Skip to content

Commit

Permalink
datapipeline
Browse files Browse the repository at this point in the history
  • Loading branch information
@JamesWoolfenden
JamesWoolfenden committed Nov 29, 2023
1 parent ed37a8c commit 58088ae
Show file tree
Hide file tree
Showing 13 changed files with 241 additions and 112 deletions.
3 changes: 3 additions & 0 deletions src/aws.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -549,6 +549,9 @@ func AwsLookup(name string) interface{} {
"aws_kinesis_stream_consumer": awsKinesisStreamConsumer,
"aws_cloudwatch_log_destination_policy": awsCloudwatchLogDestinationPolicy,
"aws_cloudwatch_query_definition": awsCloudwatchQueryDestination,
"aws_datapipeline_pipeline": awsDatapipelinePipeline,
"aws_datapipeline_pipeline_definition": awsDatapipelinePipelineDefinition,
"aws_proxy_protocol_policy": awsProxyProtocolPolicy,
}

return TFLookup[name]
Expand Down
3 changes: 0 additions & 3 deletions src/coverage/aws.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,8 +144,6 @@ Datasource percentage coverage 99.80
./resource.ps1 aws_cur_report_definition
./resource.ps1 aws_dataexchange_data_set
./resource.ps1 aws_dataexchange_revision
./resource.ps1 aws_datapipeline_pipeline
./resource.ps1 aws_datapipeline_pipeline_definition
./resource.ps1 aws_datasync_agent
./resource.ps1 aws_datasync_location_azure_blob
./resource.ps1 aws_datasync_location_efs
Expand Down Expand Up @@ -521,7 +519,6 @@ Datasource percentage coverage 99.80
./resource.ps1 aws_prometheus_alert_manager_definition
./resource.ps1 aws_prometheus_rule_group_namespace
./resource.ps1 aws_prometheus_workspace
./resource.ps1 aws_proxy_protocol_policy
./resource.ps1 aws_qldb_ledger
./resource.ps1 aws_qldb_stream
./resource.ps1 aws_quicksight_account_subscription
Expand Down
9 changes: 9 additions & 0 deletions src/files.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1299,3 +1299,12 @@ var awsCloudwatchLogDestinationPolicy []byte

//go:embed mapping/aws/resource/logs/aws_cloudwatch_log_destination.json
var awsCloudwatchQueryDestination []byte

//go:embed mapping/aws/resource/datapipeline/aws_datapipeline_pipeline.json
var awsDatapipelinePipeline []byte

//go:embed mapping/aws/resource/datapipeline/aws_datapipeline_pipeline_definition.json
var awsDatapipelinePipelineDefinition []byte

//go:embed mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json
var awsProxyProtocolPolicy []byte
19 changes: 19 additions & 0 deletions src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
[
{
"apply": [
"datapipeline:CreatePipeline",
"datapipeline:DeletePipeline"
],
"attributes": {
"tags": [
"datapipeline:AddTags",
"datapipeline:RemoveTags"
]
},
"destroy": [
"datapipeline:DeletePipeline"
],
"modify": [],
"plan": []
}
]
14 changes: 14 additions & 0 deletions src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline_definition.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
[
{
"apply": [
"datapipeline:PutPipelineDefinition",
"datapipeline:GetPipelineDefinition"
],
"attributes": {
"tags": []
},
"destroy": [],
"modify": [],
"plan": []
}
]
62 changes: 37 additions & 25 deletions src/mapping/aws/resource/elasticloadbalancing/aws_elb.json
View file
Original file line number Diff line number Diff line change
@@ -1,26 +1,38 @@
[
{
"apply": [
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:CreateLoadBalancerListeners",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"ec2:DescribeSecurityGroups",
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:ModifyLoadBalancerAttributes",
"elasticloadbalancing:AttachLoadBalancerToSubnets"
],
"attributes": {
"tags": [
"elasticloadbalancing:AddTags",
"elasticloadbalancing:RemoveTags"
]
},
"destroy": [
"elasticloadbalancing:DeleteLoadBalancer"
],
"modify": [],
"plan": []
}
[
{
"apply": [
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:CreateLoadBalancerListeners",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"ec2:DescribeSecurityGroups",
"ec2:CreateSecurityGroup",
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:ModifyLoadBalancerAttributes",
"elasticloadbalancing:AttachLoadBalancerToSubnets",
"ec2:DescribeNetworkInterfaces",
"ec2:DetachNetworkInterface",
"ec2:DeleteNetworkInterface"
],
"attributes": {
"availability_zones": [
"elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer"
],
"security_groups": [
"elasticloadbalancing:SetSecurityGroups"
],
"tags": [
"elasticloadbalancing:AddTags",
"elasticloadbalancing:RemoveTags"
]
},
"destroy": [
"elasticloadbalancing:DeleteLoadBalancer",
"ec2:DetachNetworkInterface",
"ec2:DeleteNetworkInterface"
],
"modify": [],
"plan": []
}
]
64 changes: 38 additions & 26 deletions src/mapping/aws/resource/elasticloadbalancing/aws_lb.json
View file
Original file line number Diff line number Diff line change
@@ -1,26 +1,38 @@
[
{
"apply": [
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:ModifyLoadBalancerAttributes"
],
"attributes": {
"security_groups": [
"elasticloadbalancing:SetSecurityGroups"
],
"tags": [
"elasticloadbalancing:AddTags",
"elasticloadbalancing:RemoveTags"
]
},
"destroy": [
"elasticloadbalancing:DeleteLoadBalancer"
],
"modify": [],
"plan": []
}
]
[
{
"apply": [
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:CreateLoadBalancerListeners",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"ec2:DescribeSecurityGroups",
"ec2:CreateSecurityGroup",
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:ModifyLoadBalancerAttributes",
"elasticloadbalancing:AttachLoadBalancerToSubnets",
"ec2:DescribeNetworkInterfaces",
"ec2:DetachNetworkInterface",
"ec2:DeleteNetworkInterface"
],
"attributes": {
"availability_zones": [
"elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer"
],
"security_groups": [
"elasticloadbalancing:SetSecurityGroups"
],
"tags": [
"elasticloadbalancing:AddTags",
"elasticloadbalancing:RemoveTags"
]
},
"destroy": [
"elasticloadbalancing:DeleteLoadBalancer",
"ec2:DetachNetworkInterface",
"ec2:DeleteNetworkInterface"
],
"modify": [],
"plan": []
}
]
17 changes: 17 additions & 0 deletions src/mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
[
{
"apply": [
"elasticloadbalancing:CreateLoadBalancerPolicy",
"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer",
"elasticloadbalancing:DeleteLoadBalancerPolicy"
],
"attributes": {
"tags": []
},
"destroy": [
"elasticloadbalancing:DeleteLoadBalancerPolicy"
],
"modify": [],
"plan": []
}
]
7 changes: 7 additions & 0 deletions terraform/aws/backup/aws_datapipeline_pipeline.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
resource "aws_datapipeline_pipeline" "pike" {
name = "tf-pipeline-default"
description = "pike"
tags = {
pike = "permission"
}
}
51 changes: 51 additions & 0 deletions terraform/aws/backup/aws_datapipeline_pipeline_definition.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
resource "aws_datapipeline_pipeline_definition" "pike" {
pipeline_id = aws_datapipeline_pipeline.pike.id
pipeline_object {
id = "Default"
name = "Default"
field {
key = "workerGroup"
string_value = "workerGroup"
}
}
pipeline_object {
id = "Schedule"
name = "Schedule"
field {
key = "startDateTime"
string_value = "2012-12-12T00:00:00"
}
field {
key = "type"
string_value = "Schedule"
}
field {
key = "period"
string_value = "1 hour"
}
field {
key = "endDateTime"
string_value = "2012-12-21T18:00:00"
}
}
pipeline_object {
id = "SayHello"
name = "SayHello"
field {
key = "type"
string_value = "ShellCommandActivity"
}
field {
key = "command"
string_value = "echo hello"
}
field {
key = "parent"
string_value = "Default"
}
field {
key = "schedule"
string_value = "Schedule"
}
}
}
24 changes: 24 additions & 0 deletions terraform/aws/backup/aws_proxy_protocol_policy.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
resource "aws_elb" "lb" {
name = "test-lb"

availability_zones = ["us-east-1a"]

listener {
instance_port = 25
instance_protocol = "tcp"
lb_port = 25
lb_protocol = "tcp"
}

listener {
instance_port = 587
instance_protocol = "tcp"
lb_port = 587
lb_protocol = "tcp"
}
}

resource "aws_proxy_protocol_policy" "smtp" {
load_balancer = aws_elb.lb.name
instance_ports = ["25", "587"]
}
2 changes: 1 addition & 1 deletion terraform/aws/provider.aws.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
provider "aws" {
region = "eu-west-2"
region = "us-east-1"
profile = "basic"
}

Expand Down
78 changes: 21 additions & 57 deletions terraform/aws/role/aws_iam_policy.basic.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,64 +7,28 @@ resource "aws_iam_policy" "basic" {
"Sid" : "0",
"Effect" : "Allow",
"Action" : [
"elasticloadbalancing:AttachLoadBalancerToSubnets",
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:CreateLoadBalancerListeners",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTags",
"elasticloadbalancing:ModifyLoadBalancerAttributes",

//aws_elb
"ec2:CreateSecurityGroup",
"ec2:DescribeSecurityGroups",
"ec2:DescribeNetworkInterfaces",
"ec2:DetachNetworkInterface",
"ec2:DeleteNetworkInterface",


//aws_proxy_protocol_policy
"elasticloadbalancing:CreateLoadBalancerPolicy",
"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer",
"elasticloadbalancing:DeleteLoadBalancerPolicy",


//aws_cloudwatch_event_bus
"events:TagResource",
"events:DescribeEventBus",
"events:ListTagsForResource",
"events:DeleteEventBus",
"events:CreateEventBus",


//healthcheck
"route53:ChangeTagsForResource",
"route53:CreateHealthCheck",
"route53:DeleteHealthCheck",
"route53:GetHealthCheck",
"route53:GetHealthCheckCount",
"route53:GetHealthCheckLastFailureReason",
"route53:GetHealthCheckStatus",
"route53:ListHealthChecks",
"route53:ListTagsForResource",
"route53:ListTagsForResources",
"route53:UpdateHealthCheck",

//aws_cloudwatch_log_destination
"logs:PutDestination",
"iam:PassRole",
"logs:TagResource",
"logs:UntagResource",
"logs:ListTagsForResource",
"logs:DescribeDestinations",
"logs:DeleteDestination",

//aws_cloudwatch_log_destination_policy
"logs:PutDestinationPolicy",
"logs:GetDeliveryDestinationPolicy",

//aws_kinesis_stream_consumer
"kinesis:RegisterStreamConsumer",
"kinesis:DescribeStreamConsumer",
"kinesis:DeregisterStreamConsumer",

//kinesis
"kinesis:AddTagsToStream",
"kinesis:CreateStream",
"kinesis:DeleteStream",
"kinesis:DescribeStreamSummary",
"kinesis:EnableEnhancedMonitoring",
"kinesis:IncreaseStreamRetentionPeriod",
"kinesis:ListTagsForStream",
"kinesis:RemoveTagsFromStream",


//aws_cloudwatch_event_endpoint
"events:CreateEndpoint",
"events:DescribeEndpoint",
"events:CreateEndpoint",
"events:DeleteEndpoint",
"events:UpdateEndpoint",
],
"Resource" : "*",
}
Expand Down

0 comments on commit 58088ae

Please sign in to comment.