diff --git a/src/aws.go b/src/aws.go index c38d46c8..1604abf8 100644 --- a/src/aws.go +++ b/src/aws.go @@ -65,9 +65,13 @@ func GetAWSResourcePermissions(result ResourceV2) ([]string, error) { func AwsLookup(name string) interface{} { TFLookup := map[string]interface{}{ - "aws_acm_certificate": AWSAcmCertificate, - "aws_acm_certificate_validation": placeholder, - "aws_acmpca_certificate_authority": awsAcmpcaCertificateAuthority, + "aws_account_alternate_contact": awsAccountAlternativeContact, + "aws_account_primary_contact": awsAccountPrimaryContact, + "aws_acm_certificate": AWSAcmCertificate, + "aws_acm_certificate_validation": placeholder, + "aws_acmpca_certificate": awsAcmpcaCertificate, + "aws_acmpca_certificate_authority": awsAcmpcaCertificateAuthority, + "aws_acmpca_certificate_authority_certificate": awsAcmpcaCertificateAuthorityCertificate, "aws_alb": awsLb, "aws_alb_listener": awsLbListener, "aws_alb_target_group": awsLbTargetGroup, @@ -75,26 +79,38 @@ func AwsLookup(name string) interface{} { "aws_api_gateway_account": awsAPIGatewayAccount, "aws_api_gateway_api_key": awsApigatewayv2Api, "aws_api_gateway_authorizer": awsApigatewayv2Api, + "aws_api_gateway_base_path_mapping": awsApigatewayv2Api, + "aws_api_gateway_client_certificate": awsAPIGatewayRestAPI, "aws_api_gateway_deployment": awsApigatewayv2Api, + "aws_api_gateway_documentation_part": awsApigatewayv2Api, + "aws_api_gateway_documentation_version": awsApigatewayv2Api, + "aws_api_gateway_domain_name": awsApigatewayv2Api, + "aws_api_gateway_gateway_response": awsApigatewayv2Api, "aws_api_gateway_integration": awsApigatewayv2Api, "aws_api_gateway_integration_response": awsApigatewayv2Api, "aws_api_gateway_method": awsApigatewayv2Api, "aws_api_gateway_method_response": awsApigatewayv2Api, "aws_api_gateway_method_settings": awsApigatewayv2Api, + "aws_api_gateway_model": awsApigatewayv2Api, + "aws_api_gateway_request_validator": awsAPIGatewayRestAPI, "aws_api_gateway_resource": awsApigatewayv2Api, "aws_api_gateway_rest_api": awsAPIGatewayRestAPI, - "aws_api_gateway_client_certificate": awsAPIGatewayRestAPI, - "aws_api_gateway_request_validator": awsAPIGatewayRestAPI, + "aws_api_gateway_rest_api_policy": awsApigatewayv2Api, "aws_api_gateway_stage": awsApigatewayv2Api, "aws_api_gateway_usage_plan": awsApigatewayv2Api, "aws_api_gateway_usage_plan_key": awsApigatewayv2Api, + "aws_api_gateway_vpc_link": awsApigatewayv2Api, "aws_apigatewayv2_api": awsApigatewayv2Api, - "aws_apigatewayv2_route": awsApigatewayv2Api, - "aws_apigatewayv2_stage": awsApigatewayv2Api, - "aws_apigatewayv2_domain_name": awsApigatewayv2Api, "aws_apigatewayv2_api_mapping": awsApigatewayv2Api, - "aws_apigatewayv2_integration": awsApigatewayv2Api, "aws_apigatewayv2_authorizer": awsApigatewayv2Api, + "aws_apigatewayv2_deployment": awsApigatewayv2Api, + "aws_apigatewayv2_domain_name": awsApigatewayv2Api, + "aws_apigatewayv2_integration": awsApigatewayv2Api, + "aws_apigatewayv2_integration_response": awsApigatewayv2Api, + "aws_apigatewayv2_model": awsApigatewayv2Api, + "aws_apigatewayv2_route": awsApigatewayv2Api, + "aws_apigatewayv2_route_response": awsApigatewayv2Api, + "aws_apigatewayv2_stage": awsApigatewayv2Api, "aws_apigatewayv2_vpc_link": awsApigatewayv2Api, "aws_appautoscaling_policy": awsAppautoscalingPolicy, "aws_appautoscaling_scheduled_action": awsAppautoscalingScheduledAction, @@ -206,9 +222,9 @@ func AwsLookup(name string) interface{} { "aws_docdb_event_subscription": awsNeptuneEventSubscription, "aws_docdb_global_cluster": awsRdsGlobalCluster, "aws_docdb_subnet_group": awsDbSubnetGroup, - "aws_dx_hosted_transit_virtual_interface_accepter": awsDxHostedTransitVirtualInterfaceAccepter, "aws_dx_gateway": awsDxGateway, "aws_dx_gateway_association": awsDxGatewayAssociation, + "aws_dx_hosted_transit_virtual_interface_accepter": awsDxHostedTransitVirtualInterfaceAccepter, "aws_dynamodb_contributor_insights": awsDynamodbContributorInsights, "aws_dynamodb_global_table": awsDynamodbGlobalTable, "aws_dynamodb_table": awsDynamodbTable, @@ -257,6 +273,8 @@ func AwsLookup(name string) interface{} { "aws_elasticsearch_domain": awsElasticsearchDomain, "aws_elasticsearch_domain_policy": awsElasticsearchDomainPolicy, "aws_elb": awsElb, + "aws_emr_cluster": awsEmrCluster, + "aws_emr_security_configuration": awsEmrSecurityConfiguration, "aws_flow_log": awsFlowLog, "aws_fsx_openzfs_file_system": awsFsxOpenzfsFileSystem, "aws_fsx_openzfs_snapshot": awsFsxOpenzfsSnaphot, @@ -369,6 +387,7 @@ func AwsLookup(name string) interface{} { "aws_networkfirewall_firewall": awsNetworkfirewallFirewall, "aws_networkfirewall_firewall_policy": awsNetworkfirewallFirewallPolicy, "aws_networkfirewall_logging_configuration": awsNetworkfirewallLoggingConfiguration, + "aws_networkfirewall_resource_policy": awsNetworkfirewallResourcePolicy, "aws_networkfirewall_rule_group": awsNetworkfirewallRuleGroup, "aws_opensearch_domain": awsElasticsearchDomain, "aws_opensearch_domain_policy": awsElasticsearchDomainPolicy, @@ -451,7 +470,9 @@ func AwsLookup(name string) interface{} { "aws_ses_receipt_rule_set": awsSesReceiptRuleSet, "aws_sfn_activity": awsSfnActivity, "aws_sfn_state_machine": awsSfnStateMachine, + "aws_sns_sms_preferences": awsSnsSmsPreferences, "aws_sns_topic": awsSnsTopic, + "aws_sns_topic_data_protection_policy": awsSnsTopicDataProtection, "aws_sns_topic_policy": awsSnsTopicPolicy, "aws_sns_topic_subscription": awsSnsTopicSubscription, "aws_spot_instance_request": awsSpotInstanceRequest, @@ -466,7 +487,12 @@ func AwsLookup(name string) interface{} { "aws_ssm_parameter": awsSsmParameter, "aws_ssm_patch_baseline": awsSsmPatchBaseline, "aws_ssm_patch_group": awsSsmPatchGroup, + "aws_ssmcontacts_contact": awsSsmcontactsContact, + "aws_ssmcontacts_contact_channel": awsSsmcontactContactChannel, + "aws_ssmcontacts_plan": awsSsmcontactsPlan, + "aws_ssmincidents_replication_set": awsSsmincidentsReplicationSet, "aws_subnet": awsSubnet, + "aws_swf_domain": awsSwfDomain, "aws_volume_attachment": awsVolumeAttachment, "aws_vpc": awsVpc, "aws_vpc_dhcp_options": awsVpcDhcpOptions, @@ -489,26 +515,12 @@ func AwsLookup(name string) interface{} { "aws_wafv2_web_acl": awsWafv2WebACL, "aws_wafv2_web_acl_association": awsWafv2WebACLAssociation, "aws_wafv2_web_acl_logging_configuration": awsWafv2WebACLLoggingConfiguration, + "aws_workspaces_directory": awsWorkspacesDirectory, + "aws_workspaces_workspace": awsWorkspacesWorkspace, "aws_xray_encryption_config": awsXrayEncryptionConfig, "aws_xray_group": awsXrayGroup, "aws_xray_sampling_rule": awsXraySamplingRule, "backend": s3backend, - "aws_emr_cluster": awsEmrCluster, - "aws_emr_security_configuration": awsEmrSecurityConfiguration, - "aws_workspaces_workspace": awsWorkspacesWorkspace, - "aws_workspaces_directory": awsWorkspacesDirectory, - "aws_acmpca_certificate_authority_certificate": awsAcmpcaCertificateAuthorityCertificate, - "aws_acmpca_certificate": awsAcmpcaCertificate, - "aws_networkfirewall_resource_policy": awsNetworkfirewallResourcePolicy, - "aws_account_alternate_contact": awsAccountAlternativeContact, - "aws_account_primary_contact": awsAccountPrimaryContact, - "aws_sns_sms_preferences": awsSnsSmsPreferences, - "aws_sns_topic_data_protection_policy": awsSnsTopicDataProtection, - "aws_ssmcontacts_contact": awsSsmcontactsContact, - "aws_ssmcontacts_contact_channel": awsSsmcontactContactChannel, - "aws_ssmcontacts_plan": awsSsmcontactsPlan, - "aws_ssmincidents_replication_set": awsSsmincidentsReplicationSet, - "aws_swf_domain": awsSwfDomain, } return TFLookup[name] diff --git a/src/coverage/aws.md b/src/coverage/aws.md index de648255..4eab4188 100644 --- a/src/coverage/aws.md +++ b/src/coverage/aws.md @@ -1,6 +1,6 @@ # todo aws -Resource percentage coverage 34.87 +Resource percentage coverage 35.79 Datasource percentage coverage 97.98 ./resource.ps1 aws_accessanalyzer_analyzer @@ -16,18 +16,6 @@ Datasource percentage coverage 97.98 ./resource.ps1 aws_amplify_branch ./resource.ps1 aws_amplify_domain_association ./resource.ps1 aws_amplify_webhook -./resource.ps1 aws_api_gateway_base_path_mapping -./resource.ps1 aws_api_gateway_documentation_part -./resource.ps1 aws_api_gateway_documentation_version -./resource.ps1 aws_api_gateway_domain_name -./resource.ps1 aws_api_gateway_gateway_response -./resource.ps1 aws_api_gateway_model -./resource.ps1 aws_api_gateway_rest_api_policy -./resource.ps1 aws_api_gateway_vpc_link -./resource.ps1 aws_apigatewayv2_deployment -./resource.ps1 aws_apigatewayv2_integration_response -./resource.ps1 aws_apigatewayv2_model -./resource.ps1 aws_apigatewayv2_route_response ./resource.ps1 aws_app_cookie_stickiness_policy ./resource.ps1 aws_appconfig_deployment ./resource.ps1 aws_appconfig_deployment_strategy @@ -345,6 +333,7 @@ Datasource percentage coverage 97.98 ./resource.ps1 aws_guardduty_member ./resource.ps1 aws_guardduty_organization_admin_account ./resource.ps1 aws_guardduty_organization_configuration +./resource.ps1 aws_guardduty_organization_configuration_feature ./resource.ps1 aws_guardduty_publishing_destination ./resource.ps1 aws_guardduty_threatintelset ./resource.ps1 aws_iam_security_token_service_preferences diff --git a/terraform/aws/backup/aws_api_gateway_base_path_mapping.tf b/terraform/aws/backup/aws_api_gateway_base_path_mapping.tf new file mode 100644 index 00000000..fab8e602 --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_base_path_mapping.tf @@ -0,0 +1,4 @@ +resource "aws_api_gateway_base_path_mapping" "pike" { + api_id = "" + domain_name = "" +} diff --git a/terraform/aws/backup/aws_api_gateway_documentation_part.tf b/terraform/aws/backup/aws_api_gateway_documentation_part.tf new file mode 100644 index 00000000..aaedad00 --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_documentation_part.tf @@ -0,0 +1,10 @@ +resource "aws_api_gateway_documentation_part" "pike" { + location { + type = "METHOD" + method = "GET" + path = "/example" + } + + properties = "{\"description\":\"Example description\"}" + rest_api_id = "7n300zvss6" +} diff --git a/terraform/aws/backup/aws_api_gateway_documentation_version.tf b/terraform/aws/backup/aws_api_gateway_documentation_version.tf new file mode 100644 index 00000000..8579f1a3 --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_documentation_version.tf @@ -0,0 +1,4 @@ +resource "aws_api_gateway_documentation_version" "pike" { + rest_api_id = "" + version = "" +} diff --git a/terraform/aws/backup/aws_api_gateway_domain_name.tf b/terraform/aws/backup/aws_api_gateway_domain_name.tf new file mode 100644 index 00000000..fa1040b2 --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_domain_name.tf @@ -0,0 +1,3 @@ +resource "aws_api_gateway_domain_name" "pike" { + domain_name = "foo1" +} diff --git a/terraform/aws/backup/aws_api_gateway_gateway_response.tf b/terraform/aws/backup/aws_api_gateway_gateway_response.tf new file mode 100644 index 00000000..d2923639 --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_gateway_response.tf @@ -0,0 +1,4 @@ +resource "aws_api_gateway_gateway_response" "pike" { + response_type = "" + rest_api_id = "" +} diff --git a/terraform/aws/backup/aws_api_gateway_model.tf b/terraform/aws/backup/aws_api_gateway_model.tf new file mode 100644 index 00000000..86354c48 --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_model.tf @@ -0,0 +1,5 @@ +resource "aws_api_gateway_model" "pike" { + content_type = "" + name = "pike" + rest_api_id = "pike" +} diff --git a/terraform/aws/backup/aws_api_gateway_rest_api_policy.tf b/terraform/aws/backup/aws_api_gateway_rest_api_policy.tf new file mode 100644 index 00000000..ba01379d --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_rest_api_policy.tf @@ -0,0 +1,4 @@ +resource "aws_api_gateway_rest_api_policy" "pike" { + rest_api_id = "pike" + policy = "" +} diff --git a/terraform/aws/backup/aws_api_gateway_vpc_link.tf b/terraform/aws/backup/aws_api_gateway_vpc_link.tf new file mode 100644 index 00000000..cce73dcb --- /dev/null +++ b/terraform/aws/backup/aws_api_gateway_vpc_link.tf @@ -0,0 +1,18 @@ +resource "aws_lb" "example" { + name = "example" + internal = true + load_balancer_type = "network" + + subnet_mapping { + subnet_id = "subnet-0562ef1d304b968f4" + } +} + +resource "aws_api_gateway_vpc_link" "pike" { + name = "example" + description = "example description" + target_arns = [aws_lb.example.arn] + tags = { + pike = "permission" + } +} diff --git a/terraform/aws/backup/aws_apigatewayv2_deployment.tf b/terraform/aws/backup/aws_apigatewayv2_deployment.tf new file mode 100644 index 00000000..d5c84455 --- /dev/null +++ b/terraform/aws/backup/aws_apigatewayv2_deployment.tf @@ -0,0 +1,3 @@ +resource "aws_apigatewayv2_deployment" "pike" { + api_id = "" +} diff --git a/terraform/aws/backup/aws_apigatewayv2_integration_response.tf b/terraform/aws/backup/aws_apigatewayv2_integration_response.tf new file mode 100644 index 00000000..0081e091 --- /dev/null +++ b/terraform/aws/backup/aws_apigatewayv2_integration_response.tf @@ -0,0 +1,5 @@ +resource "aws_apigatewayv2_integration_response" "pike" { + api_id = "" + integration_id = "" + integration_response_key = "" +} diff --git a/terraform/aws/backup/aws_apigatewayv2_model.tf b/terraform/aws/backup/aws_apigatewayv2_model.tf new file mode 100644 index 00000000..bd407f49 --- /dev/null +++ b/terraform/aws/backup/aws_apigatewayv2_model.tf @@ -0,0 +1,6 @@ +resource "aws_apigatewayv2_model" "pike" { + api_id = "example" + content_type = "box" + name = "freddy" + schema = "" +} diff --git a/terraform/aws/backup/aws_apigatewayv2_route_response.tf b/terraform/aws/backup/aws_apigatewayv2_route_response.tf new file mode 100644 index 00000000..17c8650f --- /dev/null +++ b/terraform/aws/backup/aws_apigatewayv2_route_response.tf @@ -0,0 +1,5 @@ +resource "aws_apigatewayv2_route_response" "pike" { + api_id = "" + route_id = "" + route_response_key = "" +} diff --git a/terraform/aws/role/aws_iam_policy.basic.tf b/terraform/aws/role/aws_iam_policy.basic.tf index 856ebe58..01a92882 100644 --- a/terraform/aws/role/aws_iam_policy.basic.tf +++ b/terraform/aws/role/aws_iam_policy.basic.tf @@ -8,7 +8,7 @@ resource "aws_iam_policy" "basic" { "Effect" : "Allow", "Action" : [ //aws_ssmcontacts_plan - "ssm-contacts:UpdateContact", + "elasticloadbalancing:*", ], "Resource" : "*",