aws_recon 0.4.1 → 0.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws_recon/version.rb +1 -1
- data/terraform/cloudwatch.tf +1 -5
- data/terraform/ecs.tf +4 -8
- data/terraform/output.tf +3 -5
- data/terraform/s3.tf +5 -4
- data/terraform/vpc.tf +6 -10
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8166ac8e24580b32dc3bd5144571d1ba499b7d0e193ab1051c07414f1dfc444b
|
|
4
|
+
data.tar.gz: 43a7207373c94f1aef7ff94e94a62d542595ba0f246aea7ae4c945a0c143aa9f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 13f36944733b6d7c3a387243713cd77e7d2880875bbd3f02fdb2deea663c11d74857a67985e988a40a3a196e5592048219c22e8a3c6ebddc350d49e13d7ef695
|
|
7
|
+
data.tar.gz: e818d1cde999ebb9e667710af47373d10b3369d52d0c53535396745cdea4ed7040f4331c95f697658d1a1afc897926542a9ae22fdfac6dd78ae28e451ff376b5
|
data/lib/aws_recon/version.rb
CHANGED
data/terraform/cloudwatch.tf
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# https://www.terraform.io/docs/providers/aws/r/cloudwatch_event_rule.html
|
|
2
2
|
resource "aws_cloudwatch_event_rule" "default" {
|
|
3
|
-
name = "${var.aws_recon_base_name}-${random_id.
|
|
3
|
+
name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
4
4
|
description = "AWS Recon scheduled task"
|
|
5
5
|
schedule_expression = var.schedule_expression
|
|
6
6
|
}
|
|
@@ -24,7 +24,3 @@ resource "aws_cloudwatch_event_target" "default" {
|
|
|
24
24
|
}
|
|
25
25
|
}
|
|
26
26
|
}
|
|
27
|
-
|
|
28
|
-
resource "random_id" "rule" {
|
|
29
|
-
byte_length = 4
|
|
30
|
-
}
|
data/terraform/ecs.tf
CHANGED
|
@@ -1,14 +1,10 @@
|
|
|
1
1
|
resource "aws_ecs_cluster" "aws_recon" {
|
|
2
|
-
name = "${var.aws_recon_base_name}-${random_id.
|
|
2
|
+
name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
3
3
|
capacity_providers = [local.ecs_task_provider]
|
|
4
4
|
}
|
|
5
5
|
|
|
6
|
-
resource "random_id" "cluster" {
|
|
7
|
-
byte_length = 4
|
|
8
|
-
}
|
|
9
|
-
|
|
10
6
|
resource "aws_ecs_task_definition" "aws_recon_task" {
|
|
11
|
-
family = "${var.aws_recon_base_name}-${random_id.
|
|
7
|
+
family = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
12
8
|
task_role_arn = aws_iam_role.aws_recon_role.arn
|
|
13
9
|
execution_role_arn = aws_iam_role.ecs_task_execution.arn
|
|
14
10
|
requires_compatibilities = [local.ecs_task_provider]
|
|
@@ -18,7 +14,7 @@ resource "aws_ecs_task_definition" "aws_recon_task" {
|
|
|
18
14
|
|
|
19
15
|
container_definitions = jsonencode([
|
|
20
16
|
{
|
|
21
|
-
name = "${var.aws_recon_base_name}-${random_id.
|
|
17
|
+
name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
22
18
|
image = "${var.aws_recon_container_name}:${var.aws_recon_container_version}"
|
|
23
19
|
assign_public_ip = true
|
|
24
20
|
entryPoint = [
|
|
@@ -42,7 +38,7 @@ resource "aws_ecs_task_definition" "aws_recon_task" {
|
|
|
42
38
|
}
|
|
43
39
|
|
|
44
40
|
resource "aws_cloudwatch_log_group" "aws_recon" {
|
|
45
|
-
name = "/ecs/${var.aws_recon_base_name}-${random_id.
|
|
41
|
+
name = "/ecs/${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
46
42
|
retention_in_days = var.retention_period
|
|
47
43
|
}
|
|
48
44
|
|
data/terraform/output.tf
CHANGED
|
@@ -1,7 +1,3 @@
|
|
|
1
|
-
output "aws_recon_s3_bucket" {
|
|
2
|
-
value = aws_s3_bucket.aws_recon.bucket
|
|
3
|
-
}
|
|
4
|
-
|
|
5
1
|
output "aws_recon_ecs_cluster" {
|
|
6
2
|
value = aws_ecs_cluster.aws_recon.name
|
|
7
3
|
}
|
|
@@ -10,4 +6,6 @@ output "aws_recon_ecs_scheduled_task" {
|
|
|
10
6
|
value = aws_cloudwatch_event_rule.default.name
|
|
11
7
|
}
|
|
12
8
|
|
|
13
|
-
|
|
9
|
+
output "aws_recon_s3_bucket" {
|
|
10
|
+
value = aws_s3_bucket.aws_recon.bucket
|
|
11
|
+
}
|
data/terraform/s3.tf
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
resource "aws_s3_bucket" "aws_recon" {
|
|
2
|
-
bucket
|
|
3
|
-
acl
|
|
2
|
+
bucket = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}-${data.aws_iam_account_alias.current.id}"
|
|
3
|
+
acl = "private"
|
|
4
|
+
force_destroy = true
|
|
4
5
|
|
|
5
6
|
lifecycle_rule {
|
|
6
7
|
id = "expire-after-${var.retention_period}-days"
|
|
@@ -12,8 +13,8 @@ resource "aws_s3_bucket" "aws_recon" {
|
|
|
12
13
|
}
|
|
13
14
|
}
|
|
14
15
|
|
|
15
|
-
resource "random_id" "
|
|
16
|
-
byte_length =
|
|
16
|
+
resource "random_id" "aws_recon" {
|
|
17
|
+
byte_length = 6
|
|
17
18
|
}
|
|
18
19
|
|
|
19
20
|
data "aws_iam_account_alias" "current" {}
|
data/terraform/vpc.tf
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
resource "aws_vpc" "vpc" {
|
|
4
4
|
cidr_block = local.cidr_block
|
|
5
5
|
tags = {
|
|
6
|
-
Name = "${var.aws_recon_base_name}-${random_id.
|
|
6
|
+
Name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
7
7
|
}
|
|
8
8
|
}
|
|
9
9
|
|
|
@@ -15,12 +15,12 @@ resource "aws_subnet" "subnet" {
|
|
|
15
15
|
map_public_ip_on_launch = true
|
|
16
16
|
|
|
17
17
|
tags = {
|
|
18
|
-
Name = "${var.aws_recon_base_name}-${random_id.
|
|
18
|
+
Name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}-public"
|
|
19
19
|
}
|
|
20
20
|
}
|
|
21
21
|
|
|
22
22
|
resource "aws_security_group" "sg" {
|
|
23
|
-
name = "${var.aws_recon_base_name}-${random_id.
|
|
23
|
+
name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
24
24
|
description = "Allow AWS Recon collection egress"
|
|
25
25
|
vpc_id = aws_vpc.vpc.id
|
|
26
26
|
|
|
@@ -32,7 +32,7 @@ resource "aws_security_group" "sg" {
|
|
|
32
32
|
}
|
|
33
33
|
|
|
34
34
|
tags = {
|
|
35
|
-
Name = "${var.aws_recon_base_name}-${random_id.
|
|
35
|
+
Name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
36
36
|
}
|
|
37
37
|
}
|
|
38
38
|
|
|
@@ -40,7 +40,7 @@ resource "aws_internet_gateway" "igw" {
|
|
|
40
40
|
vpc_id = aws_vpc.vpc.id
|
|
41
41
|
|
|
42
42
|
tags = {
|
|
43
|
-
Name = "${var.aws_recon_base_name}-${random_id.
|
|
43
|
+
Name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
44
44
|
}
|
|
45
45
|
}
|
|
46
46
|
|
|
@@ -53,7 +53,7 @@ resource "aws_route_table" "rt" {
|
|
|
53
53
|
}
|
|
54
54
|
|
|
55
55
|
tags = {
|
|
56
|
-
Name = "${var.aws_recon_base_name}-${random_id.
|
|
56
|
+
Name = "${var.aws_recon_base_name}-${random_id.aws_recon.hex}"
|
|
57
57
|
}
|
|
58
58
|
}
|
|
59
59
|
|
|
@@ -67,10 +67,6 @@ locals {
|
|
|
67
67
|
subnet_cidr_block = cidrsubnet(local.cidr_block, 8, 0)
|
|
68
68
|
}
|
|
69
69
|
|
|
70
|
-
resource "random_id" "vpc" {
|
|
71
|
-
byte_length = 4
|
|
72
|
-
}
|
|
73
|
-
|
|
74
70
|
data "aws_region" "current" {}
|
|
75
71
|
|
|
76
72
|
data "aws_availability_zones" "available" {
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_recon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Larsen
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2021-04-
|
|
12
|
+
date: 2021-04-02 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|