Marking severity a variable

DNXLabs · May 3, 2021 · f4fcc9b · f4fcc9b
1 parent 77e36e4
commit f4fcc9b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/_variables.tf b/_variables.tf
@@ -16,6 +16,11 @@ variable "subscription_foundational" {
   description = "Enables AWS Foundational Security Best Practices subscription"
 }
 
+variable "severity_list" {
+  type = list
+  default = ["HIGH","CRITICAL"]
+}
+
 variable "members" {
   type       = list
   default     = []

diff --git a/eventbridge.tf b/eventbridge.tf
@@ -14,11 +14,7 @@ resource "aws_cloudwatch_event_rule" "securityhub" {
   "detail": {
     "findings": {
       "Severity": {
-        "Label": [
-          "MEDIUM",
-          "HIGH",
-          "CRITICAL"
-        ]
+        "Label": ${jsonencode(var.severity_list)}
       },
       "Workflow": {
         "Status": [