new aws datasources

JamesWoolfenden · Jul 22, 2024 · 6945b4e · 6945b4e
1 parent 1e75ab0
commit 6945b4e
Show file tree

Hide file tree

Showing 18 changed files with 187 additions and 41 deletions.
diff --git a/src/aws_datasource.go b/src/aws_datasource.go
@@ -572,6 +572,13 @@ func AwsDataLookup(find string) interface{} {
 		"aws_datazone_environment_blueprint":                        dataAwsDatazoneEnvironmentBlueprint,
 		"aws_chatbot_slack_workspace":                               dataAwsChatbotSlackWorkspace,
 		"aws_ec2_capacity_block_offering":                           dataAwsEc2CapacityBlockOffering,
+		"aws_appstream_image":                                       dataAwsAppstreamImage,
+		"aws_cloudfront_origin_access_control":                      dataAwsCloudfrontOriginAccessControl,
+		"aws_cognito_user_pool":                                     dataAwsCognitoUserPool,
+		"aws_ec2_transit_gateway_peering_attachments":               dataAwsEc2TransitGatewayPeeringAttachments,
+		"aws_timestreamwrite_database":                              dataAwsTimestreamwriteDatabase,
+		"aws_timestreamwrite_table":                                 dataAwsTimestreamwriteTable,
+		"aws_transfer_connector":                                    dataAwsTransferConnector,
 	}
 
 	return TFLookup[find]

diff --git a/src/coverage/aws.md b/src/coverage/aws.md
@@ -625,10 +625,3 @@ Datasource percentage coverage 98.71
 ./resource.ps1 aws_worklink_website_certificate_authority_association
 ./resource.ps1 aws_workspaces_connection_alias
 ./resource.ps1 aws_workspaces_ip_group
-./resource.ps1 aws_appstream_image -type data
-./resource.ps1 aws_cloudfront_origin_access_control -type data
-./resource.ps1 aws_cognito_user_pool -type data
-./resource.ps1 aws_ec2_transit_gateway_peering_attachments -type data
-./resource.ps1 aws_timestreamwrite_database -type data
-./resource.ps1 aws_timestreamwrite_table -type data
-./resource.ps1 aws_transfer_connector -type data
diff --git a/src/files_datasource.go b/src/files_datasource.go
@@ -1449,3 +1449,24 @@ var dataAwsChatbotSlackWorkspace []byte
 
 //go:embed mapping/aws/data/ec2/aws_ec2_capacity_block_offering.json
 var dataAwsEc2CapacityBlockOffering []byte
+
+//go:embed mapping/aws/data/appstream/aws_appstream_image.json
+var dataAwsAppstreamImage []byte
+
+//go:embed mapping/aws/data/cloudfront/aws_cloudfront_origin_access_control.json
+var dataAwsCloudfrontOriginAccessControl []byte
+
+//go:embed mapping/aws/data/cognito-idp/aws_cognito_user_pool.json
+var dataAwsCognitoUserPool []byte
+
+//go:embed mapping/aws/data/ec2/aws_ec2_transit_gateway_peering_attachments.json
+var dataAwsEc2TransitGatewayPeeringAttachments []byte
+
+//go:embed mapping/aws/data/timestream/aws_timestreamwrite_database.json
+var dataAwsTimestreamwriteDatabase []byte
+
+//go:embed mapping/aws/data/timestream/aws_timestreamwrite_table.json
+var dataAwsTimestreamwriteTable []byte
+
+//go:embed mapping/aws/data/transfer/aws_transfer_connector.json
+var dataAwsTransferConnector []byte
diff --git a/src/mapping/aws/data/appstream/aws_appstream_image.json b/src/mapping/aws/data/appstream/aws_appstream_image.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "appstream:DescribeImages"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/cloudfront/aws_cloudfront_origin_access_control.json b/src/mapping/aws/data/cloudfront/aws_cloudfront_origin_access_control.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cloudfront:GetOriginAccessControl"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/cognito-idp/aws_cognito_user_pool.json b/src/mapping/aws/data/cognito-idp/aws_cognito_user_pool.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "cognito-idp:DescribeUserPool"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/ec2/aws_ec2_transit_gateway_peering_attachments.json b/src/mapping/aws/data/ec2/aws_ec2_transit_gateway_peering_attachments.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "ec2:DescribeTransitGatewayPeeringAttachments"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/timestream/aws_timestreamwrite_database.json b/src/mapping/aws/data/timestream/aws_timestreamwrite_database.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "timestream:DescribeDatabase",
+      "timestream:DescribeEndpoints"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/timestream/aws_timestreamwrite_table.json b/src/mapping/aws/data/timestream/aws_timestreamwrite_table.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "timestream:DescribeTable",
+      "timestream:DescribeEndpoints"
+    ]
+  }
+]
diff --git a/src/mapping/aws/data/transfer/aws_transfer_connector.json b/src/mapping/aws/data/transfer/aws_transfer_connector.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "transfer:DescribeConnector"
+    ]
+  }
+]
diff --git a/terraform/aws/backup/data.aws_appstream_image.tf b/terraform/aws/backup/data.aws_appstream_image.tf
@@ -0,0 +1,6 @@
+data "aws_appstream_image" "pike" {
+}
+
+output "aws_appstream_image" {
+  value = data.aws_appstream_image.pike
+}
diff --git a/terraform/aws/backup/data.aws_cloudfront_origin_access_control.tf b/terraform/aws/backup/data.aws_cloudfront_origin_access_control.tf
@@ -0,0 +1,7 @@
+data "aws_cloudfront_origin_access_control" "pike" {
+  id = "E2T5VTFBZJ3BJB"
+}
+
+output "aws_cloudfront_origin_access_control" {
+  value = data.aws_cloudfront_origin_access_control.pike
+}
diff --git a/terraform/aws/backup/data.aws_cognito_user_pool.tf b/terraform/aws/backup/data.aws_cognito_user_pool.tf
@@ -0,0 +1,7 @@
+data "aws_cognito_user_pool" "pike" {
+  user_pool_id = "us-west-2_aaaaaaaaa"
+}
+
+output "aws_cognito_user_pool" {
+  value = data.aws_cognito_user_pool.pike
+}
diff --git a/terraform/aws/backup/data.aws_ec2_transit_gateway_peering_attachments.tf b/terraform/aws/backup/data.aws_ec2_transit_gateway_peering_attachments.tf
@@ -0,0 +1,6 @@
+data "aws_ec2_transit_gateway_peering_attachments" "pike" {
+}
+
+output "aws_ec2_transit_gateway_peering_attachments" {
+  value = data.aws_ec2_transit_gateway_peering_attachments.pike
+}
diff --git a/terraform/aws/backup/data.aws_timestreamwrite_database.tf b/terraform/aws/backup/data.aws_timestreamwrite_database.tf
@@ -0,0 +1,8 @@
+data "aws_timestreamwrite_database" "pike" {
+  provider = aws.central
+  name     = "pike"
+}
+
+output "aws_timestreamwrite_database" {
+  value = data.aws_timestreamwrite_database.pike
+}
diff --git a/terraform/aws/backup/data.aws_timestreamwrite_table.tf b/terraform/aws/backup/data.aws_timestreamwrite_table.tf
@@ -0,0 +1,9 @@
+data "aws_timestreamwrite_table" "pike" {
+  provider      = aws.central
+  database_name = "pike"
+  name          = "pike"
+}
+
+output "aws_timestreamwrite_table" {
+  value = data.aws_timestreamwrite_table.pike
+}
diff --git a/terraform/aws/backup/data.aws_transfer_connector.tf b/terraform/aws/backup/data.aws_transfer_connector.tf
@@ -0,0 +1,7 @@
+data "aws_transfer_connector" "pike" {
+  id = "c-12345678901234567"
+}
+
+output "aws_transfer_connector" {
+  value = data.aws_transfer_connector.pike
+}
diff --git a/terraform/aws/role/aws_iam_policy.basic.tf b/terraform/aws/role/aws_iam_policy.basic.tf
@@ -7,40 +7,22 @@ resource "aws_iam_policy" "basic" {
         "Sid" : "0",
         "Effect" : "Allow",
         "Action" : [
-          //aws_dms_replication_task
-          "dms:CreateReplicationTask",
-          //aws_dms_s3_endpoint
-          "dms:CreateEndpoint",
-          "dms:DeleteEndpoint",
-          "rds:DescribeDBProxies",
-          "dms:ModifyEndpoint",
-          "iam:PassRole",
-          "rds:RemoveTagsFromResource",
-          "oam:UnTagResource",
-
-
-          "ec2:DescribeCapacityBlockOfferings",
-          "acm:ListCertificates",
-          "oam:GetLink",
-          "iam:AttachRolePolicy",
-          "ec2:DescribeSubnets",
-          "oam:UpdateLink",
-          "oam:DeleteLink",
-          "iam:DetachRolePolicy",
-
-          //aws_oam_sink_policy
-          "iam:GetRolePolicy",
-          "iam:PutRolePolicy",
-          "rds:DeleteDBInstance",
-          "kms:DescribeKey",
-          "rds:ListTagsForResource",
-          "rds:ModifyDBInstance",
-          "sns:CreateTopic",
-          "sns:DeleteTopic",
-          "secretsmanager:DescribeSecret",
-          "sns:GetTopicAttributes",
-          "sns:ListTagsForResource",
-          "sns:SetTopicAttributes"
+          //aws_transfer_connector
+          "transfer:DescribeConnector",
+          //aws_ec2_transit_gateway_peering_attachments
+          "ec2:DescribeTransitGatewayPeeringAttachments",
+          //aws_appstream_image
+          "appstream:DescribeImages",
+          //aws_cloudfront_origin_access_control
+          "cloudfront:GetOriginAccessControl",
+          //aws_cognito_user_pool
+          "cognito-idp:DescribeUserPool",
+          //aws_timestreamwrite_table, aws_timestreamwrite_database
+          "timestream:DescribeEndpoints",
+          //aws_timestreamwrite_table
+          "timestream:DescribeTable",
+          //aws_timestreamwrite_database
+          "timestream:DescribeDatabase"
         ],
         "Resource" : "*",
       }