Global Context

PreviousGuardrails NextCI/CD & Terraform Runners

Last updated 3 months ago

Global Context

For the latest documentation on the resource itself, refer to the .

Global Contexts are context-prompting questionnaires used to gather data from developers before provisioning a resource. Global Contexts are designed to gather and store insightful data related to the resource that will be generated.

To define an compliancelevel question in main.tf:

resource "resourcely_context_question" "compliancelevel" {
  prompt               = "compliance level?"
  label                = "compliancelevel"
  qtype                = "QTYPE_SINGLE_SELECT"
  scope                = "SCOPE_TENANT"
   blueprint_categories = [
    "BLUEPRINT_BLOB_STORAGE", "BLUEPRINT_NETWORKING",
    "BLUEPRINT_DATABASE", "BLUEPRINT_COMPUTE",
    "BLUEPRINT_SERVERLESS_COMPUTE", "BLUEPRINT_ASYNC_PROCESSING",
    "BLUEPRINT_CONTAINERIZATION", "BLUEPRINT_LOGS_AND_METRICS"
  ]
  answer_choices       = [
    { label : "HIPAA" },
    { label : "SOC 2" },
    { label : "ISO 27001" },
    { label : "None" }
  ]
}

Note that label needs to start with lowercase and environment is a reserved keyword.

This global context will prompt users to select an compliance level (HIPAA, SOC 2, or ISO 27001) when deploying blueprints from the mentioned categories.

You can use adjust the qtype according to the question's nature.

Once Context Questions are defined you can exclude them from certain blueprints as follows:

resource "resourcely_blueprint" "aws_s3_basic" {
  name           = "Basic S3 bucket"
  description    = "Basic bucket with configurable versioning"
  cloud_provider = "PROVIDER_AMAZON"
  categories     = ["BLUEPRINT_BLOB_STORAGE"]
  labels         = ["s3", "private"]

  # This Blueprint will receive all context questions EXCEPT the compliancelevel question
  excluded_context_question_series = [
    resourcely_context_question.compliancelevel.series_id,
  ]

  guidance       = <<-EOT
  Use this when you want a basic private bucket.

  Options:
   - Bucket name
   - Versioning (enabled/disabled)

  Properties:
   - Public access block
   - Objects are bucket owner enforced
  EOT
 content = file("basic.tft")
}

PreviousGuardrails NextCI/CD & Terraform Runners

Last updated 3 months ago

For the latest documentation on the resource itself, refer to the .

To define an compliancelevel question in main.tf:

resource "resourcely_context_question" "compliancelevel" {
  prompt               = "compliance level?"
  label                = "compliancelevel"
  qtype                = "QTYPE_SINGLE_SELECT"
  scope                = "SCOPE_TENANT"
   blueprint_categories = [
    "BLUEPRINT_BLOB_STORAGE", "BLUEPRINT_NETWORKING",
    "BLUEPRINT_DATABASE", "BLUEPRINT_COMPUTE",
    "BLUEPRINT_SERVERLESS_COMPUTE", "BLUEPRINT_ASYNC_PROCESSING",
    "BLUEPRINT_CONTAINERIZATION", "BLUEPRINT_LOGS_AND_METRICS"
  ]
  answer_choices       = [
    { label : "HIPAA" },
    { label : "SOC 2" },
    { label : "ISO 27001" },
    { label : "None" }
  ]
}

Note that label needs to start with lowercase and environment is a reserved keyword.

This global context will prompt users to select an compliance level (HIPAA, SOC 2, or ISO 27001) when deploying blueprints from the mentioned categories.

You can use adjust the qtype according to the question's nature.

Once Context Questions are defined you can exclude them from certain blueprints as follows:

resource "resourcely_blueprint" "aws_s3_basic" {
  name           = "Basic S3 bucket"
  description    = "Basic bucket with configurable versioning"
  cloud_provider = "PROVIDER_AMAZON"
  categories     = ["BLUEPRINT_BLOB_STORAGE"]
  labels         = ["s3", "private"]

  # This Blueprint will receive all context questions EXCEPT the compliancelevel question
  excluded_context_question_series = [
    resourcely_context_question.compliancelevel.series_id,
  ]

  guidance       = <<-EOT
  Use this when you want a basic private bucket.

  Options:
   - Bucket name
   - Versioning (enabled/disabled)

  Properties:
   - Public access block
   - Objects are bucket owner enforced
  EOT
 content = file("basic.tft")
}