Merge pull request #96 from lorengordon/rework

.bumpversion.cfg

@@ -1,7 +1,6 @@
 [bumpversion]
-current_version = 1.0.6
+current_version = 2.0.0
 commit = True
 message = Bumps version to {new_version}
 tag = False
 tag_name = {new_version}
-

.gitignore

@@ -17,3 +17,7 @@ tardigrade-ci/
 
 # eclint
 .git/
+
+# terratest
+go.mod
+go.sum

CHANGELOG.md

@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/).
 
+### 2.0.0
+
+**Released**: 2020.09.15
+
+**Commit Delta**: [Change from 1.0.4 release](https://github.com/plus3it/terraform-aws-tardigrade-config-rules/compare/1.0.4..2.0.0)
+
+**Summary**:
+
+*   Entirely reworks module to be unopionated and allow users to create arbitrary config rules.
+    See `tests/create_legacy_config_rules` for a configuration that uses the new module to create
+    the prior set of config rules.
+*   Removes the var `create_config_rules`. Instead, use tf 0.13 and `count`/`for_each` on the module
+    block. See `tests/no_create`.
+*   Removes vendored custom config_rules, and instead uses a module block to pull them down during
+    `terraform init`. As a result, the `source_path` for custom config_rules has changed. For an example,
+    see the `source_path` argument in `tests/create_custom_config_rule`.
+*   Outputs the Config Rule object as `config_rule`.
+
 ### 1.0.4
 
 **Released**: 2019.10.28

Makefile

@@ -1,14 +1,3 @@
 export FIND_EXCLUDES = -not \( -name .terraform -prune \) -not \( -name .terragrunt-cache -prune \) -not \( -name vendor -prune \)
 
 -include $(shell curl -sSL -o .tardigrade-ci "https://raw.githubusercontent.com/plus3it/tardigrade-ci/master/bootstrap/Makefile.bootstrap"; echo .tardigrade-ci)
-
-clean::
-	rm -rf vendor
-
-VENDOR ?= vendor/github.com/awslabs/aws-config-rules
-vendor: $(VENDOR)
-	echo "root = true" > vendor/.editorconfig
-
-vendor/%:
-	git clone https://$(*).git vendor/$*
-	rm -rf vendor/$*/.git

README.md

@@ -14,30 +14,26 @@ make clean && make vendor
 
 | Name | Version |
 |------|---------|
-| terraform | >= 0.12 |
+| terraform | >= 0.13 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
 | aws | n/a |
-| null | n/a |
-| template | n/a |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| cloudtrail\_bucket | Name of S3 bucket to validate that CloudTrail logs are being delivered | `string` | `null` | no |
-| config\_bucket | Name of S3 bucket to validate that Config is configured to send inventory to | `string` | `null` | no |
-| config\_recorder | The name of the AWS Config recorder | `string` | `null` | no |
-| config\_sns\_topic\_arn | ARN of SNS topic to validate that Config changes are being streamed to | `string` | `null` | no |
-| create\_config\_rules | Controls whether to create the AWS Config Rules | `bool` | `true` | no |
-| exclude\_rules | List of config rule resource names to exclude from creation | `list(string)` | `[]` | no |
-| tags | Map of tags to apply to the resources | `map(string)` | `{}` | no |
+| config\_recorder\_id | ID of the config recorder in the account. Required to address the implicit dependency on the config recorder | `string` | n/a | yes |
+| config\_rule | Object of attributes for the config rule resource, see https://www.terraform.io/docs/providers/aws/r/config_config_rule.html#argument-reference. When `owner` is `AWS`, set `source_identifer` to the AWS predefined identifier for the rule. When `owner` is `CUSTOM_LAMBDA`, set `source_identifier` to `null` and it will be set to the ARN of the lambda function | <pre>object({<br>    description                 = string<br>    input_parameters            = string<br>    maximum_execution_frequency = string<br>    name                        = string<br>    owner                       = string<br>    source_identifier           = string<br>    tags                        = map(string)<br>    scope = object({<br>      compliance_resource_id    = string<br>      compliance_resource_types = list(string)<br>      tag_key                   = string<br>      tag_value                 = string<br>    })<br>    source_details = list(object({<br>      message_type = string<br>    }))<br>  })</pre> | n/a | yes |
+| lambda | Object of attributes for the lambda supporting a custom config rule, see https://www.terraform.io/docs/providers/aws/r/lambda_function.html#argument-reference. Required when `config_rule.owner` is `CUSTOM_LAMBDA` | <pre>object({<br>    description                    = string<br>    handler                        = string<br>    name                           = string<br>    policy                         = string<br>    runtime                        = string<br>    source_path                    = string<br>    reserved_concurrent_executions = number<br>    tags                           = map(string)<br>    timeout                        = number<br>  })</pre> | <pre>{<br>  "description": null,<br>  "handler": null,<br>  "name": null,<br>  "policy": null,<br>  "reserved_concurrent_executions": null,<br>  "runtime": null,<br>  "source_path": null,<br>  "tags": null,<br>  "timeout": null<br>}</pre> | no |
 
 ## Outputs
 
-No output.
+| Name | Description |
+|------|-------------|
+| config\_rule | AWS Config Rule object |
 
 <!-- END TFDOCS -->