From 541b0f6f1e2deaf5ee8fe5d2d4b142aba8063864 Mon Sep 17 00:00:00 2001
From: jameslarrea <97474779+jameslarrea@users.noreply.github.com>
Date: Sun, 28 Apr 2024 22:09:06 -0400
Subject: [PATCH 1/3] add stackset instance timeout variable for modules

---
 .../agentless-scanning/organizational.tf       | 18 ++++++++++++++++++
 .../services/agentless-scanning/variables.tf   | 10 ++++++++++
 .../services/event-bridge/organizational.tf    | 18 ++++++++++++++++++
 modules/services/event-bridge/variables.tf     | 10 ++++++++++
 modules/services/trust-relationship/main.tf    |  6 ++++++
 .../services/trust-relationship/variables.tf   | 10 ++++++++++
 .../workload-scanning/organizational.tf        |  6 ++++++
 .../services/workload-scanning/variables.tf    | 10 ++++++++++
 8 files changed, 88 insertions(+)

diff --git a/modules/services/agentless-scanning/organizational.tf b/modules/services/agentless-scanning/organizational.tf
index 66d5b45..320b7fc 100644
--- a/modules/services/agentless-scanning/organizational.tf
+++ b/modules/services/agentless-scanning/organizational.tf
@@ -136,6 +136,12 @@ resource "aws_cloudformation_stack_set_instance" "scanning_role_stackset_instanc
   operation_preferences {
     max_concurrent_count = 10
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
 
 #-----------------------------------------------------------------------------------------------------------------------
@@ -208,6 +214,12 @@ resource "aws_cloudformation_stack_set_instance" "mgmt_acc_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
 
 #-----------------------------------------------------------------------------------------------------------------------
@@ -287,4 +299,10 @@ resource "aws_cloudformation_stack_set_instance" "ou_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
diff --git a/modules/services/agentless-scanning/variables.tf b/modules/services/agentless-scanning/variables.tf
index b7c2ee0..c140ea6 100644
--- a/modules/services/agentless-scanning/variables.tf
+++ b/modules/services/agentless-scanning/variables.tf
@@ -68,3 +68,13 @@ variable "role_arn" {
   type        = string
   default     = ""
 }
+
+variable "timeouts" {
+  description = "Default timeout values for create, update, and delete operations"
+  type        = map(string)
+  default = {
+    create = "30m"
+    update = "30m"
+    delete = "30m"
+  }
+}
\ No newline at end of file
diff --git a/modules/services/event-bridge/organizational.tf b/modules/services/event-bridge/organizational.tf
index 41d7e1f..0e3df9a 100644
--- a/modules/services/event-bridge/organizational.tf
+++ b/modules/services/event-bridge/organizational.tf
@@ -124,6 +124,12 @@ resource "aws_cloudformation_stack_set_instance" "stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
 
 // stackset instance to deploy rule in all regions of management account
@@ -136,6 +142,12 @@ resource "aws_cloudformation_stack_set_instance" "mgmt_acc_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
 
 // stackset instance to deploy role in all organization units
@@ -150,4 +162,10 @@ resource "aws_cloudformation_stack_set_instance" "eb_role_stackset_instance" {
     max_concurrent_count    = 10
     region_concurrency_type = "PARALLEL"
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
diff --git a/modules/services/event-bridge/variables.tf b/modules/services/event-bridge/variables.tf
index f219f98..1edee41 100644
--- a/modules/services/event-bridge/variables.tf
+++ b/modules/services/event-bridge/variables.tf
@@ -92,3 +92,13 @@ variable "event_pattern" {
 }
 EOF
 }
+
+variable "timeouts" {
+  description = "Default timeout values for create, update, and delete operations"
+  type        = map(string)
+  default = {
+    create = "30m"
+    update = "30m"
+    delete = "30m"
+  }
+}
\ No newline at end of file
diff --git a/modules/services/trust-relationship/main.tf b/modules/services/trust-relationship/main.tf
index 21834e1..37b8af7 100644
--- a/modules/services/trust-relationship/main.tf
+++ b/modules/services/trust-relationship/main.tf
@@ -164,4 +164,10 @@ resource "aws_cloudformation_stack_set_instance" "stackset_instance" {
   operation_preferences {
     max_concurrent_count = 10
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
diff --git a/modules/services/trust-relationship/variables.tf b/modules/services/trust-relationship/variables.tf
index 6b810fa..32c8de4 100644
--- a/modules/services/trust-relationship/variables.tf
+++ b/modules/services/trust-relationship/variables.tf
@@ -44,3 +44,13 @@ variable "tags" {
     "product" = "sysdig-secure-for-cloud"
   }
 }
+
+variable "timeouts" {
+  description = "Default timeout values for create, update, and delete operations"
+  type        = map(string)
+  default = {
+    create = "30m"
+    update = "30m"
+    delete = "30m"
+  }
+}
\ No newline at end of file
diff --git a/modules/services/workload-scanning/organizational.tf b/modules/services/workload-scanning/organizational.tf
index 52fc986..8d1477e 100644
--- a/modules/services/workload-scanning/organizational.tf
+++ b/modules/services/workload-scanning/organizational.tf
@@ -85,4 +85,10 @@ resource "aws_cloudformation_stack_set_instance" "scanning_role_stackset_instanc
   operation_preferences {
     max_concurrent_count = 10
   }
+
+  timeouts {
+    create = var.timeouts["create"]
+    update = var.timeouts["update"]
+    delete = var.timeouts["delete"]
+  }
 }
diff --git a/modules/services/workload-scanning/variables.tf b/modules/services/workload-scanning/variables.tf
index b3dcf88..70c5b3c 100644
--- a/modules/services/workload-scanning/variables.tf
+++ b/modules/services/workload-scanning/variables.tf
@@ -46,3 +46,13 @@ variable "role_arn" {
   type        = string
   default     = ""
 }
+
+variable "timeouts" {
+  description = "Default timeout values for create, update, and delete operations"
+  type        = map(string)
+  default = {
+    create = "30m"
+    update = "30m"
+    delete = "30m"
+  }
+}
\ No newline at end of file

From 0dd709b48036b66d7446364c2f92f6906cf107f2 Mon Sep 17 00:00:00 2001
From: jameslarrea <97474779+jameslarrea@users.noreply.github.com>
Date: Sun, 28 Apr 2024 22:52:41 -0400
Subject: [PATCH 2/3] updated readme

---
 modules/services/agentless-scanning/README.md | 1 +
 modules/services/event-bridge/README.md       | 1 +
 modules/services/trust-relationship/README.md | 1 +
 modules/services/workload-scanning/README.md  | 1 +
 4 files changed, 4 insertions(+)

diff --git a/modules/services/agentless-scanning/README.md b/modules/services/agentless-scanning/README.md
index 6e8a573..845a239 100644
--- a/modules/services/agentless-scanning/README.md
+++ b/modules/services/agentless-scanning/README.md
@@ -61,6 +61,7 @@ No modules.
 | <a name="input_stackset_admin_role_arn"></a> [stackset\_admin\_role\_arn](#input\_stackset\_admin\_role\_arn) | (Optional) stackset admin role to run SELF\_MANAGED stackset | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
 | <a name="input_trusted_identity"></a> [trusted\_identity](#input\_trusted\_identity) | The name of sysdig trusted identity | `string` | n/a | yes |
+| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
 
 ## Outputs
 
diff --git a/modules/services/event-bridge/README.md b/modules/services/event-bridge/README.md
index e22741a..901b8bf 100644
--- a/modules/services/event-bridge/README.md
+++ b/modules/services/event-bridge/README.md
@@ -58,6 +58,7 @@ No modules.
 | <a name="input_role_arn"></a> [role\_arn](#input\_role\_arn) | (Optional) IAM role created for event-bridge. If already created value is needed to be passed | `string` | `""` | no |
 | <a name="input_stackset_admin_role_arn"></a> [stackset\_admin\_role\_arn](#input\_stackset\_admin\_role\_arn) | (Optional) stackset admin role to run SELF\_MANAGED stackset | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Tags to be attached to all Sysdig resources. | `map(string)` | <pre>{<br>  "product": "sysdig"<br>}</pre> | no |
+| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
 
 ## Outputs
 
diff --git a/modules/services/trust-relationship/README.md b/modules/services/trust-relationship/README.md
index 9ea16e9..4d8fcb1 100644
--- a/modules/services/trust-relationship/README.md
+++ b/modules/services/trust-relationship/README.md
@@ -49,6 +49,7 @@ No modules.
 | <a name="input_region"></a> [region](#input\_region) | Default region for resource creation in organization mode | `string` | `"eu-central-1"` | no |
 | <a name="input_role_name"></a> [role\_name](#input\_role\_name) | The name of the IAM Role that will be created. | `string` | `"sysdig-secure"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
+| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
 
 ## Outputs
 
diff --git a/modules/services/workload-scanning/README.md b/modules/services/workload-scanning/README.md
index e7e8807..d1c3bdd 100644
--- a/modules/services/workload-scanning/README.md
+++ b/modules/services/workload-scanning/README.md
@@ -49,6 +49,7 @@ No modules.
 | <a name="input_org_units"></a> [org\_units](#input\_org\_units) | (Optional) List of Organization Unit IDs in which to setup Agentless Workload Scanning. By default, Agentless Workload Scanning will be setup in all accounts within the Organization. This field is ignored if `is_organizational = false` | `set(string)` | `[]`                                                        | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning                                                                                                                                    | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
 | <a name="input_trusted_identity"></a> [trusted\_identity](#input\_trusted\_identity) | The name of sysdig trusted identity                                                                                                                                                                                                         | `string` | n/a                                                         | yes |
+| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
 
 ## Outputs
 

From 4162e0eb73985cac00b1700628907999a274e21f Mon Sep 17 00:00:00 2001
From: jameslarrea <97474779+jameslarrea@users.noreply.github.com>
Date: Wed, 1 May 2024 14:40:53 -0400
Subject: [PATCH 3/3] simplified timeout variable

---
 modules/services/agentless-scanning/README.md  |  2 +-
 .../agentless-scanning/organizational.tf       | 18 +++++++++---------
 .../services/agentless-scanning/variables.tf   | 10 +++-------
 modules/services/event-bridge/README.md        |  2 +-
 .../services/event-bridge/organizational.tf    | 18 +++++++++---------
 modules/services/event-bridge/variables.tf     | 10 +++-------
 modules/services/trust-relationship/README.md  |  2 +-
 modules/services/trust-relationship/main.tf    |  6 +++---
 .../services/trust-relationship/variables.tf   | 10 +++-------
 modules/services/workload-scanning/README.md   |  2 +-
 .../workload-scanning/organizational.tf        |  6 +++---
 .../services/workload-scanning/variables.tf    | 10 +++-------
 12 files changed, 40 insertions(+), 56 deletions(-)

diff --git a/modules/services/agentless-scanning/README.md b/modules/services/agentless-scanning/README.md
index 845a239..a6252bb 100644
--- a/modules/services/agentless-scanning/README.md
+++ b/modules/services/agentless-scanning/README.md
@@ -61,7 +61,7 @@ No modules.
 | <a name="input_stackset_admin_role_arn"></a> [stackset\_admin\_role\_arn](#input\_stackset\_admin\_role\_arn) | (Optional) stackset admin role to run SELF\_MANAGED stackset | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
 | <a name="input_trusted_identity"></a> [trusted\_identity](#input\_trusted\_identity) | The name of sysdig trusted identity | `string` | n/a | yes |
-| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 
diff --git a/modules/services/agentless-scanning/organizational.tf b/modules/services/agentless-scanning/organizational.tf
index 320b7fc..86c684b 100644
--- a/modules/services/agentless-scanning/organizational.tf
+++ b/modules/services/agentless-scanning/organizational.tf
@@ -138,9 +138,9 @@ resource "aws_cloudformation_stack_set_instance" "scanning_role_stackset_instanc
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
 
@@ -216,9 +216,9 @@ resource "aws_cloudformation_stack_set_instance" "mgmt_acc_stackset_instance" {
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
 
@@ -301,8 +301,8 @@ resource "aws_cloudformation_stack_set_instance" "ou_stackset_instance" {
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
diff --git a/modules/services/agentless-scanning/variables.tf b/modules/services/agentless-scanning/variables.tf
index c140ea6..cbd3b7a 100644
--- a/modules/services/agentless-scanning/variables.tf
+++ b/modules/services/agentless-scanning/variables.tf
@@ -69,12 +69,8 @@ variable "role_arn" {
   default     = ""
 }
 
-variable "timeouts" {
+variable "timeout" {
+  type        = string
   description = "Default timeout values for create, update, and delete operations"
-  type        = map(string)
-  default = {
-    create = "30m"
-    update = "30m"
-    delete = "30m"
-  }
+  default     = "30m"
 }
\ No newline at end of file
diff --git a/modules/services/event-bridge/README.md b/modules/services/event-bridge/README.md
index 901b8bf..703eef6 100644
--- a/modules/services/event-bridge/README.md
+++ b/modules/services/event-bridge/README.md
@@ -58,7 +58,7 @@ No modules.
 | <a name="input_role_arn"></a> [role\_arn](#input\_role\_arn) | (Optional) IAM role created for event-bridge. If already created value is needed to be passed | `string` | `""` | no |
 | <a name="input_stackset_admin_role_arn"></a> [stackset\_admin\_role\_arn](#input\_stackset\_admin\_role\_arn) | (Optional) stackset admin role to run SELF\_MANAGED stackset | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | (Optional) Tags to be attached to all Sysdig resources. | `map(string)` | <pre>{<br>  "product": "sysdig"<br>}</pre> | no |
-| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 
diff --git a/modules/services/event-bridge/organizational.tf b/modules/services/event-bridge/organizational.tf
index 0e3df9a..7d0e6bd 100644
--- a/modules/services/event-bridge/organizational.tf
+++ b/modules/services/event-bridge/organizational.tf
@@ -126,9 +126,9 @@ resource "aws_cloudformation_stack_set_instance" "stackset_instance" {
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
 
@@ -144,9 +144,9 @@ resource "aws_cloudformation_stack_set_instance" "mgmt_acc_stackset_instance" {
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
 
@@ -164,8 +164,8 @@ resource "aws_cloudformation_stack_set_instance" "eb_role_stackset_instance" {
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
diff --git a/modules/services/event-bridge/variables.tf b/modules/services/event-bridge/variables.tf
index 1edee41..92fd96b 100644
--- a/modules/services/event-bridge/variables.tf
+++ b/modules/services/event-bridge/variables.tf
@@ -93,12 +93,8 @@ variable "event_pattern" {
 EOF
 }
 
-variable "timeouts" {
+variable "timeout" {
+  type        = string
   description = "Default timeout values for create, update, and delete operations"
-  type        = map(string)
-  default = {
-    create = "30m"
-    update = "30m"
-    delete = "30m"
-  }
+  default     = "30m"
 }
\ No newline at end of file
diff --git a/modules/services/trust-relationship/README.md b/modules/services/trust-relationship/README.md
index 4d8fcb1..090cdac 100644
--- a/modules/services/trust-relationship/README.md
+++ b/modules/services/trust-relationship/README.md
@@ -49,7 +49,7 @@ No modules.
 | <a name="input_region"></a> [region](#input\_region) | Default region for resource creation in organization mode | `string` | `"eu-central-1"` | no |
 | <a name="input_role_name"></a> [role\_name](#input\_role\_name) | The name of the IAM Role that will be created. | `string` | `"sysdig-secure"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
-| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 
diff --git a/modules/services/trust-relationship/main.tf b/modules/services/trust-relationship/main.tf
index 37b8af7..4c7d29b 100644
--- a/modules/services/trust-relationship/main.tf
+++ b/modules/services/trust-relationship/main.tf
@@ -166,8 +166,8 @@ resource "aws_cloudformation_stack_set_instance" "stackset_instance" {
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
diff --git a/modules/services/trust-relationship/variables.tf b/modules/services/trust-relationship/variables.tf
index 32c8de4..72eeace 100644
--- a/modules/services/trust-relationship/variables.tf
+++ b/modules/services/trust-relationship/variables.tf
@@ -45,12 +45,8 @@ variable "tags" {
   }
 }
 
-variable "timeouts" {
+variable "timeout" {
+  type        = string
   description = "Default timeout values for create, update, and delete operations"
-  type        = map(string)
-  default = {
-    create = "30m"
-    update = "30m"
-    delete = "30m"
-  }
+  default     = "30m"
 }
\ No newline at end of file
diff --git a/modules/services/workload-scanning/README.md b/modules/services/workload-scanning/README.md
index d1c3bdd..d537a8a 100644
--- a/modules/services/workload-scanning/README.md
+++ b/modules/services/workload-scanning/README.md
@@ -49,7 +49,7 @@ No modules.
 | <a name="input_org_units"></a> [org\_units](#input\_org\_units) | (Optional) List of Organization Unit IDs in which to setup Agentless Workload Scanning. By default, Agentless Workload Scanning will be setup in all accounts within the Organization. This field is ignored if `is_organizational = false` | `set(string)` | `[]`                                                        | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | sysdig secure-for-cloud tags. always include 'product' default tag for resource-group proper functioning                                                                                                                                    | `map(string)` | <pre>{<br>  "product": "sysdig-secure-for-cloud"<br>}</pre> | no |
 | <a name="input_trusted_identity"></a> [trusted\_identity](#input\_trusted\_identity) | The name of sysdig trusted identity                                                                                                                                                                                                         | `string` | n/a                                                         | yes |
-| <a name="input_timeouts"></a> [timeouts](#input\_timeouts) | stackset instance timeout | `map(string)` | <pre>{<br>"create"= "30m"<br>"update"= "30m"<br>"delete"= "30m"<br>}</pre> | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Stackset instance timeout | `string` | `"30m"` | no |
 
 ## Outputs
 
diff --git a/modules/services/workload-scanning/organizational.tf b/modules/services/workload-scanning/organizational.tf
index 8d1477e..741e273 100644
--- a/modules/services/workload-scanning/organizational.tf
+++ b/modules/services/workload-scanning/organizational.tf
@@ -87,8 +87,8 @@ resource "aws_cloudformation_stack_set_instance" "scanning_role_stackset_instanc
   }
 
   timeouts {
-    create = var.timeouts["create"]
-    update = var.timeouts["update"]
-    delete = var.timeouts["delete"]
+    create = var.timeout
+    update = var.timeout
+    delete = var.timeout
   }
 }
diff --git a/modules/services/workload-scanning/variables.tf b/modules/services/workload-scanning/variables.tf
index 70c5b3c..c3fde8b 100644
--- a/modules/services/workload-scanning/variables.tf
+++ b/modules/services/workload-scanning/variables.tf
@@ -47,12 +47,8 @@ variable "role_arn" {
   default     = ""
 }
 
-variable "timeouts" {
+variable "timeout" {
+  type        = string
   description = "Default timeout values for create, update, and delete operations"
-  type        = map(string)
-  default = {
-    create = "30m"
-    update = "30m"
-    delete = "30m"
-  }
+  default     = "30m"
 }
\ No newline at end of file