https://github.com/terraform-ibm-modules/terraform-ibm-enterprise
Creates accounts and account-groups in an existing enterprise
https://github.com/terraform-ibm-modules/terraform-ibm-enterprise
core-team enterprise enterprise-account ibm-cloud supported terraform terraform-module
Last synced: about 2 months ago
JSON representation
Creates accounts and account-groups in an existing enterprise
- Host: GitHub
- URL: https://github.com/terraform-ibm-modules/terraform-ibm-enterprise
- Owner: terraform-ibm-modules
- License: apache-2.0
- Created: 2023-07-18T16:14:36.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-12-22T20:56:58.000Z (5 months ago)
- Last Synced: 2024-12-26T15:04:04.950Z (5 months ago)
- Topics: core-team, enterprise, enterprise-account, ibm-cloud, supported, terraform, terraform-module
- Language: HCL
- Size: 439 KB
- Stars: 0
- Watchers: 15
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# IBM Enterprise Account module
[-yellowgreen?style=plastic)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
[](https://github.com/terraform-ibm-modules/terraform-ibm-enterprise/releases/latest)
[](https://github.com/pre-commit/pre-commit)
[](https://renovatebot.com/)
[](https://github.com/semantic-release/semantic-release)
This is a collection of sub modules and which will take tree based enterprise inputs and create child accounts and account-groups in an enterprise
* [dynamic_values](submodules/dynamic_values)
* [enterprise_hierarchy](submodules/enterprise_hierarchy)
## Overview
* [terraform-ibm-enterprise](#terraform-ibm-enterprise)
* [Examples](./examples)
* [Advanced example](./examples/advanced)
* [Basic example](./examples/basic)
* [Contributing](#contributing)
## terraform-ibm-enterprise
### Usage
Full examples are in the [examples](./examples/) folder, but basic usage is as follows for creation of enterprise children is
```hcl
provider "ibm" {
ibmcloud_api_key = "XXXXXXXX" # pragma: allowlist secret
}
data "ibm_enterprises" "enterprise" {
name = "my-enterprise-account"
}
module "enterprise" {
source = "terraform-ibm-modules/terraform-ibm-enterprise"
enterprise_crn = data.ibm_enterprises.enterprise.enterprises[0].crn
enterprise_primary_contact_iam_id = data.ibm_enterprises.enterprise.enterprises[0].primary_contact_iam_id
enterprise_account_groups = [
{
key_name = "group-key-1"
name = "account_group_1"
parent_key_name = null
}]
enterprise_accounts = [
{
key_name = "acct-key-1"
name = "account_1"
parent_key_name = null
}
{
key_name = "acct-key-2"
name = "account_2"
parent_key_name = null
add_owner_iam_policies = true # this field enable child account to have IAM_APIKey with owner IAM policies
}
]
}
```
### Required IAM access policies
- Account Management
- **Enterprise** service
- `Administrator` platform access
### Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
| [ibm](#requirement\_ibm) | >= 1.65.0, < 2.0.0 |
### Modules
| Name | Source | Version |
|------|--------|---------|
| [dynamic\_values](#module\_dynamic\_values) | ./submodules/dynamic_values | n/a |
| [enterprise\_hierarchy\_depth\_0](#module\_enterprise\_hierarchy\_depth\_0) | ./submodules/enterprise_hierarchy | n/a |
| [enterprise\_hierarchy\_depth\_1](#module\_enterprise\_hierarchy\_depth\_1) | ./submodules/enterprise_hierarchy | n/a |
| [enterprise\_hierarchy\_depth\_2](#module\_enterprise\_hierarchy\_depth\_2) | ./submodules/enterprise_hierarchy | n/a |
### Resources
No resources.
### Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [enterprise\_account\_groups](#input\_enterprise\_account\_groups) | List of enterprise child account\_groups in the enterprise | `list(object({ name = string, key_name = string, parent_key_name = optional(string, null), owner_iam_id = optional(string, null) }))` | `[]` | no |
| [enterprise\_accounts](#input\_enterprise\_accounts) | List of enterprise child accounts in the enterprise | `list(object({ name = string, key_name = string, parent_key_name = optional(string, null), owner_iam_id = optional(string, null), add_owner_iam_policies = optional(bool, false) }))` | `[]` | no |
| [enterprise\_crn](#input\_enterprise\_crn) | The CRN of the parent Enterprise account to use. | `string` | n/a | yes |
| [enterprise\_primary\_contact\_iam\_id](#input\_enterprise\_primary\_contact\_iam\_id) | The IAM id of the parent Enterprise account owner. | `string` | n/a | yes |
### Outputs
| Name | Description |
|------|-------------|
| [enterprise\_account\_groups](#output\_enterprise\_account\_groups) | List of account groups created in an Enterprise |
| [enterprise\_accounts](#output\_enterprise\_accounts) | List of accounts created in an Enterprise |
| [enterprise\_accounts\_iam\_response](#output\_enterprise\_accounts\_iam\_response) | List of accounts created in an Enterprise |
## Contributing
You can report issues and request features for this module in GitHub issues in the module repo. See [Report an issue or request a feature](https://github.com/terraform-ibm-modules/.github/blob/main/.github/SUPPORT.md).
To set up your local development environment, see [Local development setup](https://terraform-ibm-modules.github.io/documentation/#/local-dev-setup) in the project documentation.