Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

feat: Add me-south-1 aws region #331

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
Open

feat: Add me-south-1 aws region #331

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
7baa723
feat: Add ap-southeast-3 aws region
umbo-unumed May 30, 2024
921db31
feat: Add me-south-1 aws region
umbo-unumed May 30, 2024
434ebde
Update examples/organization/member/main.tf
umbertix Jun 24, 2024
7007de5
Merge pull request #2 from umbertix/feat/add-ap-southeast-3
umbo-unumed Jun 24, 2024
64237ca
Upgrade the release pipeline to v4
umbo-unumed Jun 24, 2024
3f3dcf3
Merge pull request #3 from Unumed/feat/upgrade-release-pipeline
umbo-unumed Jun 24, 2024
6836f03
Add missing permissions
umbo-unumed Jun 24, 2024
4b76188
Merge branch 'main' into feat/upgrade-release-pipeline
umbo-unumed Jun 24, 2024
236abd1
Merge pull request #4 from Unumed/feat/upgrade-release-pipeline
umbo-unumed Jun 24, 2024
b1d1909
chore(main): release 2.2.0
umbo-unumed Jun 24, 2024
927bae8
Merge pull request #5 from Unumed/release-please--branches--main
umbo-unumed Jun 24, 2024
f0b0301
Merge branch 'main' into feat/add-me-south-1
umbo-unumed Jun 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .chglog/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ style: github
template: CHANGELOG.tpl.md
info:
title: CHANGELOG
repository_url: https://github.com/nozaq/terraform-aws-secure-baseline
repository_url: https://github.com/Unumed/terraform-aws-secure-baseline
options:
commits:
filters:
Expand Down
9 changes: 8 additions & 1 deletion .github/workflows/release-please.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,18 @@ on:
push:
branches:
- main

permissions:
contents: write
pull-requests: write

name: release-please

jobs:
release-please:
runs-on: ubuntu-latest
steps:
- uses: google-github-actions/release-please-action@v3
- uses: googleapis/release-please-action@v4
with:
release-type: terraform-module
token: ${{ secrets.MY_RELEASE_PLEASE_TOKEN }}
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [2.2.0](https://github.com/Unumed/terraform-aws-secure-baseline/compare/v2.1.0...v2.2.0) (2024-06-24)


### Features

* Add ap-southeast-3 aws region ([7baa723](https://github.com/Unumed/terraform-aws-secure-baseline/commit/7baa72372c8d384b068017f4ae63b42bfb5cf9c8))

## [2.1.0](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v2.0.0...v2.1.0) (2022-12-03)


Expand Down
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,14 @@ module "secure_baseline" {
aws.ap-south-1 = aws.ap-south-1
aws.ap-southeast-1 = aws.ap-southeast-1
aws.ap-southeast-2 = aws.ap-southeast-2
aws.ap-southeast-3 = aws.ap-southeast-3
aws.ca-central-1 = aws.ca-central-1
aws.eu-central-1 = aws.eu-central-1
aws.eu-north-1 = aws.eu-north-1
aws.eu-west-1 = aws.eu-west-1
aws.eu-west-2 = aws.eu-west-2
aws.eu-west-3 = aws.eu-west-3
aws.me-south-1 = aws.me-south-1
aws.sa-east-1 = aws.sa-east-1
aws.us-east-1 = aws.us-east-1
aws.us-east-2 = aws.us-east-2
Expand Down
28 changes: 28 additions & 0 deletions analyzer_baselines.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,20 @@ module "analyzer_baseline_ap-southeast-2" {
tags = var.tags
}

module "analyzer_baseline_ap-southeast-3" {
count = local.is_analyzer_enabled && contains(var.target_regions, "ap-southeast-3") ? 1 : 0
source = "./modules/analyzer-baseline"

providers = {
aws = aws.ap-southeast-3
}

analyzer_name = var.analyzer_name
is_organization = local.is_master_account

tags = var.tags
}

module "analyzer_baseline_ca-central-1" {
count = local.is_analyzer_enabled && contains(var.target_regions, "ca-central-1") ? 1 : 0
source = "./modules/analyzer-baseline"
Expand Down Expand Up @@ -174,6 +188,20 @@ module "analyzer_baseline_eu-west-3" {
tags = var.tags
}

module "analyzer_baseline_me-south-1" {
count = local.is_analyzer_enabled && contains(var.target_regions, "me-south-1") ? 1 : 0
source = "./modules/analyzer-baseline"

providers = {
aws = aws.me-south-1
}

analyzer_name = var.analyzer_name
is_organization = local.is_master_account

tags = var.tags
}

module "analyzer_baseline_sa-east-1" {
count = local.is_analyzer_enabled && contains(var.target_regions, "sa-east-1") ? 1 : 0
source = "./modules/analyzer-baseline"
Expand Down
52 changes: 52 additions & 0 deletions config_baselines.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,14 @@ locals {
one(module.config_baseline_ap-south-1[*].config_sns_topic),
one(module.config_baseline_ap-southeast-1[*].config_sns_topic),
one(module.config_baseline_ap-southeast-2[*].config_sns_topic),
one(module.config_baseline_ap-southeast-3[*].config_sns_topic),
one(module.config_baseline_ca-central-1[*].config_sns_topic),
one(module.config_baseline_eu-central-1[*].config_sns_topic),
one(module.config_baseline_eu-north-1[*].config_sns_topic),
one(module.config_baseline_eu-west-1[*].config_sns_topic),
one(module.config_baseline_eu-west-2[*].config_sns_topic),
one(module.config_baseline_eu-west-3[*].config_sns_topic),
one(module.config_baseline_me-south-1[*].config_sns_topic),
one(module.config_baseline_sa-east-1[*].config_sns_topic),
one(module.config_baseline_us-east-1[*].config_sns_topic),
one(module.config_baseline_us-east-2[*].config_sns_topic),
Expand Down Expand Up @@ -226,6 +228,27 @@ module "config_baseline_ap-southeast-2" {
depends_on = [aws_s3_bucket_policy.audit_log]
}

module "config_baseline_ap-southeast-3" {
count = var.config_baseline_enabled && contains(var.target_regions, "ap-southeast-3") ? 1 : 0
source = "./modules/config-baseline"

providers = {
aws = aws.ap-southeast-3
}

iam_role_arn = one(aws_iam_role.recorder[*].arn)
s3_bucket_name = local.audit_log_bucket_id
s3_key_prefix = var.config_s3_bucket_key_prefix
delivery_frequency = var.config_delivery_frequency
sns_topic_name = var.config_sns_topic_name
sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id
include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-southeast-3"

tags = var.tags

depends_on = [aws_s3_bucket_policy.audit_log]
}

module "config_baseline_ca-central-1" {
count = var.config_baseline_enabled && contains(var.target_regions, "ca-central-1") ? 1 : 0
source = "./modules/config-baseline"
Expand Down Expand Up @@ -352,6 +375,27 @@ module "config_baseline_eu-west-3" {
depends_on = [aws_s3_bucket_policy.audit_log]
}

module "config_baseline_me-south-1" {
count = var.config_baseline_enabled && contains(var.target_regions, "me-south-1") ? 1 : 0
source = "./modules/config-baseline"

providers = {
aws = aws.me-south-1
}

iam_role_arn = one(aws_iam_role.recorder[*].arn)
s3_bucket_name = local.audit_log_bucket_id
s3_key_prefix = var.config_s3_bucket_key_prefix
delivery_frequency = var.config_delivery_frequency
sns_topic_name = var.config_sns_topic_name
sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id
include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "me-south-1"

tags = var.tags

depends_on = [aws_s3_bucket_policy.audit_log]
}

module "config_baseline_sa-east-1" {
count = var.config_baseline_enabled && contains(var.target_regions, "sa-east-1") ? 1 : 0
source = "./modules/config-baseline"
Expand Down Expand Up @@ -481,12 +525,14 @@ resource "aws_config_config_rule" "iam_mfa" {
module.config_baseline_ap-south-1,
module.config_baseline_ap-southeast-1,
module.config_baseline_ap-southeast-2,
module.config_baseline_ap-southeast-3,
module.config_baseline_ca-central-1,
module.config_baseline_eu-central-1,
module.config_baseline_eu-north-1,
module.config_baseline_eu-west-1,
module.config_baseline_eu-west-2,
module.config_baseline_eu-west-3,
module.config_baseline_me-south-1,
module.config_baseline_sa-east-1,
module.config_baseline_us-east-1,
module.config_baseline_us-east-2,
Expand Down Expand Up @@ -516,12 +562,14 @@ resource "aws_config_config_rule" "unused_credentials" {
module.config_baseline_ap-south-1,
module.config_baseline_ap-southeast-1,
module.config_baseline_ap-southeast-2,
module.config_baseline_ap-southeast-3,
module.config_baseline_ca-central-1,
module.config_baseline_eu-central-1,
module.config_baseline_eu-north-1,
module.config_baseline_eu-west-1,
module.config_baseline_eu-west-2,
module.config_baseline_eu-west-3,
module.config_baseline_me-south-1,
module.config_baseline_sa-east-1,
module.config_baseline_us-east-1,
module.config_baseline_us-east-2,
Expand Down Expand Up @@ -556,12 +604,14 @@ resource "aws_config_config_rule" "user_no_policies" {
module.config_baseline_ap-south-1,
module.config_baseline_ap-southeast-1,
module.config_baseline_ap-southeast-2,
module.config_baseline_ap-southeast-3,
module.config_baseline_ca-central-1,
module.config_baseline_eu-central-1,
module.config_baseline_eu-north-1,
module.config_baseline_eu-west-1,
module.config_baseline_eu-west-2,
module.config_baseline_eu-west-3,
module.config_baseline_me-south-1,
module.config_baseline_sa-east-1,
module.config_baseline_us-east-1,
module.config_baseline_us-east-2,
Expand Down Expand Up @@ -596,12 +646,14 @@ resource "aws_config_config_rule" "no_policies_with_full_admin_access" {
module.config_baseline_ap-south-1,
module.config_baseline_ap-southeast-1,
module.config_baseline_ap-southeast-2,
module.config_baseline_ap-southeast-3,
module.config_baseline_ca-central-1,
module.config_baseline_eu-central-1,
module.config_baseline_eu-north-1,
module.config_baseline_eu-west-1,
module.config_baseline_eu-west-2,
module.config_baseline_eu-west-3,
module.config_baseline_me-south-1,
module.config_baseline_sa-east-1,
module.config_baseline_us-east-1,
module.config_baseline_us-east-2,
Expand Down
18 changes: 18 additions & 0 deletions ebs_baselines.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,15 @@ module "ebs_baseline_ap-southeast-2" {
}
}

module "ebs_baseline_ap-southeast-3" {
count = contains(var.target_regions, "ap-southeast-3") ? 1 : 0
source = "./modules/ebs-baseline"

providers = {
aws = aws.ap-southeast-3
}
}

module "ebs_baseline_ca-central-1" {
count = contains(var.target_regions, "ca-central-1") ? 1 : 0
source = "./modules/ebs-baseline"
Expand Down Expand Up @@ -110,6 +119,15 @@ module "ebs_baseline_eu-west-3" {
}
}

module "ebs_baseline_me-south-1" {
count = contains(var.target_regions, "me-south-1") ? 1 : 0
source = "./modules/ebs-baseline"

providers = {
aws = aws.me-south-1
}
}

module "ebs_baseline_sa-east-1" {
count = contains(var.target_regions, "sa-east-1") ? 1 : 0
source = "./modules/ebs-baseline"
Expand Down
2 changes: 2 additions & 0 deletions examples/external-bucket/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,12 +37,14 @@ module "secure_baseline" {
aws.ap-south-1 = aws.ap-south-1
aws.ap-southeast-1 = aws.ap-southeast-1
aws.ap-southeast-2 = aws.ap-southeast-2
aws.ap-southeast-3 = aws.ap-southeast-3
aws.ca-central-1 = aws.ca-central-1
aws.eu-central-1 = aws.eu-central-1
aws.eu-north-1 = aws.eu-north-1
aws.eu-west-1 = aws.eu-west-1
aws.eu-west-2 = aws.eu-west-2
aws.eu-west-3 = aws.eu-west-3
aws.me-south-1 = aws.me-south-1
aws.sa-east-1 = aws.sa-east-1
aws.us-east-1 = aws.us-east-1
aws.us-east-2 = aws.us-east-2
Expand Down
10 changes: 10 additions & 0 deletions examples/external-bucket/regions.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,11 @@ provider "aws" {
alias = "ap-southeast-2"
}

provider "aws" {
region = "ap-southeast-3"
alias = "ap-southeast-3"
}

provider "aws" {
region = "ca-central-1"
alias = "ca-central-1"
Expand Down Expand Up @@ -63,6 +68,11 @@ provider "aws" {
alias = "eu-west-3"
}

provider "aws" {
region = "me-south-1"
alias = "me-south-1"
}

provider "aws" {
region = "sa-east-1"
alias = "sa-east-1"
Expand Down
2 changes: 2 additions & 0 deletions examples/organization/master/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,12 +53,14 @@ module "secure_baseline" {
aws.ap-south-1 = aws.ap-south-1
aws.ap-southeast-1 = aws.ap-southeast-1
aws.ap-southeast-2 = aws.ap-southeast-2
aws.ap-southeast-3 = aws.ap-southeast-3
aws.ca-central-1 = aws.ca-central-1
aws.eu-central-1 = aws.eu-central-1
aws.eu-north-1 = aws.eu-north-1
aws.eu-west-1 = aws.eu-west-1
aws.eu-west-2 = aws.eu-west-2
aws.eu-west-3 = aws.eu-west-3
aws.me-south-1 = aws.me-south-1
aws.sa-east-1 = aws.sa-east-1
aws.us-east-1 = aws.us-east-1
aws.us-east-2 = aws.us-east-2
Expand Down
10 changes: 10 additions & 0 deletions examples/organization/master/regions.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,11 @@ provider "aws" {
alias = "ap-southeast-2"
}

provider "aws" {
region = "ap-southeast-3"
alias = "ap-southeast-3"
}

provider "aws" {
region = "ca-central-1"
alias = "ca-central-1"
Expand Down Expand Up @@ -63,6 +68,11 @@ provider "aws" {
alias = "eu-west-3"
}

provider "aws" {
region = "me-south-1"
alias = "me-south-1"
}

provider "aws" {
region = "sa-east-1"
alias = "sa-east-1"
Expand Down
2 changes: 2 additions & 0 deletions examples/organization/member/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,14 @@ module "secure_baseline" {
aws.ap-south-1 = aws.ap-south-1
aws.ap-southeast-1 = aws.ap-southeast-1
aws.ap-southeast-2 = aws.ap-southeast-2
aws.ap-southeast-3 = aws.ap-southeast-3
aws.ca-central-1 = aws.ca-central-1
aws.eu-central-1 = aws.eu-central-1
aws.eu-north-1 = aws.eu-north-1
aws.eu-west-1 = aws.eu-west-1
aws.eu-west-2 = aws.eu-west-2
aws.eu-west-3 = aws.eu-west-3
aws.me-south-1 = aws.me-south-1
aws.sa-east-1 = aws.sa-east-1
aws.us-east-1 = aws.us-east-1
aws.us-east-2 = aws.us-east-2
Expand Down
10 changes: 10 additions & 0 deletions examples/organization/member/regions.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,11 @@ provider "aws" {
alias = "ap-southeast-2"
}

provider "aws" {
region = "ap-southeast-3"
alias = "ap-southeast-3"
}

provider "aws" {
region = "ca-central-1"
alias = "ca-central-1"
Expand Down Expand Up @@ -63,6 +68,11 @@ provider "aws" {
alias = "eu-west-3"
}

provider "aws" {
region = "me-south-1"
alias = "me-south-1"
}

provider "aws" {
region = "sa-east-1"
alias = "sa-east-1"
Expand Down
2 changes: 2 additions & 0 deletions examples/select-region/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,14 @@ module "secure_baseline" {
aws.ap-south-1 = aws.ap-south-1
aws.ap-southeast-1 = aws.ap-southeast-1
aws.ap-southeast-2 = aws.ap-southeast-2
aws.ap-southeast-3 = aws.ap-southeast-3
aws.ca-central-1 = aws.ca-central-1
aws.eu-central-1 = aws.eu-central-1
aws.eu-north-1 = aws.eu-north-1
aws.eu-west-1 = aws.eu-west-1
aws.eu-west-2 = aws.eu-west-2
aws.eu-west-3 = aws.eu-west-3
aws.me-south-1 = aws.me-south-1
aws.sa-east-1 = aws.sa-east-1
aws.us-east-1 = aws.us-east-1
aws.us-east-2 = aws.us-east-2
Expand Down
Loading