From 1dc41f89073e4ce897c0126e11933662b0b52c68 Mon Sep 17 00:00:00 2001 From: "prisma-cloud-devsecops[bot]" <89982750+prisma-cloud-devsecops[bot]@users.noreply.github.com> Date: Sun, 18 Jun 2023 13:09:12 +0000 Subject: [PATCH] Prisma Cloud [bot] commented --- eks.yaml | 34 ++++++++++++++++++++++++++++++++++ main.tf | 14 +++++++++++--- 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/eks.yaml b/eks.yaml index 422c6d61..7910f087 100644 --- a/eks.yaml +++ b/eks.yaml @@ -56,6 +56,9 @@ Resources: ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy + Tags: + - Key: yor_trace + Value: 3e136492-f1b5-4303-8c3f-b0473edf4ff4 VPC: Type: AWS::EC2::VPC Properties: @@ -65,12 +68,16 @@ Resources: Tags: - Key: Name Value: !Sub '${AWS::StackName}-VPC' + - Key: yor_trace + Value: 37c5d2dc-85f0-44bb-93f0-2839920f57d2 InternetGateway: Type: "AWS::EC2::InternetGateway" Properties: Tags: - Key: Name Value: !Sub '${AWS::StackName}-Internet Gateway' + - Key: yor_trace + Value: 121fce36-7a13-4b55-8f54-58fe6c8b80d1 VPCGatewayAttachment: Type: "AWS::EC2::VPCGatewayAttachment" Properties: @@ -85,6 +92,8 @@ Resources: Value: Public Subnets - Key: Network Value: Public + - Key: yor_trace + Value: 7446f6c5-6f55-411c-babc-3406d3c1aaf2 PrivateRouteTable01: Type: AWS::EC2::RouteTable Properties: @@ -94,6 +103,8 @@ Resources: Value: Private Subnet AZ1 - Key: Network Value: Private01 + - Key: yor_trace + Value: 1c723a80-6cdd-4c49-a71b-df77abe8f8d5 PrivateRouteTable02: Type: AWS::EC2::RouteTable Properties: @@ -103,6 +114,8 @@ Resources: Value: Private Subnet AZ2 - Key: Network Value: Private02 + - Key: yor_trace + Value: fe274bd9-5d23-4f37-8b0d-8138f5270b1a PublicRoute: DependsOn: - VPCGatewayAttachment @@ -141,6 +154,8 @@ Resources: Tags: - Key: Name Value: !Sub '${AWS::StackName}-NatGatewayAZ1' + - Key: yor_trace + Value: aded35c3-b6db-4529-9a77-ddeeec547433 NatGateway02: DependsOn: - NatGatewayEIP2 @@ -153,18 +168,26 @@ Resources: Tags: - Key: Name Value: !Sub '${AWS::StackName}-NatGatewayAZ2' + - Key: yor_trace + Value: e364fcf4-850c-494c-958c-bbfa63e3fd8e NatGatewayEIP1: DependsOn: - VPCGatewayAttachment Type: 'AWS::EC2::EIP' Properties: Domain: vpc + Tags: + - Key: yor_trace + Value: 9613b451-c76b-4cc5-8b5a-c0bdc3bb076d NatGatewayEIP2: DependsOn: - VPCGatewayAttachment Type: 'AWS::EC2::EIP' Properties: Domain: vpc + Tags: + - Key: yor_trace + Value: 690fe897-08fe-4c0f-a2b4-18405ec92b8b PublicSubnet01: Type: AWS::EC2::Subnet Metadata: @@ -182,6 +205,8 @@ Resources: Tags: - Key: Name Value: !Sub "${AWS::StackName}-PublicSubnet01" + - Key: yor_trace + Value: 147660af-3bb0-4005-8b02-6723d99ff156 PublicSubnet02: Type: AWS::EC2::Subnet Metadata: @@ -199,6 +224,8 @@ Resources: Tags: - Key: Name Value: !Sub "${AWS::StackName}-PublicSubnet02" + - Key: yor_trace + Value: 2c7f692b-e130-4e76-bfcb-3388766efa4f PrivateSubnet01: Type: AWS::EC2::Subnet Metadata: @@ -218,6 +245,8 @@ Resources: Value: !Sub "${AWS::StackName}-PrivateSubnet01" - Key: "kubernetes.io/role/internal-elb" Value: "1" + - Key: yor_trace + Value: 1e995fbb-8b44-4cce-a7d0-e16f73fff81d PrivateSubnet02: Type: AWS::EC2::Subnet Metadata: @@ -237,6 +266,8 @@ Resources: Value: !Sub "${AWS::StackName}-PrivateSubnet02" - Key: "kubernetes.io/role/internal-elb" Value: "1" + - Key: yor_trace + Value: 6a1658b5-d852-4a29-b084-e417ea2cb9c2 PublicSubnet01RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: @@ -262,6 +293,9 @@ Resources: Properties: GroupDescription: Cluster communication with worker nodes VpcId: !Ref VPC + Tags: + - Key: yor_trace + Value: 25518c6e-3403-49d8-ad1b-741b775bf81d EKSCluster: Type: AWS::EKS::Cluster Properties: diff --git a/main.tf b/main.tf index fc172210..6312b651 100644 --- a/main.tf +++ b/main.tf @@ -10,17 +10,19 @@ resource "aws_s3_bucket" "data" { tags = { Name = "${local.resource_prefix.value}-data" Environment = local.resource_prefix.value + yor_trace = "a4958f92-cd78-4011-9f21-a54ab59d874f" } } resource "aws_s3_bucket_object" "data_object" { bucket = aws_s3_bucket.data.id - region = "us-west-2" + region = "us-west-2" key = "customer-master.xlsx" source = "resources/customer-master.xlsx" tags = { Name = "${local.resource_prefix.value}-customer-master" Environment = local.resource_prefix.value + yor_trace = "f9143fcb-45e7-4d9c-9551-ff2fd778520e" } } @@ -35,6 +37,7 @@ resource "aws_s3_bucket" "financials" { tags = { Name = "${local.resource_prefix.value}-financials" Environment = local.resource_prefix.value + yor_trace = "95815f62-15ed-42e8-be2b-58bd4bc86620" } } @@ -43,7 +46,7 @@ resource "aws_s3_bucket" "operations" { # bucket is not encrypted # bucket does not have access logs bucket = "${local.resource_prefix.value}-operations" - region = "us-west-2" + region = "us-west-2" acl = "private" versioning { enabled = true @@ -52,6 +55,7 @@ resource "aws_s3_bucket" "operations" { tags = { Name = "${local.resource_prefix.value}-operations" Environment = local.resource_prefix.value + yor_trace = "ba32d15f-4755-4874-aa51-05100995cd8f" } } @@ -59,7 +63,7 @@ resource "aws_s3_bucket" "operations" { resource "aws_s3_bucket" "data_science" { # bucket is not encrypted bucket = "${local.resource_prefix.value}-data-science" - region = "us-west-2" + region = "us-west-2" acl = "private" versioning { enabled = true @@ -69,6 +73,9 @@ resource "aws_s3_bucket" "data_science" { target_prefix = "log/" } force_destroy = true + tags = { + yor_trace = "41c8db0f-93f8-4bbe-81de-201b8d7ba772" + } } resource "aws_s3_bucket" "logs" { @@ -90,5 +97,6 @@ resource "aws_s3_bucket" "logs" { tags = { Name = "${local.resource_prefix.value}-logs" Environment = local.resource_prefix.value + yor_trace = "cbe862d5-e89c-416d-94cd-a5c31e2e870d" } }