sysdiglabs · wideawakening · May 16, 2022 · May 16, 2022 · May 16, 2022 · May 16, 2022
@@ -28,6 +28,7 @@ module "ssm" {
   source                  = "../../modules/infrastructure/ssm"
   name                    = var.name
   sysdig_secure_api_token = data.sysdig_secure_connection.current.secure_api_token
+  tags                    = var.tags
 }
 
 
@@ -43,7 +44,10 @@ module "codebuild" {
   source                       = "../../modules/infrastructure/codebuild"
   name                         = var.name
   secure_api_token_secret_name = module.ssm.secure_api_token_secret_name
-  depends_on                   = [module.ssm]
+
+  tags = var.tags
+  # note. this is required to avoid race conditions
+  depends_on = [module.ssm]
 }
 
 module "cloud_connector" {

@@ -11,6 +11,7 @@ module "ssm" {
   source                  = "../../modules/infrastructure/ssm"
   name                    = var.name
   sysdig_secure_api_token = data.sysdig_secure_connection.current.secure_api_token
+  tags                    = var.tags
 }
 
 

@@ -11,6 +11,7 @@ module "ssm" {
   source                  = "../../modules/infrastructure/ssm"
   name                    = var.name
   sysdig_secure_api_token = data.sysdig_secure_connection.current.secure_api_token
+  tags                    = var.tags
 }
 
 

@@ -85,7 +85,7 @@ $ terraform apply
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 | <a name="provider_helm"></a> [helm](#provider\_helm) | 2.5.1 |
 | <a name="provider_sysdig"></a> [sysdig](#provider\_sysdig) | 0.5.37 |
 

@@ -8,4 +8,5 @@ module "ssm" {
   source                  = "../../modules/infrastructure/ssm"
   name                    = var.name
   sysdig_secure_api_token = data.sysdig_secure_connection.current.secure_api_token
+  tags                    = var.tags
 }
@@ -49,7 +49,7 @@ $ terraform apply
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -12,7 +12,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -46,7 +46,7 @@ EVENT FILTER/fine-tunning, regarding what we want to send to Sysdig Cloud-Connec
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -12,7 +12,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -13,7 +13,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -12,7 +12,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -12,7 +12,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -15,7 +15,7 @@ General permissions that apply to both cloud-connector and cloud-scanning module
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -45,7 +45,7 @@ Note: Contact us if this authentication system does not match your requirement.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -29,7 +29,7 @@ The aim of this module is to manage the organizational **managed account** requi
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -13,7 +13,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -12,7 +12,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -16,7 +16,7 @@ and pass it, in a safe way, to all the modules that require it.
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 
 ## Modules
 

@@ -26,7 +26,7 @@ Deployed on **Sysdig Backend**
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | 3.1.3 |
 | <a name="provider_sysdig"></a> [sysdig](#provider\_sysdig) | 0.5.37 |
 

@@ -15,7 +15,7 @@ A task deployed on an **ECS deployment** will detect events in your infrastructu
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.13.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 4.14.0 |
 | <a name="provider_sysdig"></a> [sysdig](#provider\_sysdig) | 0.5.37 |
 
 ## Modules

@@ -0,0 +1,30 @@
+# Use-Case Questionnaire
+
+This questionnaire is aimed to help you/us find the most suitable example or self-baked use-case.
+Despite wanting only to trial it, we suggest that you deploy, and test it, in the most-similar situation to what
+you have on your production environment.
+
+We are aware that current examples don't suit all situations, and we will keep improving them to be as configurable as possible.
+Contact us with these questions answered to help us.
+
+> Sysdig Secure for Cloud is served in Terraform [AWS](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud), [GCP](https://github.com/sysdiglabs/terraform-google-secure-for-cloud) and [Azure](https://github.com/sysdiglabs/terraform-azurerm-secure-for-cloud)
+modules, and we also offer [AWS Cloudformation templates](https://github.com/sysdiglabs/aws-templates-secure-for-cloud)
+
+
+- does your company work under an organization (AWS/GCP) or tenant (Azure)?
+- if so, how many member accounts (aws) /projects (gcp) /subscriptions (azure) does it have?
+- in what Sysdig features are you interested in?
+    - [ ] [Runtime Threat Detection](https://docs.sysdig.com/en/docs/sysdig-secure/insights/)*
+    - [ ] [Compliance](https://docs.sysdig.com/en/docs/sysdig-secure/posture/compliance/compliance-unified-/)* (cis benchmarks and others)
+    - [ ] [Identity and Access Management](https://docs.sysdig.com/en/docs/sysdig-secure/posture/permissions-and-entitlements/)*
+    - [ ] Registry/repository [Image scanning](https://docs.sysdig.com/en/docs/sysdig-secure/scanning/)
+    - [ ] Runtime workload image scanning (ecs on Aws, cloudrun on GCP, or container instances on Azure)
+
+
+for AWS using customers
+  - [ ] do you have an existing cloudtrail?
+    - if yes, is it an organizational cloudtrail?
+      - does the cloudtrail report to an SNS?
+    - if it's not organizational, does each trail report to the same s3 bucket?
+  - sysdig secure for cloud is presented in different workload flavor; ECS, K8S or Apprunner, would you have any preference?
+    - in case of ECS or K8S, do you have an existing cluster you would like to re-use?
@@ -12,7 +12,7 @@
     - [X] k8s cluster we want to use to deploy Sysdig for Cloud workload
 - [X] permission setup
     - [?] sysdig workload account usage - all required and pre-existing resources exist in the same account
-    - [?] sydig workload account usage - all required resources are in scattered accounts
+    - [?] sysdig workload account usage - all required resources are in scattered accounts
 
 **Sysdig Secure For Cloud Features**
 

@@ -69,7 +69,7 @@ provider "helm" {
 
 ```
 
-3. **Cloudtrail-S3-SNS-SQS** 
+3. **Cloudtrail-S3-SNS-SQS**
    [Usage of cloudtrail-s3-sns-sqs module](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/modules/infrastructure/cloudtrail_s3-sns-sqs) for cloudtrail's with no sns notification
 
    1. Populate  `CLOUDTRAIL_S3_NAME`