From c4872be881602670a1bf8fb5be0cea32d27ce732 Mon Sep 17 00:00:00 2001 From: "prisma-cloud-devsecops[bot]" <89982750+prisma-cloud-devsecops[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 15:09:09 +0000 Subject: [PATCH] Prisma Cloud [bot] commented --- eks.yaml | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ main.tf | 20 +++++++++++++++--- 2 files changed, 81 insertions(+), 3 deletions(-) diff --git a/eks.yaml b/eks.yaml index 422c6d61..59253001 100644 --- a/eks.yaml +++ b/eks.yaml @@ -56,6 +56,11 @@ Resources: ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy + Tags: + - Key: yor_trace + Value: 6010a86b-8f79-4f30-af44-ee111a1e5851 + - Key: nikhil + Value: owneremail.address.test.com VPC: Type: AWS::EC2::VPC Properties: @@ -65,12 +70,20 @@ Resources: Tags: - Key: Name Value: !Sub '${AWS::StackName}-VPC' + - Key: yor_trace + Value: 924d6b71-64ba-40e5-9446-9b93202d3628 + - Key: nikhil + Value: owneremail.address.test.com InternetGateway: Type: "AWS::EC2::InternetGateway" Properties: Tags: - Key: Name Value: !Sub '${AWS::StackName}-Internet Gateway' + - Key: yor_trace + Value: 4dabcb79-0ea4-49ca-a635-9c37f3380590 + - Key: nikhil + Value: owneremail.address.test.com VPCGatewayAttachment: Type: "AWS::EC2::VPCGatewayAttachment" Properties: @@ -85,6 +98,10 @@ Resources: Value: Public Subnets - Key: Network Value: Public + - Key: yor_trace + Value: 48f5649d-71af-4770-9396-4d229204dd97 + - Key: nikhil + Value: owneremail.address.test.com PrivateRouteTable01: Type: AWS::EC2::RouteTable Properties: @@ -94,6 +111,10 @@ Resources: Value: Private Subnet AZ1 - Key: Network Value: Private01 + - Key: nikhil + Value: owneremail.address.test.com + - Key: yor_trace + Value: dda40271-4c96-4454-906a-d9ccdcd2b4ba PrivateRouteTable02: Type: AWS::EC2::RouteTable Properties: @@ -103,6 +124,10 @@ Resources: Value: Private Subnet AZ2 - Key: Network Value: Private02 + - Key: yor_trace + Value: 9f3ff2c0-f84c-4317-83ef-32ddea9a5faf + - Key: nikhil + Value: owneremail.address.test.com PublicRoute: DependsOn: - VPCGatewayAttachment @@ -141,6 +166,10 @@ Resources: Tags: - Key: Name Value: !Sub '${AWS::StackName}-NatGatewayAZ1' + - Key: nikhil + Value: owneremail.address.test.com + - Key: yor_trace + Value: a64639fb-a69f-49ff-a2ce-1605bcfa6159 NatGateway02: DependsOn: - NatGatewayEIP2 @@ -153,18 +182,32 @@ Resources: Tags: - Key: Name Value: !Sub '${AWS::StackName}-NatGatewayAZ2' + - Key: yor_trace + Value: c64cc50a-f6d4-40bd-9152-06a5363ae5ba + - Key: nikhil + Value: owneremail.address.test.com NatGatewayEIP1: DependsOn: - VPCGatewayAttachment Type: 'AWS::EC2::EIP' Properties: Domain: vpc + Tags: + - Key: yor_trace + Value: 00c3c210-0b67-4148-ab22-9244f45ce39b + - Key: nikhil + Value: owneremail.address.test.com NatGatewayEIP2: DependsOn: - VPCGatewayAttachment Type: 'AWS::EC2::EIP' Properties: Domain: vpc + Tags: + - Key: nikhil + Value: owneremail.address.test.com + - Key: yor_trace + Value: fd42bda5-99bf-4bec-bb97-b644e87697a4 PublicSubnet01: Type: AWS::EC2::Subnet Metadata: @@ -182,6 +225,10 @@ Resources: Tags: - Key: Name Value: !Sub "${AWS::StackName}-PublicSubnet01" + - Key: yor_trace + Value: bde5d702-218f-4dc3-9a4f-3b731a9babac + - Key: nikhil + Value: owneremail.address.test.com PublicSubnet02: Type: AWS::EC2::Subnet Metadata: @@ -199,6 +246,10 @@ Resources: Tags: - Key: Name Value: !Sub "${AWS::StackName}-PublicSubnet02" + - Key: yor_trace + Value: 747c96e7-3555-496b-a8b2-2d6cf3a14646 + - Key: nikhil + Value: owneremail.address.test.com PrivateSubnet01: Type: AWS::EC2::Subnet Metadata: @@ -218,6 +269,10 @@ Resources: Value: !Sub "${AWS::StackName}-PrivateSubnet01" - Key: "kubernetes.io/role/internal-elb" Value: "1" + - Key: yor_trace + Value: b6310d83-8a8b-4099-a9bb-935c67c8bf74 + - Key: nikhil + Value: owneremail.address.test.com PrivateSubnet02: Type: AWS::EC2::Subnet Metadata: @@ -237,6 +292,10 @@ Resources: Value: !Sub "${AWS::StackName}-PrivateSubnet02" - Key: "kubernetes.io/role/internal-elb" Value: "1" + - Key: yor_trace + Value: 2222c7ca-1e93-474f-85b6-d393a8ace26a + - Key: nikhil + Value: owneremail.address.test.com PublicSubnet01RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: @@ -262,6 +321,11 @@ Resources: Properties: GroupDescription: Cluster communication with worker nodes VpcId: !Ref VPC + Tags: + - Key: yor_trace + Value: e5695cc8-2973-4de7-9f07-62a81bfb8e17 + - Key: nikhil + Value: owneremail.address.test.com EKSCluster: Type: AWS::EKS::Cluster Properties: diff --git a/main.tf b/main.tf index fc172210..b4e5d71f 100644 --- a/main.tf +++ b/main.tf @@ -10,17 +10,21 @@ resource "aws_s3_bucket" "data" { tags = { Name = "${local.resource_prefix.value}-data" Environment = local.resource_prefix.value + nikhil = "owneremail.address.test.com" + yor_trace = "bac7b19b-4b72-4bd9-b0a8-7f1014051a21" } } resource "aws_s3_bucket_object" "data_object" { bucket = aws_s3_bucket.data.id - region = "us-west-2" + region = "us-west-2" key = "customer-master.xlsx" source = "resources/customer-master.xlsx" tags = { Name = "${local.resource_prefix.value}-customer-master" Environment = local.resource_prefix.value + nikhil = "owneremail.address.test.com" + yor_trace = "62649175-5c47-4c2c-b7eb-f8d386b1e7e6" } } @@ -35,6 +39,8 @@ resource "aws_s3_bucket" "financials" { tags = { Name = "${local.resource_prefix.value}-financials" Environment = local.resource_prefix.value + nikhil = "owneremail.address.test.com" + yor_trace = "d8140532-0aec-48b6-a5f8-bf4d4a2dcc1f" } } @@ -43,7 +49,7 @@ resource "aws_s3_bucket" "operations" { # bucket is not encrypted # bucket does not have access logs bucket = "${local.resource_prefix.value}-operations" - region = "us-west-2" + region = "us-west-2" acl = "private" versioning { enabled = true @@ -52,6 +58,8 @@ resource "aws_s3_bucket" "operations" { tags = { Name = "${local.resource_prefix.value}-operations" Environment = local.resource_prefix.value + nikhil = "owneremail.address.test.com" + yor_trace = "98dcffcd-07dd-44f1-a1d8-2a5fc5234078" } } @@ -59,7 +67,7 @@ resource "aws_s3_bucket" "operations" { resource "aws_s3_bucket" "data_science" { # bucket is not encrypted bucket = "${local.resource_prefix.value}-data-science" - region = "us-west-2" + region = "us-west-2" acl = "private" versioning { enabled = true @@ -69,6 +77,10 @@ resource "aws_s3_bucket" "data_science" { target_prefix = "log/" } force_destroy = true + tags = { + nikhil = "owneremail.address.test.com" + yor_trace = "e77ba4bc-0ac0-49b6-a7a7-4ad3379a7ddf" + } } resource "aws_s3_bucket" "logs" { @@ -90,5 +102,7 @@ resource "aws_s3_bucket" "logs" { tags = { Name = "${local.resource_prefix.value}-logs" Environment = local.resource_prefix.value + nikhil = "owneremail.address.test.com" + yor_trace = "b90ccdf6-e519-49e3-822a-5389f91ccebf" } }