Skip to content

Commit f6426db

Browse files
miguelpaismiguelpais
committed
With org corrected
1 parent 2e87d6d commit f6426db

File tree

1 file changed

+6
-10
lines changed

1 file changed

+6
-10
lines changed

modules/vm_workload_scanning.cft.yaml

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -65,14 +65,6 @@ Conditions:
6565
Fn::Equals:
6666
- Ref: IsOrganizational
6767
- 'false'
68-
IsOrganizationalAndLambdaEnabled:
69-
Fn::And:
70-
- Fn::Equals:
71-
- Ref: IsOrganizational
72-
- 'true'
73-
- Fn::Equals:
74-
- Ref: LambdaScanningEnabled
75-
- 'true'
7668
IsNotOrganizationalAndLambdaEnabled:
7769
Fn::And:
7870
- Fn::Equals:
@@ -198,7 +190,11 @@ Resources:
198190
Type: String
199191
Description: Enable Lambda function scanning
200192
Default: 'false'
201-
193+
Conditions:
194+
IsLambdaEnabled:
195+
Fn::Equals:
196+
- Ref: LambdaScanningEnabled
197+
- 'true'
202198
Resources:
203199
ScanningRole:
204200
Type: AWS::IAM::Role
@@ -216,7 +212,6 @@ Resources:
216212
sts:ExternalId: !Ref ExternalID
217213
ECRPolicy:
218214
Type: AWS::IAM::Policy
219-
Condition: IsOrganizational
220215
Properties:
221216
PolicyName: !Sub sysdig-vm-workload-scanning-${NameSuffix}-ecr
222217
Roles:
@@ -254,6 +249,7 @@ Resources:
254249
- lambda:ListLayers
255250
- lambda:ListLayerVersions
256251
Resource: '*'
252+
257253
258254
259255
Outputs:

0 commit comments

Comments
 (0)