Merge pull request #7 from clouddrove/issue-46

fix s3 issue
clouddrove · Mar 11, 2022 · c3042dc · c3042dc
2 parents 17dc8ad + ff99f75
commit c3042dc
Show file tree

Hide file tree

Showing 7 changed files with 7 additions and 85 deletions.
diff --git a/_example/.terraform.lock.hcl b/_example/.terraform.lock.hcl
diff --git a/_example/example.tf b/_example/example.tf
@@ -9,9 +9,7 @@ module "secure_baseline" {
   source = "./../"
 
   environment = "test"
-  label_order = [
-    "environment", "name"
-  ]
+  label_order = ["environment", "name"]
 
   enabled       = true
   slack_webhook = ""

diff --git a/main.tf b/main.tf
@@ -8,7 +8,7 @@ module "cloudtrail" {
   environment                       = var.environment
   managedby                         = var.managedby
   label_order                       = var.label_order
-  enabled = var.enabled && var.cloudtrail_enabled
+  enabled                           = var.enabled && var.cloudtrail_enabled
   iam_role_name                     = "CloudTrail-CloudWatch-Delivery-Role"
   iam_role_policy_name              = "CloudTrail-CloudWatch-Delivery-Policy"
   account_type                      = "individual"

diff --git a/modules/cloudtrail/main.tf b/modules/cloudtrail/main.tf
@@ -25,7 +25,7 @@ module "labels" {
 #               type specific features.
 module "s3_bucket" {
   source  = "clouddrove/s3/aws"
-  version = "0.15.0"
+  version = "0.15.1"
 
   name                      = var.s3_bucket_name
   environment               = var.environment
@@ -44,7 +44,7 @@ module "s3_bucket" {
 
 module "s3_bucket_logging" {
   source  = "clouddrove/s3/aws"
-  version = "0.15.0"
+  version = "0.15.1"
 
   name        = format("%s-logging-bucket", var.s3_bucket_name)
   environment = var.environment
@@ -54,7 +54,6 @@ module "s3_bucket_logging" {
   create_bucket = var.enabled
   acl           = "private"
   sse_algorithm = "AES256"
-  logging       = { target_bucket : module.s3_bucket.id, target_prefix = "logs" }
 
   depends_on = [module.s3_bucket]
 }

diff --git a/modules/cloudtrail/variables.tf b/modules/cloudtrail/variables.tf
@@ -105,7 +105,7 @@ variable "cloudwatch_logs_retention_in_days" {
 
 variable "iam_role_name" {
   type        = string
-  default     = "CloudTrail-CloudWatch-Delivery-Role"
+  default     = "CloudTrail-CloudWatch-Delivery-Role-prakash"
   description = "The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group."
 }
 

diff --git a/modules/config/main.tf b/modules/config/main.tf
@@ -101,7 +101,7 @@ module "sns" {
 #               type specific features.
 module "s3_bucket" {
   source  = "clouddrove/s3/aws"
-  version = "0.15.0"
+  version = "0.15.1"
 
   name                    = var.config_s3_bucket_name
   environment             = var.environment

diff --git a/modules/guardduty/main.tf b/modules/guardduty/main.tf
@@ -18,7 +18,6 @@ module "labels" {
 resource "aws_s3_bucket" "bucket" {
   count         = var.enabled ? 1 : 0
   bucket        = var.bucket_name
-  acl           = "private"
   force_destroy = true
 }
 resource "aws_guardduty_detector" "detector" {
@@ -108,7 +107,7 @@ resource "aws_cloudwatch_event_rule" "default" {
 #Module      : CLOUD WATCH EVENT TARGET
 #Description : Attaching event rule and lambda function to targets.
 resource "aws_cloudwatch_event_target" "default" {
-  count     = var.enabled ? 1 : 0
+  count     = var.enabled && var.slack_enabled ? 1 : 0
   rule      = join("", aws_cloudwatch_event_rule.default.*.name)
   target_id = "Guardduty"
   arn       = module.slack-lambda.arn # ARN of the Lambda Function, write after including lambda function