.htm), that still does not support Terraform 1.3.x.
-
-Upon running *terraform plan* with Terraform versions prior to 1.3.x, Terraform displays the following warning:
-```
-Warning: Experimental feature "module_variable_optional_attrs" is active
-```
-
-Note the warning is harmless. The code has been tested with Terraform 1.3.x and the implementation is fully compatible.
-
-If you really want to use Terraform 1.3.x, in [providers.tf](./providers.tf):
-1. Change the terraform version requirement to:
-```
-required_version = ">= 1.3.0"
-```
-2. Remove the line:
-```
-experiments = [module_variable_optional_attrs]
-```
 ## <a name="invoke">How to Invoke the Module</a>
 
 Terraform modules can be invoked locally or remotely. 

diff --git a/cloud-guard/SPEC.md b/cloud-guard/SPEC.md
@@ -2,7 +2,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | < 1.3.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
 
 ## Providers
 

diff --git a/cloud-guard/examples/external_dependency/providers.tf b/cloud-guard/examples/external_dependency/providers.tf
@@ -11,11 +11,10 @@ provider "oci" {
 }
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source = "oracle/oci"
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/cloud-guard/examples/vision/providers.tf b/cloud-guard/examples/vision/providers.tf
@@ -11,11 +11,10 @@ provider "oci" {
 }
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source = "oracle/oci"
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/cloud-guard/metadata.tf b/cloud-guard/metadata.tf
@@ -3,5 +3,5 @@
 
 #-- Used to inform module and release number.
 locals {
-    cislz_module_tag = {"cislz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
+    cislz_module_tag = {"ocilz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
 }    
diff --git a/cloud-guard/providers.tf b/cloud-guard/providers.tf
@@ -2,11 +2,10 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source  = "oracle/oci"
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/release.txt b/release.txt
@@ -1 +1 @@
-0.1.6
+0.1.7
diff --git a/security-zones/README.md b/security-zones/README.md
@@ -15,6 +15,12 @@ Check the [examples](./examples/) folder for fully runnable examples.
 - [Known Issues](#issues)
 
 ## <a name="requirements">Requirements</a>
+
+### Terraform Version >= 1.3.0
+This module requires Terraform binary version 1.3.0 or greater, as it relies on Optional Object Type Attributes feature.
+The feature shortens the amount of input values in complex object types, by having Terraform automatically inserting a
+default value for any missing optional attributes.
+
 ### IAM Permissions
 
 This module requires the following OCI IAM permission:
@@ -23,27 +29,6 @@ This module requires the following OCI IAM permission:
 allow group <group> to manage cloud-guard-family in tenancy
 ```
 
-### Terraform Version < 1.3.x and Optional Object Type Attributes
-This module relies on [Terraform Optional Object Type Attributes feature](https://developer.hashicorp.com/terraform/language/expressions/type-constraints#optional-object-type-attributes), which is experimental from Terraform 0.14.x to 1.2.x. It shortens the amount of input values in complex object types, by having Terraform automatically inserting a default value for any missing optional attributes. The feature has been promoted and it is no longer experimental in Terraform 1.3.x.
-
-**As is, this module can only be used with Terraform versions up to 1.2.x**, because it can be consumed by other modules via [OCI Resource Manager service](https://docs.oracle.com/en-us/iaas/Content/ResourceManager/home.htm), that still does not support Terraform 1.3.x.
-
-Upon running *terraform plan* with Terraform versions prior to 1.3.x, Terraform displays the following warning:
-```
-Warning: Experimental feature "module_variable_optional_attrs" is active
-```
-
-Note the warning is harmless. The code has been tested with Terraform 1.3.x and the implementation is fully compatible.
-
-If you really want to use Terraform 1.3.x, in [providers.tf](./providers.tf):
-1. Change the terraform version requirement to:
-```
-required_version = ">= 1.3.0"
-```
-2. Remove the line:
-```
-experiments = [module_variable_optional_attrs]
-```
 ## <a name="invoke">How to Invoke the Module</a>
 
 Terraform modules can be invoked locally or remotely. 

diff --git a/security-zones/SPEC.md b/security-zones/SPEC.md
@@ -2,7 +2,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | < 1.3.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
 
 ## Providers
 

diff --git a/security-zones/examples/external_dependency/providers.tf b/security-zones/examples/external_dependency/providers.tf
@@ -11,11 +11,10 @@ provider "oci" {
 }
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source = "oracle/oci"
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/security-zones/examples/vision/providers.tf b/security-zones/examples/vision/providers.tf
@@ -11,11 +11,10 @@ provider "oci" {
 }
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source = "oracle/oci"
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/security-zones/metadata.tf b/security-zones/metadata.tf
@@ -3,5 +3,5 @@
 
 #-- Used to inform module and release number.
 locals {
-    cislz_module_tag = {"cislz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
+    cislz_module_tag = {"ocilz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
 }    
diff --git a/security-zones/providers.tf b/security-zones/providers.tf
@@ -2,11 +2,10 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source  = "oracle/oci"
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/vaults/README.md b/vaults/README.md
@@ -1,4 +1,4 @@
-# OCI Landing Zone Vaults (a.k.a. KMS) Module
+# OCI Landing Zones Vaults (a.k.a. KMS) Module
 
 ![Landing Zone logo](../landing_zone_300.png)
 
@@ -15,6 +15,12 @@ Check the [examples](./examples/) folder for fully runnable examples.
 - [Known Issues](#issues)
 
 ## <a name="requirements">Requirements</a>
+
+### Terraform Version >= 1.3.0
+This module requires Terraform binary version 1.3.0 or greater, as it relies on Optional Object Type Attributes feature.
+The feature shortens the amount of input values in complex object types, by having Terraform automatically inserting a
+default value for any missing optional attributes.
+
 ### IAM Permissions
 
 This module requires the following OCI IAM permissions in the compartments where vaults and keys are defined. 
@@ -26,27 +32,6 @@ allow group <group> to manage policies in compartment <key-compartment-name>
 allow group <group> to inspect compartments in tenancy
 ```
 
-### Terraform Version < 1.3.x and Optional Object Type Attributes
-This module relies on [Terraform Optional Object Type Attributes feature](https://developer.hashicorp.com/terraform/language/expressions/type-constraints#optional-object-type-attributes), which is experimental from Terraform 0.14.x to 1.2.x. It shortens the amount of input values in complex object types, by having Terraform automatically inserting a default value for any missing optional attributes. The feature has been promoted and it is no longer experimental in Terraform 1.3.x.
-
-**As is, this module can only be used with Terraform versions up to 1.2.x**, because it can be consumed by other modules via [OCI Resource Manager service](https://docs.oracle.com/en-us/iaas/Content/ResourceManager/home.htm), that still does not support Terraform 1.3.x.
-
-Upon running *terraform plan* with Terraform versions prior to 1.3.x, Terraform displays the following warning:
-```
-Warning: Experimental feature "module_variable_optional_attrs" is active
-```
-
-Note the warning is harmless. The code has been tested with Terraform 1.3.x and the implementation is fully compatible.
-
-If you really want to use Terraform 1.3.x, in [providers.tf](./providers.tf):
-1. Change the terraform version requirement to:
-```
-required_version = ">= 1.3.0"
-```
-2. Remove the line:
-```
-experiments = [module_variable_optional_attrs]
-```
 ## <a name="invoke">How to Invoke the Module</a>
 
 Terraform modules can be invoked locally or remotely. 

diff --git a/vaults/SPEC.md b/vaults/SPEC.md
@@ -2,7 +2,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | < 1.3.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
 
 ## Providers
 

diff --git a/vaults/examples/external_dependency/providers.tf b/vaults/examples/external_dependency/providers.tf
@@ -21,12 +21,11 @@ provider "oci" {
 }
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source = "oracle/oci"
       configuration_aliases = [oci.home]
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/vaults/examples/vision/providers.tf b/vaults/examples/vision/providers.tf
@@ -21,12 +21,11 @@ provider "oci" {
 }
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source = "oracle/oci"
       configuration_aliases = [oci.home]
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
diff --git a/vaults/metadata.tf b/vaults/metadata.tf
@@ -3,5 +3,5 @@
 
 #-- Used to inform module and release number.
 locals {
-    cislz_module_tag = {"cislz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
+    cislz_module_tag = {"ocilz-terraform-module" : fileexists("${path.module}/../release.txt") ? "${var.module_name}/${file("${path.module}/../release.txt")}" : "${var.module_name}"}
 }    
diff --git a/vaults/providers.tf b/vaults/providers.tf
@@ -2,14 +2,13 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 terraform {
-  required_version = "< 1.3.0"
+  required_version = ">= 1.3.0"
   required_providers {
     oci = {
       source  = "oracle/oci"
       configuration_aliases = [ oci, oci.home ] 
     }
   }
-  experiments = [module_variable_optional_attrs]
 }
 
 
diff --git a/vss/README.md b/vss/README.md
@@ -15,6 +15,12 @@ Check the [examples](./examples/) folder for fully runnable examples.
 - [Known Issues](#issues)
 
 ## <a name="requirements">Requirements</a>
+
+### Terraform Version >= 1.3.0
+This module requires Terraform binary version 1.3.0 or greater, as it relies on Optional Object Type Attributes feature.
+The feature shortens the amount of input values in complex object types, by having Terraform automatically inserting a
+default value for any missing optional attributes.
+
 ### IAM Permissions
 
 This module requires the following OCI IAM permissions in the compartments where VSS resources (recipes and targets) are managed.
@@ -37,29 +43,8 @@ allow service vulnerability-scanning-service to read vnic-attachments in tenancy
 
 ### Scanning
 
-Host scanning relies on Vulnerability Scanning cloud agent plugin enabled and running in target instances. After setting your host scanning targets using this module, make sure the plugin is available, enabled and running. In order to enable the plugin, the cloud agent needs an egress path to Oracle Services Network via a Service Gateway. Therefore, also make sure the subnet where the target instances are located have a route rule and security rule allowing such egress path. The [OCI Landing Zone Compute module](https://github.com/oracle-quickstart/terraform-oci-secure-workloads/tree/main/cis-compute-storage) aids in enabling cloud agent plugins.
-
-### Terraform Version < 1.3.x and Optional Object Type Attributes
-This module relies on [Terraform Optional Object Type Attributes feature](https://developer.hashicorp.com/terraform/language/expressions/type-constraints#optional-object-type-attributes), which is experimental from Terraform 0.14.x to 1.2.x. It shortens the amount of input values in complex object types, by having Terraform automatically inserting a default value for any missing optional attributes. The feature has been promoted and it is no longer experimental in Terraform 1.3.x.
-
-**As is, this module can only be used with Terraform versions up to 1.2.x**, because it can be consumed by other modules via [OCI Resource Manager service](https://docs.oracle.com/en-us/iaas/Content/ResourceManager/home.htm), that still does not support Terraform 1.3.x.
-
-Upon running *terraform plan* with Terraform versions prior to 1.3.x, Terraform displays the following warning:
-```
-Warning: Experimental feature "module_variable_optional_attrs" is active
-```
-
-Note the warning is harmless. The code has been tested with Terraform 1.3.x and the implementation is fully compatible.
+Host scanning relies on Vulnerability Scanning cloud agent plugin enabled and running in target instances. After setting your host scanning targets using this module, make sure the plugin is available, enabled and running. In order to enable the plugin, the cloud agent needs an egress path to Oracle Services Network via a Service Gateway. Therefore, also make sure the subnet where the target instances are located have a route rule and security rule allowing such egress path. The [OCI Landing Zones Compute module](https://github.com/oracle-quickstart/terraform-oci-secure-workloads/tree/main/cis-compute-storage) aids in enabling cloud agent plugins.
 
-If you really want to use Terraform 1.3.x, in [providers.tf](./providers.tf):
-1. Change the terraform version requirement to:
-```
-required_version = ">= 1.3.0"
-```
-2. Remove the line:
-```
-experiments = [module_variable_optional_attrs]
-```
 ## <a name="invoke">How to Invoke the Module</a>
 
 Terraform modules can be invoked locally or remotely.