A Terraform Module to create a Secret and DaemonSet for deploying the Lacework Datacollector Agent in a Kubernetes cluster.
The main.tf file will configure a Kubernetes Secret and DaemonSet which will then be used to run the Lacework Datacollector pod across all worker nodes in a cluster.
| Name | Version |
|---|---|
| terraform | >= 0.12.31 |
| kubernetes | >= 2.0.0 |
| Name | Version |
|---|---|
| kubernetes | >= 2.0.0 |
| random | n/a |
| Name | Type |
|---|---|
| kubernetes_daemonset.lacework_datacollector | resource |
| kubernetes_secret.lacework_config | resource |
| random_id.config_name_tail | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| lacework_access_token | The access token for the Lacework agent | string |
n/a | yes |
| lacework_agent_interface_connection_size | Desired value for the InterfaceConnectionSize Lacework agent parameter | string |
"" |
no |
| lacework_agent_name | The name for the Lacework agent service within Kubernetes | string |
"lacework-agent" |
no |
| lacework_agent_tags | A map/dictionary of Tags to be assigned to the Lacework datacollector | map(string) |
{} |
no |
| lacework_config_name | The name for the Lacework agent configuration within Kubernetes | string |
"lacework-config" |
no |
| lacework_image | The name of the image to use for deploying the Lacework datacollector | string |
"lacework/datacollector" |
no |
| lacework_image_pull_policy | The pull policy to use for deploying the Lacework datacollector | string |
"Always" |
no |
| lacework_server_url | The server URL for the Lacework agent | string |
"" |
no |
| namespace | The Kubernetes namespace in which to deploy | string |
"default" |
no |
| pod_cpu_limit | The limit of CPU units for the Lacework datacollector pod | string |
"1" |
no |
| pod_cpu_request | The amount of CPU units to request for the Lacework datacollector pod | string |
"100m" |
no |
| pod_mem_limit | The limit of Memory for the Lacework datacollector pod | string |
"1024Mi" |
no |
| pod_mem_request | The amount of Memory to request for the Lacework datacollector pod | string |
"512Mi" |
no |
| pod_service_account | The Kubernetes ServiceAccount to use in the pod template | string |
"" |
no |
| tolerations | A list of Kubernetes Tolerations to apply to the DaemonSet definition | list(map(string)) |
[ |
no |
| Name | Description |
|---|---|
| lacework_config_name | Name of the Kubernetes Secret containing the Lacework config |
| lacework_config_version | Version of the Kubernetes Secret containing the Lacework config |
| lacework_datacollector_name | Name of the Kubernetes DaemonSet for the Lacework datacollector |
| lacework_datacollector_version | Version of the Kubernetes DaemonSet for the Lacework datacollector |