Skip to content

Commit 779bb13

Browse files
author
iru
authored
chore: ignore fields that are not in sync with backend (#151)
ignore - sysdig_secure_cloud_account.alias, since it's autopopulated on backend only, not on terraform state - aws_cloudformation_stack_set.stackset.administration_role_arn, since [it's not gracefully handled](hashicorp/terraform-provider-aws#23464)
1 parent e706d90 commit 779bb13

File tree

1 file changed

+9
-0
lines changed
  • modules/services/cloud-bench

1 file changed

+9
-0
lines changed

modules/services/cloud-bench/main.tf

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,10 @@ resource "sysdig_secure_cloud_account" "cloud_account" {
3333
cloud_provider = "aws"
3434
role_enabled = "true"
3535
role_name = var.name
36+
37+
lifecycle {
38+
ignore_changes = [alias]
39+
}
3640
}
3741

3842
locals {
@@ -143,6 +147,11 @@ Resources:
143147
ManagedPolicyArns:
144148
- "arn:aws:iam::aws:policy/SecurityAudit"
145149
TEMPLATE
150+
151+
152+
lifecycle {
153+
ignore_changes = [administration_role_arn]
154+
}
146155
}
147156

148157
resource "aws_cloudformation_stack_set_instance" "stackset_instance" {

0 commit comments

Comments
 (0)