Skip to content

Commit

Permalink
prod bootstrap
Browse files Browse the repository at this point in the history
  • Loading branch information
@moh-abk
moh-abk committed Jul 13, 2021
1 parent 8447e10 commit 3e007b7
Showing 1 changed file with 220 additions and 3 deletions.
223 changes: 220 additions & 3 deletions state/bootstrap/bsn-production-oganesson.tfstate
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,225 @@
{
"version": 4,
"terraform_version": "0.15.4",
"serial": 17,
"serial": 20,
"lineage": "39ebb09a-624a-613f-e210-afa6a2d7b055",
"outputs": {},
"resources": []
"outputs": {
"storage_bucket_name": {
"value": "bsn-reference-backend-bsn-production-oganesson",
"type": "string"
}
},
"resources": [
{
"mode": "data",
"type": "aws_caller_identity",
"name": "current",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"account_id": "371854298993",
"arn": "arn:aws:sts::371854298993:assumed-role/cross-account-admin-role/1626182315391485000",
"id": "371854298993",
"user_id": "AROAVNFB6J5YYTJHEDVMW:1626182315391485000"
},
"sensitive_attributes": []
}
]
},
{
"mode": "data",
"type": "template_file",
"name": "bucket_policy_template",
"provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"filename": null,
"id": "8dbf8c224a07e1e86314a9d4ff9da447c0475cbb5d4541c5da5da854d13fcc90",
"rendered": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n ${deny_unencrypted_object_upload_fragment},\n ${deny_unencrypted_inflight_operations_fragment},\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Principal\": {\n \"AWS\": [\"371854298993\"]\n },\n \"Resource\": [\n \"arn:aws:s3:::${bucket_name}\",\n \"arn:aws:s3:::${bucket_name}/*\"\n ]\n }\n ]\n}",
"template": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n $${deny_unencrypted_object_upload_fragment},\n $${deny_unencrypted_inflight_operations_fragment},\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Principal\": {\n \"AWS\": ${allowed_account_ids}\n },\n \"Resource\": [\n \"arn:aws:s3:::$${bucket_name}\",\n \"arn:aws:s3:::$${bucket_name}/*\"\n ]\n }\n ]\n}",
"vars": {
"allowed_account_ids": "[\"371854298993\"]"
}
},
"sensitive_attributes": []
}
]
},
{
"module": "module.storage_bucket",
"mode": "data",
"type": "aws_iam_policy_document",
"name": "encrypted_bucket_policy_document",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "660376941",
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": [\n \"AES256\"\n ]\n }\n }\n },\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": [\n \"false\"\n ]\n }\n }\n },\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ],\n \"Principal\": {\n \"AWS\": [\n \"371854298993\"\n ]\n }\n }\n ]\n}",
"override_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Principal\": {\n \"AWS\": [\"371854298993\"]\n },\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ]\n }\n ]\n}",
"override_policy_documents": null,
"policy_id": null,
"source_json": null,
"source_policy_documents": null,
"statement": null,
"version": "2012-10-17"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.storage_bucket",
"mode": "data",
"type": "template_file",
"name": "deny_unencrypted_inflight_operations_fragment",
"provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"filename": null,
"id": "d54313351417b65af622cd30548bcf485c6c998dbcc7a4e27cb38eda722d0b99",
"rendered": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}",
"template": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}",
"vars": {
"bucket_name": "bsn-reference-backend-bsn-production-oganesson"
}
},
"sensitive_attributes": []
}
]
},
{
"module": "module.storage_bucket",
"mode": "data",
"type": "template_file",
"name": "deny_unencrypted_object_uploads_fragment",
"provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"filename": null,
"id": "64b5682ec316d73f6bb9101337ea88e510bf74a9683abfa0d3f5fefa1280957f",
"rendered": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}",
"template": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}",
"vars": {
"bucket_name": "bsn-reference-backend-bsn-production-oganesson"
}
},
"sensitive_attributes": []
}
]
},
{
"module": "module.storage_bucket",
"mode": "data",
"type": "template_file",
"name": "encrypted_bucket_policy",
"provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"filename": null,
"id": "30977d174b013d8ca1f155126b4bae742b0e29a0290da7846517759f2bb8a38c",
"rendered": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Principal\": {\n \"AWS\": [\"371854298993\"]\n },\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ]\n }\n ]\n}",
"template": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n ${deny_unencrypted_object_upload_fragment},\n ${deny_unencrypted_inflight_operations_fragment},\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Principal\": {\n \"AWS\": [\"371854298993\"]\n },\n \"Resource\": [\n \"arn:aws:s3:::${bucket_name}\",\n \"arn:aws:s3:::${bucket_name}/*\"\n ]\n }\n ]\n}",
"vars": {
"bucket_name": "bsn-reference-backend-bsn-production-oganesson",
"deny_unencrypted_inflight_operations_fragment": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}",
"deny_unencrypted_object_upload_fragment": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}"
}
},
"sensitive_attributes": []
}
]
},
{
"module": "module.storage_bucket",
"mode": "managed",
"type": "aws_s3_bucket",
"name": "encrypted_bucket",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"acceleration_status": "",
"acl": "private",
"arn": "arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson",
"bucket": "bsn-reference-backend-bsn-production-oganesson",
"bucket_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.amazonaws.com",
"bucket_prefix": null,
"bucket_regional_domain_name": "bsn-reference-backend-bsn-production-oganesson.s3.eu-west-2.amazonaws.com",
"cors_rule": [],
"force_destroy": false,
"grant": [],
"hosted_zone_id": "Z3GKZC51ZF0DB4",
"id": "bsn-reference-backend-bsn-production-oganesson",
"lifecycle_rule": [],
"logging": [],
"object_lock_configuration": [],
"policy": null,
"region": "eu-west-2",
"replication_configuration": [],
"request_payer": "BucketOwner",
"server_side_encryption_configuration": [],
"tags": {
"DeploymentIdentifier": "bsn-production-oganesson",
"DeploymentLabel": "oganesson",
"DeploymentType": "bsn-production",
"Name": "bsn-reference-backend-bsn-production-oganesson"
},
"tags_all": {
"DeploymentIdentifier": "bsn-production-oganesson",
"DeploymentLabel": "oganesson",
"DeploymentType": "bsn-production",
"Name": "bsn-reference-backend-bsn-production-oganesson"
},
"versioning": [
{
"enabled": true,
"mfa_delete": false
}
],
"website": [],
"website_domain": null,
"website_endpoint": null
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.storage_bucket",
"mode": "managed",
"type": "aws_s3_bucket_policy",
"name": "encrypted_bucket",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"bucket": "bsn-reference-backend-bsn-production-oganesson",
"id": "bsn-reference-backend-bsn-production-oganesson",
"policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": [\n \"AES256\"\n ]\n }\n }\n },\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": [\n \"false\"\n ]\n }\n }\n },\n {\n \"Sid\": \"AllowCrossAccountAccess\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:ListBucket\",\n \"s3:GetObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson\",\n \"arn:aws:s3:::bsn-reference-backend-bsn-production-oganesson/*\"\n ],\n \"Principal\": {\n \"AWS\": [\n \"371854298993\"\n ]\n }\n }\n ]\n}"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.storage_bucket.aws_s3_bucket.encrypted_bucket",
"module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document"
]
}
]
}
]
}

0 comments on commit 3e007b7

Please sign in to comment.