Merge pull request #123 from oracle-quickstart/release-2.6.5

Release 2.6.5

config/iam_compartments.tf

@@ -19,14 +19,14 @@ locals {
 
 module "lz_top_compartment" {
   count     = var.extend_landing_zone_to_new_region == false && var.use_enclosing_compartment == true && var.existing_enclosing_compartment_ocid == null ? 1 : 0
-  source = "github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam/compartments"
+  source = "github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam//compartments?ref=v0.1.6"
   providers = { oci = oci.home }
   tenancy_ocid = var.tenancy_ocid
   compartments_configuration = local.enclosing_compartment_configuration
 }
 
 module "lz_compartments" {
-  source = "github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam/compartments"
+  source = "github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam//compartments?ref=v0.1.6"
   providers = { oci = oci.home }
   tenancy_ocid = var.tenancy_ocid
   compartments_configuration = var.extend_landing_zone_to_new_region == false ? local.enclosed_compartments_configuration : local.empty_compartments_configuration
@@ -149,20 +149,20 @@ locals {
   #----- Enclosing compartment configuration definition. Input to module.
   #------------------------------------------------------------------------  
   enclosing_compartment_configuration = {
-    default_parent_ocid : var.tenancy_ocid
+    default_parent_id : var.tenancy_ocid
     compartments : local.enclosing_cmp
   }
 
   #------------------------------------------------------------------------
   #----- Enclosing compartment configuration definition. Input to module.
   #------------------------------------------------------------------------
   enclosed_compartments_configuration = {
-    default_parent_ocid : local.enclosing_compartment_id
+    default_parent_id : local.enclosing_compartment_id
     compartments : merge(local.network_cmp, local.security_cmp, local.appdev_cmp, local.database_cmp, local.exainfra_cmp)
   }
 
   empty_compartments_configuration = {
-    default_parent_ocid : null
+    default_parent_id : null
     compartments : {}
   }
 

release-notes.md

@@ -1,3 +1,22 @@
+#   October 6, 2023 Release Notes - 2.6.5
+1. [CIS Compliance Script Updates](#2-6-5-script-updates)
+1. [Terraform Quick Start Updates](#2-6-5-quickstart-updates)
+1. [Terraform Workloads Updates](#2-6-5-workload-updates)
+
+## <a name="2-6-5-script-updates">Updates to the CIS Compliance Script</a>
+Updates:
+    - Added debugging Identity Groups collection
+
+## <a name="2-6-5-quickstart-updates">Terraform Quick Start Updates</a>
+Updates:
+- Compartments management has been pinned to Compartments module v0.1.6.
+
+## <a name="2-6-5-workload-updates">Terraform Quick Start Updates</a>
+Updates:
+    - Generic Workloads outputs compartments created
+Fixes:
+- Dynamic Group AppDev
+
 #   September 18, 2023 Release Notes - 2.6.4
 1. [CIS Compliance Script Adds Identity Domains](#2-6-4-identity-domains)
 1. [Updates to the CIS Compliance Script](#2-6-4-script-updates)

release.txt

@@ -1 +1 @@
-2.6.4
+2.6.5

workloads/generic_workload_compartments/iam_compartments.tf

@@ -25,7 +25,7 @@ locals {
 }
 
 module "workload_compartments" {
-  source                     = "github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam/compartments"
+  source                     = "github.com/oracle-quickstart/terraform-oci-cis-landing-zone-iam//compartments?ref=v0.1.6"
   providers                  = { oci = oci.home }
   tenancy_ocid               = var.tenancy_ocid
   compartments_configuration = local.compartments_configuration
@@ -57,7 +57,7 @@ locals {
     workload_group_name : "${local.workload_group_prefix}-${cmp}-${local.workload_group_suffix}", # For policeis
     workload_dynamic_group_name : "${local.appdev_dynamic_group_name_prefix}-${cmp}-${local.appdev_dynamic_group_name_suffix}", # For dynamic groups and policies
     description : "${cmp} workload compartment",
-    parent_ocid : var.existing_lz_appdev_compartment_ocid,
+    parent_id : var.existing_lz_appdev_compartment_ocid,
     defined_tags : local.default_template_compartment_defined_tags,
     freeform_tags : local.default_template_compartment_freeform_tags,
     children : {}

workloads/generic_workload_compartments/iam_dynamic_groups.tf

@@ -33,11 +33,12 @@ locals {
   #-- AppDev functions Dynamic Group
   #--------------------------------------------------------------------
 
-  appdev_functions_dynamic_group = var.create_workload_dynamic_groups_and_policies ? { for cmp in local.workload_compartments : ("${cmp.workload_name}-${local.appdev_dynamic_group_key}") => {
+  appdev_functions_dynamic_group = var.create_workload_dynamic_groups_and_policies ? { for key,cmp in local.workload_compartments : ("${key}-${local.appdev_dynamic_group_key}") => {
 
     name          = "${local.appdev_dynamic_group_name_prefix}-${cmp.workload_name}-${local.appdev_dynamic_group_name_suffix}"
     description   = "Dynamic group for application functions execution for workload ${cmp.workload_name}."
-    matching_rule = "ALL {resource.type = 'fnfunc',resource.compartment.id = '${cmp.name}'}"
+    # matching_rule = "ALL {resource.type = 'fnfunc'"
+    matching_rule = "ALL {resource.type = 'fnfunc',resource.compartment.id = '${module.workload_compartments.compartments[key].id}'}"
     defined_tags  = local.dynamic_groups_defined_tags
     freeform_tags = local.dynamic_groups_freeform_tags
     }

workloads/generic_workload_compartments/outputs.tf

@@ -1,6 +1,6 @@
 # Copyright (c) 2022 Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
-# output "compartments" {
-#   value = module.cislz_compartments.compartments
-# }
+output "compartments" {
+  value = module.workload_compartments.compartments
+}