From 97a45bcde3ec2948f3cd9f5c22358ee7346f442b Mon Sep 17 00:00:00 2001 From: Lei Jin <166442440+leijin-lw@users.noreply.github.com> Date: Thu, 19 Sep 2024 16:29:21 -0700 Subject: [PATCH] feat: Add support for use random cloudtrail name (#1658) Signed-off-by: Lei Jin --- lwgenerate/aws/aws.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/lwgenerate/aws/aws.go b/lwgenerate/aws/aws.go index e188a7ed6..e8110803c 100644 --- a/lwgenerate/aws/aws.go +++ b/lwgenerate/aws/aws.go @@ -8,6 +8,7 @@ import ( "slices" "strings" + "github.com/google/uuid" "github.com/hashicorp/hcl/v2/hclwrite" "github.com/pkg/errors" @@ -294,6 +295,9 @@ type GenerateAwsTfConfigurationArgs struct { // Lacework Organization LaceworkOrganizationLevel bool + // Use random Cloudtrail name + UseCloudTrailRandomName bool + // Default AWS Provider Tags ProviderDefaultTags map[string]interface{} @@ -595,6 +599,13 @@ func WithControlTowerLogArchiveAccount(LogArchiveAccount *AwsSubAccount) AwsTerr } } +// WithUseCloudTrailRandomName CloudTrail random name +func WithUseCloudTrailRandomName(useCloudTrailRandomName bool) AwsTerraformModifier { + return func(c *GenerateAwsTfConfigurationArgs) { + c.UseCloudTrailRandomName = useCloudTrailRandomName + } +} + // WithControlTowerKmsKeyArn Set ControlTower custom KMS key ARN func WithControlTowerKmsKeyArn(kmsKeyArn string) AwsTerraformModifier { return func(c *GenerateAwsTfConfigurationArgs) { @@ -1049,6 +1060,12 @@ func createCloudtrail(args *GenerateAwsTfConfigurationArgs) (*hclwrite.Block, er if args.ConsolidatedCloudtrail { attributes["consolidated_trail"] = true } + + if args.UseCloudTrailRandomName { + uid := uuid.New().String()[:8] + attributes["cloudtrail_name"] = fmt.Sprintf("lacework-cloudtrail-%s", uid) + } + // S3 Bucket attributes if args.CloudtrailUseExistingTrail { attributes["use_existing_cloudtrail"] = true