feat: Add support for use random cloudtrail name (#1658)

leijin-lw · web-flow · commit 97a45bcde3ec · 2024-09-19T16:29:21.000-07:00
Signed-off-by: Lei Jin &lt;lei.jin@lacework.net&gt;
diff --git a/lwgenerate/aws/aws.go b/lwgenerate/aws/aws.go
@@ -8,6 +8,7 @@ import (
 	"slices"
 	"strings"
 
+	"github.com/google/uuid"
 	"github.com/hashicorp/hcl/v2/hclwrite"
 	"github.com/pkg/errors"
 
@@ -294,6 +295,9 @@ type GenerateAwsTfConfigurationArgs struct {
 	// Lacework Organization
 	LaceworkOrganizationLevel bool
 
+	// Use random Cloudtrail name
+	UseCloudTrailRandomName bool
+
 	// Default AWS Provider Tags
 	ProviderDefaultTags map[string]interface{}
 
@@ -595,6 +599,13 @@ func WithControlTowerLogArchiveAccount(LogArchiveAccount *AwsSubAccount) AwsTerr
 	}
 }
 
+// WithUseCloudTrailRandomName CloudTrail random name
+func WithUseCloudTrailRandomName(useCloudTrailRandomName bool) AwsTerraformModifier {
+	return func(c *GenerateAwsTfConfigurationArgs) {
+		c.UseCloudTrailRandomName = useCloudTrailRandomName
+	}
+}
+
 // WithControlTowerKmsKeyArn Set ControlTower custom KMS key ARN
 func WithControlTowerKmsKeyArn(kmsKeyArn string) AwsTerraformModifier {
 	return func(c *GenerateAwsTfConfigurationArgs) {
@@ -1049,6 +1060,12 @@ func createCloudtrail(args *GenerateAwsTfConfigurationArgs) (*hclwrite.Block, er
 		if args.ConsolidatedCloudtrail {
 			attributes["consolidated_trail"] = true
 		}
+
+		if args.UseCloudTrailRandomName {
+			uid := uuid.New().String()[:8]
+			attributes["cloudtrail_name"] = fmt.Sprintf("lacework-cloudtrail-%s", uid)
+		}
+
 		// S3 Bucket attributes
 		if args.CloudtrailUseExistingTrail {
 			attributes["use_existing_cloudtrail"] = true
