diff --git a/CHANGELOG.md b/CHANGELOG.md index ea10fd8..9364fd5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,18 @@ +## v1.0.0 (2024-10-22) + +_Breaking changes_ + +- Flowpipe `v1.0.0` is now required. For a full list of CLI changes, please see the [Flowpipe v1.0.0 CHANGELOG](https://flowpipe.io/changelog/flowpipe-cli-v1-0-0). +- In Flowpipe configuration files (`.fpc`), `credential` and `credential_import` resources have been renamed to `connection` and `connection_import` respectively. +- Renamed all `cred` params to `conn` and updated their types from `string` to `conn`. + +_Enhancements_ + +- Added `library` to the mod's categories. +- Updated the following pipeline tags: + - `type = "featured"` to `recommended = "true"` + - `type = "test"` to `folder = "Tests"` + ## v0.4.1 [2024-09-17] _Bug fixes_ diff --git a/README.md b/README.md index 98dc98e..626a652 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ brew tap turbot/tap brew install flowpipe ``` -### Credentials +### Connections By default, the following environment variables will be used for authentication: @@ -29,30 +29,30 @@ By default, the following environment variables will be used for authentication: - `AWS_ACCESS_KEY_ID` - `AWS_SECRET_ACCESS_KEY` -You can also create `credential` resources in configuration files: +You can also create `connection` resources in configuration files: ```sh vi ~/.flowpipe/config/aws.fpc ``` ```hcl -credential "aws" "aws_profile" { +connection "aws" "aws_profile" { profile = "my-profile" } -credential "aws" "aws_access_key_pair" { +connection "aws" "aws_access_key_pair" { access_key = "AKIA..." secret_key = "dP+C+J..." } -credential "aws" "aws_session_token" { +connection "aws" "aws_session_token" { access_key = "AKIA..." secret_key = "dP+C+J..." session_token = "AQoDX..." } ``` -For more information on credentials in Flowpipe, please see [Managing Credentials](https://flowpipe.io/docs/run/credentials). +For more information on connections in Flowpipe, please see [Managing Connections](https://flowpipe.io/docs/run/connections). ### Usage @@ -116,10 +116,10 @@ Run a pipeline: flowpipe pipeline run describe_ec2_instances --arg 'instance_ids=["i-1234567890abcdef0", "i-abcdef12345"]' --arg instance_type=t2.micro --arg region=ap-south-1 ``` -To use a specific `credential`, specify the `cred` pipeline argument: +To use a specific `connection`, specify the `conn` pipeline argument: ```sh -flowpipe pipeline run describe_ec2_instances --arg cred=aws_profile --arg instance_type=t2.micro --arg region=us-east-1 +flowpipe pipeline run describe_ec2_instances --arg conn=connection.aws.aws_profile --arg instance_type=t2.micro --arg region=us-east-1 ``` ## Open Source & Contributing diff --git a/locals.fp b/locals.fp index eafe9e5..db7f8ec 100644 --- a/locals.fp +++ b/locals.fp @@ -1,5 +1,5 @@ # Common descriptions locals { - cred_param_description = "Name for credentials to use. If not provided, the default credentials will be used." + conn_param_description = "Name of AWS connection to use. If not provided, the default AWS connection will be used." region_param_description = "The name of the Region." } diff --git a/mod.fp b/mod.fp index 16325ca..65c55ea 100644 --- a/mod.fp +++ b/mod.fp @@ -4,11 +4,17 @@ mod "aws" { color = "#FF9900" documentation = file("./README.md") icon = "/images/mods/turbot/aws.svg" - categories = ["public cloud"] + categories = ["library", "public cloud"] opengraph { title = "AWS Mod for Flowpipe" description = "Run pipelines to supercharge your AWS workflows using Flowpipe." image = "/images/mods/turbot/aws-social-graphic.png" } + + require { + flowpipe { + min_version = "1.0.0" + } + } } diff --git a/pipelines/account/delete_alternate_contact.fp b/pipelines/account/delete_alternate_contact.fp new file mode 100644 index 0000000..3cf471b --- /dev/null +++ b/pipelines/account/delete_alternate_contact.fp @@ -0,0 +1,26 @@ +pipeline "delete_alternate_contact" { + title = "Delete Alternate Contact" + description = "Delete an alternate contact for an AWS account." + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "alternate_contact_type" { + type = string + description = "The type of alternate contact (BILLING, OPERATIONS, SECURITY)." + } + + step "container" "delete_alternate_contact" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = concat( + ["account", "delete-alternate-contact"], + ["--alternate-contact-type", param.alternate_contact_type] + ) + + env = param.conn.env + } +} diff --git a/pipelines/account/put_alternate_contact.fp b/pipelines/account/put_alternate_contact.fp index 662df18..2b24f52 100644 --- a/pipelines/account/put_alternate_contact.fp +++ b/pipelines/account/put_alternate_contact.fp @@ -2,15 +2,10 @@ pipeline "put_alternate_contact" { title = "Put Alternate Contact" description = "Sets an alternate contact for an AWS account." - param "cred" { - type = string - description = "The credential profile to use." - default = "default" - } - - param "account_id" { - type = string - description = "The AWS account ID." + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "alternate_contact_type" { @@ -43,7 +38,6 @@ pipeline "put_alternate_contact" { cmd = concat( ["account", "put-alternate-contact"], - ["--account-id", param.account_id], ["--alternate-contact-type", param.alternate_contact_type], ["--email-address", param.email_address], ["--name", param.name], @@ -51,6 +45,6 @@ pipeline "put_alternate_contact" { ["--title", param.title] ) - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/apigateway/modify_apigateway_rest_api_stage.fp b/pipelines/apigateway/modify_apigateway_rest_api_stage.fp index 868d2e4..38a70d7 100644 --- a/pipelines/apigateway/modify_apigateway_rest_api_stage.fp +++ b/pipelines/apigateway/modify_apigateway_rest_api_stage.fp @@ -1,5 +1,5 @@ pipeline "modify_apigateway_rest_api_stage" { - title = "Modify API Gateway REST API stage" + title = "Modify API Gateway REST API Stage" description = "Modifies settings for API Gateway REST API stage." param "region" { @@ -7,10 +7,10 @@ pipeline "modify_apigateway_rest_api_stage" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "rest_api_id" { @@ -33,6 +33,6 @@ pipeline "modify_apigateway_rest_api_stage" { "--patch-operations", "op=replace,path=/tracingEnabled,value=true", ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/cloudtrail/create_cloudtrail_trail.fp b/pipelines/cloudtrail/create_cloudtrail_trail.fp index 2c77f8c..b0cb5a9 100644 --- a/pipelines/cloudtrail/create_cloudtrail_trail.fp +++ b/pipelines/cloudtrail/create_cloudtrail_trail.fp @@ -7,10 +7,10 @@ pipeline "create_cloudtrail_trail" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "name" { @@ -50,7 +50,7 @@ pipeline "create_cloudtrail_trail" { ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "trail" { diff --git a/pipelines/cloudtrail/delete_cloudtrail_trail.fp b/pipelines/cloudtrail/delete_cloudtrail_trail.fp new file mode 100644 index 0000000..778f032 --- /dev/null +++ b/pipelines/cloudtrail/delete_cloudtrail_trail.fp @@ -0,0 +1,30 @@ +pipeline "delete_cloudtrail_trail" { + title = "Delete CloudTrail Trail" + description = "Delete a trail with specified name." + + param "region" { + type = string + description = local.region_param_description + } + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "name" { + type = string + description = "The name of the trail." + } + + step "container" "delete_cloudtrail_trail" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = concat( + ["cloudtrail", "delete-trail", "--name", param.name] + ) + + env = merge(param.conn.env, { AWS_REGION = param.region }) + } +} diff --git a/pipelines/cloudtrail/put_cloudtrail_trail_event_selector.fp b/pipelines/cloudtrail/put_cloudtrail_trail_event_selector.fp index be88063..af3b80f 100644 --- a/pipelines/cloudtrail/put_cloudtrail_trail_event_selector.fp +++ b/pipelines/cloudtrail/put_cloudtrail_trail_event_selector.fp @@ -7,10 +7,10 @@ pipeline "put_cloudtrail_trail_event_selector" { description = "The AWS region where the CloudTrail trail is located." } - param "cred" { - type = string - description = "The AWS credentials to use." - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "trail_name" { @@ -34,7 +34,7 @@ pipeline "put_cloudtrail_trail_event_selector" { ] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "trail" { diff --git a/pipelines/cloudtrail/start_cloudtrail_trail_logging.fp b/pipelines/cloudtrail/start_cloudtrail_trail_logging.fp index 9ed38c0..666fbd5 100644 --- a/pipelines/cloudtrail/start_cloudtrail_trail_logging.fp +++ b/pipelines/cloudtrail/start_cloudtrail_trail_logging.fp @@ -7,10 +7,10 @@ pipeline "start_cloudtrail_trail_logging" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "name" { @@ -23,6 +23,6 @@ pipeline "start_cloudtrail_trail_logging" { cmd = ["cloudtrail", "start-logging", "--name", param.name] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/cloudtrail/update_cloudtrail_trail.fp b/pipelines/cloudtrail/update_cloudtrail_trail.fp index 8c1cd9d..2eadfbe 100644 --- a/pipelines/cloudtrail/update_cloudtrail_trail.fp +++ b/pipelines/cloudtrail/update_cloudtrail_trail.fp @@ -7,10 +7,10 @@ pipeline "update_cloudtrail_trail" { description = "The AWS region where the CloudTrail trail is located." } - param "cred" { - type = string - description = "The AWS credentials to use." - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "trail_name" { @@ -63,7 +63,7 @@ pipeline "update_cloudtrail_trail" { param.kms_key_id != null ? ["--kms-key-id", param.kms_key_id] : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "trail" { diff --git a/pipelines/cloudwatch/create_cloudwatch_log_group.fp b/pipelines/cloudwatch/create_cloudwatch_log_group.fp index 0e83bf3..ab67c18 100644 --- a/pipelines/cloudwatch/create_cloudwatch_log_group.fp +++ b/pipelines/cloudwatch/create_cloudwatch_log_group.fp @@ -7,10 +7,10 @@ pipeline "create_cloudwatch_log_group" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "log_group_name" { @@ -40,7 +40,7 @@ pipeline "create_cloudwatch_log_group" { ] : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "log_group_creation" { diff --git a/pipelines/cloudwatch/create_cloudwatch_log_stream.fp b/pipelines/cloudwatch/create_cloudwatch_log_stream.fp index 9b4905d..31c224c 100644 --- a/pipelines/cloudwatch/create_cloudwatch_log_stream.fp +++ b/pipelines/cloudwatch/create_cloudwatch_log_stream.fp @@ -7,10 +7,10 @@ pipeline "create_cloudwatch_log_stream" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "log_group_name" { @@ -32,7 +32,7 @@ pipeline "create_cloudwatch_log_stream" { "--log-stream-name", param.log_stream_name ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "log_stream_creation" { diff --git a/pipelines/dynamodb/delete_dynamodb_table.fp b/pipelines/dynamodb/delete_dynamodb_table.fp index a7ef20b..a577a2e 100644 --- a/pipelines/dynamodb/delete_dynamodb_table.fp +++ b/pipelines/dynamodb/delete_dynamodb_table.fp @@ -7,10 +7,10 @@ pipeline "delete_dynamodb_table" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "table_name" { @@ -26,6 +26,6 @@ pipeline "delete_dynamodb_table" { "--table-name", param.table_name ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/dynamodb/update_dynamodb_continuous_backup.fp b/pipelines/dynamodb/update_dynamodb_continuous_backup.fp index 1e1eacb..821e93f 100644 --- a/pipelines/dynamodb/update_dynamodb_continuous_backup.fp +++ b/pipelines/dynamodb/update_dynamodb_continuous_backup.fp @@ -7,10 +7,10 @@ pipeline "update_dynamodb_continuous_backup" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "table_name" { @@ -25,7 +25,7 @@ pipeline "update_dynamodb_continuous_backup" { "dynamodb", "update-continuous-backups", "--table-name", param.table_name, "--point-in-time-recovery-specification", "PointInTimeRecoveryEnabled=true", ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "continuous_backups_description" { diff --git a/pipelines/dynamodb/update_dynamodb_table.fp b/pipelines/dynamodb/update_dynamodb_table.fp index e56f1d4..94cd238 100644 --- a/pipelines/dynamodb/update_dynamodb_table.fp +++ b/pipelines/dynamodb/update_dynamodb_table.fp @@ -7,10 +7,10 @@ pipeline "update_dynamodb_table" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "table_name" { @@ -25,7 +25,7 @@ pipeline "update_dynamodb_table" { ["dynamodb", "update-table", "--table-name", param.table_name, "--deletion-protection-enabled"], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "table_name" { diff --git a/pipelines/ebs/create_ebs_snapshot.fp b/pipelines/ebs/create_ebs_snapshot.fp index a5d4783..328d4da 100644 --- a/pipelines/ebs/create_ebs_snapshot.fp +++ b/pipelines/ebs/create_ebs_snapshot.fp @@ -7,10 +7,10 @@ pipeline "create_ebs_snapshot" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "volume_id" { @@ -25,7 +25,7 @@ pipeline "create_ebs_snapshot" { ["ec2", "create-snapshot", "--volume-id", param.volume_id] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "snapshot" { diff --git a/pipelines/ebs/delete_ebs_snapshot.fp b/pipelines/ebs/delete_ebs_snapshot.fp index 83fcec6..b34463d 100644 --- a/pipelines/ebs/delete_ebs_snapshot.fp +++ b/pipelines/ebs/delete_ebs_snapshot.fp @@ -7,10 +7,10 @@ pipeline "delete_ebs_snapshot" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "snapshot_id" { @@ -26,6 +26,6 @@ pipeline "delete_ebs_snapshot" { "--snapshot-id", param.snapshot_id, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/ebs/delete_ebs_volume.fp b/pipelines/ebs/delete_ebs_volume.fp index b2d0a68..847ad17 100644 --- a/pipelines/ebs/delete_ebs_volume.fp +++ b/pipelines/ebs/delete_ebs_volume.fp @@ -7,10 +7,10 @@ pipeline "delete_ebs_volume" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "volume_id" { @@ -28,6 +28,6 @@ pipeline "delete_ebs_volume" { ], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/ebs/describe_ebs_snapshots.fp b/pipelines/ebs/describe_ebs_snapshots.fp index 1fa1e65..61cd407 100644 --- a/pipelines/ebs/describe_ebs_snapshots.fp +++ b/pipelines/ebs/describe_ebs_snapshots.fp @@ -2,10 +2,10 @@ pipeline "describe_ebs_snapshots" { title = "Describe EBS Snapshots" description = "Describes the specified EBS snapshots or all available snapshots." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -41,7 +41,7 @@ pipeline "describe_ebs_snapshots" { try(length(param.volume_ids), 0) > 0 ? concat(["--filter", "Name=volume-id,Values=${param.volume_ids}"]) : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "snapshots" { diff --git a/pipelines/ebs/detach_ebs_volume.fp b/pipelines/ebs/detach_ebs_volume.fp index 1141c69..971a7a5 100644 --- a/pipelines/ebs/detach_ebs_volume.fp +++ b/pipelines/ebs/detach_ebs_volume.fp @@ -7,10 +7,10 @@ pipeline "detach_ebs_volume" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "volume_id" { @@ -28,7 +28,7 @@ pipeline "detach_ebs_volume" { ], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "volume_modification" { diff --git a/pipelines/ebs/enable_ebs_encryption_by_default.fp b/pipelines/ebs/enable_ebs_encryption_by_default.fp index 3cb9c09..08d7290 100644 --- a/pipelines/ebs/enable_ebs_encryption_by_default.fp +++ b/pipelines/ebs/enable_ebs_encryption_by_default.fp @@ -7,10 +7,10 @@ pipeline "enable_ebs_encryption_by_default" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } step "container" "enable_ebs_encryption_by_default" { @@ -20,7 +20,7 @@ pipeline "enable_ebs_encryption_by_default" { cmd = [ "ec2", "enable-ebs-encryption-by-default" ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "ebs_encryption_by_default" { diff --git a/pipelines/ebs/get_ebs_encryption_by_default.fp b/pipelines/ebs/get_ebs_encryption_by_default.fp index 0e7e0a2..a63a914 100644 --- a/pipelines/ebs/get_ebs_encryption_by_default.fp +++ b/pipelines/ebs/get_ebs_encryption_by_default.fp @@ -7,10 +7,10 @@ pipeline "get_ebs_encryption_by_default" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } step "container" "get_ebs_encryption_by_default" { @@ -19,7 +19,7 @@ pipeline "get_ebs_encryption_by_default" { cmd = [ "ec2", "get-ebs-encryption-by-default" ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "ebs_encryption_by_default" { diff --git a/pipelines/ebs/modify_ebs_snapshot.fp b/pipelines/ebs/modify_ebs_snapshot.fp index 175aa7e..f1183a3 100644 --- a/pipelines/ebs/modify_ebs_snapshot.fp +++ b/pipelines/ebs/modify_ebs_snapshot.fp @@ -7,10 +7,10 @@ pipeline "modify_ebs_snapshot" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "snapshot_id" { @@ -29,6 +29,6 @@ pipeline "modify_ebs_snapshot" { "--group", "all" ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/ebs/modify_ebs_volume.fp b/pipelines/ebs/modify_ebs_volume.fp index 39645ad..a004378 100644 --- a/pipelines/ebs/modify_ebs_volume.fp +++ b/pipelines/ebs/modify_ebs_volume.fp @@ -7,10 +7,10 @@ pipeline "modify_ebs_volume" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "volume_id" { @@ -49,7 +49,7 @@ pipeline "modify_ebs_volume" { param.size != null ? ["--size", param.size] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "volume_modification" { diff --git a/pipelines/ec2/associate_iam_ec2_instance_profile.fp b/pipelines/ec2/associate_iam_ec2_instance_profile.fp index 771015f..25088f7 100644 --- a/pipelines/ec2/associate_iam_ec2_instance_profile.fp +++ b/pipelines/ec2/associate_iam_ec2_instance_profile.fp @@ -7,10 +7,10 @@ pipeline "associate_iam_ec2_instance_profile" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_id" { @@ -30,7 +30,7 @@ pipeline "associate_iam_ec2_instance_profile" { "--instance-id", param.instance_id, "--iam-instance-profile", param.iam_instance_profile, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "iam_instance_profile_association" { diff --git a/pipelines/ec2/describe_ec2_instances.fp b/pipelines/ec2/describe_ec2_instances.fp index 226c467..661cd79 100644 --- a/pipelines/ec2/describe_ec2_instances.fp +++ b/pipelines/ec2/describe_ec2_instances.fp @@ -2,10 +2,10 @@ pipeline "describe_ec2_instances" { title = "Describe EC2 Instances" description = "Describes the specified instances or all instances." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -51,7 +51,7 @@ pipeline "describe_ec2_instances" { ]) : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } # Transform the reservation list of instance lists into a single list of instances for output. diff --git a/pipelines/ec2/describe_iam_instance_profile_associations.fp b/pipelines/ec2/describe_iam_instance_profile_associations.fp index 5c206b7..1a66413 100644 --- a/pipelines/ec2/describe_iam_instance_profile_associations.fp +++ b/pipelines/ec2/describe_iam_instance_profile_associations.fp @@ -7,10 +7,10 @@ pipeline "describe_iam_instance_profile_associations" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_id" { @@ -27,7 +27,7 @@ pipeline "describe_iam_instance_profile_associations" { param.instance_id != null ? ["--filters", "Name=instance-id,Values=${param.instance_id}"] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "iam_instance_profile_associations" { diff --git a/pipelines/ec2/detach_network_interface.fp b/pipelines/ec2/detach_network_interface.fp index 4d64049..c57f570 100644 --- a/pipelines/ec2/detach_network_interface.fp +++ b/pipelines/ec2/detach_network_interface.fp @@ -7,10 +7,10 @@ pipeline "detach_network_interface" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "attachment_id" { @@ -36,7 +36,7 @@ pipeline "detach_network_interface" { param.force_detach ? ["--force"] : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "operation_status" { diff --git a/pipelines/ec2/disassociate_iam_instance_profile.fp b/pipelines/ec2/disassociate_iam_instance_profile.fp index a63ba1e..23bb825 100644 --- a/pipelines/ec2/disassociate_iam_instance_profile.fp +++ b/pipelines/ec2/disassociate_iam_instance_profile.fp @@ -7,10 +7,10 @@ pipeline "disassociate_iam_instance_profile" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "association_id" { @@ -26,7 +26,7 @@ pipeline "disassociate_iam_instance_profile" { ["--association-id", param.association_id], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "iam_instance_profile_association" { diff --git a/pipelines/ec2/modify_client_vpn_endpoint.fp b/pipelines/ec2/modify_client_vpn_endpoint.fp index 4f5a9d8..80de335 100644 --- a/pipelines/ec2/modify_client_vpn_endpoint.fp +++ b/pipelines/ec2/modify_client_vpn_endpoint.fp @@ -7,10 +7,10 @@ pipeline "modify_client_vpn_endpoint" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "client_vpn_endpoint_id" { @@ -51,7 +51,7 @@ pipeline "modify_client_vpn_endpoint" { ] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "vpn_modification" { diff --git a/pipelines/ec2/modify_ec2_instance_attributes.fp b/pipelines/ec2/modify_ec2_instance_attributes.fp index bfc366b..16de634 100644 --- a/pipelines/ec2/modify_ec2_instance_attributes.fp +++ b/pipelines/ec2/modify_ec2_instance_attributes.fp @@ -7,10 +7,10 @@ pipeline "modify_ec2_instance_attributes" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_id" { @@ -33,6 +33,6 @@ pipeline "modify_ec2_instance_attributes" { param.security_group_ids != null ? ["--groups", join(",", param.security_group_ids)] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/ec2/modify_ec2_instance_metadata_options.fp b/pipelines/ec2/modify_ec2_instance_metadata_options.fp index d52792e..cdb774a 100644 --- a/pipelines/ec2/modify_ec2_instance_metadata_options.fp +++ b/pipelines/ec2/modify_ec2_instance_metadata_options.fp @@ -7,10 +7,10 @@ pipeline "modify_ec2_instance_metadata_options" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_id" { @@ -40,7 +40,7 @@ pipeline "modify_ec2_instance_metadata_options" { param.http_endpoint != null ? ["--http-endpoint", param.http_endpoint] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "instance_metadata_options" { diff --git a/pipelines/ec2/run_ec2_instances.fp b/pipelines/ec2/run_ec2_instances.fp index 14db381..44439bb 100644 --- a/pipelines/ec2/run_ec2_instances.fp +++ b/pipelines/ec2/run_ec2_instances.fp @@ -3,7 +3,7 @@ pipeline "run_ec2_instances" { description = "Launches an Amazon EC2 instance." tags = { - type = "featured" + recommended = "true" } param "region" { @@ -11,10 +11,10 @@ pipeline "run_ec2_instances" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_type" { @@ -43,7 +43,7 @@ pipeline "run_ec2_instances" { "--count", param.count, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "instances" { diff --git a/pipelines/ec2/start_ec2_instances.fp b/pipelines/ec2/start_ec2_instances.fp index 334cdc7..ff1b8e5 100644 --- a/pipelines/ec2/start_ec2_instances.fp +++ b/pipelines/ec2/start_ec2_instances.fp @@ -7,10 +7,10 @@ pipeline "start_ec2_instances" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_ids" { @@ -24,7 +24,7 @@ pipeline "start_ec2_instances" { ["ec2", "start-instances", "--instance-ids"], param.instance_ids ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "instances" { diff --git a/pipelines/ec2/stop_ec2_instances.fp b/pipelines/ec2/stop_ec2_instances.fp index 3c12bc6..1441ca2 100644 --- a/pipelines/ec2/stop_ec2_instances.fp +++ b/pipelines/ec2/stop_ec2_instances.fp @@ -3,7 +3,7 @@ pipeline "stop_ec2_instances" { description = "Stops an Amazon EBS-backed instance." tags = { - type = "featured" + recommended = "true" } param "region" { @@ -11,10 +11,10 @@ pipeline "stop_ec2_instances" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_ids" { @@ -28,7 +28,7 @@ pipeline "stop_ec2_instances" { ["ec2", "stop-instances", "--instance-ids"], param.instance_ids ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "instances" { diff --git a/pipelines/ec2/terminate_ec2_instances.fp b/pipelines/ec2/terminate_ec2_instances.fp index 4e543cb..16878b3 100644 --- a/pipelines/ec2/terminate_ec2_instances.fp +++ b/pipelines/ec2/terminate_ec2_instances.fp @@ -7,10 +7,10 @@ pipeline "terminate_ec2_instances" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_ids" { @@ -26,7 +26,7 @@ pipeline "terminate_ec2_instances" { try(length(param.instance_ids), 0) > 0 ? concat(["--instance-ids"], param.instance_ids) : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "instances" { diff --git a/pipelines/ec2/tests/test_modify_ec2_instance_metadata_options.fp b/pipelines/ec2/tests/test_modify_ec2_instance_metadata_options.fp index ccc272f..bca7f97 100644 --- a/pipelines/ec2/tests/test_modify_ec2_instance_metadata_options.fp +++ b/pipelines/ec2/tests/test_modify_ec2_instance_metadata_options.fp @@ -3,13 +3,13 @@ pipeline "test_modify_ec2_instance_metadata_options" { description = "Test the run_ec2_instances pipeline." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -32,7 +32,7 @@ pipeline "test_modify_ec2_instance_metadata_options" { step "pipeline" "run_ec2_instances" { pipeline = pipeline.run_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_type = param.instance_type image_id = param.image_id @@ -44,7 +44,7 @@ pipeline "test_modify_ec2_instance_metadata_options" { depends_on = [step.pipeline.run_ec2_instances] pipeline = pipeline.modify_ec2_instance_metadata_options args = { - cred = param.cred + conn = param.conn region = param.region instance_id = step.pipeline.run_ec2_instances.output.instances[0].InstanceId http_tokens = "required" @@ -70,7 +70,7 @@ pipeline "test_modify_ec2_instance_metadata_options" { pipeline = pipeline.terminate_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_ids = [step.pipeline.run_ec2_instances.output.instances[0].InstanceId] } diff --git a/pipelines/ec2/tests/test_run_ec2_instance.fp b/pipelines/ec2/tests/test_run_ec2_instance.fp index 2e0e578..b7e27d6 100644 --- a/pipelines/ec2/tests/test_run_ec2_instance.fp +++ b/pipelines/ec2/tests/test_run_ec2_instance.fp @@ -3,13 +3,13 @@ pipeline "test_run_ec2_instance" { description = "Test the run_ec2_instances pipeline." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -32,7 +32,7 @@ pipeline "test_run_ec2_instance" { step "pipeline" "run_ec2_instances" { pipeline = pipeline.run_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_type = param.instance_type image_id = param.image_id @@ -43,7 +43,7 @@ pipeline "test_run_ec2_instance" { if = !is_error(step.pipeline.run_ec2_instances) pipeline = pipeline.describe_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_ids = [step.pipeline.run_ec2_instances.output.instances[0].InstanceId] } @@ -62,7 +62,7 @@ pipeline "test_run_ec2_instance" { pipeline = pipeline.terminate_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_ids = [step.pipeline.run_ec2_instances.output.instances[0].InstanceId] } diff --git a/pipelines/ec2/tests/test_start_and_stop_ec2_instance.fp b/pipelines/ec2/tests/test_start_and_stop_ec2_instance.fp index 9cceec6..ee7f2d1 100644 --- a/pipelines/ec2/tests/test_start_and_stop_ec2_instance.fp +++ b/pipelines/ec2/tests/test_start_and_stop_ec2_instance.fp @@ -3,13 +3,13 @@ pipeline "test_start_and_stop_ec2_instance" { description = "Tests the start_ec2_instances and the start_ec2_instances pipelines." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -32,7 +32,7 @@ pipeline "test_start_and_stop_ec2_instance" { step "pipeline" "run_ec2_instances" { pipeline = pipeline.run_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_type = param.instance_type image_id = param.image_id @@ -43,7 +43,7 @@ pipeline "test_start_and_stop_ec2_instance" { if = !is_error(step.pipeline.run_ec2_instances) pipeline = pipeline.stop_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_ids = [step.pipeline.run_ec2_instances.output.instances[0].InstanceId] } @@ -60,7 +60,7 @@ pipeline "test_start_and_stop_ec2_instance" { depends_on = [step.pipeline.stop_ec2_instances] pipeline = pipeline.start_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_ids = [step.pipeline.run_ec2_instances.output.instances[0].InstanceId] } @@ -79,7 +79,7 @@ pipeline "test_start_and_stop_ec2_instance" { pipeline = pipeline.terminate_ec2_instances args = { - cred = param.cred + conn = param.conn region = param.region instance_ids = [step.pipeline.run_ec2_instances.output.instances[0].InstanceId] } diff --git a/pipelines/eks/delete_eks_node_group.fp b/pipelines/eks/delete_eks_node_group.fp index 856967a..0cd32c7 100644 --- a/pipelines/eks/delete_eks_node_group.fp +++ b/pipelines/eks/delete_eks_node_group.fp @@ -7,10 +7,10 @@ pipeline "delete_eks_node_group" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "cluster_name" { @@ -32,7 +32,7 @@ pipeline "delete_eks_node_group" { "--nodegroup-name", param.node_group_name ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "node_group" { diff --git a/pipelines/elasticache/delete_elasticache_cluster.fp b/pipelines/elasticache/delete_elasticache_cluster.fp index 64be842..70206d4 100644 --- a/pipelines/elasticache/delete_elasticache_cluster.fp +++ b/pipelines/elasticache/delete_elasticache_cluster.fp @@ -7,10 +7,10 @@ pipeline "delete_elasticache_cluster" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "cluster_id" { @@ -26,7 +26,7 @@ pipeline "delete_elasticache_cluster" { "--cache-cluster-id", param.cluster_id ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "cache_cluster" { diff --git a/pipelines/elb/create_elb_classic_load_balancer.fp b/pipelines/elb/create_elb_classic_load_balancer.fp index 23e822b..622b2bf 100644 --- a/pipelines/elb/create_elb_classic_load_balancer.fp +++ b/pipelines/elb/create_elb_classic_load_balancer.fp @@ -7,10 +7,10 @@ pipeline "create_elb_classic_load_balancer" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "name" { @@ -38,7 +38,7 @@ pipeline "create_elb_classic_load_balancer" { ["--availability-zones", join(",", param.availability_zones)] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "elb_dns_name" { diff --git a/pipelines/elb/create_elbv2_load_balancer.fp b/pipelines/elb/create_elbv2_load_balancer.fp index 5ef960b..c8b8578 100644 --- a/pipelines/elb/create_elbv2_load_balancer.fp +++ b/pipelines/elb/create_elbv2_load_balancer.fp @@ -7,10 +7,10 @@ pipeline "create_elbv2_load_balancer" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "name" { @@ -38,7 +38,7 @@ pipeline "create_elbv2_load_balancer" { flatten([for az in param.availability_zones : ["--availability-zones", az]]) ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "load_balancers" { diff --git a/pipelines/elb/delete_elb_load_balancer.fp b/pipelines/elb/delete_elb_load_balancer.fp index 166d9aa..8eb670e 100644 --- a/pipelines/elb/delete_elb_load_balancer.fp +++ b/pipelines/elb/delete_elb_load_balancer.fp @@ -7,10 +7,10 @@ pipeline "delete_elb_load_balancer" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "load_balancer_name" { @@ -26,6 +26,6 @@ pipeline "delete_elb_load_balancer" { "--load-balancer-name", param.load_balancer_name, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/elb/delete_elbv2_load_balancer.fp b/pipelines/elb/delete_elbv2_load_balancer.fp index c5b3e52..c2b659e 100644 --- a/pipelines/elb/delete_elbv2_load_balancer.fp +++ b/pipelines/elb/delete_elbv2_load_balancer.fp @@ -7,10 +7,10 @@ pipeline "delete_elbv2_load_balancer" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "load_balancer_arn" { @@ -26,6 +26,6 @@ pipeline "delete_elbv2_load_balancer" { "--load-balancer-arn", param.load_balancer_arn ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/elb/modify_elb_attributes.fp b/pipelines/elb/modify_elb_attributes.fp index 771515a..f47b06f 100644 --- a/pipelines/elb/modify_elb_attributes.fp +++ b/pipelines/elb/modify_elb_attributes.fp @@ -7,10 +7,10 @@ pipeline "modify_elb_attributes" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "load_balancer_name" { @@ -45,7 +45,7 @@ pipeline "modify_elb_attributes" { }) ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "load_balancer_attributes" { diff --git a/pipelines/emr/terminate_emr_clusters.fp b/pipelines/emr/terminate_emr_clusters.fp index 6f1764b..abc5832 100644 --- a/pipelines/emr/terminate_emr_clusters.fp +++ b/pipelines/emr/terminate_emr_clusters.fp @@ -7,10 +7,10 @@ pipeline "terminate_emr_clusters" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "cluster_ids" { @@ -26,7 +26,7 @@ pipeline "terminate_emr_clusters" { try(length(param.cluster_ids), 0) > 0 ? concat(["--cluster-ids"], param.cluster_ids) : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "clusters" { diff --git a/pipelines/guardduty/get_guardduty_finding.fp b/pipelines/guardduty/get_guardduty_finding.fp index 5ccc6e4..303b9a1 100644 --- a/pipelines/guardduty/get_guardduty_finding.fp +++ b/pipelines/guardduty/get_guardduty_finding.fp @@ -7,10 +7,10 @@ pipeline "get_guardduty_finding" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "detector_id" { @@ -32,7 +32,7 @@ pipeline "get_guardduty_finding" { ["--finding-id"], param.finding_id, ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "findings" { diff --git a/pipelines/guardduty/list_guardduty_findings.fp b/pipelines/guardduty/list_guardduty_findings.fp index b37af2f..ff8bc01 100644 --- a/pipelines/guardduty/list_guardduty_findings.fp +++ b/pipelines/guardduty/list_guardduty_findings.fp @@ -7,10 +7,10 @@ pipeline "list_guardduty_findings" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "detector_id" { @@ -26,7 +26,7 @@ pipeline "list_guardduty_findings" { ["--detector-id", param.detector_id], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "finding_ids" { diff --git a/pipelines/iam/attach_iam_role_policy.fp b/pipelines/iam/attach_iam_role_policy.fp index 6d106c6..30ec82c 100644 --- a/pipelines/iam/attach_iam_role_policy.fp +++ b/pipelines/iam/attach_iam_role_policy.fp @@ -2,10 +2,10 @@ pipeline "attach_iam_role_policy" { title = "Attach IAM Role Policy" description = "Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "role_name" { @@ -26,6 +26,6 @@ pipeline "attach_iam_role_policy" { "--policy-arn", param.policy_arn, ] - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/change_iam_password.fp b/pipelines/iam/change_iam_password.fp index 778e287..f206dc5 100644 --- a/pipelines/iam/change_iam_password.fp +++ b/pipelines/iam/change_iam_password.fp @@ -2,10 +2,10 @@ pipeline "change_iam_password" { title = "Change IAM User Password" description = "Changes the password of the specified IAM user." - param "cred" { - type = string - description = "The name of the credential to use." - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -31,6 +31,6 @@ pipeline "change_iam_password" { "--new-password", param.new_password, ] - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/create_iam_access_analyzer.fp b/pipelines/iam/create_iam_access_analyzer.fp index c05c4d3..631edee 100644 --- a/pipelines/iam/create_iam_access_analyzer.fp +++ b/pipelines/iam/create_iam_access_analyzer.fp @@ -7,10 +7,10 @@ pipeline "create_iam_access_analyzer" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "analyzer_name" { @@ -34,7 +34,7 @@ pipeline "create_iam_access_analyzer" { ["--region", param.region] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "analyzer" { diff --git a/pipelines/iam/create_iam_access_key.fp b/pipelines/iam/create_iam_access_key.fp index 4a59790..8ef8a4f 100644 --- a/pipelines/iam/create_iam_access_key.fp +++ b/pipelines/iam/create_iam_access_key.fp @@ -2,10 +2,10 @@ pipeline "create_iam_access_key" { title = "Create IAM Access Key" description = "Creates a new AWS access key and secret for an IAM user." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -20,7 +20,7 @@ pipeline "create_iam_access_key" { "create-access-key", "--user-name", "${param.user_name}" ] - env = credential.aws[param.cred].env + env = param.conn.env } output "access_key" { diff --git a/pipelines/iam/create_iam_instance_profile.fp b/pipelines/iam/create_iam_instance_profile.fp index 675c55d..9486ef5 100644 --- a/pipelines/iam/create_iam_instance_profile.fp +++ b/pipelines/iam/create_iam_instance_profile.fp @@ -2,10 +2,10 @@ pipeline "create_iam_instance_profile" { title = "Create Instance Profile" description = "Creates a new instance profile." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "instance_profile_name" { @@ -20,7 +20,7 @@ pipeline "create_iam_instance_profile" { "--instance-profile-name", param.instance_profile_name, ] - env = credential.aws[param.cred].env + env = param.conn.env } output "instance_profile" { diff --git a/pipelines/iam/create_iam_policy.fp b/pipelines/iam/create_iam_policy.fp index 33dffaf..bc266d7 100644 --- a/pipelines/iam/create_iam_policy.fp +++ b/pipelines/iam/create_iam_policy.fp @@ -2,10 +2,10 @@ pipeline "create_iam_policy" { title = "Create IAM Policy" description = "Creates a new policy for your Amazon Web Services account." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "policy_name" { @@ -26,7 +26,7 @@ pipeline "create_iam_policy" { "--policy-document", param.policy_document, ] - env = credential.aws[param.cred].env + env = param.conn.env } output "policy" { diff --git a/pipelines/iam/create_iam_role.fp b/pipelines/iam/create_iam_role.fp index 1bff174..d5800e0 100644 --- a/pipelines/iam/create_iam_role.fp +++ b/pipelines/iam/create_iam_role.fp @@ -2,10 +2,10 @@ pipeline "create_iam_role" { title = "Create IAM Role" description = "Creates a new role for your Amazon Web Services account." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "role_name" { @@ -26,7 +26,7 @@ pipeline "create_iam_role" { "--assume-role-policy-document", param.assume_role_policy_document, ] - env = credential.aws[param.cred].env + env = param.conn.env } output "role" { diff --git a/pipelines/iam/create_iam_user.fp b/pipelines/iam/create_iam_user.fp index 3b3754c..aedd5a2 100644 --- a/pipelines/iam/create_iam_user.fp +++ b/pipelines/iam/create_iam_user.fp @@ -2,10 +2,10 @@ pipeline "create_iam_user" { title = "Create IAM User" description = "Creates an IAM user with the given name." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -20,7 +20,7 @@ pipeline "create_iam_user" { "create-user", "--user-name", param.user_name ] - env = credential.aws[param.cred].env + env = param.conn.env } output "user" { diff --git a/pipelines/iam/delete_iam_access_analyzer.fp b/pipelines/iam/delete_iam_access_analyzer.fp new file mode 100644 index 0000000..c65c06a --- /dev/null +++ b/pipelines/iam/delete_iam_access_analyzer.fp @@ -0,0 +1,37 @@ +pipeline "delete_iam_access_analyzer" { + title = "Delete IAM Access Analyzer" + description = "Deletes an IAM Access Analyzer." + + param "region" { + type = string + description = local.region_param_description + } + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "analyzer_name" { + type = string + description = "The name of the Access Analyzer to delete." + } + + step "container" "delete_analyzer" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = concat( + ["accessanalyzer", "delete-analyzer"], + ["--analyzer-name", param.analyzer_name], + ["--region", param.region] + ) + + env = merge(param.conn.env, { AWS_REGION = param.region }) + } + + output "result" { + description = "Confirmation message that the IAM Access Analyzer has been deleted." + value = "Access Analyzer ${param.analyzer_name} in region ${param.region} has been deleted." + } +} diff --git a/pipelines/iam/delete_iam_access_key.fp b/pipelines/iam/delete_iam_access_key.fp index 0cc22e4..f077833 100644 --- a/pipelines/iam/delete_iam_access_key.fp +++ b/pipelines/iam/delete_iam_access_key.fp @@ -2,10 +2,10 @@ pipeline "delete_iam_access_key" { title = "Delete IAM Access Key" description = "Deletes an IAM access key." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -26,6 +26,6 @@ pipeline "delete_iam_access_key" { "--user-name", "${param.user_name}", "--access-key-id", "${param.access_key_id}" ] - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/delete_iam_policy.fp b/pipelines/iam/delete_iam_policy.fp index 3b44781..bba2d84 100644 --- a/pipelines/iam/delete_iam_policy.fp +++ b/pipelines/iam/delete_iam_policy.fp @@ -2,10 +2,10 @@ pipeline "delete_iam_policy" { title = "Delete IAM Policy" description = "Deletes an IAM policy." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "policy_arn" { @@ -16,6 +16,6 @@ pipeline "delete_iam_policy" { step "container" "delete_policy" { image = "public.ecr.aws/aws-cli/aws-cli" cmd = ["iam", "delete-policy", "--policy-arn", param.policy_arn] - env = credential.aws["default"].env + env = param.conn.env } } diff --git a/pipelines/iam/delete_iam_role.fp b/pipelines/iam/delete_iam_role.fp index 273a061..b073b45 100644 --- a/pipelines/iam/delete_iam_role.fp +++ b/pipelines/iam/delete_iam_role.fp @@ -2,10 +2,10 @@ pipeline "delete_iam_role" { title = "Delete IAM Role" description = "Deletes an IAM role." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "role_name" { @@ -16,6 +16,6 @@ pipeline "delete_iam_role" { step "container" "delete_role" { image = "public.ecr.aws/aws-cli/aws-cli" cmd = ["iam", "delete-role", "--role-name", param.role_name] - env = credential.aws["default"].env + env = param.conn.env } } diff --git a/pipelines/iam/delete_iam_server_certificate.fp b/pipelines/iam/delete_iam_server_certificate.fp index 05eab46..6504e29 100644 --- a/pipelines/iam/delete_iam_server_certificate.fp +++ b/pipelines/iam/delete_iam_server_certificate.fp @@ -2,10 +2,10 @@ pipeline "delete_iam_server_certificate" { title = "Delete IAM Server Certificate" description = "Deletes the specified server certificate from AWS IAM." - param "cred" { - type = string - description = "The name of the credential to use." - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "server_certificate_name" { @@ -20,6 +20,6 @@ pipeline "delete_iam_server_certificate" { "--server-certificate-name", param.server_certificate_name ] - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/delete_iam_user.fp b/pipelines/iam/delete_iam_user.fp index 5cd4ec9..0f8e82a 100644 --- a/pipelines/iam/delete_iam_user.fp +++ b/pipelines/iam/delete_iam_user.fp @@ -2,10 +2,10 @@ pipeline "delete_iam_user" { title = "Delete IAM User" description = "Deletes an IAM user." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -20,6 +20,6 @@ pipeline "delete_iam_user" { "delete-user", "--user-name", param.user_name ] - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/detach_iam_group_policy.fp b/pipelines/iam/detach_iam_group_policy.fp new file mode 100644 index 0000000..a7f9bd6 --- /dev/null +++ b/pipelines/iam/detach_iam_group_policy.fp @@ -0,0 +1,37 @@ +pipeline "detach_iam_group_policy" { + title = "Detach IAM Group Policy" + description = "Detaches a policy from an IAM group." + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "group_name" { + type = string + description = "The name of the IAM group from which the policy will be detached." + } + + param "policy_arn" { + type = string + description = "The ARN of the IAM policy to be detached from the group." + } + + step "container" "detach_policy" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = concat( + ["iam", "detach-group-policy"], + ["--group-name", param.group_name], + ["--policy-arn", param.policy_arn], + ) + + env = param.conn.env + } + + output "result" { + description = "Confirmation message that the policy has been detached from the group." + value = "Policy ${param.policy_arn} has been detached from group ${param.group_name}." + } +} diff --git a/pipelines/iam/detach_iam_role_policy.fp b/pipelines/iam/detach_iam_role_policy.fp new file mode 100644 index 0000000..8d9ddc8 --- /dev/null +++ b/pipelines/iam/detach_iam_role_policy.fp @@ -0,0 +1,37 @@ +pipeline "detach_iam_role_policy" { + title = "Detach IAM Role Policy" + description = "Detaches a policy from an IAM role." + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "role_name" { + type = string + description = "The name of the IAM role from which the policy will be detached." + } + + param "policy_arn" { + type = string + description = "The ARN of the IAM policy to be detached from the role." + } + + step "container" "detach_policy" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = concat( + ["iam", "detach-role-policy"], + ["--role-name", param.role_name], + ["--policy-arn", param.policy_arn] + ) + + env = param.conn.env + } + + output "result" { + description = "Confirmation message that the policy has been detached from the role." + value = "Policy ${param.policy_arn} has been detached from role ${param.role_name}" + } +} diff --git a/pipelines/iam/detach_iam_user_policy.fp b/pipelines/iam/detach_iam_user_policy.fp index 5c379d0..1b25ab7 100644 --- a/pipelines/iam/detach_iam_user_policy.fp +++ b/pipelines/iam/detach_iam_user_policy.fp @@ -2,10 +2,10 @@ pipeline "detach_iam_user_policy" { title = "Detach IAM User Policy" description = "Detaches the specified managed policy from the specified IAM user. When you detach a managed policy from a user, the user no longer has the permissions defined in that policy." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -26,6 +26,6 @@ pipeline "detach_iam_user_policy" { "--policy-arn", param.policy_arn, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = param.conn.env } } diff --git a/pipelines/iam/list_iam_access_keys.fp b/pipelines/iam/list_iam_access_keys.fp index 8788e2f..2ac6061 100644 --- a/pipelines/iam/list_iam_access_keys.fp +++ b/pipelines/iam/list_iam_access_keys.fp @@ -2,10 +2,10 @@ pipeline "list_iam_access_keys" { title = "List IAM Access Keys" description = "Returns information about the access key IDs associated with the specified IAM user. If no user is specified, the user name defaults to the current user." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -22,7 +22,7 @@ pipeline "list_iam_access_keys" { param.user_name != null ? ["--user-name", "${param.user_name}"] : [] ) - env = credential.aws[param.cred].env + env = param.conn.env } output "access_keys" { diff --git a/pipelines/iam/list_iam_groups_for_user.fp b/pipelines/iam/list_iam_groups_for_user.fp index 440c290..06ec101 100644 --- a/pipelines/iam/list_iam_groups_for_user.fp +++ b/pipelines/iam/list_iam_groups_for_user.fp @@ -2,10 +2,10 @@ pipeline "list_iam_groups_for_user" { title = "List IAM Groups for User" description = "Lists the IAM groups that the specified IAM user belongs to." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -20,7 +20,7 @@ pipeline "list_iam_groups_for_user" { "--user-name", param.user_name ] - env = credential.aws[param.cred].env + env = param.conn.env } output "groups" { diff --git a/pipelines/iam/list_iam_users.fp b/pipelines/iam/list_iam_users.fp index 7c045bb..2ab9214 100644 --- a/pipelines/iam/list_iam_users.fp +++ b/pipelines/iam/list_iam_users.fp @@ -2,10 +2,10 @@ pipeline "list_iam_users" { title = "List IAM Users" description = "Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the Amazon Web Services account." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "path_prefix" { @@ -22,7 +22,7 @@ pipeline "list_iam_users" { param.path_prefix != null ? ["--path-prefix", "${param.path_prefix}"] : [] ) - env = credential.aws[param.cred].env + env = param.conn.env } output "users" { diff --git a/pipelines/iam/put_iam_role_policy.fp b/pipelines/iam/put_iam_role_policy.fp index 193b283..d2043f4 100644 --- a/pipelines/iam/put_iam_role_policy.fp +++ b/pipelines/iam/put_iam_role_policy.fp @@ -2,10 +2,10 @@ pipeline "put_iam_role_policy" { title = "Put IAM Role Policy" description = "Adds or updates an inline policy document that is embedded in the specified IAM role." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "role_name" { @@ -32,6 +32,6 @@ pipeline "put_iam_role_policy" { "--policy-document", param.policy_document, ] - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/tests/test_list_iam_users.fp b/pipelines/iam/tests/test_list_iam_users.fp index 3494830..ba228c8 100644 --- a/pipelines/iam/tests/test_list_iam_users.fp +++ b/pipelines/iam/tests/test_list_iam_users.fp @@ -2,13 +2,13 @@ pipeline "test_list_iam_users" { title = "Test List IAM Users" tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "user_name" { @@ -20,7 +20,7 @@ pipeline "test_list_iam_users" { step "pipeline" "create_iam_user" { pipeline = pipeline.create_iam_user args = { - cred = param.cred + conn = param.conn user_name = param.user_name } } @@ -34,7 +34,7 @@ pipeline "test_list_iam_users" { if = !is_error(step.pipeline.create_iam_user) pipeline = pipeline.list_iam_groups_for_user args = { - cred = param.cred + conn = param.conn user_name = param.user_name } } @@ -43,7 +43,7 @@ pipeline "test_list_iam_users" { if = !is_error(step.pipeline.create_iam_user) pipeline = pipeline.create_iam_access_key args = { - cred = param.cred + conn = param.conn user_name = param.user_name } } @@ -52,7 +52,7 @@ pipeline "test_list_iam_users" { depends_on = [step.pipeline.create_iam_access_key] pipeline = pipeline.list_iam_access_keys args = { - cred = param.cred + conn = param.conn user_name = param.user_name } } @@ -61,7 +61,7 @@ pipeline "test_list_iam_users" { depends_on = [step.pipeline.list_iam_access_keys] pipeline = pipeline.delete_iam_access_key args = { - cred = param.cred + conn = param.conn user_name = param.user_name access_key_id = step.pipeline.create_iam_access_key.output.access_key.AccessKeyId } @@ -72,7 +72,7 @@ pipeline "test_list_iam_users" { depends_on = [step.pipeline.delete_iam_access_key] pipeline = pipeline.delete_iam_user args = { - cred = param.cred + conn = param.conn user_name = param.user_name } } diff --git a/pipelines/iam/update_iam_access_key.fp b/pipelines/iam/update_iam_access_key.fp index 3c937ed..dadc626 100644 --- a/pipelines/iam/update_iam_access_key.fp +++ b/pipelines/iam/update_iam_access_key.fp @@ -2,10 +2,10 @@ pipeline "update_iam_access_key" { title = "Update IAM Access Key" description = "Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used to disable a user's key as part of a key rotation workflow." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "access_key_id" { @@ -34,6 +34,6 @@ pipeline "update_iam_access_key" { param.user_name != null ? ["--user-name", param.user_name] : [] ) - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/iam/update_iam_account_password_policy.fp b/pipelines/iam/update_iam_account_password_policy.fp index 93688e8..d45d3f9 100644 --- a/pipelines/iam/update_iam_account_password_policy.fp +++ b/pipelines/iam/update_iam_account_password_policy.fp @@ -2,10 +2,10 @@ pipeline "update_iam_account_password_policy" { title = "Update IAM Account Password Policy" description = "Updates the account password policy for the AWS account." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "minimum_password_length" { @@ -62,15 +62,15 @@ pipeline "update_iam_account_password_policy" { cmd = concat( ["iam", "update-account-password-policy"], param.minimum_password_length != null ? ["--minimum-password-length", tostring(param.minimum_password_length)] : [], - param.require_symbols != null ? ["--require-symbols"] : [], - param.require_numbers != null ? ["--require-numbers"] : [], - param.require_uppercase_characters != null ? ["--require-uppercase-characters"] : [], - param.require_lowercase_characters != null ? ["--require-lowercase-characters"] : [], - param.allow_users_to_change_password != null ? ["--allow-users-to-change-password"] : [], - param.max_password_age != null ? ["--max-password-age", tostring(param.max_password_age)] : [], - param.password_reuse_prevention != null ? ["--password-reuse-prevention", tostring(param.password_reuse_prevention)] : [] + param.require_symbols ? ["--require-symbols"] : [], + param.require_numbers ? ["--require-numbers"] : [], + param.require_uppercase_characters ? ["--require-uppercase-characters"] : [], + param.require_lowercase_characters ? ["--require-lowercase-characters"] : [], + param.allow_users_to_change_password ? ["--allow-users-to-change-password"] : [], + param.max_password_age > 0 ? ["--max-password-age", tostring(param.max_password_age)] : [], + param.password_reuse_prevention > 0 ? ["--password-reuse-prevention", tostring(param.password_reuse_prevention)] : [] ) - env = credential.aws[param.cred].env + env = param.conn.env } } diff --git a/pipelines/kms/enable_kms_key_rotation.fp b/pipelines/kms/enable_kms_key_rotation.fp index f9d4bea..20b16a6 100644 --- a/pipelines/kms/enable_kms_key_rotation.fp +++ b/pipelines/kms/enable_kms_key_rotation.fp @@ -7,10 +7,10 @@ pipeline "enable_kms_key_rotation" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "key_id" { @@ -25,7 +25,7 @@ pipeline "enable_kms_key_rotation" { "enable-key-rotation", "--key-id", "${param.key_id}" ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "result" { diff --git a/pipelines/kms/put_key_policy.fp b/pipelines/kms/put_key_policy.fp index a010d99..e135c0e 100644 --- a/pipelines/kms/put_key_policy.fp +++ b/pipelines/kms/put_key_policy.fp @@ -7,10 +7,10 @@ pipeline "put_kms_key_policy" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "key_id" { @@ -38,7 +38,7 @@ pipeline "put_kms_key_policy" { "--policy", param.policy ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "kms_key_policy" { diff --git a/pipelines/lambda/create_lambda_function.fp b/pipelines/lambda/create_lambda_function.fp index 189009a..7723992 100644 --- a/pipelines/lambda/create_lambda_function.fp +++ b/pipelines/lambda/create_lambda_function.fp @@ -7,10 +7,10 @@ pipeline "create_lambda_function" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "function_name" { @@ -45,7 +45,7 @@ pipeline "create_lambda_function" { param.publish ? ["--publish"] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "function" { diff --git a/pipelines/lambda/delete_lambda_function.fp b/pipelines/lambda/delete_lambda_function.fp index f8f5013..2761f2e 100644 --- a/pipelines/lambda/delete_lambda_function.fp +++ b/pipelines/lambda/delete_lambda_function.fp @@ -7,10 +7,10 @@ pipeline "delete_lambda_function" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "function_name" { @@ -26,6 +26,6 @@ pipeline "delete_lambda_function" { ["--function-name", param.function_name], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/lambda/get_lambda_function.fp b/pipelines/lambda/get_lambda_function.fp index d67bc7f..dfebcb2 100644 --- a/pipelines/lambda/get_lambda_function.fp +++ b/pipelines/lambda/get_lambda_function.fp @@ -7,10 +7,10 @@ pipeline "get_lambda_function" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "function_name" { @@ -26,7 +26,7 @@ pipeline "get_lambda_function" { ["--function-name", param.function_name], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "function" { diff --git a/pipelines/lambda/tests/test_get_lambda_function.fp b/pipelines/lambda/tests/test_get_lambda_function.fp index 312bb14..0513670 100644 --- a/pipelines/lambda/tests/test_get_lambda_function.fp +++ b/pipelines/lambda/tests/test_get_lambda_function.fp @@ -3,13 +3,13 @@ pipeline "test_get_lambda_function" { description = "Tests the creation, retrieval, and deletion of a Lambda function" tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -47,7 +47,7 @@ EOT step "pipeline" "create_iam_role" { pipeline = pipeline.create_iam_role args = { - cred = param.cred + conn = param.conn assume_role_policy_document = param.assume_role_policy_document role_name = param.role_name } @@ -58,7 +58,7 @@ EOT if = !is_error(step.pipeline.create_iam_role) pipeline = pipeline.create_lambda_function args = { - cred = param.cred + conn = param.conn region = param.region function_name = param.function_name role = step.pipeline.create_iam_role.output.role.Arn @@ -70,7 +70,7 @@ EOT if = !is_error(step.pipeline.create_lambda_function) pipeline = pipeline.get_lambda_function args = { - cred = param.cred + conn = param.conn region = param.region function_name = param.function_name } @@ -81,7 +81,7 @@ EOT if = !is_error(step.pipeline.create_lambda_function) pipeline = pipeline.delete_lambda_function args = { - cred = param.cred + conn = param.conn region = param.region function_name = param.function_name } @@ -92,7 +92,7 @@ EOT depends_on = [step.pipeline.delete_lambda_function] pipeline = pipeline.delete_iam_role args = { - cred = param.cred + conn = param.conn region = param.region role_name = param.role_name } diff --git a/pipelines/neptune/modify_neptune_db_cluster.fp b/pipelines/neptune/modify_neptune_db_cluster.fp index c95cf76..a95a4ab 100644 --- a/pipelines/neptune/modify_neptune_db_cluster.fp +++ b/pipelines/neptune/modify_neptune_db_cluster.fp @@ -7,10 +7,10 @@ pipeline "modify_neptune_db_cluster" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "db_cluster_identifier" { @@ -33,7 +33,7 @@ pipeline "modify_neptune_db_cluster" { try(length(param.enable_cloudwatch_log_types), 0) > 0 ? ["--cloudwatch-logs-export-configuration",format("EnableLogTypes=%s", join(",", param.enable_cloudwatch_log_types))] : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "db_cluster_modification" { diff --git a/pipelines/rds/delete_rds_db_instance.fp b/pipelines/rds/delete_rds_db_instance.fp index 19fce98..ea7cfd5 100644 --- a/pipelines/rds/delete_rds_db_instance.fp +++ b/pipelines/rds/delete_rds_db_instance.fp @@ -7,10 +7,10 @@ pipeline "delete_rds_db_instance" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "db_instance_identifier" { @@ -26,7 +26,7 @@ pipeline "delete_rds_db_instance" { "--db-instance-identifier", param.db_instance_identifier, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "db_instance" { diff --git a/pipelines/rds/modify_rds_db_cluster.fp b/pipelines/rds/modify_rds_db_cluster.fp index 4dd773a..e36be5f 100644 --- a/pipelines/rds/modify_rds_db_cluster.fp +++ b/pipelines/rds/modify_rds_db_cluster.fp @@ -7,10 +7,10 @@ pipeline "modify_rds_db_cluster" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "db_cluster_identifier" { @@ -119,7 +119,7 @@ pipeline "modify_rds_db_cluster" { "EnableLogTypes": ["postgresql"] })] : []) : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "db_cluster" { diff --git a/pipelines/rds/modify_rds_db_instance.fp b/pipelines/rds/modify_rds_db_instance.fp index 9d0f972..7974440 100644 --- a/pipelines/rds/modify_rds_db_instance.fp +++ b/pipelines/rds/modify_rds_db_instance.fp @@ -7,10 +7,10 @@ pipeline "modify_rds_db_instance" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "db_instance_identifier" { @@ -95,7 +95,7 @@ pipeline "modify_rds_db_instance" { param.multi_az != null ? param.multi_az ? ["--multi-az"] : ["--no-multi-az"] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "db_instance" { diff --git a/pipelines/route53/delete_route53_health_check.fp b/pipelines/route53/delete_route53_health_check.fp index fbfeec8..d567647 100644 --- a/pipelines/route53/delete_route53_health_check.fp +++ b/pipelines/route53/delete_route53_health_check.fp @@ -7,10 +7,10 @@ pipeline "delete_route53_health_check" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "health_check_id" { @@ -26,6 +26,6 @@ pipeline "delete_route53_health_check" { "--health-check-id", param.health_check_id ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } \ No newline at end of file diff --git a/pipelines/route53/update_route53_record.fp b/pipelines/route53/update_route53_record.fp index 4ce4b4b..2260a81 100644 --- a/pipelines/route53/update_route53_record.fp +++ b/pipelines/route53/update_route53_record.fp @@ -7,10 +7,10 @@ pipeline "update_route53_record" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "hosted_zone_id" { @@ -60,7 +60,7 @@ pipeline "update_route53_record" { })] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "change_info" { diff --git a/pipelines/s3/create_s3_bucket.fp b/pipelines/s3/create_s3_bucket.fp index b95956e..a41485b 100644 --- a/pipelines/s3/create_s3_bucket.fp +++ b/pipelines/s3/create_s3_bucket.fp @@ -2,10 +2,10 @@ pipeline "create_s3_bucket" { title = "Create S3 Bucket" description = "Creates a new Amazon S3 bucket." - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -35,6 +35,6 @@ pipeline "create_s3_bucket" { param.region != "us-east-1" ? ["--create-bucket-configuration LocationConstraint=", param.region] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/delete_s3_bucket.fp b/pipelines/s3/delete_s3_bucket.fp index 0548510..b731e11 100644 --- a/pipelines/s3/delete_s3_bucket.fp +++ b/pipelines/s3/delete_s3_bucket.fp @@ -7,10 +7,10 @@ pipeline "delete_s3_bucket" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -27,6 +27,6 @@ pipeline "delete_s3_bucket" { "--bucket", param.bucket ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/delete_s3_bucket_all_objects.fp b/pipelines/s3/delete_s3_bucket_all_objects.fp new file mode 100644 index 0000000..d472316 --- /dev/null +++ b/pipelines/s3/delete_s3_bucket_all_objects.fp @@ -0,0 +1,32 @@ +pipeline "delete_s3_bucket_all_objects" { + title = "Delete S3 Bucket all Objects" + description = "Deletes all the objects of the specified S3 bucket." + + param "region" { + type = string + description = local.region_param_description + } + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "bucket" { + type = string + description = "The name of the S3 bucket to delete objects." + } + + step "container" "delete_s3_bucket_all_objects" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = [ + "s3", + "rm", + "s3://${param.bucket}" + ] + + env = merge(param.conn.env, { AWS_REGION = param.region }) + } +} diff --git a/pipelines/s3/get_s3_bucket_versioning.fp b/pipelines/s3/get_s3_bucket_versioning.fp index 9429fc1..60d17ed 100644 --- a/pipelines/s3/get_s3_bucket_versioning.fp +++ b/pipelines/s3/get_s3_bucket_versioning.fp @@ -7,10 +7,10 @@ pipeline "get_s3_bucket_versioning" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -23,7 +23,7 @@ pipeline "get_s3_bucket_versioning" { cmd = ["s3api", "get-bucket-versioning", "--bucket", param.bucket] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "status" { diff --git a/pipelines/s3/get_s3_object.fp b/pipelines/s3/get_s3_object.fp index f67e144..3c1d911 100644 --- a/pipelines/s3/get_s3_object.fp +++ b/pipelines/s3/get_s3_object.fp @@ -1,41 +1,38 @@ pipeline "get_s3_object" { - title = "Get object from S3 bucket" - description = "Gets an object from an S3 buckets owned by the authenticated sender of the request." + title = "Get S3 Object" + description = "Retrieves an object from Amazon S3." param "region" { type = string description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { type = string description = "Bucket name." - default = "" } param "key" { type = string description = "Key to object." - default = "" } param "destination" { type = string description = "Key to object." - default = "" } step "container" "get_s3_object" { image = "public.ecr.aws/aws-cli/aws-cli" cmd = ["s3api", "get-object", "--bucket", param.bucket, "--key", param.key, param.destination] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "object" { diff --git a/pipelines/s3/get_s3_object_content.fp b/pipelines/s3/get_s3_object_content.fp index 3d1f3d4..96f16b2 100644 --- a/pipelines/s3/get_s3_object_content.fp +++ b/pipelines/s3/get_s3_object_content.fp @@ -7,10 +7,10 @@ pipeline "get_s3_object_content" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -27,7 +27,7 @@ pipeline "get_s3_object_content" { image = "public.ecr.aws/aws-cli/aws-cli" cmd = ["s3", "cp", "s3://${param.bucket}/${param.path_to_file}", "-"] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "content" { diff --git a/pipelines/s3/get_s3_public_access_block.fp b/pipelines/s3/get_s3_public_access_block.fp index a9150b2..af018f4 100644 --- a/pipelines/s3/get_s3_public_access_block.fp +++ b/pipelines/s3/get_s3_public_access_block.fp @@ -7,10 +7,10 @@ pipeline "get_s3_public_access_block" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket_name" { @@ -22,7 +22,7 @@ pipeline "get_s3_public_access_block" { image = "public.ecr.aws/aws-cli/aws-cli" cmd = ["s3api", "get-public-access-block", "--bucket", param.bucket_name] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "public_access_block_configuration" { diff --git a/pipelines/s3/list_s3_buckets.fp b/pipelines/s3/list_s3_buckets.fp index 52993b7..7a12f6d 100644 --- a/pipelines/s3/list_s3_buckets.fp +++ b/pipelines/s3/list_s3_buckets.fp @@ -7,16 +7,16 @@ pipeline "list_s3_buckets" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } step "container" "list_s3_buckets" { image = "public.ecr.aws/aws-cli/aws-cli" cmd = ["s3api", "list-buckets"] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "buckets" { diff --git a/pipelines/s3/put_s3_bucket_encryption.fp b/pipelines/s3/put_s3_bucket_encryption.fp index 61dcc56..69978d1 100644 --- a/pipelines/s3/put_s3_bucket_encryption.fp +++ b/pipelines/s3/put_s3_bucket_encryption.fp @@ -7,10 +7,10 @@ pipeline "put_s3_bucket_encryption" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -59,6 +59,6 @@ pipeline "put_s3_bucket_encryption" { ["--server-side-encryption-configuration", jsonencode(step.function.build_encryption_config.response)], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/put_s3_bucket_lifecycle_configuration.fp b/pipelines/s3/put_s3_bucket_lifecycle_configuration.fp new file mode 100644 index 0000000..1602758 --- /dev/null +++ b/pipelines/s3/put_s3_bucket_lifecycle_configuration.fp @@ -0,0 +1,37 @@ +pipeline "put_s3_bucket_lifecycle_configuration" { + title = "Put S3 Bucket Lifecycle Configuration" + description = "Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle configuration." + + param "region" { + type = string + description = local.region_param_description + } + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "bucket_name" { + type = string + description = "The name of the S3 bucket." + } + + param "lifecycle_configuration" { + type = string + description = "Container for lifecycle rules. You can add as many as 1,000 rules." + } + + step "container" "put_s3_bucket_lifecycle_configuration" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = concat( + ["s3api", "put-bucket-lifecycle-configuration"], + ["--bucket", param.bucket_name], + ["--lifecycle-configuration", param.lifecycle_configuration] + ) + + env = merge(param.conn.env, { AWS_REGION = param.region }) + } +} diff --git a/pipelines/s3/put_s3_bucket_lifecycle_policy.fp b/pipelines/s3/put_s3_bucket_lifecycle_policy.fp deleted file mode 100644 index 89cd8db..0000000 --- a/pipelines/s3/put_s3_bucket_lifecycle_policy.fp +++ /dev/null @@ -1,37 +0,0 @@ -pipeline "put_s3_bucket_lifecycle_policy" { - title = "Put S3 Bucket Lifecycle policy" - description = "Put lifecycle rules to a specified S3 bucket." - - param "region" { - type = string - description = local.region_param_description - } - - param "cred" { - type = string - description = local.cred_param_description - default = "default" - } - - param "bucket_name" { - type = string - description = "The name of the S3 bucket." - } - - param "lifecycle_rules" { - type = string - description = "A JSON string of lifecycle rules for the S3 bucket." - } - - step "container" "put_s3_bucket_lifecycle_policy" { - image = "public.ecr.aws/aws-cli/aws-cli" - - cmd = concat( - ["s3api", "put-bucket-lifecycle"], - ["--bucket", param.bucket_name], - ["--lifecycle-configuration", param.lifecycle_rules] - ) - - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) - } -} \ No newline at end of file diff --git a/pipelines/s3/put_s3_bucket_logging.fp b/pipelines/s3/put_s3_bucket_logging.fp index cf05200..840654c 100644 --- a/pipelines/s3/put_s3_bucket_logging.fp +++ b/pipelines/s3/put_s3_bucket_logging.fp @@ -1,5 +1,5 @@ pipeline "put_s3_bucket_logging" { - title = "Put S3 Bucket logging" + title = "Put S3 Bucket Logging" description = "Creates or modifies the Bucket logging configuration for an Amazon S3 bucket." param "region" { @@ -7,10 +7,10 @@ pipeline "put_s3_bucket_logging" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -32,6 +32,6 @@ pipeline "put_s3_bucket_logging" { ["--bucket-logging-status", param.bucket_logging_status] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/put_s3_bucket_policy.fp b/pipelines/s3/put_s3_bucket_policy.fp index efd4127..96dd220 100644 --- a/pipelines/s3/put_s3_bucket_policy.fp +++ b/pipelines/s3/put_s3_bucket_policy.fp @@ -1,5 +1,5 @@ pipeline "put_s3_bucket_policy" { - title = "Put S3 Bucket policy" + title = "Put S3 Bucket Policy" description = "Creates or modifies the Bucket policy configuration for an Amazon S3 bucket." param "region" { @@ -7,10 +7,10 @@ pipeline "put_s3_bucket_policy" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -32,6 +32,6 @@ pipeline "put_s3_bucket_policy" { ["--policy", param.policy] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/put_s3_bucket_public_access_block.fp b/pipelines/s3/put_s3_bucket_public_access_block.fp index 6c969a8..789fdf8 100644 --- a/pipelines/s3/put_s3_bucket_public_access_block.fp +++ b/pipelines/s3/put_s3_bucket_public_access_block.fp @@ -7,10 +7,10 @@ pipeline "put_s3_bucket_public_access_block" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -55,6 +55,6 @@ pipeline "put_s3_bucket_public_access_block" { ))] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/put_s3_bucket_versioning.fp b/pipelines/s3/put_s3_bucket_versioning.fp index a6e05d5..8bdcb1e 100644 --- a/pipelines/s3/put_s3_bucket_versioning.fp +++ b/pipelines/s3/put_s3_bucket_versioning.fp @@ -3,7 +3,7 @@ pipeline "put_s3_bucket_versioning" { description = "Sets the versioning state of an existing bucket." tags = { - type = "featured" + recommended = "true" } param "region" { @@ -11,10 +11,10 @@ pipeline "put_s3_bucket_versioning" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -35,6 +35,6 @@ pipeline "put_s3_bucket_versioning" { param.versioning ? ["Status=Enabled"] : ["Status=Suspended"], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/s3/tests/test_create_s3_bucket.fp b/pipelines/s3/tests/test_create_s3_bucket.fp index 123089f..4aab71b 100644 --- a/pipelines/s3/tests/test_create_s3_bucket.fp +++ b/pipelines/s3/tests/test_create_s3_bucket.fp @@ -3,13 +3,13 @@ pipeline "test_create_s3_bucket" { description = "Test the create_s3_bucket pipeline." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -27,7 +27,7 @@ pipeline "test_create_s3_bucket" { output "base_args" { value = { bucket = param.bucket - cred = param.cred + conn = param.conn region = param.region } } @@ -44,7 +44,7 @@ pipeline "test_create_s3_bucket" { pipeline = pipeline.list_s3_buckets args = { - cred = param.cred + conn = param.conn region = param.region } diff --git a/pipelines/s3/tests/test_put_s3_bucket_versioning.fp b/pipelines/s3/tests/test_put_s3_bucket_versioning.fp index 5f8bc00..822e22a 100644 --- a/pipelines/s3/tests/test_put_s3_bucket_versioning.fp +++ b/pipelines/s3/tests/test_put_s3_bucket_versioning.fp @@ -3,13 +3,13 @@ pipeline "test_put_s3_bucket_versioning" { description = "Test the put_s3_bucket_versioning pipeline." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -26,7 +26,7 @@ pipeline "test_put_s3_bucket_versioning" { step "transform" "base_args" { output "base_args" { value = { - cred = param.cred + conn = param.conn region = param.region bucket = param.bucket } @@ -79,7 +79,7 @@ pipeline "test_put_s3_bucket_versioning_enable_disable" { description = "Test enabling and disabling S3 bucket versioning." tags = { - type = "test" + folder = "Tests" } param "region" { @@ -87,10 +87,10 @@ pipeline "test_put_s3_bucket_versioning_enable_disable" { description = "The name of the Region." } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "bucket" { @@ -102,7 +102,7 @@ pipeline "test_put_s3_bucket_versioning_enable_disable" { step "transform" "base_args" { output "base_args" { value = { - cred = param.cred + conn = param.conn region = param.region bucket = param.bucket } diff --git a/pipelines/secretsmanager/delete_secretsmanager_secret.fp b/pipelines/secretsmanager/delete_secretsmanager_secret.fp index 38a0cdc..320859d 100644 --- a/pipelines/secretsmanager/delete_secretsmanager_secret.fp +++ b/pipelines/secretsmanager/delete_secretsmanager_secret.fp @@ -7,10 +7,10 @@ pipeline "delete_secretsmanager_secret" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "secret_id" { @@ -27,7 +27,7 @@ pipeline "delete_secretsmanager_secret" { "--force-delete-without-recovery" ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "secretsmanager_secret" { diff --git a/pipelines/securityhub/enable_security_hub.fp b/pipelines/securityhub/enable_security_hub.fp index 40ff380..530f70d 100644 --- a/pipelines/securityhub/enable_security_hub.fp +++ b/pipelines/securityhub/enable_security_hub.fp @@ -7,10 +7,10 @@ pipeline "enable_security_hub" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "enable_default_standards" { @@ -24,7 +24,7 @@ pipeline "enable_security_hub" { ["securityhub", "enable-security-hub"], param.enable_default_standards ? ["--enable-default-standards"] : ["--no-enable-default-standards"] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "security_hub_status" { diff --git a/pipelines/sns/create_sns_topic.fp b/pipelines/sns/create_sns_topic.fp index b5c8866..620580f 100644 --- a/pipelines/sns/create_sns_topic.fp +++ b/pipelines/sns/create_sns_topic.fp @@ -7,10 +7,10 @@ pipeline "create_sns_topic" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "name" { @@ -26,7 +26,7 @@ pipeline "create_sns_topic" { ["--name", param.name], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "topic_arn" { diff --git a/pipelines/sns/delete_sns_topic.fp b/pipelines/sns/delete_sns_topic.fp index 9412f74..880b135 100644 --- a/pipelines/sns/delete_sns_topic.fp +++ b/pipelines/sns/delete_sns_topic.fp @@ -7,10 +7,10 @@ pipeline "delete_sns_topic" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "topic_arn" { @@ -26,6 +26,6 @@ pipeline "delete_sns_topic" { ["--topic-arn", param.topic_arn], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/sns/get_sns_topic_attributes.fp b/pipelines/sns/get_sns_topic_attributes.fp index 4394341..46256e8 100644 --- a/pipelines/sns/get_sns_topic_attributes.fp +++ b/pipelines/sns/get_sns_topic_attributes.fp @@ -7,10 +7,10 @@ pipeline "get_sns_topic_attributes" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "topic_arn" { @@ -26,7 +26,7 @@ pipeline "get_sns_topic_attributes" { ["--topic-arn", param.topic_arn], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "attributes" { diff --git a/pipelines/sns/set_sns_topic_attributes.fp b/pipelines/sns/set_sns_topic_attributes.fp index 6e04e5a..6d76aa7 100644 --- a/pipelines/sns/set_sns_topic_attributes.fp +++ b/pipelines/sns/set_sns_topic_attributes.fp @@ -7,10 +7,10 @@ pipeline "set_sns_topic_attributes" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "topic_arn" { @@ -38,6 +38,6 @@ pipeline "set_sns_topic_attributes" { ["--attribute-value", param.attribute_value], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/sns/subscribe_to_sns_topic.fp b/pipelines/sns/subscribe_to_sns_topic.fp index 2787b75..4899c8c 100644 --- a/pipelines/sns/subscribe_to_sns_topic.fp +++ b/pipelines/sns/subscribe_to_sns_topic.fp @@ -7,10 +7,10 @@ pipeline "subscribe_to_sns_topic" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "sns_topic_arn" { @@ -38,7 +38,7 @@ pipeline "subscribe_to_sns_topic" { "--notification-endpoint", param.endpoint, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "subscription_arn" { diff --git a/pipelines/sns/tests/test_create_sns_topic.fp b/pipelines/sns/tests/test_create_sns_topic.fp index 6cdce13..a042ab1 100644 --- a/pipelines/sns/tests/test_create_sns_topic.fp +++ b/pipelines/sns/tests/test_create_sns_topic.fp @@ -3,13 +3,13 @@ pipeline "test_create_sns_topic" { description = "Test the create_sns_topic pipeline." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -38,7 +38,7 @@ pipeline "test_create_sns_topic" { step "pipeline" "create_sns_topic" { pipeline = pipeline.create_sns_topic args = { - cred = param.cred + conn = param.conn region = param.region name = param.topic_name } @@ -49,7 +49,7 @@ pipeline "test_create_sns_topic" { depends_on = [step.pipeline.create_sns_topic] pipeline = pipeline.set_sns_topic_attributes args = { - cred = param.cred + conn = param.conn region = param.region topic_arn = step.pipeline.create_sns_topic.output.topic_arn attribute_name = param.attribute_name @@ -62,7 +62,7 @@ pipeline "test_create_sns_topic" { depends_on = [step.pipeline.set_sns_topic_attributes] pipeline = pipeline.get_sns_topic_attributes args = { - cred = param.cred + conn = param.conn region = param.region topic_arn = step.pipeline.create_sns_topic.output.topic_arn } @@ -74,7 +74,7 @@ pipeline "test_create_sns_topic" { pipeline = pipeline.delete_sns_topic args = { - cred = param.cred + conn = param.conn region = param.region topic_arn = step.pipeline.create_sns_topic.output.topic_arn } diff --git a/pipelines/sqs/create_sqs_queue.fp b/pipelines/sqs/create_sqs_queue.fp index 86087bb..732f059 100644 --- a/pipelines/sqs/create_sqs_queue.fp +++ b/pipelines/sqs/create_sqs_queue.fp @@ -7,10 +7,10 @@ pipeline "create_sqs_queue" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "queue_name" { @@ -26,7 +26,7 @@ pipeline "create_sqs_queue" { ["--queue-name", param.queue_name], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "queue_url" { diff --git a/pipelines/sqs/delete_sqs_queue.fp b/pipelines/sqs/delete_sqs_queue.fp index 0148ca8..ca64ba9 100644 --- a/pipelines/sqs/delete_sqs_queue.fp +++ b/pipelines/sqs/delete_sqs_queue.fp @@ -7,10 +7,10 @@ pipeline "delete_sqs_queue" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "queue_url" { @@ -26,6 +26,6 @@ pipeline "delete_sqs_queue" { ["--queue-url", param.queue_url], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/sqs/get_sqs_queue_attributes.fp b/pipelines/sqs/get_sqs_queue_attributes.fp index be1a3b4..baec541 100644 --- a/pipelines/sqs/get_sqs_queue_attributes.fp +++ b/pipelines/sqs/get_sqs_queue_attributes.fp @@ -7,10 +7,10 @@ pipeline "get_sqs_queue_attributes" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "queue_url" { @@ -27,7 +27,7 @@ pipeline "get_sqs_queue_attributes" { ["--queue-url", param.queue_url], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "attributes" { diff --git a/pipelines/sqs/set_sqs_queue_attributes.fp b/pipelines/sqs/set_sqs_queue_attributes.fp index 51b1b02..7e1776b 100644 --- a/pipelines/sqs/set_sqs_queue_attributes.fp +++ b/pipelines/sqs/set_sqs_queue_attributes.fp @@ -7,10 +7,10 @@ pipeline "set_sqs_queue_attributes" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "queue_url" { @@ -32,6 +32,6 @@ pipeline "set_sqs_queue_attributes" { ["--attributes", param.attributes], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/sqs/tests/test_create_sqs_queue.fp b/pipelines/sqs/tests/test_create_sqs_queue.fp index 3500996..5880239 100644 --- a/pipelines/sqs/tests/test_create_sqs_queue.fp +++ b/pipelines/sqs/tests/test_create_sqs_queue.fp @@ -3,13 +3,13 @@ pipeline "test_create_sqs_queue" { description = "Test the create_sqs_queue pipeline." tags = { - type = "test" + folder = "Tests" } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "region" { @@ -34,7 +34,7 @@ pipeline "test_create_sqs_queue" { step "pipeline" "create_sqs_queue" { pipeline = pipeline.create_sqs_queue args = { - cred = param.cred + conn = param.conn region = param.region queue_name = param.queue_name } @@ -45,7 +45,7 @@ pipeline "test_create_sqs_queue" { depends_on = [step.pipeline.create_sqs_queue] pipeline = pipeline.set_sqs_queue_attributes args = { - cred = param.cred + conn = param.conn region = param.region queue_url = step.pipeline.create_sqs_queue.output.queue_url attributes = param.attributes @@ -57,7 +57,7 @@ pipeline "test_create_sqs_queue" { depends_on = [step.pipeline.set_sqs_queue_attributes] pipeline = pipeline.get_sqs_queue_attributes args = { - cred = param.cred + conn = param.conn region = param.region queue_url = step.pipeline.create_sqs_queue.output.queue_url } diff --git a/pipelines/tagging/tag_resources.fp b/pipelines/tagging/tag_resources.fp index 19859b9..e7dc281 100644 --- a/pipelines/tagging/tag_resources.fp +++ b/pipelines/tagging/tag_resources.fp @@ -3,7 +3,7 @@ pipeline "tag_resources" { description = "Applies one or more tags to the specified resources." tags = { - type = "featured" + recommended = "true" } param "region" { @@ -11,10 +11,10 @@ pipeline "tag_resources" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "resource_arns" { @@ -37,7 +37,7 @@ pipeline "tag_resources" { [join(",", [for key, value in param.tags : "${key}=${value}"])] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "failed_resources" { diff --git a/pipelines/tagging/untag_resources.fp b/pipelines/tagging/untag_resources.fp index f5dd963..1666cee 100644 --- a/pipelines/tagging/untag_resources.fp +++ b/pipelines/tagging/untag_resources.fp @@ -7,10 +7,10 @@ pipeline "untag_resources" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "resource_arns" { @@ -33,7 +33,7 @@ pipeline "untag_resources" { param.tag_keys ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "failed_resources" { diff --git a/pipelines/vpc/create_vpc.fp b/pipelines/vpc/create_vpc.fp index 358fbe6..48b2307 100644 --- a/pipelines/vpc/create_vpc.fp +++ b/pipelines/vpc/create_vpc.fp @@ -7,10 +7,10 @@ pipeline "create_vpc" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "cidr_block" { @@ -26,7 +26,7 @@ pipeline "create_vpc" { "--cidr-block", param.cidr_block ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "vpc" { diff --git a/pipelines/vpc/create_vpc_flow_logs.fp b/pipelines/vpc/create_vpc_flow_logs.fp index 2fc5581..96af051 100644 --- a/pipelines/vpc/create_vpc_flow_logs.fp +++ b/pipelines/vpc/create_vpc_flow_logs.fp @@ -7,10 +7,10 @@ pipeline "create_vpc_flow_logs" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "vpc_id" { @@ -47,7 +47,7 @@ pipeline "create_vpc_flow_logs" { "--deliver-logs-permission-arn", param.iam_role_arn ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "flow_log_creation" { diff --git a/pipelines/vpc/create_vpc_security_group.fp b/pipelines/vpc/create_vpc_security_group.fp index 8e26fd3..cd66327 100644 --- a/pipelines/vpc/create_vpc_security_group.fp +++ b/pipelines/vpc/create_vpc_security_group.fp @@ -3,7 +3,7 @@ pipeline "create_vpc_security_group" { description = "Creates a security group." tags = { - type = "featured" + recommended = "true" } param "region" { @@ -11,10 +11,10 @@ pipeline "create_vpc_security_group" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "group_name" { @@ -43,7 +43,7 @@ pipeline "create_vpc_security_group" { param.vpc_id ? ["--vpc-id", param.vpc_id] : [], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "group_id" { diff --git a/pipelines/vpc/create_vpc_subnet.fp b/pipelines/vpc/create_vpc_subnet.fp index 90dc510..964875a 100644 --- a/pipelines/vpc/create_vpc_subnet.fp +++ b/pipelines/vpc/create_vpc_subnet.fp @@ -7,10 +7,10 @@ pipeline "create_vpc_subnet" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "vpc_id" { @@ -32,7 +32,7 @@ pipeline "create_vpc_subnet" { "--cidr-block", param.cidr_block ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "subnet" { diff --git a/pipelines/vpc/delete_nat_gateway.fp b/pipelines/vpc/delete_nat_gateway.fp index 3816d36..c7661a2 100644 --- a/pipelines/vpc/delete_nat_gateway.fp +++ b/pipelines/vpc/delete_nat_gateway.fp @@ -7,10 +7,10 @@ pipeline "delete_nat_gateway" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "nat_gateway_id" { @@ -26,6 +26,6 @@ pipeline "delete_nat_gateway" { "--nat-gateway-id", param.nat_gateway_id, ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/vpc/delete_network_acl_entry.fp b/pipelines/vpc/delete_network_acl_entry.fp index c354a6e..e5c5164 100644 --- a/pipelines/vpc/delete_network_acl_entry.fp +++ b/pipelines/vpc/delete_network_acl_entry.fp @@ -7,10 +7,10 @@ pipeline "delete_network_acl_entry" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "network_acl_id" { @@ -26,7 +26,7 @@ pipeline "delete_network_acl_entry" { param "is_egress" { type = bool description = "Set to true to delete an egress rule, or false for an ingress rule." - default = true + default = false } step "container" "remove_acl_entry" { @@ -37,10 +37,10 @@ pipeline "delete_network_acl_entry" { "--network-acl-id", param.network_acl_id, "--rule-number", format("%d", param.rule_number) ], - param.is_egress != null ? ["--egress"] : ["--ingress"] + param.is_egress ? ["--egress"] : ["--ingress"] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "acl_entry_removal" { diff --git a/pipelines/vpc/describe_vpc_subnets.fp b/pipelines/vpc/describe_vpc_subnets.fp index b8825b0..21ee3c1 100644 --- a/pipelines/vpc/describe_vpc_subnets.fp +++ b/pipelines/vpc/describe_vpc_subnets.fp @@ -7,10 +7,10 @@ pipeline "describe_vpc_subnets" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "subnet_ids" { @@ -34,7 +34,7 @@ pipeline "describe_vpc_subnets" { param.cidr_block != null ? ["--filters", "Name=cidrBlock,Values=${param.cidr_block}"] : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "subnets" { diff --git a/pipelines/vpc/describe_vpcs.fp b/pipelines/vpc/describe_vpcs.fp index 815caac..a11c9b6 100644 --- a/pipelines/vpc/describe_vpcs.fp +++ b/pipelines/vpc/describe_vpcs.fp @@ -7,10 +7,10 @@ pipeline "describe_vpcs" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "vpc_ids" { @@ -27,7 +27,7 @@ pipeline "describe_vpcs" { try(length(param.vpc_ids), 0) > 0 ? concat(["--vpc-ids"], param.vpc_ids) : [] ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } output "vpcs" { diff --git a/pipelines/vpc/release_eip.fp b/pipelines/vpc/release_eip.fp index 92ba8d6..14088f0 100644 --- a/pipelines/vpc/release_eip.fp +++ b/pipelines/vpc/release_eip.fp @@ -7,10 +7,10 @@ pipeline "release_eip" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "allocation_id" { @@ -28,6 +28,6 @@ pipeline "release_eip" { ], ) - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) } } diff --git a/pipelines/vpc/revoke_security_group_ingress_rule.fp b/pipelines/vpc/revoke_security_group_ingress_rule.fp index a34c0a5..6370f72 100644 --- a/pipelines/vpc/revoke_security_group_ingress_rule.fp +++ b/pipelines/vpc/revoke_security_group_ingress_rule.fp @@ -7,10 +7,10 @@ pipeline "revoke_vpc_security_group_ingress" { description = local.region_param_description } - param "cred" { - type = string - description = local.cred_param_description - default = "default" + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default } param "security_group_id" { @@ -32,6 +32,11 @@ pipeline "revoke_vpc_security_group_ingress" { "--security-group-rule-ids", param.security_group_rule_id ] - env = merge(credential.aws[param.cred].env, { AWS_REGION = param.region }) + env = merge(param.conn.env, { AWS_REGION = param.region }) + } + + output "delete_security_group_rule" { + description = "Confirmation of security group removal" + value = jsondecode(step.container.delete_security_group_rule.stdout) } } diff --git a/pipelines/vpc/revoke_vpc_security_group_egress.fp b/pipelines/vpc/revoke_vpc_security_group_egress.fp new file mode 100644 index 0000000..02aec6a --- /dev/null +++ b/pipelines/vpc/revoke_vpc_security_group_egress.fp @@ -0,0 +1,42 @@ +pipeline "revoke_vpc_security_group_egress" { + title = "Revoke VPC Security Group Egress" + description = "Removes the specified outbound (egress) rules from a security group." + + param "region" { + type = string + description = local.region_param_description + } + + param "conn" { + type = connection.aws + description = local.conn_param_description + default = connection.aws.default + } + + param "security_group_id" { + type = string + description = "The ID of the security group." + } + + param "security_group_rule_id" { + type = string + description = "The ID of the security group rule." + } + + step "container" "revoke_security_group_rule" { + image = "public.ecr.aws/aws-cli/aws-cli" + + cmd = [ + "ec2", "revoke-security-group-egress", + "--group-id", param.security_group_id, + "--security-group-rule-ids", param.security_group_rule_id + ] + + env = merge(param.conn.env, { AWS_REGION = param.region }) + } + + output "revoke_security_group_rule" { + description = "Confirmation of security group removal" + value = jsondecode(step.container.revoke_security_group_rule.stdout) + } +}