A Terraform Module for configuring a CSPM integration with Lacework for an OCI cloud account.
Sometimes it takes a moment for OCI resources to become available after they've been created.
When that happens, this module will sometimes fail terraform apply. Rerunning terraform apply will solve it, since by then the created OCI resources will have become available.
| Name | Version |
|---|---|
| terraform | >= 0.14 |
| lacework | ~> 2.0 |
| oci | >= 5.2.0 |
| time | ~> 0.9 |
| Name | Version |
|---|---|
| lacework | ~> 2.0 |
| oci | >= 5.2.0 |
| random | n/a |
| time | ~> 0.9 |
| Name | Source | Version |
|---|---|---|
| lacework_oci_credentials | lacework/iam-user/oci | ~> 0.3 |
| Name | Type |
|---|---|
| lacework_integration_oci_cfg.lacework_integration | resource |
| oci_identity_policy.lacework_policy | resource |
| random_id.uniq | resource |
| time_sleep.wait_time | resource |
| lacework_metric_module.lwmetrics | data source |
| oci_identity_region_subscriptions.home_region | data source |
| oci_identity_tenancy.tenancy | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| create | Set to false to prevent module from creating any resources | bool |
true |
no |
| freeform_tags | freeform tags for the resources created for Lacework CSPM integration | map(any) |
{} |
no |
| group_name | Name of the IAM group for the Lacework user (overrides name_prefix) | string |
"" |
no |
| integration_name | Label for the OCI integration used within the Lacework platform | string |
"OCI CSPM Integration" |
no |
| name_prefix | The OCI resources will have the names ${name_prefix}_{user,group,policy} | string |
"lw_cspm" |
no |
| policy_name | Name of the policy that governs the Lacework user's permissions (overrides name_prefix) | string |
"" |
no |
| tenancy_id | OCID of the OCI tenancy to be integrated with Lacework | string |
n/a | yes |
| user_email | Email associated with the created user | string |
n/a | yes |
| user_name | Name of the IAM user used for Lacework integration (overrides name_prefix) | string |
"" |
no |
| wait_time | Amount of time to wait before the next resource is provisioned | string |
"10s" |
no |
| Name | Description |
|---|---|
| created | Was the OCI user created |
| group_name | The user name of the group created for Lacework integration |
| group_ocid | OCID of the group created to manage permissions for the integration user |
| integration_guid | Unique identifier for the integration used in by Lacework |
| policy_name | n/a |
| policy_ocid | OCID of the policy created to manage permissions for the integration user |
| user_name | The user name of the user created for Lacework integration |
| user_ocid | OCID of the user created for the Lacework integration |