diff --git a/src/aws.go b/src/aws.go index 8b6d6c0c..25981d88 100644 --- a/src/aws.go +++ b/src/aws.go @@ -549,6 +549,9 @@ func AwsLookup(name string) interface{} { "aws_kinesis_stream_consumer": awsKinesisStreamConsumer, "aws_cloudwatch_log_destination_policy": awsCloudwatchLogDestinationPolicy, "aws_cloudwatch_query_definition": awsCloudwatchQueryDestination, + "aws_datapipeline_pipeline": awsDatapipelinePipeline, + "aws_datapipeline_pipeline_definition": awsDatapipelinePipelineDefinition, + "aws_proxy_protocol_policy": awsProxyProtocolPolicy, } return TFLookup[name] diff --git a/src/coverage/aws.md b/src/coverage/aws.md index 62a2beec..e66cbe68 100644 --- a/src/coverage/aws.md +++ b/src/coverage/aws.md @@ -144,8 +144,6 @@ Datasource percentage coverage 99.80 ./resource.ps1 aws_cur_report_definition ./resource.ps1 aws_dataexchange_data_set ./resource.ps1 aws_dataexchange_revision -./resource.ps1 aws_datapipeline_pipeline -./resource.ps1 aws_datapipeline_pipeline_definition ./resource.ps1 aws_datasync_agent ./resource.ps1 aws_datasync_location_azure_blob ./resource.ps1 aws_datasync_location_efs @@ -521,7 +519,6 @@ Datasource percentage coverage 99.80 ./resource.ps1 aws_prometheus_alert_manager_definition ./resource.ps1 aws_prometheus_rule_group_namespace ./resource.ps1 aws_prometheus_workspace -./resource.ps1 aws_proxy_protocol_policy ./resource.ps1 aws_qldb_ledger ./resource.ps1 aws_qldb_stream ./resource.ps1 aws_quicksight_account_subscription diff --git a/src/files.go b/src/files.go index 76f13d18..6a41e013 100644 --- a/src/files.go +++ b/src/files.go @@ -1299,3 +1299,12 @@ var awsCloudwatchLogDestinationPolicy []byte //go:embed mapping/aws/resource/logs/aws_cloudwatch_log_destination.json var awsCloudwatchQueryDestination []byte + +//go:embed mapping/aws/resource/datapipeline/aws_datapipeline_pipeline.json +var awsDatapipelinePipeline []byte + +//go:embed mapping/aws/resource/datapipeline/aws_datapipeline_pipeline_definition.json +var awsDatapipelinePipelineDefinition []byte + +//go:embed mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json +var awsProxyProtocolPolicy []byte diff --git a/src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline.json b/src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline.json new file mode 100644 index 00000000..e3d2c2be --- /dev/null +++ b/src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline.json @@ -0,0 +1,19 @@ +[ + { + "apply": [ + "datapipeline:CreatePipeline", + "datapipeline:DeletePipeline" + ], + "attributes": { + "tags": [ + "datapipeline:AddTags", + "datapipeline:RemoveTags" + ] + }, + "destroy": [ + "datapipeline:DeletePipeline" + ], + "modify": [], + "plan": [] + } +] diff --git a/src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline_definition.json b/src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline_definition.json new file mode 100644 index 00000000..e8ced3f3 --- /dev/null +++ b/src/mapping/aws/resource/datapipeline/aws_datapipeline_pipeline_definition.json @@ -0,0 +1,14 @@ +[ + { + "apply": [ + "datapipeline:PutPipelineDefinition", + "datapipeline:GetPipelineDefinition" + ], + "attributes": { + "tags": [] + }, + "destroy": [], + "modify": [], + "plan": [] + } +] diff --git a/src/mapping/aws/resource/elasticloadbalancing/aws_elb.json b/src/mapping/aws/resource/elasticloadbalancing/aws_elb.json index c44e7aa7..72fc68a8 100644 --- a/src/mapping/aws/resource/elasticloadbalancing/aws_elb.json +++ b/src/mapping/aws/resource/elasticloadbalancing/aws_elb.json @@ -1,26 +1,38 @@ -[ - { - "apply": [ - "elasticloadbalancing:CreateLoadBalancer", - "elasticloadbalancing:CreateLoadBalancerListeners", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeLoadBalancerAttributes", - "ec2:DescribeSecurityGroups", - "elasticloadbalancing:DescribeTags", - "elasticloadbalancing:DeleteLoadBalancer", - "elasticloadbalancing:ModifyLoadBalancerAttributes", - "elasticloadbalancing:AttachLoadBalancerToSubnets" - ], - "attributes": { - "tags": [ - "elasticloadbalancing:AddTags", - "elasticloadbalancing:RemoveTags" - ] - }, - "destroy": [ - "elasticloadbalancing:DeleteLoadBalancer" - ], - "modify": [], - "plan": [] - } +[ + { + "apply": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateLoadBalancerListeners", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "ec2:DescribeSecurityGroups", + "ec2:CreateSecurityGroup", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:AttachLoadBalancerToSubnets", + "ec2:DescribeNetworkInterfaces", + "ec2:DetachNetworkInterface", + "ec2:DeleteNetworkInterface" + ], + "attributes": { + "availability_zones": [ + "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer" + ], + "security_groups": [ + "elasticloadbalancing:SetSecurityGroups" + ], + "tags": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ] + }, + "destroy": [ + "elasticloadbalancing:DeleteLoadBalancer", + "ec2:DetachNetworkInterface", + "ec2:DeleteNetworkInterface" + ], + "modify": [], + "plan": [] + } ] diff --git a/src/mapping/aws/resource/elasticloadbalancing/aws_lb.json b/src/mapping/aws/resource/elasticloadbalancing/aws_lb.json index d92c641e..a63c308d 100644 --- a/src/mapping/aws/resource/elasticloadbalancing/aws_lb.json +++ b/src/mapping/aws/resource/elasticloadbalancing/aws_lb.json @@ -1,26 +1,38 @@ -[ - { - "apply": [ - "elasticloadbalancing:CreateLoadBalancer", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeLoadBalancerAttributes", - "elasticloadbalancing:DescribeTags", - "elasticloadbalancing:DeleteLoadBalancer", - "elasticloadbalancing:ModifyLoadBalancerAttributes" - ], - "attributes": { - "security_groups": [ - "elasticloadbalancing:SetSecurityGroups" - ], - "tags": [ - "elasticloadbalancing:AddTags", - "elasticloadbalancing:RemoveTags" - ] - }, - "destroy": [ - "elasticloadbalancing:DeleteLoadBalancer" - ], - "modify": [], - "plan": [] - } -] +[ + { + "apply": [ + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateLoadBalancerListeners", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "ec2:DescribeSecurityGroups", + "ec2:CreateSecurityGroup", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:ModifyLoadBalancerAttributes", + "elasticloadbalancing:AttachLoadBalancerToSubnets", + "ec2:DescribeNetworkInterfaces", + "ec2:DetachNetworkInterface", + "ec2:DeleteNetworkInterface" + ], + "attributes": { + "availability_zones": [ + "elasticloadbalancing:EnableAvailabilityZonesForLoadBalancer" + ], + "security_groups": [ + "elasticloadbalancing:SetSecurityGroups" + ], + "tags": [ + "elasticloadbalancing:AddTags", + "elasticloadbalancing:RemoveTags" + ] + }, + "destroy": [ + "elasticloadbalancing:DeleteLoadBalancer", + "ec2:DetachNetworkInterface", + "ec2:DeleteNetworkInterface" + ], + "modify": [], + "plan": [] + } +] diff --git a/src/mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json b/src/mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json new file mode 100644 index 00000000..b6bfc506 --- /dev/null +++ b/src/mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json @@ -0,0 +1,17 @@ +[ + { + "apply": [ + "elasticloadbalancing:CreateLoadBalancerPolicy", + "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", + "elasticloadbalancing:DeleteLoadBalancerPolicy" + ], + "attributes": { + "tags": [] + }, + "destroy": [ + "elasticloadbalancing:DeleteLoadBalancerPolicy" + ], + "modify": [], + "plan": [] + } +] diff --git a/terraform/aws/backup/aws_datapipeline_pipeline.tf b/terraform/aws/backup/aws_datapipeline_pipeline.tf new file mode 100644 index 00000000..97aa1faf --- /dev/null +++ b/terraform/aws/backup/aws_datapipeline_pipeline.tf @@ -0,0 +1,7 @@ +resource "aws_datapipeline_pipeline" "pike" { + name = "tf-pipeline-default" + description = "pike" + tags = { + pike = "permission" + } +} diff --git a/terraform/aws/backup/aws_datapipeline_pipeline_definition.tf b/terraform/aws/backup/aws_datapipeline_pipeline_definition.tf new file mode 100644 index 00000000..f75ed3bc --- /dev/null +++ b/terraform/aws/backup/aws_datapipeline_pipeline_definition.tf @@ -0,0 +1,51 @@ +resource "aws_datapipeline_pipeline_definition" "pike" { + pipeline_id = aws_datapipeline_pipeline.pike.id + pipeline_object { + id = "Default" + name = "Default" + field { + key = "workerGroup" + string_value = "workerGroup" + } + } + pipeline_object { + id = "Schedule" + name = "Schedule" + field { + key = "startDateTime" + string_value = "2012-12-12T00:00:00" + } + field { + key = "type" + string_value = "Schedule" + } + field { + key = "period" + string_value = "1 hour" + } + field { + key = "endDateTime" + string_value = "2012-12-21T18:00:00" + } + } + pipeline_object { + id = "SayHello" + name = "SayHello" + field { + key = "type" + string_value = "ShellCommandActivity" + } + field { + key = "command" + string_value = "echo hello" + } + field { + key = "parent" + string_value = "Default" + } + field { + key = "schedule" + string_value = "Schedule" + } + } +} diff --git a/terraform/aws/backup/aws_proxy_protocol_policy.tf b/terraform/aws/backup/aws_proxy_protocol_policy.tf new file mode 100644 index 00000000..f4f1ece3 --- /dev/null +++ b/terraform/aws/backup/aws_proxy_protocol_policy.tf @@ -0,0 +1,24 @@ +resource "aws_elb" "lb" { + name = "test-lb" + + availability_zones = ["us-east-1a"] + + listener { + instance_port = 25 + instance_protocol = "tcp" + lb_port = 25 + lb_protocol = "tcp" + } + + listener { + instance_port = 587 + instance_protocol = "tcp" + lb_port = 587 + lb_protocol = "tcp" + } +} + +resource "aws_proxy_protocol_policy" "smtp" { + load_balancer = aws_elb.lb.name + instance_ports = ["25", "587"] +} diff --git a/terraform/aws/provider.aws.tf b/terraform/aws/provider.aws.tf index 0191afb4..013c769f 100644 --- a/terraform/aws/provider.aws.tf +++ b/terraform/aws/provider.aws.tf @@ -1,5 +1,5 @@ provider "aws" { - region = "eu-west-2" + region = "us-east-1" profile = "basic" } diff --git a/terraform/aws/role/aws_iam_policy.basic.tf b/terraform/aws/role/aws_iam_policy.basic.tf index 560946e5..ea5dc876 100644 --- a/terraform/aws/role/aws_iam_policy.basic.tf +++ b/terraform/aws/role/aws_iam_policy.basic.tf @@ -7,64 +7,28 @@ resource "aws_iam_policy" "basic" { "Sid" : "0", "Effect" : "Allow", "Action" : [ + "elasticloadbalancing:AttachLoadBalancerToSubnets", + "elasticloadbalancing:CreateLoadBalancer", + "elasticloadbalancing:CreateLoadBalancerListeners", + "elasticloadbalancing:DeleteLoadBalancer", + "elasticloadbalancing:DescribeLoadBalancerAttributes", + "elasticloadbalancing:DescribeLoadBalancers", + "elasticloadbalancing:DescribeTags", + "elasticloadbalancing:ModifyLoadBalancerAttributes", + + //aws_elb + "ec2:CreateSecurityGroup", + "ec2:DescribeSecurityGroups", + "ec2:DescribeNetworkInterfaces", + "ec2:DetachNetworkInterface", + "ec2:DeleteNetworkInterface", + + + //aws_proxy_protocol_policy + "elasticloadbalancing:CreateLoadBalancerPolicy", + "elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer", + "elasticloadbalancing:DeleteLoadBalancerPolicy", - - //aws_cloudwatch_event_bus - "events:TagResource", - "events:DescribeEventBus", - "events:ListTagsForResource", - "events:DeleteEventBus", - "events:CreateEventBus", - - - //healthcheck - "route53:ChangeTagsForResource", - "route53:CreateHealthCheck", - "route53:DeleteHealthCheck", - "route53:GetHealthCheck", - "route53:GetHealthCheckCount", - "route53:GetHealthCheckLastFailureReason", - "route53:GetHealthCheckStatus", - "route53:ListHealthChecks", - "route53:ListTagsForResource", - "route53:ListTagsForResources", - "route53:UpdateHealthCheck", - - //aws_cloudwatch_log_destination - "logs:PutDestination", - "iam:PassRole", - "logs:TagResource", - "logs:UntagResource", - "logs:ListTagsForResource", - "logs:DescribeDestinations", - "logs:DeleteDestination", - - //aws_cloudwatch_log_destination_policy - "logs:PutDestinationPolicy", - "logs:GetDeliveryDestinationPolicy", - - //aws_kinesis_stream_consumer - "kinesis:RegisterStreamConsumer", - "kinesis:DescribeStreamConsumer", - "kinesis:DeregisterStreamConsumer", - - //kinesis - "kinesis:AddTagsToStream", - "kinesis:CreateStream", - "kinesis:DeleteStream", - "kinesis:DescribeStreamSummary", - "kinesis:EnableEnhancedMonitoring", - "kinesis:IncreaseStreamRetentionPeriod", - "kinesis:ListTagsForStream", - "kinesis:RemoveTagsFromStream", - - - //aws_cloudwatch_event_endpoint - "events:CreateEndpoint", - "events:DescribeEndpoint", - "events:CreateEndpoint", - "events:DeleteEndpoint", - "events:UpdateEndpoint", ], "Resource" : "*", }