diff --git a/CHANGELOG.md b/CHANGELOG.md
index 64edc32..f967c06 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -130,4 +130,6 @@
- flowlogs
- update template to use account-alias and vpc name
-## Version 2.x
+* 1.6.7 -- 2022-07-15
+ - fix flowlogs filename
+
diff --git a/common/version.tf b/common/version.tf
index 359f270..333737f 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,5 +1,5 @@
locals {
- _module_version = "1.6.6"
+ _module_version = "1.6.7"
_module_names = {
"_main_" = "aws-vpc-setup"
diff --git a/flowlogs/README.md b/flowlogs/README.md
index 4ac193d..43f0fd7 100644
--- a/flowlogs/README.md
+++ b/flowlogs/README.md
@@ -53,6 +53,7 @@ module "flowlogs" {
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | >= 3.66.0 |
+| [local](#provider\_local) | n/a |
| [null](#provider\_null) | >= 3.0 |
| [template](#provider\_template) | >= 2.0 |
@@ -70,11 +71,12 @@ No modules.
| [aws_flow_log.flowlog_cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/flow_log) | resource |
| [aws_flow_log.flowlog_public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/flow_log) | resource |
| [aws_kinesis_stream.flowlog](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_stream) | resource |
-| [null_resource.splunk_flowlog_tasks_flowlog](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [local_file.splunk_flowlog](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
+| [null_resource.splunk_flowlog](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
-| [template_file.splunk_flowlog_tasks_flowlog](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source |
+| [template_file.splunk_flowlog](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source |
## Inputs
diff --git a/flowlogs/main.tf b/flowlogs/main.tf
index 5bdbcba..4f4ad61 100644
--- a/flowlogs/main.tf
+++ b/flowlogs/main.tf
@@ -143,7 +143,7 @@ resource "aws_cloudwatch_log_subscription_filter" "flowlog" {
#---
# generate splunk inputs file
#---
-data "template_file" "splunk_flowlog_tasks_flowlog" {
+data "template_file" "splunk_flowlog" {
template = file("${path.module}/templates/aws_kinesis_tasks.conf.tpl")
vars = {
account_id = local.account_id
@@ -155,13 +155,27 @@ data "template_file" "splunk_flowlog_tasks_flowlog" {
}
}
-resource "null_resource" "splunk_flowlog_tasks_flowlog" {
- provisioner "local-exec" {
- working_dir = path.root
- command = "test -d setup || mkdir setup"
+resource "null_resource" "splunk_flowlog" {
+ triggers = {
+ filename = format("aws_kinesis_tasks.%v-%v.%v.%v.conf", local.account_id, local.account_alias, local.region, locak.flowlog_stream_name)
+ directory = format("%v/setup", path.root)
}
provisioner "local-exec" {
- working_dir = "${path.root}/setup"
- command = "echo '${data.template_file.splunk_flowlog_tasks_flowlog.rendered}' > aws_kinesis_tasks.${local.flowlog_stream_name}.conf"
+ command = "test -d ${self.triggers.directory} || mkdir ${self.triggers.directory}"
}
+
+ # provisioner "local-exec" {
+ # working_dir = path.root
+ # command = "test -d setup || mkdir setup"
+ # }
+ # provisioner "local-exec" {
+ # working_dir = "${path.root}/setup"
+ # command = "echo '${data.template_file.splunk_flowlog_tasks_flowlog.rendered}' > aws_kinesis_tasks.${local.flowlog_stream_name}.conf"
+ # }
+}
+
+resource "local_file" "splunk_flowlog" {
+ content = data.template_file.splunk_flowlog.rendered
+ file_permission = "0644"
+ filename = var.enable_sqs ? format("%v/%v", null_resource.splunk_flowlog.triggers.directory, null_resource.splunk_cloudtrail.triggers.filename) : null
}