Skip to content

Commit

Permalink
feat: ability to specify the datacollector image (#17)
Browse files Browse the repository at this point in the history
  • Loading branch information
@timarenz
timarenz authored Oct 13, 2021
1 parent 7942688 commit fe15123
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 21 deletions.
41 changes: 21 additions & 20 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,26 +30,27 @@ The `main.tf` file will configure a daemon Service within the specified ECS Clus

## Inputs

| Name | Description | Type | Default | Required |
| ----------------------- | ----------------------------------------------------------------------------------- | ------------- | -------------------------- | :------: |
| ecs_cluster_arn | The ARN of the ECS cluster in which to deploy the Lacework agent | `string` | n/a | yes |
| ecs_launch_type | The desired launch type for the Lacework agent ECS Service | `string` | `"EC2"` | no |
| ecs_service_name | The desired name for the Lacework agent ECS Service | `string` | `""` | no |
| ecs_task_family_name | The desired name for the Lacework agent ECS Task Definition | `string` | `""` | no |
| iam_role_arn | The IAM role ARN to use when `use_existing_iam_role` is `true` | `string` | `""` | no |
| iam_role_name | The IAM role name to use when `use_existing_iam_role` is `false` | `string` | `""` | no |
| iam_role_tags | The tags to apply to a created IAM role | `map(string)` | `{}` | no |
| lacework_access_token | The access token for the Lacework agent | `string` | n/a | yes |
| lacework_server_url | The server URL for the Lacework agent | `string` | `""` | no |
| lacework_task_cpu | The quantity of CPU units to assign to the task | `string` | `"512"` | no |
| lacework_task_mem | The quantity of Memory (MiB) to assign to the task | `string` | `"512"` | no |
| resource_prefix | A prefix that will be use at the beginning of every generated resource | `string` | `"lacework-ecs"` | no |
| ssm_parameter_arn | An existing SSM parameter ARN. Can be used when `use_ssm_parameter_store` is `true` | `string` | `""` | no |
| ssm_parameter_encrypted | Set this to `true` if the SSM parameter is/should be encrypted | `bool` | `false` | no |
| ssm_parameter_kms_arn | The ARN of the KMS key to use when `ssm_parameter_encrypted` is `true` | `string` | `""` | no |
| ssm_parameter_name | The name to use for the Lacework agent access token when using SSM | `string` | `"/lacework/access_token"` | no |
| use_existing_iam_role | Set this to `true` to use an existing IAM role | `bool` | `false` | no |
| use_ssm_parameter_store | Set this to `true` to use SSM to store the Lacework agent access token | `bool` | `false` | no |
| Name | Description | Type | Default | Required |
| ---------------------------- | ----------------------------------------------------------------------------------- | ------------- | --------------------------------- | :------: |
| ecs_cluster_arn | The ARN of the ECS cluster in which to deploy the Lacework agent | `string` | n/a | yes |
| ecs_launch_type | The desired launch type for the Lacework agent ECS Service | `string` | `"EC2"` | no |
| ecs_service_name | The desired name for the Lacework agent ECS Service | `string` | `""` | no |
| ecs_task_family_name | The desired name for the Lacework agent ECS Task Definition | `string` | `""` | no |
| iam_role_arn | The IAM role ARN to use when `use_existing_iam_role` is `true` | `string` | `""` | no |
| iam_role_name | The IAM role name to use when `use_existing_iam_role` is `false` | `string` | `""` | no |
| iam_role_tags | The tags to apply to a created IAM role | `map(string)` | `{}` | no |
| lacework_access_token | The access token for the Lacework agent | `string` | n/a | yes |
| lacework_datacollector_image | The image used to deploy the Lacework datacollector. | `string` | `"lacework/datacollector:latest"` | no |
| lacework_server_url | The server URL for the Lacework agent | `string` | `""` | no |
| lacework_task_cpu | The quantity of CPU units to assign to the task | `string` | `"512"` | no |
| lacework_task_mem | The quantity of Memory (MiB) to assign to the task | `string` | `"512"` | no |
| resource_prefix | A prefix that will be use at the beginning of every generated resource | `string` | `"lacework-ecs"` | no |
| ssm_parameter_arn | An existing SSM parameter ARN. Can be used when `use_ssm_parameter_store` is `true` | `string` | `""` | no |
| ssm_parameter_encrypted | Set this to `true` if the SSM parameter is/should be encrypted | `bool` | `false` | no |
| ssm_parameter_kms_arn | The ARN of the KMS key to use when `ssm_parameter_encrypted` is `true` | `string` | `""` | no |
| ssm_parameter_name | The name to use for the Lacework agent access token when using SSM | `string` | `"/lacework/access_token"` | no |
| use_existing_iam_role | Set this to `true` to use an existing IAM role | `bool` | `false` | no |
| use_ssm_parameter_store | Set this to `true` to use SSM to store the Lacework agent access token | `bool` | `false` | no |

## Outputs

Expand Down
2 changes: 1 addition & 1 deletion main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ locals {
local.environment_json,
{
"essential" : true,
"image" : "lacework/datacollector",
"image" : "${var.lacework_datacollector_image}",
"mountPoints" : [
{
"readOnly" : true,
Expand Down
6 changes: 6 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,12 @@ variable "lacework_access_token" {
description = "The access token for the Lacework agent"
}

variable "lacework_datacollector_image" {
type = string
description = "The image used to deploy the Lacework datacollector."
default = "lacework/datacollector:latest"
}

variable "lacework_server_url" {
type = string
default = ""
Expand Down

0 comments on commit fe15123

Please sign in to comment.