osodevops · richardgutkowski · Apr 21, 2020 · Apr 21, 2020
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 
 ---
 
-This Terraform module creates an encryption Lambda function that is triggered by a SNS notification on a successful AMI Packer build.
+This Terraform module creates an encryption Lambda function that is triggered by a SNS notification on a successful AMI Packer build. The module also creates a cloudwatch event that monitors build events and passes them to ami encryption lambda function. The cloudwatch even target is set to the ami encryption lambda, in order to run on any successful build.
 
 This project is part of our open source DevOps adoption approach. 
 

diff --git a/aws_cloudwatch_event_rule_build_success.tf b/aws_cloudwatch_event_rule_build_success.tf
@@ -1,6 +1,5 @@
 resource "aws_cloudwatch_event_rule" "build_alert" {
-  # Create cloudwatch event that monitors build events and passes them to ami encryption lambda function
-  name = "AMI-CODEBUILD-SUCESS-ALERT"
+  name = "${upper(var.environment)}-AMI-CODEBUILD-SUCESS-ALERT"
   description = "Send alerts to encrypt AMI on build success."
 
   event_pattern = <<PATTERN
@@ -21,7 +20,6 @@ resource "aws_cloudwatch_event_rule" "build_alert" {
 }
 
 resource "aws_cloudwatch_event_target" "lamba_alert" {
-  # Create ami encryption target
   rule      = aws_cloudwatch_event_rule.build_alert.name
   target_id = "ami-encryption-lambda"
   arn       = aws_lambda_function.ami_encryption_lambda.arn

diff --git a/aws_lambda_iam_policy_attachment.tf b/aws_lambda_iam_policy_attachment.tf
@@ -1,5 +1,5 @@
 resource "aws_iam_policy_attachment" "ami_encryption_policy" {
-  name       = "ami-encryption-attachment"
+  name       = "${var.environment}-ami-encryption-attachment"
   roles      = [aws_iam_role.ami_encrypt_lambda.name]
   policy_arn = aws_iam_policy.ami_encryption_policy.arn
 }
diff --git a/variables.tf b/variables.tf
@@ -1,4 +1,7 @@
-variable "environment" {}
+variable "environment" {
+  description = "Set the environment for where the ami encryption lambda is deployed."
+  type = string
+}
 
 variable "kms_key_arn" {
   description = "If Encrypt_ami set to true then you must pass in the arn of the key you wish to encrypt disk with."

diff --git a/±! b/±!
-Original file line number
+Diff line change
@@ Expand Up / @@ -4,7 +4,7 @@ @@
     ---
-    This Terraform module creates an encryption Lambda function that is triggered by a SNS notification on a successful AMI Packer build.
+    This Terraform module creates an encryption Lambda function that is triggered by a SNS notification on a successful AMI Packer build. The module also creates a cloudwatch event that monitors build events and passes them to ami encryption lambda function. The cloudwatch even target is set to the ami encryption lambda, in order to run on any successful build.
     This project is part of our open source DevOps adoption approach.
@@ Expand Down @@