From 214439494274013c2698f75eace2986e3db93a2e Mon Sep 17 00:00:00 2001 From: Ajay Rangarajan Date: Thu, 27 Mar 2025 19:24:04 -0500 Subject: [PATCH 1/3] SSPROD-54180 aws logless ciem test updates --- test/examples/organization/cloud_logs.tf | 9 +++++---- test/examples/organization/cloud_logs_gov.tf | 9 +++++---- test/examples/organization/event_bridge.tf | 9 +++++---- test/examples/organization/event_bridge_gov.tf | 7 ++++--- test/examples/organization/onboarding_with_cspm.tf | 11 ++++++++++- .../examples/organization/onboarding_with_cspm_gov.tf | 9 +++++++++ test/examples/single_account/cloud_logs.tf | 9 +++++---- test/examples/single_account/cloud_logs_gov.tf | 9 +++++---- test/examples/single_account/event_bridge.tf | 9 +++++---- test/examples/single_account/event_bridge_gov.tf | 7 ++++--- test/examples/single_account/onboarding_with_cspm.tf | 11 ++++++++++- .../single_account/onboarding_with_cspm_gov.tf | 9 +++++++++ 12 files changed, 76 insertions(+), 32 deletions(-) diff --git a/test/examples/organization/cloud_logs.tf b/test/examples/organization/cloud_logs.tf index f1b22d6..850c7fe 100644 --- a/test/examples/organization/cloud_logs.tf +++ b/test/examples/organization/cloud_logs.tf @@ -17,10 +17,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.cloud-logs] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.cloud-logs.cloud_logs_component_id] - depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.config_posture] -} \ No newline at end of file + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) + depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} +} diff --git a/test/examples/organization/cloud_logs_gov.tf b/test/examples/organization/cloud_logs_gov.tf index 35c9aad..73ffa3e 100644 --- a/test/examples/organization/cloud_logs_gov.tf +++ b/test/examples/organization/cloud_logs_gov.tf @@ -18,10 +18,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.cloud-logs] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.cloud-logs.cloud_logs_component_id] - depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.config_posture] -} \ No newline at end of file + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) + depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} +} diff --git a/test/examples/organization/event_bridge.tf b/test/examples/organization/event_bridge.tf index bea0dd4..59b211f 100644 --- a/test/examples/organization/event_bridge.tf +++ b/test/examples/organization/event_bridge.tf @@ -19,10 +19,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.event-bridge] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.event-bridge.event_bridge_component_id] - depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.config_posture] -} \ No newline at end of file + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) + depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} +} diff --git a/test/examples/organization/event_bridge_gov.tf b/test/examples/organization/event_bridge_gov.tf index cfe3414..312309c 100644 --- a/test/examples/organization/event_bridge_gov.tf +++ b/test/examples/organization/event_bridge_gov.tf @@ -20,10 +20,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.event-bridge] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.event-bridge.event_bridge_component_id] - depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.config_posture] + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) + depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} } diff --git a/test/examples/organization/onboarding_with_cspm.tf b/test/examples/organization/onboarding_with_cspm.tf index cf7ff47..41c810c 100644 --- a/test/examples/organization/onboarding_with_cspm.tf +++ b/test/examples/organization/onboarding_with_cspm.tf @@ -46,4 +46,13 @@ resource "sysdig_secure_cloud_auth_account_feature" "config_posture" { enabled = true components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture] -} \ No newline at end of file +} + +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" { + account_id = module.onboarding.sysdig_secure_account_id + type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" + enabled = true + components = [module.config-posture.config_posture_component_id] + depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] + flags = {"CIEM_FEATURE_MODE": "basic"} +} diff --git a/test/examples/organization/onboarding_with_cspm_gov.tf b/test/examples/organization/onboarding_with_cspm_gov.tf index f5d45d8..6bbe081 100644 --- a/test/examples/organization/onboarding_with_cspm_gov.tf +++ b/test/examples/organization/onboarding_with_cspm_gov.tf @@ -39,3 +39,12 @@ resource "sysdig_secure_cloud_auth_account_feature" "config_posture" { components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture] } + +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" { + account_id = module.onboarding.sysdig_secure_account_id + type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" + enabled = true + components = [module.config-posture.config_posture_component_id] + depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] + flags = {"CIEM_FEATURE_MODE": "basic"} +} diff --git a/test/examples/single_account/cloud_logs.tf b/test/examples/single_account/cloud_logs.tf index f1b22d6..850c7fe 100644 --- a/test/examples/single_account/cloud_logs.tf +++ b/test/examples/single_account/cloud_logs.tf @@ -17,10 +17,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.cloud-logs] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.cloud-logs.cloud_logs_component_id] - depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.config_posture] -} \ No newline at end of file + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) + depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} +} diff --git a/test/examples/single_account/cloud_logs_gov.tf b/test/examples/single_account/cloud_logs_gov.tf index 35c9aad..73ffa3e 100644 --- a/test/examples/single_account/cloud_logs_gov.tf +++ b/test/examples/single_account/cloud_logs_gov.tf @@ -18,10 +18,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.cloud-logs] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.cloud-logs.cloud_logs_component_id] - depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.config_posture] -} \ No newline at end of file + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) + depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} +} diff --git a/test/examples/single_account/event_bridge.tf b/test/examples/single_account/event_bridge.tf index 91a0418..ccf8342 100644 --- a/test/examples/single_account/event_bridge.tf +++ b/test/examples/single_account/event_bridge.tf @@ -17,10 +17,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.event-bridge] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.event-bridge.event_bridge_component_id] - depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.config_posture] -} \ No newline at end of file + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) + depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} +} diff --git a/test/examples/single_account/event_bridge_gov.tf b/test/examples/single_account/event_bridge_gov.tf index ba068a5..7717a84 100644 --- a/test/examples/single_account/event_bridge_gov.tf +++ b/test/examples/single_account/event_bridge_gov.tf @@ -18,10 +18,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" { depends_on = [module.event-bridge] } -resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement" { +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanced" { account_id = module.onboarding.sysdig_secure_account_id type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" enabled = true - components = [module.event-bridge.event_bridge_component_id] - depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.config_posture] + components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) + depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] + flags = {"CIEM_FEATURE_MODE": "advanced"} } diff --git a/test/examples/single_account/onboarding_with_cspm.tf b/test/examples/single_account/onboarding_with_cspm.tf index f2ead44..1259e9b 100644 --- a/test/examples/single_account/onboarding_with_cspm.tf +++ b/test/examples/single_account/onboarding_with_cspm.tf @@ -32,4 +32,13 @@ resource "sysdig_secure_cloud_auth_account_feature" "config_posture" { enabled = true components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture] -} \ No newline at end of file +} + +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" { + account_id = module.onboarding.sysdig_secure_account_id + type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" + enabled = true + components = [module.config-posture.config_posture_component_id] + depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] + flags = {"CIEM_FEATURE_MODE": "basic"} +} diff --git a/test/examples/single_account/onboarding_with_cspm_gov.tf b/test/examples/single_account/onboarding_with_cspm_gov.tf index f3de5d1..7c2648e 100644 --- a/test/examples/single_account/onboarding_with_cspm_gov.tf +++ b/test/examples/single_account/onboarding_with_cspm_gov.tf @@ -35,3 +35,12 @@ resource "sysdig_secure_cloud_auth_account_feature" "config_posture" { components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture] } + +resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" { + account_id = module.onboarding.sysdig_secure_account_id + type = "FEATURE_SECURE_IDENTITY_ENTITLEMENT" + enabled = true + components = [module.config-posture.config_posture_component_id] + depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] + flags = {"CIEM_FEATURE_MODE": "basic"} +} From 865b7306260dc32adc2c18faf5c55813aa0883f7 Mon Sep 17 00:00:00 2001 From: Ajay Rangarajan Date: Tue, 1 Apr 2025 12:17:35 -0500 Subject: [PATCH 2/3] SSPROD-54180 adding ignore changes to basic feature --- test/examples/organization/onboarding_with_cspm.tf | 8 +++++++- test/examples/organization/onboarding_with_cspm_gov.tf | 8 +++++++- test/examples/single_account/onboarding_with_cspm.tf | 8 +++++++- test/examples/single_account/onboarding_with_cspm_gov.tf | 8 +++++++- 4 files changed, 28 insertions(+), 4 deletions(-) diff --git a/test/examples/organization/onboarding_with_cspm.tf b/test/examples/organization/onboarding_with_cspm.tf index d52aec9..1f4869f 100644 --- a/test/examples/organization/onboarding_with_cspm.tf +++ b/test/examples/organization/onboarding_with_cspm.tf @@ -57,5 +57,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" enabled = true components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] - flags = {"CIEM_FEATURE_MODE": "basic"} + flags = { + "CIEM_FEATURE_MODE": "basic" + } + + lifecycle { + ignore_changes = [flags] + } } diff --git a/test/examples/organization/onboarding_with_cspm_gov.tf b/test/examples/organization/onboarding_with_cspm_gov.tf index 6bbe081..ec4f433 100644 --- a/test/examples/organization/onboarding_with_cspm_gov.tf +++ b/test/examples/organization/onboarding_with_cspm_gov.tf @@ -46,5 +46,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" enabled = true components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] - flags = {"CIEM_FEATURE_MODE": "basic"} + flags = { + "CIEM_FEATURE_MODE": "basic" + } + + lifecycle { + ignore_changes = [flags] + } } diff --git a/test/examples/single_account/onboarding_with_cspm.tf b/test/examples/single_account/onboarding_with_cspm.tf index 1259e9b..714202f 100644 --- a/test/examples/single_account/onboarding_with_cspm.tf +++ b/test/examples/single_account/onboarding_with_cspm.tf @@ -40,5 +40,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" enabled = true components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] - flags = {"CIEM_FEATURE_MODE": "basic"} + flags = { + "CIEM_FEATURE_MODE": "basic" + } + + lifecycle { + ignore_changes = [flags] + } } diff --git a/test/examples/single_account/onboarding_with_cspm_gov.tf b/test/examples/single_account/onboarding_with_cspm_gov.tf index 7c2648e..4de41e7 100644 --- a/test/examples/single_account/onboarding_with_cspm_gov.tf +++ b/test/examples/single_account/onboarding_with_cspm_gov.tf @@ -42,5 +42,11 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" enabled = true components = [module.config-posture.config_posture_component_id] depends_on = [module.config-posture, sysdig_secure_cloud_auth_account_feature.config_posture] - flags = {"CIEM_FEATURE_MODE": "basic"} + flags = { + "CIEM_FEATURE_MODE": "basic" + } + + lifecycle { + ignore_changes = [flags] + } } From 37f6fead69f51e2dce4e56c5355d2d51df72a15e Mon Sep 17 00:00:00 2001 From: Ajay Rangarajan Date: Mon, 7 Apr 2025 01:38:50 -0500 Subject: [PATCH 3/3] SSPROD-54180 ignore basic ciem flag and component changes --- test/examples/organization/cloud_logs.tf | 4 ++++ test/examples/organization/cloud_logs_gov.tf | 4 ++++ test/examples/organization/event_bridge.tf | 4 ++++ test/examples/organization/event_bridge_gov.tf | 4 ++++ test/examples/organization/onboarding_with_cspm.tf | 2 +- test/examples/organization/onboarding_with_cspm_gov.tf | 2 +- test/examples/single_account/cloud_logs.tf | 4 ++++ test/examples/single_account/cloud_logs_gov.tf | 4 ++++ test/examples/single_account/event_bridge.tf | 4 ++++ test/examples/single_account/event_bridge_gov.tf | 4 ++++ test/examples/single_account/onboarding_with_cspm.tf | 2 +- test/examples/single_account/onboarding_with_cspm_gov.tf | 2 +- 12 files changed, 36 insertions(+), 4 deletions(-) diff --git a/test/examples/organization/cloud_logs.tf b/test/examples/organization/cloud_logs.tf index 850c7fe..eed15e2 100644 --- a/test/examples/organization/cloud_logs.tf +++ b/test/examples/organization/cloud_logs.tf @@ -24,4 +24,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/organization/cloud_logs_gov.tf b/test/examples/organization/cloud_logs_gov.tf index 73ffa3e..d34838c 100644 --- a/test/examples/organization/cloud_logs_gov.tf +++ b/test/examples/organization/cloud_logs_gov.tf @@ -25,4 +25,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/organization/event_bridge.tf b/test/examples/organization/event_bridge.tf index 3d1bb0a..dfbe851 100644 --- a/test/examples/organization/event_bridge.tf +++ b/test/examples/organization/event_bridge.tf @@ -33,4 +33,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/organization/event_bridge_gov.tf b/test/examples/organization/event_bridge_gov.tf index 312309c..c6f7137 100644 --- a/test/examples/organization/event_bridge_gov.tf +++ b/test/examples/organization/event_bridge_gov.tf @@ -27,4 +27,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/organization/onboarding_with_cspm.tf b/test/examples/organization/onboarding_with_cspm.tf index 1f4869f..ba1512a 100644 --- a/test/examples/organization/onboarding_with_cspm.tf +++ b/test/examples/organization/onboarding_with_cspm.tf @@ -62,6 +62,6 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" } lifecycle { - ignore_changes = [flags] + ignore_changes = [flags, components] } } diff --git a/test/examples/organization/onboarding_with_cspm_gov.tf b/test/examples/organization/onboarding_with_cspm_gov.tf index ec4f433..f166d0b 100644 --- a/test/examples/organization/onboarding_with_cspm_gov.tf +++ b/test/examples/organization/onboarding_with_cspm_gov.tf @@ -51,6 +51,6 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" } lifecycle { - ignore_changes = [flags] + ignore_changes = [flags, components] } } diff --git a/test/examples/single_account/cloud_logs.tf b/test/examples/single_account/cloud_logs.tf index 850c7fe..eed15e2 100644 --- a/test/examples/single_account/cloud_logs.tf +++ b/test/examples/single_account/cloud_logs.tf @@ -24,4 +24,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/single_account/cloud_logs_gov.tf b/test/examples/single_account/cloud_logs_gov.tf index 73ffa3e..d34838c 100644 --- a/test/examples/single_account/cloud_logs_gov.tf +++ b/test/examples/single_account/cloud_logs_gov.tf @@ -25,4 +25,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id]) depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/single_account/event_bridge.tf b/test/examples/single_account/event_bridge.tf index ccf8342..702b236 100644 --- a/test/examples/single_account/event_bridge.tf +++ b/test/examples/single_account/event_bridge.tf @@ -24,4 +24,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/single_account/event_bridge_gov.tf b/test/examples/single_account/event_bridge_gov.tf index 7717a84..98e32c2 100644 --- a/test/examples/single_account/event_bridge_gov.tf +++ b/test/examples/single_account/event_bridge_gov.tf @@ -25,4 +25,8 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.event-bridge.event_bridge_component_id]) depends_on = [module.event-bridge, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic] flags = {"CIEM_FEATURE_MODE": "advanced"} + + lifecycle { + ignore_changes = [flags, components] + } } diff --git a/test/examples/single_account/onboarding_with_cspm.tf b/test/examples/single_account/onboarding_with_cspm.tf index 6b7db74..bd7010a 100644 --- a/test/examples/single_account/onboarding_with_cspm.tf +++ b/test/examples/single_account/onboarding_with_cspm.tf @@ -45,6 +45,6 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" } lifecycle { - ignore_changes = [flags] + ignore_changes = [flags, components] } } diff --git a/test/examples/single_account/onboarding_with_cspm_gov.tf b/test/examples/single_account/onboarding_with_cspm_gov.tf index 4de41e7..c67011d 100644 --- a/test/examples/single_account/onboarding_with_cspm_gov.tf +++ b/test/examples/single_account/onboarding_with_cspm_gov.tf @@ -47,6 +47,6 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_basic" } lifecycle { - ignore_changes = [flags] + ignore_changes = [flags, components] } }