Add TFE agent pool support to AVM #98

shoekstra · 2021-03-19T20:18:39Z

No description provided.

github-actions · 2021-03-19T20:19:32Z

`terraform validate` Failed


Error: Missing required argument

  on main.tf line 52, in module "workspace":
  52: module "workspace" {

The argument "repository_name" is required, but no definition was found.


Error: Unsupported argument

  on main.tf line 62, in module "workspace":
  62:   github_organization    = var.defaults.github_organization

An argument named "github_organization" is not expected here.


Error: Unsupported argument

  on main.tf line 63, in module "workspace":
  63:   github_repository      = var.name

An argument named "github_repository" is not expected here.

Workflow: Terraform, Action: hashicorpterraform-github-actions2, Working Directory: ./modules/avm, Workspace: default

github-actions · 2021-03-19T20:19:34Z

`Terraform Security Scan` Failed

Show Output

Check 1

  [AWS063][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not set multi region trail config.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS063/ for more information. 

Check 2

  [AWS064][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not enable log file validation.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS064/ for more information. 

Check 3

  [AWS065][ERROR] Resource 'aws_cloudtrail.additional_auditing_trail' does not have a kms_key_id set.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS065/ for more information. 

  times
  ------------------------------------------
  disk i/o             8.622191ms
  parsing HCL          36.9µs
  evaluating values    10.698714ms
  running checks       3.081432ms

  counts
  ------------------------------------------
  files loaded         10
  blocks               98
  evaluated blocks     98
  modules              0
  module blocks        0

3 potential problems detected.

github-actions · 2021-03-19T20:22:36Z

`Terraform Security Scan` Failed

Show Output

Check 1

  [AWS063][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not set multi region trail config.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS063/ for more information. 

Check 2

  [AWS064][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not enable log file validation.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS064/ for more information. 

Check 3

  [AWS065][ERROR] Resource 'aws_cloudtrail.additional_auditing_trail' does not have a kms_key_id set.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS065/ for more information. 

  times
  ------------------------------------------
  disk i/o             7.917817ms
  parsing HCL          36.101µs
  evaluating values    10.310353ms
  running checks       3.156247ms

  counts
  ------------------------------------------
  files loaded         10
  blocks               98
  evaluated blocks     98
  modules              0
  module blocks        0

3 potential problems detected.

github-actions · 2021-03-19T20:22:37Z

`terraform validate` Failed


Error: Missing required argument

  on main.tf line 52, in module "workspace":
  52: module "workspace" {

The argument "repository_name" is required, but no definition was found.


Error: Unsupported argument

  on main.tf line 62, in module "workspace":
  62:   github_organization    = var.defaults.github_organization

An argument named "github_organization" is not expected here.


Error: Unsupported argument

  on main.tf line 63, in module "workspace":
  63:   github_repository      = var.name

An argument named "github_repository" is not expected here.

Workflow: Terraform, Action: hashicorpterraform-github-actions2, Working Directory: ./modules/avm, Workspace: default

Signed-off-by: Stephen Hoekstra <[email protected]>

github-actions · 2021-03-19T20:36:16Z

`terraform validate` Failed


Error: Missing required argument

The argument "token" is required, but was not set.

Workflow: Terraform, Action: hashicorpterraform-github-actions2, Working Directory: ./modules/avm, Workspace: default

github-actions · 2021-03-19T20:36:18Z

`Terraform Security Scan` Failed

Show Output

Check 1

  [AWS063][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not set multi region trail config.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS063/ for more information. 

Check 2

  [AWS064][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not enable log file validation.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS064/ for more information. 

Check 3

  [AWS065][ERROR] Resource 'aws_cloudtrail.additional_auditing_trail' does not have a kms_key_id set.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS065/ for more information. 

  times
  ------------------------------------------
  disk i/o             9.209446ms
  parsing HCL          38.4µs
  evaluating values    10.310452ms
  running checks       3.439217ms

  counts
  ------------------------------------------
  files loaded         10
  blocks               98
  evaluated blocks     98
  modules              0
  module blocks        0

3 potential problems detected.

Signed-off-by: Stephen Hoekstra <[email protected]>

github-actions · 2021-03-19T20:41:36Z

`Terraform Security Scan` Failed

Show Output

Check 1

  [AWS065][ERROR] Resource 'aws_cloudtrail.additional_auditing_trail' does not have a kms_key_id set.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS065/ for more information. 

Check 2

  [AWS063][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not set multi region trail config.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS063/ for more information. 

Check 3

  [AWS064][WARNING] Resource 'aws_cloudtrail.additional_auditing_trail' does not enable log file validation.
  /github/workspace/main.tf:1-7

       1 | resource "aws_cloudtrail" "additional_auditing_trail" {
       2 |   count                 = var.additional_auditing_trail != null ? 1 : 0
       3 |   name                  = var.additional_auditing_trail.name
       4 |   s3_bucket_name        = var.additional_auditing_trail.bucket
       5 |   is_organization_trail = true
       6 |   tags                  = var.tags
       7 | }
       8 | 
       9 | resource "aws_cloudwatch_log_metric_filter" "iam_activity_master" {
      10 |   for_each = var.monitor_iam_activity ? local.iam_activity : {}

   See https://tfsec.dev/docs/aws/AWS064/ for more information. 

  times
  ------------------------------------------
  disk i/o             8.30825ms
  parsing HCL          38.602µs
  evaluating values    11.27924ms
  running checks       2.927688ms

  counts
  ------------------------------------------
  files loaded         10
  blocks               98
  evaluated blocks     98
  modules              0
  module blocks        0

3 potential problems detected.

shoekstra force-pushed the avm/add_tfe_agent_pool_id branch from 6b318fa to 2ccc39a Compare March 19, 2021 20:21

jaytjon approved these changes Mar 19, 2021

View reviewed changes

jaytjon previously approved these changes Mar 19, 2021

View reviewed changes

Add TFE agent pool support to AVM

fa78023

Signed-off-by: Stephen Hoekstra <[email protected]>

shoekstra dismissed jaytjon’s stale review via fa78023 March 19, 2021 20:35

shoekstra force-pushed the avm/add_tfe_agent_pool_id branch from 9861128 to fa78023 Compare March 19, 2021 20:35

Add GITLAB_TOKEN to fix test

2b4f6b5

Signed-off-by: Stephen Hoekstra <[email protected]>

shoekstra force-pushed the avm/add_tfe_agent_pool_id branch from cf8b90e to 2b4f6b5 Compare March 19, 2021 20:40

terraform-docs: Update module usage

27c8b98

jaytjon approved these changes Mar 19, 2021

View reviewed changes

shoekstra merged commit f15cf43 into master Mar 19, 2021

shoekstra deleted the avm/add_tfe_agent_pool_id branch March 19, 2021 20:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add TFE agent pool support to AVM #98

Add TFE agent pool support to AVM #98

shoekstra commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

Add TFE agent pool support to AVM #98

Add TFE agent pool support to AVM #98

Conversation

shoekstra commented Mar 19, 2021

github-actions bot commented Mar 19, 2021

terraform validate Failed

github-actions bot commented Mar 19, 2021

Terraform Security Scan Failed

github-actions bot commented Mar 19, 2021

Terraform Security Scan Failed

github-actions bot commented Mar 19, 2021

terraform validate Failed

github-actions bot commented Mar 19, 2021

terraform validate Failed

github-actions bot commented Mar 19, 2021

Terraform Security Scan Failed

github-actions bot commented Mar 19, 2021

Terraform Security Scan Failed

`terraform validate` Failed

`Terraform Security Scan` Failed

`Terraform Security Scan` Failed

`terraform validate` Failed

`terraform validate` Failed

`Terraform Security Scan` Failed

`Terraform Security Scan` Failed