You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/config-posture/README.md
+10-12Lines changed: 10 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,16 +16,16 @@ If instrumenting an Organziation, the following resources will be created:
16
16
- A cloud account component in the Sysdig Backend, associated with the GCP project and with the required component to serve the config posture functions.
17
17
18
18
Note:
19
-
- The outputs from the foundational module, such as `sysdig_secure_project_id` are needed as inputs to the other features/integrations modules for subsequent modular installs.
19
+
- The outputs from the foundational module, such as `sysdig_secure_account_id` are needed as inputs to the other features/integrations modules for subsequent modular installs.
20
20
21
21
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
|[google_organization.org](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/organization)| data source |
46
45
|[sysdig_secure_trusted_cloud_identity.trusted_identity](https://registry.terraform.io/providers/sysdiglabs/sysdig/latest/docs/data-sources/secure_trusted_cloud_identity)| data source |
47
46
|[google_project.project](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/project)| data source |
47
+
|[sysdig_secure_tenant_external_id](https://registry.terraform.io/providers/sysdiglabs/sysdig/latest/docs/data-sources/secure_tenant_external_id)| data source |
| <aname="input_project_id"></a> [project\_id](#input\_project\_id)| (Required) Target Project identifier provided by the customer |`string`| n/a | yes |
64
63
| <aname="input_suffix"></a> [suffix](#input\_suffix)| (Optional) Suffix to uniquely identify resources during multiple installs. If not provided, random value is autogenerated |`string`|`null`| no |
65
64
| <aname="input_sysdig_secure_account_id"></a> [sysdig\_secure\_account\_id](#input\_sysdig\_secure\_account\_id)| (Required) The GUID of the management project or single project per sysdig representation |`string`| n/a | yes |
66
-
| <aname="input_management_group_ids"></a> [management\_group\_ids](#input\_management\_group\_ids)| (Optional) Management group ids to onboard sub ogs or folders like 'organizations/sysdig.com' or 'folders/test-1' |`string`| n/a | no |
Copy file name to clipboardExpand all lines: modules/onboarding/README.md
+22-23Lines changed: 22 additions & 23 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,26 +7,26 @@ The Foundational Onboarding module serves the following functions:
7
7
8
8
If instrumenting a project, the following resources will be created:
9
9
- All the necessary `Service Accounts` and `Policies` to enable the Onboarding operation at the project level
10
-
- A `Workload Identity Pool`, `Provider`and added custom role permissions to the `Service Account`, to allow Sysdig to authenticate to GCP on your behalf to validate resources.
10
+
- A `Service Account key`and added role permissions to the `Service Account`, to allow Sysdig to authenticate to GCP on your behalf to validate resources.
11
11
- A cloud account in the Sysdig Backend, associated with the GCP project and with the required component to serve the foundational functions.
12
12
13
13
If instrumenting an Organziation, the following resources will be created:
14
14
- All the necessary `Service Accounts` and `Policies` to enable the Onboarding operation at the organization level
15
-
- A `Workload Identity Pool`, `Provider`and added custom role permissions to the `Service Account`, to allow Sysdig to authenticate to GCP on your behalf to validate resources.
15
+
- A `Service Account key`and added role permissions to the `Service Account`, to allow Sysdig to authenticate to GCP on your behalf to validate resources.
16
16
- A cloud account in the Sysdig Backend, associated with the management project and with the required component to serve the foundational functions.
17
17
- A cloud organization in the Sysdig Backend, associated with the GCP Organization to fetch the organization structure to install Sysdig Secure for Cloud on.
18
18
19
19
Note:
20
-
- The outputs from the foundational module, such as `sysdig_secure_project_id` are needed as inputs to the other features/integrations modules for subsequent modular installs.
20
+
- The outputs from the foundational module, such as `sysdig_secure_account_id` are needed as inputs to the other features/integrations modules for subsequent modular installs.
21
21
22
22
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
|[google_organization.org](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/organization)| data source |
47
-
|[sysdig_secure_trusted_cloud_identity.trusted_identity](https://registry.terraform.io/providers/sysdiglabs/sysdig/latest/docs/data-sources/secure_trusted_cloud_identity)| data source |
48
46
|[google_project.project](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/project)| data source |
| <aname="input_is_organizational"></a> [is\_organizational](#input\_is\_organizational)| (Optional) Set this field to 'true' to deploy secure-for-cloud to a GCP Organization. |`bool`|`false`| no |
63
-
| <aname="input_organization_domain"></a> [organization\_domain](#input\_organization\_domain)| Organization domain. e.g. sysdig.com |`string`|`""`| no |
64
-
| <aname="input_project_id"></a> [project\_id](#input\_project\_id)| (Required) Target Project identifier provided by the customer |`string`| n/a | yes |
65
-
| <aname="input_suffix"></a> [suffix](#input\_suffix)| (Optional) Suffix to uniquely identify resources during multiple installs. If not provided, random value is autogenerated |`string`|`null`| no |
56
+
| Name | Description | Type | Default | Required |
| <aname="input_is_organizational"></a> [is\_organizational](#input\_is\_organizational)| (Optional) Set this field to 'true' to deploy secure-for-cloud to a GCP Organization. |`bool`|`false`| no |
59
+
| <aname="input_organization_domain"></a> [organization\_domain](#input\_organization\_domain)| Organization domain. e.g. sysdig.com |`string`|`""`| no |
60
+
| <aname="input_project_id"></a> [project\_id](#input\_project\_id)| (Required) Target Project identifier provided by the customer |`string`| n/a | yes |
61
+
| <aname="input_suffix"></a> [suffix](#input\_suffix)| (Optional) Suffix to uniquely identify resources during multiple installs. If not provided, random value is autogenerated |`string`|`null`| no |
62
+
| <aname="input_management_group_ids"></a> [suffix](#input\_management\_group\_ids)| (Optional) List of management group ids w.r.t an org install. If not provided, set to empty by default |`string`|`null`| no |
| <aname="output_sysdig_secure_account_id"></a> [sysdig\_secure\_project\_id](#output\_sysdig\_secure\_account\_id)| ID of the Sysdig Cloud Account created |
70
+
| <aname="output_sysdig_secure_account_id"></a> [sysdig\_secure\_account\_id](#output\_sysdig\_secure\_account\_id)| ID of the Sysdig Cloud Account created |
72
71
| <aname="output_is_organizational"></a> [is\_organizational](#output\_is\_organizational)| Boolean value to indicate if secure-for-cloud is deployed to an entire GCP organization or not |
73
72
| <aname="output_organization_domain"></a> [organization\_domain](#output\_organization\_domain)| Organization domain of the GCP org being onboarded |
74
73
| <aname="output_project_id"></a> [project\_id](#output\_project\_id)| The management project id chosen during install, where global resources are deployed |
0 commit comments