Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNS Topic Policy duplicated #11

Open
ghost opened this issue Aug 26, 2021 · 1 comment
Open

SNS Topic Policy duplicated #11

ghost opened this issue Aug 26, 2021 · 1 comment
Labels
bug 🐛 An issue with the system

Comments

@ghost
Copy link

ghost commented Aug 26, 2021

Found a bug? Maybe our Slack Community can help.

Slack Community

Describe the Bug

The module is trying to attach an SNS policy here https://github.com/cloudposse/terraform-aws-guardduty/blob/master/main.tf#L35 but the SNS topic in the module here https://github.com/cloudposse/terraform-aws-guardduty/blob/master/main.tf#L14 already has a policy attached https://github.com/cloudposse/terraform-aws-sns-topic/blob/master/main.tf#L40, so always the plan is showing the following:

 # module.pave-guardduty.module.guardduty.aws_sns_topic_policy.sns_topic_publish_policy[0] has been changed
  ~ resource "aws_sns_topic_policy" "sns_topic_publish_policy" {
        id     = "arn:aws:sns:us-east-1:361452620376:pavedev-us-east-1-pave-us-east-1-guardduty-guardduty"
      ~ policy = jsonencode(
          ~ {
              ~ Id        = "GuardDutyPublishToSNS" -> "SNSTopicsPub"
                # (2 unchanged elements hidden)
            }
        )
        # (2 unchanged attributes hidden)
    }
  # module.pave-guardduty.module.guardduty.module.sns_topic[0].aws_sns_topic.this has been changed
  ~ resource "aws_sns_topic" "this" {
        id                                       = "arn:aws:sns:us-east-1:361452620376:pavedev-us-east-1-pave-us-east-1-guardduty-guardduty"
        name                                     = "pavedev-us-east-1-pave-us-east-1-guardduty-guardduty"
      ~ policy                                   = jsonencode(
          ~ {
              ~ Id        = "GuardDutyPublishToSNS" -> "SNSTopicsPub"
                # (2 unchanged elements hidden)
            }
        )
        tags                                     = {
            "Attributes"  = "guardduty"
            "Environment" = "us-east-1"
            "Name"        = "pavedev-us-east-1-pave-us-east-1-guardduty-guardduty"
            "Namespace"   = "pavedev"
        }
        # (12 unchanged attributes hidden)
    }

Expected Behavior

We should just define one policy of pass to the SNS module the arn of the policy that is being created here.

Anything that will help us triage the bug will help. Here are some ideas:

  • OS: [e.g. Linux, OSX, WSL, etc]
  • Version [e.g. 10.15]

Additional Context

Add any other context about the problem here.
@ghost ghost added the bug 🐛 An issue with the system label Aug 26, 2021
@kierang-contino
Copy link

As far as I can tell, this should be resolved by the SNS Topic module version 0.20.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug 🐛 An issue with the system
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kierang-contino