diff --git a/.secrets.baseline b/.secrets.baseline
index 272c7386..f1b93126 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -3,7 +3,7 @@
"files": "go.sum|^.secrets.baseline$",
"lines": null
},
- "generated_at": "2024-01-05T04:20:26Z",
+ "generated_at": "2024-03-29T19:38:40Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
@@ -126,7 +126,7 @@
"hashed_secret": "3bd02b996f65f3548c1a0b5d93b00bfa7c88341a",
"is_secret": true,
"is_verified": false,
- "line_number": 82,
+ "line_number": 84,
"type": "Secret Keyword",
"verified_result": null
}
diff --git a/modules/activity_tracker/README.md b/modules/activity_tracker/README.md
index e5cade4e..7cc00ae3 100644
--- a/modules/activity_tracker/README.md
+++ b/modules/activity_tracker/README.md
@@ -47,6 +47,7 @@ module "activity_tracker" {
| [terraform](#requirement\_terraform) | >= 1.0.0, < 1.7.0 |
| [ibm](#requirement\_ibm) | >= 1.56.1, < 2.0.0 |
| [logdna](#requirement\_logdna) | >= 1.14.2, < 2.0.0 |
+| [time](#requirement\_time) | >= 0.9.1, < 1.0.0 |
### Modules
@@ -66,6 +67,7 @@ No modules.
| [ibm_resource_key.resource_key](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/resources/resource_key) | resource |
| [ibm_resource_tag.activity_tracker_tag](https://registry.terraform.io/providers/ibm-cloud/ibm/latest/docs/resources/resource_tag) | resource |
| [logdna_archive.archive_config](https://registry.terraform.io/providers/logdna/logdna/latest/docs/resources/archive) | resource |
+| [time_sleep.wait_for_authorization_policy](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource |
### Inputs
diff --git a/modules/activity_tracker/main.tf b/modules/activity_tracker/main.tf
index cf9a8004..a32d08e3 100644
--- a/modules/activity_tracker/main.tf
+++ b/modules/activity_tracker/main.tf
@@ -50,6 +50,11 @@ resource "logdna_archive" "archive_config" {
# Activity Tracker Event Routing
#########################################################################
+resource "time_sleep" "wait_for_authorization_policy" {
+ depends_on = [ibm_iam_authorization_policy.atracker_cos]
+ create_duration = "30s"
+}
+
# atracker to COS s2s auth policy
resource "ibm_iam_authorization_policy" "atracker_cos" {
for_each = nonsensitive({ for target in var.cos_targets : target.target_name => target if target.service_to_service_enabled && !target.skip_atracker_cos_iam_auth_policy })
@@ -62,7 +67,8 @@ resource "ibm_iam_authorization_policy" "atracker_cos" {
# COS targets
resource "ibm_atracker_target" "atracker_cos_targets" {
- for_each = nonsensitive({ for target in var.cos_targets : target.target_name => target })
+ depends_on = [time_sleep.wait_for_authorization_policy]
+ for_each = nonsensitive({ for target in var.cos_targets : target.target_name => target })
cos_endpoint {
endpoint = each.value.endpoint
bucket = each.value.bucket_name
diff --git a/modules/activity_tracker/version.tf b/modules/activity_tracker/version.tf
index c8e1fa57..a306ac1e 100644
--- a/modules/activity_tracker/version.tf
+++ b/modules/activity_tracker/version.tf
@@ -11,5 +11,9 @@ terraform {
version = ">= 1.14.2, < 2.0.0"
configuration_aliases = [logdna.at]
}
+ time = {
+ source = "hashicorp/time"
+ version = ">= 0.9.1, < 1.0.0"
+ }
}
}