From 158c92ea73ce5942f8ea32b9aa7d87b487bed68d Mon Sep 17 00:00:00 2001
From: Noah Kraemer <58708692+nkraemer-sysdig@users.noreply.github.com>
Date: Fri, 6 Sep 2024 07:53:58 -0700
Subject: [PATCH] Ensure diagnostic settings are created correctly in
 organization installs (#59)

---
 modules/integrations/event-hub/main.tf           | 2 +-
 modules/integrations/event-hub/organizational.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/integrations/event-hub/main.tf b/modules/integrations/event-hub/main.tf
index 31d2f86..c374092 100644
--- a/modules/integrations/event-hub/main.tf
+++ b/modules/integrations/event-hub/main.tf
@@ -121,7 +121,7 @@ resource "azurerm_role_assignment" "sysdig_data_receiver" {
 # Create diagnostic settings for the subscription
 #---------------------------------------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "sysdig_diagnostic_setting" {
-  count = length(var.enabled_platform_logs) > 0 ? 1 : 0
+  count = length(var.enabled_platform_logs) > 0 && !var.is_organizational ? 1 : 0
 
   name                           = "${var.diagnostic_settings_name}-${random_string.random.result}-${local.subscription_hash}"
   target_resource_id             = data.azurerm_subscription.sysdig_subscription.id
diff --git a/modules/integrations/event-hub/organizational.tf b/modules/integrations/event-hub/organizational.tf
index 9e62bcf..600e2fc 100644
--- a/modules/integrations/event-hub/organizational.tf
+++ b/modules/integrations/event-hub/organizational.tf
@@ -32,7 +32,7 @@ locals {
 resource "azurerm_monitor_diagnostic_setting" "sysdig_org_diagnostic_setting" {
   count = var.is_organizational ? length(local.enabled_subscriptions) : 0
 
-  name                           = "${var.diagnostic_settings_name}-${local.subscription_hash}"
+  name                           = "${var.diagnostic_settings_name}-${substr(md5(local.enabled_subscriptions[count.index].id), 0, 8)}"
   target_resource_id             = local.enabled_subscriptions[count.index].id
   eventhub_authorization_rule_id = azurerm_eventhub_namespace_authorization_rule.sysdig_rule.id
   eventhub_name                  = azurerm_eventhub.sysdig_event_hub.name