Skip to content

Commit

Permalink
fine tuning
Browse files Browse the repository at this point in the history
  • Loading branch information
Lubbers committed Feb 26, 2020
1 parent 845af3e commit 485bb23
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 5 deletions.
8 changes: 5 additions & 3 deletions aws-eventdriven-osaudit/terraform/enable-ec2-syslog.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ data "aws_caller_identity" "current" {}
data "aws_region" "current" {}

resource "aws_iam_role" "lambda_role" {
name = "syslog-lambda-${var.aws_region}"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
Expand All @@ -28,7 +29,7 @@ EOF
}

resource "aws_iam_role_policy" "CreateEC2Syslog" {
name = "CreateEC2Syslog"
name = "EnableEC2Syslog"
role = "${aws_iam_role.lambda_role.id}"
policy = <<EOF
{
Expand Down Expand Up @@ -78,6 +79,7 @@ EOF
}

resource "aws_iam_role" "invocation_role" {
name = "syslog-invoke-${var.aws_region}"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
Expand Down Expand Up @@ -114,7 +116,7 @@ EOF
}

resource "aws_iam_role" "ec2syslog_role" {
name = "Syslog"
name = "Syslog-${var.aws_region}"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
Expand All @@ -132,7 +134,7 @@ EOF
}

resource "aws_iam_instance_profile" "ec2syslog_profile" {
name = "ec2syslog"
name = "syslog"
role = "${aws_iam_role.ec2syslog_role.name}"
}

Expand Down
3 changes: 3 additions & 0 deletions aws-eventdriven-vpcflowlogs/enable-flow-logs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ data "aws_caller_identity" "current" {}
data "aws_region" "current" {}

resource "aws_iam_role" "lambda_role" {
name = "enable-flow-logs-lambda-${var.aws_region}"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
Expand All @@ -28,6 +29,7 @@ EOF
}

resource "aws_iam_role" "invocation_role" {
name = "enable-flow-logs-invoke-${var.aws_region}"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
Expand All @@ -45,6 +47,7 @@ EOF
}

resource "aws_iam_role" "flowlogs_role" {
name = "enable-flow-logs-role-${var.aws_region}"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
Expand Down
4 changes: 2 additions & 2 deletions azure-automation-nsgdiagsettings/enable-nsg-diag-settings.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ resource "azurerm_automation_runbook" "automation_runbook_diag" {
automation_account_name = "${data.azurerm_automation_account.automation_account.name}"
log_verbose = "true"
log_progress = "true"
description = "This is an example runbook"
description = "This runbook automates the enablement of diagnostic settings per Azure resource"
runbook_type = "PowerShell"

publish_content_link {
Expand All @@ -53,7 +53,7 @@ resource "azurerm_automation_runbook" "automation_runbook_nsg" {
automation_account_name = "${data.azurerm_automation_account.automation_account.name}"
log_verbose = "true"
log_progress = "true"
description = "This is an example runbook"
description = "This runbook automates the enablement of NSG flow logs per NSG and storage account region"
runbook_type = "PowerShell"

publish_content_link {
Expand Down

0 comments on commit 485bb23

Please sign in to comment.