From 3175d0d4c922729f6d3347933034c36543ca2809 Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Tue, 22 Oct 2024 12:24:06 -0400
Subject: [PATCH 1/3] feat: use existing scc instance

---
 solutions/basic/stack_definition.json    | 13 ++++++++++++-
 solutions/standard/stack_definition.json | 13 ++++++++++++-
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/solutions/basic/stack_definition.json b/solutions/basic/stack_definition.json
index 8e1e500..38ece68 100644
--- a/solutions/basic/stack_definition.json
+++ b/solutions/basic/stack_definition.json
@@ -68,6 +68,13 @@
       "hidden": false,
       "default": null
     },
+    {
+      "name": "existing_scc_instance_crn",
+      "required": false,
+      "type": "string",
+      "hidden": false,
+      "default": null
+    },
     {
       "name": "existing_event_notification_instance_crn",
       "required": false,
@@ -362,7 +369,7 @@
     },
     {
       "name": "Essential Security - Security Compliance Center",
-      "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b27fc8c7-f6ec-4f98-890d-4f7ccfd37aaf-global",
+      "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.eee496e3-da54-4f5f-9dbb-9dacdf29313f-global",
       "inputs": [
         {
           "name": "ibmcloud_api_key",
@@ -384,6 +391,10 @@
           "name": "resource_group_name",
           "value": "ref:../Account Infrastructure Base/outputs/audit_resource_group_name"
         },
+        {
+          "name": "existing_scc_instance_crn",
+          "value": "ref:../../inputs/existing_scc_instance_crn"
+        },
         {
           "name": "existing_kms_instance_crn",
           "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn"
diff --git a/solutions/standard/stack_definition.json b/solutions/standard/stack_definition.json
index 1ba98ab..f99586b 100644
--- a/solutions/standard/stack_definition.json
+++ b/solutions/standard/stack_definition.json
@@ -68,6 +68,13 @@
       "hidden": false,
       "default": null
     },
+    {
+      "name": "existing_scc_instance_crn",
+      "required": false,
+      "type": "string",
+      "hidden": false,
+      "default": null
+    },
     {
       "name": "existing_event_notification_instance_crn",
       "required": false,
@@ -362,7 +369,7 @@
     },
     {
       "name": "Essential Security - Security Compliance Center",
-      "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.b27fc8c7-f6ec-4f98-890d-4f7ccfd37aaf-global",
+      "version_locator": "7a4d68b4-cf8b-40cd-a3d1-f49aff526eb3.eee496e3-da54-4f5f-9dbb-9dacdf29313f-global",
       "inputs": [
         {
           "name": "ibmcloud_api_key",
@@ -384,6 +391,10 @@
           "name": "resource_group_name",
           "value": "ref:../Account Infrastructure Base/outputs/audit_resource_group_name"
         },
+        {
+          "name": "existing_scc_instance_crn",
+          "value": "ref:../../inputs/existing_scc_instance_crn"
+        },
         {
           "name": "existing_kms_instance_crn",
           "value": "ref:../Essential Security - Encryption Key Management/outputs/kms_instance_crn"

From a928ad589754a011342638656647646085fc43e1 Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Thu, 12 Dec 2024 10:02:57 -0500
Subject: [PATCH 2/3] fix: added new var to catalog json

---
 ibm_catalog.json | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ibm_catalog.json b/ibm_catalog.json
index 09892b6..e332e74 100644
--- a/ibm_catalog.json
+++ b/ibm_catalog.json
@@ -333,6 +333,13 @@
 							"description": "The CRN of an existing event notification instance to use in this solution. If not set, a new event notification instance is provisioned.",
 							"required": false
 						},
+						{
+							"key": "existing_scc_instance_crn",
+							"type": "string",
+							"default_value": "__NULL__",
+							"description": "The CRN of an existing security and compliance center instance to use in this solution. If not set, a new security and compliance center instance is provisioned.",
+							"required": false
+						},
 						{
 							"key": "existing_discovery_instance",
 							"type": "string",

From ad1e41f331f795a47c2d4c3f6e768086d9f50738 Mon Sep 17 00:00:00 2001
From: "kierra.searle@ibm.com" <kierra.searle@ibm.com>
Date: Tue, 17 Dec 2024 17:00:15 -0500
Subject: [PATCH 3/3] test: add scc to existing resources test

---
 tests/pr_test.go        |  5 +++--
 tests/resources/main.tf | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/tests/pr_test.go b/tests/pr_test.go
index 94a45ae..c9d60ed 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -78,7 +78,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) {
 	t.Parallel()
 
 	// ------------------------------------------------------------------------------------
-	// Provision RG, EN and SM
+	// Provision RG, EN, SM, and SCC
 	// ------------------------------------------------------------------------------------
 
 	prefix := fmt.Sprintf("ragext-%s", strings.ToLower(random.UniqueId()))
@@ -108,7 +108,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) {
 	} else {
 
 		// ------------------------------------------------------------------------------------
-		// Test passing an existing SM, RG, EN
+		// Test passing an existing SM, RG, EN, SCC
 		// ------------------------------------------------------------------------------------
 
 		options := testprojects.TestProjectOptionsDefault(&testprojects.TestProjectsOptions{
@@ -134,6 +134,7 @@ func TestProjectsBasicExistingResourcesTest(t *testing.T) {
 			"existing_kms_instance_crn":                terraform.Output(t, existingTerraformOptions, "kms_instance_crn"),
 			"existing_event_notification_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"),
 			"en_email_list":                            []string{"GoldenEye.Operations@ibm.com"},
+			"existing_scc_instance_crn":                terraform.Output(t, existingTerraformOptions, "crn"),
 		}
 
 		err := options.RunProjectsTest()
diff --git a/tests/resources/main.tf b/tests/resources/main.tf
index 9a553ab..c029dca 100644
--- a/tests/resources/main.tf
+++ b/tests/resources/main.tf
@@ -54,3 +54,37 @@ module "key_protect_all_inclusive" {
   key_ring_endpoint_type      = "private"
   key_endpoint_type           = "private"
 }
+
+module "kms_root_key" {
+  source          = "terraform-ibm-modules/kms-key/ibm"
+  kms_instance_id = module.key_protect_all_inclusive.kms_guid
+  key_name        = "${var.prefix}-kms-root-key"
+}
+
+##############################################################################
+# Security and Compliance Center
+##############################################################################
+
+module "cos" {
+  source                     = "terraform-ibm-modules/cos/ibm"
+  version                    = "8.15.11"
+  cos_instance_name          = "${var.prefix}-cos"
+  existing_kms_instance_guid = module.key_protect_all_inclusive.kms_guid
+  retention_enabled          = false
+  resource_group_id          = module.resource_group.resource_group_id
+  bucket_name                = "${var.prefix}-cb"
+  kms_key_crn                = module.kms_root_key.crn
+}
+
+module "security_and_compliance_center" {
+  source                            = "terraform-ibm-modules/scc/ibm"
+  version                           = "1.8.30"
+  instance_name                     = "${var.prefix}-scc-instance"
+  region                            = var.region
+  resource_group_id                 = module.resource_group.resource_group_id
+  resource_tags                     = var.resource_tags
+  cos_bucket                        = module.cos.bucket_name
+  cos_instance_crn                  = module.cos.cos_instance_id
+  en_instance_crn                   = module.event_notifications.crn
+  en_source_name                    = module.event_notifications.event_notification_instance_name
+}