Solace Beta Opportunity: Solace Terraform Software Provider (Declarative SEMP)

rtomkins
rtomkins Member, Employee Posts: 26 Solace Employee
edited December 2023 in General Discussions #1

I declare Solace's Hashicorp Terraform Software Broker Provider Public Beta Release 0.9.0 available! See the link to Solace's Hashicorp Registry, customer documentation, and release notes below!

Now is your opportunity to try out the Beta release of the PubSub+ Software Broker Provider for Service Automation! This capability is the first component of our solution to provide the following benefits:

  1. Enable customers to declaratively manage services up and down their CI/CD pipelines
  2. Simplify provisioning to enable not just middleware but also app teams to declaratively generate, add, change, and delete their resources in a message VPN
  3. Enable automated, declarative service provisioning from the Solace Event Portal

With this Terraform Provider Beta, Solace has provided an additional "generate" capability that allows you to pull down a broker configuration to create a .tf file from the existing configuration!

Check it out here in the Terraform Registry: https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest

Our customer documentation is here: https://docs.solace.com/Admin/SEMP/Declarative-SEMP.htm

We're looking forward to all your feedback to provide the right Declarative SEMP implementation for the PubSub+ Software Broker!

Declaring your independence from imperative management,

Rob Tomkins

Principal Core Product Manager, Solace

————————————————————————————————————————-————————— DSEMP Terraform Softare Broker Provider Beta 0.9.0 Release Notes —————————————————————————————————————————————————

BETA Limitations:
- Not supported in production
- Supported for 1 year or until the general availability of the Solace Software Broker Provider for Hashicorp Terraform, whichever is shorter
- Support is provided through account teams and not Solace Support
- Fixes to this feature will be limited to future Beta/EA/GA releases
- Future releases of this functionality may not be backward compatible with configuration files used in this release
- Template and High-Level Configuration Object Terraform modules used to facilitate application team use of declarative SEMP are not included in this Beta
- Appliances are not supported by this Beta. A Beta release of the appliance provider is planned

Known Bugs:
1. Within the message VPN level Declarative SEMP the following objects/resources are subject to limitations*:
a) ACL Profile - can not be destroyed
b) User Profile - can not be destroyed
c) Authorization Group - can not be destroyed
d) LDAP Group - can not be destroyed
e) RDP Consumer OAuth JWT Claims - can not be managed with declarative SEMP
2. Sub-attribute Terraform validation is not supported
3. Using Solace Generate Operation with SEMP Objects with a name prefixed by # are not supported
4. Solace's Generate Operation may create Terraform Object with the symbols #, ", or a terminating / in rare use cases. These symbols must be removed/replaced to plan or apply the generated code

Additional notes:
- Solace is providing its own Generate operation as the current Hashicorp Terraform generate command is immature and does not provide the same level of functionality. As Terraform's generate functionality aligns with Solace Generate, we may deprecate and remove that functionality.
- The Solace Generate operation provides commented-out configuration lines when the broker configuration includes write-only attributes. At General Availability, we plan to provide a variable for the write-only attribute that aligns with a variable for its parent object.
- This "Declarative SEMP - Service Automation - Terraform - Software Broker Provider" capability at Beta and GA provides the ability to create, alter, and remove services, including access control lists, clients (including profiles), queues, access control, and JMS JNDI.
- This feature requires a Terraform directory for the configuration of each broker and does not support cross-broker message VPN replication.
- This feature does not support the new openToFu open-source project.

* This restriction is expected to persist beyond General Availability.