From d58be63177b595890ba74fc3064a8f1bbbfa71b6 Mon Sep 17 00:00:00 2001
From: Mandar Kulkarni <131720522+mdkulkarni15@users.noreply.github.com>
Date: Fri, 2 Feb 2024 12:23:46 -0800
Subject: [PATCH] SSPROD-36960: Update the customer role name based on
 subscription (#28)

* Update

* SSPROD-36960: Use only the subscription id
---
 modules/services/service-principal/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/services/service-principal/main.tf b/modules/services/service-principal/main.tf
index 6e993e1..a179ceb 100644
--- a/modules/services/service-principal/main.tf
+++ b/modules/services/service-principal/main.tf
@@ -45,12 +45,12 @@ resource "azurerm_role_assignment" "sysdig_reader" {
 # Create a Custom role for collecting authsettings
 #---------------------------------------------------------------------------------------------
 resource "azurerm_role_definition" "sysdig_cspm_role" {
-  name        = "sysdig-cspm-role"
+  name        = "sysdig-cspm-role-${var.subscription_id}"
   scope       = data.azurerm_subscription.primary.id
   description = "Custom role for collecting Authsettings for CIS Benchmark"
 
   permissions {
-    actions     = [
+    actions = [
       "Microsoft.Web/sites/config/list/action"
     ]
     not_actions = []