Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat: 🚀 Added support for multi parameter #10

Merged
merged 6 commits into from
Feb 8, 2024
Merged

Conversation

nileshgadgi
Copy link
Member

what

  • Added Multiple Parameter support for Parametr group of DocumentDB Cluster.
  • Update readme workflow to use shared github action.

why

  • audit_logs parameter is required to enable logging for DocumentDB Cluster, default only tls was added in the module. so added multi-parameter support.

@nileshgadgi nileshgadgi added bug Something isn't working enhancement New feature or request labels Feb 8, 2024
@nileshgadgi nileshgadgi self-assigned this Feb 8, 2024
@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Instance encryption does not use a customer-managed KMS key. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:80-89
────────────────────────────────────────────────────────────────────────────────
   80    resource "aws_docdb_cluster_instance" "this" {
   81      count              = var.enable ? var.cluster_size : 0
   82      identifier         = "${var.database_name}-${count.index + 1}"
   83      cluster_identifier = aws_docdb_cluster.this[0].id
   84      apply_immediately  = var.apply_immediately
   85      instance_class     = var.instance_class
   86      tags               = module.labels.tags
   87      engine             = var.engine
   88      ca_cert_identifier = var.ca_cert_identifier
   89    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-documentdb-encryption-customer-key
      Impact Using AWS managed keys does not allow for fine grained control
  Resolution Enable encryption using customer managed keys

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/documentdb/encryption-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             70.652µs
  parsing              66.556878ms
  adaptation           142.145µs
  checks               11.452537ms
  total                78.222212ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     40
  files read           4

  results
  ──────────────────────────────────────────
  passed               2
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  1

  2 passed, 1 ignored, 1 potential problem(s) detected.

Copy link
Contributor

@theprashantyadav theprashantyadav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

vaibhav7797
vaibhav7797 previously approved these changes Feb 8, 2024
Copy link
Member

@vaibhav7797 vaibhav7797 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

themaniskshah
themaniskshah previously approved these changes Feb 8, 2024
@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Instance encryption does not use a customer-managed KMS key. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:80-89
────────────────────────────────────────────────────────────────────────────────
   80    resource "aws_docdb_cluster_instance" "this" {
   81      count              = var.enable ? var.cluster_size : 0
   82      identifier         = "${var.database_name}-${count.index + 1}"
   83      cluster_identifier = aws_docdb_cluster.this[0].id
   84      apply_immediately  = var.apply_immediately
   85      instance_class     = var.instance_class
   86      tags               = module.labels.tags
   87      engine             = var.engine
   88      ca_cert_identifier = var.ca_cert_identifier
   89    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-documentdb-encryption-customer-key
      Impact Using AWS managed keys does not allow for fine grained control
  Resolution Enable encryption using customer managed keys

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/documentdb/encryption-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             67.855µs
  parsing              54.213871ms
  adaptation           132.577µs
  checks               3.249244ms
  total                57.663547ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     40
  files read           4

  results
  ──────────────────────────────────────────
  passed               2
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  1

  2 passed, 1 ignored, 1 potential problem(s) detected.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Instance encryption does not use a customer-managed KMS key. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:80-89
────────────────────────────────────────────────────────────────────────────────
   80    resource "aws_docdb_cluster_instance" "this" {
   81      count              = var.enable ? var.cluster_size : 0
   82      identifier         = "${var.database_name}-${count.index + 1}"
   83      cluster_identifier = aws_docdb_cluster.this[0].id
   84      apply_immediately  = var.apply_immediately
   85      instance_class     = var.instance_class
   86      tags               = module.labels.tags
   87      engine             = var.engine
   88      ca_cert_identifier = var.ca_cert_identifier
   89    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-documentdb-encryption-customer-key
      Impact Using AWS managed keys does not allow for fine grained control
  Resolution Enable encryption using customer managed keys

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/documentdb/encryption-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             115.534µs
  parsing              36.007269ms
  adaptation           110.566µs
  checks               5.725865ms
  total                41.959234ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     40
  files read           4

  results
  ──────────────────────────────────────────
  passed               2
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  1

  2 passed, 1 ignored, 1 potential problem(s) detected.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Instance encryption does not use a customer-managed KMS key. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:88
────────────────────────────────────────────────────────────────────────────────
   80    resource "aws_docdb_cluster_instance" "this" {
   81      count              = var.enable ? var.cluster_size : 0
   82      identifier         = "${var.database_name}-${count.index + 1}"
   83      cluster_identifier = aws_docdb_cluster.this[0].id
   84      apply_immediately  = var.apply_immediately
   85      instance_class     = var.instance_class
   86      tags               = module.labels.tags
   87      engine             = var.engine
   88  [   kms_key_id         = var.kms_key_id ("")
   ..  
────────────────────────────────────────────────────────────────────────────────
          ID aws-documentdb-encryption-customer-key
      Impact Using AWS managed keys does not allow for fine grained control
  Resolution Enable encryption using customer managed keys

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/documentdb/encryption-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             74.658µs
  parsing              65.1947ms
  adaptation           114.765µs
  checks               3.568365ms
  total                68.952488ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     40
  files read           4

  results
  ──────────────────────────────────────────
  passed               2
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  1

  2 passed, 1 ignored, 1 potential problem(s) detected.

@clouddrove-ci
Copy link
Member

Terraform Security Scan Failed

Show Output
Result #1 LOW Instance encryption does not use a customer-managed KMS key. 
────────────────────────────────────────────────────────────────────────────────
  main.tf:80-89
────────────────────────────────────────────────────────────────────────────────
   80    resource "aws_docdb_cluster_instance" "this" {
   81      count              = var.enable ? var.cluster_size : 0
   82      identifier         = "${var.database_name}-${count.index + 1}"
   83      cluster_identifier = aws_docdb_cluster.this[0].id
   84      apply_immediately  = var.apply_immediately
   85      instance_class     = var.instance_class
   86      tags               = module.labels.tags
   87      engine             = var.engine
   88      ca_cert_identifier = var.ca_cert_identifier
   89    }
────────────────────────────────────────────────────────────────────────────────
          ID aws-documentdb-encryption-customer-key
      Impact Using AWS managed keys does not allow for fine grained control
  Resolution Enable encryption using customer managed keys

  More Information
  - https://aquasecurity.github.io/tfsec/latest/checks/aws/documentdb/encryption-customer-key/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster#kms_key_id
────────────────────────────────────────────────────────────────────────────────


  timings
  ──────────────────────────────────────────
  disk i/o             74.257µs
  parsing              49.661731ms
  adaptation           113.641µs
  checks               4.709642ms
  total                54.559271ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     40
  files read           4

  results
  ──────────────────────────────────────────
  passed               2
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  1

  2 passed, 1 ignored, 1 potential problem(s) detected.

@clouddrove-ci clouddrove-ci enabled auto-merge (squash) February 8, 2024 18:36
@clouddrove-ci clouddrove-ci removed the request for review from h1manshu98 February 8, 2024 18:36
@clouddrove-ci clouddrove-ci merged commit 0ed313d into master Feb 8, 2024
14 checks passed
@clouddrove-ci clouddrove-ci deleted the fix/parameter branch February 8, 2024 18:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants