Merge pull request #42 from rogiermccv/fix_sg_reference

fix sg reference for egress rule
schubergphilis · Jun 2, 2022 · 73b5d8c · 73b5d8c
2 parents 924f5de + 9e67b06
commit 73b5d8c
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 3 deletions.
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -40,10 +40,21 @@ jobs:
         continue-on-error: true # added this to prevent a PR from a remote fork failing the workflow
 
   tfsec:
-    name: tfsec
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
         uses: actions/checkout@master
+
       - name: Terraform security scan
-        uses: triat/terraform-security-scan@v3.0.1
+        uses: aquasecurity/tfsec-action@v1.0.2
+        with:
+          additional_args: --concise-output
+          soft_fail: false
+          version: v1.15.4
+
+      - name: Terraform pr commenter
+        uses: aquasecurity/tfsec-pr-commenter-action@v1.2.0
+        with:
+          additional_args: --concise-output
+          github_token: ${{ github.token }}
+          tfsec_version: v1.15.4
diff --git a/main.tf b/main.tf
@@ -75,7 +75,7 @@ resource "aws_security_group_rule" "allow_all_egress" {
   to_port           = 0
   protocol          = "-1"
   cidr_blocks       = ["0.0.0.0/0"] #tfsec:ignore:aws-vpc-no-public-egress-sg
-  security_group_id = aws_security_group.default.id
+  security_group_id = aws_security_group.default[0].id
 }
 
 data "archive_file" "dummy" {