├── .github └── workflows │ ├── snyk-iac-actions.yml │ └── snyk-iac-pr-check.yml ├── .gitignore ├── .snyk ├── README.md ├── assets ├── main.png ├── project.png └── projects.png ├── bundle.tar.gz ├── example-secret.auto.tfvars ├── main.tf ├── modules ├── iam │ ├── main.tf │ └── variables.tf ├── storage │ ├── main.tf │ └── variables.tf ├── subnet │ ├── main.tf │ ├── outputs.tf │ └── variables.tf └── vpc │ ├── main.tf │ ├── outputs.tf │ └── variables.tf ├── terraform.tfstate ├── tf-plan.json └── variables.tf /.github/workflows/snyk-iac-actions.yml: -------------------------------------------------------------------------------- 1 | # The Infrastructure as Code Action also supports integrating with GitHub Code Scanning and can show issues in the 2 | # GitHub Security tab. When run, a snyk.sarif file will be generated which can be uploaded to GitHub Code Scanning. 3 | name: Snyk Infrastructure as Code 4 | on: push 5 | jobs: 6 | snyk: 7 | runs-on: ubuntu-latest 8 | steps: 9 | - uses: actions/checkout@v2 10 | - name: Run Snyk to check configuration files for security issues 11 | # Snyk can be used to break the build when it detects security issues. 12 | # In this case we want to upload the issues to GitHub Code Scanning 13 | continue-on-error: true 14 | uses: snyk/actions/iac@master 15 | env: 16 | # In order to use the Snyk Action you will need to have a Snyk API token. 17 | # More details in https://github.com/snyk/actions#getting-your-snyk-token 18 | # or you can signup for free at https://snyk.io/login 19 | SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} 20 | with: 21 | # Add the path to the configuration file that you would like to test. 22 | # For example `deployment.yaml` for a Kubernetes deployment manifest 23 | # or `main.tf` for a Terraform configuration file 24 | file: . 25 | - name: Upload result to GitHub Code Scanning 26 | uses: github/codeql-action/upload-sarif@v1 27 | with: 28 | sarif_file: snyk.sarif 29 | -------------------------------------------------------------------------------- /.github/workflows/snyk-iac-pr-check.yml: -------------------------------------------------------------------------------- 1 | # The Infrastructure as Code Action also supports integrating with GitHub Code Scanning and can show issues in the 2 | # GitHub Security tab. When run, a snyk.sarif file will be generated which can be uploaded to GitHub Code Scanning. 3 | name: Snyk Infrastructure as Code 4 | on: push 5 | jobs: 6 | snyk: 7 | runs-on: ubuntu-latest 8 | steps: 9 | - uses: actions/checkout@v2 10 | - name: Run Snyk to check configuration files for security issues 11 | # Snyk can be used to break the build when it detects security issues. 12 | # In this case we want to upload the issues to GitHub Code Scanning 13 | continue-on-error: true 14 | uses: snyk/actions/iac@master 15 | env: 16 | # In order to use the Snyk Action you will need to have a Snyk API token. 17 | # More details in https://github.com/snyk/actions#getting-your-snyk-token 18 | # or you can signup for free at https://snyk.io/login 19 | SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} 20 | with: 21 | # Add the path to the configuration file that you would like to test. 22 | # For example `deployment.yaml` for a Kubernetes deployment manifest 23 | # or `main.tf` for a Terraform configuration file 24 | file: . 25 | - name: Upload result to GitHub Code Scanning 26 | uses: github/codeql-action/upload-sarif@v1 27 | with: 28 | sarif_file: snyk.sarif 29 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | //Ignoring Secrets 2 | secret.auto.tfvars 3 | 4 | //Ignore IDE files 5 | .idea/ 6 | 7 | //Ignore terraform config files 8 | .terraform/* 9 | 10 | // Ignore the .dccache file for Snyk Code Analysis 11 | .dccache 12 | -------------------------------------------------------------------------------- /.snyk: -------------------------------------------------------------------------------- 1 | # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. 2 | version: v1.22.1 3 | # ignores vulnerabilities until expiry date; change duration by modifying expiry date 4 | ignore: 5 | SNYK-CC-TF-4: 6 | - '*': 7 | reason: Showing Example of ignored vuln for all occurances 8 | expires: 2024-03-20T18:47:59.705Z 9 | created: 2022-02-18T18:47:59.709Z 10 | SNYK-CC-TF-98: 11 | - 'modules/storage/main.tf > resource > aws_s3_bucket_public_access_block[snyk_private] > restrict_public_buckets': 12 | reason: Showing Example of ignored vuln for specific file and resource 13 | expires: 2024-03-20T18:47:59.705Z 14 | created: 2022-02-18T18:47:59.709Z 15 | patch: {} 16 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Snyk Infrastructure as Code Demo 2 | 3 | This repository contains a hello world example which demonstrates the Terraform features of Snyk Infrastructure as code. In particular: 4 | 5 | * Detecting CIS Benchmark issues for the AWS Terraform provider 6 | * Enforcing AWS best practices 7 | 8 | 9 | ## Snyk UI Projects 10 | 11 | When this repository is imported into Snyk we should scan the `.tf` files and identify any issues. This should appear in Snyk like so: 12 | 13 | ![Snyk projects](assets/projects.png) 14 | 15 | Clicking on the individual projects will show the Terraform code along with details of the individual issues and where they exist in terraform. 16 | 17 | ![Snyk project](assets/project.png) 18 | 19 | ## Snyk CLI 20 | 21 | After installing the Snyk CLI, you will then have the capability of scanning your IaC projects locally. 22 | 23 | For this example repository, you will first need to pull down the code base to your local enviornment. 24 | 25 | Terraform is not required to be installed for any of the following examples. 26 | 27 | Once in your cloned directory, you can run `snyk iac test` which will recursively identify any of the `.tf` files in the directory. 28 | 29 | If you would like to specify a file, it can be added by with the filepath to the file location. ex: `snyk iac test ./modules/storage/main.tf`. 30 | 31 | ![Snyk projects](assets/main.png) 32 | 33 | ### Terraform plan ouput 34 | 35 | One thing which was recently added is the ability to scan the plan output. 36 | 37 | This can be done by running `snyk iac test tf-plan.json` while in the root directory of this repo. 38 | 39 | The plan output is a list of instructions used by terraform, which defines what resources will be deployed if the configuration were to be applied at that very moment. One thing companies will sometimes do is create that plan output for when they are ready to deploy this configuration to each of their enviornments. 40 | 41 | With Snyk there are two different options we have for scanning the plan file. 42 | 1. Resource changes `snyk iac test tf-plan.json --scan=resource-changes` - any resource changes including third party resources and variables that are different from the current state file, i.e what is currently deployed in your cloud environments. 43 | 2. Planned values `snyk iac test tf-plan.json --scan=planned-values` - a full view of every resource including third party resources and variables regardless of the current state of deployed resources, i.e how secure would this configuration be if it were deployed for the first time today. 44 | 45 | The plan output holds vulnerable information, such as secret variables and access credentials, and should typically not be commited into an SCM. 46 | 47 | For this example, we have commited the file `tf-plan.json` with that secret information for demonstration purposes. The credentials have been deactivated for security reasons. 48 | 49 | When scanning the plan file, we are looking for vulnerabilities in all of the resources, which will be deployed on the next execution of `terraform apply tfplan.binary`, which is applying the configuration related to the plan output but in a machine readble format. 50 | 51 | It is worth noting that not all configuration files are detected in our default scans. This is mostly due to the ability to use third party modules when attempting to deploy resources quickly. The plan output scan is a good way to see the FULL view of what is being deployed and not just the code which the customers manage. 52 | -------------------------------------------------------------------------------- /assets/main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/snyk-labs/terraform-goof/cabc4947486929b111f56a4a7c55302fb83ff3ac/assets/main.png -------------------------------------------------------------------------------- /assets/project.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/snyk-labs/terraform-goof/cabc4947486929b111f56a4a7c55302fb83ff3ac/assets/project.png -------------------------------------------------------------------------------- /assets/projects.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/snyk-labs/terraform-goof/cabc4947486929b111f56a4a7c55302fb83ff3ac/assets/projects.png -------------------------------------------------------------------------------- /bundle.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/snyk-labs/terraform-goof/cabc4947486929b111f56a4a7c55302fb83ff3ac/bundle.tar.gz -------------------------------------------------------------------------------- /example-secret.auto.tfvars: -------------------------------------------------------------------------------- 1 | access_key = "" 2 | secret_key = "" 3 | -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | skip_credentials_validation = true 4 | skip_requesting_account_id = true 5 | skip_metadata_api_check = true 6 | access_key = var.access_key 7 | secret_key = var.secret_key 8 | } 9 | 10 | resource "aws_iam_account_password_policy" "strict" { 11 | minimum_password_length = 8 12 | #require_lowercase_characters = true 13 | #require_numbers = true 14 | #require_uppercase_characters = true 15 | #require_symbols = true 16 | #allow_users_to_change_password = true 17 | #password_reuse_prevention = 24 18 | max_password_age = 3 19 | } 20 | 21 | module "vpc" { 22 | source = "./modules/vpc" 23 | } 24 | 25 | module "subnet" { 26 | source = "./modules/subnet" 27 | vpc_id = module.vpc.vpc_id 28 | region = var.region 29 | } 30 | 31 | module "storage" { 32 | source = "./modules/storage" 33 | 34 | acl = var.s3_acl 35 | db_password = "supersecret" 36 | db_username = "snyk" 37 | environment = var.env 38 | vpc_id = module.vpc.vpc_id 39 | private_subnet = [module.subnet.subnet_id_main, module.subnet.subnet_id_secondary] 40 | } 41 | 42 | module "iam" { 43 | source = "./modules/iam" 44 | 45 | environment = var.env 46 | } 47 | 48 | module "instance" { 49 | source = "terraform-aws-modules/ec2-instance/aws" 50 | ami = var.ami 51 | instance_type = "t2.micro" 52 | name = "example-server" 53 | 54 | vpc_security_group_ids = [module.vpc.vpc_sg_id] 55 | subnet_id = module.subnet.subnet_id_main 56 | 57 | tags = { 58 | Terraform = "true" 59 | Environment = var.env 60 | } 61 | } 62 | 63 | -------------------------------------------------------------------------------- /modules/iam/main.tf: -------------------------------------------------------------------------------- 1 | data "aws_iam_policy_document" "admin-assume-role-policy" { 2 | statement { 3 | actions = ["*"] 4 | resources = ["*"] 5 | } 6 | } 7 | 8 | resource "aws_iam_role" "snyk-admin-role" { 9 | name = "snyk_${var.environment}_role" 10 | assume_role_policy = data.aws_iam_policy_document.admin-assume-role-policy.json # (not shown) 11 | managed_policy_arns = [] 12 | } 13 | -------------------------------------------------------------------------------- /modules/iam/variables.tf: -------------------------------------------------------------------------------- 1 | variable "environment" { 2 | description = "the type of environment (dev,staging/prod)" 3 | } 4 | -------------------------------------------------------------------------------- /modules/storage/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_db_subnet_group" "snyk_rds_subnet_grp" { 2 | name = "snyk_rds_subnet_grp_${var.environment}" 3 | subnet_ids = var.private_subnet 4 | 5 | tags = merge(var.default_tags, { 6 | Name = "snyk_rds_subnet_grp_${var.environment}" 7 | }) 8 | } 9 | 10 | resource "aws_security_group" "snyk_rds_sg" { 11 | name = "snyk_rds_sg" 12 | vpc_id = var.vpc_id 13 | 14 | tags = merge(var.default_tags, { 15 | Name = "snyk_rds_sg_${var.environment}" 16 | }) 17 | 18 | # HTTP access from anywhere 19 | ingress { 20 | from_port = 5432 21 | to_port = 5432 22 | protocol = "tcp" 23 | cidr_blocks = ["0.0.0.0/0"] 24 | } 25 | 26 | # outbound internet access 27 | egress { 28 | from_port = 0 29 | to_port = 0 30 | protocol = "-1" 31 | cidr_blocks = ["0.0.0.0/0"] 32 | } 33 | } 34 | 35 | resource "aws_kms_key" "snyk_db_kms_key" { 36 | description = "KMS Key for DB instance ${var.environment}" 37 | deletion_window_in_days = 10 38 | enable_key_rotation = true 39 | 40 | tags = merge(var.default_tags, { 41 | Name = "snyk_db_kms_key_${var.environment}" 42 | }) 43 | } 44 | 45 | resource "aws_db_instance" "snyk_db" { 46 | name = "snyk_db_${var.environment}" 47 | allocated_storage = 20 48 | engine = "postgres" 49 | engine_version = "10.20" 50 | instance_class = "db.t3.micro" 51 | storage_type = "gp2" 52 | password = var.db_password 53 | username = var.db_username 54 | vpc_security_group_ids = [aws_security_group.snyk_rds_sg.id] 55 | db_subnet_group_name = aws_db_subnet_group.snyk_rds_subnet_grp.id 56 | identifier = "snyk-db-${var.environment}" 57 | storage_encrypted = true 58 | skip_final_snapshot = true 59 | final_snapshot_identifier = "snyk-db-${var.environment}-db-destroy-snapshot" 60 | kms_key_id = aws_kms_key.snyk_db_kms_key.arn 61 | tags = merge(var.default_tags, { 62 | Name = "snyk_db_${var.environment}" 63 | }) 64 | } 65 | 66 | resource "aws_ssm_parameter" "snyk_ssm_db_host" { 67 | name = "/snyk-${var.environment}/DB_HOST" 68 | description = "Snyk Database" 69 | type = "SecureString" 70 | value = aws_db_instance.snyk_db.endpoint 71 | 72 | tags = merge(var.default_tags, {}) 73 | } 74 | 75 | resource "aws_ssm_parameter" "snyk_ssm_db_password" { 76 | name = "/snyk-${var.environment}/DB_PASSWORD" 77 | description = "Snyk Database Password" 78 | type = "SecureString" 79 | value = aws_db_instance.snyk_db.password 80 | 81 | tags = merge(var.default_tags, {}) 82 | } 83 | 84 | resource "aws_ssm_parameter" "snyk_ssm_db_user" { 85 | name = "/snyk-${var.environment}/DB_USER" 86 | description = "Snyk Database Username" 87 | type = "SecureString" 88 | value = aws_db_instance.snyk_db.username 89 | 90 | tags = merge(var.default_tags, {}) 91 | } 92 | resource "aws_ssm_parameter" "snyk_ssm_db_name" { 93 | name = "/snyk-${var.environment}/DB_NAME" 94 | description = "Snyk Database Name" 95 | type = "SecureString" 96 | value = aws_db_instance.snyk_db.name 97 | 98 | tags = merge(var.default_tags, { 99 | environment = "${var.environment}" 100 | }) 101 | } 102 | 103 | resource "aws_s3_bucket" "snyk_storage" { 104 | bucket = "snyk-storage-${var.environment}-demo" 105 | tags = merge(var.default_tags, { 106 | name = "snyk_blob_storage_${var.environment}" 107 | }) 108 | } 109 | 110 | resource "aws_s3_bucket" "my-new-undeployed-bucket" { 111 | bucket = "snyk-public-${var.environment}-demo" 112 | } 113 | 114 | resource "aws_s3_bucket_public_access_block" "snyk_public" { 115 | bucket = aws_s3_bucket.my-new-undeployed-bucket.id 116 | 117 | block_public_acls = false 118 | ignore_public_acls = var.public_ignore_acl 119 | block_public_policy = var.public_policy_control 120 | } 121 | 122 | resource "aws_s3_bucket_public_access_block" "snyk_private" { 123 | bucket = aws_s3_bucket.snyk_storage.id 124 | 125 | ignore_public_acls = true 126 | block_public_acls = true 127 | block_public_policy = true 128 | } 129 | -------------------------------------------------------------------------------- /modules/storage/variables.tf: -------------------------------------------------------------------------------- 1 | variable "environment" { 2 | description = "the type of environment (dev,staging/prod)" 3 | } 4 | 5 | variable "default_tags" { 6 | default = {} 7 | description = "default tags to resources" 8 | } 9 | 10 | variable "public_block_acl" { 11 | default = false 12 | description = "test value for publicly accessible acl" 13 | } 14 | 15 | variable "public_ignore_acl" { 16 | default = true 17 | description = "test value for publicly accessible acl" 18 | } 19 | 20 | variable "public_policy_control" { 21 | default = true 22 | description = "test value for public policy control" 23 | } 24 | 25 | variable "acl" {} 26 | 27 | variable "private_subnet" {} 28 | 29 | variable "vpc_id" {} 30 | 31 | variable "db_username" {} 32 | 33 | variable "db_password" {} 34 | -------------------------------------------------------------------------------- /modules/subnet/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_subnet" "main" { 2 | vpc_id = var.vpc_id 3 | cidr_block = var.cidr_main 4 | availability_zone = "${var.region}a" 5 | 6 | tags = { 7 | Name = "Main" 8 | } 9 | } 10 | 11 | resource "aws_subnet" "secondary" { 12 | vpc_id = var.vpc_id 13 | cidr_block = var.cidr_secondary 14 | availability_zone = "${var.region}c" 15 | 16 | tags = { 17 | Name = "Main" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /modules/subnet/outputs.tf: -------------------------------------------------------------------------------- 1 | output "subnet_id_main" { 2 | value = aws_subnet.main.id 3 | } 4 | 5 | output "subnet_id_secondary" { 6 | value = aws_subnet.secondary.id 7 | } 8 | -------------------------------------------------------------------------------- /modules/subnet/variables.tf: -------------------------------------------------------------------------------- 1 | variable "cidr_main" { 2 | type = string 3 | default = "10.0.0.0/24" 4 | } 5 | 6 | variable "cidr_secondary" { 7 | type = string 8 | default = "10.0.64.0/19" 9 | } 10 | 11 | variable "vpc_id" { 12 | type = string 13 | } 14 | 15 | variable "region" { 16 | type = string 17 | } 18 | -------------------------------------------------------------------------------- /modules/vpc/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "example" { 2 | cidr_block = var.cidr 3 | } 4 | 5 | resource "aws_default_security_group" "default" { 6 | vpc_id = aws_vpc.example.id 7 | 8 | ingress { 9 | protocol = -1 10 | self = true 11 | from_port = 0 12 | to_port = 0 13 | } 14 | } 15 | 16 | resource "aws_security_group" "allow_ssh" { 17 | name = "allow_ssh" 18 | description = "Allow SSH inbound from anywhere" 19 | vpc_id = aws_vpc.example.id 20 | 21 | ingress { 22 | from_port = 22 23 | to_port = 22 24 | protocol = "tcp" 25 | cidr_blocks = ["0.0.0.0/0"] 26 | } 27 | } 28 | 29 | resource "aws_security_group" "allow_ssh_with_valid_cidr" { 30 | name = "allow_ssh_with_valid_cidr" 31 | description = "Allow SSH inbound from specific range" 32 | vpc_id = aws_vpc.example.id 33 | 34 | ingress { 35 | from_port = 22 36 | to_port = 22 37 | protocol = "tcp" 38 | cidr_blocks = tolist([ var.cidr ]) 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /modules/vpc/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vpc_id" { 2 | value = aws_vpc.example.id 3 | } 4 | 5 | output "vpc_sg_id" { 6 | value = aws_default_security_group.default.id 7 | } 8 | -------------------------------------------------------------------------------- /modules/vpc/variables.tf: -------------------------------------------------------------------------------- 1 | variable "cidr" { 2 | type = string 3 | default = "10.0.0.0/16" 4 | } 5 | -------------------------------------------------------------------------------- /terraform.tfstate: -------------------------------------------------------------------------------- 1 | { 2 | "version": 4, 3 | "terraform_version": "1.1.7", 4 | "serial": 5, 5 | "lineage": "445be9d8-245a-96e6-7d0e-1f23d67d2594", 6 | "outputs": {}, 7 | "resources": [ 8 | { 9 | "mode": "managed", 10 | "type": "aws_iam_account_password_policy", 11 | "name": "strict", 12 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 13 | "instances": [ 14 | { 15 | "schema_version": 0, 16 | "attributes": { 17 | "allow_users_to_change_password": true, 18 | "expire_passwords": true, 19 | "hard_expiry": false, 20 | "id": "iam-account-password-policy", 21 | "max_password_age": 3, 22 | "minimum_password_length": 8, 23 | "password_reuse_prevention": 0, 24 | "require_lowercase_characters": false, 25 | "require_numbers": false, 26 | "require_symbols": false, 27 | "require_uppercase_characters": false 28 | }, 29 | "sensitive_attributes": [], 30 | "private": "bnVsbA==" 31 | } 32 | ] 33 | }, 34 | { 35 | "module": "module.instance", 36 | "mode": "managed", 37 | "type": "aws_instance", 38 | "name": "this", 39 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 40 | "instances": [ 41 | { 42 | "index_key": 0, 43 | "schema_version": 1, 44 | "attributes": { 45 | "ami": "ami-07336266b2c69c546", 46 | "arn": "arn:aws:ec2:us-west-1::instance/i-0845bf4b0d78e0a81", 47 | "associate_public_ip_address": false, 48 | "availability_zone": "us-west-1a", 49 | "capacity_reservation_specification": [ 50 | { 51 | "capacity_reservation_preference": "open", 52 | "capacity_reservation_target": [] 53 | } 54 | ], 55 | "cpu_core_count": 1, 56 | "cpu_threads_per_core": 1, 57 | "credit_specification": [ 58 | { 59 | "cpu_credits": "standard" 60 | } 61 | ], 62 | "disable_api_termination": false, 63 | "ebs_block_device": [], 64 | "ebs_optimized": false, 65 | "enclave_options": [ 66 | { 67 | "enabled": false 68 | } 69 | ], 70 | "ephemeral_block_device": [], 71 | "get_password_data": false, 72 | "hibernation": false, 73 | "host_id": null, 74 | "iam_instance_profile": "", 75 | "id": "i-0845bf4b0d78e0a81", 76 | "instance_initiated_shutdown_behavior": "stop", 77 | "instance_state": "running", 78 | "instance_type": "t2.micro", 79 | "ipv6_address_count": 0, 80 | "ipv6_addresses": [], 81 | "key_name": "", 82 | "launch_template": [], 83 | "metadata_options": [ 84 | { 85 | "http_endpoint": "enabled", 86 | "http_put_response_hop_limit": 1, 87 | "http_tokens": "optional", 88 | "instance_metadata_tags": "disabled" 89 | } 90 | ], 91 | "monitoring": false, 92 | "network_interface": [], 93 | "outpost_arn": "", 94 | "password_data": "", 95 | "placement_group": "", 96 | "placement_partition_number": null, 97 | "primary_network_interface_id": "eni-012e044fc6dd887c9", 98 | "private_dns": "ip-10-0-0-222.us-west-1.compute.internal", 99 | "private_ip": "10.0.0.222", 100 | "public_dns": "", 101 | "public_ip": "", 102 | "root_block_device": [ 103 | { 104 | "delete_on_termination": true, 105 | "device_name": "/dev/sda1", 106 | "encrypted": false, 107 | "iops": 100, 108 | "kms_key_id": "", 109 | "tags": {}, 110 | "throughput": 0, 111 | "volume_id": "vol-0b862e79d153597fa", 112 | "volume_size": 8, 113 | "volume_type": "gp2" 114 | } 115 | ], 116 | "secondary_private_ips": [], 117 | "security_groups": [], 118 | "source_dest_check": true, 119 | "subnet_id": "subnet-0941234696ed66706", 120 | "tags": { 121 | "Environment": "dev", 122 | "Name": "example-server", 123 | "Terraform": "true" 124 | }, 125 | "tags_all": { 126 | "Environment": "dev", 127 | "Name": "example-server", 128 | "Terraform": "true" 129 | }, 130 | "tenancy": "default", 131 | "timeouts": { 132 | "create": null, 133 | "delete": null, 134 | "update": null 135 | }, 136 | "user_data": null, 137 | "user_data_base64": null, 138 | "volume_tags": { 139 | "Name": "example-server" 140 | }, 141 | "vpc_security_group_ids": [ 142 | "sg-053ac4c098e061a97" 143 | ] 144 | }, 145 | "sensitive_attributes": [], 146 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", 147 | "dependencies": [ 148 | "module.subnet.aws_subnet.main", 149 | "module.vpc.aws_default_security_group.default", 150 | "module.vpc.aws_vpc.example" 151 | ] 152 | } 153 | ] 154 | }, 155 | { 156 | "module": "module.storage", 157 | "mode": "managed", 158 | "type": "aws_db_instance", 159 | "name": "snyk_db", 160 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 161 | "instances": [ 162 | { 163 | "schema_version": 1, 164 | "attributes": { 165 | "address": "snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com", 166 | "allocated_storage": 20, 167 | "allow_major_version_upgrade": null, 168 | "apply_immediately": null, 169 | "arn": "arn:aws:rds:us-west-1:300326902600:db:snyk-db-dev", 170 | "auto_minor_version_upgrade": true, 171 | "availability_zone": "us-west-1a", 172 | "backup_retention_period": 0, 173 | "backup_window": "13:12-13:42", 174 | "ca_cert_identifier": "rds-ca-2019", 175 | "character_set_name": "", 176 | "copy_tags_to_snapshot": false, 177 | "customer_owned_ip_enabled": false, 178 | "db_subnet_group_name": "snyk_rds_subnet_grp_dev", 179 | "delete_automated_backups": true, 180 | "deletion_protection": false, 181 | "domain": "", 182 | "domain_iam_role_name": "", 183 | "enabled_cloudwatch_logs_exports": [], 184 | "endpoint": "snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432", 185 | "engine": "postgres", 186 | "engine_version": "10.20", 187 | "engine_version_actual": "10.20", 188 | "final_snapshot_identifier": "snyk-db-dev-db-destroy-snapshot", 189 | "hosted_zone_id": "Z10WI91S59XXQN", 190 | "iam_database_authentication_enabled": false, 191 | "id": "snyk-db-dev", 192 | "identifier": "snyk-db-dev", 193 | "identifier_prefix": null, 194 | "instance_class": "db.t3.micro", 195 | "iops": 0, 196 | "kms_key_id": "arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee", 197 | "latest_restorable_time": "0001-01-01T00:00:00Z", 198 | "license_model": "postgresql-license", 199 | "maintenance_window": "sat:07:43-sat:08:13", 200 | "max_allocated_storage": 0, 201 | "monitoring_interval": 0, 202 | "monitoring_role_arn": "", 203 | "multi_az": false, 204 | "name": "snyk_db_dev", 205 | "nchar_character_set_name": "", 206 | "option_group_name": "default:postgres-10", 207 | "parameter_group_name": "default.postgres10", 208 | "password": "supersecret", 209 | "performance_insights_enabled": false, 210 | "performance_insights_kms_key_id": "", 211 | "performance_insights_retention_period": 0, 212 | "port": 5432, 213 | "publicly_accessible": false, 214 | "replica_mode": "", 215 | "replicas": [], 216 | "replicate_source_db": "", 217 | "resource_id": "db-NPBHHY7WRM6HEWLV6PMXA67WFE", 218 | "restore_to_point_in_time": [], 219 | "s3_import": [], 220 | "security_group_names": [], 221 | "skip_final_snapshot": true, 222 | "snapshot_identifier": null, 223 | "status": "available", 224 | "storage_encrypted": true, 225 | "storage_type": "gp2", 226 | "tags": { 227 | "Name": "snyk_db_dev" 228 | }, 229 | "tags_all": { 230 | "Name": "snyk_db_dev" 231 | }, 232 | "timeouts": null, 233 | "timezone": "", 234 | "username": "snyk", 235 | "vpc_security_group_ids": [ 236 | "sg-00308b973d1dd0543" 237 | ] 238 | }, 239 | "sensitive_attributes": [], 240 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoyNDAwMDAwMDAwMDAwLCJkZWxldGUiOjM2MDAwMDAwMDAwMDAsInVwZGF0ZSI6NDgwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", 241 | "dependencies": [ 242 | "module.storage.aws_db_subnet_group.snyk_rds_subnet_grp", 243 | "module.storage.aws_kms_key.snyk_db_kms_key", 244 | "module.storage.aws_security_group.snyk_rds_sg", 245 | "module.subnet.aws_subnet.main", 246 | "module.subnet.aws_subnet.secondary", 247 | "module.vpc.aws_vpc.example" 248 | ] 249 | } 250 | ] 251 | }, 252 | { 253 | "module": "module.storage", 254 | "mode": "managed", 255 | "type": "aws_db_subnet_group", 256 | "name": "snyk_rds_subnet_grp", 257 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 258 | "instances": [ 259 | { 260 | "schema_version": 0, 261 | "attributes": { 262 | "arn": "arn:aws:rds:us-west-1:300326902600:subgrp:snyk_rds_subnet_grp_dev", 263 | "description": "Managed by Terraform", 264 | "id": "snyk_rds_subnet_grp_dev", 265 | "name": "snyk_rds_subnet_grp_dev", 266 | "name_prefix": null, 267 | "subnet_ids": [ 268 | "subnet-0941234696ed66706", 269 | "subnet-0ecfae41aa4588107" 270 | ], 271 | "tags": { 272 | "Name": "snyk_rds_subnet_grp_dev" 273 | }, 274 | "tags_all": { 275 | "Name": "snyk_rds_subnet_grp_dev" 276 | } 277 | }, 278 | "sensitive_attributes": [], 279 | "private": "bnVsbA==", 280 | "dependencies": [ 281 | "module.subnet.aws_subnet.main", 282 | "module.subnet.aws_subnet.secondary", 283 | "module.vpc.aws_vpc.example" 284 | ] 285 | } 286 | ] 287 | }, 288 | { 289 | "module": "module.storage", 290 | "mode": "managed", 291 | "type": "aws_kms_key", 292 | "name": "snyk_db_kms_key", 293 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 294 | "instances": [ 295 | { 296 | "schema_version": 0, 297 | "attributes": { 298 | "arn": "arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee", 299 | "bypass_policy_lockout_safety_check": false, 300 | "customer_master_key_spec": "SYMMETRIC_DEFAULT", 301 | "deletion_window_in_days": 10, 302 | "description": "KMS Key for DB instance dev", 303 | "enable_key_rotation": true, 304 | "id": "c2b7f989-976d-4c3f-b6da-702e660c2dee", 305 | "is_enabled": true, 306 | "key_id": "c2b7f989-976d-4c3f-b6da-702e660c2dee", 307 | "key_usage": "ENCRYPT_DECRYPT", 308 | "multi_region": false, 309 | "policy": "{\"Id\":\"key-default-1\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::300326902600:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"}],\"Version\":\"2012-10-17\"}", 310 | "tags": { 311 | "Name": "snyk_db_kms_key_dev" 312 | }, 313 | "tags_all": { 314 | "Name": "snyk_db_kms_key_dev" 315 | } 316 | }, 317 | "sensitive_attributes": [], 318 | "private": "bnVsbA==" 319 | } 320 | ] 321 | }, 322 | { 323 | "module": "module.storage", 324 | "mode": "managed", 325 | "type": "aws_s3_bucket", 326 | "name": "snyk_public_storage", 327 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 328 | "instances": [ 329 | { 330 | "schema_version": 0, 331 | "attributes": { 332 | "acceleration_status": "", 333 | "acl": "private", 334 | "arn": "arn:aws:s3:::snyk-public-dev-demo", 335 | "bucket": "snyk-public-dev-demo", 336 | "bucket_domain_name": "snyk-public-dev-demo.s3.amazonaws.com", 337 | "bucket_prefix": null, 338 | "bucket_regional_domain_name": "snyk-public-dev-demo.s3.us-west-1.amazonaws.com", 339 | "cors_rule": [], 340 | "force_destroy": false, 341 | "grant": [], 342 | "hosted_zone_id": "Z2F56UZL2M1ACD", 343 | "id": "snyk-public-dev-demo", 344 | "lifecycle_rule": [], 345 | "logging": [], 346 | "object_lock_configuration": [], 347 | "policy": null, 348 | "region": "us-west-1", 349 | "replication_configuration": [], 350 | "request_payer": "BucketOwner", 351 | "server_side_encryption_configuration": [], 352 | "tags": {}, 353 | "tags_all": {}, 354 | "versioning": [ 355 | { 356 | "enabled": false, 357 | "mfa_delete": false 358 | } 359 | ], 360 | "website": [], 361 | "website_domain": null, 362 | "website_endpoint": null 363 | }, 364 | "sensitive_attributes": [], 365 | "private": "bnVsbA==" 366 | } 367 | ] 368 | }, 369 | { 370 | "module": "module.storage", 371 | "mode": "managed", 372 | "type": "aws_s3_bucket", 373 | "name": "snyk_storage", 374 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 375 | "instances": [ 376 | { 377 | "schema_version": 0, 378 | "attributes": { 379 | "acceleration_status": "", 380 | "acl": "private", 381 | "arn": "arn:aws:s3:::snyk-storage-dev-demo", 382 | "bucket": "snyk-storage-dev-demo", 383 | "bucket_domain_name": "snyk-storage-dev-demo.s3.amazonaws.com", 384 | "bucket_prefix": null, 385 | "bucket_regional_domain_name": "snyk-storage-dev-demo.s3.us-west-1.amazonaws.com", 386 | "cors_rule": [], 387 | "force_destroy": false, 388 | "grant": [], 389 | "hosted_zone_id": "Z2F56UZL2M1ACD", 390 | "id": "snyk-storage-dev-demo", 391 | "lifecycle_rule": [], 392 | "logging": [], 393 | "object_lock_configuration": [], 394 | "policy": null, 395 | "region": "us-west-1", 396 | "replication_configuration": [], 397 | "request_payer": "BucketOwner", 398 | "server_side_encryption_configuration": [], 399 | "tags": { 400 | "name": "snyk_blob_storage_dev" 401 | }, 402 | "tags_all": { 403 | "name": "snyk_blob_storage_dev" 404 | }, 405 | "versioning": [ 406 | { 407 | "enabled": false, 408 | "mfa_delete": false 409 | } 410 | ], 411 | "website": [], 412 | "website_domain": null, 413 | "website_endpoint": null 414 | }, 415 | "sensitive_attributes": [], 416 | "private": "bnVsbA==" 417 | } 418 | ] 419 | }, 420 | { 421 | "module": "module.storage", 422 | "mode": "managed", 423 | "type": "aws_s3_bucket_public_access_block", 424 | "name": "snyk_private", 425 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 426 | "instances": [ 427 | { 428 | "schema_version": 0, 429 | "attributes": { 430 | "block_public_acls": true, 431 | "block_public_policy": true, 432 | "bucket": "snyk-storage-dev-demo", 433 | "id": "snyk-storage-dev-demo", 434 | "ignore_public_acls": true, 435 | "restrict_public_buckets": false 436 | }, 437 | "sensitive_attributes": [], 438 | "private": "bnVsbA==", 439 | "dependencies": [ 440 | "module.storage.aws_s3_bucket.snyk_storage" 441 | ] 442 | } 443 | ] 444 | }, 445 | { 446 | "module": "module.storage", 447 | "mode": "managed", 448 | "type": "aws_s3_bucket_public_access_block", 449 | "name": "snyk_public", 450 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 451 | "instances": [ 452 | { 453 | "schema_version": 0, 454 | "attributes": { 455 | "block_public_acls": false, 456 | "block_public_policy": false, 457 | "bucket": "snyk-public-dev-demo", 458 | "id": "snyk-public-dev-demo", 459 | "ignore_public_acls": false, 460 | "restrict_public_buckets": false 461 | }, 462 | "sensitive_attributes": [], 463 | "private": "bnVsbA==", 464 | "dependencies": [ 465 | "module.storage.aws_s3_bucket.snyk_public_storage" 466 | ] 467 | } 468 | ] 469 | }, 470 | { 471 | "module": "module.storage", 472 | "mode": "managed", 473 | "type": "aws_security_group", 474 | "name": "snyk_rds_sg", 475 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 476 | "instances": [ 477 | { 478 | "schema_version": 1, 479 | "attributes": { 480 | "arn": "arn:aws:ec2:us-west-1:300326902600:security-group/sg-00308b973d1dd0543", 481 | "description": "Managed by Terraform", 482 | "egress": [ 483 | { 484 | "cidr_blocks": [ 485 | "0.0.0.0/0" 486 | ], 487 | "description": "", 488 | "from_port": 0, 489 | "ipv6_cidr_blocks": [], 490 | "prefix_list_ids": [], 491 | "protocol": "-1", 492 | "security_groups": [], 493 | "self": false, 494 | "to_port": 0 495 | } 496 | ], 497 | "id": "sg-00308b973d1dd0543", 498 | "ingress": [ 499 | { 500 | "cidr_blocks": [ 501 | "0.0.0.0/0" 502 | ], 503 | "description": "", 504 | "from_port": 5432, 505 | "ipv6_cidr_blocks": [], 506 | "prefix_list_ids": [], 507 | "protocol": "tcp", 508 | "security_groups": [], 509 | "self": false, 510 | "to_port": 5432 511 | } 512 | ], 513 | "name": "snyk_rds_sg", 514 | "name_prefix": "", 515 | "owner_id": "300326902600", 516 | "revoke_rules_on_delete": false, 517 | "tags": { 518 | "Name": "snyk_rds_sg_dev" 519 | }, 520 | "tags_all": { 521 | "Name": "snyk_rds_sg_dev" 522 | }, 523 | "timeouts": null, 524 | "vpc_id": "vpc-0634642741facb9e9" 525 | }, 526 | "sensitive_attributes": [], 527 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", 528 | "dependencies": [ 529 | "module.vpc.aws_vpc.example" 530 | ] 531 | } 532 | ] 533 | }, 534 | { 535 | "module": "module.storage", 536 | "mode": "managed", 537 | "type": "aws_ssm_parameter", 538 | "name": "snyk_ssm_db_host", 539 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 540 | "instances": [ 541 | { 542 | "schema_version": 0, 543 | "attributes": { 544 | "allowed_pattern": "", 545 | "arn": "arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_HOST", 546 | "data_type": "text", 547 | "description": "Snyk Database", 548 | "id": "/snyk-dev/DB_HOST", 549 | "key_id": "alias/aws/ssm", 550 | "name": "/snyk-dev/DB_HOST", 551 | "overwrite": null, 552 | "tags": {}, 553 | "tags_all": {}, 554 | "tier": "Standard", 555 | "type": "SecureString", 556 | "value": "snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432", 557 | "version": 1 558 | }, 559 | "sensitive_attributes": [], 560 | "private": "bnVsbA==", 561 | "dependencies": [ 562 | "module.storage.aws_db_instance.snyk_db", 563 | "module.storage.aws_db_subnet_group.snyk_rds_subnet_grp", 564 | "module.storage.aws_kms_key.snyk_db_kms_key", 565 | "module.storage.aws_security_group.snyk_rds_sg", 566 | "module.subnet.aws_subnet.main", 567 | "module.subnet.aws_subnet.secondary", 568 | "module.vpc.aws_vpc.example" 569 | ] 570 | } 571 | ] 572 | }, 573 | { 574 | "module": "module.storage", 575 | "mode": "managed", 576 | "type": "aws_ssm_parameter", 577 | "name": "snyk_ssm_db_name", 578 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 579 | "instances": [ 580 | { 581 | "schema_version": 0, 582 | "attributes": { 583 | "allowed_pattern": "", 584 | "arn": "arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_NAME", 585 | "data_type": "text", 586 | "description": "Snyk Database Name", 587 | "id": "/snyk-dev/DB_NAME", 588 | "key_id": "alias/aws/ssm", 589 | "name": "/snyk-dev/DB_NAME", 590 | "overwrite": null, 591 | "tags": { 592 | "environment": "dev" 593 | }, 594 | "tags_all": { 595 | "environment": "dev" 596 | }, 597 | "tier": "Standard", 598 | "type": "SecureString", 599 | "value": "snyk_db_dev", 600 | "version": 1 601 | }, 602 | "sensitive_attributes": [], 603 | "private": "bnVsbA==", 604 | "dependencies": [ 605 | "module.storage.aws_db_instance.snyk_db", 606 | "module.storage.aws_db_subnet_group.snyk_rds_subnet_grp", 607 | "module.storage.aws_kms_key.snyk_db_kms_key", 608 | "module.storage.aws_security_group.snyk_rds_sg", 609 | "module.subnet.aws_subnet.main", 610 | "module.subnet.aws_subnet.secondary", 611 | "module.vpc.aws_vpc.example" 612 | ] 613 | } 614 | ] 615 | }, 616 | { 617 | "module": "module.storage", 618 | "mode": "managed", 619 | "type": "aws_ssm_parameter", 620 | "name": "snyk_ssm_db_password", 621 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 622 | "instances": [ 623 | { 624 | "schema_version": 0, 625 | "attributes": { 626 | "allowed_pattern": "", 627 | "arn": "arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_PASSWORD", 628 | "data_type": "text", 629 | "description": "Snyk Database Password", 630 | "id": "/snyk-dev/DB_PASSWORD", 631 | "key_id": "alias/aws/ssm", 632 | "name": "/snyk-dev/DB_PASSWORD", 633 | "overwrite": null, 634 | "tags": {}, 635 | "tags_all": {}, 636 | "tier": "Standard", 637 | "type": "SecureString", 638 | "value": "supersecret", 639 | "version": 1 640 | }, 641 | "sensitive_attributes": [ 642 | [ 643 | { 644 | "type": "get_attr", 645 | "value": "value" 646 | } 647 | ] 648 | ], 649 | "private": "bnVsbA==", 650 | "dependencies": [ 651 | "module.storage.aws_db_instance.snyk_db", 652 | "module.storage.aws_db_subnet_group.snyk_rds_subnet_grp", 653 | "module.storage.aws_kms_key.snyk_db_kms_key", 654 | "module.storage.aws_security_group.snyk_rds_sg", 655 | "module.subnet.aws_subnet.main", 656 | "module.subnet.aws_subnet.secondary", 657 | "module.vpc.aws_vpc.example" 658 | ] 659 | } 660 | ] 661 | }, 662 | { 663 | "module": "module.storage", 664 | "mode": "managed", 665 | "type": "aws_ssm_parameter", 666 | "name": "snyk_ssm_db_user", 667 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 668 | "instances": [ 669 | { 670 | "schema_version": 0, 671 | "attributes": { 672 | "allowed_pattern": "", 673 | "arn": "arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_USER", 674 | "data_type": "text", 675 | "description": "Snyk Database Username", 676 | "id": "/snyk-dev/DB_USER", 677 | "key_id": "alias/aws/ssm", 678 | "name": "/snyk-dev/DB_USER", 679 | "overwrite": null, 680 | "tags": {}, 681 | "tags_all": {}, 682 | "tier": "Standard", 683 | "type": "SecureString", 684 | "value": "snyk", 685 | "version": 1 686 | }, 687 | "sensitive_attributes": [], 688 | "private": "bnVsbA==", 689 | "dependencies": [ 690 | "module.storage.aws_db_instance.snyk_db", 691 | "module.storage.aws_db_subnet_group.snyk_rds_subnet_grp", 692 | "module.storage.aws_kms_key.snyk_db_kms_key", 693 | "module.storage.aws_security_group.snyk_rds_sg", 694 | "module.subnet.aws_subnet.main", 695 | "module.subnet.aws_subnet.secondary", 696 | "module.vpc.aws_vpc.example" 697 | ] 698 | } 699 | ] 700 | }, 701 | { 702 | "module": "module.subnet", 703 | "mode": "managed", 704 | "type": "aws_subnet", 705 | "name": "main", 706 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 707 | "instances": [ 708 | { 709 | "schema_version": 1, 710 | "attributes": { 711 | "arn": "arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0941234696ed66706", 712 | "assign_ipv6_address_on_creation": false, 713 | "availability_zone": "us-west-1a", 714 | "availability_zone_id": "usw1-az1", 715 | "cidr_block": "10.0.0.0/24", 716 | "customer_owned_ipv4_pool": "", 717 | "enable_dns64": false, 718 | "enable_resource_name_dns_a_record_on_launch": false, 719 | "enable_resource_name_dns_aaaa_record_on_launch": false, 720 | "id": "subnet-0941234696ed66706", 721 | "ipv6_cidr_block": "", 722 | "ipv6_cidr_block_association_id": "", 723 | "ipv6_native": false, 724 | "map_customer_owned_ip_on_launch": false, 725 | "map_public_ip_on_launch": false, 726 | "outpost_arn": "", 727 | "owner_id": "300326902600", 728 | "private_dns_hostname_type_on_launch": "ip-name", 729 | "tags": { 730 | "Name": "Main" 731 | }, 732 | "tags_all": { 733 | "Name": "Main" 734 | }, 735 | "timeouts": null, 736 | "vpc_id": "vpc-0634642741facb9e9" 737 | }, 738 | "sensitive_attributes": [], 739 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", 740 | "dependencies": [ 741 | "module.vpc.aws_vpc.example" 742 | ] 743 | } 744 | ] 745 | }, 746 | { 747 | "module": "module.subnet", 748 | "mode": "managed", 749 | "type": "aws_subnet", 750 | "name": "secondary", 751 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 752 | "instances": [ 753 | { 754 | "schema_version": 1, 755 | "attributes": { 756 | "arn": "arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0ecfae41aa4588107", 757 | "assign_ipv6_address_on_creation": false, 758 | "availability_zone": "us-west-1c", 759 | "availability_zone_id": "usw1-az3", 760 | "cidr_block": "10.0.64.0/19", 761 | "customer_owned_ipv4_pool": "", 762 | "enable_dns64": false, 763 | "enable_resource_name_dns_a_record_on_launch": false, 764 | "enable_resource_name_dns_aaaa_record_on_launch": false, 765 | "id": "subnet-0ecfae41aa4588107", 766 | "ipv6_cidr_block": "", 767 | "ipv6_cidr_block_association_id": "", 768 | "ipv6_native": false, 769 | "map_customer_owned_ip_on_launch": false, 770 | "map_public_ip_on_launch": false, 771 | "outpost_arn": "", 772 | "owner_id": "300326902600", 773 | "private_dns_hostname_type_on_launch": "ip-name", 774 | "tags": { 775 | "Name": "Main" 776 | }, 777 | "tags_all": { 778 | "Name": "Main" 779 | }, 780 | "timeouts": null, 781 | "vpc_id": "vpc-0634642741facb9e9" 782 | }, 783 | "sensitive_attributes": [], 784 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", 785 | "dependencies": [ 786 | "module.vpc.aws_vpc.example" 787 | ] 788 | } 789 | ] 790 | }, 791 | { 792 | "module": "module.vpc", 793 | "mode": "managed", 794 | "type": "aws_default_security_group", 795 | "name": "default", 796 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 797 | "instances": [ 798 | { 799 | "schema_version": 1, 800 | "attributes": { 801 | "arn": "arn:aws:ec2:us-west-1:300326902600:security-group/sg-053ac4c098e061a97", 802 | "description": "default VPC security group", 803 | "egress": [], 804 | "id": "sg-053ac4c098e061a97", 805 | "ingress": [ 806 | { 807 | "cidr_blocks": [], 808 | "description": "", 809 | "from_port": 0, 810 | "ipv6_cidr_blocks": [], 811 | "prefix_list_ids": [], 812 | "protocol": "-1", 813 | "security_groups": [], 814 | "self": true, 815 | "to_port": 0 816 | } 817 | ], 818 | "name": "default", 819 | "owner_id": "300326902600", 820 | "revoke_rules_on_delete": false, 821 | "tags": {}, 822 | "tags_all": {}, 823 | "vpc_id": "vpc-0634642741facb9e9" 824 | }, 825 | "sensitive_attributes": [], 826 | "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", 827 | "dependencies": [ 828 | "module.vpc.aws_vpc.example" 829 | ] 830 | } 831 | ] 832 | }, 833 | { 834 | "module": "module.vpc", 835 | "mode": "managed", 836 | "type": "aws_security_group", 837 | "name": "allow_ssh", 838 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 839 | "instances": [ 840 | { 841 | "schema_version": 1, 842 | "attributes": { 843 | "arn": "arn:aws:ec2:us-west-1:300326902600:security-group/sg-08ad2beb5cf3a0c52", 844 | "description": "Allow SSH inbound from anywhere", 845 | "egress": [], 846 | "id": "sg-08ad2beb5cf3a0c52", 847 | "ingress": [ 848 | { 849 | "cidr_blocks": [ 850 | "0.0.0.0/0" 851 | ], 852 | "description": "", 853 | "from_port": 22, 854 | "ipv6_cidr_blocks": [], 855 | "prefix_list_ids": [], 856 | "protocol": "tcp", 857 | "security_groups": [], 858 | "self": false, 859 | "to_port": 22 860 | } 861 | ], 862 | "name": "allow_ssh", 863 | "name_prefix": "", 864 | "owner_id": "300326902600", 865 | "revoke_rules_on_delete": false, 866 | "tags": {}, 867 | "tags_all": {}, 868 | "timeouts": null, 869 | "vpc_id": "vpc-0634642741facb9e9" 870 | }, 871 | "sensitive_attributes": [], 872 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", 873 | "dependencies": [ 874 | "module.vpc.aws_vpc.example" 875 | ] 876 | } 877 | ] 878 | }, 879 | { 880 | "module": "module.vpc", 881 | "mode": "managed", 882 | "type": "aws_security_group", 883 | "name": "allow_ssh_with_valid_cidr", 884 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 885 | "instances": [ 886 | { 887 | "schema_version": 1, 888 | "attributes": { 889 | "arn": "arn:aws:ec2:us-west-1:300326902600:security-group/sg-0423d304c80e5ba95", 890 | "description": "Allow SSH inbound from specific range", 891 | "egress": [], 892 | "id": "sg-0423d304c80e5ba95", 893 | "ingress": [ 894 | { 895 | "cidr_blocks": [ 896 | "10.0.0.0/16" 897 | ], 898 | "description": "", 899 | "from_port": 22, 900 | "ipv6_cidr_blocks": [], 901 | "prefix_list_ids": [], 902 | "protocol": "tcp", 903 | "security_groups": [], 904 | "self": false, 905 | "to_port": 22 906 | } 907 | ], 908 | "name": "allow_ssh_with_valid_cidr", 909 | "name_prefix": "", 910 | "owner_id": "300326902600", 911 | "revoke_rules_on_delete": false, 912 | "tags": {}, 913 | "tags_all": {}, 914 | "timeouts": null, 915 | "vpc_id": "vpc-0634642741facb9e9" 916 | }, 917 | "sensitive_attributes": [], 918 | "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", 919 | "dependencies": [ 920 | "module.vpc.aws_vpc.example" 921 | ] 922 | } 923 | ] 924 | }, 925 | { 926 | "module": "module.vpc", 927 | "mode": "managed", 928 | "type": "aws_vpc", 929 | "name": "example", 930 | "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", 931 | "instances": [ 932 | { 933 | "schema_version": 1, 934 | "attributes": { 935 | "arn": "arn:aws:ec2:us-west-1:300326902600:vpc/vpc-0634642741facb9e9", 936 | "assign_generated_ipv6_cidr_block": false, 937 | "cidr_block": "10.0.0.0/16", 938 | "default_network_acl_id": "acl-038efd3dd6fdea0c0", 939 | "default_route_table_id": "rtb-016872e07f61110e5", 940 | "default_security_group_id": "sg-053ac4c098e061a97", 941 | "dhcp_options_id": "dopt-5fb3eb38", 942 | "enable_classiclink": false, 943 | "enable_classiclink_dns_support": false, 944 | "enable_dns_hostnames": false, 945 | "enable_dns_support": true, 946 | "id": "vpc-0634642741facb9e9", 947 | "instance_tenancy": "default", 948 | "ipv4_ipam_pool_id": null, 949 | "ipv4_netmask_length": null, 950 | "ipv6_association_id": "", 951 | "ipv6_cidr_block": "", 952 | "ipv6_cidr_block_network_border_group": "", 953 | "ipv6_ipam_pool_id": "", 954 | "ipv6_netmask_length": 0, 955 | "main_route_table_id": "rtb-016872e07f61110e5", 956 | "owner_id": "300326902600", 957 | "tags": {}, 958 | "tags_all": {} 959 | }, 960 | "sensitive_attributes": [], 961 | "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" 962 | } 963 | ] 964 | } 965 | ] 966 | } 967 | -------------------------------------------------------------------------------- /tf-plan.json: -------------------------------------------------------------------------------- 1 | {"format_version":"1.0","terraform_version":"1.1.7","variables":{"access_key":{"value":"*****"},"ami":{"value":"ami-07336266b2c69c546"},"env":{"value":"dev"},"region":{"value":"us-west-1"},"s3_acl":{"value":"public-read-write"},"secret_key":{"value":"*****"}},"planned_values":{"root_module":{"resources":[{"address":"aws_iam_account_password_policy.strict","mode":"managed","type":"aws_iam_account_password_policy","name":"strict","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allow_users_to_change_password":true,"expire_passwords":true,"hard_expiry":false,"id":"iam-account-password-policy","max_password_age":3,"minimum_password_length":8,"password_reuse_prevention":0,"require_lowercase_characters":false,"require_numbers":false,"require_symbols":false,"require_uppercase_characters":false},"sensitive_values":{}}],"child_modules":[{"resources":[{"address":"module.iam.aws_iam_role.snyk-admin-role","mode":"managed","type":"aws_iam_role","name":"snyk-admin-role","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"assume_role_policy":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"*\",\n \"Resource\": \"*\"\n }\n ]\n}","description":null,"force_detach_policies":false,"max_session_duration":3600,"name":"snyk_dev_role","path":"/","permissions_boundary":null,"tags":null},"sensitive_values":{"inline_policy":[],"managed_policy_arns":[],"tags_all":{}}}],"address":"module.iam"},{"resources":[{"address":"module.instance.aws_instance.this[0]","mode":"managed","type":"aws_instance","name":"this","index":0,"provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"ami":"ami-07336266b2c69c546","arn":"arn:aws:ec2:us-west-1::instance/i-0845bf4b0d78e0a81","associate_public_ip_address":false,"availability_zone":"us-west-1a","capacity_reservation_specification":[{"capacity_reservation_preference":"open","capacity_reservation_target":[]}],"cpu_core_count":1,"cpu_threads_per_core":1,"credit_specification":[{"cpu_credits":"standard"}],"disable_api_termination":false,"ebs_block_device":[],"ebs_optimized":false,"enclave_options":[{"enabled":false}],"ephemeral_block_device":[],"get_password_data":false,"hibernation":false,"host_id":null,"iam_instance_profile":"","id":"i-0845bf4b0d78e0a81","instance_initiated_shutdown_behavior":"stop","instance_state":"running","instance_type":"t2.micro","ipv6_address_count":0,"ipv6_addresses":[],"key_name":"","launch_template":[],"metadata_options":[{"http_endpoint":"enabled","http_put_response_hop_limit":1,"http_tokens":"optional","instance_metadata_tags":"disabled"}],"monitoring":false,"network_interface":[],"outpost_arn":"","password_data":"","placement_group":"","placement_partition_number":null,"primary_network_interface_id":"eni-012e044fc6dd887c9","private_dns":"ip-10-0-0-222.us-west-1.compute.internal","private_ip":"10.0.0.222","public_dns":"","public_ip":"","root_block_device":[{"delete_on_termination":true,"device_name":"/dev/sda1","encrypted":false,"iops":100,"kms_key_id":"","tags":{},"throughput":0,"volume_id":"vol-0b862e79d153597fa","volume_size":8,"volume_type":"gp2"}],"secondary_private_ips":[],"security_groups":[],"source_dest_check":true,"subnet_id":"subnet-0941234696ed66706","tags":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tags_all":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tenancy":"default","timeouts":{"create":null,"delete":null,"update":null},"user_data":null,"user_data_base64":null,"volume_tags":{"Name":"example-server"},"vpc_security_group_ids":["sg-053ac4c098e061a97"]},"sensitive_values":{"capacity_reservation_specification":[{"capacity_reservation_target":[]}],"credit_specification":[{}],"ebs_block_device":[],"enclave_options":[{}],"ephemeral_block_device":[],"ipv6_addresses":[],"launch_template":[],"metadata_options":[{}],"network_interface":[],"root_block_device":[{"tags":{}}],"secondary_private_ips":[],"security_groups":[],"tags":{},"tags_all":{},"timeouts":{},"volume_tags":{},"vpc_security_group_ids":[false]}}],"address":"module.instance"},{"resources":[{"address":"module.storage.aws_db_instance.snyk_db","mode":"managed","type":"aws_db_instance","name":"snyk_db","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"address":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com","allocated_storage":20,"allow_major_version_upgrade":null,"apply_immediately":null,"arn":"arn:aws:rds:us-west-1:300326902600:db:snyk-db-dev","auto_minor_version_upgrade":true,"availability_zone":"us-west-1a","backup_retention_period":0,"backup_window":"13:12-13:42","ca_cert_identifier":"rds-ca-2019","character_set_name":"","copy_tags_to_snapshot":false,"customer_owned_ip_enabled":false,"db_subnet_group_name":"snyk_rds_subnet_grp_dev","delete_automated_backups":true,"deletion_protection":false,"domain":"","domain_iam_role_name":"","enabled_cloudwatch_logs_exports":[],"endpoint":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","engine":"postgres","engine_version":"10.20","engine_version_actual":"10.20","final_snapshot_identifier":"snyk-db-dev-db-destroy-snapshot","hosted_zone_id":"Z10WI91S59XXQN","iam_database_authentication_enabled":false,"id":"snyk-db-dev","identifier":"snyk-db-dev","identifier_prefix":null,"instance_class":"db.t3.micro","iops":0,"kms_key_id":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","latest_restorable_time":"0001-01-01T00:00:00Z","license_model":"postgresql-license","maintenance_window":"sat:07:43-sat:08:13","max_allocated_storage":0,"monitoring_interval":0,"monitoring_role_arn":"","multi_az":false,"name":"snyk_db_dev","nchar_character_set_name":"","option_group_name":"default:postgres-10","parameter_group_name":"default.postgres10","password":"supersecret","performance_insights_enabled":false,"performance_insights_kms_key_id":"","performance_insights_retention_period":0,"port":5432,"publicly_accessible":false,"replica_mode":"","replicas":[],"replicate_source_db":"","resource_id":"db-NPBHHY7WRM6HEWLV6PMXA67WFE","restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"skip_final_snapshot":true,"snapshot_identifier":null,"status":"available","storage_encrypted":true,"storage_type":"gp2","tags":{"Name":"snyk_db_dev"},"tags_all":{"Name":"snyk_db_dev"},"timeouts":null,"timezone":"","username":"snyk","vpc_security_group_ids":["sg-00308b973d1dd0543"]},"sensitive_values":{"enabled_cloudwatch_logs_exports":[],"replicas":[],"restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"tags":{},"tags_all":{},"vpc_security_group_ids":[false]}},{"address":"module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","mode":"managed","type":"aws_db_subnet_group","name":"snyk_rds_subnet_grp","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"arn":"arn:aws:rds:us-west-1:300326902600:subgrp:snyk_rds_subnet_grp_dev","description":"Managed by Terraform","id":"snyk_rds_subnet_grp_dev","name":"snyk_rds_subnet_grp_dev","name_prefix":null,"subnet_ids":["subnet-0941234696ed66706","subnet-0ecfae41aa4588107"],"tags":{"Name":"snyk_rds_subnet_grp_dev"},"tags_all":{"Name":"snyk_rds_subnet_grp_dev"}},"sensitive_values":{"subnet_ids":[false,false],"tags":{},"tags_all":{}}},{"address":"module.storage.aws_kms_key.snyk_db_kms_key","mode":"managed","type":"aws_kms_key","name":"snyk_db_kms_key","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"arn":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","bypass_policy_lockout_safety_check":false,"customer_master_key_spec":"SYMMETRIC_DEFAULT","deletion_window_in_days":10,"description":"KMS Key for DB instance dev","enable_key_rotation":true,"id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","is_enabled":true,"key_id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","key_usage":"ENCRYPT_DECRYPT","multi_region":false,"policy":"{\"Id\":\"key-default-1\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::300326902600:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"}],\"Version\":\"2012-10-17\"}","tags":{"Name":"snyk_db_kms_key_dev"},"tags_all":{"Name":"snyk_db_kms_key_dev"}},"sensitive_values":{"tags":{},"tags_all":{}}},{"address":"module.storage.aws_s3_bucket.my-new-undeployed-bucket","mode":"managed","type":"aws_s3_bucket","name":"my-new-undeployed-bucket","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acl":"private","bucket":"snyk-storage-dev-demo","bucket_prefix":null,"cors_rule":[],"force_destroy":false,"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{"name":"snyk_blob_storage_dev"},"tags_all":{"name":"snyk_blob_storage_dev"},"website":[]},"sensitive_values":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[],"website":[]}},{"address":"module.storage.aws_s3_bucket.snyk_public_storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_public_storage","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-public-dev-demo","bucket":"snyk-public-dev-demo","bucket_domain_name":"snyk-public-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-public-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-public-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{"enabled":true,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"sensitive_values":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}},{"address":"module.storage.aws_s3_bucket.snyk_storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_storage","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-storage-dev-demo","bucket":"snyk-storage-dev-demo","bucket_domain_name":"snyk-storage-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-storage-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-storage-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{"name":"snyk_blob_storage_dev"},"tags_all":{"name":"snyk_blob_storage_dev"},"versioning":[{"enabled":false,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"sensitive_values":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}},{"address":"module.storage.aws_s3_bucket_public_access_block.snyk_public","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_public","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-public-dev-demo","id":"snyk-public-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"sensitive_values":{}},{"address":"module.storage.aws_security_group.snyk_rds_sg","mode":"managed","type":"aws_security_group","name":"snyk_rds_sg","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-00308b973d1dd0543","description":"Managed by Terraform","egress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":false,"to_port":0}],"id":"sg-00308b973d1dd0543","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":5432,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":5432}],"name":"snyk_rds_sg","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{"Name":"snyk_rds_sg_dev"},"tags_all":{"Name":"snyk_rds_sg_dev"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_host","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_host","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_HOST","data_type":"text","description":"Snyk Database","id":"/snyk-dev/DB_HOST","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_HOST","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","version":1},"sensitive_values":{"tags":{},"tags_all":{}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_name","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_name","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_NAME","data_type":"text","description":"Snyk Database Name","id":"/snyk-dev/DB_NAME","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_NAME","overwrite":null,"tags":{"environment":"dev"},"tags_all":{"environment":"dev"},"tier":"Standard","type":"SecureString","value":"snyk_db_dev","version":1},"sensitive_values":{"tags":{},"tags_all":{}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_password","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_password","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_PASSWORD","data_type":"text","description":"Snyk Database Password","id":"/snyk-dev/DB_PASSWORD","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_PASSWORD","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"supersecret","version":1},"sensitive_values":{"tags":{},"tags_all":{},"value":true}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_user","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_user","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_USER","data_type":"text","description":"Snyk Database Username","id":"/snyk-dev/DB_USER","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_USER","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk","version":1},"sensitive_values":{"tags":{},"tags_all":{}}}],"address":"module.storage"},{"resources":[{"address":"module.subnet.aws_subnet.main","mode":"managed","type":"aws_subnet","name":"main","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0941234696ed66706","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1a","availability_zone_id":"usw1-az1","cidr_block":"10.0.0.0/24","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0941234696ed66706","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"tags":{},"tags_all":{}}},{"address":"module.subnet.aws_subnet.secondary","mode":"managed","type":"aws_subnet","name":"secondary","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0ecfae41aa4588107","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1c","availability_zone_id":"usw1-az3","cidr_block":"10.0.64.0/19","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0ecfae41aa4588107","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"tags":{},"tags_all":{}}}],"address":"module.subnet"},{"resources":[{"address":"module.vpc.aws_default_security_group.default","mode":"managed","type":"aws_default_security_group","name":"default","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-053ac4c098e061a97","description":"default VPC security group","egress":[],"id":"sg-053ac4c098e061a97","ingress":[{"cidr_blocks":[],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":true,"to_port":0}],"name":"default","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[],"ingress":[{"cidr_blocks":[],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}},{"address":"module.vpc.aws_security_group.allow_ssh","mode":"managed","type":"aws_security_group","name":"allow_ssh","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-08ad2beb5cf3a0c52","description":"Allow SSH inbound from anywhere","egress":[],"id":"sg-08ad2beb5cf3a0c52","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}},{"address":"module.vpc.aws_security_group.allow_ssh_with_valid_cidr","mode":"managed","type":"aws_security_group","name":"allow_ssh_with_valid_cidr","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-0423d304c80e5ba95","description":"Allow SSH inbound from specific range","egress":[],"id":"sg-0423d304c80e5ba95","ingress":[{"cidr_blocks":["10.0.0.0/16"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh_with_valid_cidr","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}},{"address":"module.vpc.aws_vpc.example","mode":"managed","type":"aws_vpc","name":"example","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:vpc/vpc-0634642741facb9e9","assign_generated_ipv6_cidr_block":false,"cidr_block":"10.0.0.0/16","default_network_acl_id":"acl-038efd3dd6fdea0c0","default_route_table_id":"rtb-016872e07f61110e5","default_security_group_id":"sg-053ac4c098e061a97","dhcp_options_id":"dopt-5fb3eb38","enable_classiclink":false,"enable_classiclink_dns_support":false,"enable_dns_hostnames":false,"enable_dns_support":true,"id":"vpc-0634642741facb9e9","instance_tenancy":"default","ipv4_ipam_pool_id":null,"ipv4_netmask_length":null,"ipv6_association_id":"","ipv6_cidr_block":"","ipv6_cidr_block_network_border_group":"","ipv6_ipam_pool_id":"","ipv6_netmask_length":0,"main_route_table_id":"rtb-016872e07f61110e5","owner_id":"300326902600","tags":{},"tags_all":{}},"sensitive_values":{"tags":{},"tags_all":{}}}],"address":"module.vpc"}]}},"resource_drift":[{"address":"module.storage.aws_s3_bucket.snyk_public_storage","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_public_storage","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["update"],"before":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-public-dev-demo","bucket":"snyk-public-dev-demo","bucket_domain_name":"snyk-public-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-public-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-public-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{"enabled":false,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"after":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-public-dev-demo","bucket":"snyk-public-dev-demo","bucket_domain_name":"snyk-public-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-public-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-public-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{"enabled":true,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"after_unknown":{},"before_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]},"after_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}}},{"address":"module.storage.aws_s3_bucket_public_access_block.snyk_private","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_private","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["update"],"before":{"block_public_acls":true,"block_public_policy":true,"bucket":"snyk-storage-dev-demo","id":"snyk-storage-dev-demo","ignore_public_acls":true,"restrict_public_buckets":false},"after":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-storage-dev-demo","id":"snyk-storage-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"after_unknown":{},"before_sensitive":{},"after_sensitive":{}}}],"resource_changes":[{"address":"aws_iam_account_password_policy.strict","mode":"managed","type":"aws_iam_account_password_policy","name":"strict","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"allow_users_to_change_password":true,"expire_passwords":true,"hard_expiry":false,"id":"iam-account-password-policy","max_password_age":3,"minimum_password_length":8,"password_reuse_prevention":0,"require_lowercase_characters":false,"require_numbers":false,"require_symbols":false,"require_uppercase_characters":false},"after":{"allow_users_to_change_password":true,"expire_passwords":true,"hard_expiry":false,"id":"iam-account-password-policy","max_password_age":3,"minimum_password_length":8,"password_reuse_prevention":0,"require_lowercase_characters":false,"require_numbers":false,"require_symbols":false,"require_uppercase_characters":false},"after_unknown":{},"before_sensitive":{},"after_sensitive":{}}},{"address":"module.iam.aws_iam_role.snyk-admin-role","module_address":"module.iam","mode":"managed","type":"aws_iam_role","name":"snyk-admin-role","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["create"],"before":null,"after":{"assume_role_policy":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"*\",\n \"Resource\": \"*\"\n }\n ]\n}","description":null,"force_detach_policies":false,"max_session_duration":3600,"name":"snyk_dev_role","path":"/","permissions_boundary":null,"tags":null},"after_unknown":{"arn":true,"create_date":true,"id":true,"inline_policy":true,"managed_policy_arns":true,"name_prefix":true,"tags_all":true,"unique_id":true},"before_sensitive":false,"after_sensitive":{"inline_policy":[],"managed_policy_arns":[],"tags_all":{}}}},{"address":"module.instance.aws_instance.this[0]","module_address":"module.instance","mode":"managed","type":"aws_instance","name":"this","index":0,"provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"ami":"ami-07336266b2c69c546","arn":"arn:aws:ec2:us-west-1::instance/i-0845bf4b0d78e0a81","associate_public_ip_address":false,"availability_zone":"us-west-1a","capacity_reservation_specification":[{"capacity_reservation_preference":"open","capacity_reservation_target":[]}],"cpu_core_count":1,"cpu_threads_per_core":1,"credit_specification":[{"cpu_credits":"standard"}],"disable_api_termination":false,"ebs_block_device":[],"ebs_optimized":false,"enclave_options":[{"enabled":false}],"ephemeral_block_device":[],"get_password_data":false,"hibernation":false,"host_id":null,"iam_instance_profile":"","id":"i-0845bf4b0d78e0a81","instance_initiated_shutdown_behavior":"stop","instance_state":"running","instance_type":"t2.micro","ipv6_address_count":0,"ipv6_addresses":[],"key_name":"","launch_template":[],"metadata_options":[{"http_endpoint":"enabled","http_put_response_hop_limit":1,"http_tokens":"optional","instance_metadata_tags":"disabled"}],"monitoring":false,"network_interface":[],"outpost_arn":"","password_data":"","placement_group":"","placement_partition_number":null,"primary_network_interface_id":"eni-012e044fc6dd887c9","private_dns":"ip-10-0-0-222.us-west-1.compute.internal","private_ip":"10.0.0.222","public_dns":"","public_ip":"","root_block_device":[{"delete_on_termination":true,"device_name":"/dev/sda1","encrypted":false,"iops":100,"kms_key_id":"","tags":{},"throughput":0,"volume_id":"vol-0b862e79d153597fa","volume_size":8,"volume_type":"gp2"}],"secondary_private_ips":[],"security_groups":[],"source_dest_check":true,"subnet_id":"subnet-0941234696ed66706","tags":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tags_all":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tenancy":"default","timeouts":{"create":null,"delete":null,"update":null},"user_data":null,"user_data_base64":null,"volume_tags":{"Name":"example-server"},"vpc_security_group_ids":["sg-053ac4c098e061a97"]},"after":{"ami":"ami-07336266b2c69c546","arn":"arn:aws:ec2:us-west-1::instance/i-0845bf4b0d78e0a81","associate_public_ip_address":false,"availability_zone":"us-west-1a","capacity_reservation_specification":[{"capacity_reservation_preference":"open","capacity_reservation_target":[]}],"cpu_core_count":1,"cpu_threads_per_core":1,"credit_specification":[{"cpu_credits":"standard"}],"disable_api_termination":false,"ebs_block_device":[],"ebs_optimized":false,"enclave_options":[{"enabled":false}],"ephemeral_block_device":[],"get_password_data":false,"hibernation":false,"host_id":null,"iam_instance_profile":"","id":"i-0845bf4b0d78e0a81","instance_initiated_shutdown_behavior":"stop","instance_state":"running","instance_type":"t2.micro","ipv6_address_count":0,"ipv6_addresses":[],"key_name":"","launch_template":[],"metadata_options":[{"http_endpoint":"enabled","http_put_response_hop_limit":1,"http_tokens":"optional","instance_metadata_tags":"disabled"}],"monitoring":false,"network_interface":[],"outpost_arn":"","password_data":"","placement_group":"","placement_partition_number":null,"primary_network_interface_id":"eni-012e044fc6dd887c9","private_dns":"ip-10-0-0-222.us-west-1.compute.internal","private_ip":"10.0.0.222","public_dns":"","public_ip":"","root_block_device":[{"delete_on_termination":true,"device_name":"/dev/sda1","encrypted":false,"iops":100,"kms_key_id":"","tags":{},"throughput":0,"volume_id":"vol-0b862e79d153597fa","volume_size":8,"volume_type":"gp2"}],"secondary_private_ips":[],"security_groups":[],"source_dest_check":true,"subnet_id":"subnet-0941234696ed66706","tags":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tags_all":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tenancy":"default","timeouts":{"create":null,"delete":null,"update":null},"user_data":null,"user_data_base64":null,"volume_tags":{"Name":"example-server"},"vpc_security_group_ids":["sg-053ac4c098e061a97"]},"after_unknown":{},"before_sensitive":{"capacity_reservation_specification":[{"capacity_reservation_target":[]}],"credit_specification":[{}],"ebs_block_device":[],"enclave_options":[{}],"ephemeral_block_device":[],"ipv6_addresses":[],"launch_template":[],"metadata_options":[{}],"network_interface":[],"root_block_device":[{"tags":{}}],"secondary_private_ips":[],"security_groups":[],"tags":{},"tags_all":{},"timeouts":{},"volume_tags":{},"vpc_security_group_ids":[false]},"after_sensitive":{"capacity_reservation_specification":[{"capacity_reservation_target":[]}],"credit_specification":[{}],"ebs_block_device":[],"enclave_options":[{}],"ephemeral_block_device":[],"ipv6_addresses":[],"launch_template":[],"metadata_options":[{}],"network_interface":[],"root_block_device":[{"tags":{}}],"secondary_private_ips":[],"security_groups":[],"tags":{},"tags_all":{},"timeouts":{},"volume_tags":{},"vpc_security_group_ids":[false]}}},{"address":"module.storage.aws_db_instance.snyk_db","module_address":"module.storage","mode":"managed","type":"aws_db_instance","name":"snyk_db","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"address":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com","allocated_storage":20,"allow_major_version_upgrade":null,"apply_immediately":null,"arn":"arn:aws:rds:us-west-1:300326902600:db:snyk-db-dev","auto_minor_version_upgrade":true,"availability_zone":"us-west-1a","backup_retention_period":0,"backup_window":"13:12-13:42","ca_cert_identifier":"rds-ca-2019","character_set_name":"","copy_tags_to_snapshot":false,"customer_owned_ip_enabled":false,"db_subnet_group_name":"snyk_rds_subnet_grp_dev","delete_automated_backups":true,"deletion_protection":false,"domain":"","domain_iam_role_name":"","enabled_cloudwatch_logs_exports":[],"endpoint":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","engine":"postgres","engine_version":"10.20","engine_version_actual":"10.20","final_snapshot_identifier":"snyk-db-dev-db-destroy-snapshot","hosted_zone_id":"Z10WI91S59XXQN","iam_database_authentication_enabled":false,"id":"snyk-db-dev","identifier":"snyk-db-dev","identifier_prefix":null,"instance_class":"db.t3.micro","iops":0,"kms_key_id":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","latest_restorable_time":"0001-01-01T00:00:00Z","license_model":"postgresql-license","maintenance_window":"sat:07:43-sat:08:13","max_allocated_storage":0,"monitoring_interval":0,"monitoring_role_arn":"","multi_az":false,"name":"snyk_db_dev","nchar_character_set_name":"","option_group_name":"default:postgres-10","parameter_group_name":"default.postgres10","password":"supersecret","performance_insights_enabled":false,"performance_insights_kms_key_id":"","performance_insights_retention_period":0,"port":5432,"publicly_accessible":false,"replica_mode":"","replicas":[],"replicate_source_db":"","resource_id":"db-NPBHHY7WRM6HEWLV6PMXA67WFE","restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"skip_final_snapshot":true,"snapshot_identifier":null,"status":"available","storage_encrypted":true,"storage_type":"gp2","tags":{"Name":"snyk_db_dev"},"tags_all":{"Name":"snyk_db_dev"},"timeouts":null,"timezone":"","username":"snyk","vpc_security_group_ids":["sg-00308b973d1dd0543"]},"after":{"address":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com","allocated_storage":20,"allow_major_version_upgrade":null,"apply_immediately":null,"arn":"arn:aws:rds:us-west-1:300326902600:db:snyk-db-dev","auto_minor_version_upgrade":true,"availability_zone":"us-west-1a","backup_retention_period":0,"backup_window":"13:12-13:42","ca_cert_identifier":"rds-ca-2019","character_set_name":"","copy_tags_to_snapshot":false,"customer_owned_ip_enabled":false,"db_subnet_group_name":"snyk_rds_subnet_grp_dev","delete_automated_backups":true,"deletion_protection":false,"domain":"","domain_iam_role_name":"","enabled_cloudwatch_logs_exports":[],"endpoint":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","engine":"postgres","engine_version":"10.20","engine_version_actual":"10.20","final_snapshot_identifier":"snyk-db-dev-db-destroy-snapshot","hosted_zone_id":"Z10WI91S59XXQN","iam_database_authentication_enabled":false,"id":"snyk-db-dev","identifier":"snyk-db-dev","identifier_prefix":null,"instance_class":"db.t3.micro","iops":0,"kms_key_id":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","latest_restorable_time":"0001-01-01T00:00:00Z","license_model":"postgresql-license","maintenance_window":"sat:07:43-sat:08:13","max_allocated_storage":0,"monitoring_interval":0,"monitoring_role_arn":"","multi_az":false,"name":"snyk_db_dev","nchar_character_set_name":"","option_group_name":"default:postgres-10","parameter_group_name":"default.postgres10","password":"supersecret","performance_insights_enabled":false,"performance_insights_kms_key_id":"","performance_insights_retention_period":0,"port":5432,"publicly_accessible":false,"replica_mode":"","replicas":[],"replicate_source_db":"","resource_id":"db-NPBHHY7WRM6HEWLV6PMXA67WFE","restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"skip_final_snapshot":true,"snapshot_identifier":null,"status":"available","storage_encrypted":true,"storage_type":"gp2","tags":{"Name":"snyk_db_dev"},"tags_all":{"Name":"snyk_db_dev"},"timeouts":null,"timezone":"","username":"snyk","vpc_security_group_ids":["sg-00308b973d1dd0543"]},"after_unknown":{},"before_sensitive":{"enabled_cloudwatch_logs_exports":[],"password":true,"replicas":[],"restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"tags":{},"tags_all":{},"vpc_security_group_ids":[false]},"after_sensitive":{"enabled_cloudwatch_logs_exports":[],"password":true,"replicas":[],"restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"tags":{},"tags_all":{},"vpc_security_group_ids":[false]}}},{"address":"module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","module_address":"module.storage","mode":"managed","type":"aws_db_subnet_group","name":"snyk_rds_subnet_grp","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:rds:us-west-1:300326902600:subgrp:snyk_rds_subnet_grp_dev","description":"Managed by Terraform","id":"snyk_rds_subnet_grp_dev","name":"snyk_rds_subnet_grp_dev","name_prefix":null,"subnet_ids":["subnet-0941234696ed66706","subnet-0ecfae41aa4588107"],"tags":{"Name":"snyk_rds_subnet_grp_dev"},"tags_all":{"Name":"snyk_rds_subnet_grp_dev"}},"after":{"arn":"arn:aws:rds:us-west-1:300326902600:subgrp:snyk_rds_subnet_grp_dev","description":"Managed by Terraform","id":"snyk_rds_subnet_grp_dev","name":"snyk_rds_subnet_grp_dev","name_prefix":null,"subnet_ids":["subnet-0941234696ed66706","subnet-0ecfae41aa4588107"],"tags":{"Name":"snyk_rds_subnet_grp_dev"},"tags_all":{"Name":"snyk_rds_subnet_grp_dev"}},"after_unknown":{},"before_sensitive":{"subnet_ids":[false,false],"tags":{},"tags_all":{}},"after_sensitive":{"subnet_ids":[false,false],"tags":{},"tags_all":{}}}},{"address":"module.storage.aws_kms_key.snyk_db_kms_key","module_address":"module.storage","mode":"managed","type":"aws_kms_key","name":"snyk_db_kms_key","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","bypass_policy_lockout_safety_check":false,"customer_master_key_spec":"SYMMETRIC_DEFAULT","deletion_window_in_days":10,"description":"KMS Key for DB instance dev","enable_key_rotation":true,"id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","is_enabled":true,"key_id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","key_usage":"ENCRYPT_DECRYPT","multi_region":false,"policy":"{\"Id\":\"key-default-1\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::300326902600:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"}],\"Version\":\"2012-10-17\"}","tags":{"Name":"snyk_db_kms_key_dev"},"tags_all":{"Name":"snyk_db_kms_key_dev"}},"after":{"arn":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","bypass_policy_lockout_safety_check":false,"customer_master_key_spec":"SYMMETRIC_DEFAULT","deletion_window_in_days":10,"description":"KMS Key for DB instance dev","enable_key_rotation":true,"id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","is_enabled":true,"key_id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","key_usage":"ENCRYPT_DECRYPT","multi_region":false,"policy":"{\"Id\":\"key-default-1\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::300326902600:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"}],\"Version\":\"2012-10-17\"}","tags":{"Name":"snyk_db_kms_key_dev"},"tags_all":{"Name":"snyk_db_kms_key_dev"}},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{}},"after_sensitive":{"tags":{},"tags_all":{}}}},{"address":"module.storage.aws_s3_bucket.my-new-undeployed-bucket","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket","name":"my-new-undeployed-bucket","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["create"],"before":null,"after":{"acl":"private","bucket":"snyk-storage-dev-demo","bucket_prefix":null,"cors_rule":[],"force_destroy":false,"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{"name":"snyk_blob_storage_dev"},"tags_all":{"name":"snyk_blob_storage_dev"},"website":[]},"after_unknown":{"acceleration_status":true,"arn":true,"bucket_domain_name":true,"bucket_regional_domain_name":true,"cors_rule":[],"grant":[],"hosted_zone_id":true,"id":true,"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"region":true,"replication_configuration":[],"request_payer":true,"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":true,"website":[],"website_domain":true,"website_endpoint":true},"before_sensitive":false,"after_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[],"website":[]}}},{"address":"module.storage.aws_s3_bucket.snyk_public_storage","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_public_storage","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-public-dev-demo","bucket":"snyk-public-dev-demo","bucket_domain_name":"snyk-public-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-public-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-public-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{"enabled":true,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"after":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-public-dev-demo","bucket":"snyk-public-dev-demo","bucket_domain_name":"snyk-public-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-public-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-public-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{"enabled":true,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"after_unknown":{},"before_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]},"after_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}}},{"address":"module.storage.aws_s3_bucket.snyk_storage","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_storage","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-storage-dev-demo","bucket":"snyk-storage-dev-demo","bucket_domain_name":"snyk-storage-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-storage-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-storage-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{"name":"snyk_blob_storage_dev"},"tags_all":{"name":"snyk_blob_storage_dev"},"versioning":[{"enabled":false,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"after":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-storage-dev-demo","bucket":"snyk-storage-dev-demo","bucket_domain_name":"snyk-storage-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-storage-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-storage-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{"name":"snyk_blob_storage_dev"},"tags_all":{"name":"snyk_blob_storage_dev"},"versioning":[{"enabled":false,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"after_unknown":{},"before_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]},"after_sensitive":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}}},{"address":"module.storage.aws_s3_bucket_public_access_block.snyk_private","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_private","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["delete"],"before":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-storage-dev-demo","id":"snyk-storage-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"after":null,"after_unknown":{},"before_sensitive":{},"after_sensitive":false},"action_reason":"delete_because_no_resource_config"},{"address":"module.storage.aws_s3_bucket_public_access_block.snyk_public","module_address":"module.storage","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_public","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-public-dev-demo","id":"snyk-public-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"after":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-public-dev-demo","id":"snyk-public-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"after_unknown":{},"before_sensitive":{},"after_sensitive":{}}},{"address":"module.storage.aws_security_group.snyk_rds_sg","module_address":"module.storage","mode":"managed","type":"aws_security_group","name":"snyk_rds_sg","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-00308b973d1dd0543","description":"Managed by Terraform","egress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":false,"to_port":0}],"id":"sg-00308b973d1dd0543","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":5432,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":5432}],"name":"snyk_rds_sg","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{"Name":"snyk_rds_sg_dev"},"tags_all":{"Name":"snyk_rds_sg_dev"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-00308b973d1dd0543","description":"Managed by Terraform","egress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":false,"to_port":0}],"id":"sg-00308b973d1dd0543","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":5432,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":5432}],"name":"snyk_rds_sg","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{"Name":"snyk_rds_sg_dev"},"tags_all":{"Name":"snyk_rds_sg_dev"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after_unknown":{},"before_sensitive":{"egress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"after_sensitive":{"egress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_host","module_address":"module.storage","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_host","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_HOST","data_type":"text","description":"Snyk Database","id":"/snyk-dev/DB_HOST","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_HOST","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","version":1},"after":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_HOST","data_type":"text","description":"Snyk Database","id":"/snyk-dev/DB_HOST","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_HOST","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","version":1},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{},"value":true},"after_sensitive":{"tags":{},"tags_all":{},"value":true}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_name","module_address":"module.storage","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_name","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_NAME","data_type":"text","description":"Snyk Database Name","id":"/snyk-dev/DB_NAME","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_NAME","overwrite":null,"tags":{"environment":"dev"},"tags_all":{"environment":"dev"},"tier":"Standard","type":"SecureString","value":"snyk_db_dev","version":1},"after":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_NAME","data_type":"text","description":"Snyk Database Name","id":"/snyk-dev/DB_NAME","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_NAME","overwrite":null,"tags":{"environment":"dev"},"tags_all":{"environment":"dev"},"tier":"Standard","type":"SecureString","value":"snyk_db_dev","version":1},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{},"value":true},"after_sensitive":{"tags":{},"tags_all":{},"value":true}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_password","module_address":"module.storage","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_password","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_PASSWORD","data_type":"text","description":"Snyk Database Password","id":"/snyk-dev/DB_PASSWORD","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_PASSWORD","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"supersecret","version":1},"after":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_PASSWORD","data_type":"text","description":"Snyk Database Password","id":"/snyk-dev/DB_PASSWORD","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_PASSWORD","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"supersecret","version":1},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{},"value":true},"after_sensitive":{"tags":{},"tags_all":{},"value":true}}},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_user","module_address":"module.storage","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_user","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_USER","data_type":"text","description":"Snyk Database Username","id":"/snyk-dev/DB_USER","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_USER","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk","version":1},"after":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_USER","data_type":"text","description":"Snyk Database Username","id":"/snyk-dev/DB_USER","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_USER","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk","version":1},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{},"value":true},"after_sensitive":{"tags":{},"tags_all":{},"value":true}}},{"address":"module.subnet.aws_subnet.main","module_address":"module.subnet","mode":"managed","type":"aws_subnet","name":"main","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0941234696ed66706","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1a","availability_zone_id":"usw1-az1","cidr_block":"10.0.0.0/24","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0941234696ed66706","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0941234696ed66706","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1a","availability_zone_id":"usw1-az1","cidr_block":"10.0.0.0/24","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0941234696ed66706","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{}},"after_sensitive":{"tags":{},"tags_all":{}}}},{"address":"module.subnet.aws_subnet.secondary","module_address":"module.subnet","mode":"managed","type":"aws_subnet","name":"secondary","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0ecfae41aa4588107","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1c","availability_zone_id":"usw1-az3","cidr_block":"10.0.64.0/19","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0ecfae41aa4588107","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0ecfae41aa4588107","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1c","availability_zone_id":"usw1-az3","cidr_block":"10.0.64.0/19","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0ecfae41aa4588107","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{}},"after_sensitive":{"tags":{},"tags_all":{}}}},{"address":"module.vpc.aws_default_security_group.default","module_address":"module.vpc","mode":"managed","type":"aws_default_security_group","name":"default","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-053ac4c098e061a97","description":"default VPC security group","egress":[],"id":"sg-053ac4c098e061a97","ingress":[{"cidr_blocks":[],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":true,"to_port":0}],"name":"default","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"vpc_id":"vpc-0634642741facb9e9"},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-053ac4c098e061a97","description":"default VPC security group","egress":[],"id":"sg-053ac4c098e061a97","ingress":[{"cidr_blocks":[],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":true,"to_port":0}],"name":"default","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"vpc_id":"vpc-0634642741facb9e9"},"after_unknown":{},"before_sensitive":{"egress":[],"ingress":[{"cidr_blocks":[],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"after_sensitive":{"egress":[],"ingress":[{"cidr_blocks":[],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}}},{"address":"module.vpc.aws_security_group.allow_ssh","module_address":"module.vpc","mode":"managed","type":"aws_security_group","name":"allow_ssh","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-08ad2beb5cf3a0c52","description":"Allow SSH inbound from anywhere","egress":[],"id":"sg-08ad2beb5cf3a0c52","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-08ad2beb5cf3a0c52","description":"Allow SSH inbound from anywhere","egress":[],"id":"sg-08ad2beb5cf3a0c52","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after_unknown":{},"before_sensitive":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"after_sensitive":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}}},{"address":"module.vpc.aws_security_group.allow_ssh_with_valid_cidr","module_address":"module.vpc","mode":"managed","type":"aws_security_group","name":"allow_ssh_with_valid_cidr","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-0423d304c80e5ba95","description":"Allow SSH inbound from specific range","egress":[],"id":"sg-0423d304c80e5ba95","ingress":[{"cidr_blocks":["10.0.0.0/16"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh_with_valid_cidr","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-0423d304c80e5ba95","description":"Allow SSH inbound from specific range","egress":[],"id":"sg-0423d304c80e5ba95","ingress":[{"cidr_blocks":["10.0.0.0/16"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh_with_valid_cidr","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"after_unknown":{},"before_sensitive":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"after_sensitive":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}}}},{"address":"module.vpc.aws_vpc.example","module_address":"module.vpc","mode":"managed","type":"aws_vpc","name":"example","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["no-op"],"before":{"arn":"arn:aws:ec2:us-west-1:300326902600:vpc/vpc-0634642741facb9e9","assign_generated_ipv6_cidr_block":false,"cidr_block":"10.0.0.0/16","default_network_acl_id":"acl-038efd3dd6fdea0c0","default_route_table_id":"rtb-016872e07f61110e5","default_security_group_id":"sg-053ac4c098e061a97","dhcp_options_id":"dopt-5fb3eb38","enable_classiclink":false,"enable_classiclink_dns_support":false,"enable_dns_hostnames":false,"enable_dns_support":true,"id":"vpc-0634642741facb9e9","instance_tenancy":"default","ipv4_ipam_pool_id":null,"ipv4_netmask_length":null,"ipv6_association_id":"","ipv6_cidr_block":"","ipv6_cidr_block_network_border_group":"","ipv6_ipam_pool_id":"","ipv6_netmask_length":0,"main_route_table_id":"rtb-016872e07f61110e5","owner_id":"300326902600","tags":{},"tags_all":{}},"after":{"arn":"arn:aws:ec2:us-west-1:300326902600:vpc/vpc-0634642741facb9e9","assign_generated_ipv6_cidr_block":false,"cidr_block":"10.0.0.0/16","default_network_acl_id":"acl-038efd3dd6fdea0c0","default_route_table_id":"rtb-016872e07f61110e5","default_security_group_id":"sg-053ac4c098e061a97","dhcp_options_id":"dopt-5fb3eb38","enable_classiclink":false,"enable_classiclink_dns_support":false,"enable_dns_hostnames":false,"enable_dns_support":true,"id":"vpc-0634642741facb9e9","instance_tenancy":"default","ipv4_ipam_pool_id":null,"ipv4_netmask_length":null,"ipv6_association_id":"","ipv6_cidr_block":"","ipv6_cidr_block_network_border_group":"","ipv6_ipam_pool_id":"","ipv6_netmask_length":0,"main_route_table_id":"rtb-016872e07f61110e5","owner_id":"300326902600","tags":{},"tags_all":{}},"after_unknown":{},"before_sensitive":{"tags":{},"tags_all":{}},"after_sensitive":{"tags":{},"tags_all":{}}}}],"prior_state":{"format_version":"1.0","terraform_version":"1.1.7","values":{"root_module":{"resources":[{"address":"aws_iam_account_password_policy.strict","mode":"managed","type":"aws_iam_account_password_policy","name":"strict","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allow_users_to_change_password":true,"expire_passwords":true,"hard_expiry":false,"id":"iam-account-password-policy","max_password_age":3,"minimum_password_length":8,"password_reuse_prevention":0,"require_lowercase_characters":false,"require_numbers":false,"require_symbols":false,"require_uppercase_characters":false},"sensitive_values":{}}],"child_modules":[{"resources":[{"address":"module.iam.data.aws_iam_policy_document.admin-assume-role-policy","mode":"data","type":"aws_iam_policy_document","name":"admin-assume-role-policy","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"id":"784443208","json":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"*\",\n \"Resource\": \"*\"\n }\n ]\n}","override_json":null,"override_policy_documents":null,"policy_id":null,"source_json":null,"source_policy_documents":null,"statement":[{"actions":["*"],"condition":[],"effect":"Allow","not_actions":[],"not_principals":[],"not_resources":[],"principals":[],"resources":["*"],"sid":""}],"version":"2012-10-17"},"sensitive_values":{"statement":[{"actions":[false],"condition":[],"not_actions":[],"not_principals":[],"not_resources":[],"principals":[],"resources":[false]}]}}],"address":"module.iam"},{"resources":[{"address":"module.instance.aws_instance.this[0]","mode":"managed","type":"aws_instance","name":"this","index":0,"provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"ami":"ami-07336266b2c69c546","arn":"arn:aws:ec2:us-west-1::instance/i-0845bf4b0d78e0a81","associate_public_ip_address":false,"availability_zone":"us-west-1a","capacity_reservation_specification":[{"capacity_reservation_preference":"open","capacity_reservation_target":[]}],"cpu_core_count":1,"cpu_threads_per_core":1,"credit_specification":[{"cpu_credits":"standard"}],"disable_api_termination":false,"ebs_block_device":[],"ebs_optimized":false,"enclave_options":[{"enabled":false}],"ephemeral_block_device":[],"get_password_data":false,"hibernation":false,"host_id":null,"iam_instance_profile":"","id":"i-0845bf4b0d78e0a81","instance_initiated_shutdown_behavior":"stop","instance_state":"running","instance_type":"t2.micro","ipv6_address_count":0,"ipv6_addresses":[],"key_name":"","launch_template":[],"metadata_options":[{"http_endpoint":"enabled","http_put_response_hop_limit":1,"http_tokens":"optional","instance_metadata_tags":"disabled"}],"monitoring":false,"network_interface":[],"outpost_arn":"","password_data":"","placement_group":"","placement_partition_number":null,"primary_network_interface_id":"eni-012e044fc6dd887c9","private_dns":"ip-10-0-0-222.us-west-1.compute.internal","private_ip":"10.0.0.222","public_dns":"","public_ip":"","root_block_device":[{"delete_on_termination":true,"device_name":"/dev/sda1","encrypted":false,"iops":100,"kms_key_id":"","tags":{},"throughput":0,"volume_id":"vol-0b862e79d153597fa","volume_size":8,"volume_type":"gp2"}],"secondary_private_ips":[],"security_groups":[],"source_dest_check":true,"subnet_id":"subnet-0941234696ed66706","tags":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tags_all":{"Environment":"dev","Name":"example-server","Terraform":"true"},"tenancy":"default","timeouts":{"create":null,"delete":null,"update":null},"user_data":null,"user_data_base64":null,"volume_tags":{"Name":"example-server"},"vpc_security_group_ids":["sg-053ac4c098e061a97"]},"sensitive_values":{"capacity_reservation_specification":[{"capacity_reservation_target":[]}],"credit_specification":[{}],"ebs_block_device":[],"enclave_options":[{}],"ephemeral_block_device":[],"ipv6_addresses":[],"launch_template":[],"metadata_options":[{}],"network_interface":[],"root_block_device":[{"tags":{}}],"secondary_private_ips":[],"security_groups":[],"tags":{},"tags_all":{},"timeouts":{},"volume_tags":{},"vpc_security_group_ids":[false]},"depends_on":["module.subnet.aws_subnet.main","module.vpc.aws_default_security_group.default","module.vpc.aws_vpc.example"]}],"address":"module.instance"},{"resources":[{"address":"module.storage.aws_db_instance.snyk_db","mode":"managed","type":"aws_db_instance","name":"snyk_db","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"address":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com","allocated_storage":20,"allow_major_version_upgrade":null,"apply_immediately":null,"arn":"arn:aws:rds:us-west-1:300326902600:db:snyk-db-dev","auto_minor_version_upgrade":true,"availability_zone":"us-west-1a","backup_retention_period":0,"backup_window":"13:12-13:42","ca_cert_identifier":"rds-ca-2019","character_set_name":"","copy_tags_to_snapshot":false,"customer_owned_ip_enabled":false,"db_subnet_group_name":"snyk_rds_subnet_grp_dev","delete_automated_backups":true,"deletion_protection":false,"domain":"","domain_iam_role_name":"","enabled_cloudwatch_logs_exports":[],"endpoint":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","engine":"postgres","engine_version":"10.20","engine_version_actual":"10.20","final_snapshot_identifier":"snyk-db-dev-db-destroy-snapshot","hosted_zone_id":"Z10WI91S59XXQN","iam_database_authentication_enabled":false,"id":"snyk-db-dev","identifier":"snyk-db-dev","identifier_prefix":null,"instance_class":"db.t3.micro","iops":0,"kms_key_id":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","latest_restorable_time":"0001-01-01T00:00:00Z","license_model":"postgresql-license","maintenance_window":"sat:07:43-sat:08:13","max_allocated_storage":0,"monitoring_interval":0,"monitoring_role_arn":"","multi_az":false,"name":"snyk_db_dev","nchar_character_set_name":"","option_group_name":"default:postgres-10","parameter_group_name":"default.postgres10","password":"supersecret","performance_insights_enabled":false,"performance_insights_kms_key_id":"","performance_insights_retention_period":0,"port":5432,"publicly_accessible":false,"replica_mode":"","replicas":[],"replicate_source_db":"","resource_id":"db-NPBHHY7WRM6HEWLV6PMXA67WFE","restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"skip_final_snapshot":true,"snapshot_identifier":null,"status":"available","storage_encrypted":true,"storage_type":"gp2","tags":{"Name":"snyk_db_dev"},"tags_all":{"Name":"snyk_db_dev"},"timeouts":null,"timezone":"","username":"snyk","vpc_security_group_ids":["sg-00308b973d1dd0543"]},"sensitive_values":{"enabled_cloudwatch_logs_exports":[],"replicas":[],"restore_to_point_in_time":[],"s3_import":[],"security_group_names":[],"tags":{},"tags_all":{},"vpc_security_group_ids":[false]},"depends_on":["module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","module.storage.aws_kms_key.snyk_db_kms_key","module.storage.aws_security_group.snyk_rds_sg","module.subnet.aws_subnet.main","module.subnet.aws_subnet.secondary","module.vpc.aws_vpc.example"]},{"address":"module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","mode":"managed","type":"aws_db_subnet_group","name":"snyk_rds_subnet_grp","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"arn":"arn:aws:rds:us-west-1:300326902600:subgrp:snyk_rds_subnet_grp_dev","description":"Managed by Terraform","id":"snyk_rds_subnet_grp_dev","name":"snyk_rds_subnet_grp_dev","name_prefix":null,"subnet_ids":["subnet-0941234696ed66706","subnet-0ecfae41aa4588107"],"tags":{"Name":"snyk_rds_subnet_grp_dev"},"tags_all":{"Name":"snyk_rds_subnet_grp_dev"}},"sensitive_values":{"subnet_ids":[false,false],"tags":{},"tags_all":{}},"depends_on":["module.subnet.aws_subnet.main","module.subnet.aws_subnet.secondary","module.vpc.aws_vpc.example"]},{"address":"module.storage.aws_kms_key.snyk_db_kms_key","mode":"managed","type":"aws_kms_key","name":"snyk_db_kms_key","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"arn":"arn:aws:kms:us-west-1:300326902600:key/c2b7f989-976d-4c3f-b6da-702e660c2dee","bypass_policy_lockout_safety_check":false,"customer_master_key_spec":"SYMMETRIC_DEFAULT","deletion_window_in_days":10,"description":"KMS Key for DB instance dev","enable_key_rotation":true,"id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","is_enabled":true,"key_id":"c2b7f989-976d-4c3f-b6da-702e660c2dee","key_usage":"ENCRYPT_DECRYPT","multi_region":false,"policy":"{\"Id\":\"key-default-1\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::300326902600:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"}],\"Version\":\"2012-10-17\"}","tags":{"Name":"snyk_db_kms_key_dev"},"tags_all":{"Name":"snyk_db_kms_key_dev"}},"sensitive_values":{"tags":{},"tags_all":{}}},{"address":"module.storage.aws_s3_bucket.snyk_public_storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_public_storage","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-public-dev-demo","bucket":"snyk-public-dev-demo","bucket_domain_name":"snyk-public-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-public-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-public-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{"enabled":true,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"sensitive_values":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}},{"address":"module.storage.aws_s3_bucket.snyk_storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_storage","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acceleration_status":"","acl":"private","arn":"arn:aws:s3:::snyk-storage-dev-demo","bucket":"snyk-storage-dev-demo","bucket_domain_name":"snyk-storage-dev-demo.s3.amazonaws.com","bucket_prefix":null,"bucket_regional_domain_name":"snyk-storage-dev-demo.s3.us-west-1.amazonaws.com","cors_rule":[],"force_destroy":false,"grant":[],"hosted_zone_id":"Z2F56UZL2M1ACD","id":"snyk-storage-dev-demo","lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"region":"us-west-1","replication_configuration":[],"request_payer":"BucketOwner","server_side_encryption_configuration":[],"tags":{"name":"snyk_blob_storage_dev"},"tags_all":{"name":"snyk_blob_storage_dev"},"versioning":[{"enabled":false,"mfa_delete":false}],"website":[],"website_domain":null,"website_endpoint":null},"sensitive_values":{"cors_rule":[],"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"replication_configuration":[],"server_side_encryption_configuration":[],"tags":{},"tags_all":{},"versioning":[{}],"website":[]}},{"address":"module.storage.aws_s3_bucket_public_access_block.snyk_private","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_private","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-storage-dev-demo","id":"snyk-storage-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"sensitive_values":{},"depends_on":["module.storage.aws_s3_bucket.snyk_storage"]},{"address":"module.storage.aws_s3_bucket_public_access_block.snyk_public","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_public","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"block_public_acls":false,"block_public_policy":false,"bucket":"snyk-public-dev-demo","id":"snyk-public-dev-demo","ignore_public_acls":false,"restrict_public_buckets":false},"sensitive_values":{},"depends_on":["module.storage.aws_s3_bucket.snyk_public_storage"]},{"address":"module.storage.aws_security_group.snyk_rds_sg","mode":"managed","type":"aws_security_group","name":"snyk_rds_sg","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-00308b973d1dd0543","description":"Managed by Terraform","egress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":false,"to_port":0}],"id":"sg-00308b973d1dd0543","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":5432,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":5432}],"name":"snyk_rds_sg","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{"Name":"snyk_rds_sg_dev"},"tags_all":{"Name":"snyk_rds_sg_dev"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"depends_on":["module.vpc.aws_vpc.example"]},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_host","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_host","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_HOST","data_type":"text","description":"Snyk Database","id":"/snyk-dev/DB_HOST","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_HOST","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk-db-dev.cayhnfm969us.us-west-1.rds.amazonaws.com:5432","version":1},"sensitive_values":{"tags":{},"tags_all":{}},"depends_on":["module.storage.aws_db_instance.snyk_db","module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","module.storage.aws_kms_key.snyk_db_kms_key","module.storage.aws_security_group.snyk_rds_sg","module.subnet.aws_subnet.main","module.subnet.aws_subnet.secondary","module.vpc.aws_vpc.example"]},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_name","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_name","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_NAME","data_type":"text","description":"Snyk Database Name","id":"/snyk-dev/DB_NAME","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_NAME","overwrite":null,"tags":{"environment":"dev"},"tags_all":{"environment":"dev"},"tier":"Standard","type":"SecureString","value":"snyk_db_dev","version":1},"sensitive_values":{"tags":{},"tags_all":{}},"depends_on":["module.storage.aws_db_instance.snyk_db","module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","module.storage.aws_kms_key.snyk_db_kms_key","module.storage.aws_security_group.snyk_rds_sg","module.subnet.aws_subnet.main","module.subnet.aws_subnet.secondary","module.vpc.aws_vpc.example"]},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_password","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_password","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_PASSWORD","data_type":"text","description":"Snyk Database Password","id":"/snyk-dev/DB_PASSWORD","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_PASSWORD","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"supersecret","version":1},"sensitive_values":{"tags":{},"tags_all":{},"value":true},"depends_on":["module.storage.aws_db_instance.snyk_db","module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","module.storage.aws_kms_key.snyk_db_kms_key","module.storage.aws_security_group.snyk_rds_sg","module.subnet.aws_subnet.main","module.subnet.aws_subnet.secondary","module.vpc.aws_vpc.example"]},{"address":"module.storage.aws_ssm_parameter.snyk_ssm_db_user","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_user","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"allowed_pattern":"","arn":"arn:aws:ssm:us-west-1:300326902600:parameter/snyk-dev/DB_USER","data_type":"text","description":"Snyk Database Username","id":"/snyk-dev/DB_USER","key_id":"alias/aws/ssm","name":"/snyk-dev/DB_USER","overwrite":null,"tags":{},"tags_all":{},"tier":"Standard","type":"SecureString","value":"snyk","version":1},"sensitive_values":{"tags":{},"tags_all":{}},"depends_on":["module.storage.aws_db_instance.snyk_db","module.storage.aws_db_subnet_group.snyk_rds_subnet_grp","module.storage.aws_kms_key.snyk_db_kms_key","module.storage.aws_security_group.snyk_rds_sg","module.subnet.aws_subnet.main","module.subnet.aws_subnet.secondary","module.vpc.aws_vpc.example"]}],"address":"module.storage"},{"resources":[{"address":"module.subnet.aws_subnet.main","mode":"managed","type":"aws_subnet","name":"main","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0941234696ed66706","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1a","availability_zone_id":"usw1-az1","cidr_block":"10.0.0.0/24","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0941234696ed66706","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"tags":{},"tags_all":{}},"depends_on":["module.vpc.aws_vpc.example"]},{"address":"module.subnet.aws_subnet.secondary","mode":"managed","type":"aws_subnet","name":"secondary","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:subnet/subnet-0ecfae41aa4588107","assign_ipv6_address_on_creation":false,"availability_zone":"us-west-1c","availability_zone_id":"usw1-az3","cidr_block":"10.0.64.0/19","customer_owned_ipv4_pool":"","enable_dns64":false,"enable_resource_name_dns_a_record_on_launch":false,"enable_resource_name_dns_aaaa_record_on_launch":false,"id":"subnet-0ecfae41aa4588107","ipv6_cidr_block":"","ipv6_cidr_block_association_id":"","ipv6_native":false,"map_customer_owned_ip_on_launch":false,"map_public_ip_on_launch":false,"outpost_arn":"","owner_id":"300326902600","private_dns_hostname_type_on_launch":"ip-name","tags":{"Name":"Main"},"tags_all":{"Name":"Main"},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"tags":{},"tags_all":{}},"depends_on":["module.vpc.aws_vpc.example"]}],"address":"module.subnet"},{"resources":[{"address":"module.vpc.aws_default_security_group.default","mode":"managed","type":"aws_default_security_group","name":"default","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-053ac4c098e061a97","description":"default VPC security group","egress":[],"id":"sg-053ac4c098e061a97","ingress":[{"cidr_blocks":[],"description":"","from_port":0,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"-1","security_groups":[],"self":true,"to_port":0}],"name":"default","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[],"ingress":[{"cidr_blocks":[],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"depends_on":["module.vpc.aws_vpc.example"]},{"address":"module.vpc.aws_security_group.allow_ssh","mode":"managed","type":"aws_security_group","name":"allow_ssh","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-08ad2beb5cf3a0c52","description":"Allow SSH inbound from anywhere","egress":[],"id":"sg-08ad2beb5cf3a0c52","ingress":[{"cidr_blocks":["0.0.0.0/0"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"depends_on":["module.vpc.aws_vpc.example"]},{"address":"module.vpc.aws_security_group.allow_ssh_with_valid_cidr","mode":"managed","type":"aws_security_group","name":"allow_ssh_with_valid_cidr","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:security-group/sg-0423d304c80e5ba95","description":"Allow SSH inbound from specific range","egress":[],"id":"sg-0423d304c80e5ba95","ingress":[{"cidr_blocks":["10.0.0.0/16"],"description":"","from_port":22,"ipv6_cidr_blocks":[],"prefix_list_ids":[],"protocol":"tcp","security_groups":[],"self":false,"to_port":22}],"name":"allow_ssh_with_valid_cidr","name_prefix":"","owner_id":"300326902600","revoke_rules_on_delete":false,"tags":{},"tags_all":{},"timeouts":null,"vpc_id":"vpc-0634642741facb9e9"},"sensitive_values":{"egress":[],"ingress":[{"cidr_blocks":[false],"ipv6_cidr_blocks":[],"prefix_list_ids":[],"security_groups":[]}],"tags":{},"tags_all":{}},"depends_on":["module.vpc.aws_vpc.example"]},{"address":"module.vpc.aws_vpc.example","mode":"managed","type":"aws_vpc","name":"example","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":1,"values":{"arn":"arn:aws:ec2:us-west-1:300326902600:vpc/vpc-0634642741facb9e9","assign_generated_ipv6_cidr_block":false,"cidr_block":"10.0.0.0/16","default_network_acl_id":"acl-038efd3dd6fdea0c0","default_route_table_id":"rtb-016872e07f61110e5","default_security_group_id":"sg-053ac4c098e061a97","dhcp_options_id":"dopt-5fb3eb38","enable_classiclink":false,"enable_classiclink_dns_support":false,"enable_dns_hostnames":false,"enable_dns_support":true,"id":"vpc-0634642741facb9e9","instance_tenancy":"default","ipv4_ipam_pool_id":null,"ipv4_netmask_length":null,"ipv6_association_id":"","ipv6_cidr_block":"","ipv6_cidr_block_network_border_group":"","ipv6_ipam_pool_id":"","ipv6_netmask_length":0,"main_route_table_id":"rtb-016872e07f61110e5","owner_id":"300326902600","tags":{},"tags_all":{}},"sensitive_values":{"tags":{},"tags_all":{}}}],"address":"module.vpc"}]}}},"configuration":{"provider_config":{"aws":{"name":"aws","expressions":{"access_key":{"references":["var.access_key"]},"region":{"references":["var.region"]},"secret_key":{"references":["var.secret_key"]},"skip_credentials_validation":{"constant_value":true},"skip_metadata_api_check":{"constant_value":true},"skip_requesting_account_id":{"constant_value":true}}},"module.instance:aws":{"name":"aws","version_constraint":"\u003e= 3.72.0","module_address":"module.instance"}},"root_module":{"resources":[{"address":"aws_iam_account_password_policy.strict","mode":"managed","type":"aws_iam_account_password_policy","name":"strict","provider_config_key":"aws","expressions":{"max_password_age":{"constant_value":3},"minimum_password_length":{"constant_value":8}},"schema_version":0}],"module_calls":{"iam":{"source":"./modules/iam","expressions":{"environment":{"references":["var.env"]}},"module":{"resources":[{"address":"aws_iam_role.snyk-admin-role","mode":"managed","type":"aws_iam_role","name":"snyk-admin-role","provider_config_key":"iam:aws","expressions":{"assume_role_policy":{"references":["data.aws_iam_policy_document.admin-assume-role-policy.json","data.aws_iam_policy_document.admin-assume-role-policy"]},"managed_policy_arns":{"constant_value":[]},"name":{"references":["var.environment"]}},"schema_version":0},{"address":"data.aws_iam_policy_document.admin-assume-role-policy","mode":"data","type":"aws_iam_policy_document","name":"admin-assume-role-policy","provider_config_key":"iam:aws","expressions":{"statement":[{"actions":{"constant_value":["*"]},"resources":{"constant_value":["*"]}}]},"schema_version":0}],"variables":{"environment":{"description":"the type of environment (dev,staging/prod)"}}}},"instance":{"source":"terraform-aws-modules/ec2-instance/aws","expressions":{"ami":{"references":["var.ami"]},"instance_type":{"constant_value":"t2.micro"},"name":{"constant_value":"example-server"},"subnet_id":{"references":["module.subnet.subnet_id_main","module.subnet"]},"tags":{"references":["var.env"]},"vpc_security_group_ids":{"references":["module.vpc.vpc_sg_id","module.vpc"]}},"module":{"outputs":{"arn":{"expression":{"references":["aws_instance.this[0].arn","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].arn","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The ARN of the instance"},"capacity_reservation_specification":{"expression":{"references":["aws_instance.this[0].capacity_reservation_specification","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].capacity_reservation_specification","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"Capacity reservation specification of the instance"},"id":{"expression":{"references":["aws_instance.this[0].id","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].id","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The ID of the instance"},"instance_state":{"expression":{"references":["aws_instance.this[0].instance_state","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].instance_state","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The state of the instance. One of: `pending`, `running`, `shutting-down`, `terminated`, `stopping`, `stopped`"},"ipv6_addresses":{"expression":{"references":["aws_instance.this[0].ipv6_addresses","aws_instance.this[0]","aws_instance.this"]},"description":"The IPv6 address assigned to the instance, if applicable."},"outpost_arn":{"expression":{"references":["aws_instance.this[0].outpost_arn","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].outpost_arn","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The ARN of the Outpost the instance is assigned to"},"password_data":{"expression":{"references":["aws_instance.this[0].password_data","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].password_data","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if `get_password_data` is true"},"primary_network_interface_id":{"expression":{"references":["aws_instance.this[0].primary_network_interface_id","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].primary_network_interface_id","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The ID of the instance's primary network interface"},"private_dns":{"expression":{"references":["aws_instance.this[0].private_dns","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].private_dns","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you've enabled DNS hostnames for your VPC"},"private_ip":{"expression":{"references":["aws_instance.this[0].private_ip","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].private_ip","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The private IP address assigned to the instance."},"public_dns":{"expression":{"references":["aws_instance.this[0].public_dns","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].public_dns","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The public DNS name assigned to the instance. For EC2-VPC, this is only available if you've enabled DNS hostnames for your VPC"},"public_ip":{"expression":{"references":["aws_instance.this[0].public_ip","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].public_ip","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached"},"spot_bid_status":{"expression":{"references":["aws_spot_instance_request.this[0].spot_bid_status","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The current bid status of the Spot Instance Request"},"spot_instance_id":{"expression":{"references":["aws_spot_instance_request.this[0].spot_instance_id","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The Instance ID (if any) that is currently fulfilling the Spot Instance request"},"spot_request_state":{"expression":{"references":["aws_spot_instance_request.this[0].spot_request_state","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"The current request state of the Spot Instance Request"},"tags_all":{"expression":{"references":["aws_instance.this[0].tags_all","aws_instance.this[0]","aws_instance.this","aws_spot_instance_request.this[0].tags_all","aws_spot_instance_request.this[0]","aws_spot_instance_request.this"]},"description":"A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block"}},"resources":[{"address":"aws_instance.this","mode":"managed","type":"aws_instance","name":"this","provider_config_key":"instance:aws","expressions":{"ami":{"references":["var.ami"]},"associate_public_ip_address":{"references":["var.associate_public_ip_address"]},"availability_zone":{"references":["var.availability_zone"]},"cpu_core_count":{"references":["var.cpu_core_count"]},"cpu_threads_per_core":{"references":["var.cpu_threads_per_core"]},"credit_specification":[{"cpu_credits":{"references":["local.is_t_instance_type","var.cpu_credits"]}}],"disable_api_termination":{"references":["var.disable_api_termination"]},"ebs_optimized":{"references":["var.ebs_optimized"]},"enclave_options":[{"enabled":{"references":["var.enclave_options_enabled"]}}],"get_password_data":{"references":["var.get_password_data"]},"hibernation":{"references":["var.hibernation"]},"host_id":{"references":["var.host_id"]},"iam_instance_profile":{"references":["var.iam_instance_profile"]},"instance_initiated_shutdown_behavior":{"references":["var.instance_initiated_shutdown_behavior"]},"instance_type":{"references":["var.instance_type"]},"ipv6_address_count":{"references":["var.ipv6_address_count"]},"ipv6_addresses":{"references":["var.ipv6_addresses"]},"key_name":{"references":["var.key_name"]},"monitoring":{"references":["var.monitoring"]},"placement_group":{"references":["var.placement_group"]},"private_ip":{"references":["var.private_ip"]},"secondary_private_ips":{"references":["var.secondary_private_ips"]},"source_dest_check":{"references":["var.network_interface","var.source_dest_check"]},"subnet_id":{"references":["var.subnet_id"]},"tags":{"references":["var.name","var.tags"]},"tenancy":{"references":["var.tenancy"]},"timeouts":{"create":{"references":["var.timeouts"]},"delete":{"references":["var.timeouts"]},"update":{"references":["var.timeouts"]}},"user_data":{"references":["var.user_data"]},"user_data_base64":{"references":["var.user_data_base64"]},"volume_tags":{"references":["var.enable_volume_tags","var.name","var.volume_tags"]},"vpc_security_group_ids":{"references":["var.vpc_security_group_ids"]}},"schema_version":1,"count_expression":{"references":["local.create","var.create_spot_instance"]}},{"address":"aws_spot_instance_request.this","mode":"managed","type":"aws_spot_instance_request","name":"this","provider_config_key":"instance:aws","expressions":{"ami":{"references":["var.ami"]},"associate_public_ip_address":{"references":["var.associate_public_ip_address"]},"availability_zone":{"references":["var.availability_zone"]},"block_duration_minutes":{"references":["var.spot_block_duration_minutes"]},"cpu_core_count":{"references":["var.cpu_core_count"]},"cpu_threads_per_core":{"references":["var.cpu_threads_per_core"]},"credit_specification":[{"cpu_credits":{"references":["local.is_t_instance_type","var.cpu_credits"]}}],"disable_api_termination":{"references":["var.disable_api_termination"]},"ebs_optimized":{"references":["var.ebs_optimized"]},"enclave_options":[{"enabled":{"references":["var.enclave_options_enabled"]}}],"get_password_data":{"references":["var.get_password_data"]},"hibernation":{"references":["var.hibernation"]},"host_id":{"references":["var.host_id"]},"iam_instance_profile":{"references":["var.iam_instance_profile"]},"instance_initiated_shutdown_behavior":{"references":["var.instance_initiated_shutdown_behavior"]},"instance_interruption_behavior":{"references":["var.spot_instance_interruption_behavior"]},"instance_type":{"references":["var.instance_type"]},"ipv6_address_count":{"references":["var.ipv6_address_count"]},"ipv6_addresses":{"references":["var.ipv6_addresses"]},"key_name":{"references":["var.key_name"]},"launch_group":{"references":["var.spot_launch_group"]},"monitoring":{"references":["var.monitoring"]},"placement_group":{"references":["var.placement_group"]},"private_ip":{"references":["var.private_ip"]},"secondary_private_ips":{"references":["var.secondary_private_ips"]},"source_dest_check":{"references":["var.network_interface","var.source_dest_check"]},"spot_price":{"references":["var.spot_price"]},"spot_type":{"references":["var.spot_type"]},"subnet_id":{"references":["var.subnet_id"]},"tags":{"references":["var.name","var.tags"]},"tenancy":{"references":["var.tenancy"]},"timeouts":{"create":{"references":["var.timeouts"]},"delete":{"references":["var.timeouts"]}},"user_data":{"references":["var.user_data"]},"user_data_base64":{"references":["var.user_data_base64"]},"valid_from":{"references":["var.spot_valid_from"]},"valid_until":{"references":["var.spot_valid_until"]},"volume_tags":{"references":["var.enable_volume_tags","var.name","var.volume_tags"]},"vpc_security_group_ids":{"references":["var.vpc_security_group_ids"]},"wait_for_fulfillment":{"references":["var.spot_wait_for_fulfillment"]}},"schema_version":0,"count_expression":{"references":["local.create","var.create_spot_instance"]}}],"variables":{"ami":{"default":"","description":"ID of AMI to use for the instance"},"associate_public_ip_address":{"default":null,"description":"Whether to associate a public IP address with an instance in a VPC"},"availability_zone":{"default":null,"description":"AZ to start the instance in"},"capacity_reservation_specification":{"default":null,"description":"Describes an instance's Capacity Reservation targeting option"},"cpu_core_count":{"default":null,"description":"Sets the number of CPU cores for an instance."},"cpu_credits":{"default":null,"description":"The credit option for CPU usage (unlimited or standard)"},"cpu_threads_per_core":{"default":null,"description":"Sets the number of CPU threads per core for an instance (has no effect unless cpu_core_count is also set)."},"create":{"default":true,"description":"Whether to create an instance"},"create_spot_instance":{"default":false,"description":"Depicts if the instance is a spot instance"},"disable_api_termination":{"default":null,"description":"If true, enables EC2 Instance Termination Protection"},"ebs_block_device":{"default":[],"description":"Additional EBS block devices to attach to the instance"},"ebs_optimized":{"default":null,"description":"If true, the launched EC2 instance will be EBS-optimized"},"enable_volume_tags":{"default":true,"description":"Whether to enable volume tags (if enabled it conflicts with root_block_device tags)"},"enclave_options_enabled":{"default":null,"description":"Whether Nitro Enclaves will be enabled on the instance. Defaults to `false`"},"ephemeral_block_device":{"default":[],"description":"Customize Ephemeral (also known as Instance Store) volumes on the instance"},"get_password_data":{"default":null,"description":"If true, wait for password data to become available and retrieve it."},"hibernation":{"default":null,"description":"If true, the launched EC2 instance will support hibernation"},"host_id":{"default":null,"description":"ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host"},"iam_instance_profile":{"default":null,"description":"IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile"},"instance_initiated_shutdown_behavior":{"default":null,"description":"Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instance"},"instance_type":{"default":"t3.micro","description":"The type of instance to start"},"ipv6_address_count":{"default":null,"description":"A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet"},"ipv6_addresses":{"default":null,"description":"Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface"},"key_name":{"default":null,"description":"Key name of the Key Pair to use for the instance; which can be managed using the `aws_key_pair` resource"},"launch_template":{"default":null,"description":"Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template"},"metadata_options":{"default":{},"description":"Customize the metadata options of the instance"},"monitoring":{"default":false,"description":"If true, the launched EC2 instance will have detailed monitoring enabled"},"name":{"default":"","description":"Name to be used on EC2 instance created"},"network_interface":{"default":[],"description":"Customize network interfaces to be attached at instance boot time"},"placement_group":{"default":null,"description":"The Placement Group to start the instance in"},"private_ip":{"default":null,"description":"Private IP address to associate with the instance in a VPC"},"putin_khuylo":{"default":true,"description":"Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!"},"root_block_device":{"default":[],"description":"Customize details about the root block device of the instance. See Block Devices below for details"},"secondary_private_ips":{"default":null,"description":"A list of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e. referenced in a `network_interface block`"},"source_dest_check":{"default":true,"description":"Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs."},"spot_block_duration_minutes":{"default":null,"description":"The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360)"},"spot_instance_interruption_behavior":{"default":null,"description":"Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate`"},"spot_launch_group":{"default":null,"description":"A launch group is a group of spot instances that launch together and terminate together. If left empty instances are launched and terminated individually"},"spot_price":{"default":null,"description":"The maximum price to request on the spot market. Defaults to on-demand price"},"spot_type":{"default":null,"description":"If set to one-time, after the instance is terminated, the spot request will be closed. Default `persistent`"},"spot_valid_from":{"default":null,"description":"The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ)"},"spot_valid_until":{"default":null,"description":"The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ)"},"spot_wait_for_fulfillment":{"default":null,"description":"If set, Terraform will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached"},"subnet_id":{"default":null,"description":"The VPC Subnet ID to launch in"},"tags":{"default":{},"description":"A mapping of tags to assign to the resource"},"tenancy":{"default":null,"description":"The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host."},"timeouts":{"default":{},"description":"Define maximum timeout for creating, updating, and deleting EC2 instance resources"},"user_data":{"default":null,"description":"The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead."},"user_data_base64":{"default":null,"description":"Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption."},"volume_tags":{"default":{},"description":"A mapping of tags to assign to the devices created by the instance at launch time"},"vpc_security_group_ids":{"default":null,"description":"A list of security group IDs to associate with"}}}},"storage":{"source":"./modules/storage","expressions":{"acl":{"references":["var.s3_acl"]},"db_password":{"constant_value":"supersecret"},"db_username":{"constant_value":"snyk"},"environment":{"references":["var.env"]},"private_subnet":{"references":["module.subnet.subnet_id_main","module.subnet","module.subnet.subnet_id_secondary","module.subnet"]},"vpc_id":{"references":["module.vpc.vpc_id","module.vpc"]}},"module":{"resources":[{"address":"aws_db_instance.snyk_db","mode":"managed","type":"aws_db_instance","name":"snyk_db","provider_config_key":"storage:aws","expressions":{"allocated_storage":{"constant_value":20},"db_subnet_group_name":{"references":["aws_db_subnet_group.snyk_rds_subnet_grp.id","aws_db_subnet_group.snyk_rds_subnet_grp"]},"engine":{"constant_value":"postgres"},"engine_version":{"constant_value":"10.20"},"final_snapshot_identifier":{"references":["var.environment"]},"identifier":{"references":["var.environment"]},"instance_class":{"constant_value":"db.t3.micro"},"kms_key_id":{"references":["aws_kms_key.snyk_db_kms_key.arn","aws_kms_key.snyk_db_kms_key"]},"name":{"references":["var.environment"]},"password":{"references":["var.db_password"]},"skip_final_snapshot":{"constant_value":true},"storage_encrypted":{"constant_value":true},"storage_type":{"constant_value":"gp2"},"tags":{"references":["var.default_tags","var.environment"]},"username":{"references":["var.db_username"]},"vpc_security_group_ids":{"references":["aws_security_group.snyk_rds_sg.id","aws_security_group.snyk_rds_sg"]}},"schema_version":1},{"address":"aws_db_subnet_group.snyk_rds_subnet_grp","mode":"managed","type":"aws_db_subnet_group","name":"snyk_rds_subnet_grp","provider_config_key":"storage:aws","expressions":{"name":{"references":["var.environment"]},"subnet_ids":{"references":["var.private_subnet"]},"tags":{"references":["var.default_tags","var.environment"]}},"schema_version":0},{"address":"aws_kms_key.snyk_db_kms_key","mode":"managed","type":"aws_kms_key","name":"snyk_db_kms_key","provider_config_key":"storage:aws","expressions":{"deletion_window_in_days":{"constant_value":10},"description":{"references":["var.environment"]},"enable_key_rotation":{"constant_value":true},"tags":{"references":["var.default_tags","var.environment"]}},"schema_version":0},{"address":"aws_s3_bucket.my-new-undeployed-bucket","mode":"managed","type":"aws_s3_bucket","name":"my-new-undeployed-bucket","provider_config_key":"storage:aws","expressions":{"bucket":{"references":["var.environment"]},"tags":{"references":["var.default_tags","var.environment"]}},"schema_version":0},{"address":"aws_s3_bucket.snyk_public_storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_public_storage","provider_config_key":"storage:aws","expressions":{"bucket":{"references":["var.environment"]}},"schema_version":0},{"address":"aws_s3_bucket.snyk_storage","mode":"managed","type":"aws_s3_bucket","name":"snyk_storage","provider_config_key":"storage:aws","expressions":{"bucket":{"references":["var.environment"]},"tags":{"references":["var.default_tags","var.environment"]}},"schema_version":0},{"address":"aws_s3_bucket_public_access_block.snyk_public","mode":"managed","type":"aws_s3_bucket_public_access_block","name":"snyk_public","provider_config_key":"storage:aws","expressions":{"block_public_acls":{"constant_value":false},"block_public_policy":{"constant_value":false},"bucket":{"references":["aws_s3_bucket.snyk_public_storage.id","aws_s3_bucket.snyk_public_storage"]},"ignore_public_acls":{"constant_value":false}},"schema_version":0},{"address":"aws_security_group.snyk_rds_sg","mode":"managed","type":"aws_security_group","name":"snyk_rds_sg","provider_config_key":"storage:aws","expressions":{"egress":{"constant_value":[{"cidr_blocks":["0.0.0.0/0"],"description":null,"from_port":0,"ipv6_cidr_blocks":null,"prefix_list_ids":null,"protocol":"-1","security_groups":null,"self":null,"to_port":0}]},"ingress":{"constant_value":[{"cidr_blocks":["0.0.0.0/0"],"description":null,"from_port":5432,"ipv6_cidr_blocks":null,"prefix_list_ids":null,"protocol":"tcp","security_groups":null,"self":null,"to_port":5432}]},"name":{"constant_value":"snyk_rds_sg"},"tags":{"references":["var.default_tags","var.environment"]},"vpc_id":{"references":["var.vpc_id"]}},"schema_version":1},{"address":"aws_ssm_parameter.snyk_ssm_db_host","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_host","provider_config_key":"storage:aws","expressions":{"description":{"constant_value":"Snyk Database"},"name":{"references":["var.environment"]},"tags":{"references":["var.default_tags"]},"type":{"constant_value":"SecureString"},"value":{"references":["aws_db_instance.snyk_db.endpoint","aws_db_instance.snyk_db"]}},"schema_version":0},{"address":"aws_ssm_parameter.snyk_ssm_db_name","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_name","provider_config_key":"storage:aws","expressions":{"description":{"constant_value":"Snyk Database Name"},"name":{"references":["var.environment"]},"tags":{"references":["var.default_tags","var.environment"]},"type":{"constant_value":"SecureString"},"value":{"references":["aws_db_instance.snyk_db.name","aws_db_instance.snyk_db"]}},"schema_version":0},{"address":"aws_ssm_parameter.snyk_ssm_db_password","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_password","provider_config_key":"storage:aws","expressions":{"description":{"constant_value":"Snyk Database Password"},"name":{"references":["var.environment"]},"tags":{"references":["var.default_tags"]},"type":{"constant_value":"SecureString"},"value":{"references":["aws_db_instance.snyk_db.password","aws_db_instance.snyk_db"]}},"schema_version":0},{"address":"aws_ssm_parameter.snyk_ssm_db_user","mode":"managed","type":"aws_ssm_parameter","name":"snyk_ssm_db_user","provider_config_key":"storage:aws","expressions":{"description":{"constant_value":"Snyk Database Username"},"name":{"references":["var.environment"]},"tags":{"references":["var.default_tags"]},"type":{"constant_value":"SecureString"},"value":{"references":["aws_db_instance.snyk_db.username","aws_db_instance.snyk_db"]}},"schema_version":0}],"variables":{"acl":{},"db_password":{},"db_username":{},"default_tags":{"default":{},"description":"default tags to resources"},"environment":{"description":"the type of environment (dev,staging/prod)"},"private_subnet":{},"vpc_id":{}}}},"subnet":{"source":"./modules/subnet","expressions":{"region":{"references":["var.region"]},"vpc_id":{"references":["module.vpc.vpc_id","module.vpc"]}},"module":{"outputs":{"subnet_id_main":{"expression":{"references":["aws_subnet.main.id","aws_subnet.main"]}},"subnet_id_secondary":{"expression":{"references":["aws_subnet.secondary.id","aws_subnet.secondary"]}}},"resources":[{"address":"aws_subnet.main","mode":"managed","type":"aws_subnet","name":"main","provider_config_key":"subnet:aws","expressions":{"availability_zone":{"references":["var.region"]},"cidr_block":{"references":["var.cidr_main"]},"tags":{"constant_value":{"Name":"Main"}},"vpc_id":{"references":["var.vpc_id"]}},"schema_version":1},{"address":"aws_subnet.secondary","mode":"managed","type":"aws_subnet","name":"secondary","provider_config_key":"subnet:aws","expressions":{"availability_zone":{"references":["var.region"]},"cidr_block":{"references":["var.cidr_secondary"]},"tags":{"constant_value":{"Name":"Main"}},"vpc_id":{"references":["var.vpc_id"]}},"schema_version":1}],"variables":{"cidr_main":{"default":"10.0.0.0/24"},"cidr_secondary":{"default":"10.0.64.0/19"},"region":{},"vpc_id":{}}}},"vpc":{"source":"./modules/vpc","module":{"outputs":{"vpc_id":{"expression":{"references":["aws_vpc.example.id","aws_vpc.example"]}},"vpc_sg_id":{"expression":{"references":["aws_default_security_group.default.id","aws_default_security_group.default"]}}},"resources":[{"address":"aws_default_security_group.default","mode":"managed","type":"aws_default_security_group","name":"default","provider_config_key":"vpc:aws","expressions":{"ingress":{"constant_value":[{"cidr_blocks":null,"description":null,"from_port":0,"ipv6_cidr_blocks":null,"prefix_list_ids":null,"protocol":"-1","security_groups":null,"self":true,"to_port":0}]},"vpc_id":{"references":["aws_vpc.example.id","aws_vpc.example"]}},"schema_version":1},{"address":"aws_security_group.allow_ssh","mode":"managed","type":"aws_security_group","name":"allow_ssh","provider_config_key":"vpc:aws","expressions":{"description":{"constant_value":"Allow SSH inbound from anywhere"},"ingress":{"constant_value":[{"cidr_blocks":["0.0.0.0/0"],"description":null,"from_port":22,"ipv6_cidr_blocks":null,"prefix_list_ids":null,"protocol":"tcp","security_groups":null,"self":null,"to_port":22}]},"name":{"constant_value":"allow_ssh"},"vpc_id":{"references":["aws_vpc.example.id","aws_vpc.example"]}},"schema_version":1},{"address":"aws_security_group.allow_ssh_with_valid_cidr","mode":"managed","type":"aws_security_group","name":"allow_ssh_with_valid_cidr","provider_config_key":"vpc:aws","expressions":{"description":{"constant_value":"Allow SSH inbound from specific range"},"ingress":{"references":["var.cidr"]},"name":{"constant_value":"allow_ssh_with_valid_cidr"},"vpc_id":{"references":["aws_vpc.example.id","aws_vpc.example"]}},"schema_version":1},{"address":"aws_vpc.example","mode":"managed","type":"aws_vpc","name":"example","provider_config_key":"vpc:aws","expressions":{"cidr_block":{"references":["var.cidr"]}},"schema_version":1}],"variables":{"cidr":{"default":"10.0.0.0/16"}}}}},"variables":{"access_key":{},"ami":{"default":"ami-07336266b2c69c546","description":"ami used for ec2 instance. example - ami-07336266b2c69c546 (terraform-goof-example-ami)"},"env":{"default":"dev"},"region":{"default":"us-west-1"},"s3_acl":{"default":"public-read-write"},"secret_key":{}}}}} 2 | -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = string 3 | default = "us-west-1" 4 | } 5 | 6 | variable "ami" { 7 | type = string 8 | description = "ami used for ec2 instance. example - ami-07336266b2c69c546 (terraform-goof-example-ami)" 9 | default = "ami-07336266b2c69c546" 10 | } 11 | 12 | variable "access_key" { 13 | type = string 14 | } 15 | 16 | variable "secret_key" { 17 | type = string 18 | } 19 | 20 | variable "s3_acl" { 21 | type = string 22 | default = "public-read-write" 23 | } 24 | 25 | variable "env" { 26 | type = string 27 | default = "dev" 28 | } 29 | --------------------------------------------------------------------------------