emr

JamesWoolfenden · May 9, 2023 · c0a56d2 · c0a56d2
1 parent ff18013
commit c0a56d2
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 7 deletions.
diff --git a/src/aws.go b/src/aws.go
@@ -64,6 +64,8 @@ func GetAWSResourcePermissions(result ResourceV2) ([]string, error) {
 		"aws_api_gateway_usage_plan":                         awsApigatewayv2Api,
 		"aws_api_gateway_usage_plan_key":                     awsApigatewayv2Api,
 		"aws_apigatewayv2_api":                               awsApigatewayv2Api,
+		"aws_apigatewayv2_route":                             awsApigatewayv2Api,
+		"aws_apigatewayv2_stage":                             awsApigatewayv2Api,
 		"aws_appautoscaling_policy":                          awsAppautoscalingPolicy,
 		"aws_appautoscaling_scheduled_action":                awsAppautoscalingScheduledAction,
 		"aws_appautoscaling_target":                          awsAppautoscalingTarget,
@@ -100,6 +102,7 @@ func GetAWSResourcePermissions(result ResourceV2) ([]string, error) {
 		"aws_cloudfront_origin_access_control":               awsCloudfrontOriginAccessControl,
 		"aws_cloudfront_origin_access_identity":              awsCloudfrontOriginAccessIdentity,
 		"aws_cloudfront_public_key":                          awsCloudfrontPublicKey,
+		"aws_cloudfront_response_headers_policy":             awsCloudfrontResponseHeadersPolicy,
 		"aws_cloudtrail":                                     awsCloudtrail,
 		"aws_cloudwatch_composite_alarm":                     awsCloudwatchCompositeAlarm,
 		"aws_cloudwatch_dashboard":                           awsCloudwatchDashboard,
@@ -419,6 +422,8 @@ func GetAWSResourcePermissions(result ResourceV2) ([]string, error) {
 		"aws_xray_group":                                     awsXrayGroup,
 		"aws_xray_sampling_rule":                             awsXraySamplingRule,
 		"backend":                                            s3backend,
+		"aws_emr_cluster":                                    awsEmrCluster,
+		"aws_emr_security_configuration":                     awsEmrSecurityConfiguration,
 	}
 
 	var Permissions []string

diff --git a/src/files.go b/src/files.go
@@ -1047,3 +1047,12 @@ var awsDynamodbTag []byte
 
 //go:embed mapping/aws/resource/backend/s3.json
 var s3backend []byte
+
+//go:embed mapping/aws/resource/cloudfront/aws_cloudfront_response_headers_policy.json
+var awsCloudfrontResponseHeadersPolicy []byte
+
+//go:embed mapping/aws/resource/elasticmapreduce/aws_emr_cluster.json
+var awsEmrCluster []byte
+
+//go:embed mapping/aws/resource/elasticmapreduce/aws_emr_security_configuration.json
+var awsEmrSecurityConfiguration []byte
diff --git a/terraform/aws/backup/aws_apigatewayv2_api.tf b/terraform/aws/backup/aws_apigatewayv2_api.tf
@@ -2,3 +2,13 @@ resource "aws_apigatewayv2_api" "example" {
   name          = "example-http-api"
   protocol_type = "HTTP"
 }
+
+resource "aws_apigatewayv2_route" "example" {
+  api_id    = aws_apigatewayv2_api.example.id
+  route_key = "$default"
+}
+
+resource "aws_apigatewayv2_stage" "example" {
+  api_id = aws_apigatewayv2_api.example.id
+  name   = "example-stage"
+}
diff --git a/terraform/aws/role/aws_iam_policy.basic.tf b/terraform/aws/role/aws_iam_policy.basic.tf
@@ -7,8 +7,9 @@ resource "aws_iam_policy" "basic" {
         "Sid" : "0",
         "Effect" : "Allow",
         "Action" : [
-          "datapipeline:GetPipelineDefinition",
-          "datapipeline:*"
+          "elasticmapreduce:CreateSecurityConfiguration",
+          "elasticmapreduce:DescribeSecurityConfiguration",
+          "elasticmapreduce:DeleteSecurityConfiguration"
         ],
         "Resource" : "*",
       }

diff --git a/todo_aws.md b/todo_aws.md
@@ -1,15 +1,14 @@
 # todo
 
+```pwsh
 ./resource.ps1 aws_appmesh_gateway_route
 ./resource.ps1 aws_appmesh_mesh
 ./resource.ps1 aws_appmesh_route
 ./resource.ps1 aws_appmesh_virtual_gateway
 ./resource.ps1 aws_appmesh_virtual_node
 ./resource.ps1 aws_appmesh_virtual_router
 ./resource.ps1 aws_appmesh_virtual_service
-./resource.ps1 aws_appsync_datasource
-./resource.ps1 aws_appsync_graphql_api
-./resource.ps1 aws_appsync_resolver
+
 ./resource.ps1 aws_autoscaling_group_tag
 ./resource.ps1 aws_autoscaling_schedule
 ./resource.ps1 aws_budgets_budget_action
@@ -54,8 +53,6 @@
 ./resource.ps1 aws_ec2_transit_gateway_vpc_attachment_accepter
 ./resource.ps1 aws_eks_fargate_profile
 ./resource.ps1 aws_eks_identity_provider_config
-./resource.ps1 aws_emr_cluster
-./resource.ps1 aws_emr_security_configuration
 ./resource.ps1 aws_evidently_project
 ./resource.ps1 aws_grafana_license_association
 ./resource.ps1 aws_grafana_role_association
@@ -187,3 +184,42 @@
 ./resource.ps1 aws_elasticache_user -type data
 ./resource.ps1 aws_elastic_beanstalk_hosted_zone -type data
 ./resource.ps1 aws_elasticsearch_domain -type data
+```
+
+./resource.ps1 aws_appsync_api_cache
+./resource.ps1 aws_appsync_api_key
+./resource.ps1 aws_appsync_datasource
+./resource.ps1 aws_appsync_domain_name
+./resource.ps1 aws_appsync_domain_name_api_association
+./resource.ps1 aws_appsync_function
+./resource.ps1 aws_appsync_graphql_api
+./resource.ps1 aws_appsync_resolver
+./resource.ps1 aws_appsync_type
+./resource.ps1 aws_auditmanager_account_registration
+./resource.ps1 aws_auditmanager_assessment
+./resource.ps1 aws_auditmanager_assessment_delegation
+./resource.ps1 aws_auditmanager_assessment_report
+./resource.ps1 aws_auditmanager_control
+./resource.ps1 aws_auditmanager_framework
+./resource.ps1 aws_auditmanager_framework_share
+./resource.ps1 aws_auditmanager_organization_admin_account_registration
+./resource.ps1 aws_cloudwatch_log_data_protection_policy
+./resource.ps1 aws_datasync_location_object_storage
+./resource.ps1 aws_dms_s3_endpoint
+./resource.ps1 aws_ec2_instance_state
+./resource.ps1 aws_ivschat_logging_configuration
+./resource.ps1 aws_ivschat_room
+./resource.ps1 aws_lightsail_bucket
+./resource.ps1 aws_networkmanager_core_network
+./resource.ps1 aws_rds_clusters
+./resource.ps1 aws_rds_export_task
+./resource.ps1 aws_redshiftserverless_resource_policy
+./resource.ps1 aws_resourceexplorer2_index
+./resource.ps1 aws_resourceexplorer2_view
+./resource.ps1 aws_rum_metrics_destination
+./resource.ps1 aws_sagemaker_space
+./resource.ps1 aws_scheduler_schedule
+./resource.ps1 aws_sesv2_configuration_set_event_destination
+./resource.ps1 aws_ssoadmin_instance_access_control_attributes
+./resource.ps1 aws_ssoadmin_permissions_boundary_attachment
+./resource.ps1 aws_vpc_network_performance_metric_subscription