From 7a2e173ebf3632808f47cb0b761fa4604fe3ff67 Mon Sep 17 00:00:00 2001
From: lorenzo merici <lorenzo.merici@sysdig.com>
Date: Wed, 19 Feb 2025 17:37:26 +0100
Subject: [PATCH] BucketARN instead of FolderARN

---
 modules/integrations/cloud-logs/main.tf      | 11 +++++------
 modules/integrations/cloud-logs/variables.tf |  4 ++--
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/modules/integrations/cloud-logs/main.tf b/modules/integrations/cloud-logs/main.tf
index 651aa92..4c821a2 100644
--- a/modules/integrations/cloud-logs/main.tf
+++ b/modules/integrations/cloud-logs/main.tf
@@ -39,7 +39,6 @@ data "sysdig_secure_cloud_ingestion_assets" "assets" {
 locals {
   account_id_hash  = substr(md5(data.aws_caller_identity.current.account_id), 0, 4)
   role_name        = "${var.name}-${random_id.suffix.hex}-${local.account_id_hash}"
-  bucket_arn       = regex("^([^/]+)", var.folder_arn)[0]
   trusted_identity = var.is_gov_cloud_onboarding ? data.sysdig_secure_trusted_cloud_identity.trusted_identity.gov_identity : data.sysdig_secure_trusted_cloud_identity.trusted_identity.identity
 
   topic_name = split(":", var.topic_arn)[5]
@@ -101,8 +100,8 @@ data "aws_iam_policy_document" "cloudlogs_s3_access" {
     ]
 
     resources = [
-      local.bucket_arn,
-      "${local.bucket_arn}/*"
+      var.bucket_arn,
+      "${var.bucket_arn}/*"
     ]
   }
 
@@ -116,8 +115,8 @@ data "aws_iam_policy_document" "cloudlogs_s3_access" {
     ]
 
     resources = [
-      local.bucket_arn,
-      "${local.bucket_arn}/*"
+      var.bucket_arn,
+      "${var.bucket_arn}/*"
     ]
   }
 }
@@ -171,7 +170,7 @@ resource "sysdig_secure_cloud_auth_account_component" "aws_cloud_logs" {
       cloudtrailSns = {
         role_name        = local.role_name
         topic_arn        = var.topic_arn
-        bucket_arn       = local.bucket_arn
+        bucket_arn       = var.bucket_arn
         ingested_regions = var.regions
         routing_key      = local.routing_key
       }
diff --git a/modules/integrations/cloud-logs/variables.tf b/modules/integrations/cloud-logs/variables.tf
index c7ab304..7f9a22a 100644
--- a/modules/integrations/cloud-logs/variables.tf
+++ b/modules/integrations/cloud-logs/variables.tf
@@ -3,8 +3,8 @@ variable "sysdig_secure_account_id" {
   description = "ID of the Sysdig Cloud Account to enable Cloud Logs integration for (in case of organization, ID of the Sysdig management account)"
 }
 
-variable "folder_arn" {
-  description = "(Required) The ARN of your CloudTrail Bucket Folder"
+variable "bucket_arn" {
+  description = "(Required) The ARN of your CloudTrail Bucket"
   type        = string
 }