From 4d66623de1d5243c778071e8b604890240c0967b Mon Sep 17 00:00:00 2001
From: lcaggio <lorenzo.caggioni@gmail.com>
Date: Fri, 5 May 2023 09:54:57 +0200
Subject: [PATCH] Fix Shielded Folder - VertexML interoperability (#1355)

* Fix Shielded Folder - VertexML interoperability

* Fix README outputs

* Adding prefix for keyrings and update output
---
 blueprints/data-solutions/shielded-folder/README.md  | 2 +-
 blueprints/data-solutions/shielded-folder/kms.tf     | 4 ++--
 blueprints/data-solutions/shielded-folder/outputs.tf | 4 ++++
 blueprints/data-solutions/vertex-mlops/README.md     | 3 +--
 blueprints/data-solutions/vertex-mlops/main.tf       | 1 +
 blueprints/data-solutions/vertex-mlops/outputs.tf    | 6 +++---
 6 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/blueprints/data-solutions/shielded-folder/README.md b/blueprints/data-solutions/shielded-folder/README.md
index 5496eaa7..c4b471bd 100644
--- a/blueprints/data-solutions/shielded-folder/README.md
+++ b/blueprints/data-solutions/shielded-folder/README.md
@@ -176,9 +176,9 @@ terraform apply
 |---|---|:---:|
 | [folders](outputs.tf#L15) | Folders id. |  |
 | [folders_sink_writer_identities](outputs.tf#L23) | Folders id. |  |
+| [kms_keys](outputs.tf#L31) | Cloud KMS encryption keys created. |  |
 
 <!-- END TFDOC -->
-
 ## Test
 
 ```hcl
diff --git a/blueprints/data-solutions/shielded-folder/kms.tf b/blueprints/data-solutions/shielded-folder/kms.tf
index 7a3b42b5..708b5cda 100644
--- a/blueprints/data-solutions/shielded-folder/kms.tf
+++ b/blueprints/data-solutions/shielded-folder/kms.tf
@@ -81,7 +81,7 @@ module "sec-kms" {
   project_id = module.sec-project[0].project_id
   keyring = {
     location = each.key
-    name     = "${each.key}"
+    name     = "sec-${each.key}"
   }
   # rename to `key_iam` to switch to authoritative bindings
   key_iam_additive = {
@@ -96,7 +96,7 @@ module "log-kms" {
   project_id = module.sec-project[0].project_id
   keyring = {
     location = each.key
-    name     = "${each.key}"
+    name     = "log-${each.key}"
   }
   keys = local.kms_log_locations_keys[each.key]
 }
diff --git a/blueprints/data-solutions/shielded-folder/outputs.tf b/blueprints/data-solutions/shielded-folder/outputs.tf
index e1107fc6..35431ee2 100644
--- a/blueprints/data-solutions/shielded-folder/outputs.tf
+++ b/blueprints/data-solutions/shielded-folder/outputs.tf
@@ -28,3 +28,7 @@ output "folders_sink_writer_identities" {
   }
 }
 
+output "kms_keys" {
+  description = "Cloud KMS encryption keys created."
+  value       = { for k, v in module.sec-kms : k => v.key_ids }
+}
diff --git a/blueprints/data-solutions/vertex-mlops/README.md b/blueprints/data-solutions/vertex-mlops/README.md
index 31e6a507..4c918bbc 100644
--- a/blueprints/data-solutions/vertex-mlops/README.md
+++ b/blueprints/data-solutions/vertex-mlops/README.md
@@ -74,7 +74,6 @@ module "test" {
 }
 # tftest modules=11 resources=60
 ```
-
 <!-- BEGIN TFDOC -->
 
 ## Variables
@@ -101,7 +100,7 @@ module "test" {
 |---|---|:---:|
 | [github](outputs.tf#L30) | Github Configuration. |  |
 | [notebook](outputs.tf#L35) | Vertex AI notebooks ids. |  |
-| [project](outputs.tf#L43) | The project resource as return by the `project` module. |  |
+| [project_id](outputs.tf#L43) | Project ID. |  |
 
 <!-- END TFDOC -->
 ## Test
diff --git a/blueprints/data-solutions/vertex-mlops/main.tf b/blueprints/data-solutions/vertex-mlops/main.tf
index 2e093f86..ec2d174a 100644
--- a/blueprints/data-solutions/vertex-mlops/main.tf
+++ b/blueprints/data-solutions/vertex-mlops/main.tf
@@ -242,6 +242,7 @@ module "project" {
   service_encryption_key_ids = {
     aiplatform    = [var.service_encryption_keys.aiplatform]
     bq            = [var.service_encryption_keys.bq]
+    compute       = [var.service_encryption_keys.notebooks]
     cloudbuild    = [var.service_encryption_keys.storage]
     notebooks     = [var.service_encryption_keys.notebooks]
     secretmanager = [var.service_encryption_keys.secretmanager]
diff --git a/blueprints/data-solutions/vertex-mlops/outputs.tf b/blueprints/data-solutions/vertex-mlops/outputs.tf
index 5acac622..503d6168 100644
--- a/blueprints/data-solutions/vertex-mlops/outputs.tf
+++ b/blueprints/data-solutions/vertex-mlops/outputs.tf
@@ -40,7 +40,7 @@ output "notebook" {
   )
 }
 
-output "project" {
-  description = "The project resource as return by the `project` module."
-  value       = module.project
+output "project_id" {
+  description = "Project ID."
+  value       = module.project.project_id
 }