Skip to content

Commit

Permalink
Merge pull request #71 from ministryofjustice/fix/tfsec
Browse files Browse the repository at this point in the history
resolved tfsec issues
  • Loading branch information
dms1981 authored Apr 29, 2022
2 parents 21fac77 + fa7a5ec commit 3c00da3
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion config.tf
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ resource "aws_iam_role_policy_attachment" "config-publish-policy" {

# AWS Config: configure an S3 bucket
module "config-bucket" {
source = "github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v6.0.4"
source = "github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=v6.0.5"
providers = {
aws.bucket-replication = aws.replication-region
}
Expand Down
3 changes: 2 additions & 1 deletion modules/vpc/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ resource "aws_default_route_table" "default" {
## Network ACL
## Terraform mentions you should ignore subnet_ids for aws_default_network_acl
## because subnets always need to be associated with something, and if they're
## not explicity set, they will show up as a change
## not explicitly set, they will show up as a change
## See: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_network_acl#managing-subnets-in-the-default-network-acl
resource "aws_default_network_acl" "default" {
default_network_acl_id = aws_default_vpc.default.default_network_acl_id
Expand Down Expand Up @@ -56,6 +56,7 @@ resource "aws_default_security_group" "default" {

# VPC Flow Logs
## CloudWatch log group for VPC Flow Logs
# tfsec:ignore:aws-cloudwatch-log-group-customer-key
resource "aws_cloudwatch_log_group" "default-vpc-flow-logs" {
name = "default-vpc-flow-logs"
tags = var.tags
Expand Down

0 comments on commit 3c00da3

Please sign in to comment.