new resources

src/aws.go

@@ -304,6 +304,16 @@ func GetAWSResourcePermissions(result ResourceV2) ([]string, error) {
 		"aws_lightsail_key_pair":                             awsLightsailKeyPair,
 		"aws_lightsail_static_ip":                            awsLightsailStaticIP,
 		"aws_lightsail_static_ip_attachment":                 awsLightsailStaticIPAttachment,
+		"aws_medialive_input":                                awsMedialiveInput,
+		"aws_medialive_input_security_group":                 awsMedialiveInputSecurityGroup,
+		"aws_cloudfront_origin_access_control":               awsCloudfrontOriginAccessControl,
+		"aws_msk_serverless_cluster":                         awsMskServerlessCluster,
+		"aws_route53_key_signing_key":                        awsRoute53KeySiginingKey,
+		"aws_route53_hosted_zone_dnssec":                     awsRoute53HostedZoneDnssec,
+		"aws_route53_query_log":                              awsRoute53QueryLog,
+		"aws_sagemaker_endpoint_configuration":               awsSagemakerEndpointConfiguration,
+		"aws_sagemaker_model":                                awsSagemakerModel,
+		"aws_sqs_queue_redrive_allow_policy":                 awsSqsQueueRedriveAllowPolicy,
 	}
 
 	var Permissions []string

src/aws_datasource.go

@@ -94,6 +94,13 @@ func GetAWSDataPermissions(result ResourceV2) ([]string, error) {
 		"aws_iam_user_ssh_key":                      dataAwsIamUserSSHKey,
 		"aws_iam_users":                             dataAwsIamUsers,
 		"aws_sagemaker_prebuilt_ecr_image":          placeholder,
+		"aws_ec2_managed_prefix_list":               dataAwsEc2ManagedPrefixList,
+		"aws_ec2_network_insights_analysis":         dataAwsEc2NetworkInsightsAnalysis,
+		"aws_ec2_network_insights_path":             dataAwsEc2NetworkInsightsPath,
+		"aws_ec2_transit_gateway_attachment":        dataAwsEc2TransitGatewayAttachment,
+		"aws_location_tracker_association":          dataAwsLocationTrackerAssociation,
+		"aws_location_tracker_associations":         dataAwsLocationTrackerAssociations,
+		"aws_workspaces_bundle":                     dataAwsWorkspacesBundle,
 	}
 
 	var Permissions []string

src/files.go

@@ -762,3 +762,33 @@ var awsLightsailStaticIP []byte
 
 //go:embed mapping/aws/resource/lightsail/aws_lightsail_static_ip_attachment.json
 var awsLightsailStaticIPAttachment []byte
+
+//go:embed mapping/aws/resource/medialive/aws_medialive_input.json
+var awsMedialiveInput []byte
+
+//go:embed mapping/aws/resource/medialive/aws_medialive_input_security_group.json
+var awsMedialiveInputSecurityGroup []byte
+
+//go:embed mapping/aws/resource/cloudfront/aws_cloudfront_origin_access_control.json
+var awsCloudfrontOriginAccessControl []byte
+
+//go:embed mapping/aws/resource/kafka/aws_msk_serverless_cluster.json
+var awsMskServerlessCluster []byte
+
+//go:embed mapping/aws/resource/route53/aws_route53_key_signing_key.json
+var awsRoute53KeySiginingKey []byte
+
+//go:embed mapping/aws/resource/route53/aws_route53_hosted_zone_dnssec.json
+var awsRoute53HostedZoneDnssec []byte
+
+//go:embed mapping/aws/resource/route53/aws_route53_query_log.json
+var awsRoute53QueryLog []byte
+
+//go:embed mapping/aws/resource/sagemaker/aws_sagemaker_endpoint_configuration.json
+var awsSagemakerEndpointConfiguration []byte
+
+//go:embed mapping/aws/resource/sagemaker/aws_sagemaker_model.json
+var awsSagemakerModel []byte
+
+//go:embed mapping/aws/resource/sqs/aws_sqs_queue_redrive_allow_policy.json
+var awsSqsQueueRedriveAllowPolicy []byte

src/files_datasource.go

@@ -207,3 +207,24 @@ var dataAwsIamUserSSHKey []byte
 
 //go:embed mapping/aws/data/iam/aws_iam_users.json
 var dataAwsIamUsers []byte
+
+//go:embed mapping/aws/data/ec2/aws_ec2_managed_prefix_list.json
+var dataAwsEc2ManagedPrefixList []byte
+
+//go:embed mapping/aws/data/ec2/aws_ec2_network_insights_analysis.json
+var dataAwsEc2NetworkInsightsAnalysis []byte
+
+//go:embed mapping/aws/data/ec2/aws_ec2_network_insights_path.json
+var dataAwsEc2NetworkInsightsPath []byte
+
+//go:embed mapping/aws/data/ec2/aws_ec2_transit_gateway_attachment.json
+var dataAwsEc2TransitGatewayAttachment []byte
+
+//go:embed mapping/aws/data/geo/aws_location_tracker_association.json
+var dataAwsLocationTrackerAssociation []byte
+
+//go:embed mapping/aws/data/geo/aws_location_tracker_associations.json
+var dataAwsLocationTrackerAssociations []byte
+
+//go:embed mapping/aws/data/workspaces/aws_workspaces_bundle.json
+var dataAwsWorkspacesBundle []byte

src/mapping/aws/resource/cloudfront/aws_cloudfront_origin_access_control.json

@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "cloudfront:CreateOriginAccessControl",
+      "cloudfront:GetOriginAccessControl",
+      "cloudfront:DeleteOriginAccessControl"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudfront:DeleteOriginAccessControl"
+    ],
+    "modify": [
+      "cloudfront:UpdateOriginAccessControl"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/kafka/aws_msk_serverless_cluster.json

@@ -0,0 +1,36 @@
+[
+  {
+    "apply": [
+      "Kafka:CreateClusterV2",
+      "ec2:CreateVpcEndpoint",
+      "ec2:DeleteVpcEndpoints",
+      "ec2:DescribeSecurityGroups",
+      "ec2:DescribeSubnets",
+      "ec2:DescribeVpcAttribute",
+      "ec2:DescribeVpcEndpoints",
+      "ec2:DescribeVpcs",
+      "Kafka:DescribeClusterV2",
+      "Kafka:ListTagsForResource",
+      "Kafka:DeleteCluster",
+      "ec2:DeleteVpcEndpoints",
+      "ec2:DescribeVpcAttribute",
+      "ec2:DescribeVpcEndpoints"
+    ],
+    "attributes": {
+      "tags": [
+        "ec2:CreateTags",
+        "ec2:DeleteTags",
+        "Kafka:TagResource",
+        "Kafka:UntagResource"
+      ]
+    },
+    "destroy": [
+      "Kafka:DeleteCluster",
+      "ec2:DeleteVpcEndpoints",
+      "ec2:DescribeVpcAttribute",
+      "ec2:DescribeVpcEndpoints"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/medialive/aws_medialive_input.json

@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "medialive:CreateInput",
+      "medialive:DescribeInput",
+      "medialive:UpdateInput",
+      "medialive:DeleteInput"
+    ],
+    "attributes": {
+      "tags": [
+        "medialive:CreateTags",
+        "medialive:DeleteTags"
+      ]
+    },
+    "destroy": [
+      "medialive:DeleteInput"
+    ],
+    "modify": [
+      "medialive:UpdateInput"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/medialive/aws_medialive_input_security_group.json

@@ -0,0 +1,24 @@
+[
+  {
+    "apply": [
+      "medialive:DescribeInputSecurityGroup",
+      "medialive:UpdateInputSecurityGroup",
+      "medialive:DeleteInputSecurityGroup",
+      "medialive:CreateInputSecurityGroup",
+      "medialive:ListTagsForResource"
+    ],
+    "attributes": {
+      "tags": [
+        "medialive:CreateTags",
+        "medialive:DeleteTags"
+      ]
+    },
+    "destroy": [
+      "medialive:DeleteInputSecurityGroup"
+    ],
+    "modify": [
+      "medialive:UpdateInputSecurityGroup"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/route53/aws_route53_hosted_zone_dnssec.json

@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "route53:GetChange",
+      "route53:GetDNSSEC",
+      "route53:EnableHostedZoneDNSSEC",
+      "route53:DisableHostedZoneDNSSEC"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/route53/aws_route53_key_signing_key.json

@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "route53:CreateKeySigningKey",
+      "route53:DeactivateKeySigningKey",
+      "route53:DeleteKeySigningKey"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/route53/aws_route53_query_log.json

@@ -0,0 +1,19 @@
+[
+  {
+    "apply": [
+      "ec2:DescribeAccountAttributes",
+      "route53:CreateQueryLoggingConfig",
+      "logs:DescribeResourcePolicies",
+      "logs:ListTagsLogGroup",
+      "route53:GetQueryLoggingConfig"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "route53:DeleteQueryLoggingConfig"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/sagemaker/aws_sagemaker_endpoint_configuration.json

@@ -0,0 +1,21 @@
+[
+  {
+    "apply": [
+      "ec2:DescribeAccountAttributes",
+      "sagemaker:CreateEndpointConfig",
+      "sagemaker:DescribeEndpointConfig",
+      "sagemaker:DeleteEndpointConfig"
+    ],
+    "attributes": {
+      "tags": [
+        "sagemaker:AddTags",
+        "sagemaker:DeleteTags"
+      ]
+    },
+    "destroy": [
+      "sagemaker:DeleteEndpointConfig"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]