Add drift detection to deploy and integration

whi-tw · whi-tw · commit f5f6c78bc737 · 2025-12-04T16:52:31.000Z
diff --git a/infra/deployments/deploy/inputs.tf b/infra/deployments/deploy/inputs.tf
@@ -15,3 +15,9 @@ variable "send_logs_to_cyber" {
   type        = bool
   default     = true
 }
+
+variable "drift_detection_schedule" {
+  description = "EventBridge schedule expression for drift detection"
+  type        = string
+  default     = "cron(0 9 ? * MON *)"
+}
diff --git a/infra/deployments/deploy/tools/drift-detection.tf b/infra/deployments/deploy/tools/drift-detection.tf
@@ -0,0 +1,6 @@
+module "drift_detection" {
+  source = "../../../modules/drift-detection"
+
+  deployment_name     = "deploy"
+  schedule_expression = var.drift_detection_schedule
+}
diff --git a/infra/deployments/integration/account/drift-detection.tf b/infra/deployments/integration/account/drift-detection.tf
@@ -0,0 +1,7 @@
+module "drift_detection" {
+  source = "../../../modules/drift-detection"
+
+  deployment_name     = "integration"
+  schedule_expression = var.drift_detection_schedule
+  git_branch          = "whi-tw/detect-deploy-integration-drift" # TODO: change back to "main" after testing
+}
diff --git a/infra/deployments/integration/inputs.tf b/infra/deployments/integration/inputs.tf
@@ -62,3 +62,9 @@ variable "pentester_cidr_ranges" {
     error_message = "Each entry in the last must be a valid IPv4 CIDR range"
   }
 }
+
+variable "drift_detection_schedule" {
+  description = "EventBridge schedule expression for drift detection"
+  type        = string
+  default     = "cron(0 9 ? * MON *)"
+}

Original file line number	Diff line number	Diff line change
`@@ -62,3 +62,9 @@ variable "pentester_cidr_ranges" {`
`62`	`62`	`error_message = "Each entry in the last must be a valid IPv4 CIDR range"`
`63`	`63`	`}`
`64`	`64`	`}`
	`65`	`+`
	`66`	`+variable "drift_detection_schedule" {`
	`67`	`+ description = "EventBridge schedule expression for drift detection"`
	`68`	`+ type = string`
	`69`	`+ default = "cron(0 9 ? * MON *)"`
	`70`	`+}`