diff --git a/k8s-readonly.tf b/k8s-readonly.tf index 383acac..a437223 100644 --- a/k8s-readonly.tf +++ b/k8s-readonly.tf @@ -43,7 +43,7 @@ resource "kubernetes_deployment_v1" "apiary_hms_readonly" { service_account_name = kubernetes_service_account_v1.hms_readonly[0].metadata.0.name automount_service_account_token = true dynamic "security_context" { - for_each = var.enable_sysctl_config_in_eks ? ["enabled"] : [] + for_each = var.enable_tcp_keepalive_podsecurity_policy ? ["enabled"] : [] content { sysctl { name="net.ipv4.tcp_keepalive_time" diff --git a/k8s-readwrite.tf b/k8s-readwrite.tf index 7a27fe3..00634f9 100644 --- a/k8s-readwrite.tf +++ b/k8s-readwrite.tf @@ -43,7 +43,7 @@ resource "kubernetes_deployment_v1" "apiary_hms_readwrite" { service_account_name = kubernetes_service_account_v1.hms_readwrite[0].metadata.0.name automount_service_account_token = true dynamic "security_context" { - for_each = var.enable_sysctl_config_in_eks ? ["enabled"] : [] + for_each = var.enable_tcp_keepalive_podsecurity_policy ? ["enabled"] : [] content { sysctl { name="net.ipv4.tcp_keepalive_time"