-brightgreen){kind=icon}
This module configures an IBM Cloud Security and Compliance instance.
module "create_scc_instance" {
source = "terraform-ibm-modules/scc/ibm"
version = "X.X.X" # Replace "X.X.X" with a release version to lock into a specific release
instance_name = "my-scc-instance"
plan = "security-compliance-center-standard-plan"
region = "us-south"
resource_group_id = "xxXXxxXXxXxXXXXxxXxxxXXXXxXXXXX"
}You need the following permissions to run this module.
- Account Management
- Security and Compliance Center service
Administratorplatform access
- Security and Compliance Center service
- IAM Services
- Event Notifications service
Managerservice access
- Event Notifications service
| Name | Version |
|---|---|
| terraform | >= 1.3.0, <1.7.0 |
| ibm | >=1.64.1, <2.0.0 |
| time | >= 0.9.1, <1.0.0 |
No modules.
| Name | Type |
|---|---|
| ibm_iam_authorization_policy.scc_cos_s2s_access | resource |
| ibm_iam_authorization_policy.scc_wp_s2s_access | resource |
| ibm_resource_instance.scc_instance | resource |
| ibm_scc_instance_settings.scc_instance_settings | resource |
| ibm_scc_provider_type_instance.scc_provider_type_instance | resource |
| time_sleep.wait_for_scc_cos_authorization_policy | resource |
| time_sleep.wait_for_scc_wp_authorization_policy | resource |
| ibm_iam_account_settings.iam_account_settings | data source |
| ibm_scc_provider_types.scc_provider_types | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| attach_wp_to_scc_instance | When set to true, a value must be passed for the wp_instance_crn inout variable. |
string |
false |
no |
| cos_bucket | The name of the Cloud Object Storage bucket to be used in SCC instance | string |
n/a | yes |
| cos_instance_crn | CRN of the Cloud Object Storage to store SCC data | string |
n/a | yes |
| en_instance_crn | The CRN of Event Notifications instance to be used with SCC. If no value is provided, Event Notifications will not be enabled for this SCC instance | string |
null |
no |
| instance_name | Name of the security and compliance instance that will be provisioned by this module | string |
n/a | yes |
| plan | Pricing plan to create SCC instance. Options include security-compliance-center-standard-plan or security-compliance-center-trial-plan | string |
"security-compliance-center-standard-plan" |
no |
| region | Region where SCC instance will be created | string |
"us-south" |
no |
| resource_group_id | The id of the resource group to create the SCC instance | string |
n/a | yes |
| resource_tags | A list of tags applied to the resources created by the module | list(string) |
[] |
no |
| skip_cos_iam_authorization_policy | Set to true to skip the creation of an IAM authorization policy that permits the SCC instance created by this module to write access to the provided COS instance | bool |
false |
no |
| skip_scc_wp_auth_policy | Set to true to skip the creation of an IAM authorization policy that permits the SCC instance created by this solution read access to the workload protection instance. Only used if attach_wp_to_scc_instance is set to true. |
bool |
false |
no |
| wp_instance_crn | Optionally pass the CRN of an existing SCC Workload Protection instance to attach it to the SCC instance. | string |
null |
no |
| Name | Description |
|---|---|
| crn | The CRN of the SCC instance created by this module |
| guid | The GUID of the SCC instance created by this module |
| id | The id of the SCC instance created by this module |
| location | The location of the SCC instance created by this module |
| name | The name of the SCC instance created by this module |
| plan | The pricing plan used to create SCC instance in this module |
You can report issues and request features for this module in GitHub issues in the module repo. See Report an issue or request a feature.
To set up your local development environment, see Local development setup in the project documentation.