SML Feature Support (#278)

Added IAM permissions automation.
Environment setups provided: minimal, demo, and production.
CLI-based deployments supported, including cluster connectivity fully via CLI

---------

Co-authored-by: Nupur Goyal <[email protected]>

Author: nupurg-ibm

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2025-06-19T07:38:57Z",
+  "generated_at": "2025-09-17T10:23:03Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -102,6 +102,126 @@
         "type": "Secret Keyword",
         "verified_result": null
       }
+    ],
+    "tools/minimal-demo-prod-scripts/README.md": [
+      {
+        "hashed_secret": "89a6cfe2a229151e8055abee107d45ed087bbb4f",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 36,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "365b78d42089abe4583503eded60fa7c1b3e1cd0",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 56,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "tools/minimal-demo-prod-scripts/catalog_values_demo_deployment.json": [
+      {
+        "hashed_secret": "216168000275f83a7bc3599e708c5bafab959783",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 2,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "55aac310878e11ce14b29027f77e58cb7c4fe7a4",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 8,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "1f5e25be9b575e9f5d39c82dfd1d9f4d73f1975c",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 56,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "b295b04949a98dc50ba65adcddd588077b93ab3c",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 65,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "tools/minimal-demo-prod-scripts/catalog_values_minimal_deployment.json": [
+      {
+        "hashed_secret": "216168000275f83a7bc3599e708c5bafab959783",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 2,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "55aac310878e11ce14b29027f77e58cb7c4fe7a4",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 8,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "1f5e25be9b575e9f5d39c82dfd1d9f4d73f1975c",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 56,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "b295b04949a98dc50ba65adcddd588077b93ab3c",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 65,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
+    "tools/minimal-demo-prod-scripts/catalog_values_production_deployment.json": [
+      {
+        "hashed_secret": "216168000275f83a7bc3599e708c5bafab959783",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 2,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "55aac310878e11ce14b29027f77e58cb7c4fe7a4",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 8,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "1f5e25be9b575e9f5d39c82dfd1d9f4d73f1975c",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 56,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "b295b04949a98dc50ba65adcddd588077b93ab3c",
+        "is_secret": true,
+        "is_verified": false,
+        "line_number": 65,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
     ]
   },
   "version": "0.13.1+ibm.62.dss",

common-dev-assets

@@ -48,6 +48,7 @@
           "name": "Cluster-with-LSF",
           "install_type": "fullstack",
           "working_directory": "solutions/lsf",
+          "terraform_version": "1.10.5",
           "compliance": {
             "authority": "scc-v3",
             "profiles": [

ibm_catalog.json

@@ -6,9 +6,9 @@
     "ssh_keys": "[\"Please fill here\"]",
     "remote_allowed_ips": "[\"Please fill here\"]",
     "app_center_gui_password": "Please fill here",
-    "lsf_version": "Fixpack_15",
+    "lsf_version": "fixpack_15",
     "vpc_name": "__NULL__",
-    "cluster_subnet_id": "[]",
+    "cluster_subnet_id": "__NULL__",
     "login_subnet_id": "__NULL__",
     "vpc_cidr": "10.241.0.0/18",
     "vpc_cluster_private_subnets_cidr_blocks": "10.241.0.0/20",
@@ -30,8 +30,8 @@
     "enable_vpc_flow_logs": "false",
     "enable_ldap": "false",
     "ldap_basedns": "lsf.com",
-    "ldap_server": "null",
-    "ldap_server_cert": "null",
+    "ldap_server": "__NULL__",
+    "ldap_server_cert": "__NULL__",
     "ldap_admin_password": "",
     "ldap_user_name": "",
     "ldap_user_password": "",
@@ -51,7 +51,7 @@
     "observability_logs_enable_for_compute": "false",
     "observability_enable_platform_logs": "false",
     "observability_enable_metrics_routing": "false",
-    "observability_logs_retention_period": "false",
+    "observability_logs_retention_period": "7",
     "observability_monitoring_on_compute_nodes_enable": "false",
     "observability_monitoring_plan": "graduated-tier",
     "existing_bastion_instance_name": "__NULL__",

samples/configs/hpc_catalog_values.json

@@ -0,0 +1,13 @@
+# IAM Permissions Assignment for LSF Deployment
+
+### Before deploying an IBM Cloud LSF cluster, specific IAM permissions must be assigned to either a user or an access group. This script automates that process.
+
+How to run:
+
+```
+ibmcloud login --apikey <YOUR_API_KEY> -g <RESOURCE_GROUP>
+
+chmod +x permissions.sh
+
+./permissions.sh
+```