feat: set default resource group names (#261)

* docs: typo

* fix: remove devops category

* feat: add default rg

README.md

@@ -159,7 +159,7 @@ No resources.
 | <a name="input_activity_tracker_route_name"></a> [activity\_tracker\_route\_name](#input\_activity\_tracker\_route\_name) | Name of the route for the Activity Tracker, required if 'var.provision\_atracker\_cos' is true. | `string` | `null` | no |
 | <a name="input_allowed_ip_addresses"></a> [allowed\_ip\_addresses](#input\_allowed\_ip\_addresses) | List of the IP addresses and subnets from which IAM tokens can be created for the account, has no effect when `skip_iam_account_settings` is true. | `list(any)` | `[]` | no |
 | <a name="input_api_creation"></a> [api\_creation](#input\_api\_creation) | When restriction is enabled, only users, including the account owner, assigned the User API key creator role on the IAM Identity Service can create API keys. Allowed values are 'RESTRICTED', 'NOT\_RESTRICTED', or 'NOT\_SET' (to 'unset' a previous set value), has no effect when `skip_iam_account_settings` is true. | `string` | `"RESTRICTED"` | no |
-| <a name="input_audit_resource_group_name"></a> [audit\_resource\_group\_name](#input\_audit\_resource\_group\_name) | The name of the audit resource group to create. | `string` | `null` | no |
+| <a name="input_audit_resource_group_name"></a> [audit\_resource\_group\_name](#input\_audit\_resource\_group\_name) | The name of the audit resource group to create. | `string` | `"audit-rg"` | no |
 | <a name="input_cbr_allow_at_to_cos"></a> [cbr\_allow\_at\_to\_cos](#input\_cbr\_allow\_at\_to\_cos) | Whether to enable the rule that allows Activity Tracker to access Object Storage. Default is true if `provision_cbr` is set to true. | `bool` | `true` | no |
 | <a name="input_cbr_allow_block_storage_to_kms"></a> [cbr\_allow\_block\_storage\_to\_kms](#input\_cbr\_allow\_block\_storage\_to\_kms) | Whether to enable the rule that allows Block Storage for VPC to access the key management service. Default is true if `provision_cbr` is set to true. | `bool` | `true` | no |
 | <a name="input_cbr_allow_cos_to_kms"></a> [cbr\_allow\_cos\_to\_kms](#input\_cbr\_allow\_cos\_to\_kms) | Whether to enable the rule that allows Object Storage to access the key management service. Default is true if `provision_cbr` is set to true. | `bool` | `true` | no |
@@ -197,8 +197,8 @@ No resources.
 | <a name="input_cos_instance_name"></a> [cos\_instance\_name](#input\_cos\_instance\_name) | The name to give the cloud object storage instance that will be provisioned by this module, required if 'var.provision\_atracker\_cos' is true. | `string` | `null` | no |
 | <a name="input_cos_plan"></a> [cos\_plan](#input\_cos\_plan) | Plan of the COS instance created by the module | `string` | `"standard"` | no |
 | <a name="input_cos_target_name"></a> [cos\_target\_name](#input\_cos\_target\_name) | Name of the COS Target for Activity Tracker, required if 'var.provision\_atracker\_cos' is true. | `string` | `null` | no |
-| <a name="input_devops_resource_group_name"></a> [devops\_resource\_group\_name](#input\_devops\_resource\_group\_name) | The name of the devops resource group to create. | `string` | `null` | no |
-| <a name="input_edge_resource_group_name"></a> [edge\_resource\_group\_name](#input\_edge\_resource\_group\_name) | The name of the edge resource group to create. | `string` | `null` | no |
+| <a name="input_devops_resource_group_name"></a> [devops\_resource\_group\_name](#input\_devops\_resource\_group\_name) | The name of the devops resource group to create. | `string` | `"devops-tools-rg"` | no |
+| <a name="input_edge_resource_group_name"></a> [edge\_resource\_group\_name](#input\_edge\_resource\_group\_name) | The name of the edge resource group to create. | `string` | `"edge-rg"` | no |
 | <a name="input_enforce_allowed_ip_addresses"></a> [enforce\_allowed\_ip\_addresses](#input\_enforce\_allowed\_ip\_addresses) | Whether the IP address restriction is enforced. Set the value to `false` to test the impact of the restriction on your account, once the impact of the restriction has been observed set the value to `true`. | `bool` | `true` | no |
 | <a name="input_existing_audit_resource_group_name"></a> [existing\_audit\_resource\_group\_name](#input\_existing\_audit\_resource\_group\_name) | The name of the existing resource group to use for audit resources, takes precedence over `audit_resource_group_name`. | `string` | `null` | no |
 | <a name="input_existing_devops_resource_group_name"></a> [existing\_devops\_resource\_group\_name](#input\_existing\_devops\_resource\_group\_name) | The name of the existing resource group to use for devops resources, takes precedence over `devops_resource_group_name`. | `string` | `null` | no |
@@ -209,18 +209,18 @@ No resources.
 | <a name="input_existing_workload_resource_group_name"></a> [existing\_workload\_resource\_group\_name](#input\_existing\_workload\_resource\_group\_name) | The name of the existing resource group to use for workload resources, takes precedence over `workload_resource_group_name`. | `string` | `null` | no |
 | <a name="input_inactive_session_timeout"></a> [inactive\_session\_timeout](#input\_inactive\_session\_timeout) | Specify how long (seconds) a user is allowed to stay logged in the account while being inactive/idle, has no effect when `skip_iam_account_settings` is true. | `string` | `"7200"` | no |
 | <a name="input_kms_key_crn"></a> [kms\_key\_crn](#input\_kms\_key\_crn) | CRN of the KMS key to use to encrypt the data in the COS bucket, required if 'var.provision\_atracker\_cos' is true. | `string` | `null` | no |
-| <a name="input_management_resource_group_name"></a> [management\_resource\_group\_name](#input\_management\_resource\_group\_name) | The name of the management resource group to create. | `string` | `null` | no |
+| <a name="input_management_resource_group_name"></a> [management\_resource\_group\_name](#input\_management\_resource\_group\_name) | The name of the management resource group to create. | `string` | `"management-plane-rg"` | no |
 | <a name="input_max_sessions_per_identity"></a> [max\_sessions\_per\_identity](#input\_max\_sessions\_per\_identity) | Defines the maximum allowed sessions per identity required by the account. Supports any whole number greater than '0', or 'NOT\_SET' to unset account setting and use service default, has no effect when `skip_iam_account_settings` is true. | `string` | `"NOT_SET"` | no |
 | <a name="input_mfa"></a> [mfa](#input\_mfa) | Specify Multi-Factor Authentication method in the account. Supported valid values are 'NONE' (No MFA trait set), 'TOTP' (For all non-federated IBMId users), 'TOTP4ALL' (For all users), 'LEVEL1' (Email based MFA for all users), 'LEVEL2' (TOTP based MFA for all users), 'LEVEL3' (U2F MFA for all users), has no effect when `skip_iam_account_settings` is true. | `string` | `"TOTP4ALL"` | no |
-| <a name="input_observability_resource_group_name"></a> [observability\_resource\_group\_name](#input\_observability\_resource\_group\_name) | The name of the observability resource group to create. Required if `var.provision_atracker_cos` is true and `var.existing_observability_resource_group_name` is not provided. | `string` | `null` | no |
+| <a name="input_observability_resource_group_name"></a> [observability\_resource\_group\_name](#input\_observability\_resource\_group\_name) | The name of the observability resource group to create. Required if `var.provision_atracker_cos` is true and `var.existing_observability_resource_group_name` is not provided. | `string` | `"observability-rg"` | no |
 | <a name="input_provision_atracker_cos"></a> [provision\_atracker\_cos](#input\_provision\_atracker\_cos) | Enable to create an Atracker route and COS instance + bucket. | `bool` | `false` | no |
 | <a name="input_provision_cbr"></a> [provision\_cbr](#input\_provision\_cbr) | Whether to enable the creation of context-based restriction rules and zones in the module. Default is false. | `bool` | `false` | no |
 | <a name="input_provision_trusted_profile_projects"></a> [provision\_trusted\_profile\_projects](#input\_provision\_trusted\_profile\_projects) | Controls whether the Trusted Profile for Projects is provisioned. | `bool` | `true` | no |
 | <a name="input_public_access_enabled"></a> [public\_access\_enabled](#input\_public\_access\_enabled) | Enable/Disable public access group in which resources are open anyone regardless if they are member of your account or not, has no effect when `skip_iam_account_settings` is true. | `bool` | `false` | no |
 | <a name="input_refresh_token_expiration"></a> [refresh\_token\_expiration](#input\_refresh\_token\_expiration) | Defines the refresh token expiration in seconds, has no effect when `skip_iam_account_settings` is true. | `string` | `"259200"` | no |
 | <a name="input_region"></a> [region](#input\_region) | Region to provision the COS resources created by this solution. | `string` | `"us-south"` | no |
 | <a name="input_resource_tags"></a> [resource\_tags](#input\_resource\_tags) | A list of tags applied to the COS resources created by the module. | `list(string)` | `[]` | no |
-| <a name="input_security_resource_group_name"></a> [security\_resource\_group\_name](#input\_security\_resource\_group\_name) | The name of the security resource group to create. | `string` | `null` | no |
+| <a name="input_security_resource_group_name"></a> [security\_resource\_group\_name](#input\_security\_resource\_group\_name) | The name of the security resource group to create. | `string` | `"security-rg"` | no |
 | <a name="input_serviceid_creation"></a> [serviceid\_creation](#input\_serviceid\_creation) | When restriction is enabled, only users, including the account owner, assigned the Service ID creator role on the IAM Identity Service can create service IDs, has no effect when `skip_iam_account_settings` is true. Allowed values are 'RESTRICTED', 'NOT\_RESTRICTED', or 'NOT\_SET' (to 'unset' a previous set value). | `string` | `"RESTRICTED"` | no |
 | <a name="input_shell_settings_enabled"></a> [shell\_settings\_enabled](#input\_shell\_settings\_enabled) | Enable global shell settings to all users in the account, has no effect when `skip_iam_account_settings` is true. | `bool` | `false` | no |
 | <a name="input_skip_atracker_cos_iam_auth_policy"></a> [skip\_atracker\_cos\_iam\_auth\_policy](#input\_skip\_atracker\_cos\_iam\_auth\_policy) | Set to true to skip the creation of an IAM authorization policy that permits the Activity Tracker service Object Writer access to the Cloud Object Storage instance provisioned by this module. NOTE: If skipping, you must ensure the auth policy exists on the account before running the module. | `bool` | `false` | no |
@@ -232,7 +232,7 @@ No resources.
 | <a name="input_trusted_profile_roles"></a> [trusted\_profile\_roles](#input\_trusted\_profile\_roles) | List of roles given to the trusted profile. | `list(string)` | <pre>[<br/>  "Administrator"<br/>]</pre> | no |
 | <a name="input_user_mfa"></a> [user\_mfa](#input\_user\_mfa) | Specify Multi-Factor Authentication method for specific users the account. Supported valid values are 'NONE' (No MFA trait set), 'TOTP' (For all non-federated IBMId users), 'TOTP4ALL' (For all users), 'LEVEL1' (Email based MFA for all users), 'LEVEL2' (TOTP based MFA for all users), 'LEVEL3' (U2F MFA for all users). Example of format is available here > https://github.com/terraform-ibm-modules/terraform-ibm-iam-account-settings#usage, has no effect when `skip_iam_account_settings` is true. | <pre>set(object({<br/>    iam_id = string<br/>    mfa    = string<br/>  }))</pre> | `[]` | no |
 | <a name="input_user_mfa_reset"></a> [user\_mfa\_reset](#input\_user\_mfa\_reset) | Set to true to delete all user MFA settings configured in the targeted account, and ignoring entries declared in var user\_mfa, has no effect when `skip_iam_account_settings` is true. | `bool` | `false` | no |
-| <a name="input_workload_resource_group_name"></a> [workload\_resource\_group\_name](#input\_workload\_resource\_group\_name) | The name of the workload resource group to create. | `string` | `null` | no |
+| <a name="input_workload_resource_group_name"></a> [workload\_resource\_group\_name](#input\_workload\_resource\_group\_name) | The name of the workload resource group to create. | `string` | `"workload-rg"` | no |
 
 ### Outputs
 

ibm_catalog.json

@@ -8,7 +8,6 @@
         "ibm_created",
         "target_terraform",
         "terraform",
-        "devops",
         "security",
         "solution"
       ],
@@ -22,7 +21,7 @@
         "iam"
       ],
       "short_description": "Creates and configures the base layer components of an IBM Cloud account",
-      "long_description": "This architecture supports creating and configuring the foundational components of an IBM Cloud account. This includes IAM account settings, Activity Tracker routing, Cloud Objects Storage, a trusted profile and associated access groups, and the resource group in which all resources are provisioned.",
+      "long_description": "This architecture supports creating and configuring the foundational components of an IBM Cloud account. This includes IAM account settings, Activity Tracker routing, Cloud Objects Storage, a trusted profile and associated access groups, and the resource groups in which all resources are provisioned.",
       "offering_docs_url": "https://github.com/terraform-ibm-modules/terraform-ibm-base-account-enterprise/blob/main/README.md",
       "offering_icon_url": "https://raw.githubusercontent.com/terraform-ibm-modules/documentation/main/icons/security_icon.svg",
       "provider_name": "IBM",

variables.tf

@@ -5,7 +5,7 @@
 variable "security_resource_group_name" {
   type        = string
   description = "The name of the security resource group to create."
-  default     = null
+  default     = "security-rg"
 
   validation {
     condition     = length(coalesce(var.security_resource_group_name, "null")) <= 40
@@ -27,7 +27,7 @@ variable "existing_security_resource_group_name" {
 variable "audit_resource_group_name" {
   type        = string
   description = "The name of the audit resource group to create."
-  default     = null
+  default     = "audit-rg"
 
   validation {
     condition     = length(coalesce(var.audit_resource_group_name, "null")) <= 40
@@ -49,7 +49,7 @@ variable "existing_audit_resource_group_name" {
 variable "observability_resource_group_name" {
   type        = string
   description = "The name of the observability resource group to create. Required if `var.provision_atracker_cos` is true and `var.existing_observability_resource_group_name` is not provided."
-  default     = null
+  default     = "observability-rg"
 
   validation {
     condition     = length(coalesce(var.observability_resource_group_name, "null")) <= 40
@@ -71,7 +71,7 @@ variable "existing_observability_resource_group_name" {
 variable "management_resource_group_name" {
   type        = string
   description = "The name of the management resource group to create."
-  default     = null
+  default     = "management-plane-rg"
 
   validation {
     condition     = length(coalesce(var.management_resource_group_name, "null")) <= 40
@@ -93,7 +93,7 @@ variable "existing_management_resource_group_name" {
 variable "workload_resource_group_name" {
   type        = string
   description = "The name of the workload resource group to create."
-  default     = null
+  default     = "workload-rg"
 
   validation {
     condition     = length(coalesce(var.workload_resource_group_name, "null")) <= 40
@@ -115,7 +115,7 @@ variable "existing_workload_resource_group_name" {
 variable "edge_resource_group_name" {
   type        = string
   description = "The name of the edge resource group to create."
-  default     = null
+  default     = "edge-rg"
 
   validation {
     condition     = length(coalesce(var.edge_resource_group_name, "null")) <= 40
@@ -137,7 +137,7 @@ variable "existing_edge_resource_group_name" {
 variable "devops_resource_group_name" {
   type        = string
   description = "The name of the devops resource group to create."
-  default     = null
+  default     = "devops-tools-rg"
 
   validation {
     condition     = length(coalesce(var.devops_resource_group_name, "null")) <= 40