Blaimi
commented
1 year ago The feature is not officially documented yet but the solution that you had noted in your GitHub post should work for you:
Officially documentation is being worked on, but we have no ETA as to when it will be released.
– IBM via support ticket. I's disgraceful to get an answer based on a self-delivered stackoverflow-question after twelve days and multiple explanations of the problem.
I got it running with this configuration (simplified)
resource "ibm_resource_instance" "key_protect_instance" {
name = "name-your-kp-instance"
resource_group_id = data.ibm_resource_group.resource_group.id
service = "kms"
plan = "tiered-pricing"
location = local.ibm_region
}
resource "ibm_kms_key" "appid_root_key" {
instance_id = ibm_resource_instance.key_protect_instance.guid
key_name = "appid-root-key"
standard_key = false
endpoint_type = "private"
}
resource "ibm_iam_authorization_policy" "appid_kms" {
source_service_name = "appid"
target_service_name = "kms"
target_resource_instance_id = ibm_resource_instance.key_protect_instance.guid
roles = ["Reader"]
}
resource "ibm_resource_instance" "appid_instance" {
name = "name-your-appid-instance"
resource_group_id = data.ibm_resource_group.resource_group.id
service = "appid"
plan = "graduated-tier"
location = local.ibm_region
parameters = {
kms_info = jsonencode({
id = ibm_resource_instance.key_protect_instance.guid
url = "https://${local.ibm_region}.kms.cloud.ibm.com"
})
tek_id = ibm_kms_key.appid_root_key.crn
}
}
hlucey
Hi,
I want to create an App ID Instance via terraform/schematics and use my own kms configuration. Sadly I cannot find the parameters-configuration to use when creating the service.
Links: