Skip to content

SAAS-29539 - Auto-Discovery | AWS | Single | Terraform | Split volume scanning deployment#16

Merged
semyonmor merged 3 commits intomainfrom
SAAS-29539
Jul 6, 2025
Merged

SAAS-29539 - Auto-Discovery | AWS | Single | Terraform | Split volume scanning deployment#16
semyonmor merged 3 commits intomainfrom
SAAS-29539

Conversation

@noamshraga1
Copy link
Copy Markdown
Contributor

@noamshraga1 noamshraga1 commented Jul 1, 2025
edited
Loading

The PR adds a condition to all the volume scanning resources that are created during the AWS single account onboarding process.
This condition depends on a new variable called volume_scanning_deployment, which defaults to true and can be set to false.

  • If the variable does not exist or is set to true, onboarding will proceed as it does today — all volume scanning resources will be created as expected and volume scanning integration will be created in the Aqua console.

  • If the variable is set to false, none of the volume scanning-related resources will be created.
    Note: When the variable is set to false, the regions variable is not relevant.

I also ran terraform fmt -recursive to format all the Terraform files in the directory.

Resolves: SAAS-29539

@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Jul 1, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jul 1, 2025

Terraform Validation Results:

Terraform Format Check ✅
Terraform Init ✅
Terraform Validate ✅
Terraform Test ✅
TFLint Check ✅

Pusher: @noamshraga1, Action: pull_request, Workflow: PR Checks

@semyonmor
Copy link
Copy Markdown
Contributor

semyonmor commented Jul 2, 2025

bugbot run

cursor[bot]

This comment was marked as outdated.

Sign in to view

@noamshraga1
PR comment
03652aa 
Resolves: SAAS-29539
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jul 2, 2025

Terraform Validation Results:

Terraform Format Check ✅
Terraform Init ✅
Terraform Validate ✅
Terraform Test ✅
TFLint Check ✅

Pusher: @noamshraga1, Action: pull_request, Workflow: PR Checks

@noamshraga1
Copy link
Copy Markdown
Contributor Author

noamshraga1 commented Jul 2, 2025

Bug: Conditional Resource Creation Breaks Dependency

The aws_lambda_invocation.generate_cspm_external_id_function has a depends_on dependency on aws_lambda_invocation.generate_volscan_external_id_function. The volscan invocation is now conditionally created using count = var.create_vol_scan_resource ? 1 : 0. When var.create_vol_scan_resource is false, the volscan invocation is not created, leading to a Terraform failure as it cannot resolve the dependency to a non-existent resource.

modules/single/modules/lambda/main.tf#L98-L99
Fix in Cursor

Was this report helpful? Give feedback by reacting with 👍 or 👎

@noamshraga1 noamshraga1 closed this Jul 2, 2025
@noamshraga1 noamshraga1 reopened this Jul 2, 2025
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jul 2, 2025

Terraform Validation Results:

Terraform Format Check ✅
Terraform Init ✅
Terraform Validate ✅
Terraform Test ✅
TFLint Check ✅

Pusher: @noamshraga1, Action: pull_request, Workflow: PR Checks

cursor[bot]

This comment was marked as outdated.

Sign in to view

@noamshraga1
PR comment
2761b5b 
Resolves: SAAS-29539
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Jul 3, 2025

Terraform Validation Results:

Terraform Format Check ✅
Terraform Init ✅
Terraform Validate ✅
Terraform Test ✅
TFLint Check ✅

Pusher: @noamshraga1, Action: pull_request, Workflow: PR Checks

@semyonmor semyonmor merged commit 60f9d7a into main Jul 6, 2025
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

+1 more reviewer

@semyonmor semyonmor semyonmor approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@noamshraga1 @CLAassistant @semyonmor