sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

terraform format

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-06-07 12:01:30 +01:00
parent a8446b989b
commit fdb3eb6286
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
6 changed files with 387 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/github_networks.tf vendored
View file

@ -1,11 +1,11 @@
resource "aws_vpc" "Main" {
cidr_block = var.main_vpc_cidr
tags = var.instance_tags
tags = var.instance_tags
}
resource "aws_internet_gateway" "IGW" {
vpc_id = aws_vpc.Main.id
tags = {
Name = "${var.namespace}-IGW"
Name = "${var.namespace}-IGW"
}
}

2
.github/workflows/github_vars.tfvars vendored
View file

@ -3,7 +3,7 @@
// Declared in variables.tf
//
namespace = "github_actions"
namespace = "github_actions"
// Matching pair name found in AWS for keypairs PEM key
ami_key_pair_name = "github_actions"

10
.github/workflows/main.tf vendored
View file

@ -28,7 +28,7 @@ resource "aws_security_group" "github_actions" {
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
@ -44,7 +44,7 @@ resource "aws_security_group" "github_actions" {
}
tags = {
Name = "${var.namespace}-SG"
}
}
}
// instance setup
@ -57,16 +57,16 @@ resource "aws_instance" "testing_vm" {
tags = var.instance_tags
vpc_security_group_ids = [aws_security_group.github_actions.id]
root_block_device {
delete_on_termination = true
delete_on_termination = true
}
}
// generate inventory file
resource "local_file" "inventory" {
filename = "./hosts.yml"
filename = "./hosts.yml"
directory_permission = "0755"
file_permission = "0644"
content = <<EOF
content = <<EOF
# benchmark host
all:
hosts:

8
.github/workflows/terraform.tfstate vendored Normal file
View file

@ -0,0 +1,8 @@
{
"version": 4,
"terraform_version": "1.2.2",
"serial": 15,
"lineage": "826bcba6-7d74-b65e-f687-a6f4945dd69e",
"outputs": {},
"resources": []
}

370
.github/workflows/terraform.tfstate.backup vendored Normal file
View file

@ -0,0 +1,370 @@
{
"version": 4,
"terraform_version": "1.2.2",
"serial": 7,
"lineage": "826bcba6-7d74-b65e-f687-a6f4945dd69e",
"outputs": {},
"resources": [
{
"mode": "data",
"type": "aws_vpc",
"name": "default",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:817651307868:vpc/vpc-05ef27c517862c3b1",
"cidr_block": "172.31.0.0/16",
"cidr_block_associations": [
{
"association_id": "vpc-cidr-assoc-0a0f361027d9f91f3",
"cidr_block": "172.31.0.0/16",
"state": "associated"
}
],
"default": true,
"dhcp_options_id": "dopt-c5dfccbe",
"enable_dns_hostnames": true,
"enable_dns_support": true,
"filter": null,
"id": "vpc-05ef27c517862c3b1",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-0a40eb856c7d79f1d",
"owner_id": "817651307868",
"state": null,
"tags": {
"Name": "Default VPC"
}
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "aws_instance",
"name": "testing_vm",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"ami": "ami-0c41531b8d18cc72b",
"arn": "arn:aws:ec2:us-east-1:817651307868:instance/i-0d997714170ce8898",
"associate_public_ip_address": true,
"availability_zone": "us-east-1a",
"capacity_reservation_specification": [
{
"capacity_reservation_preference": "open",
"capacity_reservation_target": []
}
],
"cpu_core_count": 1,
"cpu_threads_per_core": 2,
"credit_specification": [
{
"cpu_credits": "unlimited"
}
],
"disable_api_termination": false,
"ebs_block_device": [],
"ebs_optimized": false,
"enclave_options": [
{
"enabled": false
}
],
"ephemeral_block_device": [],
"get_password_data": false,
"hibernation": false,
"host_id": null,
"iam_instance_profile": "",
"id": "i-0d997714170ce8898",
"instance_initiated_shutdown_behavior": "stop",
"instance_state": "running",
"instance_type": "t3.micro",
"ipv6_address_count": 0,
"ipv6_addresses": [],
"key_name": "github_actions",
"launch_template": [],
"maintenance_options": [
{
"auto_recovery": "default"
}
],
"metadata_options": [
{
"http_endpoint": "enabled",
"http_put_response_hop_limit": 1,
"http_tokens": "optional",
"instance_metadata_tags": "disabled"
}
],
"monitoring": false,
"network_interface": [],
"outpost_arn": "",
"password_data": "",
"placement_group": "",
"placement_partition_number": null,
"primary_network_interface_id": "eni-0417127dc77918518",
"private_dns": "ip-172-31-8-170.ec2.internal",
"private_ip": "172.31.8.170",
"public_dns": "ec2-3-238-53-150.compute-1.amazonaws.com",
"public_ip": "3.238.53.150",
"root_block_device": [
{
"delete_on_termination": true,
"device_name": "/dev/sda1",
"encrypted": false,
"iops": 100,
"kms_key_id": "",
"tags": null,
"throughput": 0,
"volume_id": "vol-0392840b878024a68",
"volume_size": 10,
"volume_type": "gp2"
}
],
"secondary_private_ips": [],
"security_groups": [
"github_actions-5eb7d7f8d9c46a1c"
],
"source_dest_check": true,
"subnet_id": "subnet-0ad8888b9fd53204f",
"tags": {
"Environment": "lockdown_github_repo_workflow",
"Name": "RHEL9-CIS"
},
"tags_all": {
"Environment": "lockdown_github_repo_workflow",
"Name": "RHEL9-CIS"
},
"tenancy": "default",
"timeouts": null,
"user_data": null,
"user_data_base64": null,
"user_data_replace_on_change": false,
"volume_tags": null,
"vpc_security_group_ids": [
"sg-054e3f94c98fc64f2"
]
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"aws_security_group.github_actions",
"data.aws_vpc.default",
"random_id.server"
]
}
]
},
{
"mode": "managed",
"type": "aws_internet_gateway",
"name": "IGW",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:817651307868:internet-gateway/igw-0ef39abda6f14481d",
"id": "igw-0ef39abda6f14481d",
"owner_id": "817651307868",
"tags": {
"Name": "github_actions-IGW"
},
"tags_all": {
"Name": "github_actions-IGW"
},
"vpc_id": "vpc-068452c798d98b17f"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_vpc.Main"
]
}
]
},
{
"mode": "managed",
"type": "aws_security_group",
"name": "github_actions",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:817651307868:security-group/sg-054e3f94c98fc64f2",
"description": "Managed by Terraform",
"egress": [
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": "",
"from_port": 0,
"ipv6_cidr_blocks": [],
"prefix_list_ids": [],
"protocol": "-1",
"security_groups": [],
"self": false,
"to_port": 0
}
],
"id": "sg-054e3f94c98fc64f2",
"ingress": [
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": "",
"from_port": 22,
"ipv6_cidr_blocks": [],
"prefix_list_ids": [],
"protocol": "tcp",
"security_groups": [],
"self": false,
"to_port": 22
},
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": "",
"from_port": 80,
"ipv6_cidr_blocks": [],
"prefix_list_ids": [],
"protocol": "tcp",
"security_groups": [],
"self": false,
"to_port": 80
}
],
"name": "github_actions-5eb7d7f8d9c46a1c",
"name_prefix": "",
"owner_id": "817651307868",
"revoke_rules_on_delete": false,
"tags": {
"Name": "github_actions-SG"
},
"tags_all": {
"Name": "github_actions-SG"
},
"timeouts": null,
"vpc_id": "vpc-05ef27c517862c3b1"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=",
"dependencies": [
"data.aws_vpc.default",
"random_id.server"
]
}
]
},
{
"mode": "managed",
"type": "aws_vpc",
"name": "Main",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:817651307868:vpc/vpc-068452c798d98b17f",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "172.22.0.0/24",
"default_network_acl_id": "acl-08a831aefd0ff6f65",
"default_route_table_id": "rtb-09ae50e860e80fb1f",
"default_security_group_id": "sg-01ff3ec71f0cd3115",
"dhcp_options_id": "dopt-c5dfccbe",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": false,
"enable_dns_support": true,
"id": "vpc-068452c798d98b17f",
"instance_tenancy": "default",
"ipv4_ipam_pool_id": null,
"ipv4_netmask_length": null,
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"ipv6_cidr_block_network_border_group": "",
"ipv6_ipam_pool_id": "",
"ipv6_netmask_length": 0,
"main_route_table_id": "rtb-09ae50e860e80fb1f",
"owner_id": "817651307868",
"tags": {
"Environment": "lockdown_github_repo_workflow",
"Name": "RHEL9-CIS"
},
"tags_all": {
"Environment": "lockdown_github_repo_workflow",
"Name": "RHEL9-CIS"
}
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="
}
]
},
{
"mode": "managed",
"type": "local_file",
"name": "inventory",
"provider": "provider[\"registry.terraform.io/hashicorp/local\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": " # benchmark host\n all:\n hosts:\n rhel9:\n ansible_host: 3.238.53.150\n ansible_user: ec2-user\n vars:\n setup_audit: true\n run_audit: true\n system_is_ec2: true\n audit_git_version: devel\n",
"content_base64": null,
"directory_permission": "0755",
"file_permission": "0644",
"filename": "./hosts.yml",
"id": "697bfe9ff397a4b5e3f46caf3c48481a3d485375",
"sensitive_content": null,
"source": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_instance.testing_vm",
"aws_security_group.github_actions",
"data.aws_vpc.default",
"random_id.server"
]
}
]
},
{
"mode": "managed",
"type": "random_id",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"b64_std": "XrfX+NnEahw=",
"b64_url": "XrfX-NnEahw",
"byte_length": 8,
"dec": "6825161224108665372",
"hex": "5eb7d7f8d9c46a1c",
"id": "XrfX-NnEahw",
"keepers": {
"ami_id": "ami-0c41531b8d18cc72b"
},
"prefix": null
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
}
]
}

2
.github/workflows/variables.tf vendored
View file

@ -29,7 +29,7 @@ variable "ami_os" {
variable "ami_id" {
description = "AMI ID reference"
type = string
type = string
}
variable "ami_username" {