add jit bot zip for teams

.github/workflows/linter.yml

@@ -7,7 +7,7 @@ on:
       - '!main'
 jobs:
   linter:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
     - name: Set up Python 3.8

src/integrations/aws_integration_automation/README.md

@@ -31,23 +31,23 @@ Deploys JIT integration across an entire AWS Organization using a CloudFormation
 ```hcl
 module "jit_aws_account_integration" {
   source = "path/to/aws_integration_automation"
-  
+
   # JIT Configuration
   jit_client_id = var.jit_client_id
   jit_secret    = var.jit_secret
   jit_region    = "us"  # Use "eu" for European API endpoint
-  
+
   # Integration Type
   integration_type = "account"
-  
+
   # AWS Configuration
   aws_regions_to_monitor = ["us-east-1", "us-west-2"]
-  
+
   # Stack Configuration
   stack_name            = "JitAccountIntegration"
   account_name         = "Production Account"
   resource_name_prefix = "JitProd"
-  
+
   # CloudFormation Configuration
   capabilities = ["CAPABILITY_NAMED_IAM"]
 }
@@ -58,26 +58,26 @@ module "jit_aws_account_integration" {
 ```hcl
 module "jit_aws_org_integration" {
   source = "path/to/aws_integration_automation"
-  
+
   # JIT Configuration
   jit_client_id = var.jit_client_id
   jit_secret    = var.jit_secret
   jit_region    = "us"  # Use "eu" for European API endpoint
-  
+
   # Integration Type
   integration_type = "org"
-  
+
   # Organization Configuration
   organization_root_id        = "r-xxxxxxxxxxxx"
   should_include_root_account = true
-  
+
   # AWS Configuration
   aws_regions_to_monitor = ["us-east-1", "us-west-2", "eu-west-1"]
-  
+
   # Stack Configuration
   stack_name            = "JitOrgIntegration"
   resource_name_prefix = "JitOrg"
-  
+
   # CloudFormation Configuration
   capabilities = ["CAPABILITY_IAM", "CAPABILITY_NAMED_IAM", "CAPABILITY_AUTO_EXPAND"]
 }
@@ -194,7 +194,7 @@ terraform plan
 terraform apply
 ```
 
-### Organization Integration  
+### Organization Integration
 - **Directory**: [`examples/aws_organization/`](examples/aws_organization/)
 - **Main File**: `organization_integration.tf`
 - **Variables**: `variables.tf`
@@ -282,4 +282,4 @@ terraform apply
 
 ## License
 
-This module is part of the JIT customer scripts repository. Please refer to the main repository license for usage terms. 
+This module is part of the JIT customer scripts repository. Please refer to the main repository license for usage terms.

src/integrations/aws_integration_automation/examples/aws_organization/organization_integration.tf

@@ -3,7 +3,7 @@
 
 terraform {
   required_version = ">= 1.5"
-  
+
   required_providers {
     aws = {
       source  = "hashicorp/aws"
@@ -20,24 +20,24 @@ provider "aws" {
 # Organization Integration Module
 module "jit_aws_org_integration" {
   source = "../../"
-  
+
   # Jit API Configuration
   jit_client_id = var.jit_client_id  # Set via environment variable or terraform.tfvars
   jit_secret    = var.jit_secret     # Set via environment variable or terraform.tfvars
   jit_region    = "us"               # Use "eu" for European API endpoint
-  
+
   # Integration Configuration
   integration_type        = "org"
   aws_regions_to_monitor = var.regions_to_monitor
-  
+
   # Organization Configuration
   organization_root_id        = var.organization_root_id          # Your AWS Organization Root ID
   should_include_root_account = var.should_include_root_account   # Whether to include the management account
-  
+
   # Stack Configuration
   stack_name            = "JitOrgIntegration"
   resource_name_prefix = var.resource_name_prefix                # Optional: Prefix for CloudFormation resources
-  
+
   # CloudFormation Configuration
   capabilities = ["CAPABILITY_IAM", "CAPABILITY_NAMED_IAM", "CAPABILITY_AUTO_EXPAND"]
 }

src/integrations/aws_integration_automation/examples/aws_organization/terraform.tfvars

@@ -2,7 +2,7 @@
 # Follow the guide here - https://docs.jit.io/reference/credentials
 # Create creds using "Engineering Manager" role
 jit_client_id = "JIT_API_KEY_CLIENT_ID"
-jit_secret    = "JIT_API_KEY_SECRET" 
+jit_secret    = "JIT_API_KEY_SECRET"
 
 # Should manage also the root account in Jit (false to avoid it)
 should_include_root_account = true
@@ -17,4 +17,4 @@ regions_to_monitor = ["us-east-1", "us-west-2"]
 aws_region = "us-east-1"
 
 # Prefix for the resource name
-resource_name_prefix = "JitOrg"
+resource_name_prefix = "JitOrg"

src/integrations/aws_integration_automation/examples/aws_organization/variables.tf

@@ -38,4 +38,4 @@ variable "resource_name_prefix" {
   description = "Prefix for the resource name"
   type        = string
   default     = "JitOrg"
-}
+}

src/integrations/aws_integration_automation/examples/single_account/account_integration.tf

@@ -3,7 +3,7 @@
 
 terraform {
   required_version = ">= 1.5"
-  
+
   required_providers {
     aws = {
       source  = "hashicorp/aws"
@@ -20,21 +20,21 @@ provider "aws" {
 # Single Account Integration Module
 module "jit_aws_account_integration" {
   source = "../../"
-  
+
   # Jit API Configuration
   jit_client_id = var.jit_client_id  # Set via environment variable or terraform.tfvars
   jit_secret    = var.jit_secret     # Set via environment variable or terraform.tfvars
   jit_region    = "us"               # Use "eu" for European API endpoint
-  
+
   # Integration Configuration
   integration_type        = "account"
   aws_regions_to_monitor = var.regions_to_monitor
-  
+
   # Stack Configuration
   stack_name            = "JitAccountIntegration"
   account_name         = var.account_name          # Optional: Display name in Jit platform
   resource_name_prefix = var.resource_name_prefix  # Optional: Prefix for CloudFormation resources
-  
+
   # CloudFormation Configuration
   capabilities = ["CAPABILITY_NAMED_IAM"]
 }

src/integrations/aws_integration_automation/examples/single_account/terraform.tfvars

@@ -2,7 +2,7 @@
 # Follow the guide here - https://docs.jit.io/reference/credentials
 # Create creds using "Engineering Manager" role
 jit_client_id = "JIT_API_KEY_CLIENT_ID"
-jit_secret    = "JIT_API_KEY_SECRET" 
+jit_secret    = "JIT_API_KEY_SECRET"
 
 # AWS regions to monitor using Jit
 regions_to_monitor = ["us-east-1", "us-west-2"]
@@ -14,4 +14,4 @@ aws_region = "us-east-1"
 resource_name_prefix = "JitProd"
 
 # Name of the account to monitor
-account_name = "My AWS Account"
+account_name = "My AWS Account"

src/integrations/aws_integration_automation/examples/single_account/variables.tf

@@ -31,4 +31,4 @@ variable "resource_name_prefix" {
   description = "Prefix for the resource name"
   type        = string
   default     = "JitProd"
-}
+}

src/integrations/aws_integration_automation/locals.tf

@@ -1,25 +1,25 @@
 locals {
   # JIT API Configuration
   jit_api_endpoint = var.jit_region == "us" ? "https://api.jit.io" : "https://api.eu.jit.io"
-  
+
   # CloudFormation template URLs based on integration type
   cloudformation_template_url = var.integration_type == "org" ? "https://jit-aws-prod.s3.amazonaws.com/jit_aws_org_integration_stack.json" : "https://jit-aws-prod.s3.amazonaws.com/jit_aws_integration_stack.json"
-  
+
   # Resource name prefix with integration-specific defaults
   resource_name_prefix = var.resource_name_prefix != null ? var.resource_name_prefix : (var.integration_type == "org" ? "JitOrg" : "Jit")
-  
+
   # Base extra parameters for state token request
   base_extra_params = {
     regions_to_monitor = var.aws_regions_to_monitor
     integration_type   = var.integration_type
   }
-  
+
   # Additional parameters for organization integration
   org_extra_params = var.integration_type == "org" ? {
     organizationRootId       = var.organization_root_id
     shouldIncludeRootAccount = var.should_include_root_account
   } : {}
-  
+
   # State token request body with correct structure
   state_token_request_body = {
     vendor    = "aws"
@@ -29,4 +29,4 @@ locals {
       local.org_extra_params
     )
   }
-} 
+}

src/integrations/aws_integration_automation/main.tf

@@ -3,7 +3,7 @@ provider "restapi" {
   uri                   = local.jit_api_endpoint
   write_returns_object  = true
   create_returns_object = true
-  
+
   headers = {
     "Accept"        = "application/json"
     "Content-Type"  = "application/json"
@@ -15,17 +15,17 @@ provider "restapi" {
 data "http" "jit_auth" {
   url    = "${local.jit_api_endpoint}/authentication/login"
   method = "POST"
-  
+
   request_headers = {
     "Accept"       = "application/json"
     "Content-Type" = "application/json"
   }
-  
+
   request_body = jsonencode({
     clientId = var.jit_client_id
     secret   = var.jit_secret
   })
-  
+
   lifecycle {
     postcondition {
       condition     = self.status_code == 200
@@ -43,34 +43,34 @@ resource "restapi_object" "jit_state_token" {
   ignore_changes_to = ["token"]
   # Request body with state token parameters
   data = jsonencode(local.state_token_request_body)
-  
+
   # Ignore changes to data since read endpoint returns different structure
   lifecycle {
     ignore_changes = [data]
   }
-  
+
   depends_on = [data.http.jit_auth]
 }
 
 # CloudFormation Stack for single account integration
 resource "aws_cloudformation_stack" "jit_integration_account" {
   count = var.integration_type == "account" ? 1 : 0
-  
+
   name          = var.stack_name
   template_url  = local.cloudformation_template_url
   capabilities  = var.capabilities
-  
+
      parameters = {
      "ExternalId"                = jsondecode(restapi_object.jit_state_token.create_response)["token"]
      "ResourceNamePrefix"        = local.resource_name_prefix
      "AccountName"               = var.account_name
      "ShouldIncludeRootAccount"  = tostring(var.should_include_root_account)
    }
-  
+
   lifecycle {
     prevent_destroy = true
   }
-  
+
   depends_on = [
     data.http.jit_auth,
     restapi_object.jit_state_token
@@ -80,26 +80,24 @@ resource "aws_cloudformation_stack" "jit_integration_account" {
 # CloudFormation Stack for organization integration
 resource "aws_cloudformation_stack" "jit_integration_org" {
   count = var.integration_type == "org" ? 1 : 0
-  
+
   name          = var.stack_name
   template_url  = local.cloudformation_template_url
   capabilities  = var.capabilities
-  
+
      parameters = {
      "ExternalId"                = jsondecode(restapi_object.jit_state_token.create_response)["token"]
      "ResourceNamePrefix"        = local.resource_name_prefix
      "OrganizationRootId"        = var.organization_root_id
      "ShouldIncludeRootAccount" = tostring(var.should_include_root_account)
    }
-  
+
   lifecycle {
     prevent_destroy = true
   }
-  
+
   depends_on = [
     data.http.jit_auth,
     restapi_object.jit_state_token
   ]
 }
-
-

src/integrations/aws_integration_automation/variables.tf

@@ -53,8 +53,8 @@ variable "resource_name_prefix" {
   default     = null
   validation {
     condition = var.resource_name_prefix == null || (
-      length(var.resource_name_prefix) >= 1 && 
-      length(var.resource_name_prefix) <= 40 && 
+      length(var.resource_name_prefix) >= 1 &&
+      length(var.resource_name_prefix) <= 40 &&
       can(regex("^[a-zA-Z0-9-_]*$", var.resource_name_prefix))
     )
     error_message = "The resource_name_prefix must be 1-40 characters and contain only alphanumeric characters, hyphens, and underscores."
@@ -81,4 +81,4 @@ variable "capabilities" {
   description = "CloudFormation capabilities required for stack creation"
   type        = list(string)
   default     = ["CAPABILITY_NAMED_IAM"]
-} 
+}

src/integrations/aws_integration_automation/versions.tf

@@ -1,25 +1,25 @@
 terraform {
   required_version = ">= 1.5"
-  
+
   required_providers {
     aws = {
       source  = "hashicorp/aws"
       version = ">= 5.0"
     }
-    
+
     http = {
       source  = "hashicorp/http"
       version = ">= 3.0"
     }
-    
+
     local = {
       source  = "hashicorp/local"
       version = ">= 2.0"
     }
-    
+
     restapi = {
       source  = "Mastercard/restapi"
       version = ">= 1.19.1"
     }
   }
-} 
+}