An EPX Deployable Architecture (DA) for adding an IBM Cloud account to a MCA instance. This DA provisions an IAM Service ID with the necessary permissions to pull resource and billing information.
❗ You will require a paid account to deploy this architecture into a private catalog.
pre-commit install
pre-commit run --all-filesterraform init
terraform plan
terraform applyThe API key to be used requires access to create Service IDs, API keys, and assign the following access policies:
| Service | Resources | Resource Group Access | Service Access | Platform Access |
|---|---|---|---|---|
| All Identity and Access enabled services | All resources | Viewer | Reader | Viewer |
| All Account Management services | - | - | - | Viewer |
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| external | 2.3.1 |
| graphql | 2.5.4 |
| ibm | 1.54.0 |
| Name | Version |
|---|---|
| external | 2.3.1 |
| graphql | 2.5.4 |
| ibm | 1.54.0 |
| Name | Source | Version |
|---|---|---|
| iam | ./iam | n/a |
| mapping_rules | ./mapping-rules | n/a |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ibmcloud_account_description | Brief description of the IBM Cloud account to be added to MCA. | string |
"Added with Terraform and GraphQL" |
no |
| ibmcloud_api_key | API key for the IBM Cloud account to be added to the MCA instance. Must have the necessary permissions to create Service IDs and API keys. | string |
n/a | yes |
| mca_account_owner_email | Email corresponding to the MCA contact to be assigned to the target IBM Cloud account. | string |
n/a | yes |
| mca_api_key_id | ID corresponding to the MCA API key to be used for accessing the target instance. Must have the Full Access role. | string |
n/a | yes |
| mca_api_key_secret | API key corresponding to the target MCA instance to add an account to. Must have the Full Access role. | string |
n/a | yes |
| region | Region to use with the IBM Cloud Terraform provider. | string |
"us-south" |
no |
| Name | Description |
|---|---|
| global_tag_keys_new | New list of application and environment tag keys set as Mapping Rules on MCA, after mutations have been applied. |