Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Baselines with AWS, Azure and GCP Mod Installs #833

Merged
merged 18 commits into from
Sep 23, 2024
Merged

Update Baselines with AWS, Azure and GCP Mod Installs #833

merged 18 commits into from
Sep 23, 2024

Conversation

vkumbha
Copy link
Contributor

@vkumbha vkumbha commented Aug 9, 2024

No description provided.

@vkumbha vkumbha marked this pull request as ready for review August 27, 2024 10:45
dboeke
dboeke requested changes Sep 10, 2024
View reviewed changes
baselines/aws/aws_mods/variables.tf Outdated
DESC
type = list(string)
type = list(string)
description = "The list of AWS Mods to install."
default = [
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we should have a default value for this? or if we do it should be a shorter list. we already have default.tfvars, so leaning toward not having a default in this file. or having the default just be aws by itself?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the default.tfvars has the shorter list required to get started with CIS atleast.. The intention of having the default in here is to show case the complete list of possibilities..

If we do not want it here, then I can update the README accordingly and redirect to Guardrails Hub for complete list of Mods/services supported?

Copy link
Contributor Author

@vkumbha vkumbha Sep 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the idea of using only default.tfvars with complete list and commenting out the ones not on by default.. but we will have to update the baselines as in when a new mod/policy is added/updated, whereas Guardrails Hub does that automatically. For an end-user just commenting/uncommenting the default.tfvars would be much easier rather than going back and forth between Guardrails Hub and guardrails-samples!

baselines/aws/aws_service_enabled/variables.tf Outdated Show resolved Hide resolved
baselines/azure/azure_mods/variables.tf Outdated Show resolved Hide resolved
baselines/gcp/gcp_mods/variables.tf Outdated Show resolved Hide resolved
@vkumbha vkumbha requested a review from dboeke September 20, 2024 12:56
@dboeke dboeke merged commit e358cd1 into main Sep 23, 2024
1 check passed
@dboeke dboeke deleted the refactor-baselines branch September 23, 2024 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dboeke dboeke dboeke approved these changes

@rajlearner17 rajlearner17 Awaiting requested review from rajlearner17

@SumitPopat SumitPopat Awaiting requested review from SumitPopat

Assignees

@vkumbha vkumbha

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vkumbha @dboeke