Merge pull request #92 from cahnk/configuration_aliases_update

Updated to use new configuration_aliases tag
plus3it · May 13, 2022 · e5e1c4a · e5e1c4a
2 parents cb71377 + 3dab723
commit e5e1c4a
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 21 deletions.
diff --git a/.bumpversion.cfg b/.bumpversion.cfg
@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2.0.2
+current_version = 3.0.0
 commit = True
 message = Bumps version to {new_version}
 tag = False

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/).
 
+### 3.0.0
+
+**Released**: 2022.05.13
+
+**Commit Delta**: [Change from 2.0.2 release](https://github.com/plus3it/terraform-aws-tardigrade-security-hub/compare/2.0.2...3.0.0)
+
+**Summary**:
+
+*   Updated to use new configuration_aliases tag. Also updated the provider profiles names to match the test framework construct.
+
 ### 2.0.2
 
 **Released**: 2021.11.22

diff --git a/modules/cross-account-member/main.tf b/modules/cross-account-member/main.tf
@@ -1,7 +1,3 @@
-provider "aws" {
-  alias = "administrator"
-}
-
 # Enables/configures Security Hub in member account
 module "account" {
   source = "../../"
@@ -14,8 +10,9 @@ module "account" {
 # Send invite from administrator account
 module "member" {
   source = "../member"
+
   providers = {
-    aws = aws.administrator
+    aws = aws.admininstrator
   }
 
   account_id = module.account.account.id
@@ -26,5 +23,7 @@ module "member" {
 module "accept" {
   source = "../accepter"
 
+  depends_on = [module.account]
+
   master_account_id = module.member.member.master_id
 }
diff --git a/modules/cross-account-member/versions.tf b/modules/cross-account-member/versions.tf
@@ -3,8 +3,9 @@ terraform {
 
   required_providers {
     aws = {
-      source  = "hashicorp/aws"
-      version = ">= 3.29.0"
+      source                = "hashicorp/aws"
+      version               = ">= 3.29.0"
+      configuration_aliases = [aws.admininstrator]
     }
   }
 }
diff --git a/tests/securityhub_cross_account/main.tf b/tests/securityhub_cross_account/main.tf
@@ -1,22 +1,35 @@
+# Provider to use as the securityhub member (aka invitee)
 provider "aws" {
   region  = "us-east-1"
-  profile = "resource-member"
+  profile = "aws" # Profile must exist in your .aws/config
 }
 
+# Provider to use as the securityhub administrator
 provider "aws" {
   region  = "us-east-1"
-  alias   = "resource-owner"
-  profile = "resource-owner"
+  alias   = "admininstrator"
+  profile = "awsalternate" # Profile must exist in your .aws/config
+}
+
+# Enables/configures Security Hub in administrator account
+module "securityhub_owner" {
+  source = "../../"
+
+  providers = {
+    aws = aws.admininstrator
+  }
 }
 
 module "securityhub" {
   source = "../../modules/cross-account-member"
 
   providers = {
-    aws               = aws
-    aws.administrator = aws.resource-owner
+    aws.admininstrator = aws.admininstrator
   }
 
+  # Without the following line it takes two attepts to destroy the resources created by the test
+  depends_on = [module.securityhub_owner]
+
   member_email = var.member_email
 
   standard_subscription_arns = [

diff --git a/tests/securityhub_cross_account/prereq/main.tf b/tests/securityhub_cross_account/prereq/main.tf