update to use the latest modules

fleetdm · Mar 11, 2024 · 7ad6042 · 7ad6042
1 parent 33ef4b7
commit 7ad6042
Showing 1 changed file with 18 additions and 17 deletions.
diff --git a/infrastructure/dogfood/terraform/aws-tf-module/main.tf b/infrastructure/dogfood/terraform/aws-tf-module/main.tf
@@ -115,7 +115,7 @@ module "main" {
     }
     extra_iam_policies           = concat(module.firehose-logging.fleet_extra_iam_policies, module.osquery-carve.fleet_extra_iam_policies, module.ses.fleet_extra_iam_policies)
     extra_execution_iam_policies = concat(module.mdm.extra_execution_iam_policies, [aws_iam_policy.sentry.arn]) #, module.saml_auth_proxy.fleet_extra_execution_policies)
-    extra_environment_variables  = merge(
+    extra_environment_variables = merge(
       module.mdm.extra_environment_variables,
       module.firehose-logging.fleet_extra_environment_variables,
       module.osquery-carve.fleet_extra_environment_variables,
@@ -124,7 +124,7 @@ module "main" {
       module.geolite2.extra_environment_variables,
       module.vuln-processing.extra_environment_variables
     )
-    extra_secrets                = merge(module.mdm.extra_secrets, local.sentry_secrets)
+    extra_secrets = merge(module.mdm.extra_secrets, local.sentry_secrets)
     # extra_load_balancers         = [{
     #   target_group_arn = module.saml_auth_proxy.lb_target_group_arn
     #   container_name   = "fleet"
@@ -254,7 +254,7 @@ module "migrations" {
   depends_on = [
     module.geolite2
   ]
-  source                   = "github.com/fleetdm/fleet//terraform/addons/migrations?ref=tf-mod-addon-migrations-v2.0.0"
+  source                   = "github.com/fleetdm/fleet//terraform/addons/migrations?ref=tf-mod-addon-migrations-v2.0.1"
   ecs_cluster              = module.main.byo-vpc.byo-db.byo-ecs.service.cluster
   task_definition          = module.main.byo-vpc.byo-db.byo-ecs.task_definition.family
   task_definition_revision = module.main.byo-vpc.byo-db.byo-ecs.task_definition.revision
@@ -263,6 +263,7 @@ module "migrations" {
   ecs_service              = module.main.byo-vpc.byo-db.byo-ecs.service.name
   desired_count            = module.main.byo-vpc.byo-db.byo-ecs.appautoscaling_target.min_capacity
   min_capacity             = module.main.byo-vpc.byo-db.byo-ecs.appautoscaling_target.min_capacity
+  vuln_service             = module.vuln-processing.vuln_service_arn
 }
 
 module "mdm" {
@@ -451,17 +452,17 @@ module "geolite2" {
   license_key       = var.geolite2_license
 }
 
- module "vuln-processing" {
-   source                 = "github.com/fleetdm/fleet//terraform/addons/external-vuln-scans?ref=tf-mod-addon-external-vuln-scans-v2.0.1"
-   ecs_cluster            = module.main.byo-vpc.byo-db.byo-ecs.service.cluster
-   execution_iam_role_arn = module.main.byo-vpc.byo-db.byo-ecs.execution_iam_role_arn
-   subnets                = module.main.byo-vpc.byo-db.byo-ecs.service.network_configuration[0].subnets
-   security_groups        = module.main.byo-vpc.byo-db.byo-ecs.service.network_configuration[0].security_groups
-   fleet_config           = module.main.byo-vpc.byo-db.byo-ecs.fleet_config
-   task_role_arn          = module.main.byo-vpc.byo-db.byo-ecs.iam_role_arn
-   awslogs_config = {
-     group  = module.main.byo-vpc.byo-db.byo-ecs.fleet_config.awslogs.name
-     region = module.main.byo-vpc.byo-db.byo-ecs.fleet_config.awslogs.region
-     prefix = module.main.byo-vpc.byo-db.byo-ecs.fleet_config.awslogs.prefix
-   }
- }
+module "vuln-processing" {
+  source                 = "github.com/fleetdm/fleet//terraform/addons/external-vuln-scans?ref=tf-mod-addon-external-vuln-scans-v2.0.2"
+  ecs_cluster            = module.main.byo-vpc.byo-db.byo-ecs.service.cluster
+  execution_iam_role_arn = module.main.byo-vpc.byo-db.byo-ecs.execution_iam_role_arn
+  subnets                = module.main.byo-vpc.byo-db.byo-ecs.service.network_configuration[0].subnets
+  security_groups        = module.main.byo-vpc.byo-db.byo-ecs.service.network_configuration[0].security_groups
+  fleet_config           = module.main.byo-vpc.byo-db.byo-ecs.fleet_config
+  task_role_arn          = module.main.byo-vpc.byo-db.byo-ecs.iam_role_arn
+  awslogs_config = {
+    group  = module.main.byo-vpc.byo-db.byo-ecs.fleet_config.awslogs.name
+    region = module.main.byo-vpc.byo-db.byo-ecs.fleet_config.awslogs.region
+    prefix = module.main.byo-vpc.byo-db.byo-ecs.fleet_config.awslogs.prefix
+  }
+}