chore: Add telemetry for terraform (#79)

hayk99 · web-flow · commit 6f5a0180da8e · 2022-04-01T09:26:17.000+02:00
* chore: add telemetry using new chart variable

* fix: use https for precommit repo

* fix: cloud-connector file for precommit

* fix: fmt files
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -21,7 +21,7 @@ repos:
 #          language: script
 #          verbose: true
 
-  - repo: git://github.com/antonbabenko/pre-commit-terraform
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
     rev: v1.64.0
     hooks:
       - id: terraform_fmt
@@ -47,7 +47,7 @@ repos:
           - '--args=--only=terraform_required_providers'
           - '--args=--only=terraform_standard_module_structure'
           - '--args=--only=terraform_workspace_remote'
-  - repo: git://github.com/pre-commit/pre-commit-hooks
+  - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.1.0
     hooks:
       - id: check-merge-conflict
diff --git a/examples-internal/organizational-k8s-threat-reuse_cloudtrail_s3/cloud-connector.tf b/examples-internal/organizational-k8s-threat-reuse_cloudtrail_s3/cloud-connector.tf
@@ -40,6 +40,11 @@ resource "helm_release" "cloud_connector" {
     value = data.aws_region.current.name
   }
 
+  set {
+    name  = "telemetryDeploymentMethod"
+    value = "terraform_aws_k8s_org"
+  }
+
   values = [
     <<CONFIG
 logging: info
diff --git a/examples-internal/use-cases-self-baked/multiple-accounts-k8s-threat.md b/examples-internal/use-cases-self-baked/multiple-accounts-k8s-threat.md
@@ -36,10 +36,10 @@ Skip step 4 and remove `aws_access_key_id` and `aws_secret_access_key` parameter
 
 ## Solution
 
-For clients that only require thread-detection feature, and do not have an organizational cloudtrail setup, but multiple-accounts, 
+For clients that only require thread-detection feature, and do not have an organizational cloudtrail setup, but multiple-accounts,
 we can make use of the [cloud-connector `aws-cloudtrail-s3-sns-sqs` ingestor](https://charts.sysdig.com/charts/cloud-connector/#ingestors)
 
-This processes through a single SQS AWS queue the events that come through a single S3 bucket (through an SNS topic) or 
+This processes through a single SQS AWS queue the events that come through a single S3 bucket (through an SNS topic) or
 multiple S3 buckets (that through several SNS topics, report to a single SQS topic).
 
 ## Suggested building-blocks
@@ -86,11 +86,11 @@ provider "helm" {
 
 3. **Cloudtrail-S3-SNS-SQS**
 
-WIP. 
+WIP.
 
 Create an SQS que that will subscribe to one S3-SNS (1) or several S3 buckets SNS topics (2)
 
-We currently provide a module to create first use-case, 
+We currently provide a module to create first use-case,
 [one S3-SNS-SQS](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/modules/infrastructure/cloudtrail_s3-sns-sqs) (1),
 but can work on providing a way to automatize the later (2)
 
@@ -143,7 +143,7 @@ module "multi-account" {
 -->
 
 5. **Sysdig workload deployment on K8s**
- 
+
    * Populate  `sysdig_secure_url`, `SYSDID_SECURE_API_TOKEN` and `REGION`
    * WIP. enable terraform module to be able to define [`nodeSelector` and `tolerations` parameters of the cloud-connector helm chart](https://charts.sysdig.com/charts/cloud-connector/#configuration)
 
@@ -189,12 +189,12 @@ resource "helm_release" "cloud_connector" {
     name  = "aws.region"
     value = "<REGION>"
   }
-  
+
   set {
     name  = "nodeSelector.<NODE_SELECTOR_LABEL>"
     value = "<NODE_SELECTOR_LABEL_VALUE>"
   }
-  
+
   set {
     name  = "tolerations[0].key"
     value = "<TOLERATION_KEY>"
diff --git a/examples/single-account-k8s/cloud-connector.tf b/examples/single-account-k8s/cloud-connector.tf
@@ -64,6 +64,11 @@ resource "helm_release" "cloud_connector" {
     value = data.aws_region.current.name
   }
 
+  set {
+    name  = "telemetryDeploymentMethod"
+    value = "terraform_aws_k8s_single"
+  }
+
   values = [
     yamlencode({
       ingestors = [
diff --git a/modules/infrastructure/cloudtrail_s3-sns-sqs/README.md b/modules/infrastructure/cloudtrail_s3-sns-sqs/README.md
@@ -10,7 +10,7 @@ It requires:
 This module helps with the creation of the SQS queue from which to pull the cloudtrail events, leveraging the S3 "bucket event notification" system.
 
 Module gets the cloudtrail-s3 bucket name as input and provides the sqs topic url as output.
-   
+
 # How it works
 
 - This module's output will be visible in the `S3` console, after entering a bucket, in it's `Properties`, `Event notifications` section.
diff --git a/modules/services/cloud-connector/ecs-service.tf b/modules/services/cloud-connector/ecs-service.tf
@@ -57,18 +57,15 @@ resource "aws_ecs_task_definition" "task_definition" {
 
 
 locals {
+  suffix_org = var.is_organizational ? "org" : "single"
   task_env_vars = concat([
     {
       name  = "VERIFY_SSL"
       value = tostring(local.verify_ssl)
     },
     {
-      name  = "TELEMETRY_DEPLOYMENT_METHOD"
-      value = "terraform"
-    },
-    {
-      name  = "FEAT_REGISTER_ACCOUNT_IN_SECURE"
-      value = "true"
+      name  = "telemetryDeploymentMethod"
+      value = "terraform_aws_ecs_${local.suffix_org}"
     },
     {
       name  = "CONFIG_PATH"
