update cloud-logs example snippets (#70)

* update cloud-logs example snnipets

* modify tokens'

Author: AlejandroTerron

test/examples/organization/cloud_logs.tf

@@ -2,11 +2,31 @@
 # Ensure installation flow for foundational onboarding has been completed before
 # installing additional Sysdig features.
 #---------------------------------------------------------------------------------------------
+provider "aws" {
+  alias  = "sns"
+  region = "us-east-1"
+}
 
 module "cloud-logs" {
   source                   = "../../../modules/integrations/cloud-logs"
-  folder_arn               = "<FOLDER_ARN"
+  bucket_arn               = "arn:aws:s3:::<your-cloudtrail-bucket-name>"
+  bucket_account_id        = "<your-account-id>"
+  kms_key_arn              = "<your-cloudtrail-kms-key-arn>"
+  regions                  = ["us-east-1"]
+  topic_arn                = "<your-cloudtrail-topic-arn>"
+  create_topic             = false
+  role_arn                 = "arn:aws:iam::<your-account-id>:role/<your-role-name>"
   sysdig_secure_account_id = module.onboarding.sysdig_secure_account_id
+  is_organizational        = module.onboarding.is_organizational
+
+  providers = {
+    aws     = aws
+    aws.sns = aws.sns
+  }
+}
+
+output "kms_policy_instructions" {
+  value = module.cloud-logs.kms_policy_instructions
 }
 
 resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" {
@@ -21,9 +41,17 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc
   account_id = module.onboarding.sysdig_secure_account_id
   type       = "FEATURE_SECURE_IDENTITY_ENTITLEMENT"
   enabled    = true
-  components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id])
-  depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic]
-  flags = {"CIEM_FEATURE_MODE": "advanced"}
+  components = concat(
+    sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components,
+    [module.cloud-logs.cloud_logs_component_id]
+  )
+  depends_on = [
+    module.cloud-logs,
+    sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic
+  ]
+  flags = {
+    "CIEM_FEATURE_MODE" = "advanced"
+  }
 
   lifecycle {
     ignore_changes = [flags, components]

test/examples/single_account/cloud_logs.tf

@@ -3,10 +3,30 @@
 # installing additional Sysdig features.
 #---------------------------------------------------------------------------------------------
 
+provider "aws" {
+  alias  = "sns"
+  region = "us-east-1"
+}
+
 module "cloud-logs" {
   source                   = "../../../modules/integrations/cloud-logs"
-  folder_arn               = "<FOLDER_ARN"
+  bucket_arn               = "arn:aws:s3:::<your-cloudtrail-bucket-name>"
+  bucket_account_id        = "<your-account-id>"
+  kms_key_arn              = "<your-cloudtrail-kms-key-arn>"
+  regions                  = ["us-east-1"]
+  topic_arn                = "<your-cloudtrail-topic-arn>"
+  create_topic             = false
+  role_arn                 = "arn:aws:iam::<your-account-id>:role/<your-role-name>"
   sysdig_secure_account_id = module.onboarding.sysdig_secure_account_id
+
+  providers = {
+    aws     = aws
+    aws.sns = aws.sns
+  }
+}
+
+output "kms_policy_instructions" {
+  value = module.cloud-logs.kms_policy_instructions
 }
 
 resource "sysdig_secure_cloud_auth_account_feature" "threat_detection" {
@@ -21,9 +41,17 @@ resource "sysdig_secure_cloud_auth_account_feature" "identity_entitlement_advanc
   account_id = module.onboarding.sysdig_secure_account_id
   type       = "FEATURE_SECURE_IDENTITY_ENTITLEMENT"
   enabled    = true
-  components = concat(sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components, [module.cloud-logs.cloud_logs_component_id])
-  depends_on = [module.cloud-logs, sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic]
-  flags = {"CIEM_FEATURE_MODE": "advanced"}
+  components = concat(
+    sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic.components,
+    [module.cloud-logs.cloud_logs_component_id]
+  )
+  depends_on = [
+    module.cloud-logs,
+    sysdig_secure_cloud_auth_account_feature.identity_entitlement_basic
+  ]
+  flags = {
+    "CIEM_FEATURE_MODE" = "advanced"
+  }
 
   lifecycle {
     ignore_changes = [flags, components]