Remove BTP_PROVIDER_SUBACCOUNT_ID input var (#38)

.gitignore

@@ -6,3 +6,4 @@ examples/*/.terraform.tfstate.lock.info
 terraform.tfstate
 examples/*/kubeconfig.yaml
 examples/*/terraform.tfstate.backup
+examples/*/*.tfvars

README.md

@@ -25,13 +25,11 @@ Terraform module that creates kyma runtime in SAP BTP platform.
 | BTP_BACKEND_URL            | false     | https://cli.btp.cloud.sap | URL of the BTP backend API (on canary environment this has to be set to  `https://cpcli.cf.sap.hana.ondemand.com`).                                |
 | BTP_KYMA_PLAN              | false     | azure                     | Use one of a valid kyma plans that you are entitled to use (One of: `azure`, `gcp`, `aws`,`sap-converged-cloud`)                                   |
 | BTP_KYMA_REGION            | false     | westeurope                | Use a valid kyma region that matches your selected kyma plan                                                                                       |
-| BTP_PROVIDER_SUBACCOUNT_ID | false     |                           | Use a UUID of a SAP BTP Subaccount where you already have a sharable service instances which you would like to reference in the new kyma runtime   |
 
 ### Outputs 
 
 | Name                               | Condition for output presence                                     | Description                                                                                                                                                             |
 |------------------------------------|-------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| custom_service_manager_credentials | Present only if `BTP _PROVIDER_SUBACCOUNT_ID` was given as input  | Contains json-decoded parts of the provider subaccount's service manager secret data. Allows to reference a shared service instances from another (provider) subaccount |
 | kubeconfig                         | Always                                                            | yaml-encoded parts of the output kubeconfig. It can be used to initialise terraform kubernetes provider in the root module                                              |
 | subaccount_id                      | Always                                                            | subaccount ID of the created subaccount. It can be used to forcefully cleanup the subaccount i.e via BTP CLI                                                            |
 

examples/kyma-on-btp-new-sa/local-template.tfvars → examples/kyma-on-btp-new-sa/.tfvars-template

@@ -21,5 +21,3 @@ BTP_CUSTOM_IAS_DOMAIN = ""
 BTP_KYMA_PLAN = ""
 # Must match options for given plan; i.e `westeurope` is a valid kyma region for kyma plan `azure`
 BTP_KYMA_REGION = ""
-#optional
-BTP_PROVIDER_SUBACCOUNT_ID = ""

examples/kyma-on-btp-new-sa/README.md

@@ -28,8 +28,7 @@ In this example a new subaccount is created automatically. Please ensure the fol
  - make sure that your custom SAP IAS tenant is trusted on global account level,
  - make sure that technical user (bot user) is added to the global account and is assigned a global account administrator role collection,
  - make sure the technical user is added to your custom SAP IAS tenant. 
- - if you decide to use provider subaccount in order to create disposable references to existing, shared instances of stateful services  (via `BTP_PROVIDER_SUBACCOUNT_ID` environment variable ) the bot user would need to have `Subaccount Viewer` role collection assigned in the provider subaccount.
-
+
 ## Run 
 Run the example:
 

examples/kyma-on-btp-new-sa/main.tf

@@ -35,11 +35,22 @@ module "kyma" {
   BTP_KYMA_REGION = var.BTP_KYMA_REGION
   BTP_BOT_USER = var.BTP_BOT_USER
   BTP_BOT_PASSWORD = var.BTP_BOT_PASSWORD
-  BTP_PROVIDER_SUBACCOUNT_ID = var.BTP_PROVIDER_SUBACCOUNT_ID
   BTP_NEW_SUBACCOUNT_REGION = var.BTP_NEW_SUBACCOUNT_REGION
   BTP_KYMA_MODULES = var.BTP_KYMA_MODULES
 }
 
 output "subaccount_id" {
   value = module.kyma.subaccount_id
 }
+
+output "service_instance_id" {
+  value = module.kyma.service_instance_id
+}
+
+output "service_id" {
+  value = module.kyma.service_id
+}
+
+output "platform_id" {
+  value = module.kyma.platform_id
+}

examples/kyma-on-btp-new-sa/variables.tf

@@ -62,12 +62,6 @@ variable "BTP_KYMA_REGION" {
   default     = "westeurope"
 }
 
-variable "BTP_PROVIDER_SUBACCOUNT_ID" {
-  type        = string
-  description = "Subaccount ID"
-  default = null
-}
-
 variable "BTP_KYMA_MODULES" {
   type = list(object({
     name = string

examples/kyma-on-btp-reuse-sa/local-template.tfvars → examples/kyma-on-btp-reuse-sa/.tfvars-template

@@ -18,5 +18,3 @@ BTP_CUSTOM_IAS_DOMAIN = ""
 BTP_KYMA_PLAN = ""
 # Must match options for given plan; i.e `westeurope` is a valid kyma region for kyma plan `azure`
 BTP_KYMA_REGION = ""
-#optional
-BTP_PROVIDER_SUBACCOUNT_ID = ""

examples/kyma-on-btp-reuse-sa/README.md

@@ -28,7 +28,6 @@ In this example a new subaccount is not created automaticallu but an existing su
  - make sure that your custom SAP IAS tenant is trusted on subbaccount level,
  - make sure that technical user (bot user) is added to the subaccount and is assigned a subaccount administrator role collection,
  - make sure the technical user is added to your custom SAP IAS tenant. 
- - if you decide to use provider subaccount in order to create disposable references to existing, shared instances of stateful services  (via `BTP_PROVIDER_SUBACCOUNT_ID` environment variable ) the bot user would need to have `Subaccount Viewer` role collection assigned in the provider subaccount.
 
 ## Run 
 Run the example:

examples/kyma-on-btp-reuse-sa/main.tf

@@ -34,6 +34,5 @@ module "kyma" {
   BTP_KYMA_REGION = var.BTP_KYMA_REGION
   BTP_BOT_USER = var.BTP_BOT_USER
   BTP_BOT_PASSWORD = var.BTP_BOT_PASSWORD
-  BTP_PROVIDER_SUBACCOUNT_ID = var.BTP_PROVIDER_SUBACCOUNT_ID
   BTP_USE_SUBACCOUNT_ID = var.BTP_USE_SUBACCOUNT_ID
 }

examples/kyma-on-btp-reuse-sa/variables.tf

@@ -55,8 +55,3 @@ variable "BTP_KYMA_REGION" {
   default     = "westeurope"
 }
 
-variable "BTP_PROVIDER_SUBACCOUNT_ID" {
-  type        = string
-  description = "Subaccount ID"
-  default = null
-}

main.tf

@@ -43,6 +43,15 @@ resource "btp_subaccount_environment_instance" "kyma" {
   }
 }
 
+data "btp_subaccount_environment_instance" "kyma-instance" {
+  depends_on = [
+    btp_subaccount_environment_instance.kyma
+  ]
+  subaccount_id    = local.subaccount_id
+  id = btp_subaccount_environment_instance.kyma.id
+}
+
+
 data "http" "kubeconfig" {
   url = jsondecode(btp_subaccount_environment_instance.kyma.labels).KubeconfigURL
   retry {
@@ -171,16 +180,7 @@ data "http" "token" {
   request_body = "grant_type=password&username=${var.BTP_BOT_USER}&password=${var.BTP_BOT_PASSWORD}&client_id=${local.idp.clientid}&scope=groups,email"
 }
 
-#"provider-sm.tf"
-
-data "btp_subaccount_service_binding" "provider_sm" {
-  count = var.BTP_PROVIDER_SUBACCOUNT_ID == null ? 0 : 1
-  subaccount_id = var.BTP_PROVIDER_SUBACCOUNT_ID
-  name          = "provider-sm-binding"
-}
-
 #"subaccount.tf"
-
 data "btp_subaccount" "reuse_subaccount" {
   count = var.BTP_USE_SUBACCOUNT_ID != null && var.BTP_NEW_SUBACCOUNT_NAME == null ? 1 : 0
   id = var.BTP_USE_SUBACCOUNT_ID

output.tf

@@ -1,11 +1,19 @@
-output "custom_service_manager_credentials" {
-  value = var.BTP_PROVIDER_SUBACCOUNT_ID == null ? null : jsondecode(one(data.btp_subaccount_service_binding.provider_sm).credentials)
-}
-
 output "kubeconfig" {
   value = yamlencode(jsondecode(data.jq_query.kubeconfig.result) )
 }
 
 output "subaccount_id" {
   value = local.subaccount_id
 }
+
+output "service_instance_id" {
+  value = btp_subaccount_environment_instance.kyma.id
+}
+
+output "service_id" {
+  value = data.btp_subaccount_environment_instance.kyma-instance.service_id
+}
+
+output "platform_id" {
+  value = data.btp_subaccount_environment_instance.kyma-instance.platform_id
+}

variables.tf

@@ -57,12 +57,6 @@ variable "BTP_BOT_PASSWORD" {
   sensitive = true
 }
 
-variable "BTP_PROVIDER_SUBACCOUNT_ID" {
-  type        = string
-  description = "Subaccount ID"
-  default = null
-}
-
 variable "BTP_BACKEND_URL" {
   type        = string
   description = "Backend URL for BTP API; defaults to https://cli.btp.cloud.sap"