├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── DISCLAIMER.md ├── Dockerfile ├── LICENSE ├── README-docker.md ├── README.md ├── Stack-Resources.md ├── StackSet-Resources.md ├── Terraform-Resources.md ├── aws2tf.png ├── aws2tf.py ├── code ├── build_lists.py ├── common.py ├── fixtf.py ├── fixtf_aws_resources │ ├── arn_dict.py │ ├── aws_common.py │ ├── aws_dict.py │ ├── aws_import-exclusion.dat │ ├── aws_no_import.py │ ├── aws_not_implemented.py │ ├── aws_resources_paramval.dat │ ├── final-cf-resources.dat │ ├── fixtf_accessanalyzer.py │ ├── fixtf_acm.py │ ├── fixtf_acm_pca.py │ ├── fixtf_amp.py │ ├── fixtf_amplify.py │ ├── fixtf_apigateway.py │ ├── fixtf_apigatewayv2.py │ ├── fixtf_appconfig.py │ ├── fixtf_appflow.py │ ├── fixtf_appintegrations.py │ ├── fixtf_application_autoscaling.py │ ├── fixtf_application_insights.py │ ├── fixtf_appmesh.py │ ├── fixtf_apprunner.py │ ├── fixtf_appstream.py │ ├── fixtf_appsync.py │ ├── fixtf_athena.py │ ├── fixtf_auditmanager.py │ ├── fixtf_autoscaling.py │ ├── fixtf_autoscaling_plans.py │ ├── fixtf_backup.py │ ├── fixtf_batch.py │ ├── fixtf_bedrock.py │ ├── fixtf_bedrock_agent.py │ ├── fixtf_billingconductor.py │ ├── fixtf_budgets.py │ ├── fixtf_ce.py │ ├── fixtf_chime.py │ ├── fixtf_chime_sdk_media_pipelines.py │ ├── fixtf_chime_sdk_voice.py │ ├── fixtf_cleanrooms.py │ ├── fixtf_cloud9.py │ ├── fixtf_cloudcontrol.py │ ├── fixtf_cloudformation.py │ ├── fixtf_cloudfront.py │ ├── fixtf_cloudhsmv2.py │ ├── fixtf_cloudsearch.py │ ├── fixtf_cloudtrail.py │ ├── fixtf_codeartifact.py │ ├── fixtf_codebuild.py │ ├── fixtf_codecatalyst.py │ ├── fixtf_codecommit.py │ ├── fixtf_codedeploy.py │ ├── fixtf_codeguru_reviewer.py │ ├── fixtf_codeguruprofiler.py │ ├── fixtf_codepipeline.py │ ├── fixtf_codestar_connections.py │ ├── fixtf_codestar_notifications.py │ ├── fixtf_cognito_identity.py │ ├── fixtf_cognito_idp.py │ ├── fixtf_comprehend.py │ ├── fixtf_config.py │ ├── fixtf_connect.py │ ├── fixtf_controltower.py │ ├── fixtf_cur.py │ ├── fixtf_customer_profiles.py │ ├── fixtf_dataexchange.py │ ├── fixtf_datapipeline.py │ ├── fixtf_datasync.py │ ├── fixtf_datazone.py │ ├── fixtf_dax.py │ ├── fixtf_detective.py │ ├── fixtf_devicefarm.py │ ├── fixtf_directconnect.py │ ├── fixtf_dlm.py │ ├── fixtf_dms.py │ ├── fixtf_docdb.py │ ├── fixtf_docdb_elastic.py │ ├── fixtf_ds.py │ ├── fixtf_dynamodb.py │ ├── fixtf_ebs.py │ ├── fixtf_ec2.py │ ├── fixtf_ecr.py │ ├── fixtf_ecr_public.py │ ├── fixtf_ecs.py │ ├── fixtf_efs.py │ ├── fixtf_eks.py │ ├── fixtf_elasticache.py │ ├── fixtf_elasticbeanstalk.py │ ├── fixtf_elastictranscoder.py │ ├── fixtf_elb.py │ ├── fixtf_elbv2.py │ ├── fixtf_emr.py │ ├── fixtf_emr_containers.py │ ├── fixtf_emrserverless.py │ ├── fixtf_es.py │ ├── fixtf_events.py │ ├── fixtf_evidently.py │ ├── fixtf_finspace.py │ ├── fixtf_firehose.py │ ├── fixtf_fis.py │ ├── fixtf_fms.py │ ├── fixtf_fsx.py │ ├── fixtf_gamelift.py │ ├── fixtf_glacier.py │ ├── fixtf_globalaccelerator.py │ ├── fixtf_glue.py │ ├── fixtf_grafana.py │ ├── fixtf_guardduty.py │ ├── fixtf_iam.py │ ├── fixtf_identitystore.py │ ├── fixtf_imagebuilder.py │ ├── fixtf_inspector.py │ ├── fixtf_inspector2.py │ ├── fixtf_internetmonitor.py │ ├── fixtf_iot.py │ ├── fixtf_ivs.py │ ├── fixtf_ivschat.py │ ├── fixtf_kafka.py │ ├── fixtf_kafkaconnect.py │ ├── fixtf_kendra.py │ ├── fixtf_keyspaces.py │ ├── fixtf_kinesis.py │ ├── fixtf_kinesisanalytics.py │ ├── fixtf_kinesisanalyticsv2.py │ ├── fixtf_kinesisvideo.py │ ├── fixtf_kms.py │ ├── fixtf_lakeformation.py │ ├── fixtf_lambda.py │ ├── fixtf_lex.py │ ├── fixtf_lexv2_models.py │ ├── fixtf_license_manager.py │ ├── fixtf_lightsail.py │ ├── fixtf_location.py │ ├── fixtf_logs.py │ ├── fixtf_macie2.py │ ├── fixtf_mediaconvert.py │ ├── fixtf_medialive.py │ ├── fixtf_mediapackage.py │ ├── fixtf_mediastore.py │ ├── fixtf_memorydb.py │ ├── fixtf_mq.py │ ├── fixtf_mwaa.py │ ├── fixtf_neptune.py │ ├── fixtf_network_firewall.py │ ├── fixtf_networkmanager.py │ ├── fixtf_opensearch.py │ ├── fixtf_opsworks.py │ ├── fixtf_organizations.py │ ├── fixtf_outposts.py │ ├── fixtf_pinpoint.py │ ├── fixtf_pipes.py │ ├── fixtf_polly.py │ ├── fixtf_pricing.py │ ├── fixtf_qldb.py │ ├── fixtf_quicksight.py │ ├── fixtf_ram.py │ ├── fixtf_rds.py │ ├── fixtf_redshift.py │ ├── fixtf_redshift_data.py │ ├── fixtf_redshift_serverless.py │ ├── fixtf_resource_explorer_2.py │ ├── fixtf_resource_groups.py │ ├── fixtf_resourcegroupstaggingapi.py │ ├── fixtf_rolesanywhere.py │ ├── fixtf_route53.py │ ├── fixtf_route53_recovery_control_config.py │ ├── fixtf_route53_recovery_readiness.py │ ├── fixtf_route53domains.py │ ├── fixtf_route53resolver.py │ ├── fixtf_rum.py │ ├── fixtf_s3.py │ ├── fixtf_s3control.py │ ├── fixtf_s3outposts.py │ ├── fixtf_s3tables.py │ ├── fixtf_sagemaker.py │ ├── fixtf_scheduler.py │ ├── fixtf_schemas.py │ ├── fixtf_secretsmanager.py │ ├── fixtf_securityhub.py │ ├── fixtf_securitylake.py │ ├── fixtf_serverlessrepo.py │ ├── fixtf_servicecatalog.py │ ├── fixtf_servicediscovery.py │ ├── fixtf_servicequotas.py │ ├── fixtf_ses.py │ ├── fixtf_sesv2.py │ ├── fixtf_shield.py │ ├── fixtf_signer.py │ ├── fixtf_simpledb.py │ ├── fixtf_sns.py │ ├── fixtf_sqs.py │ ├── fixtf_ssm.py │ ├── fixtf_ssm_contacts.py │ ├── fixtf_ssm_incidents.py │ ├── fixtf_sso_admin.py │ ├── fixtf_stepfunctions.py │ ├── fixtf_storagegateway.py │ ├── fixtf_sts.py │ ├── fixtf_swf.py │ ├── fixtf_synthetics.py │ ├── fixtf_timestreamwrite.py │ ├── fixtf_transcribe.py │ ├── fixtf_transfer.py │ ├── fixtf_vpc_lattice.py │ ├── fixtf_waf.py │ ├── fixtf_waf_regional.py │ ├── fixtf_wafv2.py │ ├── fixtf_worklink.py │ ├── fixtf_workspaces.py │ ├── fixtf_xray.py │ └── needid_dict.py ├── get_aws_resources │ ├── STUB.py │ ├── aws_acm.py │ ├── aws_amplify.py │ ├── aws_apigateway.py │ ├── aws_apigatewayv2.py │ ├── aws_application_autoscaling.py │ ├── aws_appmesh.py │ ├── aws_appstream.py │ ├── aws_athena.py │ ├── aws_autoscaling.py │ ├── aws_backup.py │ ├── aws_batch.py │ ├── aws_bedrock.py │ ├── aws_bedrock_agent.py │ ├── aws_cleanrooms.py │ ├── aws_cloud9.py │ ├── aws_cloudformation.py │ ├── aws_cloudfront.py │ ├── aws_cloudtrail.py │ ├── aws_codeartifact.py │ ├── aws_codebuild.py │ ├── aws_codecommit.py │ ├── aws_codeguruprofiler.py │ ├── aws_codestar_notifications.py │ ├── aws_cognito_identity.py │ ├── aws_cognito_idp.py │ ├── aws_config.py │ ├── aws_connect.py │ ├── aws_customer_profiles.py │ ├── aws_datazone.py │ ├── aws_dms.py │ ├── aws_docdb.py │ ├── aws_ds.py │ ├── aws_dynamodb.py │ ├── aws_ec2.py │ ├── aws_ecr.py │ ├── aws_ecr_public.py │ ├── aws_ecs.py │ ├── aws_efs.py │ ├── aws_eks.py │ ├── aws_elbv2.py │ ├── aws_emr.py │ ├── aws_events.py │ ├── aws_firehose.py │ ├── aws_glue.py │ ├── aws_guardduty.py │ ├── aws_iam.py │ ├── aws_kafka.py │ ├── aws_kendra.py │ ├── aws_kinesis.py │ ├── aws_kms.py │ ├── aws_lakeformation.py │ ├── aws_lambda.py │ ├── aws_lexv2_models.py │ ├── aws_license_manager.py │ ├── aws_logs.py │ ├── aws_mwaa.py │ ├── aws_neptune.py │ ├── aws_network_firewall.py │ ├── aws_networkmanager.py │ ├── aws_organizations.py │ ├── aws_pipes.py │ ├── aws_ram.py │ ├── aws_rds.py │ ├── aws_redshift.py │ ├── aws_redshift_serverless.py │ ├── aws_resource_explorer_2.py │ ├── aws_route53.py │ ├── aws_s3.py │ ├── aws_s3control.py │ ├── aws_s3tables.py │ ├── aws_sagemaker.py │ ├── aws_scheduler.py │ ├── aws_schemas.py │ ├── aws_secretsmanager.py │ ├── aws_securityhub.py │ ├── aws_servicecatalog.py │ ├── aws_servicediscovery.py │ ├── aws_ses.py │ ├── aws_shield.py │ ├── aws_sns.py │ ├── aws_sqs.py │ ├── aws_ssm.py │ ├── aws_sso_admin.py │ ├── aws_transfer.py │ ├── aws_vpc_lattice.py │ ├── aws_waf.py │ ├── aws_wafv2.py │ └── aws_xray.py ├── globals.py ├── resources.py ├── stacks.py └── timed_interrupt.py └── requirements.txt /.gitignore: -------------------------------------------------------------------------------- 1 | ROADMAP.md 2 | aws.tf 3 | aws.tf.sav 4 | .terraform 5 | terraform.tfstate* 6 | *.txt 7 | *.tf 8 | *.bak 9 | *.out 10 | generated 11 | vpc/generated 12 | *.orig 13 | old 14 | setup-local-git.sh 15 | .sh 16 | to-aws-samples.sh 17 | *.xlsx 18 | test* 19 | *.new 20 | *.sav 21 | *.zip 22 | clean* 23 | *.xlsx 24 | quotas 25 | boto3 26 | flip-eks.sh 27 | .DS_Store 28 | *.json 29 | *.lock.hcl 30 | aws_*.tf 31 | tfplan 32 | **/tfplan 33 | __pycache__ 34 | .python/data/tfplan 35 | .python/data/*.log 36 | .python/bugs.md 37 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /DISCLAIMER.md: -------------------------------------------------------------------------------- 1 | The material embodied in this software is provided to you "as-is" and without warranty of any kind, express, implied or otherwise, including without limitation, any warranty of fitness for a particular purpose. 2 | 3 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.12.9-alpine3.21 2 | RUN apk update \ 3 | && apk add curl zip git unzip 4 | 5 | # Get Terraform 6 | ARG TF_VERSION=latest 7 | RUN set -eux \ 8 | && if [ "${TF_VERSION}" = "latest" ]; then \ 9 | VERSION="$( curl -sS https://releases.hashicorp.com/terraform/ \ 10 | | tac | tac \ 11 | | grep -Eo '/terraform/[.0-9]+/\"' \ 12 | | grep -Eo '[.0-9]+' \ 13 | | sort -V \ 14 | | tail -1 )"; \ 15 | else \ 16 | VERSION="$( curl -sS https://releases.hashicorp.com/terraform/ \ 17 | | tac | tac \ 18 | | grep -Eo "/terraform/${TF_VERSION}\.[.0-9]+/\"" \ 19 | | grep -Eo '[.0-9]+' \ 20 | | sort -V \ 21 | | tail -1 )"; \ 22 | fi \ 23 | \ 24 | # Get correct architecture 25 | && if [ "$(dpkg --print-architecture | awk -F'-' '{print $NF}' )" = "i386" ]; then\ 26 | ARCH=386; \ 27 | elif [ "$(uname -m)" = "x86_64" ]; then \ 28 | ARCH=amd64; \ 29 | elif [ "$(uname -m)" = "aarch64" ]; then \ 30 | ARCH=arm64; \ 31 | elif [ "$(uname -m)" = "armv7l" ]; then \ 32 | ARCH=arm; \ 33 | fi \ 34 | \ 35 | && curl --fail -sS -L -O \ 36 | https://releases.hashicorp.com/terraform/${VERSION}/terraform_${VERSION}_linux_${ARCH}.zip \ 37 | && unzip terraform_${VERSION}_linux_${ARCH}.zip -d /usr/bin \ 38 | && chmod +x /usr/bin/terraform \ 39 | && rm -f terraform_${VERSION}_linux_${ARCH}.zip 40 | 41 | RUN adduser -D aws2tf 42 | RUN git clone -b python https://github.com/aws-samples/aws2tf.git /aws2tf 43 | RUN chown -R aws2tf /aws2tf 44 | USER aws2tf 45 | WORKDIR /aws2tf 46 | #install dependencies 47 | RUN pip install -r requirements.txt 48 | ENV PYTHONUNBUFFERED=1 49 | # Set the entrypoint 50 | ENTRYPOINT ["python", "aws2tf.py"] 51 | CMD [] -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of 4 | this software and associated documentation files (the "Software"), to deal in 5 | the Software without restriction, including without limitation the rights to 6 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 7 | the Software, and to permit persons to whom the Software is furnished to do so. 8 | 9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 10 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 11 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 12 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 13 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 14 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 15 | 16 | -------------------------------------------------------------------------------- /aws2tf.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws2tf/97023b91071aaa4f36fe83228b84a0c42cdb8f25/aws2tf.png -------------------------------------------------------------------------------- /code/fixtf_aws_resources/arn_dict.py: -------------------------------------------------------------------------------- 1 | aws_datazone_zone = { 2 | "named": True, 3 | "rname": False, 4 | "subtype": "aws_datazone_zone" 5 | } 6 | 7 | aws_iam = { 8 | "named": True, 9 | "rname": False, 10 | "subtype": "aws_iam_role" 11 | } 12 | 13 | aws_arns = { 14 | "arn:aws:datazone": aws_datazone_zone, 15 | "arn:aws:iam": aws_iam 16 | } 17 | 18 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/aws_import-exclusion.dat: -------------------------------------------------------------------------------- 1 | aws_appconfig_extension = { 2 | "clfn": "appconfig", 3 | "descfn": "list_extensions", 4 | "topkey": "Items", 5 | "key": "Id", 6 | "filterid": "Id" 7 | } 8 | # problem with import id - not is list output 9 | "aws_appconfig_extension": aws_appconfig_extension, 10 | 11 | aws_network_interface = { 12 | "clfn": "ec2", 13 | "descfn": "describe_network_interfaces", 14 | "topkey": "NetworkInterfaces", 15 | "key": "NetworkInterfaceId", 16 | "filterid": "NetworkInterfaceId" 17 | } 18 | 19 | "aws_network_interface": aws_network_interface, 20 | 21 | aws_default_subnet = { 22 | "clfn": "ec2", 23 | "descfn": "describe_subnets", 24 | "topkey": "Subnets", 25 | "key": "SubnetId", 26 | "filterid": "SubnetId" 27 | } 28 | 29 | "aws_default_subnet": aws_default_subnet, 30 | 31 | 32 | aws_default_vpc = { 33 | "clfn": "ec2", 34 | "descfn": "describe_vpcs", 35 | "topkey": "Vpcs", 36 | "key": "VpcId", 37 | "filterid": "KeyError" 38 | } 39 | 40 | "aws_default_vpc": aws_default_vpc, -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_accessanalyzer.py: -------------------------------------------------------------------------------- 1 | def aws_accessanalyzer_analyzer(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_accessanalyzer_archive_rule(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_acm.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_acm_certificate_validation(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_acm_certificate(t1,tt1,tt2,skipipv6,flag2): 9 | skip = 0 10 | if tt1 == "validation_method": 11 | 12 | if tt2 == "NONE": skip=1 13 | 14 | 15 | return skip,t1,skipipv6,flag2 -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_acm_pca.py: -------------------------------------------------------------------------------- 1 | def aws_acmpca_certificate(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_acmpca_certificate_authority(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1 == "expiration_in_days": 8 | 9 | if tt2 == "0": skip=1 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_acmpca_certificate_authority_certificate(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_acmpca_permission(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_acmpca_policy(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_amp.py: -------------------------------------------------------------------------------- 1 | def aws_prometheus_alert_manager_definition(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_prometheus_rule_group_namespace(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_prometheus_workspace(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_amplify.py: -------------------------------------------------------------------------------- 1 | def aws_amplify_app(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_amplify_backend_environment(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_amplify_branch(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | if tt1=="app_id" and tt2 != "null": 12 | t1 = tt1+" = aws_amplify_app."+tt2+".id\n" 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_amplify_domain_association(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_amplify_webhook(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_apigatewayv2.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | import base64 4 | import boto3 5 | import sys 6 | import os 7 | import globals 8 | import inspect 9 | 10 | 11 | def aws_apigatewayv2_api(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_apigatewayv2_api_mapping(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_apigatewayv2_authorizer(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_apigatewayv2_deployment(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | return skip,t1,flag1,flag2 26 | 27 | def aws_apigatewayv2_domain_name(t1,tt1,tt2,flag1,flag2): 28 | skip=0 29 | return skip,t1,flag1,flag2 30 | 31 | def aws_apigatewayv2_integration(t1,tt1,tt2,flag1,flag2): 32 | skip=0 33 | if tt1=="payload_format_version": 34 | if "1" in tt2: 35 | t1=tt1+" = \"1.0\"\n" 36 | elif "2" in tt2: 37 | t1=tt1+" = \"2.0\"\n" 38 | return skip,t1,flag1,flag2 39 | 40 | def aws_apigatewayv2_integration_response(t1,tt1,tt2,flag1,flag2): 41 | skip=0 42 | return skip,t1,flag1,flag2 43 | 44 | def aws_apigatewayv2_model(t1,tt1,tt2,flag1,flag2): 45 | skip=0 46 | return skip,t1,flag1,flag2 47 | 48 | def aws_apigatewayv2_route(t1,tt1,tt2,flag1,flag2): 49 | skip=0 50 | try: 51 | if tt1 == "authorizer_id" and tt2 != "null": 52 | t1=tt1+" = aws_apigatewayv2_authorizer."+globals.api_id+"_"+tt2+".id\n" 53 | 54 | except Exception as e: 55 | common.handle_error2(e,str(inspect.currentframe().f_code.co_name),id) 56 | return skip,t1,flag1,flag2 57 | 58 | def aws_apigatewayv2_route_response(t1,tt1,tt2,flag1,flag2): 59 | skip=0 60 | return skip,t1,flag1,flag2 61 | 62 | def aws_apigatewayv2_stage(t1,tt1,tt2,flag1,flag2): 63 | skip=0 64 | try: 65 | ### FIX THIS 66 | if tt1 == "deployment_id" and tt2 != "null": 67 | t1=tt1+" = aws_apigatewayv2_deployment."+globals.api_id+"_"+tt2+".id\n" 68 | except Exception as e: 69 | common.handle_error2(e,str(inspect.currentframe().f_code.co_name),id) 70 | return skip,t1,flag1,flag2 71 | 72 | def aws_apigatewayv2_vpc_link(t1,tt1,tt2,flag1,flag2): 73 | skip=0 74 | return skip,t1,flag1,flag2 75 | 76 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_appconfig.py: -------------------------------------------------------------------------------- 1 | def aws_appconfig_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_appconfig_configuration_profile(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_appconfig_deployment(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_appconfig_deployment_strategy(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_appconfig_environment(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_appconfig_extension(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_appconfig_extension_association(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_appconfig_hosted_configuration_version(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_appflow.py: -------------------------------------------------------------------------------- 1 | def aws_appflow_connector_profile(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_appflow_flow(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_appintegrations.py: -------------------------------------------------------------------------------- 1 | def aws_appintegrations_data_integration(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_appintegrations_event_integration(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_application_autoscaling.py: -------------------------------------------------------------------------------- 1 | import fixtf 2 | import common 3 | 4 | def aws_appautoscaling_policy(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_appautoscaling_scheduled_action(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_appautoscaling_target(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_application_insights.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_applicationinsights_application(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_appmesh.py: -------------------------------------------------------------------------------- 1 | import common 2 | import globals 3 | 4 | 5 | 6 | def aws_appmesh_mesh(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | # deps aws_appmesh_virtual_service, aws_appmesh_virtual_router, aws_appmesh_virtual_node, aws_appmesh_virtual_gateway 9 | if tt1=="name" and tt2 != "null": 10 | common.add_dependancy("aws_appmesh_virtual_service",tt2) 11 | common.add_dependancy("aws_appmesh_virtual_router",tt2) 12 | common.add_dependancy("aws_appmesh_virtual_node",tt2) 13 | common.add_dependancy("aws_appmesh_virtual_gateway",tt2) 14 | 15 | 16 | return skip,t1,flag1,flag2 17 | 18 | def aws_appmesh_route(t1,tt1,tt2,flag1,flag2): 19 | skip=0 20 | return skip,t1,flag1,flag2 21 | 22 | def aws_appmesh_virtual_gateway(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | if tt1=="mesh_name" and tt2 != "null": 25 | t1=tt1+" = aws_appmesh_mesh."+tt2+".id\n" 26 | #elif tt1=="name" and tt2 != "null": 27 | # common.add_dependancy(aws_appmesh_gateway_route,tt2) 28 | 29 | 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_appmesh_gateway_route(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | if tt1=="port": 35 | if tt2=="0": skip=1 36 | return skip,t1,flag1,flag2 37 | 38 | def aws_appmesh_virtual_node(t1,tt1,tt2,flag1,flag2): 39 | skip=0 40 | if tt1=="mesh_name" and tt2 != "null": 41 | t1=tt1+" = aws_appmesh_mesh."+tt2+".id\n" 42 | return skip,t1,flag1,flag2 43 | 44 | def aws_appmesh_virtual_router(t1,tt1,tt2,flag1,flag2): 45 | skip=0 46 | if tt1=="mesh_name" and tt2 != "null": 47 | t1=tt1+" = aws_appmesh_mesh."+tt2+".id\n" 48 | return skip,t1,flag1,flag2 49 | 50 | def aws_appmesh_virtual_service(t1,tt1,tt2,flag1,flag2): 51 | skip=0 52 | if tt1=="mesh_name" and tt2 != "null": 53 | t1=tt1+" = aws_appmesh_mesh."+tt2+".id\n" 54 | globals.meshname=tt2 55 | if tt1=="virtual_node_name" and tt2 != "null": 56 | t1=tt1+" = aws_appmesh_virtual_node."+globals.meshname+"_"+tt2+".name\n" 57 | 58 | if tt1=="virtual_router_name" and tt2 != "null": 59 | t1=tt1+" = aws_appmesh_virtual_router."+globals.meshname+"_"+tt2+".name\n" 60 | 61 | return skip,t1,flag1,flag2 62 | 63 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_apprunner.py: -------------------------------------------------------------------------------- 1 | import globals 2 | def aws_apprunner_auto_scaling_configuration_version(t1,tt1,tt2,flag1,flag2): 3 | skip=0 4 | return skip,t1,flag1,flag2 5 | 6 | def aws_apprunner_connection(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | return skip,t1,flag1,flag2 9 | 10 | def aws_apprunner_custom_domain_association(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | return skip,t1,flag1,flag2 13 | 14 | def aws_apprunner_default_auto_scaling_configuration_version(t1,tt1,tt2,flag1,flag2): 15 | skip=0 16 | return skip,t1,flag1,flag2 17 | 18 | def aws_apprunner_observability_configuration(t1,tt1,tt2,flag1,flag2): 19 | skip=0 20 | return skip,t1,flag1,flag2 21 | 22 | def aws_apprunner_service(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | if tt1=="auto_scaling_configuration_arn": 25 | if "autoscalingconfiguration/DefaultConfiguration/1" in tt2: skip=1 26 | if tt1=="image_identifier": 27 | print(tt2) 28 | if tt2.startswith(globals.acc) and globals.region in tt2: 29 | backend=tt2.split("/")[-1] 30 | t1=tt1 + " = format(\"%s.dkr.ecr.%s.amazonaws.com/%s\",data.aws_caller_identity.current.account_id,data.aws_region.current.name,\""+backend+"\")\n" 31 | 32 | return skip,t1,flag1,flag2 33 | 34 | def aws_apprunner_vpc_connector(t1,tt1,tt2,flag1,flag2): 35 | skip=0 36 | return skip,t1,flag1,flag2 37 | 38 | def aws_apprunner_vpc_ingress_connection(t1,tt1,tt2,flag1,flag2): 39 | skip=0 40 | return skip,t1,flag1,flag2 41 | 42 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_appstream.py: -------------------------------------------------------------------------------- 1 | def aws_appstream_directory_config(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_appstream_fleet(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1=="desired_sessions" and tt2=="0": skip=1 8 | if tt1=="desired_instancess" and tt2=="0": skip=1 9 | 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_appstream_fleet_stack_association(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_appstream_image_builder(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_appstream_stack(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | if tt1=="embed_host_domains" and tt2=="[]": skip=1 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_appstream_user(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | if tt1=="send_email_notification" and tt2=="null": 28 | t1=tt1+" = true\n" 29 | t1=t1+"\nlifecycle {\n" + " ignore_changes = [send_email_notification]\n" + "}\n" 30 | 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_appstream_user_stack_association(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_appsync.py: -------------------------------------------------------------------------------- 1 | def aws_appsync_api_cache(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_appsync_api_key(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_appsync_datasource(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_appsync_domain_name(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_appsync_domain_name_api_association(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_appsync_function(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_appsync_graphql_api(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_appsync_resolver(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_appsync_type(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_athena.py: -------------------------------------------------------------------------------- 1 | import common 2 | import globals 3 | 4 | def aws_athena_data_catalog(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_athena_database(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_athena_named_query(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | if tt1 == "database" and tt2 != "null": 16 | if "-" not in tt2: 17 | t1 = tt1 + " = aws_athena_database." + tt2 + ".name\n" 18 | common.add_dependancy("aws_athena_database", tt2) 19 | else: 20 | print("WARNING: aws_athena_named_query database name has a dash in it", tt2) 21 | elif tt1 == "workgroup" and tt2 != "null": 22 | t1 = tt1 + " = aws_athena_workgroup." + tt2 + ".name\n" 23 | common.add_dependancy("aws_athena_workgroup", tt2) 24 | 25 | 26 | return skip,t1,flag1,flag2 27 | 28 | def aws_athena_prepared_statement(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_athena_workgroup(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | return skip,t1,flag1,flag2 35 | 36 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_auditmanager.py: -------------------------------------------------------------------------------- 1 | def aws_auditmanager_account_registration(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_auditmanager_assessment(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_auditmanager_assessment_delegation(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_auditmanager_assessment_report(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_auditmanager_control(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_auditmanager_framework(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_auditmanager_framework_share(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_auditmanager_organization_admin_account_registration(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_autoscaling_plans.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_autoscalingplans_scaling_plan(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_backup.py: -------------------------------------------------------------------------------- 1 | def aws_backup_framework(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_backup_global_settings(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_backup_plan(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_backup_region_settings(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_backup_report_plan(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_backup_selection(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_backup_vault(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_backup_vault_lock_configuration(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_backup_vault_notifications(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_backup_vault_policy(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_batch.py: -------------------------------------------------------------------------------- 1 | def aws_batch_compute_environment(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_batch_job_definition(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1=="deregister_on_new_revision" and tt2=="null": 8 | t1=tt1+" = true\n" 9 | t1=t1+"\n lifecycle {\n ignore_changes = [deregister_on_new_revision]\n}\n" 10 | 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_batch_job_queue(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_batch_scheduling_policy(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_bedrock.py: -------------------------------------------------------------------------------- 1 | def aws_bedrock_model_invocation_logging_configuration(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_bedrock_guardrail(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_bedrock_agent.py: -------------------------------------------------------------------------------- 1 | #aws_bedrockagent_agent 2 | def aws_bedrockagent_agent(t1,tt1,tt2,flag1,flag2): 3 | skip=0 4 | if tt1=="skip_resource_in_use_check" and tt2=="null": 5 | t1 = tt1+" = false\n" 6 | elif tt1=="agent_name": 7 | t1 = t1 + "\n lifecycle {\n ignore_changes = [skip_resource_in_use_check]\n}\n" 8 | 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_bedrockagent_knowledge_base(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_bedrockagent_agent_knowledge_base_association(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | if tt1=="agent_id" and tt2 != "null": 18 | t1 = tt1+" = aws_bedrockagent_agent.r-"+tt2+".id\n" 19 | elif tt1=="knowledge_base_id" and tt2 != "null": 20 | t1 = tt1+" = aws_bedrockagent_knowledge_base.r-"+tt2+".id\n" 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_bedrockagent_data_source(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | if tt1=="knowledge_base_id" and tt2 != "null": 26 | t1 = tt1+" = aws_bedrockagent_knowledge_base.r-"+tt2+".id\n" 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_bedrockagent_agent_action_group(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | if tt1=="skip_resource_in_use_check" and tt2=="null": 32 | t1 = tt1+" = false\n" 33 | elif tt1=="agent_id" and tt2 != "null": 34 | t1 = tt1+" = aws_bedrockagent_agent.r-"+tt2+".id\n" 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_bedrockagent_agent_alias(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | if tt1=="agent_id" and tt2 != "null": 40 | t1 = tt1+" = aws_bedrockagent_agent.r-"+tt2+".id\n" 41 | return skip,t1,flag1,flag2 -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_billingconductor.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_billing_service_account(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_budgets.py: -------------------------------------------------------------------------------- 1 | def aws_budgets_budget(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_budgets_budget_action(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ce.py: -------------------------------------------------------------------------------- 1 | def aws_ce_anomaly_monitor(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ce_anomaly_subscription(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ce_cost_allocation_tag(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ce_cost_category(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_chime.py: -------------------------------------------------------------------------------- 1 | def aws_chime_voice_connector(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_chime_voice_connector_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_chime_voice_connector_logging(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_chime_voice_connector_origination(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_chime_voice_connector_streaming(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_chime_voice_connector_termination(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_chime_voice_connector_termination_credentials(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_chime_sdk_media_pipelines.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_chimesdkmediapipelines_media_insights_pipeline_configuration(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_chime_sdk_voice.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_chimesdkvoice_global_settings(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_chimesdkvoice_sip_media_application(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_chimesdkvoice_sip_rule(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_chimesdkvoice_voice_profile_domain(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cleanrooms.py: -------------------------------------------------------------------------------- 1 | def aws_cleanrooms_collaboration(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_cleanrooms_configured_table(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloud9.py: -------------------------------------------------------------------------------- 1 | def aws_cloud9_environment_ec2(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="instance_type" and tt2=="null": skip=1 4 | if tt1=="image_id" and tt2=="null": skip=1 5 | return skip,t1,flag1,flag2 6 | 7 | def aws_cloud9_environment_membership(t1,tt1,tt2,flag1,flag2): 8 | skip=0 9 | return skip,t1,flag1,flag2 10 | 11 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloudcontrol.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_cloudcontrolapi_resource(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloudformation.py: -------------------------------------------------------------------------------- 1 | def aws_cloudformation_stack(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_cloudformation_stack_set(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1=="call_as": 8 | t1=t1+"\n lifecycle {\n ignore_changes = [call_as,permission_model]\n}\n" 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_cloudformation_stack_set_instance(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_cloudformation_type(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloudfront.py: -------------------------------------------------------------------------------- 1 | def aws_cloudfront_cache_policy(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_cloudfront_continuous_deployment_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_cloudfront_distribution(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | if tt1=="cache_policy_id" and tt2 != "null": 12 | t1=tt1+" = aws_cloudfront_cache_policy.o-"+tt2+".id\n" 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_cloudfront_field_level_encryption_config(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_cloudfront_field_level_encryption_profile(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_cloudfront_function(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | if tt1=="publish" and tt2=="null": 26 | #t1=t1+"\n lifecycle {\n ignore_changes = [publish]\n}\n" 27 | t1=tt1+" = true\n" 28 | t1=t1+"\n lifecycle {\n ignore_changes = [publish]\n}\n" 29 | return skip,t1,flag1,flag2 30 | 31 | def aws_cloudfront_key_group(t1,tt1,tt2,flag1,flag2): 32 | skip=0 33 | return skip,t1,flag1,flag2 34 | 35 | def aws_cloudfront_monitoring_subscription(t1,tt1,tt2,flag1,flag2): 36 | skip=0 37 | return skip,t1,flag1,flag2 38 | 39 | def aws_cloudfront_origin_access_control(t1,tt1,tt2,flag1,flag2): 40 | skip=0 41 | return skip,t1,flag1,flag2 42 | 43 | def aws_cloudfront_origin_access_identities(t1,tt1,tt2,flag1,flag2): 44 | skip=0 45 | return skip,t1,flag1,flag2 46 | 47 | def aws_cloudfront_origin_access_identity(t1,tt1,tt2,flag1,flag2): 48 | skip=0 49 | return skip,t1,flag1,flag2 50 | 51 | def aws_cloudfront_origin_request_policy(t1,tt1,tt2,flag1,flag2): 52 | skip=0 53 | return skip,t1,flag1,flag2 54 | 55 | def aws_cloudfront_public_key(t1,tt1,tt2,flag1,flag2): 56 | skip=0 57 | return skip,t1,flag1,flag2 58 | 59 | def aws_cloudfront_realtime_log_config(t1,tt1,tt2,flag1,flag2): 60 | skip=0 61 | return skip,t1,flag1,flag2 62 | 63 | def aws_cloudfront_response_headers_policy(t1,tt1,tt2,flag1,flag2): 64 | skip=0 65 | return skip,t1,flag1,flag2 66 | 67 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloudhsmv2.py: -------------------------------------------------------------------------------- 1 | def aws_cloudhsm_v2_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_cloudhsm_v2_hsm(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloudsearch.py: -------------------------------------------------------------------------------- 1 | def aws_cloudsearch_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_cloudsearch_domain_service_access_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cloudtrail.py: -------------------------------------------------------------------------------- 1 | def aws_cloudtrail(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="ends_with" and tt2=="[]": skip=1 4 | if tt1=="not_ends_with" and tt2=="[]": skip=1 5 | if tt1=="starts_with" and tt2=="[]": skip=1 6 | if tt1=="not_starts_with" and tt2=="[]": skip=1 7 | if tt1=="not_equals" and tt2=="[]": skip=1 8 | if tt1=="equals" and tt2=="[]": skip=1 9 | 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_cloudtrail_event_data_store(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | if tt1=="ends_with" and tt2=="[]": skip=1 15 | if tt1=="not_ends_with" and tt2=="[]": skip=1 16 | if tt1=="starts_with" and tt2=="[]": skip=1 17 | if tt1=="not_starts_with" and tt2=="[]": skip=1 18 | if tt1=="not_equals" and tt2=="[]": skip=1 19 | if tt1=="equals" and tt2=="[]": skip=1 20 | return skip,t1,flag1,flag2 21 | 22 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codeartifact.py: -------------------------------------------------------------------------------- 1 | import common 2 | import globals 3 | 4 | def aws_codeartifact_domain(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_codeartifact_domain_permissions_policy(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_codeartifact_repository(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | if tt1=="domain" and tt2 != "null": 15 | t1=tt1+" = aws_codeartifact_domain."+tt2+".domain\n" 16 | common.add_dependancy("aws_codeartifact_domain",tt2) 17 | 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_codeartifact_repository_permissions_policy(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codebuild.py: -------------------------------------------------------------------------------- 1 | def aws_codebuild_project(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="concurrent_build_limit" and tt2 != "null": 4 | if tt2=="0": skip=1 5 | return skip,t1,flag1,flag2 6 | 7 | def aws_codebuild_report_group(t1,tt1,tt2,flag1,flag2): 8 | skip=0 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_codebuild_resource_policy(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_codebuild_source_credential(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_codebuild_webhook(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codecatalyst.py: -------------------------------------------------------------------------------- 1 | def aws_codecatalyst_dev_environment(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_codecatalyst_project(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_codecatalyst_source_repository(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codecommit.py: -------------------------------------------------------------------------------- 1 | def aws_codecommit_approval_rule_template(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_codecommit_approval_rule_template_association(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_codecommit_repository(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | if tt1=="kms_key_id" and tt2=="alias/aws/codecommit": skip=1 12 | 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_codecommit_trigger(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codedeploy.py: -------------------------------------------------------------------------------- 1 | def aws_codedeploy_app(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_codedeploy_deployment_config(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_codedeploy_deployment_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codeguru_reviewer.py: -------------------------------------------------------------------------------- 1 | def aws_codegurureviewer_repository_association(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codeguruprofiler.py: -------------------------------------------------------------------------------- 1 | def aws_codeguruprofiler_profiling_group(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codepipeline.py: -------------------------------------------------------------------------------- 1 | def aws_codepipeline(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="timeout_in_minutes" and tt2=="0": skip=1 4 | return skip,t1,flag1,flag2 5 | 6 | def aws_codepipeline_custom_action_type(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | return skip,t1,flag1,flag2 9 | 10 | def aws_codepipeline_webhook(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | return skip,t1,flag1,flag2 13 | 14 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codestar_connections.py: -------------------------------------------------------------------------------- 1 | def aws_codestarconnections_connection(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_codestarconnections_host(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_codestar_notifications.py: -------------------------------------------------------------------------------- 1 | def aws_codestarnotifications_notification_rule(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cognito_identity.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_cognito_identity_pool(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_cognito_identity_pool_provider_principal_tag(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_cognito_identity_pool_roles_attachment(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_cognito_identity_provider(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cognito_idp.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_cognito_identity_provider(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_cognito_managed_user_pool_client(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_cognito_resource_server(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_cognito_risk_configuration(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_cognito_user(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_cognito_user_group(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | if tt1 == "user_pool_id" and tt2 != "null": 27 | t1=tt1+" = aws_cognito_user_pool."+tt2+".id\n" 28 | common.add_dependancy("aws_cognito_user_pool",tt2) 29 | return skip,t1,flag1,flag2 30 | 31 | def aws_cognito_user_in_group(t1,tt1,tt2,flag1,flag2): 32 | skip=0 33 | return skip,t1,flag1,flag2 34 | 35 | def aws_cognito_user_pool(t1,tt1,tt2,flag1,flag2): 36 | skip=0 37 | if tt1=="email_verification_message" or tt1=="email_verification_subject" or tt1=="sms_authentication_message" or tt1=="sms_verification_message": 38 | skip=1 39 | if tt1=="username_attributes" and tt2=="[]": 40 | skip=1 41 | return skip,t1,flag1,flag2 42 | 43 | def aws_cognito_user_pool_client(t1,tt1,tt2,flag1,flag2): 44 | skip=0 45 | if tt1=="access_token_validity": 46 | if tt2=="0": 47 | t1=tt1+" = 1\n" + "\nlifecycle {\n" + " ignore_changes = [access_token_validity]\n" + "}\n" 48 | 49 | if tt1=="id_token_validity": 50 | if tt2=="0": skip=1 51 | #t1=tt1+" = 1\n" + "\nlifecycle {\n" + " ignore_changes = [id_token_validity]\n" + "}\n" 52 | 53 | elif tt1 == "user_pool_id" and tt2 != "null": 54 | t1=tt1+" = aws_cognito_user_pool."+tt2+".id\n" 55 | common.add_dependancy("aws_cognito_user_pool",tt2) 56 | 57 | elif tt1=="access_token": 58 | if tt2=="null": 59 | t1=tt1+" = \"hours\"\n" 60 | elif tt1=="refresh_token": 61 | if tt2=="null": 62 | t1=tt1+" = \"days\"\n" 63 | 64 | return skip,t1,flag1,flag2 65 | 66 | def aws_cognito_user_pool_domain(t1,tt1,tt2,flag1,flag2): 67 | skip=0 68 | return skip,t1,flag1,flag2 69 | 70 | def aws_cognito_user_pool_ui_customization(t1,tt1,tt2,flag1,flag2): 71 | skip=0 72 | return skip,t1,flag1,flag2 73 | 74 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_comprehend.py: -------------------------------------------------------------------------------- 1 | def aws_comprehend_document_classifier(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_comprehend_entity_recognizer(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_config.py: -------------------------------------------------------------------------------- 1 | def aws_config_aggregate_authorization(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_config_config_rule(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1=="input_parameters": 8 | t1="\n lifecycle {\n ignore_changes = [input_parameters]\n}\n"+t1 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_config_configuration_aggregator(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_config_configuration_recorder(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_config_configuration_recorder_status(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_config_conformance_pack(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | return skip,t1,flag1,flag2 26 | 27 | def aws_config_delivery_channel(t1,tt1,tt2,flag1,flag2): 28 | skip=0 29 | if tt1=="s3_bucket_name": 30 | #print("---t1->>>>", t1) 31 | #print("---tt2->>>>", tt2) 32 | t1=tt1+" = \""+tt2+"\"\n" 33 | 34 | return skip,t1,flag1,flag2 35 | 36 | def aws_config_organization_conformance_pack(t1,tt1,tt2,flag1,flag2): 37 | skip=0 38 | return skip,t1,flag1,flag2 39 | 40 | def aws_config_organization_custom_policy_rule(t1,tt1,tt2,flag1,flag2): 41 | skip=0 42 | return skip,t1,flag1,flag2 43 | 44 | def aws_config_organization_custom_rule(t1,tt1,tt2,flag1,flag2): 45 | skip=0 46 | return skip,t1,flag1,flag2 47 | 48 | def aws_config_organization_managed_rule(t1,tt1,tt2,flag1,flag2): 49 | skip=0 50 | return skip,t1,flag1,flag2 51 | 52 | def aws_config_remediation_configuration(t1,tt1,tt2,flag1,flag2): 53 | skip=0 54 | return skip,t1,flag1,flag2 55 | 56 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_controltower.py: -------------------------------------------------------------------------------- 1 | def aws_controltower_control(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_cur.py: -------------------------------------------------------------------------------- 1 | def aws_cur_report_definition(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_customer_profiles.py: -------------------------------------------------------------------------------- 1 | def aws_customerprofiles_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_customerprofiles_profile(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_dataexchange.py: -------------------------------------------------------------------------------- 1 | def aws_dataexchange_data_set(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_dataexchange_revision(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_datapipeline.py: -------------------------------------------------------------------------------- 1 | def aws_datapipeline_pipeline(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_datapipeline_pipeline_definition(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_datasync.py: -------------------------------------------------------------------------------- 1 | def aws_datasync_agent(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_datasync_location_azure_blob(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_datasync_location_efs(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_datasync_location_fsx_lustre_file_system(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_datasync_location_fsx_ontap_file_system(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_datasync_location_fsx_openzfs_file_system(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_datasync_location_fsx_windows_file_system(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_datasync_location_hdfs(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_datasync_location_nfs(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_datasync_location_object_storage(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_datasync_location_s3(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_datasync_location_smb(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_datasync_task(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_dax.py: -------------------------------------------------------------------------------- 1 | def aws_dax_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_dax_parameter_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_dax_subnet_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_detective.py: -------------------------------------------------------------------------------- 1 | def aws_detective_graph(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_detective_invitation_accepter(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_detective_member(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_detective_organization_admin_account(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_detective_organization_configuration(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_devicefarm.py: -------------------------------------------------------------------------------- 1 | def aws_devicefarm_device_pool(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_devicefarm_instance_profile(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_devicefarm_network_profile(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_devicefarm_project(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_devicefarm_test_grid_project(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_devicefarm_upload(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_directconnect.py: -------------------------------------------------------------------------------- 1 | def aws_dx_bgp_peer(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_dx_connection(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_dx_connection_association(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_dx_connection_confirmation(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_dx_gateway(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_dx_gateway_association(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_dx_gateway_association_proposal(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_dx_hosted_connection(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_dx_hosted_private_virtual_interface(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_dx_hosted_private_virtual_interface_accepter(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_dx_hosted_public_virtual_interface(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_dx_hosted_public_virtual_interface_accepter(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_dx_hosted_transit_virtual_interface(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_dx_hosted_transit_virtual_interface_accepter(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_dx_lag(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_dx_macsec_key_association(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_dx_private_virtual_interface(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | def aws_dx_public_virtual_interface(t1,tt1,tt2,flag1,flag2): 70 | skip=0 71 | return skip,t1,flag1,flag2 72 | 73 | def aws_dx_transit_virtual_interface(t1,tt1,tt2,flag1,flag2): 74 | skip=0 75 | return skip,t1,flag1,flag2 76 | 77 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_dlm.py: -------------------------------------------------------------------------------- 1 | def aws_dlm_lifecycle_policy(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_dms.py: -------------------------------------------------------------------------------- 1 | import common 2 | 3 | def aws_dms_certificate(t1,tt1,tt2,flag1,flag2): 4 | skip=0 5 | return skip,t1,flag1,flag2 6 | 7 | def aws_dms_endpoint(t1,tt1,tt2,flag1,flag2): 8 | skip=0 9 | if tt1=="endpoint_id": 10 | t1 = t1 + "\nlifecycle {\n" + " ignore_changes = [s3_settings,postgres_settings[0].max_file_size]\n" + "}\n" 11 | if tt1=="max_file_size" and tt2=="0": 12 | t1=tt1+" = 1048576\n" 13 | 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_dms_event_subscription(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_dms_replication_config(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_dms_replication_instance(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | if tt1=="replication_subnet_group_id" and tt2 != "null": 27 | t1=tt1 + " = aws_dms_replication_subnet_group." + tt2 + ".id\n" 28 | common.add_dependancy("aws_dms_replication_subnet_group",tt2) 29 | return skip,t1,flag1,flag2 30 | 31 | def aws_dms_replication_subnet_group(t1,tt1,tt2,flag1,flag2): 32 | skip=0 33 | return skip,t1,flag1,flag2 34 | 35 | def aws_dms_replication_task(t1,tt1,tt2,flag1,flag2): 36 | skip=0 37 | if tt1=="CloudWatchLogGroup": skip=1 38 | if tt1=="CloudWatchLogStream": skip=1 39 | 40 | return skip,t1,flag1,flag2 41 | 42 | def aws_dms_s3_endpoint(t1,tt1,tt2,flag1,flag2): 43 | skip=0 44 | return skip,t1,flag1,flag2 45 | 46 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_docdb.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | import base64 4 | import boto3 5 | import sys 6 | import os 7 | import globals 8 | 9 | 10 | def aws_docdb_cluster(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | if tt1 == "cluster_members": t1,skip = fixtf.deref_array(t1,tt1,tt2,"aws_docdb_cluster_instance","*",skip) 13 | 14 | elif tt1 == "db_subnet_group_name": 15 | if tt2 != "default": 16 | t1=tt1 + " = aws_docdb_subnet_group." + tt2 + ".id\n" 17 | common.add_dependancy("aws_docdb_subnet_group",tt2) 18 | 19 | elif tt1 == "engine": 20 | t1=tt1+' = "docdb"\n' 21 | t1=t1+"\n lifecycle {\n ignore_changes = [engine,cluster_members]\n}\n" 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_docdb_cluster_instance(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | if tt1 == "engine": 27 | t1=tt1+' = "docdb"\n' 28 | t1=t1+"\n lifecycle {\n ignore_changes = [engine]\n}\n" 29 | ## can't do this - will cycle 30 | #if tt1 == "cluster_identifier": 31 | # t1=tt1 + " = aws_docdb_cluster." + tt2 + ".id\n" 32 | # common.add_dependancy("aws_docdb_cluster",tt2) 33 | return skip,t1,flag1,flag2 34 | 35 | def aws_docdb_cluster_parameter_group(t1,tt1,tt2,flag1,flag2): 36 | skip=0 37 | return skip,t1,flag1,flag2 38 | 39 | def aws_docdb_cluster_snapshot(t1,tt1,tt2,flag1,flag2): 40 | skip=0 41 | return skip,t1,flag1,flag2 42 | 43 | def aws_docdb_event_subscription(t1,tt1,tt2,flag1,flag2): 44 | skip=0 45 | return skip,t1,flag1,flag2 46 | 47 | def aws_docdb_global_cluster(t1,tt1,tt2,flag1,flag2): 48 | skip=0 49 | return skip,t1,flag1,flag2 50 | 51 | def aws_docdb_subnet_group(t1,tt1,tt2,flag1,flag2): 52 | skip=0 53 | ## if tt1 == "subnet_ids": t1,skip = fixtf.deref_array(t1,tt1,tt2,"aws_subnet","sg-",skip) 54 | return skip,t1,flag1,flag2 55 | 56 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_docdb_elastic.py: -------------------------------------------------------------------------------- 1 | def aws_docdbelastic_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ds.py: -------------------------------------------------------------------------------- 1 | def aws_directory_service_conditional_forwarder(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_directory_service_directory(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1=="password": 8 | t1=tt1+' = "set-me"\n' 9 | t1=t1+"\n lifecycle {\n ignore_changes = [password]\n}\n" 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_directory_service_log_subscription(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_directory_service_radius_settings(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_directory_service_region(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_directory_service_shared_directory(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | return skip,t1,flag1,flag2 27 | 28 | def aws_directory_service_shared_directory_acceptor(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_directory_service_trust(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | return skip,t1,flag1,flag2 35 | 36 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_dynamodb.py: -------------------------------------------------------------------------------- 1 | def aws_dynamodb_contributor_insights(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_dynamodb_global_table(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_dynamodb_kinesis_streaming_destination(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | if tt1=="table_name" and tt2!="null": 12 | t1 =tt1+" = aws_dynamodb_table."+tt2+".name\n" 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_dynamodb_table(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | if tt1=="recovery_period_in_days" and tt2=="0": 18 | skip=1 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_dynamodb_table_item(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_dynamodb_table_replica(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_dynamodb_tag(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ebs.py: -------------------------------------------------------------------------------- 1 | def aws_ebs_default_kms_key(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ebs_encryption_by_default(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ebs_snapshot(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ebs_snapshot_copy(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_ebs_snapshot_import(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_ebs_volume(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ecr.py: -------------------------------------------------------------------------------- 1 | def aws_ecr_authorization_token(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ecr_image(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ecr_lifecycle_policy(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ecr_pull_through_cache_rule(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_ecr_registry_policy(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_ecr_registry_scanning_configuration(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_ecr_replication_configuration(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_ecr_repositories(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_ecr_repository(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_ecr_repository_policy(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_ecrpublic_authorization_token(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_ecrpublic_repository(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_ecrpublic_repository_policy(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ecr_public.py: -------------------------------------------------------------------------------- 1 | def aws_ecrpublic_authorization_token(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ecrpublic_repository(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ecrpublic_repository_policy(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_efs.py: -------------------------------------------------------------------------------- 1 | def aws_efs_access_point(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_efs_backup_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_efs_file_system(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_efs_file_system_policy(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_efs_mount_target(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_efs_replication_configuration(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_elasticache.py: -------------------------------------------------------------------------------- 1 | def aws_elasticache_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_elasticache_global_replication_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_elasticache_parameter_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_elasticache_replication_group(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_elasticache_subnet_group(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_elasticache_user(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | if tt1 == "engine" and tt2=="redis": 24 | t1=tt1+' = "REDIS"\n' 25 | t1=t1+"\n lifecycle {\n ignore_changes = [engine,authentication_mode[0].type]\n}\n" 26 | if tt1 == "type" and tt2=="no-password": 27 | tt2="no-password-required" 28 | t1=tt1+' = "'+tt2+'"\n' 29 | 30 | 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_elasticache_user_group(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_elasticache_user_group_association(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_elasticbeanstalk.py: -------------------------------------------------------------------------------- 1 | def aws_elastic_beanstalk_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_elastic_beanstalk_application_version(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_elastic_beanstalk_configuration_template(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_elastic_beanstalk_environment(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_elastic_beanstalk_hosted_zone(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_elastic_beanstalk_solution_stack(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_elastictranscoder.py: -------------------------------------------------------------------------------- 1 | def aws_elastictranscoder_pipeline(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_elastictranscoder_preset(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_elb.py: -------------------------------------------------------------------------------- 1 | def aws_app_cookie_stickiness_policy(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_elb(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_elb_attachment(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_elb_hosted_zone_id(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_elb_service_account(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_emr.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | import base64 4 | import boto3 5 | import sys 6 | import os 7 | import globals 8 | import inspect 9 | 10 | 11 | def aws_emr_block_public_access_configuration(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_emr_cluster(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | if tt1=="kdc_admin_password": 18 | if tt2.startswith("null"): 19 | t1=tt1+" = \"CHANGE_ME\"\n" 20 | elif tt1=="applications": 21 | t1=t1+"\n lifecycle {\n ignore_changes = [kerberos_attributes[0].kdc_admin_password]\n}\n" 22 | globals.emrsubnetid=False 23 | elif tt1=="subnet_id": 24 | if "subnet" in tt2: globals.emrsubnetid=True 25 | elif tt1=="subnet_ids": 26 | if globals.emrsubnetid: skip=1 27 | elif tt1=="security_configuration" and tt2!="null": 28 | t1=tt1+" = aws_emr_security_configuration."+tt2+".name\n" 29 | common.add_dependancy("aws_emr_security_configuration", tt2) 30 | 31 | 32 | return skip,t1,flag1,flag2 33 | 34 | def aws_emr_instance_fleet(t1,tt1,tt2,flag1,flag2): 35 | skip=0 36 | if tt1=="cluster_id" and tt2 !="null": 37 | t1=tt1+" = aws_emr_cluster."+tt2+".id\n" 38 | common.add_dependancy("aws_emr_cluster", tt2) 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_emr_instance_group(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | if tt1=="cluster_id" and tt2 !="null": 44 | t1=tt1+" = aws_emr_cluster."+tt2+".id\n" 45 | common.add_dependancy("aws_emr_cluster", tt2) 46 | 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_emr_managed_scaling_policy(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_emr_release_labels(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_emr_security_configuration(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | if tt1=="name": 60 | t1=t1+"\n lifecycle {\n ignore_changes = [configuration]\n}\n" 61 | return skip,t1,flag1,flag2 62 | 63 | def aws_emr_studio(t1,tt1,tt2,flag1,flag2): 64 | skip=0 65 | return skip,t1,flag1,flag2 66 | 67 | def aws_emr_studio_session_mapping(t1,tt1,tt2,flag1,flag2): 68 | skip=0 69 | return skip,t1,flag1,flag2 70 | 71 | def aws_emr_supported_instance_types(t1,tt1,tt2,flag1,flag2): 72 | skip=0 73 | return skip,t1,flag1,flag2 74 | 75 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_emr_containers.py: -------------------------------------------------------------------------------- 1 | def aws_emrcontainers_job_template(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_emrcontainers_virtual_cluster(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_emrserverless.py: -------------------------------------------------------------------------------- 1 | def aws_emrserverless_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_es.py: -------------------------------------------------------------------------------- 1 | def aws_elasticsearch_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_elasticsearch_domain_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_elasticsearch_vpc_endpoint(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_events.py: -------------------------------------------------------------------------------- 1 | def aws_cloudwatch_event_rule(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if "name_prefix" in tt1: skip=1 4 | 5 | return skip,t1,flag1,flag2 6 | 7 | def aws_cloudwatch_event_api_destination(t1,tt1,tt2,flag1,flag2): 8 | skip=0 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_cloudwatch_event_archive(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_cloudwatch_event_bus(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_cloudwatch_event_bus_policy(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_cloudwatch_event_connection(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | return skip,t1,flag1,flag2 27 | 28 | def aws_cloudwatch_event_endpoint(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_cloudwatch_event_permission(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | return skip,t1,flag1,flag2 35 | 36 | def aws_cloudwatch_event_source(t1,tt1,tt2,flag1,flag2): 37 | skip=0 38 | return skip,t1,flag1,flag2 39 | 40 | def aws_cloudwatch_event_target(t1,tt1,tt2,flag1,flag2): 41 | skip=0 42 | if tt1 == "arn": 43 | t1=t1+"\nlifecycle {\n" + " ignore_changes = [input_transformer]\n" + "}\n" 44 | return skip,t1,flag1,flag2 -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_evidently.py: -------------------------------------------------------------------------------- 1 | def aws_evidently_feature(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_evidently_launch(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_evidently_project(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_evidently_segment(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_finspace.py: -------------------------------------------------------------------------------- 1 | def aws_finspace_kx_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_finspace_kx_database(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_finspace_kx_dataview(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_finspace_kx_environment(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_finspace_kx_scaling_group(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_finspace_kx_user(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_finspace_kx_volume(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_firehose.py: -------------------------------------------------------------------------------- 1 | def aws_kinesis_firehose_delivery_stream(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="custom_time_zone" and tt2=="null": 4 | t1=tt1+' = "UTC"\n' 5 | elif tt1=="name": 6 | t1=t1+"\n lifecycle {\n ignore_changes = [extended_s3_configuration[0].custom_time_zone]\n}\n" 7 | elif tt1=="destination_id": skip=1 8 | 9 | return skip,t1,flag1,flag2 10 | 11 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_fis.py: -------------------------------------------------------------------------------- 1 | def aws_fis_experiment_template(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_fms.py: -------------------------------------------------------------------------------- 1 | def aws_fms_admin_account(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_fms_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_fsx.py: -------------------------------------------------------------------------------- 1 | def aws_fsx_backup(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_fsx_data_repository_association(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_fsx_file_cache(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_fsx_lustre_file_system(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_fsx_ontap_file_system(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_fsx_ontap_storage_virtual_machine(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_fsx_ontap_storage_virtual_machines(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_fsx_ontap_volume(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_fsx_openzfs_file_system(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_fsx_openzfs_snapshot(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_fsx_openzfs_volume(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_fsx_windows_file_system(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_gamelift.py: -------------------------------------------------------------------------------- 1 | def aws_gamelift_alias(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_gamelift_build(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_gamelift_fleet(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_gamelift_game_server_group(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_gamelift_game_session_queue(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_gamelift_script(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_glacier.py: -------------------------------------------------------------------------------- 1 | def aws_glacier_vault(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_glacier_vault_lock(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_globalaccelerator.py: -------------------------------------------------------------------------------- 1 | def aws_globalaccelerator_accelerator(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_globalaccelerator_custom_routing_accelerator(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_globalaccelerator_custom_routing_endpoint_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_globalaccelerator_custom_routing_listener(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_globalaccelerator_endpoint_group(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_globalaccelerator_listener(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_grafana.py: -------------------------------------------------------------------------------- 1 | def aws_grafana_license_association(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_grafana_role_association(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_grafana_workspace(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_grafana_workspace_api_key(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_grafana_workspace_saml_configuration(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_guardduty.py: -------------------------------------------------------------------------------- 1 | def aws_guardduty_detector(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_guardduty_detector_feature(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_guardduty_filter(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_guardduty_finding_ids(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_guardduty_invite_accepter(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_guardduty_ipset(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_guardduty_member(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_guardduty_organization_admin_account(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_guardduty_organization_configuration(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_guardduty_organization_configuration_feature(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_guardduty_publishing_destination(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_guardduty_threatintelset(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_identitystore.py: -------------------------------------------------------------------------------- 1 | def aws_identitystore_group(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_identitystore_group_membership(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_identitystore_user(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_imagebuilder.py: -------------------------------------------------------------------------------- 1 | def aws_imagebuilder_component(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="supported_os_versions" and tt2=="[]": skip=1 4 | return skip,t1,flag1,flag2 5 | 6 | def aws_imagebuilder_components(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | return skip,t1,flag1,flag2 9 | 10 | def aws_imagebuilder_container_recipe(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | return skip,t1,flag1,flag2 13 | 14 | def aws_imagebuilder_container_recipes(t1,tt1,tt2,flag1,flag2): 15 | skip=0 16 | return skip,t1,flag1,flag2 17 | 18 | def aws_imagebuilder_distribution_configuration(t1,tt1,tt2,flag1,flag2): 19 | skip=0 20 | return skip,t1,flag1,flag2 21 | 22 | def aws_imagebuilder_distribution_configurations(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | return skip,t1,flag1,flag2 25 | 26 | def aws_imagebuilder_image(t1,tt1,tt2,flag1,flag2): 27 | skip=0 28 | return skip,t1,flag1,flag2 29 | 30 | def aws_imagebuilder_image_pipeline(t1,tt1,tt2,flag1,flag2): 31 | skip=0 32 | return skip,t1,flag1,flag2 33 | 34 | def aws_imagebuilder_image_pipelines(t1,tt1,tt2,flag1,flag2): 35 | skip=0 36 | return skip,t1,flag1,flag2 37 | 38 | def aws_imagebuilder_image_recipe(t1,tt1,tt2,flag1,flag2): 39 | skip=0 40 | return skip,t1,flag1,flag2 41 | 42 | def aws_imagebuilder_image_recipes(t1,tt1,tt2,flag1,flag2): 43 | skip=0 44 | return skip,t1,flag1,flag2 45 | 46 | def aws_imagebuilder_infrastructure_configuration(t1,tt1,tt2,flag1,flag2): 47 | skip=0 48 | return skip,t1,flag1,flag2 49 | 50 | def aws_imagebuilder_infrastructure_configurations(t1,tt1,tt2,flag1,flag2): 51 | skip=0 52 | return skip,t1,flag1,flag2 53 | 54 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_inspector.py: -------------------------------------------------------------------------------- 1 | def aws_inspector_assessment_target(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_inspector_assessment_template(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_inspector_resource_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_inspector_rules_packages(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_inspector2.py: -------------------------------------------------------------------------------- 1 | def aws_inspector2_delegated_admin_account(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_inspector2_enabler(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_inspector2_member_association(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_inspector2_organization_configuration(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_internetmonitor.py: -------------------------------------------------------------------------------- 1 | def aws_internetmonitor_monitor(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_iot.py: -------------------------------------------------------------------------------- 1 | def aws_iot_authorizer(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_iot_billing_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_iot_ca_certificate(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_iot_certificate(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_iot_domain_configuration(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_iot_endpoint(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_iot_event_configurations(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_iot_indexing_configuration(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_iot_logging_options(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_iot_policy(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_iot_policy_attachment(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_iot_provisioning_template(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_iot_registration_code(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_iot_role_alias(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_iot_thing(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_iot_thing_group(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_iot_thing_group_membership(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | def aws_iot_thing_principal_attachment(t1,tt1,tt2,flag1,flag2): 70 | skip=0 71 | return skip,t1,flag1,flag2 72 | 73 | def aws_iot_thing_type(t1,tt1,tt2,flag1,flag2): 74 | skip=0 75 | return skip,t1,flag1,flag2 76 | 77 | def aws_iot_topic_rule(t1,tt1,tt2,flag1,flag2): 78 | skip=0 79 | return skip,t1,flag1,flag2 80 | 81 | def aws_iot_topic_rule_destination(t1,tt1,tt2,flag1,flag2): 82 | skip=0 83 | return skip,t1,flag1,flag2 84 | 85 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ivs.py: -------------------------------------------------------------------------------- 1 | def aws_ivs_channel(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ivs_playback_key_pair(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ivs_recording_configuration(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ivs_stream_key(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ivschat.py: -------------------------------------------------------------------------------- 1 | def aws_ivschat_logging_configuration(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ivschat_room(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kafka.py: -------------------------------------------------------------------------------- 1 | import common 2 | import globals 3 | 4 | def aws_msk_broker_nodes(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_msk_cluster(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | if tt1=="log_group" and tt2!="null": 11 | t1=tt1+" = aws_cloudwatch_log_group."+tt2+".name\n" 12 | common.add_dependancy("aws_cloudwatch_log_group",tt2) 13 | elif tt1=="delivery_stream" and tt2!="null": 14 | karn="arn:aws:firehose:"+globals.region+":"+globals.acc+":deliverystream/"+tt2 15 | tarn=karn.replace("/","_").replace(".","_").replace(":","_").replace("|","_").replace("$","_").replace(",","_").replace("&","_").replace("#","_").replace("[","_").replace("]","_").replace("=","_").replace("!","_").replace(";","_") 16 | t1=tt1+" = aws_kinesis_firehose_delivery_stream."+tarn+".name\n" 17 | common.add_dependancy("aws_kinesis_firehose_delivery_stream",tt2) 18 | elif tt1=="arn" and tt2.startswith("arn:aws:kafka") and ":configuration:" in tt2: 19 | tarn=tt2.replace("/","_").replace(".","_").replace(":","_").replace("|","_").replace("$","_").replace(",","_").replace("&","_").replace("#","_").replace("[","_").replace("]","_").replace("=","_").replace("!","_").replace(";","_") 20 | t1=tt1+" = aws_msk_configuration."+tarn+".arn\n" 21 | # pass the arn 22 | common.add_dependancy("aws_msk_configuration", tt2) 23 | #elif tt1=="arn" and tt2!="null": 24 | # t1=tt1+" = aws_msk_configuration."+tarn+".arn\n" 25 | 26 | 27 | 28 | 29 | return skip,t1,flag1,flag2 30 | 31 | def aws_msk_cluster_policy(t1,tt1,tt2,flag1,flag2): 32 | skip=0 33 | return skip,t1,flag1,flag2 34 | 35 | def aws_msk_configuration(t1,tt1,tt2,flag1,flag2): 36 | skip=0 37 | return skip,t1,flag1,flag2 38 | 39 | def aws_msk_kafka_version(t1,tt1,tt2,flag1,flag2): 40 | skip=0 41 | return skip,t1,flag1,flag2 42 | 43 | def aws_msk_replicator(t1,tt1,tt2,flag1,flag2): 44 | skip=0 45 | return skip,t1,flag1,flag2 46 | 47 | def aws_msk_scram_secret_association(t1,tt1,tt2,flag1,flag2): 48 | skip=0 49 | if tt1=="cluster_arn": 50 | tarn=tt2.replace("/", "_").replace(".", "_").replace(":", "_").replace("|", "_").replace("$", "_").replace(", ", "_").replace("&", "_").replace("#", "_").replace("[", "_").replace("]", "_").replace("=", "_").replace("!", "_").replace(";", "_") 51 | t1=tt1+" = aws_msk_cluster."+tarn+".arn\n" 52 | #common.add_dependancy("aws_msk_cluster", tt2) 53 | return skip,t1,flag1,flag2 54 | 55 | def aws_msk_serverless_cluster(t1,tt1,tt2,flag1,flag2): 56 | skip=0 57 | return skip,t1,flag1,flag2 58 | 59 | def aws_msk_vpc_connection(t1,tt1,tt2,flag1,flag2): 60 | skip=0 61 | return skip,t1,flag1,flag2 62 | 63 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kafkaconnect.py: -------------------------------------------------------------------------------- 1 | def aws_mskconnect_connector(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_mskconnect_custom_plugin(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_mskconnect_worker_configuration(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kendra.py: -------------------------------------------------------------------------------- 1 | def aws_kendra_data_source(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="index_id": t1 = tt1 + " = aws_kendra_index.k-" + tt2+ ".id\n" 4 | return skip,t1,flag1,flag2 5 | 6 | def aws_kendra_experience(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | if tt1=="index_id": t1 = tt1 + " = aws_kendra_index.k-" + tt2+ ".id\n" 9 | elif tt1=="data_source_ids" and tt2=="[]": skip=1 10 | elif tt1=="faq_ids" and tt2=="[]": skip=1 11 | 12 | return skip,t1,flag1,flag2 13 | 14 | def aws_kendra_faq(t1,tt1,tt2,flag1,flag2): 15 | skip=0 16 | if tt1=="index_id": t1 = tt1 + " = aws_kendra_index.k-" + tt2+ ".id\n" 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_kendra_index(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_kendra_query_suggestions_block_list(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | if tt1=="index_id": t1 = tt1 + " = aws_kendra_index.k-" + tt2+ ".id\n" 26 | return skip,t1,flag1,flag2 27 | 28 | def aws_kendra_thesaurus(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | if tt1=="index_id": t1 = tt1 + " = aws_kendra_index.k-" + tt2+ ".id\n" 31 | return skip,t1,flag1,flag2 32 | 33 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_keyspaces.py: -------------------------------------------------------------------------------- 1 | def aws_keyspaces_keyspace(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_keyspaces_table(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kinesis.py: -------------------------------------------------------------------------------- 1 | def aws_kinesis_stream_consumer(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_kinesis_stream(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1=="arn": skip=1 8 | return skip,t1,flag1,flag2 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kinesisanalytics.py: -------------------------------------------------------------------------------- 1 | def aws_kinesis_analytics_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kinesisanalyticsv2.py: -------------------------------------------------------------------------------- 1 | def aws_kinesisanalyticsv2_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_kinesisanalyticsv2_application_snapshot(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kinesisvideo.py: -------------------------------------------------------------------------------- 1 | def aws_kinesis_video_stream(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_kms.py: -------------------------------------------------------------------------------- 1 | import fixtf 2 | import sys 3 | 4 | # returns True if key is one we want - ie not AWS managed 5 | 6 | def aws_kms_key(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | if tt1 == "policy": t1=fixtf.globals_replace(t1,tt1,tt2) 9 | elif tt1=="rotation_period_in_days" and tt2=="0": skip=1 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_kms_alias(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | if tt1 == "policy": t1=fixtf.globals_replace(t1,tt1,tt2) 15 | #if tt1 == "target_key_id": 16 | # t1=tt1 + " = aws_kms_key.k-" + tt2 + ".id\n" 17 | # common.add_dependancy("aws_kms_key","k-"+tt2) 18 | 19 | return skip,t1,flag1,flag2 20 | 21 | 22 | def aws_kms_ciphertext(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | return skip,t1,flag1,flag2 25 | 26 | def aws_kms_custom_key_store(t1,tt1,tt2,flag1,flag2): 27 | skip=0 28 | return skip,t1,flag1,flag2 29 | 30 | def aws_kms_external_key(t1,tt1,tt2,flag1,flag2): 31 | skip=0 32 | return skip,t1,flag1,flag2 33 | 34 | def aws_kms_grant(t1,tt1,tt2,flag1,flag2): 35 | skip=0 36 | return skip,t1,flag1,flag2 37 | 38 | def aws_kms_key_policy(t1,tt1,tt2,flag1,flag2): 39 | skip=0 40 | return skip,t1,flag1,flag2 41 | 42 | def aws_kms_public_key(t1,tt1,tt2,flag1,flag2): 43 | skip=0 44 | return skip,t1,flag1,flag2 45 | 46 | def aws_kms_replica_external_key(t1,tt1,tt2,flag1,flag2): 47 | skip=0 48 | return skip,t1,flag1,flag2 49 | 50 | def aws_kms_replica_key(t1,tt1,tt2,flag1,flag2): 51 | skip=0 52 | return skip,t1,flag1,flag2 53 | 54 | def aws_kms_secret(t1,tt1,tt2,flag1,flag2): 55 | skip=0 56 | return skip,t1,flag1,flag2 57 | 58 | def aws_kms_secrets(t1,tt1,tt2,flag1,flag2): 59 | skip=0 60 | return skip,t1,flag1,flag2 61 | 62 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_lakeformation.py: -------------------------------------------------------------------------------- 1 | def aws_lakeformation_data_lake_settings(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_lakeformation_lf_tag(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_lakeformation_permissions(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_lakeformation_resource(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_lakeformation_resource_lf_tags(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_lex.py: -------------------------------------------------------------------------------- 1 | def aws_lex_bot(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_lex_bot_alias(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_lex_intent(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_lex_slot_type(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_lexv2_models.py: -------------------------------------------------------------------------------- 1 | def aws_lexv2models_bot(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_lexv2models_bot_locale(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_lexv2models_bot_version(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_license_manager.py: -------------------------------------------------------------------------------- 1 | def aws_licensemanager_association(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_licensemanager_grant(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_licensemanager_grant_accepter(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_licensemanager_grants(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_licensemanager_license_configuration(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_licensemanager_received_license(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_licensemanager_received_licenses(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_lightsail.py: -------------------------------------------------------------------------------- 1 | def aws_lightsail_bucket(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_lightsail_bucket_access_key(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_lightsail_bucket_resource_access(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_lightsail_certificate(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_lightsail_container_service(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_lightsail_container_service_deployment_version(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_lightsail_database(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_lightsail_disk(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_lightsail_disk_attachment(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_lightsail_distribution(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_lightsail_domain(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_lightsail_domain_entry(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_lightsail_instance(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_lightsail_instance_public_ports(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_lightsail_key_pair(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_lightsail_lb(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_lightsail_lb_attachment(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | def aws_lightsail_lb_certificate(t1,tt1,tt2,flag1,flag2): 70 | skip=0 71 | return skip,t1,flag1,flag2 72 | 73 | def aws_lightsail_lb_certificate_attachment(t1,tt1,tt2,flag1,flag2): 74 | skip=0 75 | return skip,t1,flag1,flag2 76 | 77 | def aws_lightsail_lb_https_redirection_policy(t1,tt1,tt2,flag1,flag2): 78 | skip=0 79 | return skip,t1,flag1,flag2 80 | 81 | def aws_lightsail_lb_stickiness_policy(t1,tt1,tt2,flag1,flag2): 82 | skip=0 83 | return skip,t1,flag1,flag2 84 | 85 | def aws_lightsail_static_ip(t1,tt1,tt2,flag1,flag2): 86 | skip=0 87 | return skip,t1,flag1,flag2 88 | 89 | def aws_lightsail_static_ip_attachment(t1,tt1,tt2,flag1,flag2): 90 | skip=0 91 | return skip,t1,flag1,flag2 92 | 93 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_location.py: -------------------------------------------------------------------------------- 1 | def aws_location_geofence_collection(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_location_map(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_location_place_index(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_location_route_calculator(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_location_tracker(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_location_tracker_association(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_location_tracker_associations(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_logs.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | 5 | def aws_cloudwatch_log_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | if tt1 == "name": 8 | 9 | if len(tt2) > 0: flag1=True 10 | 11 | #CIRCULAR reference problems: 12 | ##if tt1 == "security_groups": t1,skip = fixtf.deref_array(t1,tt1,tt2,"aws_security_group","sg-",skip) 13 | 14 | if tt1 == "name_prefix" and flag1 is True: skip=1 15 | 16 | return skip,t1,flag1,flag2 17 | 18 | def aws_cloudwatch_composite_alarm(t1,tt1,tt2,flag1,flag2): 19 | skip=0 20 | return skip,t1,flag1,flag2 21 | 22 | def aws_cloudwatch_dashboard(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | return skip,t1,flag1,flag2 25 | 26 | 27 | 28 | def aws_cloudwatch_log_data_protection_policy(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_cloudwatch_log_destination(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | return skip,t1,flag1,flag2 35 | 36 | def aws_cloudwatch_log_destination_policy(t1,tt1,tt2,flag1,flag2): 37 | skip=0 38 | return skip,t1,flag1,flag2 39 | 40 | def aws_cloudwatch_log_metric_filter(t1,tt1,tt2,flag1,flag2): 41 | skip=0 42 | return skip,t1,flag1,flag2 43 | 44 | def aws_cloudwatch_log_resource_policy(t1,tt1,tt2,flag1,flag2): 45 | skip=0 46 | return skip,t1,flag1,flag2 47 | 48 | def aws_cloudwatch_log_stream(t1,tt1,tt2,flag1,flag2): 49 | skip=0 50 | return skip,t1,flag1,flag2 51 | 52 | def aws_cloudwatch_log_subscription_filter(t1,tt1,tt2,flag1,flag2): 53 | skip=0 54 | return skip,t1,flag1,flag2 55 | 56 | def aws_cloudwatch_metric_alarm(t1,tt1,tt2,flag1,flag2): 57 | skip=0 58 | return skip,t1,flag1,flag2 59 | 60 | def aws_cloudwatch_metric_stream(t1,tt1,tt2,flag1,flag2): 61 | skip=0 62 | return skip,t1,flag1,flag2 63 | 64 | def aws_cloudwatch_query_definition(t1,tt1,tt2,flag1,flag2): 65 | skip=0 66 | return skip,t1,flag1,flag2 67 | 68 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_macie2.py: -------------------------------------------------------------------------------- 1 | def aws_macie2_account(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_macie2_classification_export_configuration(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_macie2_classification_job(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_macie2_custom_data_identifier(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_macie2_findings_filter(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_macie2_invitation_accepter(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_macie2_member(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_macie2_organization_admin_account(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_mediaconvert.py: -------------------------------------------------------------------------------- 1 | def aws_media_convert_queue(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_medialive.py: -------------------------------------------------------------------------------- 1 | def aws_medialive_channel(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_medialive_input(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_medialive_input_security_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_medialive_multiplex(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_medialive_multiplex_program(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_mediapackage.py: -------------------------------------------------------------------------------- 1 | def aws_media_package_channel(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_mediastore.py: -------------------------------------------------------------------------------- 1 | def aws_media_store_container(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_media_store_container_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_memorydb.py: -------------------------------------------------------------------------------- 1 | def aws_memorydb_acl(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_memorydb_cluster(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_memorydb_parameter_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_memorydb_snapshot(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_memorydb_subnet_group(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_memorydb_user(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_mq.py: -------------------------------------------------------------------------------- 1 | def aws_mq_broker(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_mq_broker_instance_type_offerings(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_mq_configuration(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_mwaa.py: -------------------------------------------------------------------------------- 1 | def aws_mwaa_environment(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_neptune.py: -------------------------------------------------------------------------------- 1 | def aws_neptune_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="engine": 4 | t1 = tt1 + " = \"neptune\"\n" 5 | t1 = t1 + "\n lifecycle {\n ignore_changes = [engine,serverless_v2_scaling_configuration[0].min_capacity]\n}\n" 6 | if tt1=="min_capacity" and tt2=="0.5": 7 | t1 = tt1 + " = \"1.0\"\n" 8 | return skip,t1,flag1,flag2 9 | 10 | def aws_neptune_cluster_endpoint(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | return skip,t1,flag1,flag2 13 | 14 | def aws_neptune_cluster_instance(t1,tt1,tt2,flag1,flag2): 15 | skip=0 16 | return skip,t1,flag1,flag2 17 | 18 | def aws_neptune_cluster_parameter_group(t1,tt1,tt2,flag1,flag2): 19 | skip=0 20 | if tt1=="name": 21 | if tt2.startswith("default."): 22 | tt2=tt2.split(".")[1] 23 | t1 = tt1 + " = \""+tt2+"\"\n" 24 | t1 =t1 +"\n lifecycle {\n ignore_changes = [name]\n}\n" 25 | return skip,t1,flag1,flag2 26 | 27 | def aws_neptune_cluster_snapshot(t1,tt1,tt2,flag1,flag2): 28 | skip=0 29 | return skip,t1,flag1,flag2 30 | 31 | def aws_neptune_engine_version(t1,tt1,tt2,flag1,flag2): 32 | skip=0 33 | return skip,t1,flag1,flag2 34 | 35 | def aws_neptune_event_subscription(t1,tt1,tt2,flag1,flag2): 36 | skip=0 37 | return skip,t1,flag1,flag2 38 | 39 | def aws_neptune_global_cluster(t1,tt1,tt2,flag1,flag2): 40 | skip=0 41 | return skip,t1,flag1,flag2 42 | 43 | def aws_neptune_orderable_db_instance(t1,tt1,tt2,flag1,flag2): 44 | skip=0 45 | return skip,t1,flag1,flag2 46 | 47 | def aws_neptune_parameter_group(t1,tt1,tt2,flag1,flag2): 48 | skip=0 49 | if tt1=="name": 50 | if tt2.startswith("default."): 51 | tt2=tt2.split(".")[1] 52 | t1 = tt1 + " = \""+tt2+"\"\n" 53 | t1 =t1 +"\n lifecycle {\n ignore_changes = [name]\n}\n" 54 | return skip,t1,flag1,flag2 55 | 56 | def aws_neptune_subnet_group(t1,tt1,tt2,flag1,flag2): 57 | skip=0 58 | return skip,t1,flag1,flag2 59 | 60 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_network_firewall.py: -------------------------------------------------------------------------------- 1 | import common 2 | def aws_networkfirewall_firewall(t1,tt1,tt2,flag1,flag2): 3 | skip=0 4 | if tt1=="firewall_policy_arn": 5 | if tt2!="null" and tt2.startswith("arn:"): 6 | tarn=tt2.replace("/","_").replace(".","_").replace(":","_").replace("|","_").replace("$","_").replace(",","_").replace("&","_").replace("#","_").replace("[","_").replace("]","_").replace("=","_").replace("!","_").replace(";","_") 7 | t1=tt1 + " = aws_networkfirewall_firewall_policy." + tarn + ".arn\n" 8 | common.add_dependancy("aws_networkfirewall_firewall_policy", tt2) 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_networkfirewall_firewall_policy(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | if tt1=="priority" and tt2=="0": skip=1 14 | elif tt1=="resource_arn" and tt2!="null" and tt2.startswith("arn:"): 15 | tarn=tt2.replace("/", "_").replace(".", "_").replace(":", "_").replace("|", "_").replace("$", "_").replace(", ", "_").replace("&", "_").replace("#", "_").replace("[", "_").replace("]", "_").replace("=", "_").replace("!", "_").replace(";", "_") 16 | t1=tt1 + " = aws_networkfirewall_rule_group." + tarn + ".arn\n" 17 | common.add_dependancy("aws_networkfirewall_rule_group", tt2) 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_networkfirewall_logging_configuration(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | if tt1=="firewall_arn" and tt2!="null" and tt2.startswith("arn:"): 23 | tarn=tt2.replace("/", "_").replace(".", "_").replace(":", "_").replace("|", "_").replace("$", "_").replace(", ", "_").replace("&", "_").replace("#", "_").replace("[", "_").replace("]", "_").replace("=", "_").replace("!", "_").replace(";", "_") 24 | t1=tt1 + " = aws_networkfirewall_firewall." + tarn + ".arn\n" 25 | common.add_dependancy("aws_networkfirewall_firewall", tt2) 26 | 27 | elif tt1==" tls_inspection_configuration_arn" and tt2!="null" and tt2.startswith("arn:"): 28 | tarn=tt2.replace("/", "_").replace(".", "_").replace(":", "_").replace("|", "_").replace("$", "_").replace(", ", "_").replace("&", "_").replace("#", "_").replace("[", "_").replace("]", "_").replace("=", "_").replace("!", "_").replace(";", "_") 29 | t1=tt1 + " = aws_networkfirewall_tls_inspection_configuration." + tarn + ".arn\n" 30 | common.add_dependancy("aws_networkfirewall_tls_inspection_configuration", tt2) 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_networkfirewall_resource_policy(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_networkfirewall_rule_group(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_opensearch.py: -------------------------------------------------------------------------------- 1 | def aws_opensearch_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="warm_count" or tt1=="throughput": 4 | if tt2=="0": skip=1 5 | 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_opensearch_domain_policy(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_opensearch_domain_saml_options(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_opensearch_inbound_connection_accepter(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_opensearch_outbound_connection(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_opensearch_package(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | return skip,t1,flag1,flag2 27 | 28 | def aws_opensearch_package_association(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_opensearch_vpc_endpoint(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | return skip,t1,flag1,flag2 35 | 36 | def aws_opensearchserverless_access_policy(t1,tt1,tt2,flag1,flag2): 37 | skip=0 38 | return skip,t1,flag1,flag2 39 | 40 | def aws_opensearchserverless_collection(t1,tt1,tt2,flag1,flag2): 41 | skip=0 42 | return skip,t1,flag1,flag2 43 | 44 | def aws_opensearchserverless_lifecycle_policy(t1,tt1,tt2,flag1,flag2): 45 | skip=0 46 | return skip,t1,flag1,flag2 47 | 48 | def aws_opensearchserverless_security_config(t1,tt1,tt2,flag1,flag2): 49 | skip=0 50 | return skip,t1,flag1,flag2 51 | 52 | def aws_opensearchserverless_security_policy(t1,tt1,tt2,flag1,flag2): 53 | skip=0 54 | return skip,t1,flag1,flag2 55 | 56 | def aws_opensearchserverless_vpc_endpoint(t1,tt1,tt2,flag1,flag2): 57 | skip=0 58 | return skip,t1,flag1,flag2 59 | 60 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_opsworks.py: -------------------------------------------------------------------------------- 1 | def aws_opsworks_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_opsworks_custom_layer(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_opsworks_ecs_cluster_layer(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_opsworks_ganglia_layer(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_opsworks_haproxy_layer(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_opsworks_instance(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_opsworks_java_app_layer(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_opsworks_memcached_layer(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_opsworks_mysql_layer(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_opsworks_nodejs_app_layer(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_opsworks_permission(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_opsworks_php_app_layer(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_opsworks_rails_app_layer(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_opsworks_rds_db_instance(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_opsworks_stack(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_opsworks_static_web_layer(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_opsworks_user_profile(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_organizations.py: -------------------------------------------------------------------------------- 1 | def aws_account_alternate_contact(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_account_primary_contact(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_organizations_account(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_organizations_delegated_administrator(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_organizations_delegated_administrators(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_organizations_delegated_services(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_organizations_organization(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_organizations_organizational_unit(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_organizations_organizational_unit_child_accounts(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_organizations_organizational_unit_descendant_accounts(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_organizations_organizational_units(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_organizations_policies(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_organizations_policies_for_target(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_organizations_policy(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_organizations_policy_attachment(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_organizations_resource_policy(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_organizations_resource_tags(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_outposts.py: -------------------------------------------------------------------------------- 1 | def aws_outposts_asset(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_outposts_assets(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_outposts_outpost(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_outposts_outpost_instance_type(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_outposts_outpost_instance_types(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_outposts_outposts(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_outposts_site(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_outposts_sites(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_pinpoint.py: -------------------------------------------------------------------------------- 1 | def aws_pinpoint_adm_channel(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_pinpoint_apns_channel(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_pinpoint_apns_sandbox_channel(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_pinpoint_apns_voip_channel(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_pinpoint_apns_voip_sandbox_channel(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_pinpoint_app(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_pinpoint_baidu_channel(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_pinpoint_email_channel(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_pinpoint_event_stream(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_pinpoint_gcm_channel(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_pinpoint_sms_channel(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_pipes.py: -------------------------------------------------------------------------------- 1 | def aws_pipes_pipe(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="maximum_record_age_in_seconds" or tt1=="parallelization_factor": 4 | if tt2=="0": skip=1 5 | if tt1=="description": 6 | t1=t1+"\n lifecycle {\n ignore_changes = [description]\n}\n" 7 | 8 | return skip,t1,flag1,flag2 9 | 10 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_polly.py: -------------------------------------------------------------------------------- 1 | def aws_polly_voices(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_pricing.py: -------------------------------------------------------------------------------- 1 | def aws_pricing_product(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_qldb.py: -------------------------------------------------------------------------------- 1 | def aws_qldb_ledger(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_qldb_stream(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_quicksight.py: -------------------------------------------------------------------------------- 1 | def aws_quicksight_account_subscription(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_quicksight_analysis(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_quicksight_dashboard(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_quicksight_data_set(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_quicksight_data_source(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_quicksight_folder(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_quicksight_folder_membership(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_quicksight_group(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_quicksight_group_membership(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_quicksight_iam_policy_assignment(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_quicksight_ingestion(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_quicksight_namespace(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_quicksight_refresh_schedule(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_quicksight_template(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_quicksight_template_alias(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_quicksight_theme(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_quicksight_user(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | def aws_quicksight_vpc_connection(t1,tt1,tt2,flag1,flag2): 70 | skip=0 71 | return skip,t1,flag1,flag2 72 | 73 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ram.py: -------------------------------------------------------------------------------- 1 | def aws_ram_principal_association(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ram_resource_association(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ram_resource_share(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ram_resource_share_accepter(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_ram_sharing_with_organization(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_redshift_data.py: -------------------------------------------------------------------------------- 1 | def aws_redshiftdata_statement(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_redshift_serverless.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | import sys 4 | import os 5 | import inspect 6 | 7 | def aws_redshiftserverless_namespace(t1,tt1,tt2,flag1,flag2): 8 | try: 9 | skip=0 10 | 11 | 12 | if tt1 == "default_iam_role_arn": t1=fixtf.deref_role_arn(t1,tt1,tt2) 13 | 14 | ##elif tt1 == "iam_roles": t1=fixtf.deref_role_arn_array(t1,tt1,tt2) 15 | 16 | except Exception as e: 17 | common.handle_error2(e,str(inspect.currentframe().f_code.co_name),id) 18 | 19 | return skip,t1,flag1,flag2 20 | 21 | 22 | def aws_redshiftserverless_workgroup(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | 25 | if tt1 == "namespace_name": 26 | 27 | t1=tt1 + " = aws_redshiftserverless_namespace." + tt2 + ".id\n" 28 | common.add_dependancy("aws_redshiftserverless_namespace",tt2) 29 | 30 | return skip,t1,flag1,flag2 31 | 32 | 33 | 34 | def aws_redshiftserverless_credentials(t1,tt1,tt2,flag1,flag2): 35 | skip=0 36 | return skip,t1,flag1,flag2 37 | 38 | def aws_redshiftserverless_endpoint_access(t1,tt1,tt2,flag1,flag2): 39 | skip=0 40 | return skip,t1,flag1,flag2 41 | 42 | def aws_redshiftserverless_resource_policy(t1,tt1,tt2,flag1,flag2): 43 | skip=0 44 | return skip,t1,flag1,flag2 45 | 46 | def aws_redshiftserverless_snapshot(t1,tt1,tt2,flag1,flag2): 47 | skip=0 48 | return skip,t1,flag1,flag2 49 | 50 | def aws_redshiftserverless_usage_limit(t1,tt1,tt2,flag1,flag2): 51 | skip=0 52 | return skip,t1,flag1,flag2 53 | 54 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_resource_explorer_2.py: -------------------------------------------------------------------------------- 1 | def aws_resourceexplorer2_index(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_resourceexplorer2_view(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_resource_groups.py: -------------------------------------------------------------------------------- 1 | def aws_resourcegroups_group(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_resourcegroups_resource(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_resourcegroupstaggingapi.py: -------------------------------------------------------------------------------- 1 | def aws_resourcegroupstaggingapi_resources(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_rolesanywhere.py: -------------------------------------------------------------------------------- 1 | def aws_rolesanywhere_profile(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_rolesanywhere_trust_anchor(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_route53_recovery_control_config.py: -------------------------------------------------------------------------------- 1 | def aws_route53recoverycontrolconfig_cluster(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_route53recoverycontrolconfig_control_panel(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_route53recoverycontrolconfig_routing_control(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_route53recoverycontrolconfig_safety_rule(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_route53_recovery_readiness.py: -------------------------------------------------------------------------------- 1 | def aws_route53recoveryreadiness_cell(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_route53recoveryreadiness_readiness_check(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_route53recoveryreadiness_recovery_group(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_route53recoveryreadiness_resource_set(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_route53domains.py: -------------------------------------------------------------------------------- 1 | def aws_route53domains_registered_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_route53resolver.py: -------------------------------------------------------------------------------- 1 | def aws_rbin_rule(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_rum.py: -------------------------------------------------------------------------------- 1 | def aws_rum_app_monitor(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_rum_metrics_destination(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_s3control.py: -------------------------------------------------------------------------------- 1 | def aws_s3_access_point(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | 6 | def aws_s3control_access_grant(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | return skip,t1,flag1,flag2 9 | 10 | def aws_s3control_access_grants_instance(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | return skip,t1,flag1,flag2 13 | 14 | def aws_s3control_access_grants_instance_resource_policy(t1,tt1,tt2,flag1,flag2): 15 | skip=0 16 | return skip,t1,flag1,flag2 17 | 18 | def aws_s3control_access_grants_location(t1,tt1,tt2,flag1,flag2): 19 | skip=0 20 | return skip,t1,flag1,flag2 21 | 22 | def aws_s3control_access_point_policy(t1,tt1,tt2,flag1,flag2): 23 | skip=0 24 | return skip,t1,flag1,flag2 25 | 26 | def aws_s3control_bucket(t1,tt1,tt2,flag1,flag2): 27 | skip=0 28 | return skip,t1,flag1,flag2 29 | 30 | def aws_s3control_bucket_lifecycle_configuration(t1,tt1,tt2,flag1,flag2): 31 | skip=0 32 | return skip,t1,flag1,flag2 33 | 34 | def aws_s3control_bucket_policy(t1,tt1,tt2,flag1,flag2): 35 | skip=0 36 | return skip,t1,flag1,flag2 37 | 38 | def aws_s3control_multi_region_access_point(t1,tt1,tt2,flag1,flag2): 39 | skip=0 40 | return skip,t1,flag1,flag2 41 | 42 | def aws_s3control_multi_region_access_point_policy(t1,tt1,tt2,flag1,flag2): 43 | skip=0 44 | return skip,t1,flag1,flag2 45 | 46 | def aws_s3control_object_lambda_access_point(t1,tt1,tt2,flag1,flag2): 47 | skip=0 48 | return skip,t1,flag1,flag2 49 | 50 | def aws_s3control_object_lambda_access_point_policy(t1,tt1,tt2,flag1,flag2): 51 | skip=0 52 | return skip,t1,flag1,flag2 53 | 54 | def aws_s3control_storage_lens_configuration(t1,tt1,tt2,flag1,flag2): 55 | skip=0 56 | return skip,t1,flag1,flag2 57 | 58 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_s3outposts.py: -------------------------------------------------------------------------------- 1 | def aws_s3outposts_endpoint(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_s3tables.py: -------------------------------------------------------------------------------- 1 | def aws_s3tables_table_bucket(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_s3tables_table(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | #if tt1=="namespace" and tt2 !="null": 8 | # t1=tt1+" = aws_s3tables_namespace."+tt2+".id\n" 9 | if tt1=="table_bucket_arn" and tt2 !="null": 10 | barn=tt2.replace("/","_").replace(".","_").replace(":","_").replace("|","_").replace("$","_").replace(",","_").replace("&","_").replace("#","_").replace("[","_").replace("]","_").replace("=","_").replace("!","_").replace(";","_") 11 | t1=tt1+" = aws_s3tables_table_bucket."+barn+".arn\n" 12 | 13 | 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_s3tables_namespace(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | if tt1=="table_bucket_arn" and tt2 !="null": 19 | barn=tt2.replace("/","_").replace(".","_").replace(":","_").replace("|","_").replace("$","_").replace(",","_").replace("&","_").replace("#","_").replace("[","_").replace("]","_").replace("=","_").replace("!","_").replace(";","_") 20 | t1=tt1+" = aws_s3tables_table_bucket."+barn+".arn\n" 21 | return skip,t1,flag1,flag2 -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_scheduler.py: -------------------------------------------------------------------------------- 1 | def aws_scheduler_schedule(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | if tt1=="maximum_window_in_minutes" and tt2=="0": skip=1 4 | return skip,t1,flag1,flag2 5 | 6 | def aws_scheduler_schedule_group(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | return skip,t1,flag1,flag2 9 | 10 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_schemas.py: -------------------------------------------------------------------------------- 1 | def aws_schemas_discoverer(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_schemas_registry(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_schemas_registry_policy(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_schemas_schema(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_secretsmanager.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def aws_secretsmanager_random_password(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | return skip,t1,flag1,flag2 9 | 10 | def aws_secretsmanager_secret_policy(t1,tt1,tt2,flag1,flag2): 11 | skip=0 12 | return skip,t1,flag1,flag2 13 | 14 | def aws_secretsmanager_secret_rotation(t1,tt1,tt2,flag1,flag2): 15 | skip=0 16 | if tt1=="rotate_immediately" and tt2=="null": 17 | t1=tt1+" = true\n" + " lifecycle {\n ignore_changes = [rotate_immediately]\n}\n" 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_secretsmanager_secret_version(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | ## need to get binary and string values 23 | try: 24 | if t1.startswith("resource"): 25 | vid=t1.split("_")[-1] 26 | vid=vid.replace("\"","").replace("{","").replace(" ","").replace("\n","") 27 | globals.secvid=vid 28 | elif tt1 == "secret_id": 29 | globals.secid=tt2 30 | elif tt1 == "secret_string": 31 | if "null" in tt2: 32 | client = boto3.client('secretsmanager') 33 | response = client.get_secret_value(SecretId=globals.secid,VersionId=globals.secvid) 34 | sv=response['SecretString'] 35 | if '""""' in sv: 36 | sv=sv.replace('""""', '""') 37 | t1 = tt1 + " = jsonencode("+sv+")\n" 38 | if tt1 == "secret_binary": 39 | t1="\n lifecycle {\n ignore_changes = [secret_binary,secret_string]\n}\n" 40 | 41 | except Exception as e: 42 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 43 | 44 | return skip,t1,flag1,flag2 45 | 46 | def aws_secretsmanager_secret(t1,tt1,tt2,flag1,flag2): 47 | skip=0 48 | if tt1 == "recovery_window_in_days": 49 | 50 | if tt2 == "null": 51 | t1 = tt1 + "= 30\n lifecycle {\n ignore_changes = [recovery_window_in_days,force_overwrite_replica_secret]\n}\n" 52 | 53 | elif tt1 == "force_overwrite_replica_secret": 54 | if tt2 == "null": 55 | t1 = tt1 + "= false\n" 56 | 57 | 58 | return skip,t1,flag1,flag2 59 | 60 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_securityhub.py: -------------------------------------------------------------------------------- 1 | def aws_securityhub_account(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_securityhub_action_target(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_securityhub_finding_aggregator(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_securityhub_insight(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_securityhub_invite_accepter(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_securityhub_member(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_securityhub_organization_admin_account(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_securityhub_organization_configuration(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_securityhub_product_subscription(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_securityhub_standards_control(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_securityhub_standards_subscription(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_securitylake.py: -------------------------------------------------------------------------------- 1 | def aws_securitylake_data_lake(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_serverlessrepo.py: -------------------------------------------------------------------------------- 1 | def aws_serverlessapplicationrepository_application(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_serverlessapplicationrepository_cloudformation_stack(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_servicediscovery.py: -------------------------------------------------------------------------------- 1 | import common 2 | 3 | def aws_service_discovery_http_namespace(t1,tt1,tt2,flag1,flag2): 4 | skip=0 5 | return skip,t1,flag1,flag2 6 | 7 | def aws_service_discovery_instance(t1,tt1,tt2,flag1,flag2): 8 | skip=0 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_service_discovery_private_dns_namespace(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_service_discovery_public_dns_namespace(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_service_discovery_service(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | if tt1=="type" and tt2=="DNS_HTTP": skip=1 22 | elif tt1=="namespace_id": 23 | if tt2.startswith("ns-"): 24 | t1=tt1+" = aws_service_discovery_private_dns_namespace."+tt2+".id\n" 25 | common.add_dependancy("aws_service_discovery_private_dns_namespace",tt2) 26 | 27 | return skip,t1,flag1,flag2 28 | 29 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_servicequotas.py: -------------------------------------------------------------------------------- 1 | def aws_servicequotas_service(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_servicequotas_service_quota(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_servicequotas_template(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_servicequotas_template_association(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_servicequotas_templates(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ses.py: -------------------------------------------------------------------------------- 1 | def aws_ses_active_receipt_rule_set(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ses_configuration_set(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ses_domain_dkim(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ses_domain_identity(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_ses_domain_identity_verification(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_ses_domain_mail_from(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_ses_email_identity(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_ses_event_destination(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_ses_identity_notification_topic(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_ses_identity_policy(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_ses_receipt_filter(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_ses_receipt_rule(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_ses_receipt_rule_set(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_ses_template(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_sesv2.py: -------------------------------------------------------------------------------- 1 | def aws_sesv2_account_vdm_attributes(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_sesv2_configuration_set(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_sesv2_configuration_set_event_destination(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_sesv2_contact_list(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_sesv2_dedicated_ip_assignment(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_sesv2_dedicated_ip_pool(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_sesv2_email_identity(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_sesv2_email_identity_feedback_attributes(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_sesv2_email_identity_mail_from_attributes(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_shield.py: -------------------------------------------------------------------------------- 1 | def aws_shield_application_layer_automatic_response(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_shield_drt_access_log_bucket_association(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_shield_drt_access_role_arn_association(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_shield_protection(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_shield_protection_group(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_shield_protection_health_check_association(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_signer.py: -------------------------------------------------------------------------------- 1 | def aws_signer_signing_job(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_signer_signing_profile(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_signer_signing_profile_permission(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_simpledb.py: -------------------------------------------------------------------------------- 1 | def aws_simpledb_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_sns.py: -------------------------------------------------------------------------------- 1 | import common 2 | 3 | def aws_sns_platform_application(t1,tt1,tt2,flag1,flag2): 4 | skip=0 5 | return skip,t1,flag1,flag2 6 | 7 | def aws_sns_sms_preferences(t1,tt1,tt2,flag1,flag2): 8 | skip=0 9 | return skip,t1,flag1,flag2 10 | 11 | def aws_sns_topic(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | if tt1 == "signature_version": 14 | if tt2 == "0": skip=1 15 | 16 | return skip,t1,flag1,flag2 17 | 18 | 19 | def aws_sns_topic_data_protection_policy(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_sns_topic_policy(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | return skip,t1,flag1,flag2 26 | 27 | def aws_sns_topic_subscription(t1,tt1,tt2,flag1,flag2): 28 | skip=0 29 | if tt1=="topic_arn": 30 | #tn=tt2.replace(":","_") 31 | #t1=tt1 + " = aws_sns_topic." + tn + ".arn\n" 32 | t1=t1+"\n lifecycle {\n ignore_changes = [confirmation_timeout_in_minutes,endpoint_auto_confirms]\n}\n" 33 | common.add_dependancy("aws_sns_topic",tt2) 34 | 35 | 36 | return skip,t1,flag1,flag2 37 | 38 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_sqs.py: -------------------------------------------------------------------------------- 1 | def aws_sqs_queue(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_sqs_queue_policy(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_sqs_queue_redrive_allow_policy(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_sqs_queue_redrive_policy(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_sqs_queues(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ssm_contacts.py: -------------------------------------------------------------------------------- 1 | def aws_ssmcontacts_contact(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ssmcontacts_contact_channel(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ssmcontacts_plan(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_ssm_incidents.py: -------------------------------------------------------------------------------- 1 | def aws_ssmincidents_replication_set(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ssmincidents_response_plan(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_sso_admin.py: -------------------------------------------------------------------------------- 1 | def aws_ssoadmin_account_assignment(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_ssoadmin_application(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_ssoadmin_application_assignment(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_ssoadmin_application_assignment_configuration(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_ssoadmin_application_assignments(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_ssoadmin_application_providers(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_ssoadmin_customer_managed_policy_attachment(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_ssoadmin_instance_access_control_attributes(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_ssoadmin_instances(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_ssoadmin_managed_policy_attachment(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_ssoadmin_permission_set(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_ssoadmin_permission_set_inline_policy(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | def aws_ssoadmin_permissions_boundary_attachment(t1,tt1,tt2,flag1,flag2): 50 | skip=0 51 | return skip,t1,flag1,flag2 52 | 53 | def aws_ssoadmin_principal_application_assignments(t1,tt1,tt2,flag1,flag2): 54 | skip=0 55 | return skip,t1,flag1,flag2 56 | 57 | def aws_ssoadmin_trusted_token_issuer(t1,tt1,tt2,flag1,flag2): 58 | skip=0 59 | return skip,t1,flag1,flag2 60 | 61 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_stepfunctions.py: -------------------------------------------------------------------------------- 1 | def aws_sfn_activity(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_sfn_alias(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_sfn_state_machine(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | if tt1=="definition": 12 | t1="\n lifecycle {\n ignore_changes = [definition]\n}\n" + t1 13 | if tt1=="kms_data_key_reuse_period_seconds" and tt2=="0": skip=1 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_sfn_state_machine_versions(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_storagegateway.py: -------------------------------------------------------------------------------- 1 | def aws_storagegateway_cache(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_storagegateway_cached_iscsi_volume(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_storagegateway_file_system_association(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_storagegateway_gateway(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_storagegateway_local_disk(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_storagegateway_nfs_file_share(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_storagegateway_smb_file_share(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_storagegateway_stored_iscsi_volume(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_storagegateway_tape_pool(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_storagegateway_upload_buffer(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_storagegateway_working_storage(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_sts.py: -------------------------------------------------------------------------------- 1 | def aws_caller_identity(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_canonical_user_id(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_partition(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_swf.py: -------------------------------------------------------------------------------- 1 | def aws_swf_domain(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_synthetics.py: -------------------------------------------------------------------------------- 1 | def aws_synthetics_canary(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_synthetics_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_synthetics_group_association(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_timestreamwrite.py: -------------------------------------------------------------------------------- 1 | def aws_timestreamwrite_database(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_timestreamwrite_table(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_transcribe.py: -------------------------------------------------------------------------------- 1 | def aws_transcribe_language_model(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_transcribe_medical_vocabulary(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_transcribe_vocabulary(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_transcribe_vocabulary_filter(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_transfer.py: -------------------------------------------------------------------------------- 1 | def aws_transfer_access(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_transfer_agreement(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_transfer_certificate(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_transfer_connector(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_transfer_profile(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_transfer_server(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_transfer_ssh_key(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_transfer_tag(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_transfer_user(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_transfer_workflow(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_waf.py: -------------------------------------------------------------------------------- 1 | def aws_waf_byte_match_set(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_waf_geo_match_set(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_waf_ipset(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_waf_rate_based_rule(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_waf_regex_match_set(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | return skip,t1,flag1,flag2 20 | 21 | def aws_waf_regex_pattern_set(t1,tt1,tt2,flag1,flag2): 22 | skip=0 23 | return skip,t1,flag1,flag2 24 | 25 | def aws_waf_rule(t1,tt1,tt2,flag1,flag2): 26 | skip=0 27 | return skip,t1,flag1,flag2 28 | 29 | def aws_waf_rule_group(t1,tt1,tt2,flag1,flag2): 30 | skip=0 31 | return skip,t1,flag1,flag2 32 | 33 | def aws_waf_size_constraint_set(t1,tt1,tt2,flag1,flag2): 34 | skip=0 35 | return skip,t1,flag1,flag2 36 | 37 | def aws_waf_sql_injection_match_set(t1,tt1,tt2,flag1,flag2): 38 | skip=0 39 | return skip,t1,flag1,flag2 40 | 41 | def aws_waf_web_acl(t1,tt1,tt2,flag1,flag2): 42 | skip=0 43 | return skip,t1,flag1,flag2 44 | 45 | def aws_waf_xss_match_set(t1,tt1,tt2,flag1,flag2): 46 | skip=0 47 | return skip,t1,flag1,flag2 48 | 49 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_waf_regional.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | 4 | def aws_wafregional_byte_match_set(t1,tt1,tt2,flag1,flag2): 5 | skip=0 6 | return skip,t1,flag1,flag2 7 | 8 | def aws_wafregional_geo_match_set(t1,tt1,tt2,flag1,flag2): 9 | skip=0 10 | return skip,t1,flag1,flag2 11 | 12 | def aws_wafregional_ipset(t1,tt1,tt2,flag1,flag2): 13 | skip=0 14 | return skip,t1,flag1,flag2 15 | 16 | def aws_wafregional_rate_based_rule(t1,tt1,tt2,flag1,flag2): 17 | skip=0 18 | return skip,t1,flag1,flag2 19 | 20 | def aws_wafregional_regex_match_set(t1,tt1,tt2,flag1,flag2): 21 | skip=0 22 | return skip,t1,flag1,flag2 23 | 24 | def aws_wafregional_regex_pattern_set(t1,tt1,tt2,flag1,flag2): 25 | skip=0 26 | return skip,t1,flag1,flag2 27 | 28 | def aws_wafregional_rule(t1,tt1,tt2,flag1,flag2): 29 | skip=0 30 | return skip,t1,flag1,flag2 31 | 32 | def aws_wafregional_rule_group(t1,tt1,tt2,flag1,flag2): 33 | skip=0 34 | return skip,t1,flag1,flag2 35 | 36 | def aws_wafregional_size_constraint_set(t1,tt1,tt2,flag1,flag2): 37 | skip=0 38 | return skip,t1,flag1,flag2 39 | 40 | def aws_wafregional_sql_injection_match_set(t1,tt1,tt2,flag1,flag2): 41 | skip=0 42 | return skip,t1,flag1,flag2 43 | 44 | def aws_wafregional_web_acl(t1,tt1,tt2,flag1,flag2): 45 | skip=0 46 | return skip,t1,flag1,flag2 47 | 48 | def aws_wafregional_web_acl_association(t1,tt1,tt2,flag1,flag2): 49 | skip=0 50 | return skip,t1,flag1,flag2 51 | 52 | def aws_wafregional_xss_match_set(t1,tt1,tt2,flag1,flag2): 53 | skip=0 54 | return skip,t1,flag1,flag2 55 | 56 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_wafv2.py: -------------------------------------------------------------------------------- 1 | import common 2 | import fixtf 3 | import base64 4 | import boto3 5 | import sys 6 | import os 7 | import globals 8 | import inspect 9 | import json 10 | 11 | def aws_proxy_protocol_policy(t1,tt1,tt2,flag1,flag2): 12 | skip=0 13 | return skip,t1,flag1,flag2 14 | 15 | def aws_wafv2_ip_set(t1,tt1,tt2,flag1,flag2): 16 | skip=0 17 | return skip,t1,flag1,flag2 18 | 19 | def aws_wafv2_regex_pattern_set(t1,tt1,tt2,flag1,flag2): 20 | skip=0 21 | return skip,t1,flag1,flag2 22 | 23 | def aws_wafv2_rule_group(t1,tt1,tt2,flag1,flag2): 24 | skip=0 25 | return skip,t1,flag1,flag2 26 | 27 | def aws_wafv2_web_acl(t1,tt1,tt2,flag1,flag2): 28 | skip=0 29 | if "resource" in t1 and "{" in t1 and "aws_wafv2_web_acl" in t1: 30 | wid=t1.split('"')[3] 31 | aclid=wid.split("_")[0].split("w-")[1] 32 | aclnm=wid.split("_")[1] 33 | aclsc=wid.split("_")[2] 34 | #print("web acl:",aclid,aclnm,aclsc) 35 | globals.waf2id=aclid 36 | globals.waf2nm=aclnm 37 | globals.waf2sc=aclsc 38 | #t1=t1+"\n lifecycle {\n ignore_changes = [rule]\n}\n" 39 | 40 | if tt1=="rule_json" and tt2=="null": 41 | # call get_web_acl 42 | try: 43 | client=boto3.client("wafv2") 44 | response = client.get_web_acl(Id=globals.waf2id,Name=globals.waf2nm,Scope=globals.waf2sc) 45 | rules=response['WebACL']['Rules'] 46 | if rules != []: 47 | fn='w-'+globals.waf2id+'_'+globals.waf2nm+'_'+globals.waf2sc+'.webacl' 48 | if os.path.exists(fn):os.remove(fn) 49 | with open(fn, 'w') as f: json.dump(rules, f, indent=2, default=str) 50 | t1 = tt1 + ' = file("'+fn+'")\n' 51 | t1=t1+"\n lifecycle {\n ignore_changes = [rule_json,rule]\n}\n" 52 | else: 53 | print("empty rule",globals.waf2nm,globals.waf2sc,globals.waf2id) 54 | except Exception as e: 55 | print("Error in get_web_acl",e) 56 | os._exit(1) 57 | 58 | 59 | return skip,t1,flag1,flag2 60 | 61 | def aws_wafv2_web_acl_association(t1,tt1,tt2,flag1,flag2): 62 | skip=0 63 | return skip,t1,flag1,flag2 64 | 65 | def aws_wafv2_web_acl_logging_configuration(t1,tt1,tt2,flag1,flag2): 66 | skip=0 67 | return skip,t1,flag1,flag2 68 | 69 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_worklink.py: -------------------------------------------------------------------------------- 1 | def aws_worklink_fleet(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_worklink_website_certificate_authority_association(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_workspaces.py: -------------------------------------------------------------------------------- 1 | import common 2 | def aws_workspaces_connection_alias(t1,tt1,tt2,flag1,flag2): 3 | skip=0 4 | return skip,t1,flag1,flag2 5 | 6 | def aws_workspaces_directory(t1,tt1,tt2,flag1,flag2): 7 | skip=0 8 | if tt1=="directory_id": 9 | t1=tt1+" = aws_directory_service_directory."+tt2+".id\n" 10 | common.add_dependancy("aws_directory_service_directory",tt2) 11 | return skip,t1,flag1,flag2 12 | 13 | def aws_workspaces_ip_group(t1,tt1,tt2,flag1,flag2): 14 | skip=0 15 | return skip,t1,flag1,flag2 16 | 17 | def aws_workspaces_workspace(t1,tt1,tt2,flag1,flag2): 18 | skip=0 19 | if tt1=="directory_id": 20 | t1=tt1+" = aws_workspaces_directory."+tt2+".id\n" 21 | common.add_dependancy("aws_workspaces_directory",tt2) 22 | return skip,t1,flag1,flag2 23 | 24 | -------------------------------------------------------------------------------- /code/fixtf_aws_resources/fixtf_xray.py: -------------------------------------------------------------------------------- 1 | def aws_xray_encryption_config(t1,tt1,tt2,flag1,flag2): 2 | skip=0 3 | return skip,t1,flag1,flag2 4 | 5 | def aws_xray_group(t1,tt1,tt2,flag1,flag2): 6 | skip=0 7 | return skip,t1,flag1,flag2 8 | 9 | def aws_xray_sampling_rule(t1,tt1,tt2,flag1,flag2): 10 | skip=0 11 | return skip,t1,flag1,flag2 12 | 13 | -------------------------------------------------------------------------------- /code/get_aws_resources/STUB.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | from botocore.config import Config 4 | import globals 5 | import inspect 6 | 7 | def get_aws_stub(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | try: 12 | response = [] 13 | config = Config(retries = {'max_attempts': 10,'mode': 'standard'}) 14 | client = boto3.client(clfn,config=config) 15 | if id is None: 16 | paginator = client.get_paginator(descfn) 17 | for page in paginator.paginate(): 18 | response = response + page[topkey] 19 | if response == []: 20 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 21 | return True 22 | for j in response: 23 | common.write_import(type,j[key],None) 24 | 25 | else: 26 | response = client.describe_stream(StreamName=id) 27 | if response == []: 28 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 29 | return True 30 | j=response 31 | common.write_import(type,j[key],None) 32 | 33 | except Exception as e: 34 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 35 | 36 | return True 37 | 38 | 39 | -------------------------------------------------------------------------------- /code/get_aws_resources/aws_acm.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_acm_certificate(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | if j['Status']=="ISSUED": 22 | common.write_import(type,j[key],None) 23 | else: 24 | print("Skipping ACM Certificate "+str(j[key])+" as status is "+str(j['Status'])) 25 | 26 | elif id.startswith("arn:"): 27 | response = client.describe_certificate(CertificateArn=id) 28 | if response == []: 29 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 30 | return True 31 | j=response['Certificate'] 32 | if j['Status']=="ISSUED": 33 | common.write_import(type,id,None) 34 | 35 | else: 36 | print("Unhandled id type for "+type+" id="+str(id)) 37 | 38 | except Exception as e: 39 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 40 | 41 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_appstream.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_appstream_user(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(AuthenticationType='USERPOOL'): 16 | response = response + page[topkey] 17 | if response == []: 18 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | theid=j[key]+"/"+"USERPOOL" 22 | pkey=theid.replace("@","_") 23 | common.write_import(type,theid,pkey) 24 | 25 | else: 26 | response = client.describe_users(AuthenticationType=id) 27 | if response == []: 28 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 29 | return True 30 | j=response 31 | theid=j[key]+"/"+"USERPOOL" 32 | pkey=theid.replace("@","_") 33 | common.write_import(type,theid,pkey) 34 | 35 | except Exception as e: 36 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 37 | 38 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_autoscaling.py: -------------------------------------------------------------------------------- 1 | 2 | import common 3 | import boto3 4 | import globals 5 | import inspect 6 | 7 | def get_aws_autoscaling_group(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | 12 | try: 13 | 14 | response = [] 15 | client = boto3.client(clfn) 16 | if id is None: 17 | paginator = client.get_paginator(descfn) 18 | for page in paginator.paginate(): 19 | response = response + page[topkey] 20 | if response == []: 21 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 22 | return True 23 | for j in response: 24 | common.write_import(type,j[key],None) 25 | 26 | else: 27 | if id.startswith("arn:aws:autoscaling:"): 28 | qid = id.split("/")[-1] 29 | else: 30 | qid = id 31 | pkey=type+"."+id 32 | if globals.debug: print("Looking for "+pkey) 33 | response = client.describe_auto_scaling_groups(AutoScalingGroupNames=[qid]) 34 | if response == []: 35 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 36 | globals.rproc[pkey] = True 37 | return True 38 | for j in response[topkey]: 39 | common.write_import(type,j[key],None) 40 | globals.rproc[pkey] = True 41 | 42 | except Exception as e: 43 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 44 | 45 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_batch.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_batch_scheduling_policy(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | 14 | response = client.list_scheduling_policies() 15 | if response == []: 16 | print("Empty response for "+type+ " id="+str(id)+" returning") 17 | return True 18 | for j in response['schedulingPolicies']: 19 | #print(str(j['arn'])) 20 | common.write_import(type,j['arn'],None) 21 | 22 | except Exception as e: 23 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 24 | 25 | return True 26 | 27 | def get_aws_batch_job_definition(type, id, clfn, descfn, topkey, key, filterid): 28 | if globals.debug: 29 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 30 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 31 | try: 32 | response = [] 33 | client = boto3.client(clfn) 34 | 35 | response = client.describe_job_definitions() 36 | if response == []: 37 | print("Empty response for "+type+ " id="+str(id)+" returning") 38 | return True 39 | for j in response[topkey]: 40 | if j['status']!="INACTIVE": 41 | common.write_import(type,j[key],None) 42 | 43 | except Exception as e: 44 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 45 | 46 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_cleanrooms.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_cleanrooms_collaboration(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | common.write_import(type,j[key],"c-"+j[key]) 22 | 23 | else: 24 | response = client.get_collaboration(collaborationIdentifier=id) 25 | if response['response'] == []: 26 | print("Empty response for "+type+ " id="+str(id)+" returning") 27 | return True 28 | j=response['collaboration'] 29 | common.write_import(type,j[key],"c-"+j[key]) 30 | 31 | except Exception as e: 32 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 33 | 34 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_cloudformation.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_cloudformation_stack(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(StackStatusFilter=['CREATE_COMPLETE']): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | common.write_import(type,j[key],None) 22 | 23 | else: 24 | response = client.describe_stacks(StackName=id) 25 | if response['Stacks'] == []: 26 | print("Empty response for "+type+ " id="+str(id)+" returning") 27 | return True 28 | for j in response['Stacks']: 29 | #print(j) 30 | stat=j['StackStatus'] 31 | if stat == "CREATE_COMPLETE": 32 | common.write_import(type,j[key],None) 33 | else: 34 | print("Stack "+id+" status is "+stat+" so skipping") 35 | 36 | except Exception as e: 37 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 38 | 39 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_cloudtrail.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_cloudtrail(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | if j['HomeRegion']==globals.region: 22 | common.write_import(type,j[key],None) 23 | 24 | else: 25 | response = client.get_trail(Name=id) 26 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning") 27 | return True 28 | j=response['Trail'] 29 | if j['HomeRegion']==globals.region: 30 | common.write_import(type,j[key],None) 31 | 32 | except Exception as e: 33 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 34 | 35 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_codeartifact.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_codeartifact_domain(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | common.write_import(type,j[key],j['name']) 22 | pkey="aws_codeartifact_domain."+j['name'] 23 | globals.rproc[pkey]=True 24 | 25 | else: 26 | response = client.describe_domain(domain=id) 27 | if response == []: 28 | print("Empty response for "+type+ " id="+str(id)+" returning") 29 | return True 30 | j=response['domain'] 31 | common.write_import(type,j[key],j['name']) 32 | pkey="aws_codeartifact_domain."+j['name'] 33 | globals.rproc[pkey]=True 34 | 35 | except Exception as e: 36 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 37 | 38 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_codebuild.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_codebuild_project(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | paginator = client.get_paginator(descfn) 14 | for page in paginator.paginate(): 15 | response = response + page[topkey] 16 | if response == []: 17 | print("Empty response for "+type+ " id="+str(id)+" returning") 18 | return True 19 | for j in response: 20 | if id is None: 21 | common.write_import(type,j,None) 22 | elif j==id: 23 | common.write_import(type,j,None) 24 | 25 | except Exception as e: 26 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 27 | 28 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_codecommit.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | 7 | def get_aws_codecommit_repository(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | try: 12 | response = [] 13 | client = boto3.client(clfn) 14 | 15 | paginator = client.get_paginator(descfn) 16 | for page in paginator.paginate(): 17 | response = response + page[topkey] 18 | if response == []: 19 | if globals.debug: print("Empty response for "+type + " id="+str(id)+" returning") 20 | return True 21 | for j in response: 22 | #print(str(id)) 23 | if id is None: 24 | common.write_import(type, j[key], None) 25 | elif "-" in id: 26 | if id == j['repositoryId']: 27 | common.write_import(type, j[key], None) 28 | else: 29 | if id == j['repositoryName']: 30 | common.write_import(type, j[key], None) 31 | 32 | except Exception as e: 33 | common.handle_error( 34 | e, str(inspect.currentframe().f_code.co_name), clfn, descfn, topkey, id) 35 | 36 | return True 37 | -------------------------------------------------------------------------------- /code/get_aws_resources/aws_codeguruprofiler.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_codeguruprofiler_profiling_group(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | response = client.list_profiling_groups(includeDescription=False) 15 | response=response[topkey] 16 | #print(str(response)) 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | common.write_import(type,j,None) 22 | 23 | else: 24 | response = client.describe_profiling_group(profilingGroupName=id) 25 | if response == []: 26 | print("Empty response for "+type+ " id="+str(id)+" returning") 27 | return True 28 | j=response 29 | common.write_import(type,j['profilingGroup']['name'],None) 30 | 31 | except Exception as e: 32 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 33 | 34 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_codestar_notifications.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_codestarnotifications_notification_rule(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | paginator = client.get_paginator(descfn) 14 | for page in paginator.paginate(): 15 | response = response + page[topkey] 16 | 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | if id is None: 22 | common.write_import(type,j[key],None) 23 | elif id.startswith("arn:"): 24 | if j[key] == id: 25 | common.write_import(type, j[key], None) 26 | else: 27 | print("WARNING must pass ARN as id for aws_codestarnotifications_notification_rule") 28 | return True 29 | 30 | except Exception as e: 31 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 32 | 33 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_config.py: -------------------------------------------------------------------------------- 1 | import common 2 | import globals 3 | import inspect 4 | 5 | # "$AWS configservice describe-config-rules --config-rule-names $1" 6 | def get_aws_config_config_rule(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In get_aws_config_config_rule doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = common.call_boto3(type,clfn, descfn, topkey, key, id) 12 | #print("-9a->"+str(response)) 13 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 14 | 15 | if id is None: 16 | for j in response: 17 | retid = j[key] 18 | theid = retid 19 | common.write_import(type, theid, id) 20 | else: 21 | for j in response: 22 | retid = j[key] 23 | if id == retid: 24 | theid = retid 25 | common.write_import(type, theid, id) 26 | 27 | 28 | except Exception as e: 29 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 30 | 31 | return True 32 | 33 | 34 | def get_aws_config_aggregate_authorization(type, id, clfn, descfn, topkey, key, filterid): 35 | if globals.debug: 36 | print("--> In get_aws_config_config_rule doing " + type + ' with id ' + str(id) + 37 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 38 | try: 39 | response = common.call_boto3(type,clfn, descfn, topkey, key, id) 40 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 41 | 42 | if id is None: 43 | theid=globals.acc+":"+globals.region 44 | common.write_import(type, theid, id) 45 | 46 | 47 | 48 | except Exception as e: 49 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 50 | 51 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_customer_profiles.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_customerprofiles_domain(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | response = client.list_domains() 15 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 16 | for j in response[topkey]: 17 | common.write_import(type,j[key],None) 18 | 19 | else: 20 | response = client.get_domain(DomainmName=id) 21 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 22 | j=response 23 | common.write_import(type,id,None) 24 | 25 | except Exception as e: 26 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 27 | 28 | return True 29 | 30 | 31 | def get_aws_customerprofiles_profile(type, id, clfn, descfn, topkey, key, filterid): 32 | if globals.debug: 33 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 34 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 35 | try: 36 | response = [] 37 | client = boto3.client(clfn) 38 | if id is None: 39 | paginator = client.get_paginator(descfn) 40 | for page in paginator.paginate(DomainmName=id): 41 | response = response + page[topkey] 42 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 43 | for j in response: 44 | common.write_import(type,j[key],None) 45 | 46 | except Exception as e: 47 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 48 | 49 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_dms.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_dms_replication_instance(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | paginator = client.get_paginator(descfn) 14 | for page in paginator.paginate(): 15 | response = response + page[topkey] 16 | 17 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 18 | for j in response: 19 | if id is None: 20 | common.write_import(type,j[key],None) 21 | else: 22 | if "arn:" in id: 23 | if j['ReplicationInstanceArn']==id: 24 | common.write_import(type,j[key],None) 25 | 26 | except Exception as e: 27 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 28 | 29 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_ds.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_directory_service_directory(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | paginator = client.get_paginator(descfn) 14 | if id is None: 15 | for page in paginator.paginate(): response = response + page[topkey] 16 | else: 17 | for page in paginator.paginate(DirectoryIds=[id]): response = response + page[topkey] 18 | 19 | if response == []: 20 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 21 | return True 22 | for j in response: 23 | common.write_import(type,j[key],None) 24 | if id is not None: 25 | pkey=type+"."+id 26 | globals.rproc[pkey] = True 27 | 28 | 29 | except Exception as e: 30 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 31 | 32 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_ecr_public.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | import botocore 6 | 7 | def get_aws_ecrpublic_repository(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | try: 12 | response = [] 13 | client = boto3.client(clfn) 14 | if id is None: 15 | paginator = client.get_paginator(descfn) 16 | for page in paginator.paginate(): 17 | response = response + page[topkey] 18 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 19 | for j in response: 20 | common.write_import(type,j[key],None) 21 | else: 22 | response = client.describe_repositories(repositoryNames=[id]) 23 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 24 | j=response['repositories'] 25 | if j[key]==id: 26 | common.write_import(type,j[key],None) 27 | 28 | except client.exceptions.RegistryPolicyNotFoundException: 29 | pass 30 | 31 | 32 | except Exception as e: 33 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 34 | 35 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_firehose.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_kinesis_firehose_delivery_stream(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | response = client.list_delivery_streams() 15 | if response[topkey] == []: 16 | print("Empty response for "+type+ " id="+str(id)+" returning"); return True 17 | for j in response[topkey]: 18 | # have the name - not must get the arn 19 | response = client.describe_delivery_stream(DeliveryStreamName=j) 20 | k=response['DeliveryStreamDescription'] 21 | common.write_import(type,k[key],None) 22 | pkey=type+"."+j 23 | globals.rproc[pkey]=True 24 | 25 | else: 26 | response = client.describe_delivery_stream(DeliveryStreamName=id) 27 | if response == []: 28 | print("Empty response for "+type+ " id="+str(id)+" returning") 29 | pkey=type+"."+id 30 | globals.rproc[pkey]=True 31 | return True 32 | j=response['DeliveryStreamDescription'] 33 | common.write_import(type,j[key],None) 34 | pkey=type+"."+id 35 | globals.rproc[pkey]=True 36 | 37 | 38 | except Exception as e: 39 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 40 | 41 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_guardduty.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_guardduty_detector(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 18 | #print(str(response)) 19 | for j in response: 20 | common.write_import(type,j,"d-"+j) 21 | 22 | else: 23 | response = client.get_detector(DetectorId=id) 24 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 25 | common.write_import(type,id,"d-"+id) 26 | 27 | except Exception as e: 28 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 29 | 30 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_kinesis.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | 7 | def get_aws_kinesis_stream(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In get_aws_kinesis_stream doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | 12 | try: 13 | 14 | response = [] 15 | client = boto3.client(clfn) 16 | if id is None: 17 | paginator = client.get_paginator(descfn) 18 | for page in paginator.paginate(): 19 | response = response + page[topkey] 20 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 21 | for j in response: 22 | common.write_import(type,j[key],None) 23 | 24 | else: 25 | response = client.describe_stream(StreamName=id) 26 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 27 | j=response['StreamDescription'] 28 | common.write_import(type,j[key],None) 29 | 30 | 31 | except Exception as e: 32 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 33 | 34 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_lakeformation.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_lakeformation_lf_tag(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | catid=j['CatalogId'] 22 | pkey=catid+":"+j[key] 23 | common.write_import(type,pkey,None) 24 | 25 | else: 26 | response = client.get_lf_tag(TagKey=id) 27 | if response == []: 28 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 29 | return True 30 | j=response 31 | catid=j['CatalogId'] 32 | pkey=catid+":"+j[key] 33 | common.write_import(type,pkey,None) 34 | 35 | except Exception as e: 36 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 37 | 38 | return True 39 | -------------------------------------------------------------------------------- /code/get_aws_resources/aws_lexv2_models.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_lexv2models_bot(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 18 | for j in response: 19 | common.write_import(type,j[key],"r-"+j[key]) 20 | 21 | else: 22 | response = client.describe_bot(botId=id) 23 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 24 | j=response 25 | common.write_import(type,j[key],"r-"+j[key]) 26 | 27 | except Exception as e: 28 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 29 | 30 | return True 31 | 32 | -------------------------------------------------------------------------------- /code/get_aws_resources/aws_license_manager.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_licensemanager_license_configuration(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 18 | for j in response: 19 | common.write_import(type,j[key],None) 20 | 21 | else: 22 | if id.startswith("arn:"): 23 | response = client.list_license_configurations(LicenseConfigurationArns=[id]) 24 | else: 25 | print("Parameter must be an arn. Returning") 26 | return True 27 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 28 | for j in response[topkey]: 29 | common.write_import(type,j[key],None) 30 | 31 | except Exception as e: 32 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 33 | 34 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_mwaa.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | from botocore.config import Config 4 | import globals 5 | import inspect 6 | 7 | def get_aws_mwaa_environment(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | try: 12 | response = [] 13 | config = Config(retries = {'max_attempts': 10,'mode': 'standard'}) 14 | client = boto3.client(clfn,config=config) 15 | if id is None: 16 | paginator = client.get_paginator(descfn) 17 | for page in paginator.paginate(): 18 | response = response + page[topkey] 19 | if response == []: 20 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 21 | return True 22 | for j in response: 23 | common.write_import(type,j,None) 24 | 25 | else: 26 | response = client.get_environment(Name=id) 27 | if response == []: 28 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 29 | return True 30 | j=response['Environment'] 31 | common.write_import(type,j[key],None) 32 | 33 | except Exception as e: 34 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 35 | 36 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_pipes.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_pipes_pipe(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 18 | for j in response: 19 | common.write_import(type,j[key],None) 20 | 21 | else: 22 | response = client.describe_pipe(Name=id) 23 | if response == []: print("Empty response for "+type+ " id="+str(id)+" returning"); return True 24 | j=response 25 | common.write_import(type,j[key],None) 26 | 27 | except Exception as e: 28 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 29 | 30 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_redshift_serverless.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_redshiftserverless_workgroup(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | 21 | for j in response: 22 | if id is None: 23 | common.write_import(type,j[key],None) 24 | else: 25 | if j[key] == id: 26 | common.write_import(type,j[key],None) 27 | 28 | except Exception as e: 29 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 30 | 31 | return True 32 | 33 | def get_aws_redshiftserverless_namespace(type, id, clfn, descfn, topkey, key, filterid): 34 | if globals.debug: 35 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 36 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 37 | try: 38 | response = [] 39 | client = boto3.client(clfn) 40 | 41 | paginator = client.get_paginator(descfn) 42 | for page in paginator.paginate(): 43 | response = response + page[topkey] 44 | if response == []: 45 | print("Empty response for "+type+ " id="+str(id)+" returning") 46 | return True 47 | 48 | for j in response: 49 | if id is None: 50 | common.write_import(type,j[key],None) 51 | else: 52 | if j[key] == id: 53 | common.write_import(type,j[key],None) 54 | 55 | except Exception as e: 56 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 57 | 58 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_resource_explorer_2.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_resourceexplorer2_view(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | common.write_import(type,j,None) 22 | 23 | 24 | 25 | except Exception as e: 26 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 27 | 28 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_s3control.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_s3_access_point(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | #client = boto3.client(clfn) 13 | my_region=globals.region 14 | session = boto3.Session(region_name=my_region,profile_name=globals.profile) 15 | client = session.client(clfn) 16 | 17 | 18 | if id is None: 19 | try: 20 | response = client.list_access_points(AccountId=globals.acc) 21 | except Exception as e: 22 | print("Access Point 1 ClientError "+str(e)) 23 | return True 24 | 25 | for j in response[topkey]: 26 | pkey=globals.acc+":"+j[key] 27 | common.write_import(type,pkey,None) 28 | 29 | else: 30 | try: 31 | response = client.list_access_points(AccountId=globals.acc,Bucket=id) 32 | except Exception as e: 33 | print("Access Point 2 ClientError "+str(e)) 34 | pkey=type+"."+id 35 | globals.rproc[pkey]=True 36 | return True 37 | if response == []: 38 | print("Empty response for "+type+ " id="+str(id)+" returning") 39 | pkey=type+"."+id 40 | globals.rproc[pkey]=True 41 | return True 42 | for j in response[topkey]: 43 | pkey=globals.acc+":"+j[key] 44 | common.write_import(type,pkey,None) 45 | pkey=type+"."+id 46 | globals.rproc[pkey]=True 47 | 48 | 49 | except Exception as e: 50 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 51 | 52 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_schemas.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_schemas_registry(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | common.write_import(type,j[key],None) 22 | 23 | else: 24 | response = client.describe_registry(RegistryName=id) 25 | if response == []: 26 | print("Empty response for "+type+ " id="+str(id)+" returning") 27 | return True 28 | j=response 29 | common.write_import(type,j[key],None) 30 | 31 | except Exception as e: 32 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 33 | 34 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_securityhub.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_securityhub_account(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | try: 14 | client.list_members() 15 | except: 16 | print("No access to "+type+" returning") 17 | return True 18 | 19 | if id is None: 20 | common.write_import(type,globals.acc,"a-"+globals.acc) 21 | else: 22 | common.write_import(type,id,"a-"+id) 23 | 24 | 25 | 26 | except Exception as e: 27 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 28 | 29 | return True 30 | 31 | def get_aws_securityhub_organization_configuration(type, id, clfn, descfn, topkey, key, filterid): 32 | if globals.debug: 33 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 34 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 35 | try: 36 | response = [] 37 | client = boto3.client(clfn) 38 | 39 | try: 40 | response = client.describe_organization_configuration() 41 | except Exception as e: 42 | print("NO access returning") 43 | return True 44 | 45 | if response == []: 46 | print("Empty response for "+type+ " id="+str(id)+" returning") 47 | return True 48 | j=response 49 | common.write_import(type,j[key],None) 50 | 51 | 52 | except Exception as e: 53 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 54 | 55 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_ses.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_ses_active_receipt_rule_set(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | 14 | response=client.describe_active_receipt_rule_set() 15 | try: 16 | if response[topkey] == []: 17 | print("Empty response for "+type+ " id="+str(id)+" returning") 18 | return True 19 | except Exception as e: 20 | print("No ses rule sets returning "+type) 21 | return True 22 | 23 | for j in response[topkey]: 24 | common.write_import(type,j[key],None) 25 | 26 | 27 | 28 | except Exception as e: 29 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 30 | 31 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_shield.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_shield_protection_group(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: 14 | try: 15 | response = client.list_protection_groups() 16 | except Exception as e: 17 | print("No shield protection groups") 18 | return True 19 | if response == []: 20 | print("Empty response for "+type+ " id="+str(id)+" returning") 21 | return True 22 | for j in response: 23 | common.write_import(type,j[key],None) 24 | 25 | else: 26 | response = client.describe_protection_group(ProtectionGroupId=id) 27 | if response == []: 28 | print("Empty response for "+type+ " id="+str(id)+" returning") 29 | return True 30 | j=response['ProtectionGroup'] 31 | 32 | common.write_import(type,j[key],None) 33 | 34 | except Exception as e: 35 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 36 | 37 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_transfer.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | from botocore.config import Config 4 | import globals 5 | import inspect 6 | 7 | def get_aws_transfer_server(type, id, clfn, descfn, topkey, key, filterid): 8 | if globals.debug: 9 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 10 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 11 | try: 12 | response = [] 13 | config = Config ( 14 | retries = { 15 | 'max_attempts': 10, 16 | 'mode': 'standard' 17 | } 18 | ) 19 | client = boto3.client(clfn,config=config) 20 | if id is None: 21 | paginator = client.get_paginator(descfn) 22 | for page in paginator.paginate(): 23 | response = response + page[topkey] 24 | if response == []: 25 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 26 | return True 27 | for j in response: 28 | common.write_import(type,j[key],None) 29 | 30 | else: 31 | response = client.describe_server(ServerId=id) 32 | if response == []: 33 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 34 | return True 35 | j=response['Server'] 36 | common.write_import(type,j[key],None) 37 | 38 | except Exception as e: 39 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 40 | 41 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_waf.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_waf_web_acl(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | if id is None: # assume scope = cloudfront 14 | 15 | 16 | response = client.list_web_acls() 17 | 18 | if response == []: 19 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 20 | return True 21 | #print(str(response)) 22 | for j in response[topkey]: 23 | idd=j[key] 24 | pkey=idd 25 | common.write_import(type,pkey,"w-"+pkey.replace("/","_")) 26 | 27 | else: 28 | 29 | client = boto3.client(clfn) 30 | response = client.get_web_acl(WebACLId=id) 31 | if response == []: 32 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 33 | return True 34 | j=response['WebACL'] 35 | pkey=j[key] 36 | common.write_import(type,pkey,"w-"+pkey.replace("/","_")) 37 | 38 | except Exception as e: 39 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 40 | 41 | return True -------------------------------------------------------------------------------- /code/get_aws_resources/aws_xray.py: -------------------------------------------------------------------------------- 1 | import common 2 | import boto3 3 | import globals 4 | import inspect 5 | 6 | def get_aws_xray_sampling_rule(type, id, clfn, descfn, topkey, key, filterid): 7 | if globals.debug: 8 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 9 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 10 | try: 11 | response = [] 12 | client = boto3.client(clfn) 13 | 14 | paginator = client.get_paginator(descfn) 15 | for page in paginator.paginate(): 16 | response = response + page[topkey] 17 | if response == []: 18 | if globals.debug: print("Empty response for "+type+ " id="+str(id)+" returning") 19 | return True 20 | for j in response: 21 | theid=j['SamplingRule'][key] 22 | if theid != "Default": 23 | common.write_import(type,theid,None) 24 | 25 | 26 | 27 | except Exception as e: 28 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 29 | 30 | return True 31 | 32 | def get_aws_xray_encryption_config(type, id, clfn, descfn, topkey, key, filterid): 33 | if globals.debug: 34 | print("--> In "+str(inspect.currentframe().f_code.co_name)+" doing " + type + ' with id ' + str(id) + 35 | " clfn="+clfn+" descfn="+descfn+" topkey="+topkey+" key="+key+" filterid="+filterid) 36 | try: 37 | response = [] 38 | common.write_import(type,globals.region,None) 39 | 40 | 41 | 42 | except Exception as e: 43 | common.handle_error(e,str(inspect.currentframe().f_code.co_name),clfn,descfn,topkey,id) 44 | 45 | return True -------------------------------------------------------------------------------- /code/globals.py: -------------------------------------------------------------------------------- 1 | import sys,os 2 | 3 | tfver="5.98.0" 4 | esttime=120.0 5 | profile="default" 6 | merge=False 7 | fast=False 8 | apionly=False 9 | tracking_message="aws2tf: Starting, update messages every 20 seconds" 10 | cores=2 11 | cwd="" 12 | path1="" 13 | path2="" 14 | path3="" 15 | processed=[] 16 | dependancies=[] 17 | types=[] 18 | debug=False 19 | validate=False 20 | dnet=False 21 | dkms=False 22 | dkey=False 23 | dsgs=False 24 | acc="xxxxxxxxxxxx" 25 | region="xx-xxxx-x" 26 | regionl=0 27 | policies=[] 28 | policyarns=[] 29 | roles=[] 30 | aws_subnet_resp=[] 31 | aws_route_table_resp=[] 32 | aws_kms_alias_resp=[] 33 | aws_vpc_resp=[] 34 | aws_iam_role_resp=[] 35 | aws_instance_resp=[] 36 | lbc=0; rbc=0 37 | asg_azs=False 38 | plan2=False 39 | lbskipaacl=False 40 | lbskipcnxl=False 41 | mskcfg=False 42 | ssmparamn="" 43 | repdbin=False 44 | gulejobmaxcap=False 45 | levsmap=False 46 | ec2ignore=False 47 | api_id="" 48 | stripblock="" 49 | stripstart="" 50 | stripend="" 51 | apigwrestapiid="" 52 | ssoinstance=None 53 | emrsubnetid=False 54 | # secretsmanager secret version 55 | secid="" 56 | secvid="" 57 | 58 | meshname="" 59 | workaround="" 60 | expected=False 61 | all_extypes=[] 62 | serverless=False 63 | dzd="" 64 | dzgid="" 65 | dzpid="" 66 | connectinid="" 67 | waf2id="" 68 | waf2nm="" 69 | waf2sc="" 70 | ec2tag=None 71 | ec2tagv=None 72 | ec2tagk=None 73 | subnetid="" 74 | 75 | badlist=[] 76 | 77 | ## Dicts 78 | 79 | rproc={} 80 | rdep={} 81 | trdep={} 82 | 83 | # for common boto3 84 | mopup={ 85 | "aws_service_discovery_http_namespace":"ns-" 86 | } 87 | 88 | # these skip import - as they can't be imported - or no way to find with boto3 89 | noimport={ 90 | "aws_iam_user_group_membership": True, 91 | "aws_iam_security_token_service_preferences": True, 92 | "aws_ebs_snapshot_copy": True, 93 | "aws_ebs_snapshot_import": True, 94 | "aws_vpclattice_target_group_attachment": True 95 | } 96 | 97 | tested={ 98 | 99 | } 100 | 101 | # List Dicts 102 | subnets={} 103 | vpcs={} 104 | subnetlist={} 105 | sglist={} 106 | vpclist={} 107 | s3list={} 108 | rolelist={} 109 | policylist={} 110 | bucketlist={} 111 | tgwlist={} 112 | gluedbs={} 113 | attached_role_policies_list={} 114 | role_policies_list={} 115 | 116 | def exit_aws2tf(mess): 117 | if mess is not None or mess!="": 118 | print(mess) 119 | 120 | if globals.fast: 121 | os._exit(1) 122 | else: 123 | sys.exit(1) 124 | 125 | 126 | 127 | 128 | -------------------------------------------------------------------------------- /code/timed_interrupt.py: -------------------------------------------------------------------------------- 1 | import time 2 | import threading 3 | import globals 4 | import multiprocessing 5 | 6 | class Counter(): 7 | 8 | def __init__(self, increment): 9 | self.next_t = time.time() 10 | self.i=0 11 | self.done=False 12 | self.increment = increment 13 | self._run() 14 | 15 | 16 | def _run(self): 17 | #print("STATUS: " + str(self.i*self.increment) + "s elapsed (est. "+str(globals.esttime) +"s) "+ globals.tracking_message) 18 | print("STATUS: " + str(self.i*self.increment) + "s elapsed "+ globals.tracking_message) 19 | self.next_t+=self.increment 20 | self.i+=1 21 | if not self.done: 22 | self.t=threading.Timer( self.next_t - time.time(), self._run) 23 | self.t.start() 24 | 25 | def stop(self): 26 | self.done=True 27 | self.t.cancel() 28 | 29 | 30 | logical_cores = multiprocessing.cpu_count() 31 | print("Logical cores: " + str(logical_cores)) 32 | globals.cores = logical_cores * 2 33 | if globals.cores > 16: globals.cores = 16 34 | timed_int=Counter(increment = 20) 35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | boto3>=1.36.13 2 | requests>=2.32.3 --------------------------------------------------------------------------------