api gateway

JamesWoolfenden · Oct 16, 2023 · 9af09f3 · 9af09f3
1 parent f51837f
commit 9af09f3
Show file tree

Hide file tree

Showing 15 changed files with 112 additions and 40 deletions.
diff --git a/src/aws.go b/src/aws.go
@@ -65,36 +65,52 @@ func GetAWSResourcePermissions(result ResourceV2) ([]string, error) {
 
 func AwsLookup(name string) interface{} {
 	TFLookup := map[string]interface{}{
-		"aws_acm_certificate":                                AWSAcmCertificate,
-		"aws_acm_certificate_validation":                     placeholder,
-		"aws_acmpca_certificate_authority":                   awsAcmpcaCertificateAuthority,
+		"aws_account_alternate_contact":                awsAccountAlternativeContact,
+		"aws_account_primary_contact":                  awsAccountPrimaryContact,
+		"aws_acm_certificate":                          AWSAcmCertificate,
+		"aws_acm_certificate_validation":               placeholder,
+		"aws_acmpca_certificate":                       awsAcmpcaCertificate,
+		"aws_acmpca_certificate_authority":             awsAcmpcaCertificateAuthority,
+		"aws_acmpca_certificate_authority_certificate": awsAcmpcaCertificateAuthorityCertificate,
 		"aws_alb":                                            awsLb,
 		"aws_alb_listener":                                   awsLbListener,
 		"aws_alb_target_group":                               awsLbTargetGroup,
 		"aws_alb_target_group_attachment":                    awsLbTargetGroupAttachment,
 		"aws_api_gateway_account":                            awsAPIGatewayAccount,
 		"aws_api_gateway_api_key":                            awsApigatewayv2Api,
 		"aws_api_gateway_authorizer":                         awsApigatewayv2Api,
+		"aws_api_gateway_base_path_mapping":                  awsApigatewayv2Api,
+		"aws_api_gateway_client_certificate":                 awsAPIGatewayRestAPI,
 		"aws_api_gateway_deployment":                         awsApigatewayv2Api,
+		"aws_api_gateway_documentation_part":                 awsApigatewayv2Api,
+		"aws_api_gateway_documentation_version":              awsApigatewayv2Api,
+		"aws_api_gateway_domain_name":                        awsApigatewayv2Api,
+		"aws_api_gateway_gateway_response":                   awsApigatewayv2Api,
 		"aws_api_gateway_integration":                        awsApigatewayv2Api,
 		"aws_api_gateway_integration_response":               awsApigatewayv2Api,
 		"aws_api_gateway_method":                             awsApigatewayv2Api,
 		"aws_api_gateway_method_response":                    awsApigatewayv2Api,
 		"aws_api_gateway_method_settings":                    awsApigatewayv2Api,
+		"aws_api_gateway_model":                              awsApigatewayv2Api,
+		"aws_api_gateway_request_validator":                  awsAPIGatewayRestAPI,
 		"aws_api_gateway_resource":                           awsApigatewayv2Api,
 		"aws_api_gateway_rest_api":                           awsAPIGatewayRestAPI,
-		"aws_api_gateway_client_certificate":                 awsAPIGatewayRestAPI,
-		"aws_api_gateway_request_validator":                  awsAPIGatewayRestAPI,
+		"aws_api_gateway_rest_api_policy":                    awsApigatewayv2Api,
 		"aws_api_gateway_stage":                              awsApigatewayv2Api,
 		"aws_api_gateway_usage_plan":                         awsApigatewayv2Api,
 		"aws_api_gateway_usage_plan_key":                     awsApigatewayv2Api,
+		"aws_api_gateway_vpc_link":                           awsApigatewayv2Api,
 		"aws_apigatewayv2_api":                               awsApigatewayv2Api,
-		"aws_apigatewayv2_route":                             awsApigatewayv2Api,
-		"aws_apigatewayv2_stage":                             awsApigatewayv2Api,
-		"aws_apigatewayv2_domain_name":                       awsApigatewayv2Api,
 		"aws_apigatewayv2_api_mapping":                       awsApigatewayv2Api,
-		"aws_apigatewayv2_integration":                       awsApigatewayv2Api,
 		"aws_apigatewayv2_authorizer":                        awsApigatewayv2Api,
+		"aws_apigatewayv2_deployment":                        awsApigatewayv2Api,
+		"aws_apigatewayv2_domain_name":                       awsApigatewayv2Api,
+		"aws_apigatewayv2_integration":                       awsApigatewayv2Api,
+		"aws_apigatewayv2_integration_response":              awsApigatewayv2Api,
+		"aws_apigatewayv2_model":                             awsApigatewayv2Api,
+		"aws_apigatewayv2_route":                             awsApigatewayv2Api,
+		"aws_apigatewayv2_route_response":                    awsApigatewayv2Api,
+		"aws_apigatewayv2_stage":                             awsApigatewayv2Api,
 		"aws_apigatewayv2_vpc_link":                          awsApigatewayv2Api,
 		"aws_appautoscaling_policy":                          awsAppautoscalingPolicy,
 		"aws_appautoscaling_scheduled_action":                awsAppautoscalingScheduledAction,
@@ -206,9 +222,9 @@ func AwsLookup(name string) interface{} {
 		"aws_docdb_event_subscription":                       awsNeptuneEventSubscription,
 		"aws_docdb_global_cluster":                           awsRdsGlobalCluster,
 		"aws_docdb_subnet_group":                             awsDbSubnetGroup,
-		"aws_dx_hosted_transit_virtual_interface_accepter":   awsDxHostedTransitVirtualInterfaceAccepter,
 		"aws_dx_gateway":                                     awsDxGateway,
 		"aws_dx_gateway_association":                         awsDxGatewayAssociation,
+		"aws_dx_hosted_transit_virtual_interface_accepter":   awsDxHostedTransitVirtualInterfaceAccepter,
 		"aws_dynamodb_contributor_insights":                  awsDynamodbContributorInsights,
 		"aws_dynamodb_global_table":                          awsDynamodbGlobalTable,
 		"aws_dynamodb_table":                                 awsDynamodbTable,
@@ -257,6 +273,8 @@ func AwsLookup(name string) interface{} {
 		"aws_elasticsearch_domain":                           awsElasticsearchDomain,
 		"aws_elasticsearch_domain_policy":                    awsElasticsearchDomainPolicy,
 		"aws_elb":                                            awsElb,
+		"aws_emr_cluster":                                    awsEmrCluster,
+		"aws_emr_security_configuration":                     awsEmrSecurityConfiguration,
 		"aws_flow_log":                                       awsFlowLog,
 		"aws_fsx_openzfs_file_system":                        awsFsxOpenzfsFileSystem,
 		"aws_fsx_openzfs_snapshot":                           awsFsxOpenzfsSnaphot,
@@ -369,6 +387,7 @@ func AwsLookup(name string) interface{} {
 		"aws_networkfirewall_firewall":                       awsNetworkfirewallFirewall,
 		"aws_networkfirewall_firewall_policy":                awsNetworkfirewallFirewallPolicy,
 		"aws_networkfirewall_logging_configuration":          awsNetworkfirewallLoggingConfiguration,
+		"aws_networkfirewall_resource_policy":                awsNetworkfirewallResourcePolicy,
 		"aws_networkfirewall_rule_group":                     awsNetworkfirewallRuleGroup,
 		"aws_opensearch_domain":                              awsElasticsearchDomain,
 		"aws_opensearch_domain_policy":                       awsElasticsearchDomainPolicy,
@@ -451,7 +470,9 @@ func AwsLookup(name string) interface{} {
 		"aws_ses_receipt_rule_set":                           awsSesReceiptRuleSet,
 		"aws_sfn_activity":                                   awsSfnActivity,
 		"aws_sfn_state_machine":                              awsSfnStateMachine,
+		"aws_sns_sms_preferences":                            awsSnsSmsPreferences,
 		"aws_sns_topic":                                      awsSnsTopic,
+		"aws_sns_topic_data_protection_policy":               awsSnsTopicDataProtection,
 		"aws_sns_topic_policy":                               awsSnsTopicPolicy,
 		"aws_sns_topic_subscription":                         awsSnsTopicSubscription,
 		"aws_spot_instance_request":                          awsSpotInstanceRequest,
@@ -466,7 +487,12 @@ func AwsLookup(name string) interface{} {
 		"aws_ssm_parameter":                                  awsSsmParameter,
 		"aws_ssm_patch_baseline":                             awsSsmPatchBaseline,
 		"aws_ssm_patch_group":                                awsSsmPatchGroup,
+		"aws_ssmcontacts_contact":                            awsSsmcontactsContact,
+		"aws_ssmcontacts_contact_channel":                    awsSsmcontactContactChannel,
+		"aws_ssmcontacts_plan":                               awsSsmcontactsPlan,
+		"aws_ssmincidents_replication_set":                   awsSsmincidentsReplicationSet,
 		"aws_subnet":                                         awsSubnet,
+		"aws_swf_domain":                                     awsSwfDomain,
 		"aws_volume_attachment":                              awsVolumeAttachment,
 		"aws_vpc":                                            awsVpc,
 		"aws_vpc_dhcp_options":                               awsVpcDhcpOptions,
@@ -489,26 +515,12 @@ func AwsLookup(name string) interface{} {
 		"aws_wafv2_web_acl":                                  awsWafv2WebACL,
 		"aws_wafv2_web_acl_association":                      awsWafv2WebACLAssociation,
 		"aws_wafv2_web_acl_logging_configuration":            awsWafv2WebACLLoggingConfiguration,
+		"aws_workspaces_directory":                           awsWorkspacesDirectory,
+		"aws_workspaces_workspace":                           awsWorkspacesWorkspace,
 		"aws_xray_encryption_config":                         awsXrayEncryptionConfig,
 		"aws_xray_group":                                     awsXrayGroup,
 		"aws_xray_sampling_rule":                             awsXraySamplingRule,
 		"backend":                                            s3backend,
-		"aws_emr_cluster":                                    awsEmrCluster,
-		"aws_emr_security_configuration":                     awsEmrSecurityConfiguration,
-		"aws_workspaces_workspace":                           awsWorkspacesWorkspace,
-		"aws_workspaces_directory":                           awsWorkspacesDirectory,
-		"aws_acmpca_certificate_authority_certificate":       awsAcmpcaCertificateAuthorityCertificate,
-		"aws_acmpca_certificate":                             awsAcmpcaCertificate,
-		"aws_networkfirewall_resource_policy":                awsNetworkfirewallResourcePolicy,
-		"aws_account_alternate_contact":                      awsAccountAlternativeContact,
-		"aws_account_primary_contact":                        awsAccountPrimaryContact,
-		"aws_sns_sms_preferences":                            awsSnsSmsPreferences,
-		"aws_sns_topic_data_protection_policy":               awsSnsTopicDataProtection,
-		"aws_ssmcontacts_contact":                            awsSsmcontactsContact,
-		"aws_ssmcontacts_contact_channel":                    awsSsmcontactContactChannel,
-		"aws_ssmcontacts_plan":                               awsSsmcontactsPlan,
-		"aws_ssmincidents_replication_set":                   awsSsmincidentsReplicationSet,
-		"aws_swf_domain":                                     awsSwfDomain,
 	}
 
 	return TFLookup[name]

diff --git a/src/coverage/aws.md b/src/coverage/aws.md
@@ -1,6 +1,6 @@
 # todo aws
 
-Resource percentage coverage   34.87
+Resource percentage coverage   35.79
 Datasource percentage coverage 97.98
 
 ./resource.ps1 aws_accessanalyzer_analyzer
@@ -16,18 +16,6 @@ Datasource percentage coverage 97.98
 ./resource.ps1 aws_amplify_branch
 ./resource.ps1 aws_amplify_domain_association
 ./resource.ps1 aws_amplify_webhook
-./resource.ps1 aws_api_gateway_base_path_mapping
-./resource.ps1 aws_api_gateway_documentation_part
-./resource.ps1 aws_api_gateway_documentation_version
-./resource.ps1 aws_api_gateway_domain_name
-./resource.ps1 aws_api_gateway_gateway_response
-./resource.ps1 aws_api_gateway_model
-./resource.ps1 aws_api_gateway_rest_api_policy
-./resource.ps1 aws_api_gateway_vpc_link
-./resource.ps1 aws_apigatewayv2_deployment
-./resource.ps1 aws_apigatewayv2_integration_response
-./resource.ps1 aws_apigatewayv2_model
-./resource.ps1 aws_apigatewayv2_route_response
 ./resource.ps1 aws_app_cookie_stickiness_policy
 ./resource.ps1 aws_appconfig_deployment
 ./resource.ps1 aws_appconfig_deployment_strategy
@@ -345,6 +333,7 @@ Datasource percentage coverage 97.98
 ./resource.ps1 aws_guardduty_member
 ./resource.ps1 aws_guardduty_organization_admin_account
 ./resource.ps1 aws_guardduty_organization_configuration
+./resource.ps1 aws_guardduty_organization_configuration_feature
 ./resource.ps1 aws_guardduty_publishing_destination
 ./resource.ps1 aws_guardduty_threatintelset
 ./resource.ps1 aws_iam_security_token_service_preferences

diff --git a/terraform/aws/backup/aws_api_gateway_base_path_mapping.tf b/terraform/aws/backup/aws_api_gateway_base_path_mapping.tf
@@ -0,0 +1,4 @@
+resource "aws_api_gateway_base_path_mapping" "pike" {
+  api_id      = ""
+  domain_name = ""
+}
diff --git a/terraform/aws/backup/aws_api_gateway_documentation_part.tf b/terraform/aws/backup/aws_api_gateway_documentation_part.tf
@@ -0,0 +1,10 @@
+resource "aws_api_gateway_documentation_part" "pike" {
+  location {
+    type   = "METHOD"
+    method = "GET"
+    path   = "/example"
+  }
+
+  properties  = "{\"description\":\"Example description\"}"
+  rest_api_id = "7n300zvss6"
+}
diff --git a/terraform/aws/backup/aws_api_gateway_documentation_version.tf b/terraform/aws/backup/aws_api_gateway_documentation_version.tf
@@ -0,0 +1,4 @@
+resource "aws_api_gateway_documentation_version" "pike" {
+  rest_api_id = ""
+  version     = ""
+}
diff --git a/terraform/aws/backup/aws_api_gateway_domain_name.tf b/terraform/aws/backup/aws_api_gateway_domain_name.tf
@@ -0,0 +1,3 @@
+resource "aws_api_gateway_domain_name" "pike" {
+  domain_name = "foo1"
+}
diff --git a/terraform/aws/backup/aws_api_gateway_gateway_response.tf b/terraform/aws/backup/aws_api_gateway_gateway_response.tf
@@ -0,0 +1,4 @@
+resource "aws_api_gateway_gateway_response" "pike" {
+  response_type = ""
+  rest_api_id   = ""
+}
diff --git a/terraform/aws/backup/aws_api_gateway_model.tf b/terraform/aws/backup/aws_api_gateway_model.tf
@@ -0,0 +1,5 @@
+resource "aws_api_gateway_model" "pike" {
+  content_type = ""
+  name         = "pike"
+  rest_api_id  = "pike"
+}
diff --git a/terraform/aws/backup/aws_api_gateway_rest_api_policy.tf b/terraform/aws/backup/aws_api_gateway_rest_api_policy.tf
@@ -0,0 +1,4 @@
+resource "aws_api_gateway_rest_api_policy" "pike" {
+  rest_api_id = "pike"
+  policy      = ""
+}
diff --git a/terraform/aws/backup/aws_api_gateway_vpc_link.tf b/terraform/aws/backup/aws_api_gateway_vpc_link.tf
@@ -0,0 +1,18 @@
+resource "aws_lb" "example" {
+  name               = "example"
+  internal           = true
+  load_balancer_type = "network"
+
+  subnet_mapping {
+    subnet_id = "subnet-0562ef1d304b968f4"
+  }
+}
+
+resource "aws_api_gateway_vpc_link" "pike" {
+  name        = "example"
+  description = "example description"
+  target_arns = [aws_lb.example.arn]
+  tags = {
+    pike = "permission"
+  }
+}
diff --git a/terraform/aws/backup/aws_apigatewayv2_deployment.tf b/terraform/aws/backup/aws_apigatewayv2_deployment.tf
@@ -0,0 +1,3 @@
+resource "aws_apigatewayv2_deployment" "pike" {
+  api_id = ""
+}
diff --git a/terraform/aws/backup/aws_apigatewayv2_integration_response.tf b/terraform/aws/backup/aws_apigatewayv2_integration_response.tf
@@ -0,0 +1,5 @@
+resource "aws_apigatewayv2_integration_response" "pike" {
+  api_id                   = ""
+  integration_id           = ""
+  integration_response_key = ""
+}
diff --git a/terraform/aws/backup/aws_apigatewayv2_model.tf b/terraform/aws/backup/aws_apigatewayv2_model.tf
@@ -0,0 +1,6 @@
+resource "aws_apigatewayv2_model" "pike" {
+  api_id       = "example"
+  content_type = "box"
+  name         = "freddy"
+  schema       = ""
+}
diff --git a/terraform/aws/backup/aws_apigatewayv2_route_response.tf b/terraform/aws/backup/aws_apigatewayv2_route_response.tf
@@ -0,0 +1,5 @@
+resource "aws_apigatewayv2_route_response" "pike" {
+  api_id             = ""
+  route_id           = ""
+  route_response_key = ""
+}
diff --git a/terraform/aws/role/aws_iam_policy.basic.tf b/terraform/aws/role/aws_iam_policy.basic.tf
@@ -8,7 +8,7 @@ resource "aws_iam_policy" "basic" {
         "Effect" : "Allow",
         "Action" : [
           //aws_ssmcontacts_plan
-          "ssm-contacts:UpdateContact",
+          "elasticloadbalancing:*",
 
         ],
         "Resource" : "*",