Merge pull request #66 from jameslarrea/stacketinstance-timeouts

Stackset instance timeouts

modules/services/agentless-scanning/README.md

@@ -61,6 +61,7 @@ No modules.
 | <a name="input_stackset_admin_role_arn"></a> [stackset\_admin\_role\_arn](#input\_stackset\_admin\_role\_arn) | (Optional) stackset admin role to run SELF\_MANAGED stackset | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
 | <a name="input_trusted_identity"></a> [trusted\_identity](#input\_trusted\_identity) | The name of sysdig trusted identity | `string` | n/a | yes |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 

modules/services/agentless-scanning/organizational.tf

@@ -140,6 +140,12 @@ resource "aws_cloudformation_stack_set_instance" "scanning_role_stackset_instanc
   operation_preferences {
     max_concurrent_count = 10
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }
 
 #-----------------------------------------------------------------------------------------------------------------------
@@ -216,6 +222,12 @@ resource "aws_cloudformation_stack_set_instance" "mgmt_acc_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }
 
 #-----------------------------------------------------------------------------------------------------------------------
@@ -299,4 +311,10 @@ resource "aws_cloudformation_stack_set_instance" "ou_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }

modules/services/agentless-scanning/variables.tf

@@ -68,3 +68,9 @@ variable "role_arn" {
   type        = string
   default     = ""
 }
+
+variable "timeout" {
+  type        = string
+  description = "Default timeout values for create, update, and delete operations"
+  default     = "30m"
+}

modules/services/event-bridge/README.md

@@ -58,6 +58,7 @@ No modules.
 | <a name="input_role_arn"></a> [role\_arn](#input\_role\_arn) | (Optional) IAM role created for event-bridge. If already created value is needed to be passed | `string` | `""` | no |
 | <a name="input_stackset_admin_role_arn"></a> [stackset\_admin\_role\_arn](#input\_stackset\_admin\_role\_arn) | (Optional) stackset admin role to run SELF\_MANAGED stackset | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Tags to be attached to all Sysdig resources. | `map(string)` | <pre>{<br>  "product": "sysdig"<br>}</pre> | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 

modules/services/event-bridge/organizational.tf

@@ -136,6 +136,12 @@ resource "aws_cloudformation_stack_set_instance" "stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }
 
 // stackset instance to deploy rule in all regions of management account
@@ -148,6 +154,12 @@ resource "aws_cloudformation_stack_set_instance" "mgmt_acc_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }
 
 // stackset instance to deploy role in all organization units
@@ -162,4 +174,10 @@ resource "aws_cloudformation_stack_set_instance" "eb_role_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }

modules/services/event-bridge/variables.tf

@@ -92,3 +92,9 @@ variable "event_pattern" {
 }
 EOF
 }
+
+variable "timeout" {
+  type        = string
+  description = "Default timeout values for create, update, and delete operations"
+  default     = "30m"
+}

modules/services/trust-relationship/README.md

@@ -49,6 +49,7 @@ No modules.
 | <a name="input_region"></a> [region](#input\_region) | Default region for resource creation in organization mode | `string` | `"eu-central-1"` | no |
 | <a name="input_role_name"></a> [role\_name](#input\_role\_name) | The name of the IAM Role that will be created. | `string` | `"sysdig-secure"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 

modules/services/trust-relationship/main.tf

@@ -186,4 +186,10 @@ resource "aws_cloudformation_stack_set_instance" "stackset_instance" {
   operation_preferences {
     max_concurrent_count = 10
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }

modules/services/trust-relationship/variables.tf

@@ -44,3 +44,9 @@ variable "tags" {
     "product" = "sysdig-secure-for-cloud"
   }
 }
+
+variable "timeout" {
+  type        = string
+  description = "Default timeout values for create, update, and delete operations"
+  default     = "30m"
+}

modules/services/workload-scanning/README.md

@@ -49,6 +49,7 @@ No modules.
 | <a name="input_org_units"></a> [org\_units](#input\_org\_units) | (Optional) List of Organization Unit IDs in which to setup Agentless Workload Scanning. By default, Agentless Workload Scanning will be setup in all accounts within the Organization. This field is ignored if `is_organizational = false` | `set(string)` | `[]`                                                        | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning                                                                                                                                    | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
 | <a name="input_trusted_identity"></a> [trusted\_identity](#input\_trusted\_identity) | The name of sysdig trusted identity                                                                                                                                                                                                         | `string` | n/a                                                         | yes |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 

modules/services/workload-scanning/organizational.tf

@@ -89,4 +89,10 @@ resource "aws_cloudformation_stack_set_instance" "scanning_role_stackset_instanc
   operation_preferences {
     max_concurrent_count = 10
   }
+
+  timeouts {
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
+  }
 }

modules/services/workload-scanning/variables.tf

@@ -46,3 +46,9 @@ variable "role_arn" {
   type        = string
   default     = ""
 }
+
+variable "timeout" {
+  type        = string
+  description = "Default timeout values for create, update, and delete operations"
+  default     = "30m"
+}