Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: edge case when not logging to cloudwatch #161

Merged
merged 3 commits into from
Dec 29, 2020
Merged

fix: edge case when not logging to cloudwatch #161

merged 3 commits into from
Dec 29, 2020

Conversation

willfarrell
Copy link
Contributor

Fixes:

Error: Attempt to get attribute from null value

  on .terraform/modules/security/main.tf line 70, in module "alarm_baseline":
  70:   cloudtrail_log_group_name = local.is_cloudtrail_enabled ? module.cloudtrail_baseline.log_group.name : ""
    |----------------
    | module.cloudtrail_baseline.log_group is null

Module:

module "security" {
 source = "nozaq/secure-baseline/aws"
 account_type = "individual"
 aws_account_id = data.aws_caller_identity.current.account_id
 #master_account_id = data.terraform_remote_state.master.outputs.account_id # Future
 audit_log_bucket_name = module.logs-edge.id 
 use_external_audit_log_bucket = true
 cloudtrail_s3_key_prefix = ""
 vpc_flow_logs_s3_key_prefix = ""
 config_s3_bucket_key_prefix = ""
 config_delivery_frequency = "TwentyFour_Hours"
 cloudtrail_cloudwatch_logs_enabled = false

 securityhub_enable_aws_foundational_standard = true
 securityhub_enable_cis_standard = true
 securityhub_enable_pci_dss_standard = false

 create_password_policy = false
 create_manager_role = true
 create_master_role = true
 create_support_role = false
 support_iam_role_principal_arns = []

 region = var.region
 target_regions = [
   var.region,
   "us-east-1", # edge
   ]

 #tags = local.workspace["tags"]

 providers = {
   aws = aws.edge
   aws.ap-northeast-1 = aws.ap-northeast-1
   aws.ap-northeast-2 = aws.ap-northeast-2
   aws.ap-northeast-3 = aws.ap-northeast-3
   aws.ap-south-1 = aws.ap-south-1
   aws.ap-southeast-1 = aws.ap-southeast-1
   aws.ap-southeast-2 = aws.ap-southeast-2
   aws.ca-central-1 = aws.ca-central-1
   aws.eu-central-1 = aws.eu-central-1
   aws.eu-north-1 = aws.eu-north-1
   aws.eu-west-1 = aws.eu-west-1
   aws.eu-west-2 = aws.eu-west-2
   aws.eu-west-3 = aws.eu-west-3
   aws.sa-east-1 = aws.sa-east-1
   aws.us-east-1 = aws.us-east-1
   aws.us-east-2 = aws.us-east-2
   aws.us-west-1 = aws.us-west-1
   aws.us-west-2 = aws.us-west-2
 }
}

@willfarrell willfarrell changed the title fix: edge case with not logging to cloudwatch fix: edge case with out logging to cloudwatch Dec 23, 2020
@willfarrell willfarrell changed the title fix: edge case with out logging to cloudwatch fix: edge case when not logging to cloudwatch Dec 23, 2020
@nozaq nozaq merged commit a87c731 into nozaq:master Dec 29, 2020
@nozaq
Copy link
Owner

nozaq commented Dec 29, 2020

@willfarrell Thanks for the patch. LGTM!

@nozaq nozaq added the bug Something isn't working label Dec 29, 2020
@willfarrell
Copy link
Contributor Author

No problem!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@willfarrell @nozaq