From 34c712d5864c172a486a9f247c94b79476aae17b Mon Sep 17 00:00:00 2001 From: Rich Green Date: Wed, 23 Oct 2024 16:41:41 +0100 Subject: [PATCH 1/2] Use `name_prefix` for uniqueness --- modules/securityhub/main.tf | 2 +- modules/securityhub/variables.tf | 2 +- test/securityhub-test/variables.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/securityhub/main.tf b/modules/securityhub/main.tf index d3fb2fd..e005dd9 100644 --- a/modules/securityhub/main.tf +++ b/modules/securityhub/main.tf @@ -168,7 +168,7 @@ resource "aws_kms_key" "sns_kms_key" { } resource "aws_kms_alias" "sns_kms_alias" { - name = var.sechub_sns_kms_key_name + name_prefix = var.sechub_sns_kms_key_name target_key_id = aws_kms_key.sns_kms_key.id } diff --git a/modules/securityhub/variables.tf b/modules/securityhub/variables.tf index 12b427a..23be49f 100644 --- a/modules/securityhub/variables.tf +++ b/modules/securityhub/variables.tf @@ -12,7 +12,7 @@ variable "sechub_sns_topic_name" { variable "sechub_sns_kms_key_name" { description = "SecurityHub SNS Topic KMS key name" - default = "alias/sechub-sns-kms-key" + default = "alias/sechub-sns-kms-key-" type = string } diff --git a/test/securityhub-test/variables.tf b/test/securityhub-test/variables.tf index dd88489..19bb22d 100644 --- a/test/securityhub-test/variables.tf +++ b/test/securityhub-test/variables.tf @@ -12,6 +12,6 @@ variable "sechub_sns_topic_name" { variable "sechub_sns_kms_key_name" { description = "SecurityHub SNS Topic KMS key name" - default = "alias/sechub-sns-kms-key" + default = "alias/sechub-sns-kms-key-" type = string } \ No newline at end of file From c3cd534035c4cca38926d98118ac60931ae58411 Mon Sep 17 00:00:00 2001 From: Rich Green Date: Wed, 23 Oct 2024 18:19:08 +0100 Subject: [PATCH 2/2] revert variable name changes --- modules/securityhub/variables.tf | 2 +- test/baselines_test.go | 2 +- test/securityhub-test/variables.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/securityhub/variables.tf b/modules/securityhub/variables.tf index 23be49f..7d1570b 100644 --- a/modules/securityhub/variables.tf +++ b/modules/securityhub/variables.tf @@ -12,7 +12,7 @@ variable "sechub_sns_topic_name" { variable "sechub_sns_kms_key_name" { description = "SecurityHub SNS Topic KMS key name" - default = "alias/sechub-sns-kms-key-" + default = "alias/sns-kms-key" type = string } diff --git a/test/baselines_test.go b/test/baselines_test.go index 3edee2c..aa01f2e 100644 --- a/test/baselines_test.go +++ b/test/baselines_test.go @@ -345,7 +345,7 @@ func TestTerraformSecurityHub(t *testing.T) { // Unique names for SecurityHub resources SecHubEventbridgeRuleName := fmt.Sprintf("sechub_high_and_critical_findings-%s", uniqueId) SecHubSNSTopicName := fmt.Sprintf("sechub_findings_sns_topic-%s", uniqueId) - SecHubSNSTopicKMSKey := fmt.Sprintf("alias/sechub-sns-kms-key-%s", uniqueId) + SecHubSNSTopicKMSKey := fmt.Sprintf("alias/sns-kms-key-%s", uniqueId) terraformOptions := &terraform.Options{ TerraformDir: terraformDir, diff --git a/test/securityhub-test/variables.tf b/test/securityhub-test/variables.tf index 19bb22d..5058e71 100644 --- a/test/securityhub-test/variables.tf +++ b/test/securityhub-test/variables.tf @@ -12,6 +12,6 @@ variable "sechub_sns_topic_name" { variable "sechub_sns_kms_key_name" { description = "SecurityHub SNS Topic KMS key name" - default = "alias/sechub-sns-kms-key-" + default = "alias/sns-kms-key" type = string } \ No newline at end of file