Skip to content

feat: Allow CloudWatch Log Encryption and Default Security Group Management #246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jan 19, 2022
Merged

feat: Allow CloudWatch Log Encryption and Default Security Group Management #246

merged 4 commits into from
Jan 19, 2022

Conversation

chtakahashi
Copy link
Contributor

Description

This PR adds some optional variables.

  • cloudwatch_logs_kms_key_id, to encrypt the Cloudwatch Log Group created in the module
  • manage_default_security_group, to allow the submodule terraform-aws-modules/vpc/aws to manage the default security group
    • default_security_group_ingress and default_security_group_egress also included

Motivation and Context

This change gives a few options to make the module friendly to the Config rule set we have set up in our AWS environment, which requires Cloudwatch Log Groups to be encrypted and default Security Groups to be closed.

Breaking Changes

No breaking changes. All new variables are optional

How Has This Been Tested?

We are using this in our own AWS environment.

chtakahashi and others added 4 commits January 18, 2022 10:54
@chtakahashi
add the ability to optionally encrypt cloudwatch logs and to manage t…
fda1246 
…he default security group of the atlantis vpc
@chtakahashi
Merge pull request #1 from trussworks/vpc-security-and-cloudwatch-enc…
4b71519 
…ryption

add the ability to optionally encrypt cloudwatch logs and to manage t…
@chtakahashi
fix readme to include new vars
9c8d923
@chtakahashi
Merge pull request #2 from trussworks/prep-for-merge
203110e 
fix readme to include new vars
@antonbabenko antonbabenko merged commit 6a27fff into terraform-aws-modules:master Jan 19, 2022
antonbabenko pushed a commit that referenced this pull request Jan 19, 2022
@semantic-release-bot
chore(release): version 3.8.0 [skip ci]
bc9c79b 
## [3.8.0](v3.7.0...v3.8.0) (2022-01-19)

### Features

* Allow CloudWatch Log Encryption and Default Security Group Management ([#246](#246)) ([6a27fff](6a27fff))
@antonbabenko
Copy link
Member

This PR is included in version 3.8.0 🎉

@github-actions
Copy link

github-actions bot commented Nov 9, 2022

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 9, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chtakahashi @antonbabenko