Merge pull request #65 from draios/fix/stackset-parallelism

Use managed-execution in all stacksets
draios · Apr 26, 2024 · 09b230d · 09b230d
2 parents c980db8 + 21a6cd4
commit 09b230d
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 0 deletions.
diff --git a/modules/services/agentless-scanning/organizational.tf b/modules/services/agentless-scanning/organizational.tf
@@ -34,6 +34,10 @@ resource "aws_cloudformation_stack_set" "scanning_role_stackset" {
   permission_model = "SERVICE_MANAGED"
   capabilities     = ["CAPABILITY_NAMED_IAM"]
 
+  managed_execution {
+    active = true
+  }
+
   auto_deployment {
     enabled                          = true
     retain_stacks_on_account_removal = false
@@ -155,6 +159,10 @@ resource "aws_cloudformation_stack_set" "mgmt_acc_resources_stackset" {
   capabilities            = ["CAPABILITY_NAMED_IAM"]
   administration_role_arn = var.stackset_admin_role_arn
 
+  managed_execution {
+    active = true
+  }
+
   lifecycle {
     ignore_changes = [administration_role_arn]
   }
@@ -225,6 +233,10 @@ resource "aws_cloudformation_stack_set" "ou_resources_stackset" {
   permission_model = "SERVICE_MANAGED"
   capabilities     = ["CAPABILITY_NAMED_IAM"]
 
+  managed_execution {
+    active = true
+  }
+
   auto_deployment {
     enabled                          = true
     retain_stacks_on_account_removal = false

diff --git a/modules/services/event-bridge/organizational.tf b/modules/services/event-bridge/organizational.tf
@@ -22,6 +22,10 @@ resource "aws_cloudformation_stack_set" "eb-rule-stackset" {
   permission_model = "SERVICE_MANAGED"
   capabilities     = ["CAPABILITY_NAMED_IAM"]
 
+  managed_execution {
+    active = true
+  }
+
   auto_deployment {
     enabled                          = true
     retain_stacks_on_account_removal = false
@@ -49,6 +53,10 @@ resource "aws_cloudformation_stack_set" "mgmt-stackset" {
   capabilities            = ["CAPABILITY_NAMED_IAM"]
   administration_role_arn = var.stackset_admin_role_arn
 
+  managed_execution {
+    active = true
+  }
+
   template_body = templatefile("${path.module}/stackset_template_body.tpl", {
     name                 = var.name
     event_pattern        = var.event_pattern
@@ -66,6 +74,10 @@ resource "aws_cloudformation_stack_set" "eb-role-stackset" {
   permission_model = "SERVICE_MANAGED"
   capabilities     = ["CAPABILITY_NAMED_IAM"]
 
+  managed_execution {
+    active = true
+  }
+
   auto_deployment {
     enabled                          = true
     retain_stacks_on_account_removal = false

diff --git a/modules/services/trust-relationship/main.tf b/modules/services/trust-relationship/main.tf
@@ -103,6 +103,10 @@ resource "aws_cloudformation_stack_set" "stackset" {
   permission_model = "SERVICE_MANAGED"
   capabilities     = ["CAPABILITY_NAMED_IAM"]
 
+  managed_execution {
+    active = true
+  }
+
   auto_deployment {
     enabled                          = true
     retain_stacks_on_account_removal = false

diff --git a/modules/services/workload-scanning/organizational.tf b/modules/services/workload-scanning/organizational.tf
@@ -30,6 +30,10 @@ resource "aws_cloudformation_stack_set" "scanning_role_stackset" {
   permission_model = "SERVICE_MANAGED"
   capabilities     = ["CAPABILITY_NAMED_IAM"]
 
+  managed_execution {
+    active = true
+  }
+
   auto_deployment {
     enabled                          = true
     retain_stacks_on_account_removal = false