add description to Service Principal resources so that customers can …

…identify origin (#51)
sysdiglabs · Aug 16, 2024 · 55e7637 · 55e7637
1 parent 336a3f6
commit 55e7637
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 3 deletions.
diff --git a/modules/config-posture/main.tf b/modules/config-posture/main.tf
@@ -30,6 +30,7 @@ locals {
 resource "azuread_service_principal" "sysdig_cspm_sp" {
   client_id    = data.sysdig_secure_trusted_azure_app.config_posture.application_id
   use_existing = true
+  notes        = "Service Principal linked to the Sysdig Secure CNAPP - CSPM module"
 }
 
 #---------------------------------------------------------------------------------------------

diff --git a/modules/integrations/event-hub/main.tf b/modules/integrations/event-hub/main.tf
@@ -40,6 +40,7 @@ resource "random_string" "random" {
 resource "azuread_service_principal" "sysdig_event_hub_sp" {
   client_id    = data.sysdig_secure_trusted_azure_app.threat_detection.application_id
   use_existing = true
+  notes        = "Service Principal linked to the Sysdig Secure CNAPP - CDR module"
 }
 
 #---------------------------------------------------------------------------------------------

diff --git a/modules/onboarding/main.tf b/modules/onboarding/main.tf
@@ -24,6 +24,7 @@ data "sysdig_secure_trusted_azure_app" "onboarding" {
 resource "azuread_service_principal" "sysdig_onboarding_sp" {
   client_id    = data.sysdig_secure_trusted_azure_app.onboarding.application_id
   use_existing = true
+  notes        = "Service Principal linked to the Sysdig Secure CNAPP - Onboarding module"
 }
 
 #-------------------------------------------------------------------------------------------------

diff --git a/modules/services/event-hub-data-source/main.tf b/modules/services/event-hub-data-source/main.tf
@@ -10,9 +10,9 @@ locals {
   subscription_hash = substr(md5(data.azurerm_client_config.current.subscription_id), 0, 8)
 }
 
-# A random resource is used to generate unique Event Hub names. 
-# This prevents conflicts when recreating an Event Hub Namespace with the same name. 
-# Azure caches the Event Hub name after deletion. 
+# A random resource is used to generate unique Event Hub names.
+# This prevents conflicts when recreating an Event Hub Namespace with the same name.
+# Azure caches the Event Hub name after deletion.
 # If the namespace is recreated, Azure restores the existing Event Hub, causing a Terraform apply failure.
 resource "random_string" "random" {
   length  = 4
@@ -30,6 +30,7 @@ resource "azuread_service_principal" "sysdig_service_principal" {
   lifecycle {
     prevent_destroy = true
   }
+  notes        = "Service Principal linked to the Sysdig Secure CNAPP"
 }
 
 #---------------------------------------------------------------------------------------------

diff --git a/modules/services/service-principal/main.tf b/modules/services/service-principal/main.tf
@@ -31,6 +31,7 @@ resource "azuread_service_principal" "sysdig_sp" {
   lifecycle {
     prevent_destroy = true
   }
+  notes        = "Service Principal linked to the Sysdig Secure CNAPP"
 }
 
 #---------------------------------------------------------------------------------------------