aws resource policies

src/aws.go

@@ -552,6 +552,17 @@ func AwsLookup(name string) interface{} {
 		"aws_datapipeline_pipeline":                          awsDatapipelinePipeline,
 		"aws_datapipeline_pipeline_definition":               awsDatapipelinePipelineDefinition,
 		"aws_proxy_protocol_policy":                          awsProxyProtocolPolicy,
+		"aws_app_cookie_stickiness_policy":                   awsAppCookieStickinessPolicy,
+		"aws_cloudfront_cache_policy":                        awsCloudfrontCachePolicy,
+		"aws_cloudfront_continuous_deployment_policy":        awsCloudfrontContinuousDeploymentPolicy,
+		"aws_cloudfront_origin_request_policy":               awsCloudfrontOriginRequestPolicy,
+		"aws_codebuild_report_group":                         awsCodebuildReportGroup,
+		"aws_codebuild_resource_policy":                      awsCodebuildResourcePolicy,
+		"aws_ecr_registry_policy":                            awsEcrRegistryPolicy,
+		"aws_ecr_replication_configuration":                  awsEcrReplicationConfiguration,
+		"aws_ecrpublic_repository_policy":                    awsEcrpublicRepositoryPolicy,
+		"aws_emr_managed_scaling_policy":                     awsEmrManagedScalingPolicy,
+		"aws_lb_cookie_stickiness_policy":                    awsLbCookieStickinessPolicy,
 	}
 
 	return TFLookup[name]

src/aws_datasource.go

@@ -11,7 +11,7 @@ func GetAWSDataPermissions(result ResourceV2) ([]string, error) {
 		err         error
 	)
 
-	if temp := AwsDataLoookup(result.Name); temp != nil {
+	if temp := AwsDataLookup(result.Name); temp != nil {
 		Permissions, err = GetPermissionMap(temp.([]byte), result.Attributes)
 	} else {
 		return nil, fmt.Errorf("%s not implemented", result.Name)
@@ -21,7 +21,7 @@ func GetAWSDataPermissions(result ResourceV2) ([]string, error) {
 }
 
 // nolint:funlen
-func AwsDataLoookup(find string) interface{} {
+func AwsDataLookup(find string) interface{} {
 	TFLookup := map[string]interface{}{
 		"aws_acm_certificate":                                       dataAwsAcmCertificate,
 		"aws_acmpca_certificate":                                    dataAwsAcmpcaCertificate,

src/coverage/coverage.go

@@ -30,7 +30,7 @@ func coverageAWS() error {
 	}
 
 	for _, myData := range data.DataSources {
-		if temp := pike.AwsDataLoookup(myData); temp == nil {
+		if temp := pike.AwsDataLookup(myData); temp == nil {
 			if strings.Contains(myData, "aws") {
 				missing.DataSources = append(missing.DataSources, myData)
 				target += "./resource.ps1 " + myData + " -type data\n"

src/files.go

@@ -1308,3 +1308,36 @@ var awsDatapipelinePipelineDefinition []byte
 
 //go:embed mapping/aws/resource/elasticloadbalancing/aws_proxy_protocol_policy.json
 var awsProxyProtocolPolicy []byte
+
+//go:embed mapping/aws/resource/elasticloadbalancing/aws_app_cookie_stickiness_policy.json
+var awsAppCookieStickinessPolicy []byte
+
+//go:embed mapping/aws/resource/cloudfront/aws_cloudfront_cache_policy.json
+var awsCloudfrontCachePolicy []byte
+
+//go:embed mapping/aws/resource/cloudfront/aws_cloudfront_continuous_deployment_policy.json
+var awsCloudfrontContinuousDeploymentPolicy []byte
+
+//go:embed mapping/aws/resource/cloudfront/aws_cloudfront_origin_request_policy.json
+var awsCloudfrontOriginRequestPolicy []byte
+
+//go:embed mapping/aws/resource/codebuild/aws_codebuild_report_group.json
+var awsCodebuildReportGroup []byte
+
+//go:embed mapping/aws/resource/codebuild/aws_codebuild_resource_policy.json
+var awsCodebuildResourcePolicy []byte
+
+//go:embed mapping/aws/resource/ecr/aws_ecr_registry_policy.json
+var awsEcrRegistryPolicy []byte
+
+//go:embed mapping/aws/resource/ecr/aws_ecr_replication_configuration.json
+var awsEcrReplicationConfiguration []byte
+
+//go:embed mapping/aws/resource/ecr-public/aws_ecrpublic_repository_policy.json
+var awsEcrpublicRepositoryPolicy []byte
+
+//go:embed mapping/aws/resource/elasticmapreduce/aws_emr_managed_scaling_policy.json
+var awsEmrManagedScalingPolicy []byte
+
+//go:embed mapping/aws/resource/elasticloadbalancing/aws_lb_cookie_stickiness_policy.json
+var awsLbCookieStickinessPolicy []byte

src/mapping/aws/resource/cloudfront/aws_cloudfront_cache_policy.json

@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "cloudfront:CreateCachePolicy",
+      "cloudfront:GetCachePolicy",
+      "cloudfront:DeleteCachePolicy",
+      "cloudfront:UpdateCachePolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudfront:DeleteCachePolicy"
+    ],
+    "modify": [
+      "cloudfront:UpdateCachePolicy"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/cloudfront/aws_cloudfront_continuous_deployment_policy.json

@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "cloudfront:CreateContinuousDeploymentPolicy",
+      "cloudfront:GetContinuousDeploymentPolicy",
+      "cloudfront:DeleteContinuousDeploymentPolicy",
+      "cloudfront:UpdateContinuousDeploymentPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudfront:DeleteContinuousDeploymentPolicy"
+    ],
+    "modify": [
+      "cloudfront:UpdateContinuousDeploymentPolicy"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/cloudfront/aws_cloudfront_origin_request_policy.json

@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "cloudfront:CreateOriginRequestPolicy",
+      "cloudfront:GetOriginRequestPolicy",
+      "cloudfront:DeleteOriginRequestPolicy",
+      "cloudfront:UpdateOriginRequestPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "cloudfront:DeleteOriginRequestPolicy"
+    ],
+    "modify": [
+      "cloudfront:UpdateOriginRequestPolicy"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/codebuild/aws_codebuild_report_group.json

@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "codebuild:CreateReportGroup",
+      "codebuild:BatchGetReportGroups",
+      "codebuild:DeleteReportGroup",
+      "codebuild:UpdateReportGroup"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "codebuild:DeleteReportGroup"
+    ],
+    "modify": [
+      "codebuild:UpdateReportGroup"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/codebuild/aws_codebuild_resource_policy.json

@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "codebuild:CreateReportGroup",
+      "codebuild:BatchGetReportGroups",
+      "codebuild:DeleteReportGroup",
+      "codebuild:UpdateReportGroup"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "codebuild:DeleteReportGroup"
+    ],
+    "modify": [
+      "codebuild:UpdateReportGroup"
+    ],
+    "plan": []
+  }
+]

src/mapping/aws/resource/ecr-public/aws_ecrpublic_repository_policy.json

@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "ecr-public:CreateRepository",
+      "ecr-public:DescribeRepositories",
+      "ecr-public:GetRepositoryCatalogData",
+      "ecr-public:ListTagsForResource",
+      "ecr-public:DeleteRepository"
+    ],
+    "attributes": {
+      "tags": [
+        "ecr-public:TagResource",
+        "ecr-public:UntagResource"
+      ]
+    },
+    "destroy": [
+      "ecr-public:DeleteRepository"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/ecr/aws_ecr_registry_policy.json

@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "ecr:PutRegistryPolicy",
+      "ecr:GetRegistryPolicy",
+      "ecr:DeleteRegistryPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "ecr:DeleteRegistryPolicy"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/aws_ecr_replication_configuration.json → src/mapping/aws/resource/ecr/aws_ecr_replication_configuration.json

@@ -1,6 +1,9 @@
 [
   {
-    "apply": [],
+    "apply": [
+      "ecr:PutReplicationConfiguration",
+      "ecr:DescribeRegistry"
+    ],
     "attributes": {
       "tags": []
     },

src/mapping/aws/resource/elasticloadbalancing/aws_app_cookie_stickiness_policy.json

@@ -0,0 +1,18 @@
+[
+  {
+    "apply": [
+      "elasticloadbalancing:CreateAppCookieStickinessPolicy",
+      "elasticloadbalancing:SetLoadBalancerPoliciesOfListener",
+      "elasticloadbalancing:DescribeLoadBalancerPolicies",
+      "elasticloadbalancing:DeleteLoadBalancerPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "elasticloadbalancing:DeleteLoadBalancerPolicy"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]

src/mapping/aws/resource/elasticloadbalancing/aws_lb_cookie_stickiness_policy.json

@@ -0,0 +1,18 @@
+[
+  {
+    "apply": [
+      "elasticloadbalancing:CreateAppCookieStickinessPolicy",
+      "elasticloadbalancing:SetLoadBalancerPoliciesOfListener",
+      "elasticloadbalancing:DescribeLoadBalancerPolicies",
+      "elasticloadbalancing:DeleteLoadBalancerPolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "elasticloadbalancing:DeleteLoadBalancerPolicy"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]