updating config to 28.4.0 and adding ebs iops configuration (#27)

thathaneydude · web-flow · commit dd6790d5e014 · 2025-12-03T11:35:30.000-06:00
diff --git a/launch_template.tf b/launch_template.tf
@@ -26,6 +26,7 @@ resource "aws_launch_template" "sensor_launch_template" {
     ebs {
       volume_size           = var.sensor_launch_template_volume_size
       volume_type           = "gp3"
+      iops                  = var.ebs_iops
       encrypted             = var.kms_key_id == "" ? false : true
       kms_key_id            = var.kms_key_id == "" ? null : var.kms_key_id
       delete_on_termination = true
diff --git a/sensor_config.tf b/sensor_config.tf
@@ -1,5 +1,5 @@
 module "sensor_config" {
-  source = "github.com/corelight/terraform-config-sensor?ref=v1.0.0"
+  source = "github.com/corelight/terraform-config-sensor?ref=28.4.0-1"
 
   sensor_license                   = var.license_key
   fleet_community_string           = var.community_string
@@ -13,4 +13,6 @@ module "sensor_config" {
   sensor_monitoring_interface_name = "eth0"
   base64_encode_config             = true
   sensor_health_check_http_port    = "41080"
+  fedramp_mode_enabled             = var.fedramp_mode_enabled
+  prometheus_enabled               = var.prometheus_enabled
 }
diff --git a/variables.tf b/variables.tf
@@ -23,11 +23,6 @@ variable "aws_key_pair_name" {
   type        = string
 }
 
-variable "availability_zones" {
-  description = "The availability zone the auto scale group and load balancer will use"
-  type        = list(string)
-}
-
 variable "community_string" {
   description = "the community string (api string) often times referenced by Fleet"
   type        = string
@@ -92,18 +87,6 @@ variable "sensor_asg_name" {
   default     = "corelight-sensor"
 }
 
-variable "monitoring_nic_name" {
-  description = "The name of the Network Interface used for monitoring GENEVE traffic to the sensor"
-  type        = string
-  default     = "corelight-mon-nic"
-}
-
-variable "management_nic_name" {
-  description = "The name of the Network Interface used for management of the sensor - SSH/HTTPS"
-  type        = string
-  default     = "corelight-mgmt-nic"
-}
-
 
 variable "sensor_launch_template_name" {
   description = "The name of the launch template used by the auto-scale group"
@@ -129,6 +112,12 @@ variable "sensor_launch_template_volume_size" {
   default     = 500
 }
 
+variable "ebs_iops" {
+  type        = number
+  default     = 16000
+  description = "The gp3 IOPS given to the sensor volume"
+}
+
 variable "lb_health_check_target_group_name" {
   description = "The name of the health check target group which determines if the sensor in the ASG comes up and is ready to accept traffic"
   type        = string
@@ -218,3 +207,15 @@ variable "fleet_no_proxy" {
   default     = ""
   description = "(optional) hosts or domains to bypass the proxy for fleet traffic"
 }
+
+variable "prometheus_enabled" {
+  type        = bool
+  default     = false
+  description = "(optional) enable Prometheus metrics"
+}
+
+variable "fedramp_mode_enabled" {
+  type        = bool
+  default     = false
+  description = "(optional) enable Fedramp mode"
+}
