Skip to content

Latest commit

 

History

History
74 lines (59 loc) · 4.18 KB

File metadata and controls

74 lines (59 loc) · 4.18 KB

terraform-prisma-cloud-defender-ecs

Terraform Module for Prisma Cloud Defender deployment on AWS ECS

Usage

module "prisma-cloud-defender" {
  source                      = "github.com/hasitha-u/terraform-prisma-cloud-defender-ecs"
  name                        = "prisma-cloud-defender"
  ecs_cluster_arn             = module.ecs.cluster_arn
  defender_install_bundle     = var.install_bundle #<-Sensitive data
  defender_memory             = 500
  defender_image              = "registry.twistlock.com/twistlock/defender:defender_22_06_213"
  prisma_cloud_registry_token = var.registry_token  #<-Sensitive data
  prisma_cloud_ws_address     = "wss://us-east1.cloud.twistlock.com:443" #Compute/CWP console address
  tags = {
    Environment = "Development"
    Project     = "Test"
  }

}

Requirements

Name Version
terraform >= 1.0
aws >= 4.6
random >= 3.1

Providers

Name Version
aws >= 4.6
random >= 3.1

Modules

No modules.

Resources

Name Type
aws_ecs_service.this resource
aws_ecs_task_definition.this resource
aws_iam_role.ecs_task_execution_role resource
aws_iam_role_policy.password_policy_secretsmanager resource
aws_secretsmanager_secret.prisma_cloud_install_bundle resource
aws_secretsmanager_secret.prisma_cloud_registry_token resource
aws_secretsmanager_secret_version.prisma_cloud_install_bundle resource
aws_secretsmanager_secret_version.prisma_cloud_registry_token resource
random_string.this resource

Inputs

Name Description Type Default Required
defender_image Prisma Cloud Defender Image string n/a yes
defender_install_bundle Prisma Cloud Defender INSTALL_BUNDLE string n/a yes
defender_memory Memory (in MiB) for the Defender task string n/a yes
ecs_cluster_arn ARN of the ECS cluster string n/a yes
name Defender Deployment name string "prisma-cloud-defender" no
prisma_cloud_registry_token Prisma Cloud registry (registry.twistlock.com) access token string n/a yes
prisma_cloud_ws_address Websocket address for the Prisma Cloud CWP console (Ex: wss://us-east1.cloud.twistlock.com:443) string n/a yes
tags A map of tags to assign to resources map(string) {} no

Outputs

No outputs.