Introducing destinations in lambda function #88

ewastempel · 2023-12-05T18:17:49Z

This PR is to implement ministryofjustice/modernisation-platform#2722.

This is to allow passing of topic arns for destination config of a lambda function to allow for alerting on failure/success using SNS topics.

The change is backwards compatible.

This has been run locally with terraform plan using the instance scheduller code. This plans out OK.

github-actions · 2023-12-05T18:19:50Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             115.727µs
  parsing              2.126522ms
  adaptation           85.229µs
  checks               7.245711ms
  total                9.573189ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Failed

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-05 18:19:47,808 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 175, Failed checks: 1, Skipped checks: 0

Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Generate Terraform README docs)
	File: /.github/workflows/documentation.yml:0-1

checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T11:38:53Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             72.534µs
  parsing              1.856568ms
  adaptation           83.224µs
  checks               3.242715ms
  total                5.255041ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Failed

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 11:38:50,513 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 175, Failed checks: 1, Skipped checks: 0

Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Generate Terraform README docs)
	File: /.github/workflows/documentation.yml:0-1

checkov_exitcode=1

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

…eckov issue

github-actions · 2023-12-06T12:50:16Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             82.415µs
  parsing              1.955632ms
  adaptation           84.698µs
  checks               4.666632ms
  total                6.789377ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 12:50:13,162 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T13:11:31Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             103.213µs
  parsing              3.011809ms
  adaptation           87.804µs
  checks               3.40747ms
  total                6.610296ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 13:11:18,956 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T13:32:11Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             68.498µs
  parsing              1.898795ms
  adaptation           83.836µs
  checks               3.243023ms
  total                5.294152ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 13:32:08,586 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T14:50:31Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             71.894µs
  parsing              1.940296ms
  adaptation           84.318µs
  checks               8.890573ms
  total                10.987081ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 14:50:29,171 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T15:25:37Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             80.851µs
  parsing              2.011284ms
  adaptation           87.382µs
  checks               3.392713ms
  total                5.57223ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 15:25:34,299 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T15:39:04Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             79.618µs
  parsing              2.065785ms
  adaptation           93.484µs
  checks               3.325965ms
  total                5.564852ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 15:39:02,275 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 188, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Failed

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Command line arguments support was dropped in v0.47. Use --chdir or --filter instead.
tflint_exitcode=1

github-actions · 2023-12-06T16:02:02Z

`TFSEC Scan` Success

Show Output

*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             278.85µs
  parsing              2.94473ms
  adaptation           101.68µs
  checks               9.892249ms
  total                13.217509ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     37
  files read           4

  results
  ──────────────────────────────────────────
  passed               0
  ignored              1
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

`Checkov Scan` Success

Show Output

*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
2023-12-06 16:02:00,266 [MainThread  ] [WARNI]  Failed to download module github.com/ministryofjustice/modernisation-platform-terraform-s3-bucket?ref=8688bc1:None (for external modules, the --download-external-modules flag is required)
terraform scan results:

Passed checks: 48, Failed checks: 0, Skipped checks: 8

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

`CTFLint Scan` Success

Show Output

*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

Introducing destinations in lambda function

94ad4f1

ewastempel requested a review from a team as a code owner December 5, 2023 18:17

Commit changes made by code formatters

eb1a29b

ewastempel and others added 2 commits December 6, 2023 11:36

Correcting descriptions of the sns topic variables

c56dab1

terraform-docs: automated action

be9e6f4

Removing write permission in documentation.yml pipeline to address ch…

a57ebfc

…eckov issue

Addressing tflint deprecation issue

d73d71f

Setting tflint to a specific version

ad78904

Addressing the tflint issue

dc7ec21

Debugging tflint

752a64f

Updating code scanning/analysis to address tflint issue

0dbcfec

ep-93 approved these changes Dec 6, 2023

View reviewed changes

ewastempel merged commit 5a3c02a into main Dec 6, 2023
5 checks passed

ewastempel deleted the feature-2722-instance-scheduler-alerts branch December 6, 2023 16:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Introducing destinations in lambda function #88

Introducing destinations in lambda function #88

ewastempel commented Dec 5, 2023 •

edited

Loading

github-actions bot commented Dec 5, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

github-actions bot commented Dec 6, 2023

Introducing destinations in lambda function #88

Introducing destinations in lambda function #88

Conversation

ewastempel commented Dec 5, 2023 • edited Loading

github-actions bot commented Dec 5, 2023

TFSEC Scan Success

Checkov Scan Failed

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Failed

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Failed

github-actions bot commented Dec 6, 2023

TFSEC Scan Success

Checkov Scan Success

CTFLint Scan Success

ewastempel commented Dec 5, 2023 •

edited

Loading

`TFSEC Scan` Success

`Checkov Scan` Failed

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Failed

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Failed

`TFSEC Scan` Success

`Checkov Scan` Success

`CTFLint Scan` Success