From 77bcd9668ec779885416d03f01199860d3cacef7 Mon Sep 17 00:00:00 2001 From: Christopher Papke Date: Wed, 10 Jan 2024 15:22:21 -0800 Subject: [PATCH 01/32] cleanup security group loop --- modules/azurerm/sonar-base-instance/main.tf | 2 +- modules/azurerm/sonar-base-instance/sg.tf | 11 ++++------- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/modules/azurerm/sonar-base-instance/main.tf b/modules/azurerm/sonar-base-instance/main.tf index c49b42a99..7b1dffef2 100644 --- a/modules/azurerm/sonar-base-instance/main.tf +++ b/modules/azurerm/sonar-base-instance/main.tf @@ -13,7 +13,7 @@ locals { disk_data_iops = var.storage_details.disk_iops_read_write disk_data_cache = "ReadWrite" - security_group_id = length(var.security_group_ids) == 0 ? azurerm_network_security_group.dsf_base_sg.id : var.security_group_ids[0] + security_group_id = length(var.security_group_ids) == 0 ? azurerm_network_security_group.dsf_base_sg[0].id : var.security_group_ids[0] } resource "azurerm_public_ip" "vm_public_ip" { diff --git a/modules/azurerm/sonar-base-instance/sg.tf b/modules/azurerm/sonar-base-instance/sg.tf index f1634ea22..30623e21d 100644 --- a/modules/azurerm/sonar-base-instance/sg.tf +++ b/modules/azurerm/sonar-base-instance/sg.tf @@ -1,19 +1,16 @@ -locals { - # Skip sg creation if external sg list is given - _security_groups_config = length(var.security_group_ids) == 0 ? var.security_groups_config : [] -} - ############################################################################## ### Ingress security group ############################################################################## resource "azurerm_network_security_group" "dsf_base_sg" { + count = length(var.security_group_ids) == 0 ? 1 : 0 + name = var.name location = var.resource_group.location resource_group_name = var.resource_group.name dynamic "security_rule" { - for_each = { for idx, config in local._security_groups_config : idx => config if length(config.cidrs) > 0 && length(config.tcp) > 0 } + for_each = { for idx, config in var.security_group_ids : idx => config if length(config.cidrs) > 0 && length(config.tcp) > 0 } content { name = join("-", [var.name, "tcp", join("-", security_rule.value.name)]) priority = 100 + 2 * security_rule.key @@ -41,7 +38,7 @@ resource "azurerm_network_security_group" "dsf_base_sg" { } dynamic "security_rule" { - for_each = { for idx, config in local._security_groups_config : idx => config if length(config.cidrs) > 0 && length(config.udp) > 0 } + for_each = { for idx, config in var.security_group_ids : idx => config if length(config.cidrs) > 0 && length(config.udp) > 0 } content { name = join("-", [var.name, "udp", join("-", security_rule.value.name)]) priority = 100 + 2 * security_rule.key + 1 From 38b56272e59520ebfc68c9b69cc497b0ec73ce90 Mon Sep 17 00:00:00 2001 From: Christopher Papke Date: Wed, 10 Jan 2024 15:36:32 -0800 Subject: [PATCH 02/32] update names to accomidate a wider range of allowed server names --- modules/azurerm/sonar-base-instance/main.tf | 7 ++++--- modules/azurerm/sonar-base-instance/secret.tf | 17 +++++++++++++---- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/modules/azurerm/sonar-base-instance/main.tf b/modules/azurerm/sonar-base-instance/main.tf index c49b42a99..33ea712e2 100644 --- a/modules/azurerm/sonar-base-instance/main.tf +++ b/modules/azurerm/sonar-base-instance/main.tf @@ -89,15 +89,16 @@ resource "azurerm_linux_virtual_machine" "dsf_base_instance" { } resource "azurerm_user_assigned_identity" "dsf_base" { - name = var.name + # dots are somewhat common in server names, but aren't allowed in identities + name = replace(var.name, ".", "-") resource_group_name = var.resource_group.name location = var.resource_group.location } -data "azurerm_subscription" "subscription" { -} +data "azurerm_subscription" "subscription" {} resource "azurerm_role_assignment" "dsf_base_storage_role_assignment" { + count = var.binaries_location.az_resource_group != "" ? 1 : 0 scope = "${data.azurerm_subscription.subscription.id}/resourceGroups/${var.binaries_location.az_resource_group}/providers/Microsoft.Storage/storageAccounts/${var.binaries_location.az_storage_account}/blobServices/default/containers/${var.binaries_location.az_container}" role_definition_name = "Storage Blob Data Reader" principal_id = azurerm_user_assigned_identity.dsf_base.principal_id diff --git a/modules/azurerm/sonar-base-instance/secret.tf b/modules/azurerm/sonar-base-instance/secret.tf index 4b506f68d..fdbdd226f 100644 --- a/modules/azurerm/sonar-base-instance/secret.tf +++ b/modules/azurerm/sonar-base-instance/secret.tf @@ -34,7 +34,13 @@ locals { data "azurerm_client_config" "current" {} resource "azurerm_key_vault" "vault" { - name = trim(substr(var.name, -24, -1), "-") + # the vault name has quite a few restrictions: + # - alphanumeric only + # - 3 to 24 characters only + # - must start with a letter and end with a letter or number + # for these reason, and to keep it from loosing uniqueness between different names, + # we use a base64 hash of the server name to get the maximum entropy possible in 24 characters + name = format("a%s", substr(replace(replace(replace(base64sha256(var.name), "+", ""), "/", ""), "=", ""), 0, 23)) location = var.resource_group.location resource_group_name = var.resource_group.name enabled_for_deployment = true @@ -69,7 +75,8 @@ resource "azurerm_key_vault_access_policy" "vault_vm_access_policy" { } resource "azurerm_key_vault_secret" "sonarw_private_key_secret" { - name = join("-", [var.name, "sonarw", "private", "key"]) + # dots are somewhat common in server names, but aren't allowed in vault secrets + name = join("-", [replace(var.name, ".", "-"), "sonarw", "private", "key"]) value = chomp(local.main_node_sonarw_private_key) key_vault_id = azurerm_key_vault.vault.id content_type = "sonarw ssh private key" @@ -80,7 +87,8 @@ resource "azurerm_key_vault_secret" "sonarw_private_key_secret" { } resource "azurerm_key_vault_secret" "password_key_secret" { - name = join("-", [var.name, "password"]) + # dots are somewhat common in server names, but aren't allowed in vault secrets + name = join("-", [replace(var.name, ".", "-"), "password"]) value = chomp(var.password) key_vault_id = azurerm_key_vault.vault.id content_type = "password" @@ -92,7 +100,8 @@ resource "azurerm_key_vault_secret" "password_key_secret" { resource "azurerm_key_vault_secret" "access_tokens" { count = length(local.access_tokens) - name = join("-", [var.name, local.access_tokens[count.index].name, "access", "token"]) + # dots are somewhat common in server names, but aren't allowed in vault secrets + name = join("-", [replace(var.name, ".", "-"), local.access_tokens[count.index].name, "access", "token"]) value = random_uuid.access_tokens[count.index].result key_vault_id = azurerm_key_vault.vault.id content_type = "access token" From 8df43e0c66a8900e672bf24073faddb8b7f4bc15 Mon Sep 17 00:00:00 2001 From: Christopher Papke Date: Thu, 11 Jan 2024 08:41:21 -0800 Subject: [PATCH 03/32] use correct var --- modules/azurerm/sonar-base-instance/sg.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/azurerm/sonar-base-instance/sg.tf b/modules/azurerm/sonar-base-instance/sg.tf index 30623e21d..647ba1a2f 100644 --- a/modules/azurerm/sonar-base-instance/sg.tf +++ b/modules/azurerm/sonar-base-instance/sg.tf @@ -10,7 +10,7 @@ resource "azurerm_network_security_group" "dsf_base_sg" { resource_group_name = var.resource_group.name dynamic "security_rule" { - for_each = { for idx, config in var.security_group_ids : idx => config if length(config.cidrs) > 0 && length(config.tcp) > 0 } + for_each = { for idx, config in var.security_groups_config : idx => config if length(config.cidrs) > 0 && length(config.tcp) > 0 } content { name = join("-", [var.name, "tcp", join("-", security_rule.value.name)]) priority = 100 + 2 * security_rule.key @@ -38,7 +38,7 @@ resource "azurerm_network_security_group" "dsf_base_sg" { } dynamic "security_rule" { - for_each = { for idx, config in var.security_group_ids : idx => config if length(config.cidrs) > 0 && length(config.udp) > 0 } + for_each = { for idx, config in var.security_groups_config : idx => config if length(config.cidrs) > 0 && length(config.udp) > 0 } content { name = join("-", [var.name, "udp", join("-", security_rule.value.name)]) priority = 100 + 2 * security_rule.key + 1 From fdac3140fb34b72f6353674b45fb3bcba2fe4b37 Mon Sep 17 00:00:00 2001 From: Christopher Papke Date: Wed, 17 Jan 2024 07:41:03 -0800 Subject: [PATCH 04/32] add mapping for all released sonar versions --- modules/aws/core/globals/main.tf | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/modules/aws/core/globals/main.tf b/modules/aws/core/globals/main.tf index df1bcbc00..b05d0f978 100644 --- a/modules/aws/core/globals/main.tf +++ b/modules/aws/core/globals/main.tf @@ -1,15 +1,23 @@ locals { sonar_tarball_s3_key_map = { - "4.13" = "jsonar-4.13.0.10.0.tar.gz" + "4.14" = "jsonar-4.14.0.10.0.tar.gz" + "4.14.0.10" = "jsonar-4.14.0.10.0.tar.gz" + + "4.13" = "jsonar-4.13.0.20.0.tar.gz" + "4.13.0.20" = "jsonar-4.13.0.20.0.tar.gz" "4.13.0.10" = "jsonar-4.13.0.10.0.tar.gz" - "4.12" = "jsonar-4.12.0.10.0.tar.gz" + "4.12" = "jsonar-4.12.0.20.0.tar.gz" + "4.12.0.20" = "jsonar-4.12.0.20.0.tar.gz" "4.12.0.10" = "jsonar-4.12.0.10.0.tar.gz" - "4.11" = "jsonar-4.11.0.0.0.tar.gz" + "4.11" = "jsonar-4.11.0.2.0.tar.gz" + "4.11.0.2" = "jsonar-4.11.0.2.0.tar.gz" + "4.11.0.1" = "jsonar-4.11.0.1.0.tar.gz" "4.11.0.0" = "jsonar-4.11.0.0.0.tar.gz" - "4.10" = "jsonar-4.10.0.1.0.tar.gz" + "4.10" = "jsonar-4.10.0.2.0.tar.gz" + "4.10.0.2" = "jsonar-4.10.0.2.0.tar.gz" "4.10.0.1" = "jsonar-4.10.0.1.0.tar.gz" "4.10.0.0" = "jsonar-4.10.0.0.0.tar.gz" From fc3d456b5aa1fa34cbf3aca61e538195d6c1022a Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Wed, 17 Jan 2024 18:22:44 +0200 Subject: [PATCH 05/32] Fixed bug in core modules trigger filter in github action --- .github/workflows/sonar_poc_cli.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 328dc22fb..05828b803 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -28,7 +28,7 @@ on: - 'master' - 'dev' paths: - - 'modules/aws/core/*' + - 'modules/aws/core/**' - 'modules/aws/sonar-base-instance/*' - 'modules/aws/hub/*' - 'modules/aws/agentless-gw/*' @@ -48,7 +48,7 @@ on: - 'master' - 'dev' paths: - - 'modules/aws/core/*' + - 'modules/aws/core/**' - 'modules/aws/sonar-base-instance/*' - 'modules/aws/hub/*' - 'modules/aws/agentless-gw/*' From e9b6c5a21364a69e95dc7b35cd13efcf70fe1925 Mon Sep 17 00:00:00 2001 From: Idan Nof <79643072+idannof-imperva@users.noreply.github.com> Date: Sun, 21 Jan 2024 12:53:28 +0200 Subject: [PATCH 06/32] COUN-2477: DSFKit | DRA v4.14 adjustments (#353) * COUN-2477: DSFKit | DRA v4.14 adjustments - add official v4.14.0.10, make it default v4.14 - add official v4.13.0.20, make it default v4.13 - replace pre-release v4.13.0.10 with the official v4.13.0.10 --- README.md | 4 ++-- .../dsf_single_account_deployment/variables.tf | 2 +- examples/aws/poc/dsf_deployment/variables.tf | 2 +- modules/aws/core/globals/main.tf | 8 ++++++-- modules/aws/dra-admin/variables.tf | 4 ++-- modules/aws/dra-analytics/variables.tf | 4 ++-- 6 files changed, 14 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 919e9dea8..c1f2f0e65 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,7 @@ This guide references the following information and links, some of which are ava DAM v14.13 - DRA v4.13 + DRA v4.14 DSF Components Overview @@ -615,7 +615,7 @@ Restrictions on modules may apply - DRA4.13.0.104.11.0.10 and up + DRA4.14.0.104.11.0.10 and up diff --git a/examples/aws/installation/dsf_single_account_deployment/variables.tf b/examples/aws/installation/dsf_single_account_deployment/variables.tf index 57dc7a0ed..b163ebd09 100644 --- a/examples/aws/installation/dsf_single_account_deployment/variables.tf +++ b/examples/aws/installation/dsf_single_account_deployment/variables.tf @@ -577,7 +577,7 @@ variable "cluster_name" { variable "dra_version" { type = string - default = "4.13" + default = "4.14" description = "The DRA version to install. Supported versions are 4.11.0.10 and up. Both long and short version formats are supported, for example, 4.11.0.10 or 4.11. The short format maps to the latest patch." validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") diff --git a/examples/aws/poc/dsf_deployment/variables.tf b/examples/aws/poc/dsf_deployment/variables.tf index b07f2ef0b..b67b8e83d 100644 --- a/examples/aws/poc/dsf_deployment/variables.tf +++ b/examples/aws/poc/dsf_deployment/variables.tf @@ -301,7 +301,7 @@ variable "database_cidr" { variable "dra_version" { type = string - default = "4.13" + default = "4.14" description = "The DRA version to install. Supported versions are 4.11.0.10 and up. Both long and short version formats are supported, for example, 4.11.0.10 or 4.11. The short format maps to the latest patch." validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") diff --git a/modules/aws/core/globals/main.tf b/modules/aws/core/globals/main.tf index df1bcbc00..d7ac4ddcc 100644 --- a/modules/aws/core/globals/main.tf +++ b/modules/aws/core/globals/main.tf @@ -23,8 +23,12 @@ locals { locals { dra_version_map = { - "4.13" = "4.13.0.10.0.6" - "4.13.0.10" = "4.13.0.10.0.6" + "4.14" = "4.14.0.10.0.12" + "4.14.0.10" = "4.14.0.10.0.12" + + "4.13" = "4.13.0.20.0.3" + "4.13.0.20" = "4.13.0.20.0.3" + "4.13.0.10" = "4.13.0.10.0.7" "4.12" = "4.12.0.10.0.6" "4.12.0.10" = "4.12.0.10.0.6" diff --git a/modules/aws/dra-admin/variables.tf b/modules/aws/dra-admin/variables.tf index 03f3139eb..8fe66f979 100644 --- a/modules/aws/dra-admin/variables.tf +++ b/modules/aws/dra-admin/variables.tf @@ -27,8 +27,8 @@ variable "key_pair" { variable "dra_version" { type = string - default = "4.13" - description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Both long and short version formats are supported, for example, 4.11.0.10.0.7 or 4.11. The short format maps to the latest patch." + default = "4.14" + description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Full version format is supported, for example, 4.11.0.10.0.7." nullable = false validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") diff --git a/modules/aws/dra-analytics/variables.tf b/modules/aws/dra-analytics/variables.tf index d4e378f84..98862334d 100644 --- a/modules/aws/dra-analytics/variables.tf +++ b/modules/aws/dra-analytics/variables.tf @@ -82,8 +82,8 @@ variable "archiver_user" { variable "dra_version" { type = string - default = "4.13" - description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Both long and short version formats are supported, for example, 4.11.0.10.0.7 or 4.11. The short format maps to the latest patch." + default = "4.14" + description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Full version format is supported, for example, 4.11.0.10.0.7." nullable = false validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") From bda360bfa7b1fcaa5f98996b6cc83086c04b7fe0 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Sun, 21 Jan 2024 18:00:25 +0200 Subject: [PATCH 07/32] Revert "COUN-2477: DSFKit | DRA v4.14 adjustments (#353)" This reverts commit e9b6c5a21364a69e95dc7b35cd13efcf70fe1925. --- README.md | 4 ++-- .../dsf_single_account_deployment/variables.tf | 2 +- examples/aws/poc/dsf_deployment/variables.tf | 2 +- modules/aws/core/globals/main.tf | 8 ++------ modules/aws/dra-admin/variables.tf | 4 ++-- modules/aws/dra-analytics/variables.tf | 4 ++-- 6 files changed, 10 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index c1f2f0e65..919e9dea8 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,7 @@ This guide references the following information and links, some of which are ava DAM v14.13 - DRA v4.14 + DRA v4.13 DSF Components Overview @@ -615,7 +615,7 @@ Restrictions on modules may apply - DRA4.14.0.104.11.0.10 and up + DRA4.13.0.104.11.0.10 and up diff --git a/examples/aws/installation/dsf_single_account_deployment/variables.tf b/examples/aws/installation/dsf_single_account_deployment/variables.tf index b163ebd09..57dc7a0ed 100644 --- a/examples/aws/installation/dsf_single_account_deployment/variables.tf +++ b/examples/aws/installation/dsf_single_account_deployment/variables.tf @@ -577,7 +577,7 @@ variable "cluster_name" { variable "dra_version" { type = string - default = "4.14" + default = "4.13" description = "The DRA version to install. Supported versions are 4.11.0.10 and up. Both long and short version formats are supported, for example, 4.11.0.10 or 4.11. The short format maps to the latest patch." validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") diff --git a/examples/aws/poc/dsf_deployment/variables.tf b/examples/aws/poc/dsf_deployment/variables.tf index b67b8e83d..b07f2ef0b 100644 --- a/examples/aws/poc/dsf_deployment/variables.tf +++ b/examples/aws/poc/dsf_deployment/variables.tf @@ -301,7 +301,7 @@ variable "database_cidr" { variable "dra_version" { type = string - default = "4.14" + default = "4.13" description = "The DRA version to install. Supported versions are 4.11.0.10 and up. Both long and short version formats are supported, for example, 4.11.0.10 or 4.11. The short format maps to the latest patch." validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") diff --git a/modules/aws/core/globals/main.tf b/modules/aws/core/globals/main.tf index d7ac4ddcc..df1bcbc00 100644 --- a/modules/aws/core/globals/main.tf +++ b/modules/aws/core/globals/main.tf @@ -23,12 +23,8 @@ locals { locals { dra_version_map = { - "4.14" = "4.14.0.10.0.12" - "4.14.0.10" = "4.14.0.10.0.12" - - "4.13" = "4.13.0.20.0.3" - "4.13.0.20" = "4.13.0.20.0.3" - "4.13.0.10" = "4.13.0.10.0.7" + "4.13" = "4.13.0.10.0.6" + "4.13.0.10" = "4.13.0.10.0.6" "4.12" = "4.12.0.10.0.6" "4.12.0.10" = "4.12.0.10.0.6" diff --git a/modules/aws/dra-admin/variables.tf b/modules/aws/dra-admin/variables.tf index 8fe66f979..03f3139eb 100644 --- a/modules/aws/dra-admin/variables.tf +++ b/modules/aws/dra-admin/variables.tf @@ -27,8 +27,8 @@ variable "key_pair" { variable "dra_version" { type = string - default = "4.14" - description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Full version format is supported, for example, 4.11.0.10.0.7." + default = "4.13" + description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Both long and short version formats are supported, for example, 4.11.0.10.0.7 or 4.11. The short format maps to the latest patch." nullable = false validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") diff --git a/modules/aws/dra-analytics/variables.tf b/modules/aws/dra-analytics/variables.tf index 98862334d..d4e378f84 100644 --- a/modules/aws/dra-analytics/variables.tf +++ b/modules/aws/dra-analytics/variables.tf @@ -82,8 +82,8 @@ variable "archiver_user" { variable "dra_version" { type = string - default = "4.14" - description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Full version format is supported, for example, 4.11.0.10.0.7." + default = "4.13" + description = "The DRA version to install. Supported versions are 4.11.0.10.0.7 and up. Both long and short version formats are supported, for example, 4.11.0.10.0.7 or 4.11. The short format maps to the latest patch." nullable = false validation { condition = !startswith(var.dra_version, "4.10.") && !startswith(var.dra_version, "4.9.") && !startswith(var.dra_version, "4.8.") && !startswith(var.dra_version, "4.3.") && !startswith(var.dra_version, "4.2.") && !startswith(var.dra_version, "4.1.") From 22ab3adc39e5bf7838609742a28c84f9aa3d8ace Mon Sep 17 00:00:00 2001 From: Sivan Hajbi <117824107+sivan-hajbi-imperva@users.noreply.github.com> Date: Mon, 22 Jan 2024 09:43:38 +0200 Subject: [PATCH 08/32] update sed (#354) --- sed.expr | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sed.expr b/sed.expr index f831cf50c..89bc9ea89 100644 --- a/sed.expr +++ b/sed.expr @@ -18,4 +18,7 @@ s;imperva/dsf-dra-admin/aws;../../../../modules/aws/dra-admin; s;imperva/dsf-dra-analytics/aws;../../../../modules/aws/dra-analytics; s;imperva/dsf-agent-gw-cluster-setup/null;../../../../modules/null/agent-gw-cluster-setup; s;imperva/dsf-sonar-upgrader/aws;../../../modules/aws/sonar-upgrader; +s;imperva/dsf-mx/azurerm;../../../../modules/azurerm/mx; +s;imperva/dsf-agent-gw/azurerm;../../../../modules/azurerm/agent-gw; +s;imperva/dsf-db-with-agent/azurerm;../../../../modules/azurerm/db-with-agent; /latest release tag/c\ \ No newline at end of file From 52cf21738ee5f9509cc12bac92e8a1c736273793 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Mon, 22 Jan 2024 17:11:55 +0200 Subject: [PATCH 09/32] EDSF-534 Reconsider which actions trigger automatically in DSFKit --- .github/workflows/dsf_poc_cli.yml | 27 +++++++++++++++- .github/workflows/dsf_poc_cli_azure.yml | 19 +++++++++++ .github/workflows/dsf_single_account_cli.yml | 33 +++++++++++++++++++- .github/workflows/release.yml | 30 +++++++++--------- .github/workflows/sonar_poc_cli.yml | 24 ++------------ .github/workflows/sonar_upgrade_flow.yml | 2 -- 6 files changed, 95 insertions(+), 40 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index b593bea86..9f98bed7f 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -1,4 +1,4 @@ -name: 'DSF POC CLI' +name: 'DSF POC CLI - AWS' on: workflow_call: @@ -25,6 +25,31 @@ on: type: boolean required: false + push: + branches: + - 'dev' + paths: + - 'modules/aws/**' + - '!modules/aws/sonar-upgrader/*' + - '!modules/aws/statistics/*' + - 'modules/null/**' + - '!modules/null/statistics/*' + - 'examples/aws/poc/dsf_deployment/*' + + pull_request: + types: + - 'opened' + - 'reopened' + branches: + - 'dev' + paths: + - 'modules/aws/**' + - '!modules/aws/sonar-upgrader/*' + - '!modules/aws/statistics/*' + - 'modules/null/**' + - '!modules/null/statistics/*' + - 'examples/aws/poc/dsf_deployment/*' + env: TF_CLI_ARGS: "-no-color" TF_INPUT: 0 diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 8e4879806..0a82b0962 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -27,6 +27,25 @@ on: type: boolean required: false + push: + branches: + - 'dev' + paths: + - 'modules/azurerm/**' + - 'modules/null/**' + - 'examples/azure/poc/dsf_deployment/*' + + pull_request: + types: + - 'opened' + - 'reopened' + branches: + - 'dev' + paths: + - 'modules/azurerm/**' + - 'modules/null/**' + - 'examples/azure/poc/dsf_deployment/*' + env: TF_CLI_ARGS: "-no-color" TF_INPUT: 0 diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 899adf504..716709a7d 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -1,4 +1,4 @@ -name: 'DSF Single Account CLI' +name: 'DSF Single Account CLI - AWS' concurrency: group: dsf_single_account @@ -31,6 +31,37 @@ on: DAM_LICENSE: required: true + push: + branches: + - 'dev' + paths: + - 'modules/aws/**' + - '!modules/aws/db-with-agent/*' + - '!modules/aws/poc-db-onboarder/*' + - '!modules/aws/rds-mssql-db/*' + - '!modules/aws/rds-mysql-db/*' + - '!modules/aws/rds-postgres-db/*' + - '!modules/aws/sonar-upgrader/*' + - 'modules/null/**' + - 'examples/aws/poc/dsf_single_account_deployment/*' + + pull_request: + types: + - 'opened' + - 'reopened' + branches: + - 'dev' + paths: + - 'modules/aws/**' + - '!modules/aws/db-with-agent/*' + - '!modules/aws/poc-db-onboarder/*' + - '!modules/aws/rds-mssql-db/*' + - '!modules/aws/rds-mysql-db/*' + - '!modules/aws/rds-postgres-db/*' + - '!modules/aws/sonar-upgrader/*' + - 'modules/null/**' + - 'examples/aws/poc/dsf_single_account_deployment/*' + env: TF_CLI_ARGS: "-no-color" TF_INPUT: 0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index aa1bd1446..5da28381b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -176,6 +176,20 @@ jobs: secrets: PUSH_TO_OTHER_REPOS_TOKEN_ADMIN: ${{ secrets.PUSH_TO_OTHER_REPOS_TOKEN_ADMIN }} + test_plan: + needs: deploy_modules + uses: ./.github/workflows/plan_cli.yml + with: + use_modules_from_terraform_registry: true + explicit_ref: master + secrets: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} + AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} + ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + DAM_LICENSE: ${{ secrets.DAM_LICENSE }} + release: needs: deploy_modules runs-on: ubuntu-latest @@ -191,22 +205,8 @@ jobs: env: GH_TOKEN: ${{ github.token }} - test_plan: - needs: release - uses: ./.github/workflows/plan_cli.yml - with: - use_modules_from_terraform_registry: true - explicit_ref: master - secrets: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} - AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - DAM_LICENSE: ${{ secrets.DAM_LICENSE }} - test_apply: - needs: test_plan + needs: release uses: ./.github/workflows/sonar_poc_cli.yml with: use_modules_from_terraform_registry: true diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 05828b803..97d73a411 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -1,4 +1,4 @@ -name: 'Sonar POC CLI' +name: 'Sonar POC CLI - AWS' on: workflow_call: @@ -25,18 +25,9 @@ on: push: branches: - - 'master' - 'dev' paths: - - 'modules/aws/core/**' - - 'modules/aws/sonar-base-instance/*' - - 'modules/aws/hub/*' - - 'modules/aws/agentless-gw/*' - - 'modules/aws/poc-db-onboarder/*' - - 'modules/aws/rds-mssql-db/*' - - 'modules/aws/rds-mysql-db/*' - - 'modules/null/federation/*' - - 'modules/null/hadr/*' + - 'examples/aws/poc/dsf_deployment/*' - 'examples/aws/poc/sonar_basic_deployment/*' - 'examples/aws/poc/sonar_hadr_deployment/*' @@ -45,18 +36,9 @@ on: - 'opened' - 'reopened' branches: - - 'master' - 'dev' paths: - - 'modules/aws/core/**' - - 'modules/aws/sonar-base-instance/*' - - 'modules/aws/hub/*' - - 'modules/aws/agentless-gw/*' - - 'modules/aws/poc-db-onboarder/*' - - 'modules/aws/rds-mssql-db/*' - - 'modules/aws/rds-mysql-db/*' - - 'modules/null/federation/*' - - 'modules/null/hadr/*' + - 'examples/aws/poc/dsf_deployment/*' - 'examples/aws/poc/sonar_basic_deployment/*' - 'examples/aws/poc/sonar_hadr_deployment/*' diff --git a/.github/workflows/sonar_upgrade_flow.yml b/.github/workflows/sonar_upgrade_flow.yml index 4b1c7e737..d40488a33 100644 --- a/.github/workflows/sonar_upgrade_flow.yml +++ b/.github/workflows/sonar_upgrade_flow.yml @@ -15,7 +15,6 @@ on: push: branches: - - 'master' - 'dev' paths: - 'modules/aws/sonar-upgrader/**' @@ -26,7 +25,6 @@ on: - 'opened' - 'reopened' branches: - - 'master' - 'dev' paths: - 'modules/aws/sonar-upgrader/**' From 0461bb1cc441dd72601b13daa66bbef48b7c5467 Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Tue, 23 Jan 2024 12:00:55 +0200 Subject: [PATCH 10/32] Dra on azure (#357) * DRA | Add automation and documentation * DRA | Add automation and documentation * dra sonar integration * DRA | Add validation to image / vhd variables * DRA | Add automation and documentation * DRA | fix automation issue * DRA | Add integration with mx - currently doesnt work; Update required permissions * DRA | update hub cidr list for the SG for DRA * DRA | change role of user identity * DRA | little changes * DRA changes --- .github/workflows/deploy_module.yml | 11 + .github/workflows/dsf_poc_cli_azure.yml | 29 ++ .github/workflows/plan_cli.yml | 8 + README.md | 2 +- .../dsf_single_account_deployment/dra.tf | 8 +- .../dsf_single_account_deployment/sonar.tf | 2 +- .../variables.tf | 1 + examples/aws/poc/dsf_deployment/README.md | 4 +- examples/aws/poc/dsf_deployment/dra.tf | 12 +- examples/aws/poc/dsf_deployment/sonar.tf | 2 +- examples/aws/poc/dsf_deployment/variables.tf | 5 +- examples/azure/poc/dsf_deployment/README.md | 39 ++- examples/azure/poc/dsf_deployment/dam.tf | 4 +- examples/azure/poc/dsf_deployment/dra.tf | 86 ++++++ .../azure/poc/dsf_deployment/networking.tf | 4 +- examples/azure/poc/dsf_deployment/outputs.tf | 28 +- examples/azure/poc/dsf_deployment/sonar.tf | 28 +- .../azure/poc/dsf_deployment/variables.tf | 171 ++++++++++-- modules/aws/dra-admin/README.md | 4 +- modules/aws/dra-admin/iam_role.tf | 6 +- modules/aws/dra-admin/main.tf | 33 ++- modules/aws/dra-admin/secrets.tf | 16 +- modules/aws/dra-admin/setup.tftpl | 2 +- modules/aws/dra-admin/sg.tf | 6 +- modules/aws/dra-admin/variables.tf | 26 +- modules/aws/dra-analytics/README.md | 2 +- modules/aws/dra-analytics/iam_role.tf | 6 +- modules/aws/dra-analytics/main.tf | 10 +- modules/aws/dra-analytics/secrets.tf | 16 +- modules/aws/dra-analytics/setup.tftpl | 2 +- modules/aws/dra-analytics/sg.tf | 6 +- modules/aws/dra-analytics/variables.tf | 28 +- .../{waiter.tpl => waiter.tftpl} | 0 modules/aws/hub/dra_assocoation.tf | 4 +- modules/aws/hub/variables.tf | 6 +- modules/aws/mx/variables.tf | 2 +- modules/azurerm/agentless-gw/main.tf | 2 +- modules/azurerm/agentless-gw/variables.tf | 6 +- modules/azurerm/dra-admin/README.md | 86 ++++++ modules/azurerm/dra-admin/image.tf | 28 ++ modules/azurerm/dra-admin/main.tf | 132 ++++++++++ modules/azurerm/dra-admin/outputs.tf | 28 ++ modules/azurerm/dra-admin/secrets.tf | 57 ++++ modules/azurerm/dra-admin/setup.tftpl | 45 ++++ modules/azurerm/dra-admin/sg.tf | 74 ++++++ modules/azurerm/dra-admin/variables.tf | 235 +++++++++++++++++ modules/azurerm/dra-admin/versions.tf | 10 + modules/azurerm/dra-analytics/README.md | 94 +++++++ modules/azurerm/dra-analytics/image.tf | 28 ++ modules/azurerm/dra-analytics/main.tf | 127 +++++++++ modules/azurerm/dra-analytics/outputs.tf | 33 +++ modules/azurerm/dra-analytics/secrets.tf | 68 +++++ modules/azurerm/dra-analytics/setup.tftpl | 53 ++++ modules/azurerm/dra-analytics/sg.tf | 74 ++++++ modules/azurerm/dra-analytics/variables.tf | 248 ++++++++++++++++++ modules/azurerm/dra-analytics/versions.tf | 10 + modules/azurerm/dra-analytics/waiter.tftpl | 8 + modules/azurerm/hub/dra_association.tf | 37 +++ modules/azurerm/hub/main.tf | 2 +- modules/azurerm/hub/variables.tf | 26 +- modules/azurerm/mx/configuration.tf | 1 + modules/azurerm/mx/dra.tf | 76 ++++++ modules/azurerm/mx/variables.tf | 12 + modules/azurerm/sonar-base-instance/main.tf | 2 +- .../azurerm/sonar-base-instance/variables.tf | 4 +- .../azure/GeneralRequiredPermissions.txt | 5 +- 66 files changed, 2084 insertions(+), 146 deletions(-) create mode 100644 examples/azure/poc/dsf_deployment/dra.tf rename modules/aws/dra-analytics/{waiter.tpl => waiter.tftpl} (100%) create mode 100644 modules/azurerm/dra-admin/README.md create mode 100644 modules/azurerm/dra-admin/image.tf create mode 100644 modules/azurerm/dra-admin/main.tf create mode 100644 modules/azurerm/dra-admin/outputs.tf create mode 100644 modules/azurerm/dra-admin/secrets.tf create mode 100644 modules/azurerm/dra-admin/setup.tftpl create mode 100644 modules/azurerm/dra-admin/sg.tf create mode 100644 modules/azurerm/dra-admin/variables.tf create mode 100644 modules/azurerm/dra-admin/versions.tf create mode 100644 modules/azurerm/dra-analytics/README.md create mode 100644 modules/azurerm/dra-analytics/image.tf create mode 100644 modules/azurerm/dra-analytics/main.tf create mode 100644 modules/azurerm/dra-analytics/outputs.tf create mode 100644 modules/azurerm/dra-analytics/secrets.tf create mode 100644 modules/azurerm/dra-analytics/setup.tftpl create mode 100644 modules/azurerm/dra-analytics/sg.tf create mode 100644 modules/azurerm/dra-analytics/variables.tf create mode 100644 modules/azurerm/dra-analytics/versions.tf create mode 100644 modules/azurerm/dra-analytics/waiter.tftpl create mode 100644 modules/azurerm/hub/dra_association.tf create mode 100644 modules/azurerm/mx/dra.tf diff --git a/.github/workflows/deploy_module.yml b/.github/workflows/deploy_module.yml index 5775a51bb..eee345a37 100644 --- a/.github/workflows/deploy_module.yml +++ b/.github/workflows/deploy_module.yml @@ -110,6 +110,17 @@ jobs: hidden_submodules: "aws/statistics null/statistics" begin_tag: 1.0.0 + # todo - hadar add when deploying dra +# ## azurerm provider +# - source_module: "azurerm/dra-admin" +# destination_repo: "terraform-azurerm-dsf-dra-admin" +# hidden_submodules: "azurerm/statistics null/statistics" +# begin_tag: 1.7.5 +# - source_module: "azurerm/dra-analytics" +# destination_repo: "terraform-azurerm-dsf-dra-analytics" +# hidden_submodules: "azurerm/statistics null/statistics" +# begin_tag: 1.7.5 + # Globals ## aws provider - source_module: "aws/core/globals" diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 0a82b0962..99757785d 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -68,6 +68,22 @@ jobs: workspace: azure_cli-all- enable_sonar: true enable_dam: true + enable_dra: true + - name: DSF POC - SONAR + workspace: azure_cli-sonar- + enable_sonar: true + enable_dam: false + enable_dra: false + - name: DSF POC - DAM + workspace: azure_cli-dam- + enable_sonar: false + enable_dam: true + enable_dra: false + - name: DSF POC - DRA + workspace: azure_cli-dra- + enable_sonar: false + enable_dam: false + enable_dra: true name: '${{ matrix.name }}' runs-on: ubuntu-latest @@ -75,6 +91,7 @@ jobs: EXAMPLE_DIR: ./examples/azure/poc/dsf_deployment TF_VAR_enable_sonar: ${{ matrix.enable_sonar }} TF_VAR_enable_dam: ${{ matrix.enable_dam }} + TF_VAR_enable_dra: ${{ matrix.enable_dra }} environment: test # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest @@ -146,6 +163,16 @@ jobs: az_blob = "Imperva-ragent-UBN-px86_64-b14.6.0.60.0.636085.bsx" } simulation_db_types_for_agent=["PostgreSql", "MySql"] + dra_admin_vhd_details = { + storage_account_name = "dsfinstallation" + container_name = "dra" + path_to_vhd = "DRA-4.13.0.20.0.3_30207_x86_64-Admin.vhd" + } + dra_analytics_vhd_details = { + storage_account_name = "dsfinstallation" + container_name = "dra" + path_to_vhd = "DRA-4.13.0.20.0.3_30207_x86_64-Analytics.vhd" + } EOF # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token @@ -178,6 +205,7 @@ jobs: mv $EXAMPLE_DIR/outputs.tf{,_} mv $EXAMPLE_DIR/sonar.tf{,_} mv $EXAMPLE_DIR/dam.tf{,_} + mv $EXAMPLE_DIR/dra.tf{,_} mv $EXAMPLE_DIR/agent_sources.tf{,_} mv $EXAMPLE_DIR/networking.tf{,_} ls -la $EXAMPLE_DIR @@ -186,6 +214,7 @@ jobs: mv $EXAMPLE_DIR/outputs.tf{_,} mv $EXAMPLE_DIR/sonar.tf{_,} mv $EXAMPLE_DIR/dam.tf{_,} + mv $EXAMPLE_DIR/dra.tf{,_} mv $EXAMPLE_DIR/agent_sources.tf{_,} mv $EXAMPLE_DIR/networking.tf{_,} fi diff --git a/.github/workflows/plan_cli.yml b/.github/workflows/plan_cli.yml index 191de7bb7..adebc91b9 100644 --- a/.github/workflows/plan_cli.yml +++ b/.github/workflows/plan_cli.yml @@ -78,6 +78,14 @@ jobs: az_blob = "dummy-blob" } dam_license="license.mprv" + dra_admin_image_details = { + resource_group_name = "dummy-resource-group" + image_id = "dummy-admin-image-id" + } + dra_analytics_image_details = { + resource_group_name = "dummy-resource-group" + image_id = "dummy-analytics-image-id" + } - name: AWS - POC - DSF example: ./examples/aws/poc/dsf_deployment terraformvars: | diff --git a/README.md b/README.md index 919e9dea8..486776a2a 100644 --- a/README.md +++ b/README.md @@ -452,7 +452,7 @@ Before using eDSF Kit to deploy DSF, it is necessary to satisfy a set of prerequ ### Azure Prerequisites -1. [Establish an Azure App Registration](https://learn.microsoft.com/en-us/azure/healthcare-apis/register-application) and [assign it a custom role](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal?tabs=delegate-condition) +1. [Establish an Azure App Registration](https://learn.microsoft.com/en-us/azure/healthcare-apis/register-application) and [assign it a custom role](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal?tabs=delegate-condition) (without role assignment conditions) under the associated subscription, ensuring the custom role includes the required IAM permissions (see [IAM Permissions for Running eDSF Kit section](#iam-permissions-for-azure)). 2. Configure programmatic deployment for the desired version of Imperva DAM by [enabling it on the relevant DAM image from the Azure Marketplace](https://portal.azure.com/#view/Microsoft_Azure_Marketplace/LegalTermsSkuProgrammaticAccessBlade/legalTermsSkuProgrammaticAccessData~/%7B%22product%22%3A%7B%22publisherId%22%3A%22imperva%22%2C%22offerId%22%3A%22imperva-dam-v14%22%2C%22planId%22%3A%22securesphere-imperva-dam-14%22%2C%22standardContractAmendmentsRevisionId%22%3Anull%2C%22isCspEnabled%22%3Atrue%7D%7D). For DAM LTS version, use [DAM LTS Azure Marketplace image](https://portal.azure.com/#view/Microsoft_Azure_Marketplace/LegalTermsSkuProgrammaticAccessBlade/legalTermsSkuProgrammaticAccessData~/%7B%22product%22%3A%7B%22publisherId%22%3A%22imperva%22%2C%22offerId%22%3A%22imperva-dam-v14-lts%22%2C%22planId%22%3A%22securesphere-imperva-dam-14%22%2C%22standardContractAmendmentsRevisionId%22%3Anull%2C%22isCspEnabled%22%3Atrue%7D%7D). For the POC example, configure programmatic deployment also for [Ubuntu Pro 20.04 LTS image](https://portal.azure.com/#view/Microsoft_Azure_Marketplace/LegalTermsSkuProgrammaticAccessBlade/legalTermsSkuProgrammaticAccessData~/%7B%22product%22%3A%7B%22publisherId%22%3A%22canonical%22%2C%22offerId%22%3A%220001-com-ubuntu-pro-focal%22%2C%22planId%22%3A%22pro-20_04-lts%22%2C%22standardContractAmendmentsRevisionId%22%3Anull%2C%22isCspEnabled%22%3Atrue%7D%7D). diff --git a/examples/aws/installation/dsf_single_account_deployment/dra.tf b/examples/aws/installation/dsf_single_account_deployment/dra.tf index 558cd7707..db9dfa8d9 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dra.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dra.tf @@ -9,13 +9,13 @@ module "dra_admin" { version = "1.7.5" # latest release tag count = var.enable_dra ? 1 : 0 - friendly_name = join("-", [local.deployment_name_salted, "dra", "admin"]) + name = join("-", [local.deployment_name_salted, "dra", "admin"]) subnet_id = var.subnet_ids.dra_admin_subnet_id security_group_ids = var.security_group_ids_dra_admin dra_version = module.globals.dra_version ebs = var.dra_admin_ebs_details admin_registration_password = local.password - admin_password = local.password + admin_ssh_password = local.password allowed_web_console_cidrs = var.web_console_cidr allowed_analytics_cidrs = [data.aws_subnet.dra_analytics.cidr_block] allowed_hub_cidrs = local.hub_cidr_list @@ -31,13 +31,13 @@ module "dra_analytics" { version = "1.7.5" # latest release tag count = local.dra_analytics_count - friendly_name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) + name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) subnet_id = var.subnet_ids.dra_analytics_subnet_id security_group_ids = var.security_group_ids_dra_analytics dra_version = module.globals.dra_version ebs = var.dra_analytics_ebs_details admin_registration_password = local.password - admin_password = local.password + analytics_ssh_password = local.password allowed_admin_cidrs = [data.aws_subnet.dra_admin.cidr_block] allowed_agent_gateways_cidrs = local.agent_gw_cidr_list allowed_hub_cidrs = local.hub_cidr_list diff --git a/examples/aws/installation/dsf_single_account_deployment/sonar.tf b/examples/aws/installation/dsf_single_account_deployment/sonar.tf index 59117bd86..2126bf4ab 100644 --- a/examples/aws/installation/dsf_single_account_deployment/sonar.tf +++ b/examples/aws/installation/dsf_single_account_deployment/sonar.tf @@ -53,8 +53,8 @@ module "hub_main" { dra_details = var.enable_dra ? { name = module.dra_admin[0].display_name address = module.dra_admin[0].public_ip - username = module.dra_admin[0].ssh_user password = local.password + archiver_username = module.dra_analytics[0].archiver_user archiver_password = module.dra_analytics[0].archiver_password } : null generate_access_tokens = true diff --git a/examples/aws/installation/dsf_single_account_deployment/variables.tf b/examples/aws/installation/dsf_single_account_deployment/variables.tf index 57dc7a0ed..93a2cccef 100644 --- a/examples/aws/installation/dsf_single_account_deployment/variables.tf +++ b/examples/aws/installation/dsf_single_account_deployment/variables.tf @@ -475,6 +475,7 @@ variable "dam_license" { 2. License file path EOF type = string + default = null } variable "large_scale_mode" { diff --git a/examples/aws/poc/dsf_deployment/README.md b/examples/aws/poc/dsf_deployment/README.md index 7190a0e93..b4dc28f78 100644 --- a/examples/aws/poc/dsf_deployment/README.md +++ b/examples/aws/poc/dsf_deployment/README.md @@ -17,7 +17,7 @@ The deployment is modular and allows users to deploy one or more of the followin - Agent Gateways 4. DRA - Admin server - - Analytic servers + - Analytics servers 5. Audit sources - Agent audit sources (EC2 instances) - Agentless audit sources (RDS instances) @@ -71,7 +71,7 @@ Several variables in the `variables.tf` file are important for configuring the d - `enable_dra`: Enable DRA sub-product ### Server Count -- `dra_analytics_count`: Number of DRA Analytic servers +- `dra_analytics_count`: Number of DRA Analytics servers - `agentless_gw_count`: Number of Agentless Gateways - `agent_gw_count`: Number of Agent Gateways diff --git a/examples/aws/poc/dsf_deployment/dra.tf b/examples/aws/poc/dsf_deployment/dra.tf index 96bdb30cd..d0bdb9272 100644 --- a/examples/aws/poc/dsf_deployment/dra.tf +++ b/examples/aws/poc/dsf_deployment/dra.tf @@ -9,17 +9,19 @@ module "dra_admin" { version = "1.7.5" # latest release tag count = var.enable_dra ? 1 : 0 - friendly_name = join("-", [local.deployment_name_salted, "dra", "admin"]) + name = join("-", [local.deployment_name_salted, "dra", "admin"]) subnet_id = local.dra_admin_subnet_id dra_version = module.globals.dra_version ebs = var.dra_admin_ebs_details + key_pair = module.key_pair.key_pair.key_pair_name admin_registration_password = local.password - admin_password = local.password + admin_ssh_password = local.password allowed_web_console_cidrs = var.web_console_cidr allowed_analytics_cidrs = [data.aws_subnet.dra_analytics.cidr_block] allowed_hub_cidrs = local.hub_cidr_list allowed_ssh_cidrs = concat(local.workstation_cidr, var.allowed_ssh_cidrs) - key_pair = module.key_pair.key_pair.key_pair_name + attach_persistent_public_ip = true + tags = local.tags depends_on = [ module.vpc @@ -31,12 +33,12 @@ module "dra_analytics" { version = "1.7.5" # latest release tag count = local.dra_analytics_count - friendly_name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) + name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) subnet_id = local.dra_analytics_subnet_id dra_version = module.globals.dra_version ebs = var.dra_analytics_ebs_details admin_registration_password = local.password - admin_password = local.password + analytics_ssh_password = local.password allowed_admin_cidrs = [data.aws_subnet.dra_admin.cidr_block] allowed_ssh_cidrs = concat(local.hub_cidr_list, var.allowed_ssh_cidrs) key_pair = module.key_pair.key_pair.key_pair_name diff --git a/examples/aws/poc/dsf_deployment/sonar.tf b/examples/aws/poc/dsf_deployment/sonar.tf index 6ae8baddf..8076d65ef 100644 --- a/examples/aws/poc/dsf_deployment/sonar.tf +++ b/examples/aws/poc/dsf_deployment/sonar.tf @@ -42,8 +42,8 @@ module "hub_main" { dra_details = var.enable_dra ? { name = module.dra_admin[0].display_name address = module.dra_admin[0].public_ip - username = module.dra_admin[0].ssh_user password = local.password + archiver_username = module.dra_analytics[0].archiver_user archiver_password = module.dra_analytics[0].archiver_password } : null tags = local.tags diff --git a/examples/aws/poc/dsf_deployment/variables.tf b/examples/aws/poc/dsf_deployment/variables.tf index b07f2ef0b..595726d4c 100644 --- a/examples/aws/poc/dsf_deployment/variables.tf +++ b/examples/aws/poc/dsf_deployment/variables.tf @@ -137,6 +137,7 @@ variable "dam_license" { 2. License file path (Make sure it allows AWS DAM models (AV2500/AV6500)) EOF type = string + default = null } variable "large_scale_mode" { @@ -250,12 +251,12 @@ variable "hub_ebs_details" { provisioned_iops = number throughput = number }) - description = "DSF Hub compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/78729.htm" default = { disk_size = 250 provisioned_iops = 0 throughput = 125 } + description = "DSF Hub compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/78729.htm" } variable "agentless_gw_ebs_details" { @@ -264,12 +265,12 @@ variable "agentless_gw_ebs_details" { provisioned_iops = number throughput = number }) - description = "DSF Agentless Gateway compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/78729.htm" default = { disk_size = 150 provisioned_iops = 0 throughput = 125 } + description = "DSF Agentless Gateway compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.10-sonar-installation-and-setup-guide/page/78729.htm" } variable "additional_install_parameters" { diff --git a/examples/azure/poc/dsf_deployment/README.md b/examples/azure/poc/dsf_deployment/README.md index 792e4bb7d..c15aca270 100644 --- a/examples/azure/poc/dsf_deployment/README.md +++ b/examples/azure/poc/dsf_deployment/README.md @@ -1,7 +1,7 @@ # DSF Deployment example [![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) -This example provides DSF (Data Security Fabric) deployment with DSF Hub, Agentless Gateways, DAM (Database Activity Monitoring) and Agent audit sources. +This example provides a full DSF (Data Security Fabric) deployment with DSF Hub, Agentless Gateways, DAM (Database Activity Monitoring), DRA (Data Risk Analytics) and Agent and Agentless audit sources. ## Modularity The deployment is modular and allows users to deploy one or more of the following modules: @@ -15,8 +15,12 @@ The deployment is modular and allows users to deploy one or more of the followin 3. DAM - MX - Agent Gateways -4. Audit sources - - Agent audit sources (virtual machine instances) +4. DRA + - Admin server + - Analytics servers +5. Audit sources + - Agent audit sources (Virtual Machine instances) + - Agentless audit source (SQL Server instance) ### Deploying Specific Modules @@ -28,19 +32,32 @@ To deploy only the DAM module, set the following variables in your Terraform con ``` enable_dam = true enable_sonar = false +enable_dra = false ``` -This configuration will enable the DAM module while disabling the Sonar module. +This configuration will enable the DAM module while disabling the DSF Hub and DRA modules. -#### 2. Sonar Only Deployment +#### 2. DRA Only Deployment + +To deploy only the DRA module, set the following variables in your Terraform configuration: +``` +enable_dam = false +enable_sonar = false +enable_dra = true +``` + +This configuration will enable the DRA module while disabling the DSF Hub and DAM modules. + +#### 3. Sonar Only Deployment To deploy only the Sonar module, set the following variables in your Terraform configuration: ``` enable_dam = false enable_sonar = true +enable_dra = false ``` -This configuration will enable the Sonar module, including the DSF Hub, while disabling the DAM module. +This configuration will enable the Sonar module, including the DSF Hub, while disabling the DAM and DRA modules. Feel free to customize your deployment by setting the appropriate variables based on your requirements. @@ -50,8 +67,10 @@ Several variables in the `variables.tf` file are important for configuring the d ### Sub-Products - `enable_sonar`: Enable Sonar sub-product - `enable_dam`: Enable DAM sub-product +- `enable_dra`: Enable DRA sub-product ### Server Count +- `dra_analytics_count`: Number of DRA Analytics servers - `agentless_gw_count`: Number of Agentless Gateways - `agent_gw_count`: Number of Agent Gateways @@ -65,9 +84,11 @@ Several variables in the `variables.tf` file are important for configuring the d ## Mandatory Variables Before initiating the Terraform deployment, it is essential to set up the following variables: - `resource_group_location`: The region of the resource group to which all DSF components will be associated. -- `tarball_location`: Storage account and container location of the DSF installation software. az_blob is the full path to the tarball file within the storage account container. -- `dam_agent_installation_location`: Storage account and container location of the DAM Agent installation software. az_blob is the full path to the installation file within the storage account container. -- `dam_license`: DAM license file path. +- `tarball_location`: Only when deploying Sonar, storage account and container location of the DSF Sonar installation software. 'az_blob' is the full path to the tarball file within the storage account container. +- `dam_agent_installation_location`: Only when deploying DAM, storage account and container location of the DAM Agent installation software. 'az_blob' is the full path to the installation file within the storage account container. +- `dam_license`: Only when deploying DAM, DAM license file path. +- `dra_admin_image_details` or `dra_admin_vhd_details`: Only when deploying DRA, the image or VHD details of the DRA Admin server. +- `dra_analytics_image_details` or `dra_analytics_vhd_details`: Only when deploying DRA, the image or VHD details of the DRA Analytics server. ## Default Example To perform the default deployment, run the following command: diff --git a/examples/azure/poc/dsf_deployment/dam.tf b/examples/azure/poc/dsf_deployment/dam.tf index a7ed54916..2129fe241 100644 --- a/examples/azure/poc/dsf_deployment/dam.tf +++ b/examples/azure/poc/dsf_deployment/dam.tf @@ -21,7 +21,7 @@ module "mx" { mx_password = local.password allowed_web_console_and_api_cidrs = var.web_console_cidr allowed_agent_gw_cidrs = module.network[0].vnet_address_space - allowed_ssh_cidrs = local.workstation_cidr + allowed_ssh_cidrs = concat(local.workstation_cidr, var.allowed_ssh_cidrs) allowed_hub_cidrs = module.network[0].vnet_address_space hub_details = var.enable_sonar ? { @@ -55,7 +55,7 @@ module "agent_gw" { mx_password = local.password allowed_agent_cidrs = module.network[0].vnet_address_space allowed_mx_cidrs = module.network[0].vnet_address_space - allowed_ssh_cidrs = module.network[0].vnet_address_space + allowed_ssh_cidrs = concat(module.network[0].vnet_address_space, var.allowed_ssh_cidrs) allowed_gw_clusters_cidrs = module.network[0].vnet_address_space management_server_host_for_registration = module.mx[0].private_ip management_server_host_for_api_access = module.mx[0].public_ip diff --git a/examples/azure/poc/dsf_deployment/dra.tf b/examples/azure/poc/dsf_deployment/dra.tf new file mode 100644 index 000000000..cd063b813 --- /dev/null +++ b/examples/azure/poc/dsf_deployment/dra.tf @@ -0,0 +1,86 @@ +locals { + dra_analytics_count = var.enable_dra ? var.dra_analytics_count : 0 + + dra_admin_public_ip = var.enable_dra ? [format("%s/32", module.dra_admin[0].public_ip)] : [] + dra_admin_cidr_list = concat(module.network[0].vnet_address_space, local.dra_admin_public_ip) + + dra_admin_image_exits = var.dra_admin_image_details != null ? true : false + dra_admin_vhd_exits = var.dra_admin_vhd_details != null ? true : false + dra_analytics_image_exits = var.dra_analytics_image_details != null ? true : false + dra_analytics_vhd_exits = var.dra_analytics_vhd_details != null ? true : false +} + +module "dra_admin" { + source = "../../../../modules/azurerm/dra-admin" + count = var.enable_dra ? 1 : 0 + + name = join("-", [local.deployment_name_salted, "dra", "admin"]) + subnet_id = module.network[0].vnet_subnets[0] + resource_group = local.resource_group + storage_details = var.dra_admin_storage_details + ssh_public_key = tls_private_key.ssh_key.public_key_openssh + admin_registration_password = local.password + admin_ssh_password = local.password + + allowed_web_console_cidrs = var.web_console_cidr + allowed_analytics_cidrs = module.network[0].vnet_address_space + allowed_hub_cidrs = local.hub_cidr_list + allowed_ssh_cidrs = concat(local.workstation_cidr, var.allowed_ssh_cidrs) + + image_vhd_details = { + image = local.dra_admin_image_exits ? { + resource_group_name = var.dra_admin_image_details.resource_group_name + image_id = var.dra_admin_image_details.image_id + } : null, + vhd = local.dra_admin_vhd_exits ? { + path_to_vhd = var.dra_admin_vhd_details.path_to_vhd + storage_account_name = var.dra_admin_vhd_details.storage_account_name + container_name = var.dra_admin_vhd_details.container_name + } : null + } + + attach_persistent_public_ip = true + tags = local.tags + + depends_on = [ + module.network + ] +} + +module "dra_analytics" { + source = "../../../../modules/azurerm/dra-analytics" + count = local.dra_analytics_count + + name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) + subnet_id = module.network[0].vnet_subnets[1] + resource_group = local.resource_group + storage_details = var.dra_analytics_storage_details + ssh_public_key = tls_private_key.ssh_key.public_key_openssh + admin_registration_password = local.password + analytics_ssh_password = local.password + archiver_password = local.password + + allowed_admin_cidrs = module.network[0].vnet_address_space + allowed_ssh_cidrs = concat(local.workstation_cidr, local.hub_cidr_list) + #allowed_ssh_cidrs = concat(var.allowed_ssh_cidrs, local.hub_cidr_list, local.workstation_cidr) + + admin_server_private_ip = module.dra_admin[0].private_ip + admin_server_public_ip = module.dra_admin[0].public_ip + + image_vhd_details = { + image = local.dra_analytics_image_exits ? { + resource_group_name = var.dra_analytics_image_details.resource_group_name + image_id = var.dra_analytics_image_details.image_id + } : null, + vhd = local.dra_analytics_vhd_exits ? { + path_to_vhd = var.dra_analytics_vhd_details.path_to_vhd + storage_account_name = var.dra_analytics_vhd_details.storage_account_name + container_name = var.dra_analytics_vhd_details.container_name + } : null + } + tags = local.tags + + depends_on = [ + module.network + ] +} \ No newline at end of file diff --git a/examples/azure/poc/dsf_deployment/networking.tf b/examples/azure/poc/dsf_deployment/networking.tf index e5933c6d1..5e9af333b 100644 --- a/examples/azure/poc/dsf_deployment/networking.tf +++ b/examples/azure/poc/dsf_deployment/networking.tf @@ -86,8 +86,8 @@ resource "azurerm_nat_gateway_public_ip_association" "nat_gw_public_ip_associati public_ip_address_id = azurerm_public_ip.nat_gw_public_ip.id } +# subnet 1 is the private subnet resource "azurerm_subnet_nat_gateway_association" "nat_gw_vnet_association" { - count = length(local.subnet_prefixes) - subnet_id = module.network[0].vnet_subnets[count.index] + subnet_id = module.network[0].vnet_subnets[1] nat_gateway_id = azurerm_nat_gateway.nat_gw.id } \ No newline at end of file diff --git a/examples/azure/poc/dsf_deployment/outputs.tf b/examples/azure/poc/dsf_deployment/outputs.tf index 66ca0c6ac..6c5037a96 100644 --- a/examples/azure/poc/dsf_deployment/outputs.tf +++ b/examples/azure/poc/dsf_deployment/outputs.tf @@ -15,6 +15,7 @@ output "generated_network" { value = try({ vnet = module.network[0].vnet_id subnets = module.network[0].vnet_subnets + address_space = module.network[0].vnet_address_space }, null) } @@ -60,6 +61,24 @@ output "sonar" { } : null } +output "dra" { + value = var.enable_dra ? { + admin_server = { + public_ip = try(module.dra_admin[0].public_ip, null) + private_ip = try(module.dra_admin[0].private_ip, null) + display_name = try(module.dra_admin[0].display_name, null) + ssh_command = try("ssh -i ${local.private_key_file_path} ${module.dra_admin[0].ssh_user}@${module.dra_admin[0].public_ip}", null) + } + analytics = [ + for idx, val in module.dra_analytics : { + private_ip = val.private_ip + archiver_user = val.archiver_user + ssh_command = try("ssh -o UserKnownHostsFile=/dev/null -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.dra_admin[0].ssh_user}@${module.dra_admin[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) + } + ] + } : null +} + output "dam" { value = var.enable_dam ? { mx = { @@ -106,4 +125,11 @@ output "web_console_dsf_hub" { public_url = join("", ["https://", module.hub_main[0].public_ip, ":8443/"]) private_url = join("", ["https://", module.hub_main[0].private_ip, ":8443/"]) }, null) -} \ No newline at end of file +} + +output "web_console_dra" { + value = try({ + public_url = join("", ["https://", module.dra_admin[0].public_ip, ":8443/"]) + private_url = join("", ["https://", module.dra_admin[0].private_ip, ":8443/"]) + }, null) +} diff --git a/examples/azure/poc/dsf_deployment/sonar.tf b/examples/azure/poc/dsf_deployment/sonar.tf index 2c9e4b2da..f59132493 100644 --- a/examples/azure/poc/dsf_deployment/sonar.tf +++ b/examples/azure/poc/dsf_deployment/sonar.tf @@ -1,5 +1,10 @@ locals { agentless_gw_count = var.enable_sonar ? var.agentless_gw_count : 0 + + hub_public_ip = var.enable_sonar ? (length(module.hub_main[0].public_ip) > 0 ? format("%s/32", module.hub_main[0].public_ip) : null) : null + hub_dr_public_ip = var.enable_sonar && var.hub_hadr ? (length(module.hub_dr[0].public_ip) > 0 ? format("%s/32", module.hub_dr[0].public_ip) : null) : null +# WA since the following doesn't work: hub_cidr_list = concat(module.network[0].vnet_address_space, compact([local.hub_public_ip, local.hub_dr_public_ip])) + hub_cidr_list = var.enable_sonar ? (var.hub_hadr ? concat(module.network[0].vnet_address_space, [local.hub_public_ip, local.hub_dr_public_ip]) : concat(module.network[0].vnet_address_space, [local.hub_public_ip])) : module.network[0].vnet_address_space } module "hub_main" { @@ -13,7 +18,7 @@ module "hub_main" { binaries_location = var.tarball_location password = local.password storage_details = var.hub_storage_details - instance_type = var.hub_instance_type + instance_size = var.hub_instance_size base_directory = var.sonar_machine_base_directory attach_persistent_public_ip = true use_public_ip = true @@ -25,14 +30,23 @@ module "hub_main" { allowed_web_console_and_api_cidrs = var.web_console_cidr allowed_hub_cidrs = module.network[0].vnet_address_space allowed_agentless_gw_cidrs = module.network[0].vnet_address_space + allowed_dra_admin_cidrs = local.dra_admin_cidr_list allowed_all_cidrs = local.workstation_cidr + allowed_ssh_cidrs = var.allowed_ssh_cidrs mx_details = var.enable_dam ? [for mx in module.mx : { name = mx.display_name address = coalesce(mx.public_ip, mx.private_ip) username = mx.web_console_user password = local.password }] : [] - tags = local.tags + dra_details = var.enable_dra ? { + name = module.dra_admin[0].display_name + address = module.dra_admin[0].public_ip + password = local.password + archiver_username = module.dra_analytics[0].archiver_user + archiver_password = module.dra_analytics[0].archiver_password + } : null + tags = local.tags depends_on = [ module.network @@ -50,7 +64,7 @@ module "hub_dr" { binaries_location = var.tarball_location password = local.password storage_details = var.hub_storage_details - instance_type = var.hub_instance_type + instance_size = var.hub_instance_size base_directory = var.sonar_machine_base_directory attach_persistent_public_ip = true use_public_ip = true @@ -65,7 +79,9 @@ module "hub_dr" { allowed_web_console_and_api_cidrs = var.web_console_cidr allowed_hub_cidrs = module.network[0].vnet_address_space allowed_agentless_gw_cidrs = module.network[0].vnet_address_space + allowed_dra_admin_cidrs = local.dra_admin_cidr_list allowed_all_cidrs = local.workstation_cidr + allowed_ssh_cidrs = var.allowed_ssh_cidrs tags = local.tags depends_on = [ module.network @@ -100,7 +116,7 @@ module "agentless_gw_main" { subnet_id = module.network[0].vnet_subnets[0] storage_details = var.agentless_gw_storage_details binaries_location = var.tarball_location - instance_type = var.agentless_gw_instance_type + instance_size = var.agentless_gw_instance_size base_directory = var.sonar_machine_base_directory password = local.password hub_sonarw_public_key = module.hub_main[0].sonarw_public_key @@ -111,6 +127,7 @@ module "agentless_gw_main" { allowed_agentless_gw_cidrs = module.network[0].vnet_address_space allowed_hub_cidrs = module.network[0].vnet_address_space allowed_all_cidrs = local.workstation_cidr + allowed_ssh_cidrs = var.allowed_ssh_cidrs ingress_communication_via_proxy = { proxy_address = module.hub_main[0].public_ip proxy_private_ssh_key_path = local_sensitive_file.ssh_key.filename @@ -132,7 +149,7 @@ module "agentless_gw_dr" { subnet_id = module.network[0].vnet_subnets[1] storage_details = var.agentless_gw_storage_details binaries_location = var.tarball_location - instance_type = var.agentless_gw_instance_type + instance_size = var.agentless_gw_instance_size base_directory = var.sonar_machine_base_directory password = local.password hub_sonarw_public_key = module.hub_main[0].sonarw_public_key @@ -146,6 +163,7 @@ module "agentless_gw_dr" { allowed_agentless_gw_cidrs = module.network[0].vnet_address_space allowed_hub_cidrs = module.network[0].vnet_address_space allowed_all_cidrs = local.workstation_cidr + allowed_ssh_cidrs = var.allowed_ssh_cidrs ingress_communication_via_proxy = { proxy_address = module.hub_main[0].public_ip proxy_private_ssh_key_path = local_sensitive_file.ssh_key.filename diff --git a/examples/azure/poc/dsf_deployment/variables.tf b/examples/azure/poc/dsf_deployment/variables.tf index 2f4fcd481..435d61d05 100644 --- a/examples/azure/poc/dsf_deployment/variables.tf +++ b/examples/azure/poc/dsf_deployment/variables.tf @@ -34,6 +34,12 @@ variable "enable_dam" { description = "Provision DAM MX and Agent Gateways" } +variable "enable_dra" { + type = bool + default = true + description = "Provision DRA Admin and Analytics" +} + variable "agentless_gw_count" { type = number default = 1 @@ -46,6 +52,12 @@ variable "agent_gw_count" { description = "Number of Agent Gateways. Provisioning Agent Gateways requires the enable_dam variable to be set to 'true'." } +variable "dra_analytics_count" { + type = number + default = 1 + description = "Number of DRA Analytics servers. Provisioning Analytics servers requires the enable_dra variable to be set to 'true'." +} + variable "password" { sensitive = true type = string @@ -59,13 +71,19 @@ variable "password" { variable "web_console_cidr" { type = list(string) default = ["0.0.0.0/0"] - description = "DSF Hub and MX web console IPs range. Specify IPs in the following format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]. The default configuration opens the DSF Hub web console as a public website. It is recommended to specify a more restricted IP and CIDR range." + description = "DSF Hub, MX and DRA Admin web consoles IPs range. Specify IPs in the following format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]. The default configuration opens the DSF Hub web console as a public website. It is recommended to specify a more restricted IP and CIDR range." } variable "workstation_cidr" { type = list(string) default = null - description = "IP ranges from which SSH/API access will be allowed to setup the deployment. If not set, the subnet (x.x.x.0/24) of the public IP of the computer where the Terraform is run is used Format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]" + description = "IP ranges from which SSH/API access will be allowed to setup the deployment. If not set, the subnet (x.x.x.0/24) of the public IP of the computer where the Terraform is run is used. Format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]" +} + +variable "allowed_ssh_cidrs" { + type = list(string) + description = "IP ranges from which SSH access to the deployed DSF nodes will be allowed" + default = [] } variable "vnet_ip_range" { @@ -74,25 +92,24 @@ variable "vnet_ip_range" { description = "Vnet ip range" } -#variable "subnet_ids" { -# type = object({ -# hub_subnet_id = string -# hub_dr_subnet_id = string -# agentless_gw_subnet_id = string -# agentless_gw_dr_subnet_id = string -# }) -# default = null -# description = "The IDs of existing subnets to deploy resources in. Keep empty if you wish to provision new VPC and subnets. db_subnet_ids can be an empty list only if no databases should be provisioned" -# validation { -# condition = var.subnet_ids == null || try(var.subnet_ids.hub_subnet_id != null && var.subnet_ids.hub_dr_subnet_id != null && var.subnet_ids.agentless_gw_subnet_id != null && var.subnet_ids.agentless_gw_dr_subnet_id != null, false) -# error_message = "Value must either be null or specified for all." -# } -# validation { -# condition = var.subnet_ids == null || try(alltrue([for subnet_id in values({ for k, v in var.subnet_ids : k => v if k != "db_subnet_ids" }) : can(regex(".*Microsoft.Network/virtualNetworks/.*/subnets/.*", subnet_id))]), false) -# error_message = "Subnet id is invalid." -# } -#} - +variable "subnet_ids" { + type = object({ + hub_subnet_id = string + hub_dr_subnet_id = string + agentless_gw_subnet_id = string + agentless_gw_dr_subnet_id = string + mx_subnet_id = string + agent_gw_subnet_id = string + dra_admin_subnet_id = string + dra_analytics_subnet_id = string + }) + default = null + description = "The IDs of existing subnets to deploy resources in. Keep empty if you wish to provision new VPC and subnets. db_subnet_ids can be an empty list only if no databases should be provisioned" + validation { + condition = var.subnet_ids == null || try(var.subnet_ids.hub_subnet_id != null && var.subnet_ids.hub_dr_subnet_id != null && var.subnet_ids.agentless_gw_subnet_id != null && var.subnet_ids.agentless_gw_dr_subnet_id != null && var.subnet_ids.dra_admin_subnet_id != null && var.subnet_ids.dra_analytics_subnet_id != null, false) + error_message = "Value must either be null or specified for all." + } +} ############################## #### DAM variables #### @@ -111,6 +128,7 @@ variable "dam_version" { variable "dam_license" { description = "License file path" type = string + default = null } variable "large_scale_mode" { @@ -137,6 +155,7 @@ variable "dam_agent_installation_location" { az_blob = string }) description = "Storage account and container location of the DSF DAM agent installation software. az_blob is the full path to the installation file within the storage account container" + default = null } variable "simulation_db_types_for_agent" { @@ -172,7 +191,8 @@ variable "tarball_location" { az_container = string az_blob = string }) - description = "Storage account and container location of the DSF installation software. az_blob is the full path to the tarball file within the storage account container" + description = "Storage account and container location of the DSF Sonar installation software. az_blob is the full path to the tarball file within the storage account container" + default = null } variable "hub_hadr" { @@ -187,16 +207,16 @@ variable "agentless_gw_hadr" { description = "Provisions a High Availability and Disaster Recovery node for the Agentless Gateway" } -variable "hub_instance_type" { +variable "hub_instance_size" { type = string default = "Standard_E4s_v5" - description = "Instance type for the DSF Hub" + description = "Instance size for the DSF Hub" } -variable "agentless_gw_instance_type" { +variable "agentless_gw_instance_size" { type = string default = "Standard_E4s_v5" - description = "Instance type for the Agentless Gateway" + description = "Instance size for the Agentless Gateway" } variable "hub_storage_details" { @@ -236,4 +256,101 @@ variable "sonar_machine_base_directory" { type = string default = "/imperva" description = "The base directory where all Sonar related directories will be installed" -} \ No newline at end of file +} +############################## +#### DRA variables #### +############################## + +variable "dra_admin_instance_size" { + type = string + default = "Standard_E4as_v5" # 4 cores & 32GB ram + description = "VM instance size for the Admin Server" +} + +variable "dra_admin_storage_details" { + type = object({ + disk_size = number + volume_caching = string + storage_account_type = string + }) + description = "DRA Admin compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.11-data-risk-analytics-installation-guide/page/69846.htm" + default = { + disk_size = 260 + volume_caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } +} + +variable "dra_admin_image_details" { + type = object({ + resource_group_name = string + image_id = string + }) + default = null + description = "Image attributes for the Admin Server" + validation { + condition = var.dra_admin_image_details == null || try(var.dra_admin_image_details.resource_group_name != null && var.dra_admin_image_details.image_id != null, false) + error_message = "Value must either be null or specified for all" + } +} + +variable "dra_admin_vhd_details" { + type = object({ + path_to_vhd = string + storage_account_name = string + container_name = string + }) + default = null + description = "VHD details for creating the Admin server image. Keep empty if you provide an image for the Admin server instead." + validation { + condition = var.dra_admin_vhd_details == null || try(var.dra_admin_vhd_details.path_to_vhd != null && var.dra_admin_vhd_details.storage_account_name != null && var.dra_admin_vhd_details.container_name != null, false) + error_message = "Value must either be null or specified for all" + } +} + +variable "dra_analytics_instance_size" { + type = string + default = "Standard_E4as_v5" # 4 cores & 32GB ram + description = "VM instance size for the Analytics Server" +} + +variable "dra_analytics_storage_details" { + type = object({ + disk_size = number + volume_caching = string + storage_account_type = string + }) + description = "DRA Analytics compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.11-data-risk-analytics-installation-guide/page/69846.htm" + default = { + disk_size = 1010 + volume_caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } +} + +variable "dra_analytics_image_details" { + type = object({ + resource_group_name = string + image_id = string + }) + default = null + description = "Image attributes for the Analytics Server" + validation { + condition = var.dra_analytics_image_details == null || try(var.dra_analytics_image_details.resource_group_name != null && var.dra_analytics_image_details.image_id != null, false) + error_message = "Value must either be null or specified for all" + } +} + +variable "dra_analytics_vhd_details" { + type = object({ + path_to_vhd = string + storage_account_name = string + container_name = string + }) + default = null + description = "VHD details for creating the Analytics server image. Keep empty if you provide an image for the Analytics server instead." + validation { + condition = var.dra_analytics_vhd_details == null || try(var.dra_analytics_vhd_details.path_to_vhd != null && var.dra_analytics_vhd_details.storage_account_name != null && var.dra_analytics_vhd_details.container_name != null, false) + error_message = "Value must either be null or specified for all" + } +} diff --git a/modules/aws/dra-admin/README.md b/modules/aws/dra-admin/README.md index ecda2bc95..bd5759af2 100644 --- a/modules/aws/dra-admin/README.md +++ b/modules/aws/dra-admin/README.md @@ -18,7 +18,7 @@ This Terraform module provisions several resources on AWS. These resources inclu * AWS Secrets that hold the passwords. * An AWS Elastic Network Interface (ENI). -The EC2 instance and EBS volume provide the computing and storage resources needed to run the DSF software. The security group controls the inbound and outbound traffic to the instance, while the IAM role grants the necessary permissions to access AWS resources. The KMS is used for encrypting sensitive data. +The EC2 instance and EBS volume provide the computing and storage resources needed to run the DSF Admin Server software. The security group controls the inbound and outbound traffic to the instance, while the IAM role grants the necessary permissions to access AWS resources. The KMS is used for encrypting sensitive data. ## Inputs @@ -54,7 +54,7 @@ module "dra_admin" { } ``` -To see a complete example of how to use this module in a DSF deployment with other modules, check out the [examples](../../../examples/) directory. +To see a complete example of how to use this module in a DSF deployment with other modules, check out the [examples](../../../examples/aws/) directory. We recommend using a specific version of the module (and not the latest). See available released versions in the main repo README [here](https://github.com/imperva/dsfkit#version-history). diff --git a/modules/aws/dra-admin/iam_role.tf b/modules/aws/dra-admin/iam_role.tf index 7c76e40c4..5f1e091cc 100644 --- a/modules/aws/dra-admin/iam_role.tf +++ b/modules/aws/dra-admin/iam_role.tf @@ -29,7 +29,7 @@ locals { "Action" : "secretsmanager:GetSecretValue", "Resource" : [ aws_secretsmanager_secret.admin_analytics_registration_password.arn, - aws_secretsmanager_secret.admin_password.arn, + aws_secretsmanager_secret.admin_ssh_password.arn, ] } ] @@ -39,14 +39,14 @@ locals { resource "aws_iam_instance_profile" "dsf_node_instance_iam_profile" { count = var.instance_profile_name == null ? 1 : 0 - name_prefix = "${var.friendly_name}-dra-admin-instance-iam-profile" + name_prefix = "${var.name}-dra-admin-instance-iam-profile" role = local.role_name tags = var.tags } resource "aws_iam_role" "dsf_node_role" { count = var.instance_profile_name == null ? 1 : 0 - name = "${var.friendly_name}-role" + name = "${var.name}-role" managed_policy_arns = null assume_role_policy = local.role_assume_role_policy inline_policy { diff --git a/modules/aws/dra-admin/main.tf b/modules/aws/dra-admin/main.tf index aa2ca49cf..a8ac27f58 100644 --- a/modules/aws/dra-admin/main.tf +++ b/modules/aws/dra-admin/main.tf @@ -10,15 +10,18 @@ locals { install_script = templatefile("${path.module}/setup.tftpl", { admin_registration_password_secret_arn = aws_secretsmanager_secret.admin_analytics_registration_password.arn - admin_password_secret_arn = aws_secretsmanager_secret.admin_password.arn + admin_ssh_password_secret_arn = aws_secretsmanager_secret.admin_ssh_password.arn }) + readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { + admin_server_public_ip = try(local.public_ip, local.private_ip) + }) } resource "aws_eip" "dsf_instance_eip" { count = var.attach_persistent_public_ip ? 1 : 0 domain = "vpc" - tags = merge(var.tags, { Name = var.friendly_name }) + tags = merge(var.tags, { Name = var.name }) } resource "aws_eip_association" "eip_assoc" { @@ -36,7 +39,7 @@ resource "aws_instance" "dsf_base_instance" { volume_size = var.ebs.volume_size volume_type = var.ebs.volume_type delete_on_termination = true - tags = merge(var.tags, { Name = var.friendly_name }) + tags = merge(var.tags, { Name = var.name }) } iam_instance_profile = local.instance_profile network_interface { @@ -49,7 +52,7 @@ resource "aws_instance" "dsf_base_instance" { http_endpoint = "enabled" http_tokens = "required" } - tags = merge(var.tags, { Name = var.friendly_name }) + tags = merge(var.tags, { Name = var.name }) } resource "aws_network_interface" "eni" { @@ -62,8 +65,28 @@ module "statistics" { source = "../../../modules/aws/statistics" count = var.send_usage_statistics ? 1 : 0 - deployment_name = var.friendly_name + deployment_name = var.name product = "DRA" resource_type = "dra-admin" artifact = "ami://${sha256(data.aws_ami.selected-ami.image_id)}@${var.dra_version}" } + +resource "null_resource" "readiness" { + provisioner "local-exec" { + command = local.readiness_script + interpreter = ["/bin/bash", "-c"] + } + depends_on = [ + aws_instance.dsf_base_instance, + module.statistics + ] +} + +module "statistics_success" { + source = "../../../modules/aws/statistics" + count = var.send_usage_statistics ? 1 : 0 + + id = module.statistics[0].id + status = "success" + depends_on = [null_resource.readiness] +} \ No newline at end of file diff --git a/modules/aws/dra-admin/secrets.tf b/modules/aws/dra-admin/secrets.tf index 4952912f6..71e725209 100644 --- a/modules/aws/dra-admin/secrets.tf +++ b/modules/aws/dra-admin/secrets.tf @@ -1,6 +1,6 @@ resource "aws_secretsmanager_secret" "admin_analytics_registration_password" { - name_prefix = "${var.friendly_name}-admin-analytics-registration-password" - description = "DRA admin_registration_password" + name_prefix = "${var.name}-admin-analytics-registration-password" + description = "DRA admin registration password" tags = var.tags } @@ -9,13 +9,13 @@ resource "aws_secretsmanager_secret_version" "admin_analytics_registration_passw secret_string = var.admin_registration_password } -resource "aws_secretsmanager_secret" "admin_password" { - name_prefix = "${var.friendly_name}-admin-password" - description = "DRA admin_registration_password" +resource "aws_secretsmanager_secret" "admin_ssh_password" { + name_prefix = "${var.name}-admin-ssh-password" + description = "DRA Admin ssh password" tags = var.tags } -resource "aws_secretsmanager_secret_version" "admin_password" { - secret_id = aws_secretsmanager_secret.admin_password.id - secret_string = var.admin_password +resource "aws_secretsmanager_secret_version" "admin_ssh_password" { + secret_id = aws_secretsmanager_secret.admin_ssh_password.id + secret_string = var.admin_ssh_password } diff --git a/modules/aws/dra-admin/setup.tftpl b/modules/aws/dra-admin/setup.tftpl index 779ada241..80f7e1afa 100644 --- a/modules/aws/dra-admin/setup.tftpl +++ b/modules/aws/dra-admin/setup.tftpl @@ -24,7 +24,7 @@ unzip awscliv2.zip sudo ./aws/install admin_registration_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${admin_registration_password_secret_arn} --query SecretString --output text) -ssh_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${admin_password_secret_arn} --query SecretString --output text) +ssh_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${admin_ssh_password_secret_arn} --query SecretString --output text) /opt/itp_global_conf/auto_deploy.sh --hostname "$(hostname)" --ip-address "$my_ip" --dns-servers "$my_nameserver" --registration-password "$admin_registration_password" --cidr "$my_cidr" --default-gateway "$my_default_gw" --machine-type "Admin" diff --git a/modules/aws/dra-admin/sg.tf b/modules/aws/dra-admin/sg.tf index 782e72382..bb5529f1a 100644 --- a/modules/aws/dra-admin/sg.tf +++ b/modules/aws/dra-admin/sg.tf @@ -44,9 +44,9 @@ data "aws_subnet" "selected_subnet" { resource "aws_security_group" "dsf_base_sg" { for_each = { for idx, config in local._security_groups_config : idx => config } - name = join("-", [var.friendly_name, join("-", each.value.name)]) + name = join("-", [var.name, join("-", each.value.name)]) vpc_id = data.aws_subnet.selected_subnet.vpc_id - description = format("%s - %s ingress access", var.friendly_name, join(" ", each.value.name)) + description = format("%s - %s ingress access", var.name, join(" ", each.value.name)) dynamic "ingress" { for_each = { for idx, port in each.value.tcp : idx => port } @@ -77,5 +77,5 @@ resource "aws_security_group" "dsf_base_sg" { ipv6_cidr_blocks = each.value.internet_access ? ["::/0"] : [] } - tags = merge(var.tags, { Name = join("-", [var.friendly_name, join("-", each.value.name)]) }) + tags = merge(var.tags, { Name = join("-", [var.name, join("-", each.value.name)]) }) } diff --git a/modules/aws/dra-admin/variables.tf b/modules/aws/dra-admin/variables.tf index 03f3139eb..142ea84c5 100644 --- a/modules/aws/dra-admin/variables.tf +++ b/modules/aws/dra-admin/variables.tf @@ -1,10 +1,14 @@ -variable "friendly_name" { +variable "name" { type = string default = "imperva-dsf-dra-admin" - description = "Friendly name, EC2 Instance Name" + description = "Name to identify all resources" validation { - condition = length(var.friendly_name) > 3 - error_message = "Deployment name must be at least 3 characters" + condition = length(var.name) >= 3 + error_message = "Name must be at least 3 characters" + } + validation { + condition = can(regex("^\\p{L}.*", var.name)) + error_message = "Must start with a letter" } } @@ -66,32 +70,32 @@ variable "admin_registration_password" { } } -variable "admin_password" { +variable "admin_ssh_password" { type = string - description = "Password to be used to admin os user" + description = "Password to be used to ssh to the Admin Server" validation { - condition = length(var.admin_password) >= 7 + condition = length(var.admin_ssh_password) >= 7 error_message = "Password must be at least 7 characters long" } validation { - condition = can(regex("[A-Z]", var.admin_password)) + condition = can(regex("[A-Z]", var.admin_ssh_password)) error_message = "Password must contain at least one uppercase letter" } validation { - condition = can(regex("[a-z]", var.admin_password)) + condition = can(regex("[a-z]", var.admin_ssh_password)) error_message = "Password must contain at least one lowercase letter" } validation { - condition = can(regex("\\d", var.admin_password)) + condition = can(regex("\\d", var.admin_ssh_password)) error_message = "Password must contain at least one digit" } validation { - condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.admin_password)) + condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.admin_ssh_password)) error_message = "Password must contain at least one of the following special characters: *+=#%^:/~.,[]_" } } diff --git a/modules/aws/dra-analytics/README.md b/modules/aws/dra-analytics/README.md index 8ce9a8c84..26a6b9b1c 100644 --- a/modules/aws/dra-analytics/README.md +++ b/modules/aws/dra-analytics/README.md @@ -68,7 +68,7 @@ See available released versions in the main repo README [here](https://github.co Specify the module's version by adding the version parameter. For example: ``` -module "dsf_dra_admin" { +module "dsf_dra_analytics" { source = "imperva/dsf-dra-analytics/aws" version = "x.y.z" } diff --git a/modules/aws/dra-analytics/iam_role.tf b/modules/aws/dra-analytics/iam_role.tf index b70283fcf..83dfe9ef8 100644 --- a/modules/aws/dra-analytics/iam_role.tf +++ b/modules/aws/dra-analytics/iam_role.tf @@ -29,7 +29,7 @@ locals { "Resource" : [ aws_secretsmanager_secret.analytics_archiver_password.arn, aws_secretsmanager_secret.admin_registration_password.arn, - aws_secretsmanager_secret.admin_password.arn + aws_secretsmanager_secret.analytics_ssh_password.arn ] } ] @@ -39,14 +39,14 @@ locals { resource "aws_iam_instance_profile" "dsf_node_instance_iam_profile" { count = var.instance_profile_name == null ? 1 : 0 - name_prefix = "${var.friendly_name}-dra-analytics-instance-iam-profile" + name_prefix = "${var.name}-dra-analytics-instance-iam-profile" role = local.role_name tags = var.tags } resource "aws_iam_role" "dsf_node_role" { count = var.instance_profile_name == null ? 1 : 0 - name = "${var.friendly_name}-role" + name = "${var.name}-role" managed_policy_arns = null assume_role_policy = local.role_assume_role_policy inline_policy { diff --git a/modules/aws/dra-analytics/main.tf b/modules/aws/dra-analytics/main.tf index 3cede44a5..cc2bec04a 100644 --- a/modules/aws/dra-analytics/main.tf +++ b/modules/aws/dra-analytics/main.tf @@ -13,13 +13,13 @@ locals { install_script = templatefile("${path.module}/setup.tftpl", { analytics_archiver_password_secret_arn = aws_secretsmanager_secret.analytics_archiver_password.arn admin_analytics_registration_password_arn = aws_secretsmanager_secret.admin_registration_password.arn - admin_password_secret_arn = aws_secretsmanager_secret.admin_password.arn + analytics_ssh_password_secret_arn = aws_secretsmanager_secret.analytics_ssh_password.arn archiver_user = var.archiver_user archiver_password = var.archiver_password admin_server_private_ip = var.admin_server_private_ip }) - readiness_script = templatefile("${path.module}/waiter.tpl", { + readiness_script = templatefile("${path.module}/waiter.tftpl", { admin_server_public_ip = var.admin_server_public_ip }) } @@ -33,7 +33,7 @@ resource "aws_instance" "dsf_base_instance" { volume_size = var.ebs.volume_size volume_type = var.ebs.volume_type delete_on_termination = true - tags = merge(var.tags, { Name = var.friendly_name }) + tags = merge(var.tags, { Name = var.name }) } iam_instance_profile = local.instance_profile network_interface { @@ -46,7 +46,7 @@ resource "aws_instance" "dsf_base_instance" { http_endpoint = "enabled" http_tokens = "required" } - tags = merge(var.tags, { Name = var.friendly_name }) + tags = merge(var.tags, { Name = var.name }) } resource "aws_network_interface" "eni" { @@ -59,7 +59,7 @@ module "statistics" { source = "../../../modules/aws/statistics" count = var.send_usage_statistics ? 1 : 0 - deployment_name = var.friendly_name + deployment_name = var.name product = "DRA" resource_type = "dra-analytics" artifact = "ami://${sha256(data.aws_ami.selected-ami.image_id)}@${var.dra_version}" diff --git a/modules/aws/dra-analytics/secrets.tf b/modules/aws/dra-analytics/secrets.tf index cb8d201cc..dda18f3f0 100644 --- a/modules/aws/dra-analytics/secrets.tf +++ b/modules/aws/dra-analytics/secrets.tf @@ -1,5 +1,5 @@ resource "aws_secretsmanager_secret" "analytics_archiver_password" { - name_prefix = "${var.friendly_name}-analytics-archiver-password" + name_prefix = "${var.name}-analytics-archiver-password" description = "analytics-archiver-password" tags = var.tags } @@ -10,7 +10,7 @@ resource "aws_secretsmanager_secret_version" "analytics_archiver_password" { } resource "aws_secretsmanager_secret" "admin_registration_password" { - name_prefix = "${var.friendly_name}-admin-analytics-registration-password" + name_prefix = "${var.name}-admin-analytics-registration-password" description = "admin-analytics-registration-password" tags = var.tags } @@ -20,13 +20,13 @@ resource "aws_secretsmanager_secret_version" "admin_registration_password" { secret_string = var.admin_registration_password } -resource "aws_secretsmanager_secret" "admin_password" { - name_prefix = "${var.friendly_name}-admin-password" - description = "DRA admin_registration_password" +resource "aws_secretsmanager_secret" "analytics_ssh_password" { + name_prefix = "${var.name}-analytics-ssh-password" + description = "DRA Analytics ssh password" tags = var.tags } -resource "aws_secretsmanager_secret_version" "admin_password" { - secret_id = aws_secretsmanager_secret.admin_password.id - secret_string = var.admin_password +resource "aws_secretsmanager_secret_version" "analytics_ssh_password" { + secret_id = aws_secretsmanager_secret.analytics_ssh_password.id + secret_string = var.analytics_ssh_password } diff --git a/modules/aws/dra-analytics/setup.tftpl b/modules/aws/dra-analytics/setup.tftpl index c24b2ec88..4866b94ee 100644 --- a/modules/aws/dra-analytics/setup.tftpl +++ b/modules/aws/dra-analytics/setup.tftpl @@ -31,7 +31,7 @@ unzip awscliv2.zip sudo ./aws/install archiver_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${analytics_archiver_password_secret_arn} --query SecretString --output text) admin_registration_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${admin_analytics_registration_password_arn} --query SecretString --output text) -ssh_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${admin_password_secret_arn} --query SecretString --output text) +ssh_password=$(/usr/local/bin/aws secretsmanager get-secret-value --secret-id ${analytics_ssh_password_secret_arn} --query SecretString --output text) /opt/itp_global_conf/auto_deploy.sh --hostname "$(hostname)" --ip-address "$my_ip" --dns-servers "$my_nameserver" --registration-password "$admin_registration_password" --cidr "$my_cidr" --default-gateway "$my_default_gw" --machine-type "Analytics" --analytics-user "${archiver_user}" --analytics-password "$archiver_password" --admin-server-ip "${admin_server_private_ip}" diff --git a/modules/aws/dra-analytics/sg.tf b/modules/aws/dra-analytics/sg.tf index 26b7c5fa4..1407f5f91 100644 --- a/modules/aws/dra-analytics/sg.tf +++ b/modules/aws/dra-analytics/sg.tf @@ -44,9 +44,9 @@ data "aws_subnet" "selected_subnet" { resource "aws_security_group" "dsf_base_sg" { for_each = { for idx, config in local._security_groups_config : idx => config } - name = join("-", [var.friendly_name, join("-", each.value.name)]) + name = join("-", [var.name, join("-", each.value.name)]) vpc_id = data.aws_subnet.selected_subnet.vpc_id - description = format("%s - %s ingress access", var.friendly_name, join(" ", each.value.name)) + description = format("%s - %s ingress access", var.name, join(" ", each.value.name)) dynamic "ingress" { for_each = { for idx, port in each.value.tcp : idx => port } @@ -77,5 +77,5 @@ resource "aws_security_group" "dsf_base_sg" { ipv6_cidr_blocks = each.value.internet_access ? ["::/0"] : [] } - tags = merge(var.tags, { Name = join("-", [var.friendly_name, join("-", each.value.name)]) }) + tags = merge(var.tags, { Name = join("-", [var.name, join("-", each.value.name)]) }) } diff --git a/modules/aws/dra-analytics/variables.tf b/modules/aws/dra-analytics/variables.tf index d4e378f84..4298355e8 100644 --- a/modules/aws/dra-analytics/variables.tf +++ b/modules/aws/dra-analytics/variables.tf @@ -1,10 +1,14 @@ -variable "friendly_name" { +variable "name" { type = string default = "imperva-dsf-dra-analytics" - description = "Friendly name, EC2 Instance Name" + description = "Name to identify all resources" validation { - condition = length(var.friendly_name) > 3 - error_message = "Deployment name must be at least 3 characters" + condition = length(var.name) >= 3 + error_message = "Name must be at least 3 characters" + } + validation { + condition = can(regex("^\\p{L}.*", var.name)) + error_message = "Must start with a letter" } } @@ -44,32 +48,32 @@ variable "admin_registration_password" { } } -variable "admin_password" { +variable "analytics_ssh_password" { type = string - description = "Password to be used to admin os user" + description = "Password to be used to ssh to the Analytics Server" validation { - condition = length(var.admin_password) >= 7 + condition = length(var.analytics_ssh_password) >= 7 error_message = "Password must be at least 7 characters long" } validation { - condition = can(regex("[A-Z]", var.admin_password)) + condition = can(regex("[A-Z]", var.analytics_ssh_password)) error_message = "Password must contain at least one uppercase letter" } validation { - condition = can(regex("[a-z]", var.admin_password)) + condition = can(regex("[a-z]", var.analytics_ssh_password)) error_message = "Password must contain at least one lowercase letter" } validation { - condition = can(regex("\\d", var.admin_password)) + condition = can(regex("\\d", var.analytics_ssh_password)) error_message = "Password must contain at least one digit" } validation { - condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.admin_password)) + condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.analytics_ssh_password)) error_message = "Password must contain at least one of the following special characters: *+=#%^:/~.,[]_" } } @@ -77,7 +81,7 @@ variable "admin_password" { variable "archiver_user" { type = string default = "archiver-user" - description = "User to be used to upload archive files for the analytics server" + description = "User to be used to upload archive files for the Analytics server" } variable "dra_version" { diff --git a/modules/aws/dra-analytics/waiter.tpl b/modules/aws/dra-analytics/waiter.tftpl similarity index 100% rename from modules/aws/dra-analytics/waiter.tpl rename to modules/aws/dra-analytics/waiter.tftpl diff --git a/modules/aws/hub/dra_assocoation.tf b/modules/aws/hub/dra_assocoation.tf index 6729dffb8..14ac69f67 100644 --- a/modules/aws/hub/dra_assocoation.tf +++ b/modules/aws/hub/dra_assocoation.tf @@ -1,11 +1,11 @@ locals { # we are using one password for all services and we have one DRA only admin_password = var.dra_details == null ? "" : urlencode(var.dra_details.password) + archiver_username = var.dra_details == null ? "" : var.dra_details.archiver_username archiver_password = var.dra_details == null ? "" : urlencode(var.dra_details.archiver_password) - admin_username = var.dra_details == null ? "" : var.dra_details.username admin_address = var.dra_details == null ? "" : var.dra_details.address dra_association_commands = var.dra_details == null ? "" : <<-EOF - curl -k --max-time 10000 -X POST -G 'https://127.0.0.1:8443/register-to-dra' -d adminIpOrHostname=${local.admin_address} -d adminRegistrationPassword=${local.admin_password} -d adminReportingServer=true -d analyticsArchiveUsername=${local.admin_username} -d analyticsArchivePassword=${local.archiver_password} -d resumeDraJobs=true --header "Authorization: Bearer ${module.hub_instance.access_tokens["archiver"].token}" + curl -k --max-time 10000 -X POST -G 'https://127.0.0.1:8443/register-to-dra' -d adminIpOrHostname=${local.admin_address} -d adminRegistrationPassword=${local.admin_password} -d adminReportingServer=true -d analyticsArchiveUsername=${local.archiver_username} -d analyticsArchivePassword=${local.archiver_password} -d resumeDraJobs=true --header "Authorization: Bearer ${module.hub_instance.access_tokens["archiver"].token}" EOF } diff --git a/modules/aws/hub/variables.tf b/modules/aws/hub/variables.tf index 99305069e..8eee16e14 100644 --- a/modules/aws/hub/variables.tf +++ b/modules/aws/hub/variables.tf @@ -296,8 +296,8 @@ variable "dra_details" { type = object({ name = string address = string - username = string password = string + archiver_username = string archiver_password = string }) validation { @@ -305,8 +305,8 @@ variable "dra_details" { error_message = "Each DRA Admin must specify name and address" } validation { - condition = (var.dra_details == null || (can(var.dra_details.username) && can(var.dra_details.password))) - error_message = "Each DRA Admin must specify username and password" + condition = (var.dra_details == null || (can(var.dra_details.archiver_username) && can(var.dra_details.archiver_password) && can(var.dra_details.password))) + error_message = "Each DRA Admin must specify archiver_username, archiver_password and password" } default = null } diff --git a/modules/aws/mx/variables.tf b/modules/aws/mx/variables.tf index 8a4beb4d5..ea59a33f4 100644 --- a/modules/aws/mx/variables.tf +++ b/modules/aws/mx/variables.tf @@ -245,7 +245,7 @@ variable "create_server_group" { } variable "dra_details" { - description = "Details of the DRA for sending audit logs" + description = "Details of the DRA for sending audit logs in the legacy format. More info in https://docs.imperva.com/bundle/v4.14-data-risk-analytics-installation-guide/page/60553.htm" type = object({ address = string port = number diff --git a/modules/azurerm/agentless-gw/main.tf b/modules/azurerm/agentless-gw/main.tf index 5354fa86c..dade1a422 100644 --- a/modules/azurerm/agentless-gw/main.tf +++ b/modules/azurerm/agentless-gw/main.tf @@ -38,7 +38,7 @@ module "gw_instance" { security_groups_config = local.security_groups_config security_group_ids = var.security_group_ids public_ssh_key = var.ssh_key.ssh_public_key - instance_type = var.instance_type + instance_size = var.instance_size storage_details = var.storage_details vm_image = var.vm_image vm_image_id = var.vm_image_id diff --git a/modules/azurerm/agentless-gw/variables.tf b/modules/azurerm/agentless-gw/variables.tf index 89b7f2351..70f851262 100644 --- a/modules/azurerm/agentless-gw/variables.tf +++ b/modules/azurerm/agentless-gw/variables.tf @@ -101,10 +101,10 @@ variable "use_public_ip" { description = "Whether to use the DSF instance's public or private IP to connect to the instance" } -variable "instance_type" { +variable "instance_size" { type = string default = "Standard_E4as_v5" # 4 cores & 32GB ram - description = "Ec2 instance type for the Agentless Gateway" + description = "Instance size for the Agentless Gateway" } variable "storage_details" { @@ -255,7 +255,7 @@ variable "base_directory" { variable "cloud_init_timeout" { type = number - default = 900 + default = 1200 description = "Max time to wait for the machine to start" } diff --git a/modules/azurerm/dra-admin/README.md b/modules/azurerm/dra-admin/README.md new file mode 100644 index 000000000..de6983c10 --- /dev/null +++ b/modules/azurerm/dra-admin/README.md @@ -0,0 +1,86 @@ +# DSF DRA Admin +[![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) + +This Terraform module provisions a DSF DRA Admin instance on Azure as a Virtual Machine. + +## Requirements +* Terraform, refer to [versions.tf](versions.tf) for supported versions. +* An Azure account. +* DRA image or VHD located in an Azure Storage account. [Request access to vhd here](https://docs.google.com/forms/d/e/1FAIpQLSfCBUGHN04u2gK8IoxuHl4TLooBWUl7cK7ihS9Q5ZHwafNBHA/viewform).
+There is an option to provide details for either the image or the VHD. When supplying the VHD details, Terraform will use them to create the image and this image will be utilized to create the Virtual Machine. + +**NOTE:** In case you are not yet an Imperva customer, [please contact our team](https://www.imperva.com/contact-us/). + +## Resources Provisioned +This Terraform module provisions several resources on Azure. These resources include: +* A Virtual Machine instance for running the DSF Admin Server software. +* Security group rules to allow the required network access to and from the DSF Admin Server instance. +* An Azure Key Vault that hold the passwords. +* An Azure network interface. + +The Virtual Machine instance provide the computing resource needed to run the DSF Admin Server software. The security group rules controls the inbound and outbound traffic to the instance. The Vault is used for encrypting sensitive data (passwords). + +## Inputs + +The following input variables are **required**: + +* `resource_group`: Resource group to provision all the resources into +* `subnet_id`: The ID of the subnet in which to launch the DSF Admin Server instance in +* `ssh_public_key`: SSH public key to access the DSF Admin Server instance +* `image_vhd_details`: Image or VHD details to create the Virtual Machine from. There is an option to provide details for either the image or the VHD. When supplying the VHD details, Terraform will use them to create the image which will be utilized to create the Virtual Machine +* `admin_ssh_password`: Password to be used to SSH to the Admin Server instance +* `admin_registration_password`: Password to be used to register Analytics Server to Admin Server + +Refer to [variables.tf](variables.tf) for additional variables with default values and additional info. + +## Outputs + +Refer to [outputs](outputs.tf) or https://registry.terraform.io/modules/imperva/dsf-dra-admin/aws/latest?tab=outputs. + +## Usage + +To use this module, add the following to your Terraform configuration: + +``` +provider "azurerm" { + features {} +} + +module "dra_admin" { + source = "imperva/dsf-dra-admin/azurerm" + + resource_group = azurerm_resource_group.example.name + subnet_id = azurerm_subnet.example.id + ssh_public_key = var.ssh_public_key + + image_vhd_details = { + image = { + resource_group_name = var.image_details.resource_group_name + image_id = var.image_details.image_id + } + } + admin_ssh_password = var.admin_ssh_password + admin_registration_password = var.admin_registration_password + allowed_all_cidrs = var.allowed_all_cidrs +} +``` + +To see a complete example of how to use this module in a DSF deployment with other modules, check out the [examples](../../../examples/azure/) directory. + +We recommend using a specific version of the module (and not the latest). +See available released versions in the main repo README [here](https://github.com/imperva/dsfkit#version-history). + +Specify the module's version by adding the version parameter. For example: + +``` +module "dsf_dra_admin" { + source = "imperva/dsf-dra-admin/azurerm" + version = "x.y.z" +} +``` + +## Additional Information + +For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). + +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.3). \ No newline at end of file diff --git a/modules/azurerm/dra-admin/image.tf b/modules/azurerm/dra-admin/image.tf new file mode 100644 index 000000000..9b77b4c87 --- /dev/null +++ b/modules/azurerm/dra-admin/image.tf @@ -0,0 +1,28 @@ +locals { + # vm user + vm_default_user = "adminuser" + vm_user = var.vm_user != null ? var.vm_user : local.vm_default_user + + create_image_from_vhd = var.image_vhd_details.vhd != null ? true : false + use_existing_image = var.image_vhd_details.image != null ? true : false + + image_id = (local.use_existing_image ? + "${data.azurerm_subscription.subscription.id}/resourceGroups/${var.image_vhd_details.image.resource_group_name}/providers/Microsoft.Compute/images/${var.image_vhd_details.image.image_id}" : + "${azurerm_image.created_image[0].id}") +} + +resource "azurerm_image" "created_image" { + count = local.create_image_from_vhd ? 1 : 0 + + name = join("-", [var.name, "image"]) + location = var.resource_group.location + resource_group_name = var.resource_group.name + + os_disk { + os_type = "Linux" + caching = "ReadWrite" + os_state = "Generalized" + blob_uri = "https://${var.image_vhd_details.vhd.storage_account_name}.blob.core.windows.net/${var.image_vhd_details.vhd.container_name}/${var.image_vhd_details.vhd.path_to_vhd}" + } + tags = var.tags +} diff --git a/modules/azurerm/dra-admin/main.tf b/modules/azurerm/dra-admin/main.tf new file mode 100644 index 000000000..15e10ec2b --- /dev/null +++ b/modules/azurerm/dra-admin/main.tf @@ -0,0 +1,132 @@ +locals { + security_group_id = length(var.security_group_ids) == 0 ? azurerm_network_security_group.dsf_base_sg.id : var.security_group_ids[0] + + public_ip = azurerm_linux_virtual_machine.vm.public_ip_address + private_ip = azurerm_linux_virtual_machine.vm.private_ip_address + + install_script = templatefile("${path.module}/setup.tftpl", { + vault_name = azurerm_key_vault.vault.name + admin_registration_password_secret_name = azurerm_key_vault_secret.admin_analytics_registration_password.name + admin_ssh_password_secret_name = azurerm_key_vault_secret.ssh_password.name + }) + +# readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { +# admin_server_public_ip = try(local.public_ip, local.private_ip) +# }) +} + +resource "azurerm_network_interface" "nic" { + name = var.name + resource_group_name = var.resource_group.name + location = var.resource_group.location + + ip_configuration { + name = join("-", [var.name, "nic"]) + subnet_id = var.subnet_id + private_ip_address_allocation = "Dynamic" + public_ip_address_id = try(azurerm_public_ip.vm_public_ip[0].id, null) + } + tags = var.tags +} + +resource "azurerm_network_interface_security_group_association" "nic_sg_association" { + network_interface_id = azurerm_network_interface.nic.id + network_security_group_id = local.security_group_id +} + +resource "azurerm_public_ip" "vm_public_ip" { + count = var.attach_persistent_public_ip ? 1 : 0 + name = join("-", [var.name, "public", "ip"]) + resource_group_name = var.resource_group.name + location = var.resource_group.location + sku = "Standard" + allocation_method = "Static" + tags = var.tags +} + +resource "azurerm_linux_virtual_machine" "vm" { + name = var.name + resource_group_name = var.resource_group.name + location = var.resource_group.location + size = var.instance_size + admin_username = local.vm_user + + network_interface_ids = [ + azurerm_network_interface.nic.id + ] + + admin_ssh_key { + public_key = var.ssh_public_key + username = local.vm_user + } + + os_disk { + disk_size_gb = var.storage_details.disk_size + caching = var.storage_details.volume_caching + storage_account_type = var.storage_details.storage_account_type + } + + source_image_id = local.image_id + + identity { + type = "UserAssigned" + identity_ids = [ + azurerm_user_assigned_identity.user_assigned_identity.id + ] + } + custom_data = base64encode(local.install_script) + + # Ignore changes to the custom_data attribute (Don't replace on userdata change) + lifecycle { + ignore_changes = [ + custom_data + ] + } + + tags = var.tags +} + +resource "azurerm_user_assigned_identity" "user_assigned_identity" { + name = var.name + location = var.resource_group.location + resource_group_name = var.resource_group.name +} + +data "azurerm_subscription" "subscription" {} + +resource "azurerm_role_assignment" "vm_identity_role_assignment" { + scope = data.azurerm_subscription.subscription.id + principal_id = azurerm_user_assigned_identity.user_assigned_identity.principal_id + role_definition_name = "Storage Blob Data Reader" +} + +module "statistics" { + source = "../../../modules/azurerm/statistics" + count = var.send_usage_statistics ? 1 : 0 + + deployment_name = var.name + product = "DRA" + resource_type = "dra-admin" + artifact = local.image_id + location = var.resource_group.location +} + +#resource "null_resource" "readiness" { +# provisioner "local-exec" { +# command = local.readiness_script +# interpreter = ["/bin/bash", "-c"] +# } +# depends_on = [ +# azurerm_linux_virtual_machine.vm, +# module.statistics +# ] +#} +# +#module "statistics_success" { +# source = "../../../modules/azurerm/statistics" +# count = var.send_usage_statistics ? 1 : 0 +# +# id = module.statistics[0].id +# status = "success" +# depends_on = [null_resource.readiness] +#} \ No newline at end of file diff --git a/modules/azurerm/dra-admin/outputs.tf b/modules/azurerm/dra-admin/outputs.tf new file mode 100644 index 000000000..d9f509076 --- /dev/null +++ b/modules/azurerm/dra-admin/outputs.tf @@ -0,0 +1,28 @@ +output "public_ip" { + description = "Public elastic IP address of the DSF instance" + value = local.public_ip +} + +output "private_ip" { + description = "Private IP address of the DSF instance" + value = local.private_ip +} + + +output "ssh_password" { + value = var.admin_ssh_password +} + + +output "admin_image_id" { + value = local.image_id +} + +output "display_name" { + value = var.name +} + +output "ssh_user" { + value = "cbadmin" +} + diff --git a/modules/azurerm/dra-admin/secrets.tf b/modules/azurerm/dra-admin/secrets.tf new file mode 100644 index 000000000..4fdb9ad0c --- /dev/null +++ b/modules/azurerm/dra-admin/secrets.tf @@ -0,0 +1,57 @@ +data "azurerm_client_config" "current" {} + +resource "azurerm_key_vault" "vault" { + name = trim(substr(var.name, -24, -1), "-") + location = var.resource_group.location + resource_group_name = var.resource_group.name + sku_name = "standard" + tenant_id = data.azurerm_client_config.current.tenant_id + enabled_for_deployment = true + soft_delete_retention_days = 7 + purge_protection_enabled = false + tags = var.tags +} + +resource "azurerm_key_vault_access_policy" "vault_owner_access_policy" { + key_vault_id = azurerm_key_vault.vault.id + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = data.azurerm_client_config.current.object_id + secret_permissions = [ + "Delete", + "Get", + "Purge", + "Set", + ] +} + +resource "azurerm_key_vault_access_policy" "vault_vm_access_policy" { + key_vault_id = azurerm_key_vault.vault.id + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = azurerm_user_assigned_identity.user_assigned_identity.principal_id + + secret_permissions = [ + "Get", + ] +} + +resource "azurerm_key_vault_secret" "admin_analytics_registration_password" { + name = join("-", [var.name, "admin", "analytics", "registration", "password"]) + value = var.admin_registration_password + key_vault_id = azurerm_key_vault.vault.id + content_type = "DRA admin registration password" + tags = var.tags + depends_on = [ + azurerm_key_vault_access_policy.vault_owner_access_policy + ] +} + +resource "azurerm_key_vault_secret" "ssh_password" { + name = join("-", [var.name, "admin", "ssh", "password"]) + value = var.admin_ssh_password + key_vault_id = azurerm_key_vault.vault.id + content_type = "DRA Admin ssh password" + tags = var.tags + depends_on = [ + azurerm_key_vault_access_policy.vault_owner_access_policy + ] +} \ No newline at end of file diff --git a/modules/azurerm/dra-admin/setup.tftpl b/modules/azurerm/dra-admin/setup.tftpl new file mode 100644 index 000000000..349a001a5 --- /dev/null +++ b/modules/azurerm/dra-admin/setup.tftpl @@ -0,0 +1,45 @@ +#!/bin/bash +set -x +exec > >(tee /var/log/user-data.log|logger -t user-data ) 2>&1 +echo BEGIN + +function install-azure-cli(){ + rpm --import https://packages.microsoft.com/keys/microsoft.asc + dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm + dnf install -y https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm + dnf install azure-cli -y + az login --identity +} + +date '+%Y-%m-%d %H:%M:%S' +my_nameserver=$(ifconfig eth0 | grep "inet " | awk '{print $2}') +my_ip=$(ifconfig eth0 | grep "inet " | awk '{print $2}') +my_default_gw=$(ip route show | grep default | awk '{print $3}') +my_cidr=$(awk -F. '{ + split($0, octets) + for (i in octets) { + mask += 8 - log(2**8 - octets[i])/log(2); + } + print mask +}' <<< $(ifconfig eth0 | grep "inet " | awk '{print $4}')) + +sudo su +export ITP_HOME=/opt/itp +export CATALINA_HOME=/opt/apache-tomcat +chmod +x /opt/itp_global_conf/auto_deploy.sh +sed -i 's/^hosts:.*/hosts: files dns/' /etc/nsswitch.conf + +install-azure-cli + +admin_registration_password=$(az keyvault secret show --name ${admin_registration_password_secret_name} --vault-name ${vault_name} --query "value" --output tsv) +ssh_password=$(az keyvault secret show --name ${admin_ssh_password_secret_name} --vault-name ${vault_name} --query "value" --output tsv) + +/opt/itp_global_conf/auto_deploy.sh --hostname "$(hostname)" --ip-address "$my_ip" --dns-servers "$my_nameserver" --registration-password "$admin_registration_password" --cidr "$my_cidr" --default-gateway "$my_default_gw" --machine-type "Admin" + +echo $ssh_password | passwd --stdin cbadmin + +# Allow using this host as jump box +sed -i 's/.*AllowTcpForwarding.*/AllowTcpForwarding yes/g' /etc/ssh/sshd_config +systemctl restart sshd + +#/opt/itp_global_conf/auto_deploy_cloud.sh --hostname "$(hostname)" --dhcp 1 --ip-address "$my_ip" --dns-servers "$my_nameserver" --registration-password "$password" --cidr "$my_cidr" --default-gateway "$my_default_gw" --machine-type "Admin" diff --git a/modules/azurerm/dra-admin/sg.tf b/modules/azurerm/dra-admin/sg.tf new file mode 100644 index 000000000..0c9ec374d --- /dev/null +++ b/modules/azurerm/dra-admin/sg.tf @@ -0,0 +1,74 @@ +locals { + security_groups_config = [ # https://docs.imperva.com/bundle/v4.11-data-risk-analytics-installation-guide/page/63052.htm + { + name = ["web", "console"] + internet_access = false + udp = [] + tcp = [8443] + cidrs = concat(var.allowed_web_console_cidrs, var.allowed_all_cidrs) + }, + { + name = ["other"] + internet_access = true + udp = [] + tcp = [22] + cidrs = concat(var.allowed_ssh_cidrs, var.allowed_all_cidrs) + }, + { + name = ["dra", "analytics"] + internet_access = false + udp = [] + tcp = [61617, 8443, 8501] + cidrs = concat(var.allowed_analytics_cidrs, var.allowed_all_cidrs) + }, + { + name = ["hub"] + internet_access = false + udp = [] + tcp = [8443, 61617, 8501] + cidrs = concat(var.allowed_hub_cidrs, var.allowed_all_cidrs) + } + ] + + # Skip sg creation if external sg list is given + _security_groups_config = length(var.security_group_ids) == 0 ? local.security_groups_config : [] +} + +############################################################################## +### Ingress security group +############################################################################## + +resource "azurerm_network_security_group" "dsf_base_sg" { + name = var.name + location = var.resource_group.location + resource_group_name = var.resource_group.name + + dynamic "security_rule" { + for_each = { for idx, config in local._security_groups_config : idx => config if length(config.cidrs) > 0 } + content { + name = join("-", [var.name, "tcp", join("-", security_rule.value.name)]) + priority = 100 + security_rule.key + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_ranges = security_rule.value.tcp + # Azure doesn't allow overlapping cidr blocks in a single rule. that's what the code below fixes + source_address_prefixes = [for k, v in { for v in security_rule.value.cidrs : v => { + cidr = v, + min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) + max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) + } } : v.cidr if !anytrue([for i in { for v in security_rule.value.cidrs : v => { + cidr = v, + min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) + max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) + } } : v.max_ip_int <= i.max_ip_int && v.min_ip_int >= i.min_ip_int if v.cidr != i.cidr])] + destination_address_prefix = "*" + # The below setup is a workaround for "Provider produced inconsistent final plan" error + description = "" + destination_port_range = "" + source_address_prefix = "" + } + } + tags = var.tags +} \ No newline at end of file diff --git a/modules/azurerm/dra-admin/variables.tf b/modules/azurerm/dra-admin/variables.tf new file mode 100644 index 000000000..0d13bcb69 --- /dev/null +++ b/modules/azurerm/dra-admin/variables.tf @@ -0,0 +1,235 @@ +variable "name" { + type = string + default = "imperva-dsf-dra-admin" + description = "Friendly name to identify all resources" + validation { + condition = length(var.name) >= 3 + error_message = "Name must be at least 3 characters" + } + validation { + condition = can(regex("^\\p{L}.*", var.name)) + error_message = "Name must start with a letter" + } +} + +variable "tags" { + description = "A map of tags to add to all resources" + type = map(string) + default = {} +} + +variable "resource_group" { + type = object({ + name = string + location = string + }) + description = "Resource group details" +} + + +variable "instance_size" { + type = string + default = "Standard_E4as_v5" # 4 cores & 32GB ram + description = "VM instance size for the Admin Server" +} + +variable "ssh_public_key" { + type = string + description = "SSH public key to access machine" + nullable = false +} + +variable "image_vhd_details" { + type = object({ + image = optional(object({ + resource_group_name = string + image_id = string + })) + vhd = optional(object({ + path_to_vhd = string + storage_account_name = string + container_name = string + })) + }) + description = "Image or VHD details for the Admin Server" + default = null + + validation { + condition = try((var.image_vhd_details.image != null && var.image_vhd_details.vhd == null || (var.image_vhd_details.image == null && var.image_vhd_details.vhd != null)), false) + error_message = "Either one of 'image' or 'vhd' should be specified but not both." + } + validation { + condition = var.image_vhd_details.image == null || try(var.image_vhd_details.image.resource_group_name != null && var.image_vhd_details.image.image_id != null, false) + error_message = "Image value must either be null or specified for all" + } + validation { + condition = var.image_vhd_details.vhd == null || try(var.image_vhd_details.vhd.path_to_vhd != null && var.image_vhd_details.vhd.storage_account_name != null && var.image_vhd_details.vhd.container_name != null, false) + error_message = "VHD value must either be null or specified for all" + } +} + +variable "vm_user" { + type = string + default = "cbadmin" + description = "VM user to use for SSH. Keep empty to use the default user." +} + +variable "admin_registration_password" { + type = string + description = "Password to be used to register Analytics Server to Admin Server" + + validation { + condition = length(var.admin_registration_password) >= 7 + error_message = "Password must be at least 7 characters long" + } + + validation { + condition = can(regex("[A-Z]", var.admin_registration_password)) + error_message = "Password must contain at least one uppercase letter" + } + + validation { + condition = can(regex("[a-z]", var.admin_registration_password)) + error_message = "Password must contain at least one lowercase letter" + } + + validation { + condition = can(regex("\\d", var.admin_registration_password)) + error_message = "Password must contain at least one digit" + } + + validation { + condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.admin_registration_password)) + error_message = "Password must contain at least one of the following special characters: *+=#%^:/~.,[]_" + } +} + +variable "admin_ssh_password" { + type = string + description = "Password to be used to ssh to the Admin Server" + + validation { + condition = length(var.admin_ssh_password) >= 7 + error_message = "Password must be at least 7 characters long" + } + + validation { + condition = can(regex("[A-Z]", var.admin_ssh_password)) + error_message = "Password must contain at least one uppercase letter" + } + + validation { + condition = can(regex("[a-z]", var.admin_ssh_password)) + error_message = "Password must contain at least one lowercase letter" + } + + validation { + condition = can(regex("\\d", var.admin_ssh_password)) + error_message = "Password must contain at least one digit" + } + + validation { + condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.admin_ssh_password)) + error_message = "Password must contain at least one of the following special characters: *+=#%^:/~.,[]_" + } +} + +variable "subnet_id" { + type = string + description = "Subnet id for the Admin Server" + validation { + condition = can(regex(".*Microsoft.Network/virtualNetworks/.*/subnets/.*", var.subnet_id)) + error_message = "The variable must match the pattern 'Microsoft.Network/virtualNetworks//subnets/'" + } +} + +variable "security_group_ids" { + type = list(string) + description = "Security group Ids to attach to the instance. If provided, no security groups are created and all allowed_*_cidrs variables are ignored." + validation { + # validate if true + condition = length(var.security_group_ids) == 0 || length(var.security_group_ids) == 1 + error_message = "Can't contain more than a single element" + } + validation { + condition = alltrue([for item in var.security_group_ids : can(regex(".*Microsoft.Network/networkSecurityGroups/.*", item))]) + error_message = "One or more of the security group ids list is invalid. Each item should match the pattern '.*Microsoft.Network/networkSecurityGroups/" + } + default = [] +} + +variable "allowed_analytics_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing the Analytics Server to access the DSF Admin Server instance" + validation { + condition = alltrue([for item in var.allowed_analytics_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_ssh_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing ssh access" + validation { + condition = alltrue([for item in var.allowed_ssh_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_web_console_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing web console access" + validation { + condition = alltrue([for item in var.allowed_web_console_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_hub_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing hub access" + validation { + condition = alltrue([for item in var.allowed_hub_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_all_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing access to all relevant protocols (E.g vpc cidr range)" + validation { + condition = alltrue([for item in var.allowed_all_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "attach_persistent_public_ip" { + type = bool + default = true + description = "Create and attach an Elastic public IP for the instance. If false, a dynamic public IP is used. Relevant only if the DRA Admin is in a public subnet (ignored if in a private subnet). Currently, due to a DRA limitation, must only be true." +} + +variable "storage_details" { + type = object({ + disk_size = number + volume_caching = string + storage_account_type = string + }) + description = "Compute instance volume attributes for the Admin Server" + default = { + disk_size = 260 + volume_caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } +} + +variable "send_usage_statistics" { + type = bool + default = true + description = "Set to true to send usage statistics." +} diff --git a/modules/azurerm/dra-admin/versions.tf b/modules/azurerm/dra-admin/versions.tf new file mode 100644 index 000000000..2236d91ec --- /dev/null +++ b/modules/azurerm/dra-admin/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3.1, < 1.7.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = ">=3.0.0" + } + } +} diff --git a/modules/azurerm/dra-analytics/README.md b/modules/azurerm/dra-analytics/README.md new file mode 100644 index 000000000..546461145 --- /dev/null +++ b/modules/azurerm/dra-analytics/README.md @@ -0,0 +1,94 @@ +# DSF DRA Analytics +[![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) + +This Terraform module provisions a DSF DRA Analytics instance on Azure as a Virtual Machine. + +## Requirements +* Terraform, refer to [versions.tf](versions.tf) for supported versions. +* An Azure account. +* DRA image or VHD located in an Azure Storage account. [Request access to vhd here](https://docs.google.com/forms/d/e/1FAIpQLSfCBUGHN04u2gK8IoxuHl4TLooBWUl7cK7ihS9Q5ZHwafNBHA/viewform).
+ There is an option to provide details for either the image or the VHD. When supplying the VHD details, Terraform will use them to create the image and this image will be utilized to create the Virtual Machine. + +**NOTE:** In case you are not yet an Imperva customer, [please contact our team](https://www.imperva.com/contact-us/). + +## Resources Provisioned +This Terraform module provisions several resources on Azure. These resources include: +* A Virtual Machine instance for running the DSF Analytics Server software. +* Security group rules to allow the required network access to and from the DSF Analytics Server instance. +* An Azure Key Vault that hold the passwords. +* An Azure network interface. + +The Virtual Machine instance provide the computing resource needed to run the DSF Analytics Server software. The security group rules controls the inbound and outbound traffic to the instance. The Vault is used for encrypting sensitive data (passwords). + +## Inputs + +The following input variables are **required**: + +* `resource_group`: Resource group to provision all the resources into +* `subnet_id`: The ID of the subnet in which to launch the DSF Analytics Server instance in +* `ssh_public_key`: SSH public key to access the DSF Analytics Server instance +* `image_vhd_details`: Image or VHD details to create the Virtual Machine from. There is an option to provide details for either the image or the VHD. When supplying the VHD details, Terraform will use them to create the image which will be utilized to create the Virtual Machine +* `admin_registration_password`: Password to be used to register Analytics Server to Admin Server +* `analytics_ssh_password`: Password to be used to SSH to the Analytics Server instance +* `archiver_password`: Password to be used to upload archive files for the Analysis Server +* `admin_server_private_ip`: Private IP of the Admin Server (Used for registration) +* `admin_server_public_ip`: Public IP of the Admin Server (Used for verifying the Analytics Server is launched successfully) + +Refer to [variables.tf](variables.tf) for additional variables with default values and additional info. + +## Outputs + +Refer to [outputs](outputs.tf) or https://registry.terraform.io/modules/imperva/dsf-dra-analytics/aws/latest?tab=outputs. + +## Usage + +To use this module, add the following to your Terraform configuration: + +``` +provider "azurerm" { + features {} +} + +module "dra_analytics" { + source = "imperva/dsf-dra-analytics/azurerm" + + resource_group = azurerm_resource_group.example.name + subnet_id = azurerm_subnet.example.id + ssh_public_key = var.ssh_public_key + + image_vhd_details = { + image = { + resource_group_name = var.image_details.resource_group_name + image_id = var.image_details.image_id + } + } + admin_registration_password = var.admin_registration_password + analytics_ssh_password = var.analytics_ssh_password + archiver_password = var.archiver_password + + admin_server_public_ip = module.dra_admin.public_ip + admin_server_private_ip = module.dra_admin.private_ip + + allowed_all_cidrs = var.allowed_all_cidrs +} +``` + +To see a complete example of how to use this module in a DSF deployment with other modules, check out the [examples](../../../examples/azure/) directory. + +We recommend using a specific version of the module (and not the latest). +See available released versions in the main repo README [here](https://github.com/imperva/dsfkit#version-history). + +Specify the module's version by adding the version parameter. For example: + +``` +module "dsf_dra_analytics" { + source = "imperva/dsf-dra-analytics/azure" + version = "x.y.z" +} +``` + +## Additional Information + +For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). + +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.3). \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/image.tf b/modules/azurerm/dra-analytics/image.tf new file mode 100644 index 000000000..9b77b4c87 --- /dev/null +++ b/modules/azurerm/dra-analytics/image.tf @@ -0,0 +1,28 @@ +locals { + # vm user + vm_default_user = "adminuser" + vm_user = var.vm_user != null ? var.vm_user : local.vm_default_user + + create_image_from_vhd = var.image_vhd_details.vhd != null ? true : false + use_existing_image = var.image_vhd_details.image != null ? true : false + + image_id = (local.use_existing_image ? + "${data.azurerm_subscription.subscription.id}/resourceGroups/${var.image_vhd_details.image.resource_group_name}/providers/Microsoft.Compute/images/${var.image_vhd_details.image.image_id}" : + "${azurerm_image.created_image[0].id}") +} + +resource "azurerm_image" "created_image" { + count = local.create_image_from_vhd ? 1 : 0 + + name = join("-", [var.name, "image"]) + location = var.resource_group.location + resource_group_name = var.resource_group.name + + os_disk { + os_type = "Linux" + caching = "ReadWrite" + os_state = "Generalized" + blob_uri = "https://${var.image_vhd_details.vhd.storage_account_name}.blob.core.windows.net/${var.image_vhd_details.vhd.container_name}/${var.image_vhd_details.vhd.path_to_vhd}" + } + tags = var.tags +} diff --git a/modules/azurerm/dra-analytics/main.tf b/modules/azurerm/dra-analytics/main.tf new file mode 100644 index 000000000..8cedaf8df --- /dev/null +++ b/modules/azurerm/dra-analytics/main.tf @@ -0,0 +1,127 @@ +locals { + security_group_id = length(var.security_group_ids) == 0 ? azurerm_network_security_group.dsf_base_sg.id : var.security_group_ids[0] + + incoming_folder_path = "/opt/itpba/incoming" + + public_ip = azurerm_linux_virtual_machine.vm.public_ip_address + private_ip = azurerm_linux_virtual_machine.vm.private_ip_address + + install_script = templatefile("${path.module}/setup.tftpl", { + vault_name = azurerm_key_vault.vault.name + analytics_archiver_password_name = azurerm_key_vault_secret.analytics_archiver_password.name + admin_analytics_registration_password_name = azurerm_key_vault_secret.admin_analytics_registration_password.name + analytics_ssh_password_secret_name = azurerm_key_vault_secret.ssh_password.name + archiver_user = var.archiver_user + archiver_password = var.archiver_password + admin_server_private_ip = var.admin_server_private_ip + }) + + readiness_script = templatefile("${path.module}/waiter.tftpl", { + admin_server_public_ip = var.admin_server_public_ip + }) +} + +resource "azurerm_network_interface" "nic" { + name = var.name + resource_group_name = var.resource_group.name + location = var.resource_group.location + + ip_configuration { + name = join("-", [var.name, "nic"]) + subnet_id = var.subnet_id + private_ip_address_allocation = "Dynamic" + } + tags = var.tags +} + +resource "azurerm_network_interface_security_group_association" "nic_sg_association" { + network_interface_id = azurerm_network_interface.nic.id + network_security_group_id = local.security_group_id +} + +resource "azurerm_linux_virtual_machine" "vm" { + name = var.name + resource_group_name = var.resource_group.name + location = var.resource_group.location + size = var.instance_size + admin_username = local.vm_user + + network_interface_ids = [ + azurerm_network_interface.nic.id + ] + + admin_ssh_key { + public_key = var.ssh_public_key + username = local.vm_user + } + + os_disk { + disk_size_gb = var.storage_details.disk_size + caching = var.storage_details.volume_caching + storage_account_type = var.storage_details.storage_account_type + } + + source_image_id = local.image_id + + identity { + type = "UserAssigned" + identity_ids = [ + azurerm_user_assigned_identity.user_assigned_identity.id + ] + } + custom_data = base64encode(local.install_script) + + # Ignore changes to the custom_data attribute (Don't replace on userdata change) + lifecycle { + ignore_changes = [ + custom_data + ] + } + + tags = var.tags +} + +resource "azurerm_user_assigned_identity" "user_assigned_identity" { + name = var.name + location = var.resource_group.location + resource_group_name = var.resource_group.name +} + +data "azurerm_subscription" "subscription" {} + +resource "azurerm_role_assignment" "vm_identity_role_assignment" { + scope = data.azurerm_subscription.subscription.id + principal_id = azurerm_user_assigned_identity.user_assigned_identity.principal_id + role_definition_name = "Storage Blob Data Reader" +} + +module "statistics" { + source = "../../../modules/azurerm/statistics" + count = var.send_usage_statistics ? 1 : 0 + + deployment_name = var.name + product = "DRA" + resource_type = "dra-analytics" + artifact = local.image_id + location = var.resource_group.location +} + +resource "null_resource" "readiness" { + provisioner "local-exec" { + command = local.readiness_script + interpreter = ["/bin/bash", "-c"] + } + depends_on = [ + azurerm_linux_virtual_machine.vm, + module.statistics + ] +} + +module "statistics_success" { + source = "../../../modules/azurerm/statistics" + count = var.send_usage_statistics ? 1 : 0 + + id = module.statistics[0].id + status = "success" + depends_on = [null_resource.readiness] +} diff --git a/modules/azurerm/dra-analytics/outputs.tf b/modules/azurerm/dra-analytics/outputs.tf new file mode 100644 index 000000000..1445681a8 --- /dev/null +++ b/modules/azurerm/dra-analytics/outputs.tf @@ -0,0 +1,33 @@ +output "public_ip" { + description = "Public elastic IP address of the DSF base instance" + value = local.public_ip + depends_on = [ + azurerm_network_interface_security_group_association.nic_sg_association, + azurerm_role_assignment.vm_identity_role_assignment + ] +} + +output "private_ip" { + description = "Private IP address of the DSF base instance" + value = local.private_ip + depends_on = [ + azurerm_network_interface_security_group_association.nic_sg_association, + azurerm_role_assignment.vm_identity_role_assignment + ] +} + +output "archiver_user" { + value = var.archiver_user +} + +output "archiver_password" { + value = var.archiver_password +} + +output "incoming_folder_path" { + value = local.incoming_folder_path +} + +output "ssh_user" { + value = "cbadmin" +} diff --git a/modules/azurerm/dra-analytics/secrets.tf b/modules/azurerm/dra-analytics/secrets.tf new file mode 100644 index 000000000..5b61f128c --- /dev/null +++ b/modules/azurerm/dra-analytics/secrets.tf @@ -0,0 +1,68 @@ +data "azurerm_client_config" "current" {} + +resource "azurerm_key_vault" "vault" { + name = trim(substr(var.name, -24, -1), "-") + location = var.resource_group.location + resource_group_name = var.resource_group.name + sku_name = "standard" + tenant_id = data.azurerm_client_config.current.tenant_id + enabled_for_deployment = true + soft_delete_retention_days = 7 + purge_protection_enabled = false + tags = var.tags +} + +resource "azurerm_key_vault_access_policy" "vault_vm_access_policy" { + key_vault_id = azurerm_key_vault.vault.id + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = azurerm_user_assigned_identity.user_assigned_identity.principal_id + + secret_permissions = [ + "Get", + ] +} + +resource "azurerm_key_vault_access_policy" "vault_owner_access_policy" { + key_vault_id = azurerm_key_vault.vault.id + tenant_id = data.azurerm_client_config.current.tenant_id + object_id = data.azurerm_client_config.current.object_id + secret_permissions = [ + "Delete", + "Get", + "Purge", + "Set", + ] +} + +resource "azurerm_key_vault_secret" "analytics_archiver_password" { + name = join("-", [var.name, "analytics", "archiver", "password"]) + value = var.archiver_password + key_vault_id = azurerm_key_vault.vault.id + content_type = "DRA Analytics archiver password" + tags = var.tags + depends_on = [ + azurerm_key_vault_access_policy.vault_owner_access_policy + ] +} + +resource "azurerm_key_vault_secret" "admin_analytics_registration_password" { + name = join("-", [var.name, "admin", "analytics", "registration", "password"]) + value = var.admin_registration_password + key_vault_id = azurerm_key_vault.vault.id + content_type = "DRA admin registration password" + tags = var.tags + depends_on = [ + azurerm_key_vault_access_policy.vault_owner_access_policy + ] +} + +resource "azurerm_key_vault_secret" "ssh_password" { + name = join("-", [var.name, "analytics", "ssh", "password"]) + value = var.analytics_ssh_password + key_vault_id = azurerm_key_vault.vault.id + content_type = "DRA Analytics ssh password" + tags = var.tags + depends_on = [ + azurerm_key_vault_access_policy.vault_owner_access_policy + ] +} \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/setup.tftpl b/modules/azurerm/dra-analytics/setup.tftpl new file mode 100644 index 000000000..4613c909b --- /dev/null +++ b/modules/azurerm/dra-analytics/setup.tftpl @@ -0,0 +1,53 @@ +#!/bin/bash +set -x +exec > >(tee /var/log/user-data.log|logger -t user-data ) 2>&1 +echo BEGIN + +function wait-for-admin(){ + while ! nc -z ${admin_server_private_ip} 8443; do + sleep 0.1 + done +} + +function install-azure-cli(){ + rpm --import https://packages.microsoft.com/keys/microsoft.asc + dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm + dnf install -y https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm + dnf install azure-cli -y + az login --identity +} + +date '+%Y-%m-%d %H:%M:%S' +my_nameserver=$(ifconfig eth0 | grep "inet " | awk '{print $2}') +my_ip=$(ifconfig eth0 | grep "inet " | awk '{print $2}') +my_default_gw=$(ip route show | grep default | awk '{print $3}') +my_cidr=$(awk -F. '{ + split($0, octets) + for (i in octets) { + mask += 8 - log(2**8 - octets[i])/log(2); + } + print mask +}' <<< $(ifconfig eth0 | grep "inet " | awk '{print $4}')) +sudo su +export ITP_HOME=/opt/itp +export ITPBA_HOME=/opt/itpba +export CATALINA_HOME=/opt/apache-tomcat +chmod +x /opt/itp_global_conf/auto_deploy.sh +wait-for-admin +sed -i 's/^hosts:.*/hosts: files dns/' /etc/nsswitch.conf + +install-azure-cli + +archiver_password=$(az keyvault secret show --name ${analytics_archiver_password_name} --vault-name ${vault_name} --query "value" --output tsv) +admin_registration_password=$(az keyvault secret show --name ${admin_analytics_registration_password_name} --vault-name ${vault_name} --query "value" --output tsv) +ssh_password=$(az keyvault secret show --name ${analytics_ssh_password_secret_name} --vault-name ${vault_name} --query "value" --output tsv) + +/opt/itp_global_conf/auto_deploy.sh --hostname "$(hostname)" --ip-address "$my_ip" --dns-servers "$my_nameserver" --registration-password "$admin_registration_password" --cidr "$my_cidr" --default-gateway "$my_default_gw" --machine-type "Analytics" --analytics-user "${archiver_user}" --analytics-password "$archiver_password" --admin-server-ip "${admin_server_private_ip}" + +# Allow using ssh to the Analytics server with username and password as a WA, because currently there is an issue with exchanging the keys from the hub to the Analytics server +sed -i 's/.*PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config +systemctl restart sshd + +echo $ssh_password | passwd --stdin cbadmin + +#/opt/itp_global_conf/auto_deploy_cloud.sh --hostname "$(hostname)" --dhcp 1 --ip-address "$my_ip" --dns-servers "$my_nameserver" --registration-password "$admin_registration_password" --cidr "$my_cidr" --default-gateway "$my_default_gw" --machine-type "Analytics" --analytics-user "${archiver_user}" --analytics-password "$archiver_password" --admin-server-ip "${admin_server_private_ip}" diff --git a/modules/azurerm/dra-analytics/sg.tf b/modules/azurerm/dra-analytics/sg.tf new file mode 100644 index 000000000..6635f8547 --- /dev/null +++ b/modules/azurerm/dra-analytics/sg.tf @@ -0,0 +1,74 @@ +locals { + security_groups_config = [ # https://docs.imperva.com/bundle/v4.11-data-risk-analytics-installation-guide/page/63052.htm + { + name = ["dra", "admin"] + internet_access = false + udp = [] + tcp = [8443] + cidrs = concat(var.allowed_admin_cidrs, var.allowed_all_cidrs) + }, + { + name = ["other"] + internet_access = true + udp = [] + tcp = [22] + cidrs = concat(var.allowed_ssh_cidrs, var.allowed_all_cidrs) + }, + { + name = ["agent", "gateway"] + internet_access = false + udp = [] + tcp = [22] + cidrs = concat(var.allowed_agent_gateways_cidrs, var.allowed_all_cidrs) + }, + { + name = ["hub"] + internet_access = false + udp = [] + tcp = [22] + cidrs = concat(var.allowed_hub_cidrs, var.allowed_all_cidrs) + } + ] + + # Skip sg creation if external sg list is given + _security_groups_config = length(var.security_group_ids) == 0 ? local.security_groups_config : [] +} + +############################################################################## +### Ingress security group +############################################################################## + +resource "azurerm_network_security_group" "dsf_base_sg" { + name = var.name + location = var.resource_group.location + resource_group_name = var.resource_group.name + + dynamic "security_rule" { + for_each = { for idx, config in local._security_groups_config : idx => config if length(config.cidrs) > 0 } + content { + name = join("-", [var.name, "tcp", join("-", security_rule.value.name)]) + priority = 100 + security_rule.key + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_ranges = security_rule.value.tcp + # Azure doesn't allow overlapping cidr blocks in a single rule. that's what the code below fixes + source_address_prefixes = [for k, v in { for v in security_rule.value.cidrs : v => { + cidr = v, + min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) + max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) + } } : v.cidr if !anytrue([for i in { for v in security_rule.value.cidrs : v => { + cidr = v, + min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) + max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) + } } : v.max_ip_int <= i.max_ip_int && v.min_ip_int >= i.min_ip_int if v.cidr != i.cidr])] + destination_address_prefix = "*" + # The below setup is a workaround for "Provider produced inconsistent final plan" error + description = "" + destination_port_range = "" + source_address_prefix = "" + } + } + tags = var.tags +} \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/variables.tf b/modules/azurerm/dra-analytics/variables.tf new file mode 100644 index 000000000..99c3556e6 --- /dev/null +++ b/modules/azurerm/dra-analytics/variables.tf @@ -0,0 +1,248 @@ +variable "name" { + type = string + default = "imperva-dsf-dra-analytics" + description = "Friendly name to identify all resources" + validation { + condition = length(var.name) >= 3 + error_message = "Name must be at least 3 characters" + } + validation { + condition = can(regex("^\\p{L}.*", var.name)) + error_message = "Name must start with a letter" + } +} + +variable "tags" { + description = "A map of tags to add to all resources" + type = map(string) + default = {} +} + +variable "resource_group" { + type = object({ + name = string + location = string + }) + description = "Resource group details" +} + +variable "subnet_id" { + type = string + description = "Subnet id for the Analytics Server" + validation { + condition = can(regex(".*Microsoft.Network/virtualNetworks/.*/subnets/.*", var.subnet_id)) + error_message = "The variable must match the pattern 'Microsoft.Network/virtualNetworks//subnets/'" + } +} + +variable "instance_size" { + type = string + default = "Standard_E4as_v5" # 4 cores & 32GB ram + description = "VM instance size for the Analytics Server" +} + +variable "storage_details" { + type = object({ + disk_size = number + volume_caching = string + storage_account_type = string + }) + description = "Compute instance volume attributes for the Analytics Server" + default = { + disk_size = 1010 + volume_caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } +} + +variable "ssh_public_key" { + type = string + description = "SSH public key to access machine" + nullable = false +} + +variable "image_vhd_details" { + type = object({ + image = optional(object({ + resource_group_name = string + image_id = string + })) + vhd = optional(object({ + path_to_vhd = string + storage_account_name = string + container_name = string + })) + }) + description = "Image or VHD details for the Admin Server" + default = null + + validation { + condition = try((var.image_vhd_details.image != null && var.image_vhd_details.vhd == null || (var.image_vhd_details.image == null && var.image_vhd_details.vhd != null)), false) + error_message = "Either one of 'image' or 'vhd' should be specified but not both." + } + validation { + condition = var.image_vhd_details.image == null || try(var.image_vhd_details.image.resource_group_name != null && var.image_vhd_details.image.image_id != null, false) + error_message = "Image value must either be null or specified for all" + } + validation { + condition = var.image_vhd_details.vhd == null || try(var.image_vhd_details.vhd.path_to_vhd != null && var.image_vhd_details.vhd.storage_account_name != null && var.image_vhd_details.vhd.container_name != null, false) + error_message = "VHD value must either be null or specified for all" + } +} + +variable "vm_user" { + type = string + default = "cbadmin" + description = "VM user to use for SSH. Keep empty to use the default user." +} + +variable "admin_registration_password" { + type = string + description = "Password to be used to register Analytics Server to Admin Server" + + validation { + condition = length(var.admin_registration_password) >= 7 + error_message = "Password must be at least 7 characters long" + } + + validation { + condition = can(regex("[A-Z]", var.admin_registration_password)) + error_message = "Password must contain at least one uppercase letter" + } + + validation { + condition = can(regex("[a-z]", var.admin_registration_password)) + error_message = "Password must contain at least one lowercase letter" + } + + validation { + condition = can(regex("\\d", var.admin_registration_password)) + error_message = "Password must contain at least one digit" + } + + validation { + condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.admin_registration_password)) + error_message = "Password must contain at least one of the following special characters: *+=#%^:/~.,[]_" + } +} + +variable "analytics_ssh_password" { + type = string + description = "Password to be used to ssh to the Analytics server" + + validation { + condition = length(var.analytics_ssh_password) >= 7 + error_message = "Password must be at least 7 characters long" + } + + validation { + condition = can(regex("[A-Z]", var.analytics_ssh_password)) + error_message = "Password must contain at least one uppercase letter" + } + + validation { + condition = can(regex("[a-z]", var.analytics_ssh_password)) + error_message = "Password must contain at least one lowercase letter" + } + + validation { + condition = can(regex("\\d", var.analytics_ssh_password)) + error_message = "Password must contain at least one digit" + } + + validation { + condition = can(regex("[*+=#%^:/~.,\\[\\]_]", var.analytics_ssh_password)) + error_message = "Password must contain at least one of the following special characters: *+=#%^:/~.,[]_" + } +} + +variable "archiver_user" { + type = string + default = "archiver-user" + description = "User to be used to upload archive files for the Analytics server" +} + +variable "archiver_password" { + type = string + description = "Password to be used to upload archive files for analysis" +} + +variable "admin_server_private_ip" { + type = string + description = "Private IP of the Admin Server" +} + +variable "admin_server_public_ip" { + type = string + description = "Public IP of the Admin Server" +} + +variable "security_group_ids" { + type = list(string) + description = "Security group Ids to attach to the instance. If provided, no security groups are created and all allowed_*_cidrs variables are ignored." + validation { + condition = length(var.security_group_ids) == 0 || length(var.security_group_ids) == 1 + error_message = "Can't contain more than a single element" + } + validation { + condition = alltrue([for item in var.security_group_ids : can(regex(".*Microsoft.Network/networkSecurityGroups/.*", item))]) + error_message = "One or more of the security group ids list is invalid. Each item should match the pattern '.*Microsoft.Network/networkSecurityGroups/" + } + default = [] +} + +variable "allowed_admin_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing the Analytics Server to access the DSF Admin Server instance" + validation { + condition = alltrue([for item in var.allowed_admin_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_hub_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing hub access" + validation { + condition = alltrue([for item in var.allowed_hub_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_ssh_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing ssh access" + validation { + condition = alltrue([for item in var.allowed_ssh_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_agent_gateways_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing agent gateway access for legacy deployment" + validation { + condition = alltrue([for item in var.allowed_agent_gateways_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "allowed_all_cidrs" { + type = list(string) + description = "List of ingress CIDR patterns allowing access to all relevant protocols (E.g vpc cidr range)" + validation { + condition = alltrue([for item in var.allowed_all_cidrs : can(cidrnetmask(item))]) + error_message = "Each item of this list must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } + default = [] +} + +variable "send_usage_statistics" { + type = bool + default = true + description = "Set to true to send usage statistics." +} diff --git a/modules/azurerm/dra-analytics/versions.tf b/modules/azurerm/dra-analytics/versions.tf new file mode 100644 index 000000000..2236d91ec --- /dev/null +++ b/modules/azurerm/dra-analytics/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3.1, < 1.7.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = ">=3.0.0" + } + } +} diff --git a/modules/azurerm/dra-analytics/waiter.tftpl b/modules/azurerm/dra-analytics/waiter.tftpl new file mode 100644 index 000000000..339221dc0 --- /dev/null +++ b/modules/azurerm/dra-analytics/waiter.tftpl @@ -0,0 +1,8 @@ + while true; do + response=$(curl -k -s -o /dev/null -w "%%{http_code}" --request GET 'https://${admin_server_public_ip}:8443/mvc/login') + if [ $response -eq 200 ]; then + exit 0 + else + sleep 60 + fi + done \ No newline at end of file diff --git a/modules/azurerm/hub/dra_association.tf b/modules/azurerm/hub/dra_association.tf new file mode 100644 index 000000000..756f1f062 --- /dev/null +++ b/modules/azurerm/hub/dra_association.tf @@ -0,0 +1,37 @@ +locals { + # we are using one password for all services and we have one DRA only + admin_password = var.dra_details == null ? "" : urlencode(var.dra_details.password) + archiver_username = var.dra_details == null ? "" : var.dra_details.archiver_username + archiver_password = var.dra_details == null ? "" : urlencode(var.dra_details.archiver_password) + admin_address = var.dra_details == null ? "" : var.dra_details.address + dra_association_commands = var.dra_details == null ? "" : <<-EOF + curl -k --max-time 10000 -X POST -G 'https://127.0.0.1:8443/register-to-dra' -d adminIpOrHostname=${local.admin_address} -d adminRegistrationPassword=${local.admin_password} -d adminReportingServer=true -d analyticsArchiveUsername=${local.archiver_username} -d analyticsArchivePassword=${local.archiver_password} -d resumeDraJobs=true --header "Authorization: Bearer ${module.hub_instance.access_tokens["archiver"].token}" + EOF +} + +resource "null_resource" "dra_association" { + count = var.dra_details != null ? 1 : 0 + + connection { + type = "ssh" + user = module.hub_instance.ssh_user + private_key = file(var.ssh_key.ssh_private_key_file_path) + host = var.use_public_ip ? module.hub_instance.public_ip : module.hub_instance.private_ip + + bastion_host = local.bastion_host + bastion_private_key = local.bastion_private_key + bastion_user = local.bastion_user + + script_path = local.script_path + } + + provisioner "remote-exec" { + inline = concat([local.dra_association_commands]) + } + depends_on = [ + module.hub_instance.ready + ] + triggers = { + key = local.dra_association_commands + } +} diff --git a/modules/azurerm/hub/main.tf b/modules/azurerm/hub/main.tf index adc61a687..57eb98284 100644 --- a/modules/azurerm/hub/main.tf +++ b/modules/azurerm/hub/main.tf @@ -45,7 +45,7 @@ module "hub_instance" { name = var.friendly_name subnet_id = var.subnet_id public_ssh_key = var.ssh_key.ssh_public_key - instance_type = var.instance_type + instance_size = var.instance_size storage_details = var.storage_details vm_image = var.vm_image vm_image_id = var.vm_image_id diff --git a/modules/azurerm/hub/variables.tf b/modules/azurerm/hub/variables.tf index 12fac5209..9b8201b45 100644 --- a/modules/azurerm/hub/variables.tf +++ b/modules/azurerm/hub/variables.tf @@ -109,10 +109,10 @@ variable "allowed_all_cidrs" { default = [] } -variable "instance_type" { +variable "instance_size" { type = string default = "Standard_E8_v5" # 8 cores & 64GB ram - description = "instance type for the DSF hub" + description = "instance size for the DSF hub" } variable "storage_details" { @@ -296,9 +296,29 @@ variable "base_directory" { description = "The base directory where all Sonar related directories will be installed" } +variable "dra_details" { + description = "List of the DSF DRA to onboard to Sonar Hub" + type = object({ + name = string + address = string + password = string + archiver_username = string + archiver_password = string + }) + validation { + condition = (var.dra_details == null || (can(var.dra_details.name) && can(var.dra_details.address))) + error_message = "Each DRA Admin must specify name and address" + } + validation { + condition = (var.dra_details == null || (can(var.dra_details.password)) && can(var.dra_details.archiver_username) && can(var.dra_details.archiver_password)) + error_message = "Each DRA Admin must specify admin password, archiver username and archiver password" + } + default = null +} + variable "cloud_init_timeout" { type = number - default = 900 + default = 1200 description = "Max time to wait for the machine to start" } diff --git a/modules/azurerm/mx/configuration.tf b/modules/azurerm/mx/configuration.tf index fb88285b3..85cf275d8 100644 --- a/modules/azurerm/mx/configuration.tf +++ b/modules/azurerm/mx/configuration.tf @@ -3,6 +3,7 @@ locals { configuration_elements = concat( local.service_group_configuration, + local.dra_configuration, local.hub_configuration ) commands = <<-EOF diff --git a/modules/azurerm/mx/dra.tf b/modules/azurerm/mx/dra.tf new file mode 100644 index 000000000..e5ab7459a --- /dev/null +++ b/modules/azurerm/mx/dra.tf @@ -0,0 +1,76 @@ +locals { + dra_action_set = "Send to DRA Behavior Analytics" + # todo - currently it is not working because there is a bug in the mx + dra_all_events_audit_policy = "CounterBreach for Database - All Events" + dra_all_logins_audit_policy = "CounterBreach for Database - Logins Logouts" + + dra_configuration = var.dra_details == null ? [] : [ + { + name = "send_to_dra_action_set" + method = "POST" + url_path = "SecureSphere/api/v1/conf/actionSets/${local.dra_action_set}" + payload = jsonencode({ "type" : "archiving" }) + }, + { + name = "send_to_dra_action_set_action" + method = "POST" + url_path = "SecureSphere/api/v1/conf/actionSets/${local.dra_action_set}/scp" + payload = jsonencode({ + "type" : "ScpArchive", + "host" : try(var.dra_details.address, null), + "port" : try(var.dra_details.port, null), + "password" : try(var.dra_details.password, null), + "username" : try(var.dra_details.username, null), + "remoteDirectory" : try(var.dra_details.remoteDirectory, null), + "useAuthenticationKey" : false, + "authenticationKeyPath" : " ", + "authenticationKeyPassphrase" : " " + } + ) + }, + { + name = "dra_all_events_audit_policy" + method = "PUT" + url_path = "SecureSphere/api/v1/conf/auditPolicies/${local.dra_all_events_audit_policy}" + payload = jsonencode({ + "counterbreach-policy-enabled" : true, + "archiving-action-set" : local.dra_action_set, + "archiving-settings" : "Default Archiving Settings" + "archive-scheduling" : { + "occurs" : "recurring", + "recurring" : { + "frequency" : "daily", + "daily" : { + "every-number-of-days" : 1 + }, + "starting-from" : formatdate("YYYY-MM-DD", timestamp()), + "at-time" : "03:00:00" + } + } + } + ) + }, + { + name = "dra_all_logins_audit_policy" + method = "PUT" + url_path = "SecureSphere/SecureSphere/api/v1/conf/auditPolicies/${local.dra_all_logins_audit_policy}" + payload = jsonencode({ + "counterbreach-policy-enabled" : true, + "archiving-action-set" : local.dra_action_set, + "archiving-settings" : "Default Archiving Settings" + "archive-scheduling" : { + "occurs" : "recurring", + "recurring" : { + "frequency" : "daily", + "daily" : { + "every-number-of-days" : 1 + }, + "starting-from" : formatdate("YYYY-MM-DD", timestamp()), + "at-time" : "02:30:00" + } + } + } + ) + } + ] +} \ No newline at end of file diff --git a/modules/azurerm/mx/variables.tf b/modules/azurerm/mx/variables.tf index 48ffcca32..d6f9a7d35 100644 --- a/modules/azurerm/mx/variables.tf +++ b/modules/azurerm/mx/variables.tf @@ -211,6 +211,18 @@ variable "create_server_group" { default = false } +variable "dra_details" { + description = "Details of the DRA for sending audit logs in the legacy format. More info in https://docs.imperva.com/bundle/v4.14-data-risk-analytics-installation-guide/page/60553.htm" + type = object({ + address = string + port = number + username = string + password = string + remoteDirectory = string + }) + default = null +} + variable "hub_details" { description = "Details of the DSF hub for sending audit logs" type = object({ diff --git a/modules/azurerm/sonar-base-instance/main.tf b/modules/azurerm/sonar-base-instance/main.tf index ffef11387..bb6e884f7 100644 --- a/modules/azurerm/sonar-base-instance/main.tf +++ b/modules/azurerm/sonar-base-instance/main.tf @@ -44,7 +44,7 @@ resource "azurerm_linux_virtual_machine" "dsf_base_instance" { name = var.name resource_group_name = var.resource_group.name location = var.resource_group.location - size = var.instance_type + size = var.instance_size admin_username = local.vm_user custom_data = base64encode(local.install_script) diff --git a/modules/azurerm/sonar-base-instance/variables.tf b/modules/azurerm/sonar-base-instance/variables.tf index d9d307bab..862d55b1d 100644 --- a/modules/azurerm/sonar-base-instance/variables.tf +++ b/modules/azurerm/sonar-base-instance/variables.tf @@ -105,9 +105,9 @@ variable "vm_user" { description = "VM user to use for SSH. Keep empty to use the default user." } -variable "instance_type" { +variable "instance_size" { type = string - description = "vm type for the DSF base instance" + description = "VM size for the DSF base instance" } variable "password" { diff --git a/permissions_samples/azure/GeneralRequiredPermissions.txt b/permissions_samples/azure/GeneralRequiredPermissions.txt index 3e5ff1292..08f63481c 100644 --- a/permissions_samples/azure/GeneralRequiredPermissions.txt +++ b/permissions_samples/azure/GeneralRequiredPermissions.txt @@ -52,7 +52,10 @@ "Microsoft.Authorization/roleAssignments/delete", "Microsoft.Compute/virtualMachines/extensions/read", "Microsoft.Compute/virtualMachines/extensions/write", - "Microsoft.Compute/virtualMachines/extensions/delete" + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/images/read", + "Microsoft.Compute/images/write", + "Microsoft.Compute/images/delete" ], "notActions": [], "dataActions": [], From 529e67fee8088a45f5898b2c5214969db8f7edd8 Mon Sep 17 00:00:00 2001 From: Sivan Hajbi <117824107+sivan-hajbi-imperva@users.noreply.github.com> Date: Tue, 23 Jan 2024 12:07:58 +0200 Subject: [PATCH 11/32] update readme [skip actions] (#358) --- README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 486776a2a..3ba6d823f 100644 --- a/README.md +++ b/README.md @@ -143,11 +143,17 @@ Latest Supported Terraform Version: 1.5.x. Using a higher version may result in - Request access to DSF installation software on AWS - Request Form + Request access to DSF installation software on AWS Grants access for a specific AWS account to the DSF installation software. + + Request access to DSF installation software on Azure + + Copies DSF installation to Azure storage account and configures programmatic deployment for Azure images. + + #### Version History @@ -454,10 +460,7 @@ Before using eDSF Kit to deploy DSF, it is necessary to satisfy a set of prerequ 1. [Establish an Azure App Registration](https://learn.microsoft.com/en-us/azure/healthcare-apis/register-application) and [assign it a custom role](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal?tabs=delegate-condition) (without role assignment conditions) under the associated subscription, ensuring the custom role includes the required IAM permissions (see [IAM Permissions for Running eDSF Kit section](#iam-permissions-for-azure)). -2. Configure programmatic deployment for the desired version of Imperva DAM by [enabling it on the relevant DAM image from the Azure Marketplace](https://portal.azure.com/#view/Microsoft_Azure_Marketplace/LegalTermsSkuProgrammaticAccessBlade/legalTermsSkuProgrammaticAccessData~/%7B%22product%22%3A%7B%22publisherId%22%3A%22imperva%22%2C%22offerId%22%3A%22imperva-dam-v14%22%2C%22planId%22%3A%22securesphere-imperva-dam-14%22%2C%22standardContractAmendmentsRevisionId%22%3Anull%2C%22isCspEnabled%22%3Atrue%7D%7D). For DAM LTS version, use [DAM LTS Azure Marketplace image](https://portal.azure.com/#view/Microsoft_Azure_Marketplace/LegalTermsSkuProgrammaticAccessBlade/legalTermsSkuProgrammaticAccessData~/%7B%22product%22%3A%7B%22publisherId%22%3A%22imperva%22%2C%22offerId%22%3A%22imperva-dam-v14-lts%22%2C%22planId%22%3A%22securesphere-imperva-dam-14%22%2C%22standardContractAmendmentsRevisionId%22%3Anull%2C%22isCspEnabled%22%3Atrue%7D%7D). -For the POC example, configure programmatic deployment also for [Ubuntu Pro 20.04 LTS image](https://portal.azure.com/#view/Microsoft_Azure_Marketplace/LegalTermsSkuProgrammaticAccessBlade/legalTermsSkuProgrammaticAccessData~/%7B%22product%22%3A%7B%22publisherId%22%3A%22canonical%22%2C%22offerId%22%3A%220001-com-ubuntu-pro-focal%22%2C%22planId%22%3A%22pro-20_04-lts%22%2C%22standardContractAmendmentsRevisionId%22%3Anull%2C%22isCspEnabled%22%3Atrue%7D%7D). -3. The deployment requires access to the Sonar and DAM Agent installation binaries. Establish an Azure Storage account along with a container, and proceed to upload the Sonar and DAM Agent installation binaries to this storage location as a blob. - +2. The deployment requires access to the DSF installation software. [Click here to request access](https://docs.google.com/document/d/12r8olpvT1H4A_ZKUJBO_2AbTO7qmyihe1hQjHo-N3qg). ## Choosing the Example/Recipe that Fits Your Use Case From ebb4bcf6ce3d79f199e0aa76b6637f1c5e023cc6 Mon Sep 17 00:00:00 2001 From: Eytan Naim <80354890+eytannnaim@users.noreply.github.com> Date: Tue, 23 Jan 2024 12:41:42 +0200 Subject: [PATCH 12/32] Azure agentless source (#356) --- .github/workflows/deploy_module.yml | 8 +- .../poc/dsf_deployment/agentless_sources.tf | 4 +- examples/aws/poc/dsf_deployment/sonar.tf | 1 - examples/aws/poc/dsf_deployment/variables.tf | 8 +- .../aws/poc/sonar_basic_deployment/main.tf | 2 - .../poc/sonar_basic_deployment/variables.tf | 6 - .../aws/poc/sonar_hadr_deployment/main.tf | 2 - .../poc/sonar_hadr_deployment/variables.tf | 6 - .../poc/dsf_deployment/agentless_sources.tf | 44 +++++++ .../azure/poc/dsf_deployment/networking.tf | 1 + examples/azure/poc/dsf_deployment/outputs.tf | 4 + .../azure/poc/dsf_deployment/variables.tf | 13 ++ modules/aws/poc-db-onboarder/variables.tf | 10 -- modules/aws/rds-mssql-db/main.tf | 3 +- modules/azurerm/mssql-db/README.md | 57 +++++++++ modules/azurerm/mssql-db/main.tf | 113 ++++++++++++++++++ modules/azurerm/mssql-db/output.tf | 39 ++++++ modules/azurerm/mssql-db/variables.tf | 54 +++++++++ modules/azurerm/mssql-db/versions.tf | 10 ++ modules/azurerm/poc-db-onboarder/README.md | 8 ++ modules/azurerm/poc-db-onboarder/main.tf | 56 +++++++++ modules/azurerm/poc-db-onboarder/variables.tf | 89 ++++++++++++++ modules/azurerm/poc-db-onboarder/versions.tf | 10 ++ modules/azurerm/sonar-base-instance/main.tf | 5 +- .../azurerm/sonar-base-instance/outputs.tf | 2 +- modules/null/poc-db-onboarder/README.md | 8 ++ modules/null/poc-db-onboarder/main.tf | 77 ++++++++++++ modules/null/poc-db-onboarder/onboard.tftpl | 81 +++++++++++++ modules/null/poc-db-onboarder/variables.tf | 77 ++++++++++++ modules/null/poc-db-onboarder/versions.tf | 3 + sed.expr | 2 + 31 files changed, 760 insertions(+), 43 deletions(-) create mode 100644 examples/azure/poc/dsf_deployment/agentless_sources.tf create mode 100644 modules/azurerm/mssql-db/README.md create mode 100644 modules/azurerm/mssql-db/main.tf create mode 100644 modules/azurerm/mssql-db/output.tf create mode 100644 modules/azurerm/mssql-db/variables.tf create mode 100644 modules/azurerm/mssql-db/versions.tf create mode 100644 modules/azurerm/poc-db-onboarder/README.md create mode 100644 modules/azurerm/poc-db-onboarder/main.tf create mode 100644 modules/azurerm/poc-db-onboarder/variables.tf create mode 100644 modules/azurerm/poc-db-onboarder/versions.tf create mode 100644 modules/null/poc-db-onboarder/README.md create mode 100644 modules/null/poc-db-onboarder/main.tf create mode 100644 modules/null/poc-db-onboarder/onboard.tftpl create mode 100644 modules/null/poc-db-onboarder/variables.tf create mode 100644 modules/null/poc-db-onboarder/versions.tf diff --git a/.github/workflows/deploy_module.yml b/.github/workflows/deploy_module.yml index eee345a37..2863605cd 100644 --- a/.github/workflows/deploy_module.yml +++ b/.github/workflows/deploy_module.yml @@ -59,7 +59,13 @@ jobs: hidden_submodules: "azurerm/sonar-base-instance azurerm/statistics null/statistics" begin_tag: 1.0.0 - ## null provider + - source_module: "azurerm/poc-db-onboarder" + destination_repo: "terraform-azurerm-dsf-poc-db-onboarder" + public_submodule: "azurerm/mssql-db" + hidden_submodules: "null/poc-db-onboarder" + begin_tag: 1.0.0 + + ## null provider - source_module: "null/hadr" destination_repo: "terraform-null-dsf-hadr" begin_tag: 1.0.0 diff --git a/examples/aws/poc/dsf_deployment/agentless_sources.tf b/examples/aws/poc/dsf_deployment/agentless_sources.tf index d4db87298..20b8ea107 100644 --- a/examples/aws/poc/dsf_deployment/agentless_sources.tf +++ b/examples/aws/poc/dsf_deployment/agentless_sources.tf @@ -38,11 +38,10 @@ module "rds_mssql" { } module "db_onboarding" { - source = "imperva/dsf-poc-db-onboarder/aws" +source = "imperva/dsf-poc-db-onboarder/aws" version = "1.7.5" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } - sonar_version = module.globals.tarball_location.version usc_access_token = module.hub_main[0].access_tokens.usc.token hub_info = { hub_ip_address = module.hub_main[0].public_ip @@ -66,6 +65,7 @@ module "db_onboarding" { depends_on = [ module.federation, module.rds_mysql, + module.rds_postgres, module.rds_mssql ] } diff --git a/examples/aws/poc/dsf_deployment/sonar.tf b/examples/aws/poc/dsf_deployment/sonar.tf index 8076d65ef..ee5bbe87e 100644 --- a/examples/aws/poc/dsf_deployment/sonar.tf +++ b/examples/aws/poc/dsf_deployment/sonar.tf @@ -1,5 +1,4 @@ locals { - database_cidr = var.database_cidr != null ? var.database_cidr : local.workstation_cidr_24 tarball_location = var.tarball_location != null ? var.tarball_location : module.globals.tarball_location agentless_gw_count = var.enable_sonar ? var.agentless_gw_count : 0 diff --git a/examples/aws/poc/dsf_deployment/variables.tf b/examples/aws/poc/dsf_deployment/variables.tf index 595726d4c..fb324a911 100644 --- a/examples/aws/poc/dsf_deployment/variables.tf +++ b/examples/aws/poc/dsf_deployment/variables.tf @@ -281,7 +281,7 @@ variable "additional_install_parameters" { variable "simulation_db_types_for_agentless" { type = list(string) default = ["RDS MsSQL"] - description = "Types of databases to provision and onboard to an Agentless Gateway for simulation purposes. Available types are: 'RDS MySQL' and 'RDS MsSQL'. 'RDS MsSQL' includes simulation data." + description = "Types of databases to provision and onboard to an Agentless Gateway for simulation purposes. Available types are: 'RDS MySQL', 'RDS PostgreSQL' and 'RDS MsSQL'. 'RDS MsSQL' includes simulation data." validation { condition = alltrue([ for db_type in var.simulation_db_types_for_agentless : contains(["RDS MySQL", "RDS MsSQL", "RDS PostgreSQL"], db_type) @@ -290,12 +290,6 @@ variable "simulation_db_types_for_agentless" { } } -variable "database_cidr" { - type = list(string) - default = null # workstation ip - description = "CIDR blocks allowing dummy database access" -} - ############################## #### DRA variables #### ############################## diff --git a/examples/aws/poc/sonar_basic_deployment/main.tf b/examples/aws/poc/sonar_basic_deployment/main.tf index af1c7ee7e..939846d0b 100644 --- a/examples/aws/poc/sonar_basic_deployment/main.tf +++ b/examples/aws/poc/sonar_basic_deployment/main.tf @@ -33,7 +33,6 @@ locals { locals { password = var.password != null ? var.password : module.globals.random_password workstation_cidr = var.workstation_cidr != null ? var.workstation_cidr : local.workstation_cidr_24 - database_cidr = var.database_cidr != null ? var.database_cidr : local.workstation_cidr_24 tarball_location = module.globals.tarball_location tags = merge(module.globals.tags, { "deployment_name" = local.deployment_name_salted }) hub_subnet_id = var.subnet_ids != null ? var.subnet_ids.hub_subnet_id : module.vpc[0].public_subnets[0] @@ -193,7 +192,6 @@ module "db_onboarding" { version = "1.7.5" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } - sonar_version = module.globals.tarball_location.version usc_access_token = module.hub.access_tokens.usc.token hub_info = { hub_ip_address = module.hub.public_ip diff --git a/examples/aws/poc/sonar_basic_deployment/variables.tf b/examples/aws/poc/sonar_basic_deployment/variables.tf index 82688bdb1..ea0a4aff7 100644 --- a/examples/aws/poc/sonar_basic_deployment/variables.tf +++ b/examples/aws/poc/sonar_basic_deployment/variables.tf @@ -33,12 +33,6 @@ variable "web_console_cidr" { description = "DSF Hub web console IPs range. Note that when running the deployment specify IPs in the following format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]. The default configuration opens the DSF Hub web console as a public website. It is recommended to specify a more restricted IP and CIDR range." } -variable "database_cidr" { - type = list(string) - default = null # workstation ip - description = "CIDR blocks allowing dummy database access" -} - variable "workstation_cidr" { type = list(string) default = null diff --git a/examples/aws/poc/sonar_hadr_deployment/main.tf b/examples/aws/poc/sonar_hadr_deployment/main.tf index 656d1e451..4bd1eac21 100644 --- a/examples/aws/poc/sonar_hadr_deployment/main.tf +++ b/examples/aws/poc/sonar_hadr_deployment/main.tf @@ -31,7 +31,6 @@ locals { locals { password = var.password != null ? var.password : module.globals.random_password workstation_cidr = var.workstation_cidr != null ? var.workstation_cidr : local.workstation_cidr_24 - database_cidr = var.database_cidr != null ? var.database_cidr : local.workstation_cidr_24 tarball_location = var.tarball_location != null ? var.tarball_location : module.globals.tarball_location tags = merge(module.globals.tags, { "deployment_name" = local.deployment_name_salted }) main_hub_subnet_id = var.subnet_ids != null ? var.subnet_ids.main_hub_subnet_id : module.vpc[0].public_subnets[0] @@ -317,7 +316,6 @@ module "db_onboarding" { version = "1.7.5" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } - sonar_version = module.globals.tarball_location.version usc_access_token = module.hub_main.access_tokens.usc.token hub_info = { hub_ip_address = module.hub_main.public_ip diff --git a/examples/aws/poc/sonar_hadr_deployment/variables.tf b/examples/aws/poc/sonar_hadr_deployment/variables.tf index 200fc9fa9..295bca207 100644 --- a/examples/aws/poc/sonar_hadr_deployment/variables.tf +++ b/examples/aws/poc/sonar_hadr_deployment/variables.tf @@ -47,12 +47,6 @@ variable "web_console_cidr" { description = "DSF Hub web console CIDR blocks in the following format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]. The default configuration opens the DSF Hub web console as a public website. It is recommended to specify a more restricted IP and CIDR range." } -variable "database_cidr" { - type = list(string) - default = null # workstation ip - description = "CIDR blocks allowing dummy database access in the following format - [\"x.x.x.x/x\", \"y.y.y.y/y\"]" -} - variable "workstation_cidr" { type = list(string) default = null diff --git a/examples/azure/poc/dsf_deployment/agentless_sources.tf b/examples/azure/poc/dsf_deployment/agentless_sources.tf new file mode 100644 index 000000000..807dca3d0 --- /dev/null +++ b/examples/azure/poc/dsf_deployment/agentless_sources.tf @@ -0,0 +1,44 @@ +locals { + db_types_for_agentless = local.agentless_gw_count > 0 ? var.simulation_db_types_for_agentless : [] +} + +module "mssql" { + source = "imperva/dsf-poc-db-onboarder/azurerm//modules/mssql-db" + version = "1.7.5" # latest release tag + count = contains(local.db_types_for_agentless, "MsSQL") ? 1 : 0 + + resource_group = local.resource_group + security_group_ingress_cidrs = local.workstation_cidr + + tags = local.tags +} + +module "db_onboarding" { + source = "imperva/dsf-poc-db-onboarder/azurerm" + version = "1.7.5" # latest release tag + for_each = { for idx, val in concat(module.mssql) : idx => val } + + resource_group = local.resource_group + usc_access_token = module.hub_main[0].access_tokens.usc.token + hub_info = { + hub_ip_address = module.hub_main[0].public_ip + hub_private_ssh_key_path = local_sensitive_file.ssh_key.filename + hub_ssh_user = module.hub_main[0].ssh_user + } + + assignee_gw = module.agentless_gw_main[0].jsonar_uid + assignee_role = module.agentless_gw_main[0].principal_id + + database_details = { + db_server_id = each.value.db_server_id + db_port = each.value.db_port + db_engine = each.value.db_engine + db_identifier = each.value.db_identifier + db_address = each.value.db_address + } + tags = local.tags + depends_on = [ + module.federation, + module.mssql + ] +} diff --git a/examples/azure/poc/dsf_deployment/networking.tf b/examples/azure/poc/dsf_deployment/networking.tf index 5e9af333b..894454841 100644 --- a/examples/azure/poc/dsf_deployment/networking.tf +++ b/examples/azure/poc/dsf_deployment/networking.tf @@ -18,6 +18,7 @@ locals { module "network" { count = 1 source = "Azure/network/azurerm" + version = "5.3.0" vnet_name = "${local.deployment_name_salted}-${module.globals.current_user_name}" resource_group_name = local.resource_group.name address_spaces = [var.vnet_ip_range] diff --git a/examples/azure/poc/dsf_deployment/outputs.tf b/examples/azure/poc/dsf_deployment/outputs.tf index 6c5037a96..d760e409d 100644 --- a/examples/azure/poc/dsf_deployment/outputs.tf +++ b/examples/azure/poc/dsf_deployment/outputs.tf @@ -115,6 +115,10 @@ output "audit_sources" { ssh_command = try("ssh -o UserKnownHostsFile=/dev/null -o ProxyCommand='ssh -o UserKnownHostsFile=/dev/null -i ${local.private_key_file_path} -W %h:%p ${module.mx[0].ssh_user}@${module.mx[0].public_ip}' -i ${local.private_key_file_path} ${val.ssh_user}@${val.private_ip}", null) } ] + agentless_sources = var.enable_sonar ? { + mssql = try(module.mssql[0], null) + } : null + } } diff --git a/examples/azure/poc/dsf_deployment/variables.tf b/examples/azure/poc/dsf_deployment/variables.tf index 435d61d05..f6c7472e5 100644 --- a/examples/azure/poc/dsf_deployment/variables.tf +++ b/examples/azure/poc/dsf_deployment/variables.tf @@ -257,6 +257,19 @@ variable "sonar_machine_base_directory" { default = "/imperva" description = "The base directory where all Sonar related directories will be installed" } + +variable "simulation_db_types_for_agentless" { + type = list(string) + default = ["MsSQL"] + description = "Types of databases to provision and onboard to an Agentless Gateway for simulation purposes. Available types are: 'MsSQL'." + validation { + condition = alltrue([ + for db_type in var.simulation_db_types_for_agentless : contains(["MsSQL"], db_type) + ]) + error_message = "Value must be a subset of: ['MsSQL']" + } +} + ############################## #### DRA variables #### ############################## diff --git a/modules/aws/poc-db-onboarder/variables.tf b/modules/aws/poc-db-onboarder/variables.tf index 54b8c1278..b5f08d512 100644 --- a/modules/aws/poc-db-onboarder/variables.tf +++ b/modules/aws/poc-db-onboarder/variables.tf @@ -1,13 +1,3 @@ -variable "sonar_version" { - type = string - description = "The Sonar version to install. Supported versions are: 4.11 and up. Both long and short version formats are supported, for example, 4.12.0.10 or 4.12. The short format maps to the latest patch." - nullable = false - validation { - condition = !startswith(var.sonar_version, "4.9.") && !startswith(var.sonar_version, "4.10.") - error_message = "The sonar_version value must be 4.11 or higher" - } -} - variable "hub_info" { type = object({ hub_ip_address = string diff --git a/modules/aws/rds-mssql-db/main.tf b/modules/aws/rds-mssql-db/main.tf index e426a0645..6cd9f6ca9 100644 --- a/modules/aws/rds-mssql-db/main.tf +++ b/modules/aws/rds-mssql-db/main.tf @@ -3,8 +3,7 @@ resource "random_password" "db_password" { special = false } -resource "random_pet" "db_id" { -} +resource "random_pet" "db_id" {} resource "random_id" "salt" { byte_length = 2 diff --git a/modules/azurerm/mssql-db/README.md b/modules/azurerm/mssql-db/README.md new file mode 100644 index 000000000..cf7b1b709 --- /dev/null +++ b/modules/azurerm/mssql-db/README.md @@ -0,0 +1,57 @@ +# DSF MsSQL +[![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) + +This Terraform module provisions MsSQL instance and configure audit on it. +It should be used for poc / pov / lab purposes. + +## Requirements +* Terraform v0.13 and up +* An Azure account +* Permissions to create MsSQL, Eventhub and Storage account (for configuring the audit). Required permissions can be found [here](/permissions_samples/azure/OnboardMssqlRdsWithDataPermissions.txt). + +## Resources Provisioned +This Terraform module provisions several resources on AWS to create and onboard the MsSQL with synthetic data on it. These resources include: +* A MsSQL instance +* A security group to allow the required network access to and from the MsSQL instance + +## Inputs + +Refer to [variables.tf](variables.tf) for additional variables with default values and additional info. + +## Outputs + +Refer to [outputs.tf](outputs.tf) for additional variables with default values and additional info. + +## Usage + +To use this module, add the following to your Terraform configuration: + +``` +provider "azurerm" { + features { + } +} + +module "mssql" { + source = "imperva/dsf-poc-db-onboarder/azurerm//modules/mssql-db" + resource_group = var.resource_group +} +``` + +To see a complete example of how to use this module in a DSF deployment with other modules, check out the [examples](../../../examples/) directory. + +We recommend using a specific version of the module (and not the latest). +See available released versions in the main repo README [here](https://github.com/imperva/dsfkit#version-history). + +Specify the module's version by adding the version parameter. For example: + +``` +module "dsf_mssql" { + source = "imperva/dsf-poc-db-onboarder/azurerm//modules/mssql-db" + version = "x.y.z" +} +``` + +## Additional Information + +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file diff --git a/modules/azurerm/mssql-db/main.tf b/modules/azurerm/mssql-db/main.tf new file mode 100644 index 000000000..775ac1e07 --- /dev/null +++ b/modules/azurerm/mssql-db/main.tf @@ -0,0 +1,113 @@ +resource "random_password" "db_password" { + length = 15 + special = true +} + +resource "random_pet" "db_id" {} + +locals { + db_username = var.username + db_password = length(var.password) > 0 ? var.password : random_password.db_password.result + db_identifier = length(var.identifier) > 0 ? var.identifier : "edsf-db-demo-${random_pet.db_id.id}" + db_address = "${local.db_identifier}.database.windows.net" + server_name = local.db_identifier + database_name = local.db_identifier + eventhub_ns_name = local.db_identifier + eventhub_name = local.db_identifier +} + +resource "azurerm_mssql_server" "server" { + name = local.server_name + resource_group_name = var.resource_group.name + location = var.resource_group.location + version = "12.0" + administrator_login = local.db_username + administrator_login_password = local.db_password + minimum_tls_version = "1.2" + + tags = var.tags +} + +resource "azurerm_mssql_firewall_rule" "allow_inbound" { + count = length(var.security_group_ingress_cidrs) + + name = join("-", [local.server_name, count.index]) + server_id = azurerm_mssql_server.server.id + start_ip_address = cidrhost(var.security_group_ingress_cidrs[count.index], 0) + end_ip_address = cidrhost(var.security_group_ingress_cidrs[count.index], -1) +} + +resource "azurerm_mssql_database" "db" { + name = local.database_name + server_id = azurerm_mssql_server.server.id + sample_name = "AdventureWorksLT" + tags = var.tags +} + +data "azurerm_subscription" "current" {} + +resource "azurerm_mssql_server_extended_auditing_policy" "policy" { + server_id = azurerm_mssql_server.server.id + storage_endpoint = azurerm_storage_account.sa.primary_blob_endpoint + storage_account_access_key = azurerm_storage_account.sa.primary_access_key + storage_account_access_key_is_secondary = false + retention_in_days = 0 + + enabled = true + log_monitoring_enabled = true + + storage_account_subscription_id = data.azurerm_subscription.current.subscription_id +} + +resource "azurerm_eventhub_namespace" "ns" { + name = local.eventhub_ns_name + resource_group_name = var.resource_group.name + location = var.resource_group.location + sku = "Standard" + tags = var.tags +} + +resource "azurerm_eventhub" "eventhub" { + name = local.eventhub_name + namespace_name = azurerm_eventhub_namespace.ns.name + resource_group_name = var.resource_group.name + + partition_count = 2 + message_retention = 1 +} + +data "azurerm_eventhub_namespace_authorization_rule" "auth_rule" { + name = "RootManageSharedAccessKey" + namespace_name = azurerm_eventhub_namespace.ns.name + resource_group_name = var.resource_group.name +} + +resource "azurerm_monitor_diagnostic_setting" "settings" { + name = "sonar_diagnostic_settings" + target_resource_id = "${azurerm_mssql_database.db.server_id}/databases/master" # creates an expilicit dependency on the database + + eventhub_authorization_rule_id = data.azurerm_eventhub_namespace_authorization_rule.auth_rule.id + eventhub_name = azurerm_eventhub.eventhub.name + + enabled_log { + category = "SQLSecurityAuditEvents" + } +} + +resource "azurerm_storage_account" "sa" { + name = "sonar${replace(random_pet.db_id.id, "-", "")}" + resource_group_name = var.resource_group.name + location = var.resource_group.location + + account_tier = "Standard" + account_replication_type = "LRS" + account_kind = "StorageV2" + + allow_nested_items_to_be_public = false + + identity { + type = "SystemAssigned" + } + + tags = var.tags +} diff --git a/modules/azurerm/mssql-db/output.tf b/modules/azurerm/mssql-db/output.tf new file mode 100644 index 000000000..a51414789 --- /dev/null +++ b/modules/azurerm/mssql-db/output.tf @@ -0,0 +1,39 @@ +output "db_username" { + value = "${local.db_username}@${local.db_identifier}" +} + +output "db_password" { + value = nonsensitive(local.db_password) +} + +output "db_name" { + value = local.db_identifier +} + +output "db_identifier" { + value = local.db_identifier +} + +output "db_address" { + value = local.db_address +} + +output "db_id" { + value = azurerm_mssql_database.db.id +} + +output "db_server_id" { + value = azurerm_mssql_server.server.id +} + +output "db_engine" { + value = "mssql" +} + +output "db_port" { + value = 1433 +} + +output "sql_cmd" { + value = "sqlcmd -S ${local.db_address} --database-name ${local.db_identifier} -U ${local.db_username}@${local.db_identifier} -P'${nonsensitive(local.db_password)}' -Q 'SELECT AddressID, AddressLine1, AddressLine2, City, StateProvince, CountryRegion, PostalCode, rowguid, ModifiedDate FROM SalesLT.Address;'" +} diff --git a/modules/azurerm/mssql-db/variables.tf b/modules/azurerm/mssql-db/variables.tf new file mode 100644 index 000000000..4a094be16 --- /dev/null +++ b/modules/azurerm/mssql-db/variables.tf @@ -0,0 +1,54 @@ +variable "resource_group" { + type = object({ + name = string + location = string + }) + description = "Resource group details" +} + +variable "username" { + type = string + description = "Master username must contain 1–16 alphanumeric characters, the first character must be a letter, and name cannot be a word reserved by the database engine." + default = "edsf-admin" + validation { + condition = length(var.username) > 1 + error_message = "Master username name must be at least 1 characters" + } +} + +variable "password" { + type = string + description = "Master password must contain 8–41 printable ASCII characters, and cannot contain /, \", @, or a space." + default = "" + validation { + condition = length(var.password) == 0 || length(var.password) > 7 + error_message = "Master password name must be at least 8 characters" + } +} + +variable "identifier" { + type = string + description = "Name of your MsSQL DB from 3 to 63 alphanumeric characters or hyphens, first character must be a letter, must not end with a hyphen or contain two consecutive hyphens." + default = "" + validation { + condition = length(var.identifier) == 0 || length(var.identifier) > 3 + error_message = "identifier name must be at least 3 characters" + } +} + +variable "security_group_ingress_cidrs" { + type = list(string) + description = "List of allowed ingress cidr ranges for access to the database" + validation { + condition = alltrue([ + for address in var.security_group_ingress_cidrs : can(cidrnetmask(address)) + ]) && (length(var.security_group_ingress_cidrs) > 0) + error_message = "Each item of the 'security_group_ingress_cidrs' must be in a valid CIDR block format. For example: [\"10.106.108.0/25\"]" + } +} + +variable "tags" { + description = "A map of tags to add to all resources" + type = map(string) + default = {} +} diff --git a/modules/azurerm/mssql-db/versions.tf b/modules/azurerm/mssql-db/versions.tf new file mode 100644 index 000000000..2236d91ec --- /dev/null +++ b/modules/azurerm/mssql-db/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3.1, < 1.7.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = ">=3.0.0" + } + } +} diff --git a/modules/azurerm/poc-db-onboarder/README.md b/modules/azurerm/poc-db-onboarder/README.md new file mode 100644 index 000000000..a32fa2b45 --- /dev/null +++ b/modules/azurerm/poc-db-onboarder/README.md @@ -0,0 +1,8 @@ +# DSF POC DB Onboarder +[![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) + +## Sonar versions +4.11 and up + +## Requirements +* [Terraform version](versions.tf) diff --git a/modules/azurerm/poc-db-onboarder/main.tf b/modules/azurerm/poc-db-onboarder/main.tf new file mode 100644 index 000000000..7b6a3691f --- /dev/null +++ b/modules/azurerm/poc-db-onboarder/main.tf @@ -0,0 +1,56 @@ +locals { + bastion_host = var.hub_proxy_info.proxy_address + bastion_private_key = try(file(var.hub_proxy_info.proxy_private_ssh_key_path), "") + bastion_user = var.hub_proxy_info.proxy_ssh_user + script_path = var.terraform_script_path_folder == null ? null : (join("/", [var.terraform_script_path_folder, "terraform_%RAND%.sh"])) + + server_type_by_engine_map = { + "mssql" : "AZURE MS SQL SERVER" + } +} + +data "azurerm_subscription" "current" {} + +resource "azurerm_role_assignment" "dsf_base_owner_role_assignment" { + scope = data.azurerm_subscription.current.id + role_definition_name = "Owner" + principal_id = var.assignee_role +} + +module "onboard_db_to_dsf" { + source = "../../../modules/null/poc-db-onboarder" + + assignee_gw = var.assignee_gw + + usc_access_token = var.usc_access_token + enable_audit = var.enable_audit + + database_data = { + id = var.database_details.db_server_id + name = var.database_details.db_identifier + location = var.resource_group.location + hostname = var.database_details.db_address + port = var.database_details.db_port + server_type = local.server_type_by_engine_map[var.database_details.db_engine] + } + + cloud_account_data = { + id = data.azurerm_subscription.current.id + name = data.azurerm_subscription.current.display_name + type = "AZURE" + connections_data = [ + { + reason = "default" + connectionData = { + auth_mechanism = "managed_identity" + subscription_id = data.azurerm_subscription.current.subscription_id, + } + } + ] + } + + hub_info = var.hub_info + hub_proxy_info = var.hub_proxy_info + terraform_script_path_folder = var.terraform_script_path_folder + depends_on = [ azurerm_role_assignment.dsf_base_owner_role_assignment ] +} diff --git a/modules/azurerm/poc-db-onboarder/variables.tf b/modules/azurerm/poc-db-onboarder/variables.tf new file mode 100644 index 000000000..30422ea63 --- /dev/null +++ b/modules/azurerm/poc-db-onboarder/variables.tf @@ -0,0 +1,89 @@ +variable "resource_group" { + type = object({ + name = string + location = string + }) + description = "Resource group details" +} + +variable "hub_info" { + type = object({ + hub_ip_address = string + hub_private_ssh_key_path = string + hub_ssh_user = string + }) + + description = "Hub info" +} + +variable "hub_proxy_info" { + type = object({ + proxy_address = string + proxy_private_ssh_key_path = string + proxy_ssh_user = string + }) + + description = "Proxy address, private key file path and user used for ssh to a private DSF Hub. Keep empty if a proxy is not used." + default = { + proxy_address = null + proxy_private_ssh_key_path = null + proxy_ssh_user = null + } +} + +variable "assignee_gw" { + type = string + description = "jsonar uid of the assignee DSF Agentless Gateway" + validation { + condition = length(var.assignee_gw) >= 35 + error_message = "Should be uuid in the form of xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + } +} + +variable "assignee_role" { + type = string + description = "Principal ID of the asset assignee" +} + +variable "usc_access_token" { + type = string + description = "DSF Hub access token with USC scope" +} + +variable "database_details" { + type = object({ + db_server_id = string + db_port = number + db_engine = string + db_identifier = string + db_address = string + }) + description = "database details" + + validation { + condition = contains(["mssql"], var.database_details.db_engine) + error_message = "Allowed values for db engine: 'mssql'" + } +} + +variable "terraform_script_path_folder" { + type = string + description = "Terraform script path folder to create terraform temporary script files on a private DSF node. Use '.' to represent the instance home directory" + default = null + validation { + condition = var.terraform_script_path_folder != "" + error_message = "Terraform script path folder cannot be an empty string" + } +} + +variable "enable_audit" { + type = bool + description = "Enable audit for asset" + default = true +} + +variable "tags" { + description = "A map of tags to add to all resources" + type = map(string) + default = {} +} diff --git a/modules/azurerm/poc-db-onboarder/versions.tf b/modules/azurerm/poc-db-onboarder/versions.tf new file mode 100644 index 000000000..f205f46c6 --- /dev/null +++ b/modules/azurerm/poc-db-onboarder/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3.1, < 1.7.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 4.23.0" + } + } +} diff --git a/modules/azurerm/sonar-base-instance/main.tf b/modules/azurerm/sonar-base-instance/main.tf index bb6e884f7..6ff26c78f 100644 --- a/modules/azurerm/sonar-base-instance/main.tf +++ b/modules/azurerm/sonar-base-instance/main.tf @@ -100,11 +100,10 @@ resource "azurerm_user_assigned_identity" "dsf_base" { location = var.resource_group.location } -data "azurerm_subscription" "subscription" {} +data "azurerm_subscription" "current" {} resource "azurerm_role_assignment" "dsf_base_storage_role_assignment" { - count = var.binaries_location.az_resource_group != "" ? 1 : 0 - scope = "${data.azurerm_subscription.subscription.id}/resourceGroups/${var.binaries_location.az_resource_group}/providers/Microsoft.Storage/storageAccounts/${var.binaries_location.az_storage_account}/blobServices/default/containers/${var.binaries_location.az_container}" + scope = "${data.azurerm_subscription.current.id}/resourceGroups/${var.binaries_location.az_resource_group}/providers/Microsoft.Storage/storageAccounts/${var.binaries_location.az_storage_account}/blobServices/default/containers/${var.binaries_location.az_container}" role_definition_name = "Storage Blob Data Reader" principal_id = azurerm_user_assigned_identity.dsf_base.principal_id } diff --git a/modules/azurerm/sonar-base-instance/outputs.tf b/modules/azurerm/sonar-base-instance/outputs.tf index cc5e1291b..b77359ee3 100644 --- a/modules/azurerm/sonar-base-instance/outputs.tf +++ b/modules/azurerm/sonar-base-instance/outputs.tf @@ -20,7 +20,7 @@ output "private_ip" { output "principal_id" { description = "Principal ID of the DSF node" - value = azurerm_linux_virtual_machine.dsf_base_instance.identity[0].principal_id + value = azurerm_user_assigned_identity.dsf_base.principal_id } output "main_node_sonarw_public_key" { diff --git a/modules/null/poc-db-onboarder/README.md b/modules/null/poc-db-onboarder/README.md new file mode 100644 index 000000000..a32fa2b45 --- /dev/null +++ b/modules/null/poc-db-onboarder/README.md @@ -0,0 +1,8 @@ +# DSF POC DB Onboarder +[![GitHub tag](https://img.shields.io/github/v/tag/imperva/dsfkit.svg)](https://github.com/imperva/dsfkit/tags) + +## Sonar versions +4.11 and up + +## Requirements +* [Terraform version](versions.tf) diff --git a/modules/null/poc-db-onboarder/main.tf b/modules/null/poc-db-onboarder/main.tf new file mode 100644 index 000000000..d6de1fa7a --- /dev/null +++ b/modules/null/poc-db-onboarder/main.tf @@ -0,0 +1,77 @@ +locals { + bastion_host = var.hub_proxy_info.proxy_address + bastion_private_key = try(file(var.hub_proxy_info.proxy_private_ssh_key_path), "") + bastion_user = var.hub_proxy_info.proxy_ssh_user + script_path = var.terraform_script_path_folder == null ? null : (join("/", [var.terraform_script_path_folder, "terraform_%RAND%.sh"])) +} + +locals { + applianceType = "DSF_HUB" + admin_email = "admin@email.com" + + cloud_account_data = { + data = { + applianceId = 1, + applianceType = local.applianceType, + serverType = var.cloud_account_data.type, + gatewayId = var.assignee_gw + id = var.cloud_account_data.id, + assetData = { + admin_email = local.admin_email, + asset_display_name = "Auto Onboarded Account: (${var.cloud_account_data.name})", + asset_id = var.cloud_account_data.id, + "Server Host Name" = "${var.cloud_account_data.type}.com", + connections = var.cloud_account_data.connections_data + } + } + } + + database_data = { + data : { + applianceId : 1, + applianceType : local.applianceType, + gatewayId : var.assignee_gw, + parentAssetId : local.cloud_account_data.data.id, + serverType : var.database_data.server_type, + id = var.database_data.id, + assetData : { + admin_email = local.admin_email, + asset_display_name : var.database_data.name, + asset_id = var.database_data.id, + location : var.database_data.location, + "Server Host Name" : var.database_data.hostname, + "Server Port" : var.database_data.port, + "Server IP" : var.database_data.hostname, + isMonitored : var.enable_audit + } + } + } +} + +resource "null_resource" "onboard_db_to_dsf" { + connection { + type = "ssh" + user = var.hub_info.hub_ssh_user + private_key = file(var.hub_info.hub_private_ssh_key_path) + host = var.hub_info.hub_ip_address + + bastion_host = local.bastion_host + bastion_private_key = local.bastion_private_key + bastion_user = local.bastion_user + + script_path = local.script_path + } + + provisioner "remote-exec" { + inline = [ + templatefile("${path.module}/onboard.tftpl", { + cloud_account_data = jsonencode(local.cloud_account_data), + account_id = urlencode(local.cloud_account_data.data.id) + database_asset_data = jsonencode(local.database_data) + database_id = urlencode(local.database_data.data.id) + usc_access_token = var.usc_access_token + enable_audit = var.enable_audit + }) + ] + } +} diff --git a/modules/null/poc-db-onboarder/onboard.tftpl b/modules/null/poc-db-onboarder/onboard.tftpl new file mode 100644 index 000000000..fda62871f --- /dev/null +++ b/modules/null/poc-db-onboarder/onboard.tftpl @@ -0,0 +1,81 @@ +#!/bin/bash +set -e +set -x + +client_id="terraform-automation" +reason="Token autogenerated by terraform" + +function curl_fail_on_error() { + OUTPUT_FILE=$(mktemp) + HTTP_CODE=$(curl --silent --output $OUTPUT_FILE --write-out "%%{http_code}" "$@") + if [[ $HTTP_CODE -lt 200 || $HTTP_CODE -gt 299 ]] ; then + >&2 cat $OUTPUT_FILE; >&2 echo + return 22 + fi + cat $OUTPUT_FILE; echo + rm $OUTPUT_FILE +} + +usc_access_token=${usc_access_token} + +# Add cloud account +if ! curl --fail -k 'https://127.0.0.1:8443/dsf/api/v1/cloud-accounts/${account_id}' --header "Authorization: Bearer $usc_access_token" &>/dev/null; then + echo ********Adding new cloud account******** + if curl_fail_on_error -k --location --request POST 'https://127.0.0.1:8443/dsf/api/v1/cloud-accounts' \ + --header "Authorization: Bearer $usc_access_token" \ + --header 'Content-Type: application/json' \ + --data '${cloud_account_data}'; then + echo ********Cloud account was added successfully******** + else + curl_fail_on_error -k 'https://127.0.0.1:8443/dsf/api/v1/cloud-accounts/${account_id}' --header "Authorization: Bearer $usc_access_token" >/dev/null + echo ********Cloud account already exists******** + fi +fi + +# Add database asset +if ! curl --fail -k 'https://127.0.0.1:8443/dsf/api/v1/data-sources/${database_id}' --header "Authorization: Bearer $usc_access_token" &>/dev/null; then + echo ********Adding new database asset******** + curl_fail_on_error -k --location --request POST 'https://127.0.0.1:8443/dsf/api/v1/data-sources' \ + --header "Authorization: Bearer $usc_access_token" \ + --header 'Content-Type: application/json' \ + --data '${database_asset_data}' +%{ if enable_audit ~} + echo ********Sleeping 1 minute before syncing gateway and enabling audit logs******** + sleep 60 +%{ endif ~} +fi + +%{ if enable_audit ~} +# Syncing cloud account and db with the gateway +echo ********Syncing cloud account asset with gateway******** +curl_fail_on_error -k --location --request POST 'https://127.0.0.1:8443/dsf/api/v1/cloud-accounts/${account_id}/operations/sync-with-gateway' \ + --header "Authorization: Bearer $usc_access_token" \ + --header 'Content-Type: application/json' + +echo ********Syncing DB asset with gateway******** +curl_fail_on_error -k --location --request POST 'https://127.0.0.1:8443/dsf/api/v1/data-sources/${database_id}/operations/sync-with-gateway' \ + --header "Authorization: Bearer $usc_access_token" \ + --header 'Content-Type: application/json' + +# Enable audit +echo ********Enabling audit on new asset******** +curl_fail_on_error -k --location --request POST 'https://127.0.0.1:8443/dsf/api/v1/data-sources/${database_id}/operations/enable-audit-collection' \ + --header "Authorization: Bearer $usc_access_token" \ + --header 'Content-Type: application/json' + +# Verify log aggregator is active +max_sleep=600 +while true; do + if [ "$(curl_fail_on_error -k 'https://127.0.0.1:8443/dsf/api/v1/log-aggregators/${database_id}' --header "Authorization: Bearer $usc_access_token" | jq -r .data.auditState)" == "YES" ]; then + echo ********Log aggregator is found******** + break + fi + sleep 20 + max_sleep=$(($max_sleep - 20)) + if [ "$max_sleep" -le 0 ]; then + echo ********Log aggregator is NOT found******** + exit 1 + fi +done +%{ endif ~} +echo DONE diff --git a/modules/null/poc-db-onboarder/variables.tf b/modules/null/poc-db-onboarder/variables.tf new file mode 100644 index 000000000..43d5a2415 --- /dev/null +++ b/modules/null/poc-db-onboarder/variables.tf @@ -0,0 +1,77 @@ +variable "hub_info" { + type = object({ + hub_ip_address = string + hub_private_ssh_key_path = string + hub_ssh_user = string + }) + + nullable = false + description = "Hub info" +} + +variable "hub_proxy_info" { + type = object({ + proxy_address = string + proxy_private_ssh_key_path = string + proxy_ssh_user = string + }) + + description = "Proxy address, private key file path and user used for ssh to a private DSF Hub. Keep empty if a proxy is not used." + default = { + proxy_address = null + proxy_private_ssh_key_path = null + proxy_ssh_user = null + } +} + +variable "assignee_gw" { + type = string + description = "jsonar uid of the assignee DSF Agentless Gateway" + nullable = false + validation { + condition = length(var.assignee_gw) >= 35 + error_message = "Should be uuid in the form of xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + } +} + +variable "usc_access_token" { + type = string + description = "DSF Hub access token with USC scope" +} + +variable "cloud_account_data" { + type = object({ + id = string + name = string + type = string + connections_data = list(any) + }) + description = "Cloud account data" +} + +variable "database_data" { + type = object({ + server_type = string + id = string + name = string + location = string + hostname = string + port = number + }) +} + +variable "terraform_script_path_folder" { + type = string + description = "Terraform script path folder to create terraform temporary script files on a private DSF node. Use '.' to represent the instance home directory" + default = null + validation { + condition = var.terraform_script_path_folder != "" + error_message = "Terraform script path folder cannot be an empty string" + } +} + +variable "enable_audit" { + type = bool + description = "Enable audit for asset" + default = true +} diff --git a/modules/null/poc-db-onboarder/versions.tf b/modules/null/poc-db-onboarder/versions.tf new file mode 100644 index 000000000..3ec2b2811 --- /dev/null +++ b/modules/null/poc-db-onboarder/versions.tf @@ -0,0 +1,3 @@ +terraform { + required_version = ">= 1.3.1, < 1.7.0" +} diff --git a/sed.expr b/sed.expr index 89bc9ea89..7819c3988 100644 --- a/sed.expr +++ b/sed.expr @@ -11,6 +11,8 @@ s;imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db;../../../../modules/aws s;imperva/dsf-poc-db-onboarder/aws//modules/rds-postgres-db;../../../../modules/aws/rds-postgres-db; s;imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db;../../../../modules/aws/rds-mssql-db; s;imperva/dsf-poc-db-onboarder/aws;../../../../modules/aws/poc-db-onboarder; +s;imperva/dsf-poc-db-onboarder/azurerm//modules/mssql-db;../../../../modules/azurerm/mssql-db; +s;imperva/dsf-poc-db-onboarder/azurerm;../../../../modules/azurerm/poc-db-onboarder; s;imperva/dsf-mx/aws;../../../../modules/aws/mx; s;imperva/dsf-agent-gw/aws;../../../../modules/aws/agent-gw; s;imperva/dsf-db-with-agent/aws;../../../../modules/aws/db-with-agent; From cba3742ca0bc7e8be973a0a4fbe2d2175b770fdf Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Tue, 23 Jan 2024 15:11:30 +0200 Subject: [PATCH 13/32] Remove MsSQL by default - missing permissions (#359) * DRA | Add automation and documentation * DRA | Add automation and documentation * DRA | little changes * remove MsSQL by default - missing permissions * remove MsSQL by default - missing permissions --- examples/azure/poc/dsf_deployment/sonar.tf | 2 +- examples/azure/poc/dsf_deployment/variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/azure/poc/dsf_deployment/sonar.tf b/examples/azure/poc/dsf_deployment/sonar.tf index f59132493..c1133a8c4 100644 --- a/examples/azure/poc/dsf_deployment/sonar.tf +++ b/examples/azure/poc/dsf_deployment/sonar.tf @@ -3,7 +3,7 @@ locals { hub_public_ip = var.enable_sonar ? (length(module.hub_main[0].public_ip) > 0 ? format("%s/32", module.hub_main[0].public_ip) : null) : null hub_dr_public_ip = var.enable_sonar && var.hub_hadr ? (length(module.hub_dr[0].public_ip) > 0 ? format("%s/32", module.hub_dr[0].public_ip) : null) : null -# WA since the following doesn't work: hub_cidr_list = concat(module.network[0].vnet_address_space, compact([local.hub_public_ip, local.hub_dr_public_ip])) + # WA since the following doesn't work: hub_cidr_list = concat(module.network[0].vnet_address_space, compact([local.hub_public_ip, local.hub_dr_public_ip])) hub_cidr_list = var.enable_sonar ? (var.hub_hadr ? concat(module.network[0].vnet_address_space, [local.hub_public_ip, local.hub_dr_public_ip]) : concat(module.network[0].vnet_address_space, [local.hub_public_ip])) : module.network[0].vnet_address_space } diff --git a/examples/azure/poc/dsf_deployment/variables.tf b/examples/azure/poc/dsf_deployment/variables.tf index f6c7472e5..a6d9d0034 100644 --- a/examples/azure/poc/dsf_deployment/variables.tf +++ b/examples/azure/poc/dsf_deployment/variables.tf @@ -260,7 +260,7 @@ variable "sonar_machine_base_directory" { variable "simulation_db_types_for_agentless" { type = list(string) - default = ["MsSQL"] + default = [] description = "Types of databases to provision and onboard to an Agentless Gateway for simulation purposes. Available types are: 'MsSQL'." validation { condition = alltrue([ From e4196c30bfea66f01999b980192d1b65c8da1a2e Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Tue, 23 Jan 2024 15:42:12 +0200 Subject: [PATCH 14/32] Dra on azure | Update readme, sed, deploy_modules (#360) * DRA | Add automation and documentation * DRA | Add automation and documentation * DRA | little changes * remove MsSQL by default - missing permissions * remove MsSQL by default - missing permissions * DRA | Update readme, sed and deploy_modules [skip actions] --- .github/workflows/deploy_module.yml | 19 +++++++++---------- README.md | 11 +++++++++++ sed.expr | 2 ++ 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/.github/workflows/deploy_module.yml b/.github/workflows/deploy_module.yml index 2863605cd..b838fa208 100644 --- a/.github/workflows/deploy_module.yml +++ b/.github/workflows/deploy_module.yml @@ -116,16 +116,15 @@ jobs: hidden_submodules: "aws/statistics null/statistics" begin_tag: 1.0.0 - # todo - hadar add when deploying dra -# ## azurerm provider -# - source_module: "azurerm/dra-admin" -# destination_repo: "terraform-azurerm-dsf-dra-admin" -# hidden_submodules: "azurerm/statistics null/statistics" -# begin_tag: 1.7.5 -# - source_module: "azurerm/dra-analytics" -# destination_repo: "terraform-azurerm-dsf-dra-analytics" -# hidden_submodules: "azurerm/statistics null/statistics" -# begin_tag: 1.7.5 + ## azurerm provider + - source_module: "azurerm/dra-admin" + destination_repo: "terraform-azurerm-dsf-dra-admin" + hidden_submodules: "azurerm/statistics null/statistics" + begin_tag: 1.7.6 + - source_module: "azurerm/dra-analytics" + destination_repo: "terraform-azurerm-dsf-dra-analytics" + hidden_submodules: "azurerm/statistics null/statistics" + begin_tag: 1.7.6 # Globals ## aws provider diff --git a/README.md b/README.md index 3ba6d823f..42237fc30 100644 --- a/README.md +++ b/README.md @@ -417,6 +417,17 @@ The following table lists the _latest_ eDSF Kit releases, their release date and
3. Improvements and bug fixes. + + 23 Jan 2024 + + 1.7.6 + + + 1. Added support for DRA in Azure. +
2. Added a new agentless source for Azure - MsSQL. +
3. Improvements and bug fixes. + + # Getting Ready to Deploy diff --git a/sed.expr b/sed.expr index 7819c3988..ffa1f1e08 100644 --- a/sed.expr +++ b/sed.expr @@ -23,4 +23,6 @@ s;imperva/dsf-sonar-upgrader/aws;../../../modules/aws/sonar-upgrader; s;imperva/dsf-mx/azurerm;../../../../modules/azurerm/mx; s;imperva/dsf-agent-gw/azurerm;../../../../modules/azurerm/agent-gw; s;imperva/dsf-db-with-agent/azurerm;../../../../modules/azurerm/db-with-agent; +s;imperva/dsf-dra-admin/azurerm;../../../../modules/azurerm/dra-admin; +s;imperva/dsf-dra-analytics/azurerm;../../../../modules/azurerm/dra-analytics; /latest release tag/c\ \ No newline at end of file From ed4b9704a6d316aabd083f7b77f6ff322218be30 Mon Sep 17 00:00:00 2001 From: hadar-timan Date: Tue, 23 Jan 2024 14:10:44 +0000 Subject: [PATCH 15/32] Automatic commit before release [release=1.7.6] | [skip actions] --- README.md | 62 +++++++++--------- .../dsf_single_account_deployment/dam.tf | 6 +- .../dsf_single_account_deployment/dra.tf | 4 +- .../dsf_single_account_deployment_1_7_5.zip | Bin 15407 -> 0 bytes .../dsf_single_account_deployment_1_7_6.zip | Bin 0 -> 15413 bytes .../dsf_single_account_deployment/main.tf | 18 ++--- .../dsf_single_account_deployment/sonar.tf | 14 ++-- .../sonar_multi_account_deployment/main.tf | 24 +++---- ... sonar_multi_account_deployment_1_7_6.zip} | Bin 9284 -> 9284 bytes .../sonar_single_account_deployment/main.tf | 16 ++--- ...sonar_single_account_deployment_1_7_6.zip} | Bin 8051 -> 8051 bytes .../aws/poc/dsf_deployment/agent_sources.tf | 2 +- .../poc/dsf_deployment/agentless_sources.tf | 10 +-- examples/aws/poc/dsf_deployment/dam.tf | 6 +- examples/aws/poc/dsf_deployment/dra.tf | 6 +- .../dsf_deployment/dsf_deployment_1_7_5.zip | Bin 12964 -> 0 bytes .../dsf_deployment/dsf_deployment_1_7_6.zip | Bin 0 -> 12907 bytes examples/aws/poc/dsf_deployment/main.tf | 4 +- examples/aws/poc/dsf_deployment/sonar.tf | 14 ++-- .../aws/poc/sonar_basic_deployment/main.tf | 16 ++--- .../sonar_basic_deployment_1_7_5.zip | Bin 6117 -> 0 bytes .../sonar_basic_deployment_1_7_6.zip | Bin 0 -> 6063 bytes .../aws/poc/sonar_hadr_deployment/main.tf | 24 +++---- .../sonar_hadr_deployment_1_7_5.zip | Bin 6852 -> 0 bytes .../sonar_hadr_deployment_1_7_6.zip | Bin 0 -> 6810 bytes examples/aws/sonar_upgrade/main.tf | 2 +- .../aws/sonar_upgrade/sonar_upgrade_1_7_5.zip | Bin 2348 -> 0 bytes .../aws/sonar_upgrade/sonar_upgrade_1_7_6.zip | Bin 0 -> 2349 bytes .../azure/poc/dsf_deployment/agent_sources.tf | 2 +- .../poc/dsf_deployment/agentless_sources.tf | 8 +-- examples/azure/poc/dsf_deployment/dam.tf | 4 +- examples/azure/poc/dsf_deployment/dra.tf | 48 +++++++------- .../dsf_deployment/dsf_deployment_1_7_5.zip | Bin 11256 -> 0 bytes .../dsf_deployment/dsf_deployment_1_7_6.zip | Bin 0 -> 14050 bytes examples/azure/poc/dsf_deployment/main.tf | 2 +- .../azure/poc/dsf_deployment/networking.tf | 2 +- examples/azure/poc/dsf_deployment/outputs.tf | 4 +- examples/azure/poc/dsf_deployment/sonar.tf | 18 ++--- .../azure/poc/dsf_deployment/variables.tf | 14 ++-- modules/aws/agent-gw/README.md | 2 +- modules/aws/agentless-gw/README.md | 2 +- modules/aws/db-with-agent/README.md | 2 +- modules/aws/dra-admin/README.md | 2 +- modules/aws/dra-analytics/README.md | 2 +- modules/aws/hub/README.md | 2 +- modules/aws/mx/README.md | 2 +- modules/aws/rds-mssql-db/README.md | 2 +- modules/azurerm/agent-gw/README.md | 2 +- modules/azurerm/agentless-gw/README.md | 2 +- modules/azurerm/db-with-agent/README.md | 2 +- modules/azurerm/dra-admin/README.md | 2 +- modules/azurerm/dra-admin/image.tf | 10 +-- modules/azurerm/dra-admin/main.tf | 16 ++--- modules/azurerm/dra-admin/sg.tf | 12 ++-- modules/azurerm/dra-admin/variables.tf | 18 ++--- modules/azurerm/dra-analytics/README.md | 2 +- modules/azurerm/dra-analytics/image.tf | 10 +-- modules/azurerm/dra-analytics/main.tf | 10 +-- modules/azurerm/dra-analytics/sg.tf | 12 ++-- modules/azurerm/dra-analytics/variables.tf | 10 +-- modules/azurerm/hub/README.md | 2 +- modules/azurerm/mssql-db/README.md | 2 +- modules/azurerm/mssql-db/main.tf | 28 ++++---- modules/azurerm/mx/README.md | 2 +- modules/azurerm/mx/dra.tf | 8 +-- modules/azurerm/poc-db-onboarder/main.tf | 38 +++++------ modules/azurerm/sonar-base-instance/secret.tf | 2 +- modules/null/poc-db-onboarder/main.tf | 2 +- ..._5.zip => sonar_python_upgrader_1_7_6.zip} | Bin 30586 -> 30586 bytes 69 files changed, 269 insertions(+), 269 deletions(-) delete mode 100644 examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_5.zip create mode 100644 examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip rename examples/aws/installation/sonar_multi_account_deployment/{sonar_multi_account_deployment_1_7_5.zip => sonar_multi_account_deployment_1_7_6.zip} (82%) rename examples/aws/installation/sonar_single_account_deployment/{sonar_single_account_deployment_1_7_5.zip => sonar_single_account_deployment_1_7_6.zip} (81%) delete mode 100644 examples/aws/poc/dsf_deployment/dsf_deployment_1_7_5.zip create mode 100644 examples/aws/poc/dsf_deployment/dsf_deployment_1_7_6.zip delete mode 100644 examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_5.zip create mode 100644 examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip delete mode 100644 examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_5.zip create mode 100644 examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip delete mode 100644 examples/aws/sonar_upgrade/sonar_upgrade_1_7_5.zip create mode 100644 examples/aws/sonar_upgrade/sonar_upgrade_1_7_6.zip delete mode 100644 examples/azure/poc/dsf_deployment/dsf_deployment_1_7_5.zip create mode 100644 examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip rename modules/{sonar_python_upgrader_1_7_5.zip => sonar_python_upgrader_1_7_6.zip} (75%) diff --git a/README.md b/README.md index 42237fc30..c8158cb86 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ This guide references the following information and links, some of which are ava - eDSF Kit GitHub Repository + eDSF Kit GitHub Repository @@ -481,7 +481,7 @@ e.g., with or without DRA, the number of Agentless Gateways, with or without HAD We provide several of out-of-the-box Terraform recipes we call "examples" which are already configured to deploy common DSF environments. You can use the example as is, or customize it to accommodate your deployment requirements. -These examples can be found in the eDSF Kit GitHub Repository under the examples directory. +These examples can be found in the eDSF Kit GitHub Repository under the examples directory. Some examples are intended for Lab or POC and others for actual DSF deployments by Professional Services and customers. For more details about each example, click on the example name. @@ -500,73 +500,73 @@ For more details about each example, click on the example name. - Sonar Basic Deployment + Sonar Basic Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, federation, networking and onboarding of a MySQL DB. - sonar_basic_deployment_1_7_5.zip + sonar_basic_deployment_1_7_6.zip - Sonar HADR Deployment + Sonar HADR Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation, networking and onboarding of a MySQL DB. - sonar_hadr_deployment_1_7_5.zip + sonar_hadr_deployment_1_7_6.zip - Sonar Single Account Deployment + Sonar Single Account Deployment PS/Customer A DSF deployment with a DSF Hub HADR, an Agentless Gateway and federation. The DSF nodes (Hubs and Agentless Gateway) are in the same AWS account and the same region. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_single_account_deployment_1_7_5.zip + sonar_single_account_deployment_1_7_6.zip - Sonar Multi Account Deployment + Sonar Multi Account Deployment PS/Customer A DSF deployment with a DSF Hub, an Agentless Gateway and federation. The DSF nodes (Hub and Agentless Gateway) are in different AWS accounts. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_multi_account_deployment_1_7_5.zip + sonar_multi_account_deployment_1_7_6.zip - DSF Deployment + DSF Deployment Lab/POC A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways), DRA (Admin and DRA Analytics), and Agent and Agentless audit sources. - dsf_deployment_1_7_5.zip + dsf_deployment_1_7_6.zip - DSF Single Account Deployment + DSF Single Account Deployment PS/Customer A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways) and DRA (Admin and DRA Analytics). - dsf_single_account_deployment_1_7_5.zip + dsf_single_account_deployment_1_7_6.zip - Sonar Upgrade (Alpha) + Sonar Upgrade (Alpha) All Upgrade of DSF Hub and Agentless Gateway (formerly Sonar). - sonar_upgrade_1_7_5.zip + sonar_upgrade_1_7_6.zip @@ -585,13 +585,13 @@ For more details about each example, click on the example name. - DSF Deployment + DSF Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation and networking, DAM (MX and Agent Gateways), and Agent audit sources. - dsf_deployment_1_7_5.zip + dsf_deployment_1_7_6.zip @@ -666,7 +666,7 @@ After you have [chosen the deployment mode](#choosing-the-deployment-mode), foll This mode offers a straightforward deployment option that relies on running a Terraform script on the user's computer which must be a Linux/Unix machine, e.g, Mac. This mode makes use of the Terraform Command Line Interface (CLI) to deploy and manage environments. -1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -764,7 +764,7 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann 5. In the Network settings panel - make your configurations while keeping in mind that the installer machine should have access to the DSF environment that you want to deploy, and that your computer should have access to the installer machine. -6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.5/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. +6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.6/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. 7. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -783,30 +783,30 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann For example: `chmode 400 a_key_pair.pem` -9. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +9. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. Run: ```bash - wget https://github.com/imperva/dsfkit/raw/1.7.5/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_5.zip + wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.5/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_5.zip + wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.5/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_5.zip + wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.5/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_5.zip + wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.5/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_5.zip + wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_6.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.5/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_5.zip + wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip ``` 10. Continue by following the [CLI Deployment Mode](#cli-deployment-mode) beginning at step 2. @@ -1105,7 +1105,7 @@ After you have [chosen the upgrade mode](#choosing-the-upgrade-mode), follow the This mode offers a straightforward deployment option that relies on running a Terraform script on the user's computer which must be a Linux/Unix machine, e.g, Mac. This mode makes use of the Terraform Command Line Interface (CLI) to deploy and manage environments. -1. Download the zip file of the Sonar upgrade example: sonar_upgrade_1_7_5.zip. +1. Download the zip file of the Sonar upgrade example: sonar_upgrade_1_7_6.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -1171,7 +1171,7 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann 5. In the Network settings panel - make your configurations while keeping in mind that the installer machine should have access to the DSF environment that you want to deploy, and that your computer should have access to the installer machine. -6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.5/installer_machine/upgrade_installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. +6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.6/installer_machine/upgrade_installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. 9. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -1200,13 +1200,13 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann If you do not wish to use Terraform to run the upgrade, it is possible to bypass it and run the Python utility directly. -Use the Python Upgrader utility. +Use the Python Upgrader utility. # More Information Information about additional topics can be found in specific examples, when relevant. -For example: Sonar Single Account Deployment +For example: Sonar Single Account Deployment These topics include: - Storing Terraform state in S3 bucket diff --git a/examples/aws/installation/dsf_single_account_deployment/dam.tf b/examples/aws/installation/dsf_single_account_deployment/dam.tf index a4937408f..8f12d5d5e 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dam.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -38,7 +38,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -68,7 +68,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.create_agent_gw_cluster cluster_name = var.cluster_name != null ? var.cluster_name : join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/aws/installation/dsf_single_account_deployment/dra.tf b/examples/aws/installation/dsf_single_account_deployment/dra.tf index db9dfa8d9..18c8e746d 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dra.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -28,7 +28,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_5.zip b/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_5.zip deleted file mode 100644 index dbd6b740d1e5d67e8ba90ba720ea8c88d46e7382..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15407 zcmb8WW0WObm#&?*ZCjPLD{b4h?aWHs&aAXqY1_7K+dB1jpFZDH@8}*~U+fV(V*gp! zm}|$lW3IXGDJKaG0tN7|1KE~d?LTh*?-vOG4uFxPiLRr$jj5HfuD+q6t+S1ju92~w zm94wA@$Xv(T{c~oZ^}xL0KjMwMaKU+o!y`T06|WG0RTXJe~%;gdvuiFSBU=@9gcbA zXB-Fsz;}EA0J^^%-PYO3&e_S4&dKCIIH>qCq>F;RQ^&KqlkLrvvr#-1>Gy~x1;X@#U&Gh6laP^*g@WzdRBUSW z%oqFZJm2s=S~NRoJcy$7JH#?|wC8VjZXM)n%&A_`HST%~ zQtinW95sqOvBp?7tr7>q1Tb;Qht!Fz@*eu&5|U?*Af)=OUcsir_8XSf=V5D+!z{b+ z%q(jh#Vx0|qJ9ZQmT4LaXI4oJzzZ*~(7~fBip?d22l$lXU#m2%NY&ZBt=EruX7rHL z$w|Q3I>iW|Mrh~3tE=;WpQ2DqM2f|c_jvZhBhJg5h6n|dCo%)jdYd_2igoMpbsTvD zf=&r&B&wj{YvvQ{(B0I{fSeP;dj-ApkhorCO`$Zd2Iz|TycOoFfBWzv^#!!;3sCLc z$|zeRr)7I%p=$<>mA**DWRNSS0ZR-zC79Z!CC{sqXLX1OW#F+eSGw|Rs8aO^kqvOX zJ}&KSVPN6o7oAL2bFm$PHzZ%wKfdmV(jStlFsl|B6$d)#dr0ZoA@}PkLR%fpp+Tz*oIWCAVdG*0e{7)7nVVYX!|lSS zivK}v)RZn1{bd`)w0B92g#wpw|7&q)cIsZ;`vMNVqL&RRNE&2x$Ew-LdR5&tTL3>CT4TzkLLL0ok+}IYB4yw2WQS9N| zcA_3Z9T{kc?iUboFX_5dZOpXP_q=nc5Yq-}!H>?9f@vA7ntQDf@Qominr=I2wB-gp zDF+@Mx!Pib`HyNKau%~iSOplK9VE&?*-p{$-Vki2$e)hHC=?jZlqmTva}JH)!Ow)T zSYo3mtwSkMg6j;^Z1!J#6fB*0?GzbEEVlryNl+B8GI7u{vMgHiT*gL0ul#7&#aM5^ zUA9lwY`33eJHd4qmxc#d(cHa!oqdB~6LJ?0B7}m1m+e=n=f8RMqYalju6zB$Nv! zihaaT)WK{+v4=!h1M^NlJ1j$SArRuZ@bVz0Xxi%fa-;^6h`&?I)X^0I4P0-BN4$fF*cRbLZ6#fH)I z+#r{OKtb05Dcz&HtIQc$b}UnkO-apiv5H<0fATbM4&xI)EE#2S$3@*zDF6mBP9Qq1 zAf@h=f!xeb29y+Fo4!rN%$0Q)5bTwoQ4p;QQ={3wBE>4JB*TtXmO{bfBw-M$(Kv4^ z#aga^Zvs!JPRJ85gO5}a+X!X!dMq^UX9Ofo86~W1GbI$&RnsxxP_a9*Fa%}f!tINK zhzTtRkJ^z)!vZNM6jrq`wJYA#rF(Sto+W;O@h*y0KLR`M?nqI1qq;!FY{Z^iRm~r= zx8WP>xq+)X-{*Ao_5*W{bMXK*{XR&FqFiP)$UUNo{GwnekOfFxu_CUNe{^$(Dq~O! z)+t`c3&G5oAwh~UG43UrG+GOcKj;Uc+no$C~u&*Mxh zR|@*B9T}0<9tyjafeD?9cuEU0WE!7;)wcZkadTtlvknzIhHe#G=IS%(;q1_Lg=4L9 zM+PG4cKK419r>daB5fj8Q=fisZwN`>fyJ@5+qyBO`Br?xG-dz#;Q@zQmI6ItAn9k` zd`1dwM~=w5O%?yoJ@9$Ka2_N>HpfT=loJxr`nRW*An&D5zRy{^#?NT*D-4e>z&{^y zvOM~_vfnR$QMmsf54pbeKOgdcz1{yUgD6y8vst5u@xD@Z+mwVRxpY>OCs;G&BZ2@K zFi@oZWfbZ_hw*xqzb|PuB$L1bFHC%c6NlnnLXqGQG_zGsu}eK2UD-&(667L(mnMvD zgFNk3>Ia!E+|?&I^-kJK9F6K)bKu$dt7tgw5OW@<_6H4H^4f=``Q53sL2m(?SrG2C zl0O`cexhrY?{u~LJwM%g2r`$Aq<&ibF$4$t`c0s1oPO>6HdZ`|8f}<+NAqiQ>u4ke zijaL{#CN1=6xN{ansJ93Y#-`t>+}nouyM~ez=&BhTf3j{Qa=4NPhxRjP8Fb_ID`&f z2YqF~*kd~fpV+7cpc`zB%bwDNeIw_WZkV%$?ilfb9E=~+Vut!K91i%U1Yshu4GO=j zT^wE)-Kxi6-1J&)bLP=J6AWwEqq z29nxoMG4zhA1ut?qKz-Z3mg<@uD3oIjKI3sN}M;B7#~k#al63qtEaWYbIjS%K6km@(Ag-$hkTjyKc)}EM14% z$Gf^h&627$ANB8OtY18EQqcP`A?Xj$Bg(Rpl!d=U0o0r7+->ix2&b47d1h3J7}=6*p=v@iorEi+ujiWp$7N*QG1 z!`Iwa!Da^UGbBU7kaNe3HHSyo&-}?bC`Q;=O+Keil0{-!U){I{$4XDigqf9RR_KK4 zSMk{uj~83}80zd>79Ke=a_Rt~{pbqs|5}4H6K`yjQE_z z1whh|YeyJ|G8Us9#v?$5xJ6fH^KZfEfnT@}@PDcS3LZ%H+;24i!vO%G{>xXMwZ6H{ zKjq-RSx_vfj{KGbgpN0AwL;KyqU1dSVSfOdn2%6)1dIfgjEPd zF$?@(W@w%6wjzhup;kcQIDDZxb_BRiID{nmQEKvmXv6y4MFtV3LRG~rQ!rNrz&e^# zBoTrKEUsN`TR2WXfHLLM2n2w`NrfRFMa?@Aps&um26`*Gf$@oI9{F2jPgahZu|Q{_ zqGb^;iEc#6*a0J&420aC;3;4|HADmUjLyB{E;r6Uds;y0c{gIR4&uGE={9D+)!fv3 zu~m;BfX56ZjMVjh-y`6(!y?lO<#-^0Lz37I+(LvNnnVfssSv5$B_e_P#O)u*kc^~< ztn^`&WU*Ha3dJVi=c9tpw>Srd6Cdgs^c|Ws=^fVaAv5>|vCxPOrke>T2vYwP5sq6< zO+~U4dx{(vG4zL;Acui|`4w@zeK&sx=yW*_xvcAy*-ie7+h?TAwhuR8CSx#ET_)7e zXv=ZRE6wiR`9wzo0_s(Qj}z9WB{^B8h%Or)?r8PnfdFfLh<3jF?MiiifxP_&x~4}J z9R?F;9xRt8o=TgD-YIG#|E9-OsKp7%Zk1AP)KwBYf<+AtE(zSCN-ByFNZcg>GfXl! zP5$Hx^cis>^fai#tWkdoPsFqxrrA($vwc5_lNT<{h{L(HYgRoLu1B(_xZXiWNzBT` zE`7|b^Cq-uSqMqPCM7)^%!D<1#PiBcitgzp9kfF`38X@;#e zHRa(}9Xxd6vwgZgqbp@$%j#;T3+uUNtF8(z!e4c?iWT0SlVExmOQ9SR#D%Af5s+8y zM48o{X-$BpbGdA#ob!VgkX1>GzJ6;XmY^kBYR!?jNR9Dm4w7OGO|aH|CyW6R*D~=_ z(@{cQfcHK|DFWCKA;RZ_ub3M-y37SYjlt8R3Y|n^1Z@E#+*?A}Dg9RD+QJ$147z1y zTQ|_sBREtY)RpxOc5^;l8OC<|6~pSAZfD|FXWs-tkEYX|CLSO1i%-oc^wSs1&;~T> z3OxMz=u5N3gBHfVX8h--h617d7hW^0tr>J?5)3tB!nH*)=a}+oiRJJxP}Z(hHcGp8 ziZz#u9O*L?KPwdwXCzB*rMIb!i40=JguE(*qS`EqHIljR7a)(Wf}>InbB3?+h&G>) zYlpfqueO&cw*7j_ho5+n&Cp`5xE`psE~{mTO0E>VpFjEBD0{8$u?t2Q?VN85NV{=h zu!&gs@i}=s(2wWKjL};-Yjc9lRW1rGPKIN$Dn?mnWPcr+IA;AiDFYW*73w;x{{a0{ zH*CP>@lz210Ccng0OA@z>6+hApkJ`2j%Efb+tE<1~9>r`jCWj&ivZiadf$p;QIo;)GLT^T3 z<^xbCM1pev-h5O?=+kl=&*1Dr0Mni0xDu5x_m3gKpC0O|=|en-w9W0e!T#xw$CbB* zY6V1LHx~&&^xwO!(#499o<$jrPcoTw9ljj^CTNkS-M2U_-;o?#PfD&hOd68au?Gj4 zJB5*HhC5AiADU806E$uT=>62jTm`dAGLo7|pn<`NQ6_`6)8L7#xh4t&*6JDRg0x4R zJ4^7*Vj`eJlIT%P+RLP*18f43SCnoi`5C+}`*4@~%@M}YD|2)6t)rtn;BHf)1v*Vi z*bRBf(u;KdzCON|lu9{T11-@D%x-;#mAVsXTai#%!fFO#v0@ainF&}0wxxJ>r+F)C zz)h0|MO1tP4$D8e8NIcXO_5bfFn1O>N~Wvuqk2nCNU_@pBB2oShw=3{p_`GHsVO0i zg(r0NGH|TQ3^M&x8hJwh3J7NB;q03Q!$+L{^O~RjNu$RNs-%$KTmkFIK@{Weaq5G6f-nSpJi&EH6Cf0+GTy}9c@1S2_Ow&<>pmC6$tbr zS3mEPKx>r~k7BMfTMzrYZJ7yV${OFM>F0Vv_RjzYKXvizZU zIog1>xV=RzdrR_d$+Hhi0khV^#Ae}V2aFxsJ#oAHIe^ga1I7_~hn`&WvuoicLB;co zasEX@0?WW)@8PNo-uc^flfBcwSYVuJm1>4D5GYr1eUJp0K?MbE!Dfq^CHe^*okFfz zM-6r?O`ZJS5o;wnFy6PjA(m_^z+Mi)73aVCjKHqP%TAY;g7i|mgbSokAIBC>rtJu> z6Sy<+2KsLkOnU%}g6HHTktwu;6=A`0ZTFH6mS{^=^==T^HQqgD>X~pS+(^8#r=ZntN% zjbS1Z0?%I)xfyHVyHDpiqBMIU#maEdMXz2Or#k`1-o?V+eI=@K&^ycLN8~;LD~BMZ zB9pA0Lx-A}gkimU33xMT%@f@?0)%+0#(i~ktIYpQ`tA#-ig5p(K-82l3b%q0wNA<+ zKZB;3qfR4|{Eq%r+bBWq`5C7jY&8L;GGyPZ!yU(tbClvo@lYPfIk^>;UPKJ}%N)AU zX-u)K4ptr(D>x~r2>#3qz04Xdd4=Q{C2NviS3?pvpRb48?QWubXUu9N%64V9`=LK4 zQtzDA4152QHASc53JF-9S5AwM6Z>b;Pg7u+HoX__LO@=6$q_k630AvDC^$Aei5T{@ zfgp~-y>&7o>l(TIz3?0hs2Fv|m!!87f8K+Mx-e{aBA1AsNOjgaJPfh5n!#?3&^3S! zo*KYbR{GY)ZL(E(%t6iK*ypR^6IvHe#BZk%lV$E6}$zdT_5o=jcuo6w1!kA+yvLLYL$|` zVe>DMZt*OWePD}dDs_)z)RdxAZN_CilMjR>2GW~)*HG6ZwDSIn4nQaT#e3^pkA$*< zbz2SEn^@daFx2i!CHG#Y zE`PY~>UY9y@+ebN2xIN6BR+hYubWNR7njPF$E@`6oG)9+9N-XDi5!2ieHU4cfeJ=B z1T2cnu5(10y*ijz02tUv`Am^zO`)jvQoFL>Oy8AM90ZZ@T8pK_b&h!iJ(v$#gDR+6 zar7-nhR%GEF^1|Q1&pVdIL%3s_P%?bpTWwet_>+7!~UhVf@iT-GRGdJcEU1rzy;+5 zqN0`=N)&D!>Zow$7DF%#h0HX8P4T>G>D%0HGM4d2^Sv+adJqcG8&ZRKOaYjvBxgmN_Oyem%pZ zVN6{8ya1nEr&=&0#__l&xtC-p0Y`qf9LCS}6^ghA&{$%{AY2VjYh~kI0QbA$lLz@L z8$1rqfLxacqKa~4sR_CzmR+oAcJw-q6to{;ma=|VHmS$qMopB8PwV1`y0`T?Jg>lnx-d4aQyZrwoh!7I6E(V)w`|3?beN9UIdvp&c`E|P3Or! z-|giI76Bpvq>lg>AN0IXWbpkI&Zbu)Eya~P#GK02sUdX~%fmzJ+Xq%Pt%WYEe?@Z8 zTq^p0C)Tx{8Ncd$JGtV!>gZ+k5b!Hek>+@0hx#R;lpoEFj{*xO+{}Tk@N4OQrT@EK zy>+1&V-Qt_LP%g0JD}MF?nL>oFF?;4Cs+TI_!6bz;SFw+)C?gT7^qGdhzK(LOdg1B zY3d*sONeTXvssjbAY!W3^W1}zupChW&(=#@99)e}Zn~NKR3qsmz64Y*?|>q4;$Yg6 z;Yn(|suD=aI@O=3RosXcpLP)|;Lj_%KDo z+Yr-FvqGoS~4^84(d?ceyG4I&Se#n1QJrp6i+8tn( zFWkOgqDlX{-*emBR%Fg`0nNouosbn(TSM`3K$16doXYllk1gV_NZ<=<4#+zGpcLf3 zQw-CkfcIQqmZT>_NUc!I1kvQE;_^R|-h{y%B_D-l&#dZYF+S!mkyH(9YSiIWY0S9o zMuh~)YG^vqB3rTQ9G-pD(&SFM!cg@8rhGsJ$z*jeEnrH14dykD*+?7e7QVv<{66go z5;hfVm0bk=@O+KnqZr+?u?;ZXCyoYA$k*Om;#5LhWD&^<(g;_YrN=%d)D4eLu-Ipd z@5AM@KR#DdRy0(Rz_Irxs-4MkYA|Z%)rGsU=yWO*USYuXcKBWWjW{$*37Rwg_$ z#n(4$;Nt2~$l_Gj9&Wr!r$|+Kuypt=RXn^g-~Q|KZD_g;Du2mR+j#qsQ#GUBGOC=W zQ)O%QLc~?^;e6n6N*A{6Wveo7!;w{S()rG{w0OhKs_K{PipuBAf-~{m3dfG&YQJAxSG>8_%K#_Ap+*7>~7qzOo`7as11*AE$t@Y3`TQ(G5Hz%j7PPhTh znebMW2u5>;Bc0UAS^|Lg3X_Mk`uIevg*1!agwgx5_M4~{1~n<&{R$d@jKptFzeavK zeksV#q$=ILxG~bgv2G?R7$qLVbkGE+`S(py#;FPeH8J7baG~StVZ{yi5O$lMGTKHv zEW?*)g8pCytjS3e7whJPZfz>GZBY4@y9gc7V&a1rZ-&qLrN=nq9L(HhzirVO@9tPE zj$!56QrzB>gKue@yQ3uKU5oQhtwA!IQ0@hUrJ8i)yQB&dKIRAa22O9gwK7CXqAONK z{}6!yWj=93jpPp?qX*U2*J8D5?@c^aqTRYAAF4G(ycHp@=XOHEx~XutYETCmMe01S zvN3n%)kU9@HYjt&AIV%++gnosD~`7#{nF@E%)LEp6s|hcg_g+MXg7^7 z{Z;M^g4!cZO5bWd+AX(9xYB68QkWQr{!?NYTki2>;3B>CXM`|)6SIn@Qa-%&{rrqn zfS)9_SyiU~j+|?n7@oqJKCj^QEmCG!o7?nSUOt#+SosIDrt3V2PQ5;#wCC3DYGq?u zqk|F0GRL_xI{qr z$QRS>ZVvIany-ft`Gmek>%JWd1}r|$>_;*2X^=qrYvU$2KXhW+Q23F&N?Ueyp=q#u zNi>E$Mf_Hm`0j3rD#`+WUw>SmOpRdW%CTYLF~L;;uEwXT({S&4ZQrNKBF!Tv_acUR zp)PS0Cqp-}ryeemTJu{bt~R=#RAogwyBcqu3UTbWX1IK3jLJIm>uI5BK<;R1qX_h- z3PXwZaI9?Mq)8w1TxB18plI>=fElbf-;OflX71(p_V&m{8VjXo)f}arpYDs(?Z+N< zyYW@~$LZpg4n{hu9G1v<-O(A;LX8g6-ZwKph{r}dRt(mYE?1fZU9goFt0~Si^$?CX zq|CEEZePf2sKzfQ)s?}llZ(ovmyJ!ze%Uc$F4RU`7Fm4stPX0fcM|ex;I;}I)bm;& zVa}Z1o;Cc=u)(dRx3gU4${NO4D>oX<(rkZNOAnV1ZkFeN-x6?=m518hd)v};id&GLU-!h;hUl;XX=tvR-vUVo&Z#=wW_0Z}_VJLqi zi{yP72!ui&8v|?fgq-l#enL;*!?R((+zj3u#E!|mD1v~FRP56!vT6mqwmSH=x|`7_YB?tDL$z;OyZ*005kG007YZWd+31)<)mqe<___XzJST zvBLOX6<_~aBLtki_voX~;kWtr2I2_|BoLM)RQ@I45I+{~^%VEZSTgyYJVlF5Yb}Ji zRxG@L;+A|hdX^>1=-L4tgaeftOPC};l0!Cu0OGL6KRk`;dX8J{Q6A-e2j2&3mw8>( zsxe9dBMuH!N~DQqgqVzU1#g6NgWR11Q}UR~K&S{3^#BBKwRn3DS8U}%m86K9aK#7p zhGj<`LCJ!RB#JoM>TaWXUb>Esm(~>ZiR2l{3uslE${;;Pv}-s-moKJBfNd(_HuzJw z3^hDhp>F|dpiqJXM<;0!Co#Nv{Ku&+Ud0@H{+U-hgt?6AJw@1hHBz$b;3Uc#)Z(Q( z)^n(!e%v;ZD3h!4IN}_~SQs)~QubZ9{8--k!c<-(igx;rBJB*z4l=l9va|_~q54e7ucGS65JN`dO1mC9Jp;oeIoT_FenIet+IT2S<1z z_!@fR9Cms_23dfCz4NCP+x+b#0-%?g?Ev9O39uG3=)eITTZSija{s7p8pwQPakFs? z_>ZhxBktCas9zL7-;C4~vkf31gvCjs9MEKvKKWS`$V$xi!^X{jnUL@qk3Vv(TEONH zP%T2hZ;+M+8+8zuSq_gbdiLBQuY^1OB-EZbg+ZhR!dQ_2o7Al&f=P%yNEAhKRUKao zO=5#Y09Xm{bDbJ45F(1FKt0+B+hxc1@bu!Yzla@|kM5))|w zkbo)Q&5IVoS+@%fjy!C$nB+Wp9=0G9uGz~$WUNBSfLWfRVr>MvgWR8R`+41qx!+AG zmF~l1-geEEs~=h~(m_L0E6P)DfQUh}TD8hI`kFp~L;rkztHU_MnMB4gkKD#0HQKN3mW&B@_ei`RuHGcIL?f4ss!=EdmJ$n z!W4C(@<`Cy@;Vqn9;i0pOi(B1o}WY+>N}{|WIq^X`)XQx#+daBd}T-Z3<a<})dv+WL<9GAP`wFwXdO2S}AVO%m8lQVN3c+tvt zezz>v6*HA8fvMFoR2iEyO%_9a^(=z3(u9Ygr+QSO3I)XU{6@%ulq5?ssq+J7YCDSx z8ypT>Q)K~tmf0(0Dh;pASBbP15ajz!I{o$DkVVL)*)lw|CB8Nc{MUOqFpdjJBwg(C zFe0m3;OiVTDmKu2tUN0GH$A5XJOCVQ$45XhHkuH?5i(u;ocaX|z+?=P<7E=qtcG&7 z^ zJV`0G&l?a&HWUZtb`GlE*14z%ziq&jJ?yx+>Zjs1Z&VU0t?EL{2+#C~x_G?W_I36T z1zW;e~Ur$u-RcvKR(gz8GaeEd9APS;jPh=Du}#Kkvd}c&O9(g09n2 z4KD*bl$Rv(jQbF(VZR0a2#LJMVZjkgH=EV=lGDN2^_0o1z)4sQ`7PTR)l5CF2TX9= z+2N}GU3X*8Kv`1H!Gu_E+|`{%r?*Cxro9zvkIlls%j71OowalCHr_6SwJW~ z4%31j(Sjzo&||@?4OcEr&AlZ&IKln+BMC~b7HTydgGyMMM97zw3X)_uV=WF9+X!ooFk-aY-{z% zuDT^h818oS&7UZA`?~3D?vS^t?@^(Wsi&zdlgAClkgZUgA)#EvMG0^Y=E1uZ zC?2J6czp$pWmF-f4M^065;i=>r$784inGJoE=II|_5l*qRtvu4`SjJw79B$?)Q|Ud zLz}BWJ5wI=avrdK>hGt(M%$&e!f5OfN6wmef)hCbr`*Qr1sGRID8-r$3A0ZAc;7r$_doX_V zjpRAMU7J6C@82@~Wd>qn?Br_eVENlC`d?|t|6tWDj2nXjB1GYT@);QL7QA>vYne+D z$Do~e7aH#}g`La;`gSbC;lVADia;_cKU8~1CLX&~I|o;pa*YCztcPuyN?#H+o190L zxw*vX1K%_f4~aPyQpU)GGe8CMks`lcLcttX!^R6sCbBVA(f$*b<|8b>8r*kB+M;RR z%EsJx)k|Jwo~xuV7|4P|^{Wfl%Hl0^*WQi9GmOUAeYyOV-g?GB`3V7zf!k;u`VW*KE# zU2~$=)vzU&I3B#1!dWLMW-!V;Ui=BvqCyeMOOQolAr}it(_GpCvV72?Wv74+Q=B6$ z3A-`BS$6E&lOp*gk7|rj`kYg-dj*&;k$=(B;rn!Z@qSiv4&c;bQ8kCox{o`CM{`Rai?GO{8Y`$#(Z##gVVCJ&OZW7?Ai}WGO`O$z* zX}yc2kR`q+%y~DQiH$$H5n1@H;60jbd?tR3ISr4n6w|VkkAiP#x16 zE><@%K~p&&#HY(+yaPuLj;YObYVeu2PnU2e~%z|X;oNyOn>-B`& zp#T;f4uXGOgqOl4gUssMDQ8Kup^!E2SFFEHrY>V{zUPS;2p-w!?jFp(8fN1;+aeUy z&lIp|q%pr`}Qeh2I zffWG(nKj|&n-x3@$*Mlq65eiYY<#Jp8qJd2KHLI+Y9a~{vE?2Yi7kK-8AKfPR8q2W zg><^PY0PWmQ&I7cAHFgz-8|$%0G$7{SI_D3OI9>i%eQ8qn8~CKIpEyW<)=@yP?8%3pq@)0 zZwx$!NvvagI#@<3sEWv9vFB!c1lVhHI#YC0W#HM{Y3m?LaynT(Kgx2tIZh)s3>q%j z7v+gRa*4q$4D!$PXSjzfIQdnsy|gOKXYF(!uAe0m%UgdlA@Syf7oFGwMpkDvjK?O2+be{VKR?of97@OofvthGI0#dD zS4p!s%Wr9fM3eeX(Nn2zqN_11$`~moFsD6REz~Iq)nJN5&pD{tJI$I@ zl~Ro&fraG{Q1$)Hb_ftC6=AsE1M;g_v*FsdP<5YVt)q@lW*jh4>7P6-_**51CQ ziNnSw+P*Fr)anCTlRaR25dAW5mH5K9yU#}3YxB)?UmY&&oX0n^Z`r{NR3wG*1BVP3 zr#129$j+F<=x2v#dDqBQ|l`J}t=e&2e6DqZ`;`=NUS>ENKt!9sVDZ5#jeOHuJF zV$3sd6%)3y%#uyB_!T<(jJRqaO7^xyRE)`W(`F;m@-uy6lX$I#{r>$!K9YxKM*`bE zB9(mh*yrWD*(Y{Xb)*4hjC$2_Ir38oRvIQz2D%ywx(&-XR0~Hf>A?KhdZhCsr&PEi zJkD*Zz3H2~{{aHjO2Yvl>^)Y8LI-`$l#Htx8q_o28TRnH%)&(Ot2{HCbR*_b{7c~b z%6gW&hrf*tj+|mSYeSnO4my2$PEcqh3b=)_jVAaTKUZ4}MeJeNT0L%uwcYZ3`igg^p_DyiXKFZt4GdWoG@2{A(ACltj^D;9+WMV6MD z+izHcV2@>|=7^08w)XVK(-acYKD5ptAD#we=SZVyJ{&;hHTHt3d4N#w1?n@I8`BoA zP&^Jt(oXYFh%Q$NTS&`-KSDOtaUMs zxa07A{`U|odl$viWi;1WBk>5L(O2*6o5E;mlb5Y|%W$6Rc#cI?6Jj5S)vgdL-`X+a zof4v=Jigv}`qdtfOIo+!4#OK#(?k8(0YG{rxeF0sEKOgT^K}W9eLFEV^SD_J0l#ko z*bj`dPKq=h0XR&!BJ-7g$D@^IF=?EYT5Pc>jlgc;^z2JRTz}muACvTZ!wK2972d@^ zfKI;=Ug&Zi*L)X^Jq6Puc}r3K&cJlY{27#y8Mr_AvTBsJwYdR67B6V`_7Uuny40Fx z909|=El`JKk`wdIM$(!A1yAcFH&wwMyal>X`(2CT+F3~eOwr56XVUfyY1fsfn!~3* z{<$hs;6>XXY|A7F6ZgXY*`zM|?An{`-x~v*Oakx%erMW~zt3-fnO?dWJ2;x#+Wc>3 zC*`Ofs9t&mp{tj0LesD!)b{1i@IdBSe&@5n#UBM*n*~sVV~q5+o4mMnEl69}XaH?P z`zy{VEB4n;qQEPx(`70iA&yYw&artUqD3pNkXs;r?m_jhMg-ISi-evY$R4&~L*9b> zO~qJqpNMra@Rkz+<*B-gBP+GhtXQ!c~<3FssW+GUhTRz4fGFLHDuxj0v|& z8^}f-syYAcB?+AWaUyFZn!lCv-X&>M9rv;E;1Ewi`2ZzjHlPtRhY;nQwfb0Q(qZvz z|LAY48XyoJ@c+~n>)d~meorJofxpgQ zlK$C9_nZ0OEJ^;I`DfS4Kbfkae;3_<^|1V1jDI!|{FBH1yBz*EvuX5y+X?=T_oqeq zpF9bezvKNs!}8w&|MWKg6BzK@@%T3Z{^@l5yT9?z{e*u~0}20*`v2`N{9T-X)(`$k z1f%*p;=ffB{w~lz*XsYoB2xby_8%+vzeE11-~U9~vHTtK4>kWg=$}gZPpBsA-$DP> Z)&GeK3idA*gZ}+F|J}4p%l5Bd{|B2cjrafn diff --git a/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip b/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip new file mode 100644 index 0000000000000000000000000000000000000000..1f2be664484b0dbed2af47b1b2239706646e2c26 GIT binary patch literal 15413 zcmb80W0Ymhwx-jzZL89@ZQHh0Y1_`Mv~AlqD($Sajjq#uyZfu#wx{u9rL z7_r|qW5#^trGP=80RDBUI9KxOQHBHn-XELP5(R2g~n9mIy*|wj2@w&6xXaQSaT?0oU4I>#z|4C z3H*RQb3B=Ym6T{b6C~-^n`8=&RCA6|$FDs6wl$xglBb6SFGY71G?j2PVP4W8G)%su zq-4ke4xQW@HHZrbRfR@T%P+Ok`YQJ#v@Qck%zRROcL7r0j%V`XU^lo@e>(hZ{Iij{lYB*Rg*Or2r}sy0O~S0 z%|b72#Rk?WS49Wsu4fHryPFvo;{+;Fp~x0R!i>WD(d)Wt$f(C6!Ok5jHg$Stj0cqC z@D!Lj#mfZP8K+5z`Y}2XJ{)A}uw2FbhxQaTjTKLHNxUwZxyYL0{0z_pGG@IK1`o+( z9#A?ra#Hj<;TjDIDp}vh#lj&A16W~dJCPV(i;7Rilxn@T)GsPpd`w@{FMEygo~8CP z(!4hl8wVTHvp8K9Ei)LeH+;`Ftu7i*qG*FI@hn}P#hcw*M}=Aosuy(4yZ*v72eKt6 z&0;UC36?GEq@i#DOkDC24I=COhXJ_6l(}OF=|SsPu-Wi~rd5qa*gE8JtKK_vt6C=s ztJ&@7df}*YEhCYvYRMsZk>xcycvL0vg~W&epK|-#xbwVK5{yFNjN*_ zSdr66oqTu=4St~+3Z*2ZI2;AfXFojR{H$4sFfauoa{%qPxzm+6_dZ{zu_qwt)PQE9 zN*caaKJhNSExk<01!25b&`VFr>t)tdN|PFZp2*Kz5x&N^4{uUmK)ZneweIcA@)dGg zwl@~KR?s+^i!@9I`4Sqiq~KG6nLS$a{00S9$H*`S9!m@5E5D{{HP2AF0H^DdvhFqp z7CwHl=@fNWyD@kp@@0dQ>p>`k5$Q^^+OFWh@8AHjS)73PVPy>>u5Q`y_O6qR6~dyG zwu2qUje1n^pu@gLlwMu(^-qyH8fcD9+U4N%k&#QA7n}GKLjx|{)UqG$7e3Ye59;G) zbYbW(J1A!TE8;8^xP%8^%e(V4_X;M#64|P>RtA`8S{dR+@nn)Yt_GV|Taa~RwM18= z4k}XBxvHC@4uTyqfkd>}`aaPS$asaFq2V+j^0tZ{@CNb|+fcfw5|Tu5M+-Yi`UDMR zpj~=jK*ar|8_spHv(iHO=TM<$O)`QX-Mi2YJkXD%$H#mVR&|tD1+p>#UlDcv6-TNI1!^zV7O4C6tpckHVc8DiD0qB#Z23T zQKE!27^T}Dy!a?ux$N01F_2ho1KN)3gGTgQfzGm5c8Gbj~2*BJ=8KYLKeJ|Ll&X#*D*W)fwqsd@qw0`8aExUH%E*PgF97dm%a$t&pV6Pp2n(^y zA5*!gaYv;P9lutimNsYz>z!!&9l;ACZMjOb z_U8?fUL<`O^r=o8i+>u4Ac_wMD$y{vxz%HwHS>+kCs{ ztx0u=XmvY6cHTrBqwR-_ZG8MOehlL@)6r-E%+EeL#fRyhI)!Y;^A6!mmUomuQr;); zHIjV-RKf;KM`{>T@AqzD@oG~#v{qVIB(KbEQ#8Z*byKJW44N9fRk#D=7A;XJe|GX;^|?74FhSux*iNz03R{b3}Ru1ZUn! z+lgaP-D(fLn(K>4(~mG0aq0qT*izO%tSs(MWeocZ(aeK!pOyXLXbh6vs(oi`H17H7 zHbRlPY^4m+6HXvF&^K;^?BWgT7I&}`NYrV=J-S+7TieH@C{TnQnj?jfW>Hv!cWNgc zYq5Q(uWd3eY{MtLIshZ*&F$=eyi5BG&OM38e>qozg5nT5dLIsy*R#iU4?nR{3qUv7 znUp`Ji~Rm$tlTi?2;VW{138*JrpJy9U^pJ~OAEq8VjC6-sb3sjm)w_`h*7BTg}I<7 zUtpv&0>(%M^O_J2NJq%|MdNzL9A%pMHP+5AnFyf~!-%=ktRw16g%`ngi)I`6Re`8ECOS}q9UyX z+-Qg7k5F|!cI(**aLEL0-c6q+1EcS~G02R#-FijGa8Xru6JHJ8BHP;_YNp32A}7mI zE-ZISKwXroWwhfkKYTyps0g@tB*vPebt$y_?x+X>9mZm1*$O1R+l~^xqcL2RvrU^& zju$j6!Q5zbI2?&}v7NMNAvrmj&fLL@osOHl zl5t$9jaT%ERM#m^A{S=l;jX1gr^d?JS|S6Cvvz5%(+Tq3{aK&*^!SyJF22hX3w1Qg ziV?~rb}>TA`DT*KGp3qvL9qVyfQF5@wv zV*Iijv&FX%^q?=?2lziUJ#3n*4En z+Oi@qrySX1tIHjuaWWKOV*t^~cfV7m!7q@1&_vhrsH)3g>cWHN+QL(18`(cYP2}J5 zmF0II;h4pJzeHN}qvX=P%VJ9ifs-zwR%Qi*vdE;hb)9>QS}k^>&r15NQbe4SD!rB2 zp)w&dj1w33t`v^$uq@F`;ksXfJiZEvPCd#Uy~ZQjdP1%n>BYR-S)thR>#G=j;zc$` zi@oA{pxVByktHg$>&blZ+(wlIKFJ}a$88+ivxpA#KMoy$>WKBvRH0{-o{y% z8)Bh)QDpgRG&Z|(oOMpF{>aoRyZ%=>xP+Q;&spOK=%2bV>-XW5h5!KIqyqpz|ChSq zYT#&LU}$afZ}S8=R!-}~Hyu7h!M~CW1qF$4xthtwmBSM?_s1X9Z8OUb4f%J(b%WHd z02CVczqU5J2C#F*wG0oW52dXE-Mrq~H@h}@v^f;nm3}njj2Q80f^tir&qBJ#c5NHc zXbfeg|1c^>qU`73ete#k_!#8A3@13c9mn*rTrOxCPbQKTM%i00;m{B9Tcb&k7P*c! zA5H)@t3HtJ=OJs0Q2ga+Qirb4znh&{dl(QZU2FgWy>J2~(~L3}z%ePKf&^NrN1QuT z4PztJ9HCf@rf}*N6-t#1#$JUdq0Sy72(M;;V<)H`bpLvwcMKB-9i(`zY{Fg=A=OJO zxTuW#ZOn|<4f%unU;<_U2EU@^$-wT4>bSE(*_Eas{n~ENGq@%wBS)3KnZIaqE(MhI z2QZFT=Tt-u;Ip)NGJ+O!5KBe)6nF+}U`C-S#85;^wZ9U%xxfc|~&Fj^6|yBe;s= zQvZ5kaPsDhr`+~!DEUPy%jv}B8YCR#r=l7yaURwt+X`QKyz8D3dL=9R#f!u9 z^15eetR)8S>+$xm(|X9k{fWGj)`t&cKG*X4jn0JR!jJlJlH>M{hU@+N%c(3kHuVh3jA`)xbbZ6p!8(9STs7aEq_CwhJ&UImjD$wB%;z=cxfnSy3@XMNVE)J)8#Q zx&VSjO9t4LNV}|)mVqob5J497hxPvbt!-wSr=q`&u= zSYe!Kmg>hd5GXcsZBY1`Lj?tG!4%3kBtr-soxttd#D(-PO`GGt5DO-=6F&FlA=-A- zVVP#)OV1H}kuup!@rslb6G7ChQi53s76_$q8il|*1Rgv*BY*`2@}I%t;0DA^*gGjxR*0P@jGP~Qm=N3Cfa0hqjM~*%<#u&RB$3S7k zB_{R&3-U|KU>Q4i)%W!U_BV<0={T%PWsOb>162umHBo?awms$Pw-YYva>;2TL>09L zNZ`ko0@gAG0an8L;P+=4-`uPcIb!h0C&lKv2C!WoT{wsao#;ESQ~0z!hUzw;a|6=$ z2pcJ#pS?e1tbu;$3t1ZpS*y8M;jF$=#DUAD_l*mMCyXhc-xmosFojNe;W?>Is@|8r zaRV59HHrAbRl6+q)St}sK?V3g9GuV;)&;7V8s5g2lu8KD@h4~xMdHsVzsBxfk4Bx95L=6J!Sn@4q7KpeFcq& z5|Ha4-P+C5vnALU5S7=~B3)(zJTS)ooqZ0?Q(`L*KLFdPB{%$>@B;SB`xeEr zXcl6oG2v~7!GG$-Bdaz6$EStvtY9Ap!-Z@pwmJiI5#+XBP11`xnT^ju6kaizxfYZD zfL9AR%dQnBm%E}yW<>9SR#j#UdrBepz-h>YO~jSFV&S^&e5+PZFf+XZ)ry!^Jx&ff z=Y2K##fTH$Ml30$63h3xC`nAQvdT`_gzKGihg#52aOl2M3OsT~Go-Ypp2X}o%L<5J z)Br02Ma{*UiGzOBQs0PRpva>-U=_)8%x%gY=3j--ZphFg-ckiwyC(ZhVAfjd^1 zX_@y{3>IPFl(<=>z7aJMV=`5z+5uuI7T@f_QrCzp!U<$W6Wt#V+|aLK(a0VmPaZtB zW;})Rar7#p*;yp2!9(|<2kllA44bl@8y5;Eq$6k zjP^zdwDy8n3-hBCRC?6^7f9VBF%>W?NsFncXb6P0A+F}WkhJpbwWl+5Hbt}G)u3ASvXjV1jNeio<~9$R2#WzyA< zqG}0Oc?nXuC4(hl2epaHV>G2j-K!$1v@<$|Fmy=g)UNdKOpE!hqH*I6Qo%J{%G2IGh<9(y3`n^1rLG`JN!ko$sU-X>N*^-4Rlh{kSM1gn?1 zhiCs8;%H9w8@5{`vDIvtVkm=Zr6Q zm2}Yz4j8y8pmr9i{fj$l@D3XUOyRsI6}ikO-C^)RN=9~o`)rZ~&ik?2X)3S61+x+k zVAwSmxRjlx6IO_0Ls36dy!aYg+&=1dR!4orJI68!gpf;nR^#(2Gv)0k% zOt^-Xcc4|;BHmH3za!7CQFa32JB8Rl6J;4ZPXX}V~Q+9tR0IS3EetTXYL$-=04w> zG(cAxP7IwoY0g)AQdE}Vy5@kk_0|fQka~M!8d9W_^!db00c+?;q>j$ZJXFyvzF;hx zSNE}rnQ@NTkei}D?eT@_qGs^yT22PDt#(S5=vZ!@-?MtCTC;WLQ>p1%{d}n~VEgJ| zsrQ;T9dEP!qfZNHyQ6oUA)>@ zy?mQPyEZ+qqMA{;AeTJYIL5ZJce@TdgpZHM>s~5!BifixC!$S4i?(r-2#N;c_v5hA zCs{Q?QOl(`>$;G!i^|s9$QA}|0i8n%x|i&*PL{O|`cn6l5-ZV>7hkUUrEfT0AtDMX zyE`$2exYHNgYe8)9}*yngpNSYXlgB|2qTIc9N0qxBoxlVtT1OSbh2@+DByx2?Y zRn>|T`=_S>{leso5Ym*;F}^fe`*fT!8=Uo&8l&AK&285O-4hBM`n}NwEpt{v*-UDn zFQ@|vZreCnu7irkr`vZCf*u(2I$wahS5^GfIPMf}gHv?EgL%yzHIm=?f?gEYP^Y!V z{a4W(g%0PM0))00v1;V}-s^b@^Uk6pm&hqH=9EPREmygoyN`ZpQ!K77V1{{$5vYQE zRuT_Cw!_T%Y=>B>27#Px?(Zzd+zwhzE48`Tb!~y4#;aw~I3)@M9;)ABGy3Azl13C5p)%Ag#Hb#<2dfFO^c zarHqpnHEGQ=YLc}yDr}LbPAyz$gL-|6V)rT%2J)_q&TL{aK$pv-C$+Sneb83pAydH=4qJ4FFlmf2WD?qe& z&F_vH4m(d&g|#~J6WJMpZSpKC80^6*Li(C)$lwH9$yCX5_7Fo?q&g(I>z~xf1O;^6 z&}Ox)*i}Zy=i{{2Xk&{d*Wt*GKC^5QFnQSOpN0hU->0?G1>1*K z$NA<@o$Ztt{nh25&gzRUs-Jw8rAgTne0QRpDj$28Ti!KD5KO&_`cxwliRMYZ*b!)2 zLUY9>6>8)^9JK&z1K2bO#I_nlw&?R2bkkQdqZ++ihbqA3=h$@s%EqD)6 zY;sniQs?o!ea;lq=`vE8C)Y7}4#ck6xk#CNaao;7TiYMFY2F}9-V$kXtDbbbRIbo$ zr2gsn(dP7u0?)%GvTwTJHmtnTbVJKoKJ(xbRC!s_GZC)0T=-3U-mp@=QWNk#XuRkB zgYVA_NK}l66afSPzyk*W0L@=!K%DGs4IKYX>hwZu-FBZ9;ronQ>7}aya7@D*5G_LQ zda93r9&BJP?N8GJZ1FW+w(B0Z5F}E?LONZq1;fPeqhx!N_NMHq1M#>;R#;;@hjb8* zRI1Do;vlh(Ib;F|lYzjfOlG?!9&zUd6wd=a?Q36XeKp2XiY^Y^DsY7!>S>F(8s@)a)zJ2*Dizd&1Ru0X2ctxJw?YKtkg&t zTB%igI&*DrqB{49XEG?72p4R5+zTVO|em){&H9{uL>I@ZYGte32;*|T3>we6GUP|i>A0CU2Yd66G1dC`N4RymB zPuU?Ndi6$~Cf}q7mdG~!>)rh><9rut89&kGCGcr3p87Z(Oy*eTcuMyKGQvDeH4)7e z#z_}%+uGCaebI`NX0A zgPc#p``x1C%P5`ikkj9o{VUx=7z^?%?#sN7G<3XOVNO?K_!$l}8DXM z0K01$OkY|ldrWI0dW{)rbK^CRcDYgf*Z5)Hsxs{64X1)^MFi(g;{>kJqu&X{R3A$3zA3*NmXKQVzl{C`Da9tz z(8N=LKT20u=?W&3l-G)Hbctf;3~?>-!Qn7!tJ+|kvb@9bnR#A( zDm)B>5y1>u?e)dtS151J)#BqX^R{D2B-$#nA?TU0Cs&@+h7)=6M-nyHbe^!tkoX2lpQW8GmL&w3Os zM%QRb%DCZD48J`l$F+9X_WtaL6na8ppsB&*A!VrdKEu5B;W~jZLkL_*%2??RQkCMsqo>BF5&o3 zubU;2#n#F3#V!eA87y$AGo}l)4s6W%eXkmYhdNCu^j*?wdLG=NIHi_j{RO`i2UsB# zA(`)JoOi&&&1S=^{N2dnsOU~Ik4b>~^zGs%0z0aPZ+}mQ>}RriXN`62wbEG54T-T{ zXiPipX1C4Jh5KW~t{Y{Z*Q1TiGi&Hh^-PWbC!WQYmLHJ%G_J)p>MvSdqV`#@C##ud z%$KIrNWgFIRc|9)&poKm+sz4EAa8cDY=NJj&DY;A0lwt)zuF+rvBzGpuKPH`9Z%Q5 zsBL*+E&?&or6sT*c#13!Sx%!;yM+GBFu0$z=Lv;@&HDS85 z4QN+6t+)*yuAO=jR>u&Ya~*k(XkVqB^$cm(aI4s$oQ%2QmpwAq?PU}2qI#Sk)UntfpN>}tt!^jr?jDGR zFeyVaWY5&I`7mhNQSlia%i_i)#(d_WH4ZqI9Mp7aVpb*(49#rk#rdg!esQRA0RU=D z>Fxo>XCik!_mYj{)yYb!NAof?N^?p1n?4Sy3I}e!VMj#;{Ibd?2oNTQ-hsIjWw&qV zH(fiFaMo4Hp>W*hBQ4qcC%eTU!eMM`S7wO_C-C5%EW(iio)cxvVp%<3CkSAAvo1SpijpZhY>_#b#lXoG*dsuwEXv61Pjw$_ zBuq;cnJqXlyJLHdpEVPwM7w81m&GPT86P*5k_k3!pPP1%1%$IeM3TJ#Y|hXaJ1HY{ zEq-Bux*pa~k`AnVB%bn@AB41LKAX`??YMBemXKke|LGjYkG`2a_jm1P;O{eBhQEwL zY)zcq>>RCrSB(CfP^2h+0t$!_h5yNCXz07(#T#1NLb3z~?V^Y9WRDr_bUx6x6Il*V zZpkzRl4*sJx;rw7xRtsExT@4^6o3?cY_l}_(&+h=e5$Oi6-FQUmazm#%$d+~Mjo6Y zDv*yQ<*T zw4BykQGJeU_%Fb8QK4#tig%(VVK?D7&xu=qQX;?PQHwRsSa2@! zs08yR@=qQ?>UWxz)euuW7U!;P2@r4IBT^%DaAiq~GRUT`3RBkw?=ulMMd83K)Acy8 z(TJPS-yq|lx4PHnr0%ecQ4`A?$q635v`FZ)ygP7e+3lL;d?2b!@?ipf zKv^(B?1bsKuYCH#NLZmUNU%I0N+ChAchLwXpUhVD<9D3|r)qsCBynpqr5hjo6SMvjFLC7p?s6*Y#`rc+_~zAB{Wq;3Q9* zzcV{sC)89phi?bqyFEZ(2y=N53%Kyp4m{ z*6T9+S`oP_g~}K_EPleav+;RW*^n&VQy#)>{a$dp6u^R`!SJuk@Y1+skl8)E6)fqt z6mk}WN{zQE)aA^r_dJn9A!D1py~8(OF{u6w%X?+u>%k$gNTQoNlr1Tl*zC#i+yc=O73D!$w`pX+VGiL z&?!i_$e^^JAOXp3C}Fre?RI`)xu^*Y4Gr}>6z>!_7u7|S|M7wvEFRQEDx=brCay`l zYoTSRX`QzvP}Oknb!uoR!%&K9?YZq`{8l~mLh9^;xjz3v(xY7RweDl_vJ++$^_6p; zD!EznR^(`Km>NETDt8-I^p5{p3|V;9C#_|WGh&f`&SAQG!E(Jwn4rs)BDgY$5n_^! z5>@n};g2S-34I-9I&}*!5iP0i|#18PwBJe3IM1Xc!fsyop&`jV#!`Ecu>CJNR7 z(Mg@lZqzmmH`Q@ci?AM3boPmaXSL||Z5xn!O55#<6U1B>Y8+WBsdU(;6Oz_il<1DJ z-4Bn!Kd3kW`gXQ+H`MC3p^L^#VfL3cN=mZ;)N?81jiKi#iA`Kz7t2^BRWVr{_QHIh z0DE0-cdA~REIfNBZ39GUZa1sfM|o~9$7$rIVbcZsvI6l(9x=G3VZoWf9QTMNC%@{o zw|1q)yuIGT^|NQ0&9%kaoayR~sRyT(QSW+rjhI4nsLr*pe^keMIq=;k<6dJl%K)e# z9P7pcTkuFekJ{6-S$TxeQvj9qW@DEd(Jj+OAoMJ>j$>!>3shu>vD7+S{>Gar$#+h8 zv8iofWDQoM1Z;A+{USJp^J8tuk;Hru*jh--!*JDi)pQ5*g0^NzG-)A;XH&=$H9F zi7$M62W)k`x8BSSG~mL|d3>V=RvpbjMN=6+aL90R+LL}A+naD0|A!+dR8_xX#(ax*aS>~)Y`JvH`mph5#Gejf zWN#}(C74_{9k!xvKQgAah}YZL@83TZqIhU_C9xeM)5zyfd|rgiKe3~0q6{fxHL6!D zke@=a(lLoL(bZAVZCNIv+BoV+hZZL`qFf$1r6ZK!acw6u(CIUB zgTtawz%5N|wZPx_xjJGg;*P=>>ONW6onpbv;ZvSn9eISO4M%ZMG~0tL%wKk77z<)o zt1*j84auD$~l&tmnX^p#rTj_s*)#lwRX;%1%zk=I=CStM`99m8v@#T|TlSqOh z1Q9?~OON(@E0oRBOYXKyiW3q)p(t%xvnVDiv9#6Re!~(3dn`Y-Kx|&JbD%ewrI3{I zp>+ZI@G>MjM;b@-;Q*?rbr4L;2ZVYr)R@cKoV9#~;&D7C$9yNc+k$NbXs?=q0d_m4 z*|w*=J%xs+BIy*|pf=uwDc(pz63emeJ(UJxZHR5gorLG}zlT`czbKh4r@77^OF$5d zxq4^c5Q&5YZHJhLD2r~Bg8Xpr9Isw5{7+8paID=H};#Ylnnz4p7yW2 zG(`{aHs}GJcWsJm7i9r3C2w1wX}d3^JvW{j4xhn<=jtqh7af1FZPQ>(+zW?i(}tL{ z>+fX$*&g6*8h{t@JJO#1eSiDQ@Y2=9(aFNj_TLpesYLfd_0uB=U%f;SnuQmmcCLO# z1ToL^yPOR#2NrH`6+#V9Fw)y?@!~eLA#Goy0d$NUthuDFIb1u70k5&nmaBS(Izf@U z#O0HS6|cELZiD!F1UJ4K6U+`S6MA_fd)kGMd>1@u`TBBFR>}To3tz__&B(h(eV@-) zd<7Rn9D@2Yk`@_(WiLF*n6TeXUhHiXn3;$)q;Qik_68GB#AW&&EMK( z|B|$&f&0W{c!a00Vu+G42hftF|7JFg|HD%7cf3E#l>f<-hWR_*|0!DjJK&%7jsFA&{jPfan*sh= z?f7@pKhG5YNev;EVfZ`ZpZSA-5@D$Rj`*Ll34e$EbFcnSEIReyVgIpn|2yQL x`u$I&E6d*@|4{S4gZ` 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -137,7 +137,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -177,7 +177,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -220,7 +220,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -266,7 +266,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/aws/installation/sonar_multi_account_deployment/main.tf b/examples/aws/installation/sonar_multi_account_deployment/main.tf index a68a14886..de07af02c 100644 --- a/examples/aws/installation/sonar_multi_account_deployment/main.tf +++ b/examples/aws/installation/sonar_multi_account_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag sonar_version = var.sonar_version } @@ -25,7 +25,7 @@ locals { module "key_pair_hub_main" { count = local.should_create_hub_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag key_name_prefix = "imperva-dsf-hub-main" private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}" tags = local.tags @@ -37,7 +37,7 @@ module "key_pair_hub_main" { module "key_pair_hub_dr" { count = local.should_create_hub_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag key_name_prefix = "imperva-dsf-hub-dr" private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}" tags = local.tags @@ -49,7 +49,7 @@ module "key_pair_hub_dr" { module "key_pair_gw_main" { count = local.should_create_gw_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-main-${terraform.workspace}" tags = local.tags @@ -61,7 +61,7 @@ module "key_pair_gw_main" { module "key_pair_gw_dr" { count = local.should_create_gw_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag key_name_prefix = "imperva-dsf-gw-dr" private_key_filename = "ssh_keys/dsf_ssh_key-gw-dr-${terraform.workspace}" tags = local.tags @@ -106,7 +106,7 @@ locals { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub_main @@ -144,7 +144,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub_dr @@ -186,7 +186,7 @@ module "hub_dr" { module "agentless_gw_main" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"]) subnet_id = var.subnet_gw_main security_group_ids = var.security_group_ids_gw_main @@ -225,7 +225,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"]) subnet_id = var.subnet_gw_dr security_group_ids = var.security_group_ids_gw_dr @@ -266,7 +266,7 @@ module "agentless_gw_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -290,7 +290,7 @@ module "hub_hadr" { module "agentless_gw_hadr" { count = var.gw_count source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.agentless_gw_main[count.index].private_ip dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip @@ -324,7 +324,7 @@ locals { module "federation" { count = length(local.hub_gws_combinations) source = "imperva/dsf-federation/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag gw_info = { gw_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip gw_federation_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip diff --git a/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_5.zip b/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip similarity index 82% rename from examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_5.zip rename to examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip index 62beaa1b01ce691901580ef56015624a754459e2..d2cb02eb9feb64a00f4ebb40b0c2c951fa4d9e2b 100644 GIT binary patch delta 502 zcmX@&am0f+z?+$civa|}3e6|-n(&$FhlX%6Fh4%AJ{5>3`b#l`Byvn7%=Gh1OA1O$ ziuFp;kdm#44F delta 502 zcmX@&am0f+z?+$civa|L^9?5Qn(&$GhlX%6FpG6BO9kSI{!+{!i5wFNQ~mtXl7iBb zV!e_yuo6*-l8rlRm^grHBGSVdpHH@7))zI^&rQtCgDHcWG`WFUiBWd*V&*d(AQLAS z@t8=N>X#)JWhN%&q@o+T`2bH1H&~s$go(JRevqr9i?6F*ZVKFHpzWKxBv!J46`9GK zNCFK@Eh^5;&qFtBa321qf3Byvq9%=Gh1OA1O$ ziuFp;kd4<)$E8z4?jgeO9odW74LQK*Lgt ziZk=`(9N1GA~Of9YO{Aq%gZ{8p!yD>0O7M)vUY+<{9 delta 429 zcmext_t}m&z?+$civa|L^9?5Qn(~?IhlX%6FpG6BO9kSI0aDB$iCj|&Q~mtXl7iBb zV!e_yuo6*-l8w9UnK*!IBJ%g9t4?NQHV`${&rQtCgDHcWG}(<=iD{e0<}Bt val } usc_access_token = module.hub_main[0].access_tokens.usc.token diff --git a/examples/aws/poc/dsf_deployment/dam.tf b/examples/aws/poc/dsf_deployment/dam.tf index acf405f2c..93267bca6 100644 --- a/examples/aws/poc/dsf_deployment/dam.tf +++ b/examples/aws/poc/dsf_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -67,7 +67,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.create_agent_gw_cluster cluster_name = join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/aws/poc/dsf_deployment/dra.tf b/examples/aws/poc/dsf_deployment/dra.tf index d0bdb9272..9caae6102 100644 --- a/examples/aws/poc/dsf_deployment/dra.tf +++ b/examples/aws/poc/dsf_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -22,7 +22,7 @@ module "dra_admin" { allowed_ssh_cidrs = concat(local.workstation_cidr, var.allowed_ssh_cidrs) attach_persistent_public_ip = true - tags = local.tags + tags = local.tags depends_on = [ module.vpc ] @@ -30,7 +30,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_5.zip b/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_5.zip deleted file mode 100644 index 89205b88d0e2b006c254f487ef8927ba1c77535b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12964 zcma)?b9i0d*0*`8tdzM`Sg6J?|Ig~7WN-&+Aaz{t@=*T~q;%GTZ5*v3hhQI}1Zg|V8#Og2>xWw*4fF<*~yX4 z$>jese6GF~xyFv@v-M3dh}t@D1GO4~4Dn(+7xm&mC&p6^Jx^^_SX%z=pmWfS6k77r_Tj-#`-tCxo8UrY4zO6M^R9LU?a=WJX?fLq~<--=tWFK z$JTP7mI>IRwsdT4vtN>^eMrGg?tu8}9gD=7^V)XAD#l9#n%d8&;Ip=j63{6-z#u1~ zR9m9)x#Gn2zn^iDMtt`693b}DrUbz|M0Ds?UW0DOevoDWLq>%$kyYS%);Lo*XO7y3 za`4qu>Hwg)5?q`U95$j(L~4(sR7T?cm>2ru+a2&(b|DR@KL=u*td>UuI^PQ-MtFls zz-8NmBhp7GnJ?5Jl(`pdSPA63-JKUwk>sp0`)C4~n*q%O7_-ph$LhCP7u*fW;F+T9 ziXZ;hH3yU10dtIdSxK?QT1S)|siCAXE=69Q35YoP{a1FaZn8{PWZsoLAmQUo#Aboo zJ(wO-GxSp=6x+aaKqM;KdFk!1_?Z_0uIf*x3^(z~{xx2R3XPP6`>+zo#VpnG$uUw= zlI0ewtDzuyc*Zr1N#z5tKXaK^)D1E0=Y}SYOu%#o$DlislF^<;IMma_80rb=a$+$W zDRV|4fU!0UQ*2%o6R$2#ig?9?*}XkX8^{9ES9=lb%Yfhz0+ZM|v+vXq_x)iogLpB$ zBEtr_FzsQ&AUH5hV4%cYNSl%0iuUK8Vl8Z5+VNj;1RqM`D6T~;3iyOdTP#OoEGwLW zi8en1b?{hgZaxyK+@cN#l3l?pTev_oztmMD9ab_T2%DBVE&nMEd=JkI3dFtW(!HS!p z^5%4Ilbe4MzBrx##dNJJ!=%f#Nhz?ND`F{4HyR>|?E3)iSmE ze%c(MFddtg9?yuS?5kG|^5^s6Z}KZp_z*Bq*}xAjsFm^&{nSas*1^P|_kjC=W2I$0 zWPtRv0?_aLiGD_@OovWgfCpY(x1$ZwAD?oA(J!vLs{mWYfaWc2EB{0!<-y7Raq8YY zzZx-=Xf1MLLzAH6&4_7v5GDyPAE9)tLVFY~k}w&YW}gytGSE>a&r1Y$0B)&X8f4Db zz|95LhMx941&`O>@jKa>BnoRdqkXp@rQ>8qf?7(SMPYJWJN=hf(Da`qH$Qxac0Az230BX>z`V zY$ju<`*}Um-m}eFb7gyCxhqJn)wcs~2tC>bxb6~k8s6(wtr=vq1i8W?W>6<|rVQ3w z;<~xcSNpixF2r?aZNTASS2e`_{Z1E?=Ek;CD)V&NOs+L3SfE^N?VC;CJJ|104>D?5 zf&~}=@PY&YaQ+naj2!g;O~e~eKDSt7Kz+L`LBtP4M=sgG3=~)nOd~WpCI3PqC93Lz zKDg<+)WWBLD9+}sM|>upW4irZLLnN1ulw;%?`A@ z^sWc>9Lz&X6j7P9QSs zxbC5eA%x=yWffNJ?5C$bx{3_JiiC=1AF+k~j+cG01X%tQQKMD1$Yy&o1}a)*Ww>fI zobVTxyhR=hA(7%B%bvXY;yxaeoCY~c&!NUEer=9vLc}x-2w-?2Jt-7V*oGA@Fwqkj zw*35c)u|L7b>oX!7M9dg8|w5RjWsE-!3WS7LC?5~ZVbU9A+CAyrn%Te>XE~#l<1vZ z6Jn2bRWpZ4+##>&X2NtM6oxN(--Dg}v7Kj2NNG~HgJ;FZcgB1C=XZii>^jlIOizty z*l>m2glSyZf-SA52%oT^XNv`-GJfm_*H!CoNsFVX$0o%z(yRlrB3zMAmQfQ4mkvT) zy9CH_`}crN8>je-=;VHcmN`%N&@}+EXk_j3>L^<}^X%JzK7Y)N#q`GY>aIJPmG(I~ z1biip>1>hCb_!#Z(MljVB3^mk9J1Fa720RjM8ex+x!KY60Q=|57tqph=pq4B@V!qJNQmTL@% zZx_1uX0Qt4nKlKm;A=i%P=a-nF`O$*oRrm+ZEbBs@k2|oNiA7R7}ESZEFsW90_KY~62OjNs+7Pg%l zAp?jSph6v}9TXg9S|Bqe()0y=l{95GL@(K(+D3+}zDh9Mhh?)X_WD%#E+PPT11Q9x zw`cN+gK|B<(UZgHcb7x^%3E8N-BcOdZ^6Z^F*wSBI1Xph?a5dT;3g>HDNa*}k_iP! zDRJa$5(&V=Nk4Z*RydF7WPI71qoc4(x@B^vQZF;Urp4<*dsjHu%$i^^%`a>vU=%Od z>9o;s_Gfq{pmR_d>_hAPT*Rxp;bYW*TUqJMY$4$kS2dH(-l}gN2u*#R+|1YAaE!8c zHNSp&GLk{^AoBH?uHtSP2fBNFq_7hkS-k^I_uc*%TU*aQsa6~MXR6@aPP|<2XTyH0EUkn`*A*# zwZf(S?hZ-%Q2R(aZ(3?qG^!em{;wmCBgS zFR$o)p$5H605m6jro~1T_ZSz$1QLkENrw}G(i%lTeR`mi7%8?=ugf?wO62PEhA%76 zq?Ue{P6)!trKMh^slm2R+;~WW1u@tHnv zPnFu7b3&dGy$2Mji1_Tssy`H53(TBF%*J_hg^3gn9J8-%9;{Z5t)|gC_pp& znuW;<9s4YX^i~DNz{fMaQ;yu23>!>B!$u(ov=Tcp&{ZvkB@OKx(jzA|8=LT9r?$U< zy1A)c>f3O4$w;bj{D)H|5Ew2|U8kLXlRB>W*5rdKi2zJfG?Vic5BWFhvYJ_SPMJd@ z0$>YeYblJ_K*s&ifV5{!o$Bypc>S!5KHV$IdJ6T76Ygy%G`t?dGKFxFys5a84kaM4j2GMoaCAYqS2jsev z*f~GRZl$t=Q71)bc)ea+ z%HRO{OzE`3(U?2)^{fb0qUAd%k_!if_VPh;Umgt(S_CEfxQ!+My+-=9#?nY4hW%_! z!K`z#qo=GvF8Pk&VX)nWkS%j_x#RQN++sDF7}_GvM8qA1lgp2Gb~)n?%&8>}U+9%0 z)Wy$_aT2t8j>W)31D#5thG%rEQY>w{i+D1XQv}r3VmAbL&6i6e<(|l^7}NUZ(9=@J zNtv87Y~yM+bSe8W6=;VDpQhx0yivnI#B%c?ku5duK@=)y83!*~M)(JiPP#R%Jczf2 zAE++w;a<4Fw&OggkIg_GK}4(|SjqErY>VpDmaLvFzXt`x#CwSgt!ckUyPu0ZlAU#xOmeL z%37_yi@Uy^SOE=?Z2@mQ_HMk;mMpm@-nh%dcnAJ{rju5sa<%=+1RB4(G2B080&9J9 zn}0LalNHu}O?6oBDOIyoa8e=b8tqUZumEpyMaayFLJeanLbMivINuzz4)e1@{t^t$ z{Wf_q=zUF1B1*Wa$^{>nw29uvV$_|%XHnYZO^1;0j2(+*u#>>lln}bubR!|dA--w& zH6m5_3yXQPI7c6TI6s$d%lc!?PyOZvzg%n6MYu%K8k4R-gpRR32+a&T+cSjB5g|vbj0*nN7+T8NO3X#ac z@@u2g#3IL?r&f2yDDvmznhEM{K~j>phQsBfN^dq{U!tQ28>vc*Lbyqa0_f-RhU1TW zNjbr}p$Z?0yT09CMXAu(*euJ-hv(_r$nQV>-hqC1hq52we%>$ufFB(IK=dbfaM5=# z*Eg{G-=YBRU-$eA8ZVA(tjO;hz5^+3WraB59_*K8TziN1BUvQb7QzQWW?3{U}7Z z{?4#Kk^D4%qWr{uZPm|L-eGO1=4W>1JKiI#yLvGs?Pb)7%P^@tWR5)we2h!oT6kJ` zxRtkU+W1cfI9Ckm!8F?%(dF#4(G1Rti*W?I`4;iksLj#TbZ?NACbi+2%Ey+^Y7Q=wjo z=4r=d&iC~-4ZALgXwVTztHALL4EKS zvRP5*Me0Dho!RP3&fQx*5)zJHq7&)pr^oS%X9LCx$5S%WNfa7UN$eW?uv5VvOvkRF zGGAL5$k+^r<{3M_m2DC9)#2!UE?p5iv_+XJlUolemhoqRJLI-0Ww4q2Xuy`}S#-*R zYjZ)ZqwS7+AJ6hba%a5tZDKD(OPuwk5W`R zwg$$h1%*bzZ`ZoUHUDXZ2wAz=Du_rFs`YfQl>WSXKK3wJy6Qk!qVE*X=?apyD1c&_ zsVYOEk7Q`QRmp7%Hg}w{bA7C-7b9ffac!r*?O+^K${0jpu0#TB=7=Bb?JQI52+Q`v zVqUCoq)%s%8&-?mTQtY6t|&a8L<Rc9oRpU4@p>M)pM4sR>G=kSZ3Tj-Su`su%bFF>JaG=|(g(`sF7vK`14xsj%TgMiUg)x(}B zLjf7^+xY0IX~2TvC2)`;pSZKvfJW^uni0RA%Gb3M8n*au+V$;n12NDB_KJzA6;c_^QNJ zJL$Q!$GSk7(O7&}0jS#vvdc6*Fu8JdG+VweoOY9^)}1!xyw96HNQnkxwn&~PVnclp z-BfTq)uenXEf(VHo&?2T-4m)D+?&yn06|e?JCyQSX?kDc;d1;I^^#c8z})e0a7Fd< z#72|3f0ppvrEPDi1Pi;%L9aSL;e39UqwkeTlN}%(0^UUu#1uN9lD9WB61~1)+ML+QpcI39V9AZd8)GG*# zN9rPOGr?%~M9&489}agpo(Y4H9IaL#Z~@hkt0(-@CG03v#(F9~062I-ZXY6`h!ri^ zxgHvN%-dcxX$+ADL&zDBDs+VJlZ`GsC#UE!rW>|mKwIc$cU=$+M@##RQ0ktv=!sF* z9*{O~9$(=s(^l#%ou}H3GL7uJ%)Pikbx&3+@`dFaBk>x272EmzzO`GtZbOj^DBNq( zjWeJjvB_@$I|OcT`~d3q)v|R@-o?nAXhs1d;+)X|4%(rM9@HlL z5cRA@T@~lk<8`UAi6xed2D*`s*SGZK}MrfGU6&|zFov=nQ{ zwmzDUH~zwk2~>{;3LDQMs`TWCJA!8S1xhSaEd7V%F+qhCXhW7iqc+nO9n{BjgpQPk zjj$Z&bLT>16p9K;t&f6WeV!D>`1ahYN$^y|Ai1dgO%R041RM0rRZz~Y(7C|V);7zk z-Gi}ZEw~E0a1w@*_DK);10@o%rX3X=vbf>`bJ?Rth8H(aDVwg%8RBMHrl8r=r#OlK~I=fdhQc4<3L`U1u#xvA~zBCxd5XdcnV?0;0A(> zeQT(Hpi0`xEY=rz!PU+GN?KDNoEC7RS5B?aFhHGVMblI)IMFbs6Z)COW$TT z7mET^&!@Jz{T~*t`SqJ+V>)&BZyO!l&m^pG;5;csZc`5lRhudgqy_!3mu)1|2bxWa zWi(XhPPz|aS8{o#f#vEl{0%oXHxJgcvaibx^k@=R61+8;5&|?yotk}hFFrt>jtOcJ9v_!%mU zZ6%ghUb9Z7zyLWnC{cGP%u8356M1|iB|v}!tu7$(eaZ{ zi9?tjgJ#h-Etq!3eauDtxIx5Q8YSs8)LQ;H)Lq@r1q*tm@Ic1u@{|kPSi7iV#JO0f z7%=}j{EQUv$orfDoacjubX$;C)igJP>;5pbb_I}(9qEbus$YO#I~7l$Bi^-9TrYzS zy2c$h-mt#*Q{-nz?~*md&{=i|anbB1PdxEMdt}>Cx0%*OnxvR|!Tlk7oo!u+s+Sj5}1agRjAR5bom@uz| zzG|vfPDRi6k1KPbv99q!<;RKIF9D$){F4M|KAO3=OSkX6da+`A8Po54zt{Di9A)r1 z-~hlf1pt8er@G$J)<)mq-}HIs8f!Lttcbt*yxJ2NeUO-jmF7=~-`7%o1a#p7b46B7 zgtQ4qUDm&UY+{{=h9{9xtbnzv^Rd^lGvmUWPVR^+NDL>DPq78rr8Kb21%xD+_Isi4 zf3J7<+%5qNe~^sl<1s`K&g*(&9Km;s5M8z;x6XWXJY=k!g5 zsgQ~6ZphL+U$}F^HF1_rDLO4GHAm%kwLi&=D2LxA(FkdbqKE$ZVri-;N^8-bVW#vw z#YRA>Binub`Ef=|C>U>#$L8itg8~n(Ceq|IdA<#=jUikC{Vn@Kh{k#TYPb1OYb z8HyJgRLp38(XwIqvzXHfTF4FmV*n{U@m$&op*`P+;kzfl4|&7^aOXr2vb?>#tR^DO zY!e09Wd--9kwU*#mf1M5z-kWI6Gi+rX=^a84tmcXvGNFIKr$9sdHN_=PP(z5lAekI zv4*g}r0n`s?`nhwywf6bXQJR5|MbGOlGA7-xZd@IQiU=TA>HCCg*h7ZGnhhBWTr%s zfY_j)hW#fqAIS{{Wlmbk@p5j{otWZQW6q&mmf$u*_hzv?9=$>c3CX!4#QlU}y;MpV zA?Y%1chtHINb|0O*j-^oa^}{ECnYUuW_NyL+;wsBz@!7NxKF3ev+14(*wn#^>}F(< zmIF^iVS(w)A;M+*pV)bz`Ta>3p~ia+WYwu;HjbGx@7Z-)l&Asrt}}|&@T`?IQnCxD zg9`DiK3cWXS5aRENwB!+l*w0-wY{Yex(6O9=M)CDj}=*eE+m6&{3w$=Wo5EM2cn|^ zS``4j=~`8Jyp}Ik=sK-El5?bUE?+KN)w+tfg(X(z=LpOVHUM@oUcFMAlCK(NeB@!V zi2F#dv#MNui6Id!q_dM_$x+?jLUu(1IoH(~)HBawQOl!J)v!fnQu{aoM?F=rp||0O zaUIsKPJ~%(?pNs z;4370byABm-Ad?Nza9G|>j_o%cK5(g)Wi-q>P1u4m9$h%){Mcp22*B@+rpyI>WkUH zz7qoxjfzhjB_0nDi;S%-uSXb-$y}1`b5E`M>;U5R8W>kKfx|xj&6Sn)yXW<-hSK0} zd(;@AT`2dJpwYc^v~q!(P(3BFhWaI`g>C~c{ek_8havQA2$F5n>Q7B-Wn-h54c;P; z&iR0Gvz>)q!N|2zwYf*-GjnV!ztKzD4PHR$BuwGd2zJ-kKoQ>)CFq6=k;JX4B#Y#2 zy)6x?Et}XHLSNmxJw3h^-M*V9?fvI-r0(eJwx~8Y?3p=_w}z*!sWF%b_&H3I`%>q& z72nO)=iD6*{j`t`{jHh(7vEhW1RS_^xRXm}9#D?qC=wgTrr|l`>eMePe5xaEk$8wn zI;iJ{>P84W;^1qk+*v1ZEZ<7k=eU>NrwCkRILfP!Ce4-Q5!4`fA z2#nG0QUso@PHk-9*^1{8B_H7OC+O<*donlL%7(rN9C_(?F|68k7CH&b_;uqX@zw+VX1sfb4#XUpUhvZD za!Q%$+l1)Lrr*~PrgB~2hj$~t@Jv-RnCUc|W$dLd?KWP0wfNErly@&E2b~!(Hn$6^ z02e9&8?041e#`BC9MbJZ$9!wq>UwDnbLb-Rrd4teS}%Zd%Hz*#deyyTZEu_J*2}mG zRS*tX`%zWAaEgDpj=OV=03-})$JJdhfT3GMO(pJ=ZSm zuq|z6QnJyRLSOoD!Fuunf;$!qQeqqz>NUR`(-rdWYao7RXQOr?g1N(vwMOal(8=w9 zJ|4f`3U!=3!;503jcoFI<>`EWfrr8BLaKN;>GHXAgRyqIe&`WHaxXU#U?@_l`94CbNh_TS{jOqNdw7nP@ z$=jCyyxy$mcmh2{erMAD5nmu_3kDmVFEXr>XQ2%cX2%i%$0dPL z`M|h1D9ZJ8AB%x=>Xoj9%dI#AhV<%?9`o-aYo401JuvWcm{hA-1}KgB$ep9HACeC8 z{SsS_wh&0W`W%?-gi!DuhH~NovYQtYhJm!)&&A_gLLV8Ot1ScRYu-3`_R^lOz{O=j zCUBl1HLsXoer{ZTL2qcHDcienA&Gz@@angBtTNB8DZ4HmFj!Om~A%0UP4D)m?#6w@WRYLe;R}Hah@Y*58<>xM76dU zgWlDkg{3=Eo_0)}3Y-dz0N)kl*)f=T{tot(#>NZDOh#cDCQezKczWi1Z$YI4ISS1X z4hfGMAYM+Wm%%GG*F#~U$QUVfU38pQU!CD`dS6z4~Vx->0VjuTH*)JwtRcJ+of8c|;%Z?cc?_3Q`9&;V4 z;A)dCb{=cp_@Q)z{LyQ+cN@+6E|tZV_W+8PAE9q8fyG)ICm1Je>M78y4lydO70$Uz z^#zIEI4B?OvNAet%^snwR@<~RtXvR5ENA(40bo)-XiHq^PSw;tKBrEXJ``ArN z8jc`}ZlHW|s?Ky$U#ng!Lam~{N3pBlCO<~i`(Qoavp^&(4PGgoIbR0tl}~0Z2>)nP zZnT`0Bd*>ju`()}wb*W^U^T&uLP%K@2t3VVXcG;C*mETIhhG^7@1hjebOU$*VkkWk z24h}|l)IZvq@(;zPLG5uM!^RWjFOdP6^Y@di97V+%-A{TYerpg-CdYY+~HP+=LM*t z<)}?%`MDG!lxGkk&V)whxnLQy1nSBHXHK4tQd0_fgW!sJZx~R-;x!dRL3Py-C<ORJ@R`LO2m0Vm<{@N3h!gym1lj z6K}F4kZX*J69rOT-{)tEcF!Dt!&5$RoFfaaENP=A*>ll|gf*p;5smifDe^TasvULO z@f4X>TAd=Pa~B?NOwozYOAF!n>8tt)omPd`wxO#(s`h(<1A9}A?Hm|PV|oPlH^o~* zxl*vw5&Q|fws!CY&^GXUtfK1`)L?SbP`H{~NYbY8iDd^X{nRh^Q)=-W6J&A97KP^B zvsqkuq+Xzz2S&RR+wg!Dx%2VgVIIdFkH1^kI_S@lwzUfiUr33@80h6+l8UMi^!fFU zDqPaIQAdH5;K)o%`mvUpU)ch|GeXOh|1fOCaQR9~px}ne^?2iys8v!s9gz+S7^H;} z(`8_4&Dj~+)~RM=SYuMJmrm*buBBm;#c)OA(1m8g2U^q?c7G(@P4VGRZFR#~)G0h1 zy5%_?dg>!fNjrg5QwY2d!-y@Bm@jIUsH>26=QumWEr||mV_Pjib(+>&(>K>Do0M}D z+08`$T<*@5lp;dwpq`6^z{saIr_F2axwvlw>UmCN3hiKN}&})O=w)$>t^#YQ}+45MN7A2 zQdX!?^@@lT+DGxAdx_~;--45vVK#D+Bw}|zAhIimykdb0DIzH~Q~8QI_a#4Bjmj+v zt+FvI4reiZnA0VNMC}Z9StWgQhmi?i74}Mt!%-+aA!hCNg{&Gl*CnZsV$+DE^9 z3d$(%m9fw~YRo$j&9&ratv5+k`>YA*p*0G|(fTw< zVQXP6G8}l`FO^NZ(T(mBelivV>vR=dxKC`mIL#2+*J}wCJE~hD&D?hkU<+dI?)F>& zTargTYVwz9*Xwq&TYH85E*d@NVOAgC>*kf~06JKas1hyZ6Rf{YGN2RTYKy$oWMQSY zd^I%A#RETKiNksEPwOU5CIR>XzhujkzfQtGg)SFk2S;;ToBz>B{h@wTj_!f(Wk3|Z ze2O444KGIPTz-!T`aH|;d^)%oSh%%W2t7E)#9+J0i`USGymf^R=os2xaZX*azj6`- zSz(zCsjA*uQC4PKm?o%{Nw%yjW^hTYP|m`GXJOP zKPkNb)ATQy0ie)d?oX!ws`vhTklzKBe}#yE{o(ijx4iQ20e;uX{S`0;@dv>FubTUN zsNW@5e??vXDlPxze_`}r0<6CW_+9DoSHQ|ImDj%n{EzPA?-70%5B!zz1K|&Z-=ze< zF#jUy|FdiTzLxn{%y*nWVE%Vy^Y4x1_r~$Bh-TtHApWV1{Ch+By?gj82aD_voPXU* z{JmlQUWok_$MfkAxWANTe{V>?N6f!69%=r-_$_|^i30X(^%?+x{q<@8RZ7m&{^Q&K E1LrRVeEHF)8ioeWZ{<^~chdI_K@9RuR0Dzqk03iO8 zIeQmp2N!22CTH{i&G4z#X5=als?TPZXb`<^?mA`_3MJ~pQ1Z%L?eG4y~^GtFKy|A8aF#?0ulHwSATC8bs%@$d^=Ak^>@yx=B@ zGlgZ(6m}sS>5=V6Nb5K}NqZ)4?ir;7dLIgC^BXYXTBky3_S}|jsq(RsfQHu7N#x8; z(>QF}HYnH$IE|(#BK{a@qwW)aiU<`<$4PZ)X69!h8x?e>Th*Ai0hUIZ={b{qHw5jD0?r|kSfG!>t`WY74nmctiy3|0TwI|aNGiq?<-w1 zt_16{!PA8o<=_1;s`n?h0%lovGZUhVbPs8HlS3&$u7zIhaj5ut{XZR=-4)nuD7`BL zA;QPl$UX(?_27C;PBTxEQ*VLKf|0B1<)*ei6J?wQxM@8cvs}g|`d53QD%aDJ>>5MkBw{^E@M@)o zvD6YXWk=)G(`JvrfWO-)NV0oUiT`=_qfkgXn8(}0qK+~kb)^@zwiFBrB`|@9FY87N zb7_=AJ-8f42Boi905+sm7)>-rEqWdA==9Bsg>v%U-YgxhWbLnDqmQv zq{(^&WL@q8PP*|Hs87gMefbtw>F)DcFx+#&UZaqB!e_Aja{eX8*!J;K@>qZ?)E#gy z)0SP2FoTS~mbtH=ezeBVHk_yNKE=A+@)oo0(M6>6Wi+b@d%^L$yHS);G3EmOlD|=O z9oo~RMEnXkuF)Ljf(fTb}lSbi|IFbM0upTwnEMzcxb~$-J!WX9Ulq^;|(#<>E8dL*o`GeLr7r4ER`BxpS@Kxw_`jqo- zr`Y`^LqxJ}j9xw;V(Sz+N^fJ>UZBVY9Tg{MHa%+YmWb4H}h#=`KW;~Jiw_heN+am6#moC0moXTqi2hY&hpmyQb*9oX5TiXZ`e_;;5FxvQ^;P=nvD<}#pvZg z(4cHzR=Mx}^}!=-(NT*mRzr;p7+!6Ic+t6g?| zuTZ~7y`6c@1SN0)AQBb;!2eU!GX)y`O~mU^JB?UnL4D3HMr8`-m(FOz)}|rwM#TtX zINf)SrOZ!^51Da0A0dv=dzyh>Inc0~JUKf#lOB{Yit#pJEo$HDg?B>MCQGiW@fWPg z|H-SVgtrB0Xt0VSH^qEn#3`>lTbIvbPgNkUk?igu!P&UFdlE zRcA6DdvZbplf*N6HJZ4VvpmBJQTKkJkEuF+=F_l?cUQhu#QMvRZ&veQT1hcl^w@g4 zlq__Nvua4MG>!1t+(9e#C5%|9XlJlQ4RvUDDZUfJW+#N~WPs93!}la#Np2xe(z=uQ zZh5W;BO;WU-m;d;XK$HSW14&WOZVWdb|Flx6jl|g=8gA+ zbkpQT@2>E~CsMuB?*uK*VM2&c)Z-ZNkvZ?lbo zz0SFUCziwQu&P+zk^;QdaX+>t0?0dc73-*?wg;OrXnX?V)YtOz{RbHbD9#s|$!CTL z1u5f_?tJ|~f-LYiGYR=5v%paM%1Ox#8sNl{-jb5cKA6~I1MI0THv(#tTo4I`3!?&& z*xEN!&Imj&2*pAqx$lyQUYa#J(*q(4Nk%Gp4Ir(93kA{xm4VYuuo*Hb zMxwr|Iv>_0&$;1RhKDNCWLR#)vUpT_ead|oP{2C@)Kc(U(|Ke;IUdm1iQ#iQOQC&b z&CP1=8mz5X&{DQIyk%g#2h*vJlw8J0#L(ds937G6F2nli zO1ra6)D8((Y%X+KrDhk5gdJF~%BMP+j8R3Kw=O8RwYF=`5aRBg;T|`isOy;m*1vjMblWYv(_P)5-57(vFzQZ5X;CcNx52zD5zHe);68Z=kW|<=Xq12!GiVr#N~c za%mwd^T_Vf>u{=2N^)fs zrY3^XkoFAo4gBx^@#W1PIq{cobRhk2QOwBpZ=zVG`l#J6uV{awhrEdcG{$jA;A2XA zj7i~wiA3V3B1ypMj-X&Z+%d@v7ujglr2jCD=kN1IE-lNTmw%Oy3&P1^q+ejD#}fKJv0Cz}m6-U*1}N*%%2$1}D4 zBb6B?9+Zr>opLs01zvohn`RPc3RV}|Js&+cxA;N3p1+8erG-QC%TQBU#GMAY2tq>?o6Ao@sxJD{>KQG*4+o^g;8tq3ayZd}ta~E?DUZ1N zRpE)qMw#h-20v+Q$uSvz2DuQc+2N+LfhEZWGnonX$w#0W{>;eXHvy+h4IJEVMtQNZ zg}Z^)QFpQ&RLm{YvhaBBvzT~5{%qoxgu0mcE+XfugPjyLm=&A{Y)4kj8r22~!OAoW z%LQUF;6nRxVt{MOeX~+(O263Tt^EqmXEL~1pvbc2`+df0IVyO|TS$_Q6*@{v$hL4n z3#d7He22n~^XM%PZ?BVtCCe2Kc-$?aweRN%^N)+I?i)&(RH>2_NfeH@v^TeujI0VF()Lag}k0z zKOUcRoVO~C>9R;f>c4Wb9{8xwM|8idZo>@G|nTKEI`OdTIXfn`kd*slR`|H zrfx_yS6&#srTxUdTn2os2wLnhJL~ti+No38i^K6ajx*KyGcJivo(je}RNJBl!479) z_Uw&iPLHdz3sqQBSPS^$5jWJ%uHRdEKAN@RPA+Qu!Y>zME^yq($S@i@6@h;nXjct2 zIbm9n<7_clApB4j&*=S zGpYFfg&qMWT0j_$a!asmw!o6YnPP!$0Ut?jH;LH`V75`3abQ)+u}9vlnf#%$2H}n2W3NWyk=9Cg}Pj z@A@-6+2RYb^_yIrSMc9g`b=g$P0O!Lp#7^;BluG$ur;!@`vF_DW}oUB|MSF?EE$O*-V4t;L00 z2gq;FG@MB-V_%0mPsq`GR#Y;DJw0{+ltkiGEwyP?g}_e8WI2`E@2+c5Q#IuM&bTTo z5o6=Flg&7eVNNfJSLXxcm7Q_P0nAPv+G?BX<y4weopyt&1FNe}PrD%d5kqeEE z&a^(idz`w8?7sGU{kOtk(s##Q0|5YlV*&t3|Ktv?MnFp=W1GJ%3g)#v?N=qy--NS` zM+oSSNR&_xE$5)-cq{`VS9KFc2~nSduv+3Y<8_ndWYv{@@6wm`;&#MpPnvrYk;!6p zCp;~D*ykb!h|(VjDuNgbpbUrr&ANOwIFwni+mIEkkPP6gFxp_@fP>Z_eRre>$^|uj zg~5}Q>0yDq3g2@Z<&BwjoiWFGm2RRc8fvjtWO z49sEf?Z$!{6P2we#k@u&y(~Da(*6e0nUpZp2MpVGxuHm1VL`isN!=d9Vqvo^;)7N$ zq*N6hrf`TEs#Iit>Jt9grmZeUtZxN=aOKO`yxzS@g{l>z8#vzKA1A zYL|>a@kp~>8WmVCN6JMrRqxk{H=KsJfXXvIeBcp{F}@f6)uswcp!UF~tHVB;G$`G1 zU+sB;jJ&?gN0o0~A{$L0h@JU5fCE5CRln<){n(5&_UOHGHt*b(gzMZigGO#P!j`>J zy{o!qTA&o+KCqi6IsY^+J8+^dD_3RUwI7%CXjr&egj@Ang>9Z6)A?bM_7zoQ= zEk$BS*K`VMZmYtYOQSzj8R0Ua7P4@ zk%sC%9Aqlr45ZKANtTYdk`x;`$MU$b^PL8^R>oEvQyUSP*cvbkTEN8*AHUwO;~Rp+ z9NTUkbhcd0OqKFsKhBhZ<0>8s5ViftlDELMn_5sOzLtvSdw0olAbR`Gt9Lw!3LfMD zWy9mOb5_mI1_jCnpzz$EEWUCl^n7)2Zum+J_Y+Yh0Sb_vqn>D67w$70J~W%KQq4c zgJZ*|rC*eT!4LFuqq3Tn_3n4I=*u&;TUMc;kmjrqtw%A5a)b1AGz^mZl1>Zv&2-G; zv6ktCx`a4RmCAgb${tC4f;mbQQl|0*EAH&4M~swewuv*Ox&vvJ6}JoZZBBS5HXp-?gTqVFlgXvI$Lav)JqlKG zKo@lkT=wVW2*1AHtG7%(U)gVdo~U?v_57r%5s|Yl=LUJ`k3uk1fLX^KBcuu{8tO1| z5d)lm&clQ^*TXr01$>rjLATBdD+Wsghtkjrd!P*kq$6(;VJD}6i^dj%1%YD{O>WZ% zf4f->g;gf|vi@37M9^X!R;f+_vhh_yWN!O9gCo}u+D2FKDbR6x4$;=8>|k6gZXP_` zCev!XIwrhFOOO54nzo0ew>HlQi{NCrO3TJuc`is;bgfhInZ?i5`zDIm@R0LQ)BeXu&KlYa-H)YcA4-bE_&XyYiI)4wD+c>| zL}VZ^RQL}NeC8WpSA~S#x)9s)kFT8CuJ*t4@xS0>D*$hk?lbiqt;G?)3^?gl<)k04 zEDHzT^N7*x)7i7mmhG4fr(L0jbR16Rj-NusC_ogdP~T}SmuXg^Ra_N4?4k&_Ki|wl zoC?+<4$Po$N09NcOq(}zoRfntdUBCWs7bp;AqgQ}VeQ7Jt?!xnhs4S8H}JBYP=cd0 zYlCjzwG|kOzjTP3h?R!8P#F7Nd&8Yxe4F0w`SsB5A%zoK8t`D6y3EKQ81zX7op2lN z`;EDc;i`Z?%zvo9_uE-S~NY6x9-Axm%@)DRrO;}P= zAD|1tT56&pQPhb=QYz0BaPhI$r&u4mq*koUM(?!hJ~5_@sQGGy!|U?7SHKq~M;A^Q zX$p43qEm2v*gnPLvilPd6R+P{|KYk<0GXi&#=>1n8>uxh6(t)Hk4Go+)7)3NtBB|E zdWP|}&W_$01Z9J!Gfh~_$_(R$R64P>+(h10d7ryYio9|_=Os+kArufGs2(zY@je4Fy1Hmwcgm7V$_Di=PZ?B3)e37`EsH^VFh zaw*tFMl+H#n?FHU2-yZ zM97VVMFfZ&pKIe=3vX6xGUr;%tgUjKmp;89@pH!+=Mz_#pZMf5<+2jm zeA~a|sCqVfJ;d45ZBHjWQcD>QnUk3gfy|w#=&oI84~FqNtSsgP1+OwyObWKrE|QdF zcX?{d!C=#rC^5B_#tt{s-nh*MHxfH)gjcQk8)73m?$^p7?)Xge7d(g4LOb0)6HB8$ zae6SwU1Xh8;tN{eQRMd{p0|)s?c;NHs^Zy3b=`GvKX=8{LC;sTiqu_JU*6fyC_MMq zRbxuqNDDD%DuFRzcIYgf=|nn*r6Pk{R#7u^a*Rl^W>woDb6Jdar@X|aKxxQx&HzyR`7PcJUi{=nF{&Td&s<9 zw(Z?kwvqHgNpScBIPqLc$`++L1`d*8e7jJ!jOI3K%z!NkEnHbH%rm!Alh}TmzgRYO zxNa8t*6}`Fz%_K^@Z|_{Vs9_o{(R<5aUXSC{;THO34;x6mQJIXY!=dpSW2b>8&9-` zvrdBCm#FE5@P`jzEI075<4x=nfJ_r5MFwcxRN&MqYkc;}Xhr(UPdn82vf#+~502lzV+vdudFs>LP}XP6?0n59TvlhVL`?|Z3x&-Xr55m?~u zeWTu2ADdogr+_5()PY?M|$OgD6f5L}-~njBoyg6=^;25RC@IPK_9@d?e!Ff$9ftnWxf>Aje~t%HdsH?yz#~zOGye)<2$C ztVd|0shyNjwOCnLYxCS}n7YNA|K%H-qi)#;XUfM%%@MJ5+M8S};@pa_3s14#6^OL> zk3UBJ?VeSWU2xvtPev_tf6&q>uIh;{gbY5MxgllsOi}>8AFCp>>C#W^S45 z3I+T-8+SMIh!6B`f^IWbwqRclr`5r0Rrqm}E`mx;NXetPzYn=KRPsbwt&-Xdzbg^b zQEcmp02_men3{{3=v}L+?VKdL|1tG$ax;ExEpSX??-t$l>G<5y?l=bj`l;~wRym+8 zXkE&GZKY*g<{?q z#|j_nWpqU`k~Fmmu4RM+r_V5CO9oVPJUg3?lc%oSxmTg z9k0vJ=ZE_(PbEj_=C>s`Ez7qeWA!*_4}p+sDGpBXp=96Vrw3GbNQ zH|9w{Cb#HIYW3+-#v_45r#u|nJbF?MOiG!4Tm>w->^4?>fU>;!$%5Q~n%i7UJ^NG#USs3R=bm&1N@N!VM28+%U zzp~}!R+-xqTa6Ro$o|Uu6Ue^lz(&xw+~_=7mORY&Qq}6%e3daZ2CcDLs@WiHzC`eK z+$7e%zyFia?h}xVH^b{zUaML?gTF_F;p?PdQ+AffDQ3)rM!rXyo)Id@%iBrdPCFw> zUxjfbTeKu|DjvOf>#|Pr~820!0Hdi;+u1!u@>IJSz_?CBD4N((lFEn%1!@|wP$16ErW64Y47Gru*}kOH2lsjF9wa`nnXe zO08=C+iI%kr>qss25bW2&^};t`s3c*2rnk*gc2$Noo4-MyVVh|hJ71^?t$omSQW2G zVD54(f>z0*hfO-};uZM1nzRMzO(?_ZY@?5dy;gJe+xc!=*Lh9MberLwe#hcD5piym z{p&{41B#R$rymkKc9nX@4e{@(Ejzw_8|K$6HU8HumF!Qc&Cbl(%^qlNX=m{_`7Kjz z6qL?_xqe8m%Mq!b#v)T_CmHcbs%ED5RgU2u{(}e=#{Q-!62*Xkvb5`kpwMBbR}3GF z<*=F9(6q(eqr9UO6#2`h|D55B=U5ywOkR7!-XTfMAi;UT+?ZU}g4(O~9e<@4mBa=Z zLzZ*dm^@syN)*p4c{@t4qQgE#QxbNurccXH#Bb6YVR!`52+?Pf%fh8^%@Bc@Y1m&k zzMjNmMDr4H6H$&vrxNOrzH?+)W;OQ%rw_)ntS)g1FsW$-|LjWE6#FWB3J2Qv-e_~;#7dJ3*AGTgVG9EnJk%%(5n%_K%iD$XeVZQ11sctl5AFfoNVyM~XU zxB;AfUrm~>%QAap3{q8{^P_WD+<|8sMvD;aCCb=Zb6$KmDK;#Mbv1p)q>@C`;36`y zk!R$Q-4|-rxGNKq569Y%Pmg-|Qa7w@25qG{BW6Y9T71CqbEwSpU6WxP={1KOK zCDRzAJ`cTpB>GJjsMs&F>0}RswqwML%R>T(+-CAoIzVCLOvWUTQQ)y?Y*Xwly?v!= zAa&InpU_d>^BKITG{_vuGo<<%SLu5FTnW3bfuVHw%#}O>j@YZ;(W%lhtEQNA(cpI% zqelmQsr=<)(r^F(?VnuiKL(+{wmY5v;V^Vw{ewLQD{9A~hUWH+>~Ikly0kPS4u}Ly zP(5+Kff|2S&-21vg)HH1V$80+?E#!Z5sg>1^l*I9ligLeS}lC%NgOtQw7C>)e+H%$ z-k}Ck+>u;%(DWsoA*015 z^6Io>Y?I!w8TN{n5|FuCHf$!b z>*#wE6NQ!%`*FdC(pOTe>AC~_RD>~+mEj}{Kn=e5L0|g=a)&+PNg7Q|82tk*zE*iN zo>vUaKiwGKD2 z97Muy^<`E@&qZY=Ky+=q96g3mnWBfC){L^&aN`H|xJrK;Q`xDsnc0ODj44xDMXa^% zA)y3$@At$z?=aKRzcfxtwAG8>klL`^q=u&QjI5=iqw5+GW{hp5qB}@U(r$sWPE*_Z z-Xnpy^4A}qxHc4ODW^b<$&)r-0t^e=mL9jD?RFREp)PBme-rH$18j#)evN`65CH(9 zKdlF42@&xR5=^$H|C?s7Lu1o^mkZJ7&Y*{s87_vedE-{u5JhBG|2$W38Zs0tlr)x+ z7tKm8%ZFn0^)WW?lt;!hnJ}cI07=4!OjwzM-EaAs$UKkfrW1X{|2|U9g*L8Q*!zWI zJ#ezS=7zX0%Bi6vRo=8g;Z!mrZdLWiuy$+IB-JV$-L@9vSki}PM*Tv$Q&&MgT*+~c z#rbfe)D@*T2CkXLCNbMI$o4234{rwRH$x_%eZgv<;OLhzscw|c^Pixc2)k&b zR!J?|ir|l9;e@NJtYbydXw)X^-5hQ}In8Konc^tbW3(Ub^672*1>V7>#`_z?Yal;b zA|;eJD6fMSXTt{Wmamp^h|pm}-orymi1OE&{WRt7xQd!uKQf{0gKM^&^Wn7Nrl2{I zUKzVdC39u4yuaM`Zcq$|VrKOtcM5D$Ez*uP7*m1yl_v$~GvmG!kiRgwCt1W#u}fvp zqLMQis>JkV71QFWJA<@c}0ujb@9n0760XJ@#d5cOH_$ z@*kuiB|WA+TdOy&H8F?jGu(uRB-d~6^CcXbwL34oaWYF0cm<|(Zw|COpZR1b zgL*;9(H}mxhNYG~2m@!C3y4coO+pJt)-7=|sk zfLvszU@Y!_sTQKmGXuBh<&aBi9Xbi@@a#K_GFrp)?%T>C$Pmn)5W`y~59sBzZ82*9 zX7Dt^oN^?Xk4=Xo+9<5-gaGSH`be0OF^VuQwB!5d1WoTnneKd;cx1BgmIdE znqBAMga-9gwwW3#omQrS0)DBFCw`qIe+pf$WpIFZ`dCHG4QfLFe z^f+MPL=b-xXXF0*kN-MQ0jDDWy8c0`4fUT=?f)jz{+H=L3AO*z^e;sKpuqp*pG^N% zw*Ai_zw09Z3Xy>N!|(sUD#?Ea_+8TWSHLmM9{~Sd;P%f@zpJDEibDAH!2ZW)VftTM zsecCeU6k=xz|Ai~*8d3je-e#K_QdPyPQH=J(CXzhWBk|A6`bTb2I| z@q3f_S41q?9}xf6GX68p@14S5IoA|_;QY^h!#~6QUWok_2TAh>++WJFf5!MdV*ZuU f#qbBlZ}Ia_6sTX@(EtGAuUG4@QZk+KU!VRDz 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -104,7 +104,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -135,7 +135,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -169,7 +169,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -213,7 +213,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/aws/poc/sonar_basic_deployment/main.tf b/examples/aws/poc/sonar_basic_deployment/main.tf index 939846d0b..96ba6a879 100644 --- a/examples/aws/poc/sonar_basic_deployment/main.tf +++ b/examples/aws/poc/sonar_basic_deployment/main.tf @@ -8,14 +8,14 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag sonar_version = var.sonar_version } module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" @@ -79,7 +79,7 @@ data "aws_subnet" "gw" { module "hub" { source = "imperva/dsf-hub/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub"]) instance_type = var.hub_instance_type @@ -106,7 +106,7 @@ module "hub" { module "agentless_gw" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) @@ -136,7 +136,7 @@ module "agentless_gw" { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = { for idx, val in module.agentless_gw : idx => val } hub_info = { @@ -164,7 +164,7 @@ module "federation" { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -174,7 +174,7 @@ module "rds_mysql" { module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -189,7 +189,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } usc_access_token = module.hub.access_tokens.usc.token diff --git a/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_5.zip b/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_5.zip deleted file mode 100644 index 30f34b9b7b693d8d6fe2c4d8c3e97f7e57baa74b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6117 zcma)=by!sIw#SEtp zshf?tv4y3xy_1iFrK7tsud%SP-~(+fJOBn|Oo`=R%flNVfQGq)0RUhI-5OB8H4D1k zasOeq7P7x@jt&4k!vz4?|76z5!`<1#-HqGb>K_1#{~wT=x)yVXmtBpM*!pw@Cd3gw&jeqU(yY5UXCnpX~9llJu zf#@KDb=U#>8m%j0D7v@elBjwD8`Cf7#EJw69EA)Hm{P0U-5V?X>?yEpE|=ZC?{@Da z5G_T)zI0PA#XBRIzYPaOf4;@8o|=-teyFmLBA#h}BV0})SVYE^d^B1kPTrW}t_ZsC zz0Q!i2`FS`pDx{+z`@lc38E0!Z)0xZ2A0i#6qTio6+j7G1)Mi@yk239?c@@En6g@S zv?zA1`dI2U&%0ONs?>PYhs2@Ar}W^rJS%kVrolhq9_4owI+2co9h}!Mv;`TjT_GwO zK~W=?g6YfygLCJ?tTcxK+xhVJ4`TRlG>B1c321IFatR``%5}yjoI_# zATh|jQ0}#Qbz&Mwrv>M>l6bbtu`^n*{ngIp^%(Rn6PgCvG-|Ev*R&LIr{3f(mfepoSDyBSqBV+zrprN8#n1k1jmFPxgRL@zYnt2hEP=&djoM4=G3_vxAg$Gt%`A@U>ZTX- z^|(LRTtXZ83YvSrBgVD$tb{FzkmY-K9vDfrUlB9IUNj-LN^QmsH?LnTn~&%|_CF$3 z7TElD#|BsY1>}46l*IYX8NwQvd-dS=74oq+E3}JgUwu z5X~}8R!HI7pGiU&xGe`m72G0GCj~07k0(=>2&f~tuX4k7oSUy>r9J~c1;12Mr7e$@YSzm!({Z~AjZSVXuR(&iY?7>j_=`x5{|@6T{crR+Y^ z;rcxO0lUbS4`ukWKt-2ylWnm_%Ek_$?2v(G35W2>ueD<}YYdz!95f5cw~IqHl8!2) zDq=!VGLGsZ{M#ST#oo1hp9<-jXB`imemN7mMxF_s{S55@JC@JT`#4=94m!)b7x;`Q zKD!JQ+i;cYntEdoT*H7q3=Yo^2(Nsf)8fgtw%t9Awjms{&Phs4*FO{_Oj{#<#mQFZ zswmzS_C)_S`PF;i*8zL=c*OY*8K!t)x}hEe#Obnl$W=bSUJzVI{e1@81dcB;sb&q1 zoWW;*YNZ$YFWJcm>8M(yv%jKFfkn%6crzZ%E&0rQf?mqLd7ho5kws&v*N~2u_Ly=p zu-qcLK*jTF6v>d-Bbc;U@{E-q6W6KQo2TTI$=r4kQOCAlz0RUh{j56cuvg@H-Aq1F z{n{`RF-T>lfkR%AV{0_5 z0Fz(R=0Q(+5i-NqaipEOFHC+PCnkX&tanHn#YFpBg!EM?4vm;>I-`O`U}g55)qqle z&#<_v?)BV(8jezOIOqbcb8xQGVS1`e&% zYsx+#O~$2e#GDIg%K(OHbW%60gu`IT4+oz%sQOLs~}w6<~1wn1=c`9Izg@NAzcZ z#^x6~B&T%cZ*-GKCkkjjZIKqhe1C77*qS_ndX!f&_6;MF(sl+`jnMN1gr`hTZym*X z$gaVVU&lIO7Ye!+L`2Pl#O!HNm8_n61(z-*Zine@G0nzGj925B**H%6ioR3#rT7#iUQ?!LKTHc3TKo@gTN=|L? zRAKpEQ?5Ty}TA0U+L1%?QDTP4Te*D#u zSLkBcSkh{9q~Py^tB5mJKJF9?G~gkSU1n zA?nhv{-kQWRQh7~E{}=0@Wm0ex++n+b$jSmSq10r(1mh`sS5$^DlG>2UX_X2kK7E{ zO)gu`j`+&!fCDIH1^*uQyuMeS_X$=IM&@eW<>wY+kllSuF)ra+Fk@h!BQ`@AUZLNc z4ZgV!0ngyZOt>pD9lNu6q=Pc9?J0@(s7mOtIqX%4oh8Bi{7)aK^^atROKrVR{&9V} z>UK%WV=j)zd4ckM=_!n~o3m$9>u`|4!)+VPCEc(anf4BP5xYlUkT#1xqF?M*pW%Gx z#+5Dg60cS-v8W2d4ZlB7t!0HBu1`-urg^7^!XVD%N7~C}zd)9jh22DhEt!)iJEPBV z2r9`hF4-}K*R(Se1dRC>&Nfviw6DL>BFun|0cVWAcfb6m;=`)j?&nGY0D%A0{X9)w zZA{JVE&p_en}O*&EeU}F$E!qUp7%4@FQ~mXLNAhDtgx$Y_^?~x2S*Q1hR4Ln0a+{u z>`vFbypzm^JvZz7s{4p*@=?WvxYD~oCje4MXkX-?bl=d2 zP9}c^ud3~YX|nhlwkeCXoeRM%72Z)-OuSBJC%0O4L@Xo<>ULMttF$Leao1{E zZ?3kW&5F9}gf1}TJOi@;rs#2)P*XGTsn#;zeu$-@D^n%|$p2uFQ{OPw4k9`@YOCRr z)(r5P{ZS*ds^u~lc(;X&O*8h$n|w<^=rRxUYSCr=1S^je;=pc7zAjU^*1E)uog0gK zsnG*%0YgMJTQ_lcDtS-9)DdU=)Y$2?zAM;a*4sc9q-Lv~u_mkPyoD*_HwQTLiNVOI zk+DR;g*&N1O+L(O75)3YskdNo36I4SF?=pJs0D7XV0vH=}ST@Sees^BkwDG)H)vVwhFRs*m z-tU#wjfQR9bD^dQ32sRS;FsC)o%N7ttm$oxC(i5j!`6exO&A6Pp%pMbkP1tDs84?~ zLI0+3=*v@nVod8htq}oz8{Y*q4O04=p+tjdxvny6ROy` zDXohSFbh2?p%>4y6Ec=-T`HR|BWJRD_Et_1eR+|L;8b1g88y)1`)8vmxpeX5n6|F3 z@C7Efcwi4UhA9`P<0z9A1634QlS=O<-b-i~^buBBdD)LUADMa(y_%y8&62Ij?sih` z;F01rr{O~=dk9b$F>B+OjBgW?Qc&gxh*Ap_mdJNx1Hm+^9JfLVU}{rDsj#?2qs>bh(*<>{cPgKdF_`IedxzI*5S?-lOKHQ~-AG}WdQ zO!jTXOX;6(c?_%BD$o{hh3$IPJx`0x+V`(La*s0~DYuxpv?p%g?H*Y%;Pu4RaYprU zsUFk%(o|f~n+R>>WSxK^=UahPMtO2l0u@L}m6fGp1_Hn1dOP(ivR$0?m8w%A&tkax zYfwX&N$AE3XL3rTZMjVB>St!1EI8`=o@WH<%C!hd zH#-V?)3hH;iL)&J)oSF?gB-<~)hJGf`Cyv)st$2_oU>-dWJKvKr;fe4s}2G zN3o+chK;Kt9SvVcwL_{q;Vj^OikUkLFUD=3B<1m3)tp}M)V;wOUqQW#8|AfU-ClQY zj(dd^f-2xd?nSjHOWh2rBRY0KZA;U%vgK?q52U8&S5L&Z_h~rt_7H2k6PLa$tp4aE6g$T^B zKyMVr?;Wu_lRt6oR?|qp0sz?l)DfZbkK|P4xg9M2C29O6Yy6vL5~pSObcqKPFkaQn zNt_Se1DG?G^|R!KsxIQt!XHpT)b?3s>BQ&N+V-OuYk!Ca4pwFhbY+x$&v!lWI}$z5 z@@vD|*3-aHoQ@{gYENrLG`n_nPL-ue=t<~i0nZzsbbs7%ZF8?|tYab7eq;}Bwn)Rx z2KA(>W>%09^fYC@rclio?Zi{uFQZ;#^-N-!nqhR2nu#y`LbA2ZzK-_R%o)Z+Gl&S+ z+`Y(btj@O6bh)<_e@Q(rohkQG9=zW{`=P$JM+{#qSN#{?mWyom1jJWieg4?FKU(^cY0J{$O8S3=j9B0L(4z&a)h~=} zV7`|;mg1awEXYv5Z?cg;=#5^Y5o}ahJZ+caN(nSJG%TJ@LlUev^G-jdoM`P|$b^1# zh_){Lm;i1(o2w+EEJX7a2>$q7yfwCv$l^=EB%Ek79%#d^{v|FoV!_7ppdqUk6bcK~ zr*d#W@@>^85v_iE-Fz4Iv`h+O!6-btqlA)H6vlFvAnD{>RNjqKlo=x0S{OsAE=LbV zEJZe2zn&yE7|79Ek&d|6Nb};6iv%I}*w3mYqf@hv5%Af*7;wBn!PhB7#oGu&=v3D2ODe z(b{_zZ{1IS87~cg@IliPzGag11iUO{E`v0GpFJexSePMv%x62(HPu8fAx zfbn-~D)p_We_bSigGYbuf6!L3{;940TaEZ9;_sBze`e+tsS z!+w{*eudHA>c0QcpMMEr|D9XEj~l;|Xl_66et$_c>+KA)ws-J=y9c^DxcOKMS&LhX2^bm>1Mrr6UpxF+eFI1VIQScQ004gI zbpYM#u%PRf=&!J~Jloqa+-n380KoOTucRftjrp*= zyD+A(S4fnhPzXBzocTF+naJ~|=p(TyPSblSKd{nM<8w-|$_OV;DE92gbUdAxmyqra zsY0fOWFMO2qbu+Nr#+@WzU$Q)MfETcKREQjk&1+5kf*Q57Ocs#^{M!)pU5msDYs+W zn{9*y2dM%tTUJ5_WQ9YU2|-LJt6aM2$Yicv%_*cb3ieaH@|Ng}8+TLp25Y2m)+2pX zL3{xV%&28RF$dRJ+3GMMkr`F!Eot*+)+Tg=UGe+K z`HH=1sS7PN*=)gg&jYl;#Nb`ZNb5tUJLQ6Nj4ig|S5Cf_^eSzOZlbNc7jcH7kP9y! zO}$XWfP-izYfs@%tSov%|H){sw9c9|=Sm9MzX|xT~uh z;wCXfS6I);I^m+mt|Ro2p_!w&1I1$H7QKL#Y|A+%t4Uk~dbP}X$a482ZWcCRs`g}$ zT0>;{JH0cJbR5r7^{C9r&tvo>lKgXlUvt?1p7TZ=5C9-$1OV87m&2~M&ThX+;BnJA z_Zcy&&>`!NawaOu`c$7eAgK3P*hXNc>q`&&ZEl3$WbX?VeZSe;KQDH<5v)gxW0p0A zPn}=~{xb6ud)i(l5^_BvBf$L&p?a0eq2M zo|l{xMYS=gJ?BWBeGHmsGd0crVMRjvPN2%T)S9+FoVUtt681# zhR#MZaiH=8$EF&O!W&f`2#0K_f1W++_>^hX8ACI_5)N_t5OpFak4Rv)@8~wajuEP<6fF5TH%hAfbDt?F0?vbI2@h#d7-DwHeBBtpLZDC zT^kA@a}u>bZQ?BHH+{audEOZU{e+`EElk=yYym>O3ncZZq+Cm!a^8yf2`(sN#ai4n z&EzRS6=W-)oKZ^!l9+>R^#C1LQxmwYt-E4k9{8&{TOyGHvJ z2C;mZ_1_9?OTH3V>_y%szW+UcaAcpZV*tP9(q!={|?IZF{jd<{k{nCP+;(G(HFsca#*#yz0j1>es-Vmp3 znxn#D3xMy$S4AsV-L0HEXy}{+THS(GgX!&US*Bwx=1UB7(^=hdfJSmtj*u-Wc~f?& z&*K@e7q5ui9%(wxO4O0(%2+NxICs`fDrB|o3z^9>W+dw6fiy@X!ZsTjC6`su2A%UgCZ zg==t+Eyfgc+I)Jo0;u!Bqn>>eNs1g7RZZ)#J#0q9S;$+ByNjeockFsDB<@1+Y#Gui zXN2@>HIbdn>#7`*pwX|XEvEP)*qFDl+<;r2dMW{a@rU>x=0+oaw{id=y;`%?lUDUK za@!&<(17s7;mqjGR5?+xKvojUWF8+Cw>J<(be*3|&`J40AKk9I>?qdu=XW6(njlko z3Uinu9+~HJw<~k->#iVe6uwoa{FBS#<<6g@J{O>Yf? zt%mOnIaR&TD*rYnh9!w~hFDN4(Mfb=tP^mzsB~k$0(r%DNNHT4zTV0}oRCIR zop5+ulxhd$6KA;KTbMT3{eCCYVnvNzkC~f7RI13>_+BEZBGzPa%TnSjR$H>4g1K>e zTjvF$io?&S=)%)B@4mJzMdL}W-XA2U`#o%TKTAmtMC!1ms(0sA?hx~N2I|}#>O(^1 z#gdlxS==E8mewxSxk>eH!nkrbnU$;xsCwMha$c>u9csm3GlhD37}2^F8Xw@90XX3nIlz7a8M$$wW7+>9e%73!C@_NLw@%7Pcd z-=M4YVM`68Th_pi43&2hZs$^-G`uu;k_?=rwzd&{nlD7ploQeBvgkN4uD3fc218V zIW=C70IN_g+^jDJLJz!m=gl0dsFw>Kn5Pdf{X9RqcecELHH1x5K0QqUzJJZkN?7l$ zc$$PWxU#>WFjT;R-i!~T4=opGWa^3;N=$h+Nb6B^reguW(xDytp1V8V{EdTj{y90` zHlMVv)EV#{j@Dk&IY}pBOdT^WLy~xHIrwRZ8<0ARxH$Ob67NLY_z|K$%gL**uXwF3 z%c6*@3shZxark2ORMK_#nNL$7>b>VDa7{`MY>Tph<<3%YH|5|EYaPQzYeEcHZy;Sq zJw-U24C(~5-3C6{T&vvJ_2%u)?^Mpu*2~$}4({-~z1p~m<+ap-LWW*9j)rwJ!>6>f zpW>^9V@xM(9;b{epA6&U@{NcYBS32XNfWDWdseAl@F};{I&l3dONN?dUhwWj$|Fru zv3^M zx~WDwnK9vHT_(Xuz5~g(3XE2 z1b&fTQxWzf2Jb?U^qsFwA&=lg!>@E6&OA&B&7sD*)RBB)``)FUnW2q(CmizI9lnqo@ z%*jltT0~+UJl}gvGS-C1Dr*f;M3j}ltX0*pZeY7T(2%Z+GVT87ua6i|2DbyqaYwFE9 zj5`fW?+sWBmGj4lBJucM2wSn$D9*|}D;ARp@QBTgly&oc>48qyCUGOn-ba0`BP25Y zP}u%QXI$`?;hyp=%_h#3iLH*@fiwfd&u-5uU&T{TFnBV-W4@zj)TjKVo)B=|)O^Dz z-zm^Llf$RUR{X$mz+z(n;v%?~@|Mp33%csm5~^twNO8YYS`*h0UL-}?(>Mw9YN{3F zchEPq(PGhze4e?QUdhkGH<9`kV`iZLLbe^P6`GScFMJ-Q_t{zAx%9%SY5faL79WLyIzK6hg?Ng<;P@5(2sR5jn^{~ z``fc&j$WO6(-WF~4~4862^AUWD`kwmry1g3l0pQEDzCd5)9MlO7b$Pcwti6d+1NsN zC+T+E={pZK@B})U%`6DBL;78i&yc&Y)!X|}Qry-BkOV(;1>B{#Y_H3`O)#mFf-?LAe@=K!cZ_s?ybnp&;?{iM8C|tV2`HOX z)8LhbN&--|5#6r>8eVgt@tsALtE8Gc1%A0`ja1zUV#I&De;QP3dv5$?kZ8A*JoaSL z9IQMfWU781dz9Ky*{qD|unEftLw(6m(s}`0^)96f?#DT|b^B?`ht<-$oZe{iGdMx9 zEv9)<@<^oSGEyZ8_n;d-BRrv5+khND?~1vWoC{lwi0+) zj)*it2r0GdalFYnaTLLQTQ%r!Jm@QgXy%uEoA$uI#dyhJ{oc+Agt_~nxd^K;@2C_IyIex z%f~e(h!s)DMz85lGtU?rAIhYWSOCpe2)LgMTzU|UIl|wQG1L2qx>+$VNOz)dd_vUR zs)(3BJs=S6FRFV-|C(?)wwm^8CT;0IF@Wylhmx=*zz*ko@Uub)1KV@Za zEyht))0M_XE=;V`X7X?5OpYz9 z_A|z4PTsj*iQ3Z7MdK->#cp1y1ob6VrKnPMQeQL_A=y!LneK50e1b^}lORiO!}(S7 zI#AF*u-EQHG64X<`8&Kc(k|Kzc5NqYBz5qAhkavpY~PdinM2y9u<1+1n)_n(avg1j`>r|_2Tnjkmb{;0T>H5&o4>wOy_0_qLA9}LQB%OgL zMy`N|{w;mJ?Pt%s6|@8RZyur|s%&H2d-MIpFcIi8BS!#qJM z3zPdE-SKkrwoNnH`QBE}S&+H;%ZNKqp67SP9$y|_tV@P>bvqBS(kjDZl#CCW1>1?L zoOmR;6HGh{$ZzroElQT4=s69j^;cD8zvMID3{hVwT8Y6Uk)wV=VZuCnvm5o<LVB1zI7E%qnz~ zrBv&fC8;Mj{Ba(lCEE8+?Twk56XK;{h^7@sc_0(cQ*F%Dz!LuZd;7Ay<7%SJm~ES- z!oC39QoV4is*HWibs;~)E`e&QP33Q z1c`)?gh{_mD5kJqFZ%36v7AKW%%!`Ym>x6b?66apQwxeTi8QBmbzKx*#iUTof6s1Y zxzwqU<*|o|f7y6&DW@t<;2}fR#yhRCnW(DJPq8}n=~8PpzCUIrw*FD}XG)8nJhM5u z7`A%4IC)PQa{fD#btt8d`Ca{q4n z_&IoaJG;C6ZpUbt*g?`MNTsxQ7SHksQHs+#c@-Ze@>$Mzs}xO$z|K#Sbbk~Ube~Vk zo3cW<2M~w-fRSv^eB71>(NE0(eNHH{qubZ1Urqc1`aMW-hcB&!Pg`Gvrqwc zDS}Mzr+2ymj4}hMD-io-&Xd2$NDw#|IQM*{;mH!w7*Y-|3)LY TK8FDS!0RjWTAgTa{rUDkN4=<} literal 0 HcmV?d00001 diff --git a/examples/aws/poc/sonar_hadr_deployment/main.tf b/examples/aws/poc/sonar_hadr_deployment/main.tf index 4bd1eac21..ed69ba9a8 100644 --- a/examples/aws/poc/sonar_hadr_deployment/main.tf +++ b/examples/aws/poc/sonar_hadr_deployment/main.tf @@ -8,13 +8,13 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag sonar_version = var.sonar_version } module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" tags = local.tags @@ -86,7 +86,7 @@ module "vpc" { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) instance_type = var.hub_instance_type @@ -114,7 +114,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) instance_type = var.hub_instance_type @@ -144,7 +144,7 @@ module "hub_dr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"]) @@ -175,7 +175,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"]) @@ -209,7 +209,7 @@ module "agentless_gw_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.public_ip @@ -226,7 +226,7 @@ module "hub_hadr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.gw_count sonar_version = module.globals.tarball_location.version @@ -259,7 +259,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = length(local.hub_gw_combinations) hub_info = { @@ -287,7 +287,7 @@ module "federation" { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -298,7 +298,7 @@ module "rds_mysql" { # create a RDS SQL Server DB module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -313,7 +313,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } usc_access_token = module.hub_main.access_tokens.usc.token diff --git a/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_5.zip b/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_5.zip deleted file mode 100644 index 83b631ae022414233eae65b6538521c911448ded..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6852 zcma)BWmH_tvL4(eIKcu87J|DwWU$~Kd~kOSOz`0D1ef3vg1fs0cef!xZ~`yq-1qJ} zIqTh%+k18Q{f{usFStXhA*{O>{vAO$$v+Zj0-SQwc)8JL0{ zZ0tR4!FDbNYz90ATrBEpC;&Ku@Ivq()71kF00Vyj2LQnP{rq0(Co1009r;gGp|?e> zaj*b@9R>hE`x{hyR~H9Y7iVS{vp@0i|9||G#Bu8-R=obxTgE_3OIQUbEiCGFcA|(* z=H>`8*=Mr(z(do)`0ae!8^5*Mt+o28c}9VgDK(KcgH}4<)!Gj>MB3ZRwY{eO`S>G5 zEdpNqoMQW;l07jWe?(7cSoRzo`SM3LNJ4UB4a1wzk>Ck51{mq~nztTy;cI#%9!;Qu zO7-I`A;>{#6rtdh5Y}(8vu86qPw;l*;j#|Vrof&u6R84XGlci`bK%Ny7Nm||V6DV# zTd77Ags^HLO!LquW{Y%78X{U9vjFQ6UKEFyRwTr={UrGCl2cs+0eqaA`^_4aXL}cE ze#vhhS>^rW59!-qnv4=Mr?lrESINJf%*abuCGTe;*otv@yK2W@9rT0M`WhweN%G76 ztgRNq)g(WfM{FNnC*NQZREMY>VXdQ-&OIQCk%u2zv^T=jDc7=VOMA;QYcf%Im)T)Q z64~G6aA#eNmgg?oRCR~-yF&C>Gy`*wSNmOxPXb3OFyC(clE8q8m7v80ziPp+| z;;UN_O)OkzrhH3_@#UeTP~0|D3$L_RvB)e($q}F+LY?EuWo~PY#x1EOy>!xs%<0SS zF)HL%fyZi+%0qzwvlmBTKvgbNBxcPA59L_DkG&@5U?FXD~vM zbS;}O;80EBf?>TE$iE5~B8th?<*6res?;1I+@1=AG@a2d)J$VG!%N}D?unDXdl<{< z5#MeG?!Je&VSzjMxO8zkO800X;58PO?M$HnZYTN{m}-E+3lD%=}3y&GhkKBtv^U|FZ0;;#`or} zsD4aBqFxef172_sXpnozr4QaV5jqeRHeoT1bP1ub=)~C|nVsxhS)MW5Rxs})hL+?> zqY*DT=^(c$3NKa=?msUlq*{OoOWnH0In9XiF;G+~Y!X>sRNb6cZ;MyCGS_bi6H=IV zQauKmb(8?F#>qezp#_v~#xXPTYO%_TG>k^ZoU+DZ2EJ&U1-yE5l*s8-flF`-sOP<8 zgP%BQMB=<%#)gj88Hw9kJTGloWnP^{&vo8kpUs`Fg)Fk{UudU~CT)MN;n92=FRSit zd418HWDX`18=Q*kXKh)#05)S17+#T!84mJ|DcM_+u%slg-p(WA>KyUkH9jA$w7qx_ zc5Evs_opk)v@PoXzTwhtM=(|^OGKejga4xZaT@7mU91f?>zxX2JgA;}rAp;!2;g0L~6LpG< z_J#Wuk~31bQ{^v&aES&Hk9w^yL@pxG=EoL-{Rvct*fN>lN(_w3W29EfIieAL%N-qf zVL6BO;{L4%iTDO=q_RG^ARN++3HPOHfK!J6 z?pg)DD5&?S>PeJkADGncvGkuz|?%OHVTR5*F2G$3RnHSiL$$-kj8{sh(G3tLvz z=CjhN?$Oj|)ryB@cz%JS6rp4a9?V73S&tjQp`L@O2qCt4Q@+5xjBIO#>^PJgDhC>V zfE&-JnMqhV1Om!Klba@)7sYZVvw4~;XHi<6S`)ouPCz*%xwgHx5@7+Ubgss77edho zS(O$E=Ilr;N+~KDz)!i>*PmCTPtsoYH4?baZIG+V%$rBiiUfVq((BB9r)8By6!=-5 zEi1j%a>}Fxq@Gs7cjmzXL^lVt=NR3W>M9U#iR4FYIBiSc47--4$dj4+V*}NX9V@@K zvT&_CmVDH6#5X?k)IK29@w&L;Wyl#S{}U8=Z{SBDnUZ54e`?^7ce?0 znAsJ3_DMhJn2UXqK7Z6ThkBc9vUWB!On)Ca@{z-HMj}{ZnJWxQ1Pdms-^W~el}69J zXU~G|D~N^rKI~yG3vH2a)5)-#l}*t|l2>%p8p$ZG_hAb~N*CA4_pyj=djQ5hv`(;1 ze(~J-(3JhMs@T{*Bt>znzz;_^qkgiV`)t8yYv;o=*}LziFner}oY3==`k}bzTrSD1 zT8$4|Il6L}lG>zsbr>`xlyAFc)S5Z0LK4Dwi$}Bhvv#5*vhl5x^p!VjW7lFooYtxs z5JJL<9K?M+5HWNnTvs(S)jAXkC5MkV5>ns2C+*7)q5D{??AWK-PJJ|LD9PmY6l{8ANIuIL~JWbi%{A352rHH)_r2vmI9UgdrvNM}eV zl%BD^I1haviw5U)gtqS&%D;5(lEPL!$7}#Uzev7KaX?>-=UEr387`>1BMCC56=61)z7EGLEO5z#Ec zt3a*}Yp-b|sgGYL0N|48?A)5&@0Z+@h7W@evBZ^jIA(P^$D~4KeB7nucswWGWD${j z*jXcff=K9jE9FwBXR2X+eaK?&V)z@HA<3^Y-FQJ2V}{H_Fbv05y@uUp;2OmS zhn~BNF=s5qe&>~0S@DxJ)8(U9s1-tFa;QhZDqclp;oSA|xTo(7p|&(X^h?3?2i;nQ zF+Z4Jt9*5qffEoC0B}qQ0MP%Y=5aG}vNSTb0spSfpVhLpU#cf~%rbB+M0<5*IPBI` zrVGK_Pilp~w%b26x}QLVWt!wB48wap6xDp$eo7jr@@i0V#jc@&=Mg(Se{9%!mE5Yk z&M-VfBH@f(v-!PT`fH7E$d9~mRn2h{H_fmnpJN#H#%|)&8!?7s>18W;Y%)^8+inV< zq%4Et>bzHw5pmGv3OeZ@a+3__NL5BtcZe zhTlb`$MtzMapSqIs%hH6V!d$ zyPaa$_MUCPc*mZN`Mrl)SkogRB7>J<9VO>|@MR=!zE9&Sjum>$SZ?SrX5uXq)o*eo zl_L$*e2{=p1|eJ*=R{jq>o_YUwOb<*y0Tzj12s#W%~{$svkBTwa?x8tc0o18Qv!C^ z)X*d@gWHMvkQepbIf|P{x9+YwH?Da}ZsA6e)(2gC-)e@OKa4hE zYC51M!M+6=N__T^%GBd!seaM(W7|Ds>qdCB*M7@Zua}-izf~yOD~w6mfTVYp8>CKi zl5-fNUcKH#XZkf{lg>SEnQqRYtV+unoy#YB;R{&6S!Gihb#}MIIfZ;YeOFBYtWmLM zX(fhJcm~N}NM+M4;5aSsObSA@X;8Iy?R{g59Z3Cvrf-B%nv2yxoZS}`-UWI)+VJ6x zI)v%j8CwdarGDcsJur<)Td`S+Mrxo?jN&!jR)`gwi-DFM9vBl66<)Q2CO%95-E}>3 z*xg^e!7V`amDtPhcS}Y^s+;j34|b4LAy$C|a|D@(Xt0o^zRdKzFYWaHRYx(u;RX-S zT%{r8v$OeOPL-NxMLj&o0&L>(gSIJp#oXzM_IYQz1!42J={0TBPtw zIdbU%$`kbJz#5%xssdMe__8q)xx^B_UdS*yrG$&ZplbE<#+kU0d0$R2QGVdws2m~U zUZ|PVEQx5!sZHmIjPdgtbdCc|?=XriFvXHDsdl7+27WK5)sK#;gsFWKBdFPMfE2~4 z_S&<+=^P8g630*Wb5w7;eIC2Fdxz5(1Ik6^tG;IDQ3@|>fJ0sy(x>ZDGzzIQ0qYMT z*G~M6H$GZlj$#ms+h`TF@)KPp0|jKeHwbMcBPN_sR6utj>Y1JH6hVfpB5YmptIdv36ZA<_<-u2b@fc?j)gK}En|)g8Cds5* z>NM=a432^FZ5fIm_4=%JU8rgprX>@?0=`QWZ_2>`&dY#;;7%sf$|$KJ!gwG&j0k15J4z$a|IG zDj{7~*NKk~OWliM8*3TK9pO_@i@Rx8TgHgI^a2f%jZmJId}MET>a+9Bs56Gc{3yzR zSLd(^BkozMoB@3^U&I8L>Ax}U0w2E=oxeoy5P6ccswb&)--4_D0TlG-i67h0&yJ=L z!oHB%$?~Z~Fy{^NA!i^Jagw;Zge*I?pse$XD`k2#?Fpz*d33W0E&W(x%>z<(1n$T|_~~bYWO0c(+x?R#-yD~B-%Z8Os=;AmlQL|?Vdwi0JYwqM(5o+##xlGquJjq; zoiGT!5jIbIu2C7>uE3I=biDH{$s7IiFpkw@wB?lnPl@|&=p8Giy&}6^>HvjhcPguU z*fV>ql~+dXazOFK!dB}!9raSKn(D{e5a>47G!{Cv^K;}-DJ)5fR186b2|p0-#JNtp z;PuXl=UVK-6WDN^DB6z$u zX?SGuT8Z?HN@ed%&cxu4XD>{5_yOw?cyM;M>)pbYMIRcA~}T4(->YTA96A_uned1c1`|#8`r>3wvTE z1F67qi=(>Tbf_lEVyKfCuz^Lh%p|>C?Y$)T$r{- za}`_0I=Z$g{wbYqkfDruoD$%~v|dNWj+z;O26Y^EuQGVPl&#*Jbwk=icEE%mU7|di z^7KNer3!efBn>~Tr|mf2fYMtT6#p3inZT?F!rrzl<)DRbQFCq!&&bMr1WdRZ$T0^-3cx(jL#I3=MR%7G!!5^NR(!%rD2IS*+@@M z&uHe)64Dv&?t!z{O}nKj>SH>v!Qe6lbv-Ii56;@aW-%FZ=ZsZMKQqCZBsz=~9WQV~ zD;}AbWn8XtglaHJDT?K)zD}?GBJ(jU&V8uczMIDw`0&wGLTyC&D1#^RL7t2ZZNdW^ z(zb7CX(7lqWoMOjlrGX|+i*A`WaG`2^lrix=Q9Tx9;fk^sC?A4<>BVp6E1s$zU^Gl zL7fPnY)HC-ZW*|_UQg45J&%dc6zTYdfET}9-px8!NR28gp0D*?P+lg{x+>2Z1pzxW zltfyEDATLTV+lmE{Or3X5`CO`^)UwWVg(ePv7qb7H%WnKB-t79bl;?_wMdH0t;#+8 zA&~X;BonzPBL6n-{oewu(Xg<||ECT<@^jMtCeYl#PR^G0cE2l$)gwDmyI8R$Pj5d^ znuis_w9Y?%2;`g+bv-I9M+#e8ok#5(W@oiujmlck53~0`@&93hdb~7z%!k;N7i?o? z0Zv%m$mj-<<o|3YVe z-=#5eikLVh!W#x8P?CdzC5QV@Ed!#ThW;_I0ViUA?El^ zn4j4B5RKn3{I!|zlk5LUTz}{KRk-~t*Xy78@}I2vw~YJW8TIRJ>90hB=>JUg>)q+U zGwauc|5vs>+<#{KOZxxssD5?%zfvjvycqt|AN(Z%{u3F(&m#)}K>Ydm{_H5R{fYlS DA`&Ei diff --git a/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip b/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip new file mode 100644 index 0000000000000000000000000000000000000000..e962050330fc15e50258b6dce11a2e9e93557fb1 GIT binary patch literal 6810 zcma)>1yodByT^x;l#p-R3zqQYL_I{rI{MA*kun7QvHC<;>{eM0D&y5y93vhLU znz@+RnpwJ-SX#jxoxCAdP&X5P6HyZpJ{@g*0M_bYt<_)M-HQ-_fxU$V0AL6F`dj}50j>krq*wiumnq1M3senF|{>LaMMhTMzSrf zvyYX2S{_8c1s^A>o)x3*Qw6VWmK_@qWN01YFd~Kz@e`~Xkh0D3k;`KAKJVL)MZ0yXMibeESz7c1d{nE6Frx*iM19x|*x?*M z^H%P|)igw(^K3$b&?~8*qFa2Zbl(tIjkDNQ$?h2v&n+skU;1rCv|FWp0|L6_o3=of z{CL*|rHLD8h5c|SBP{fkX|4M~a$1b`Cj7?hcmpmCNKq2VD4UDGG#B+_h}6~M6Wo!q z6}{Z}a_QE8X=N1w@vPU;d=}I)T*ZmiJzwF`K39ggyQ^uG+ecxQ4HIy zxfNt@gM9GlL_l0SVYLKxw%veS&ohtDsi|!IDE@zzRwhPKu{#jFa zU6E4CC$y%C-lrR89(%iw9K5CU7t-Fo4o~5Ryk@ZSA+O2=5)y{=g_A0J?Ig(ld1 zPCOw$0k3Je2DL)ED?<5z*s#O0tIa^HN%8DBit^bgYt56|eLBR(hb{`RMLKNaN945m z=cy$}*B607)aK^fpn(75@oLNz{SkNofHOY;!14!=hnU$x|K#q5FP-L_DgDoDP1AUm z3`Pc>Tfbsr%wx(2cD^V1DkXsx%;MZXXUm#aWG&!u@$sB?yFW`vl)Z2NGoE>j)cxaE zovs}9_ttq;S{TXD!;w;p?ep{6`#`2(r-lYb64r|KV8L>#b21{hltuCqOb4V5Vy;Xr zI)3p!KS6!2Np&YX#Wv*)clw88OM{rulr!85IHa#H{%f&Ihb`xUx+HSHIkBw0v?Jm6 z-Yqaml+`9$1t(_MOeveAX`+A-WIJ#wW$K`Oy8WPp3m>nxo_17vc*}R4qK4g#@K^8ESEFMiCv+=Q$ot*!{V9w*N}= zbvmWW1z|KsadNXX2`e9Y`hZxJ0_uh4O9fZ%5>pGIAx+uE8^D?}EtG~FQEjlY7i3L& z*^9-wEyW(dl2Ddij^0cV@b^96kFbreM|_-D$bDSA81RFF=A$VuD@5dF^10!{t6OQ; z&*{fpd?YW8%ld97sU%U_CSS91CM0o z81K2Nw_iE6RNpjtfSEP!ld4f8b)ip?38`fGalViIXLhuHh+ftC4CkzFW9`-mCSH!N zjgQhClNiG=wq7~n!I+9@SGOuT-_G+EslWX}@IDZSuQeDy73z&UCp~b^e@Y2{o9do_ z4fNWySfZ!Bq2g@Ay!d)TVcRal<95hi9wt*^=#sDGZZ_pLw;3k<S~nkGIo?{kd{ zaZxmsG5CBpuU9)Nb2Yu&bQR9yWT^NAO?Z**fz8GgC+_`CQKuQIEJX$ z0r2I0m$yc5*^K8i9?_8E6hJDNus$^odL?bBz1-NF*yJf$f!65ZX-o7KviWdv=PBIB zFWpwZ44$BA=8PfuVBK}}b_mN>evm6fHSALqv$?D({U@Yg+2`>}Jw}o>& zv?BGl7$)}oa7S=1AeMS`eL`*NO|3pl#$y`*qhiIxs>YR{t?-hw9sR=z!t#rzGB^B( zeivI}97d7Kt7=Fg4x?!0Z#^jaX1536yV@^^JV`wz|C%WVfZg;2~YZ#xft|~QlJhNFb@#Nh+ zi`?%DayFI1C0hmvJ5eAEl8*V4D0PoIxgYBaJdN z^b}{(bZ@-OuPB=uHx6hy0KZP6bhE795oYata6z|q(aCxGovN7tV|avW zT^MHbw4m@i<=hBZCVs#az-|K9I3+kPT%KB|+*^$bt}Z$Lpa-~qesIgSbp8rc9b9s7 zYR7=Lf4KhL`;QFPWvqIZmBCy z+?|ZcFuMEX@g0+WulpjUbS)#qAnJVFpVytRqX)>x1wXxZ^H7vurN_0Ox~%WZAq}D9 zH*vukR@;&LYVVu?%|vr{I;MiGFfLIrQor6XOHQF-$@Hf~v_|~i2^7__)G#A_(k z*~oF#Sc4Po0156=lNKV&85z~Fm^hzS$hKuy4m|7gn6Aur5En&~(a_z<2Ihr}=tTuC z7b0JQJ`;99;FS%|$H#b~Pj0Ky#0~Njw8E8+E+t|XByCHqjO`}!Ms|1zp413!`VHoN zWZB%En{-AX3_kdgF*^7r-VU)R6?3J?w;HDQRaj#740KZA3s4!}LB7J12yBGC3yu?+y& zCj=J`R1PIXEyUp^;}N4lu}gDi>uW6f6jDEz51MY)xo1uM$*+cQi*KG0JAZv-{iRe) z-)8C=So9!rWyyUboI|P#L6{S<0VIv04H3n zTilc_!*MF#<90r~-TvmR!G^+WECFooSUE&GoMFxlb2iMUW9yswEX|8@P23ZvVtISe*wE5~N>_Z7kB?Jaro>=X~5+*pl-4-V4Ub2IhNGRJ% z!-H`fMYZViztfW*l%Wx$>jxX4OE#y#@W(?HWlycW3*QO_0#$gCv+3l&m0ry62gaPro$esRWE}mHq-Zbn|F}Yz55X& zq_$B_Es8}lnjZ6ww|?IeQ_Yn;wioW+KksKSPnz=f9z#EMdQ0V)ej9y?#7)W}h-p6pRe(=8KhRxSh# zGnu-#oB6at94>`58du@=NsUOFd)PU_V78_O+ej%Y`s)_1pc(h>17J~FeMR6&Jl3~5 z{LVPjQZBHA&N?;Bj*Bi-a!+8=NbmSqo)ROwQ5#CQ)F1T zdf0W2c-!B!uA%38=5oX&u3#Qbc8Q|O0`DA~L6o_{S8tAXhcLPVX*jG0d zTa2JBvh>K2pn01|>dd3- zP&0H)vbR*QkF%1q#^t`h+jmYdwc@Fo8g!17QlirF8QAkjd~Mj^W|%uWrdxDBUhS>R zy?eq=iueqgQhNR9Hvc){N9Ys^%3tNoV{}1ltn2-}-e6{#;CZ)ZUJSNl8C7jr3gI_4 zs?g@#>wOsQ;y~MlQF~k^uozM4`Avhbo^9Kquz3ztUQzT&o34S2>eYGZ$Pe}F-RH?y zYd>NrsT|_-!voCEAYaC^Q@v83G>RY6mJFPfh)+MyNZawuG)xS&d(CL0Y(1j8HR9_~ zXO)jZvp@CH=tzqOdl~OGa7MqkVzc*%tIT=10H&!YShJ#~W2z$en#fu)Q?EvxAj(=L zeG;mnMAl%3#6=BV)Eg3gy`N4apYb$rmD%w!SY4RFkIrlLm@bdB<|`wqO5&%2MUUC7 z)C=o-3#yt)TTizV2`zBx6U|7HL??tia)*RkAAu`~^)J4Tes|C}-J8$w;drQ%Q^_NH z&+rRyp*?Qj;yh#iW1PaF$XwsP;Fpd#sNZ>|n(UBDeT5rGe{uwwi=yPyhxt`hEsAz@ z?1pUrSCW4gn+?0xbntXsSw&q@ZrPCJcdZ z(jn87jwEVRJ5$v9_Ot=$M#UL$?yZ>j(e@qvOwE2roDDiE92U6{mU&$(o05WYHO<)h zoN}srzH?oLkKes|EnanH7)UrhLxcryX@Hu$ie8CdM^g@S_z({%qoh@DiTuTQ3h1yy zE~EGzBJ#xXds2`UNd(n17Qx|~O^RVpT7hR*TUqG%#*72ohcBMozECbn5@b^7J|>k=>)deYV5_=?7EGzAPY_fn$fTuZjatE%Q1g%7c6l}BN@$MVai$g{z-Ux)}L4*2Wu z#?V;YOE7YY)k_<^C_)%ZUiwJ*xlq?aCZYyQRLM0!#Hbg`+VED{kxq%FQ>WTabY)@u zC(W3TGZs!|?B3)L!6_4LT^I9M=&jItbj@RU5T@og9-n|ho*M{CD8|Ei4; z2LJ8ynw4=dqO=;?(2l}=W8-=L z$MWx{_$?FVjRTV}$4E?M?jWc}@=!2HPj4LNqWN=XWnZpZOa|{;dhrn`av_ccaRxuc z)Vvs5HqJ|6ctm>gY(3}odmJ0F2*mvsVriGOi@hKmm!c7|cv5Zl99{&}hj1a0{{`W# zzz9baaCIrJ&0RD;3YNehBAwmSM&@{Jt}-jw98&r1eIvqY(`xEivd3*eQ2Y&d`%B@S zr(W@=SIO$V!c}n*)nuyA4&4-W!;=}Fedrx<&bm^1p{sRQOa@kjEkalHn(QZWot-kJ z=rhYtr0!%$?&ICE?SR%LkK$Wo*9Qq3iT%I}M?k92S{3GiuxQr)4DM_eNM( z)1$7FM6&T+-vE#Hk(5MdZF0;M3x_Y;JgRjX4OwV*KKgDR8)~g|Ez!S1m$h@%1sP!5 z1xc1X6+k|=FCFAh{B+Y1ySg>=g0J%^c9ls)4@Qwaymbl`n6$_n;pM%Gnpe)f9a8`9 zvU@85gAae?gv| zT7zdOAq2fTNx>e>U@okLkK%8Ef%pe(GfgtGB(LCw03qqVYy95>vWAd#F~P429LF61 zfb9(7+Z1e@r&#LOlmhM((Li$+ zVtnMpy+!(@{jZYLd|2!vIvsA``P}AQBbI1!4EKvChQ^7;9`*|!;Sy&K2HYOIhs6a= z#~he+cHdj5e~~N z^)?7x%E6k>=MT}-o=#@ZF9R=)U`j+JO@+Ut4l80dxiX4@?v2i!K0xWuHtG+$;Gzww zgtweYn(=|bUus)MbJ%4*x>^kI7zDQCKDJyBFDprT_efPDO7*^}B;8h;0wOdx7WXEA+i^1E z#V&+pBeTlf^9|1Xx;*mFWecz=efiVT-DQ;Ykx(hTSQ3tC&?2DlbNCTf_zt+FC3?g_ zC9oe!qo4_V=Tql}R-&0FJJrMGNVcipy^A+jvroib+_U4Ct|mJ2#`Vs@rbSOjsXU!W zooCE-C|GfVhhFB6#2Wb(;qMEr#k8a~@K<$v%=n2i{l^?4pNv#qYEh zhCABZTBR;5XZI@66>$s&*%3qf^)O6x`D>eqM9tR^jQB+2mtY1@P}+IKM&`0C4Bm<@ZY`!u^;1{{rfu BF?0X` literal 0 HcmV?d00001 diff --git a/examples/aws/sonar_upgrade/main.tf b/examples/aws/sonar_upgrade/main.tf index 9e4f09ba5..b8d02b24a 100644 --- a/examples/aws/sonar_upgrade/main.tf +++ b/examples/aws/sonar_upgrade/main.tf @@ -1,6 +1,6 @@ module "sonar_upgrader" { source = "imperva/dsf-sonar-upgrader/aws" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag # Fill the details of the Agentless Gateways and DSF Hubs that you want to upgrade agentless_gws = [ diff --git a/examples/aws/sonar_upgrade/sonar_upgrade_1_7_5.zip b/examples/aws/sonar_upgrade/sonar_upgrade_1_7_5.zip deleted file mode 100644 index e3a16e3a563c0d82fac833762cb5ce898d305578..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2348 zcmWIWW@h1H00H5Ag9tDKN{BGXFcjzKB^Je(7Ni#?rliIj#+%2R>W7AKGBAsEFG~gC z(h6<{MwXY%3=AywKz#u~(?ozY2iUZZuuWFKfV?cAv>Xo8@=Hq!N=u6MO47jQiefi+ z>7^7;>b=u$WuO2lOZa2Abe1he3ze7(of<t zc!p%H#EqvBK}v;*0+%-x-|$+esj}xhE`TM2+ZTLzI@Q(VtVaSPD{~O zOfGFZTCa55L+st&~ii!KruV;yA2xQc3 zaBuDsXj*0L7I$E)8JkmcKvKXhfgM>De`6N&vUNU?Hm=^P7O<^lz4`SIw)cdRLmIYr zU(l9Tu(;9nU_sWBQ@hl~J~kguIH4rFDD)PWoE&?_ib4?<8Ji%!&o%S(KebjU2$&iL zX`NGK((8Wtp>+O*%Ds`oznZeaZ&f? z&U0l;=Er=0B%^7t_4B*$Rq-F}RpUi}wwH9pp4zy`f70H{WydPl{+hh%-%pfU&JTapi&?mQj zi)_C0J?Aw&$G&1te&`H_XQg(Hr)vUz9E2mp8Ji+>(M&jk5hhLT6 zE&KH-XX)z~p&kO)m$EOFOn8~|;haS7>w`+Uviu>(zG_%cN5{ohulX6lCWz*Dt!@R==Jg(*QA076NQV4B7bGIu_ft@2``lgvH zCMjIpI#;QDebRA$H%j^&f*7t=x}EI~6|*oBxjG zM0>FD7V&FFCuSWfm-f3e^>qD@L!bBlZq7fyw5BL;vP-Q0tH+G|H_tLPwSMdQ{+Rtp zy6(5IdCgZR3eEP7{j@2A{kec=bwW>*FAi_*fz)GLFc|jk8R5gH%@)| zbx!m0FGe$O#+=Py3l8xqzk9Vi-Mcw>O=Zo`@Vl$f0%}uY*@t7mfC>W!lq`;b3UYOH z@paY9O@S9?paKo8knHU<^gnDM&|3b#%Q<$|(R(+QwoYkXDjIyGAXo2O=Z(Ia=TrVw z3pF}yIPhoR_r2R2@4jS|do5}3^+J`G)g%s?fR|n774vEi&TF`5;HNzE-8$-H?F zzsYvh^WEIXFV?aw+bDkeX63bj^Lb_5TT+ClO2+CR)?PjJruqG&{Fma2{v2H!n%R^2 z-(rVsQD?|8={ZG*E;;=Dc|)prNh4PV8!wBXrDOS>?Yo!%wa?43E9KR(KH$0KN_UYT zlcnQ{>sO<*qVDL#&wdX|MTm-{OmC8kIWTZQSRO~4%1JGB7_ru|5@q zODnh;7+GF2Gcd5!1N8*}O%nmq9AMKr!Zum`0`jte(sDRV%P%b{C@m@0D@ns=?$SvY zvsw%UTZ7|U>tuPExHrCs)aMfAI{- zT8SG^BZ8C)69q1BD!$>hPRF&+On&Z6n=+Fx*G>5{Hf%VXV*54x$D9qqJJ0?7ut}Z$ z=kZ1PFLf8!v~6j5z%$uYO#M-6%JM%#!z^HJEvyA%(Z?4YxRqIQcyLF@2>}uSg^)1#%V1mS~xBFJS=6|acxb~er zYKXG_O11sZ$iPqnj528)A)1?*nMWWv--h{i-!>4~`#YTHmN$2&@b25|o%xrh-u^A; zEqJRUr~A~TiyofNC+pvzkbbY0vmj;jgxD3mxjOsJtBmCqUf-!D#o~BQOF#L3Md(8D z59-Vc;(wVK?HVt{_SdaU6TNzw(Mooq@m8gS4^*ozol`5Axc~fp&K(SknSvPl*+dmt zuBPIZBoUwJ?;mAWDwi~_QD7|v_NsZl~j(6#uSF^f3 zv99Ru>Ea~^uH4&w|8?!b|5N^KJ7d2j_)SosXzipoXN67A{aXrYkpZW97KeFA| z8N@U_-KXKb{m)0SUfVJcThz)|+(^?;kiXIOuOjZ^+->gycXj{V8U5nk(km15ub=#Q z$8t{i6)X7#W&45?nP!;(WYPP)XikIL20ezO`_ehW)>{Sy>^rDX{wMIzvZaS!yWa8p zdh}+L`Nh=}6xR9kdl?@%bo0Sn!&_#}uD7h@R`fviw+)U(_4s%!+*Z>Q8VqNb_0wZ7lZ z19Pb>FkLC&NK<8rMVX07IjMy5X==Y=-eChC*Yf#~4tqx_gtni#+ZCt4&XF;F)65l< z6fSO^t5m)|>9|9q9?M6Mx_|$DJy#U=L}{8nxpT60T1eCSkHL&q?#HB^il2qef5&p7 zJ=l1Q_%)*wvyPNY``wv(y8g$Z&wGD2=bv9%Qzx8~7%zh+Y z_gmP!=BpEhX8Xo|+LXcmT)?wBBjSLv$eJk~i!=1=9=={|o8$4IbKj!Jwq=GJr@s6; zr+N7oqnS5j&StO$hxnA=z1p4b-5k88vgT*_-Bt0Z0ktWy?87l&K!pJVN)|^z1-Ux9 z_`2%lrr;~hdixCh4;u)ymjCZ^j-7S%-c6;gQ(Bjb1|KQN)%(_Yqp#-qlz-JijSd?Q z{Mq+?@Ak&KFB#=tOB#H=P~~Mci9;sfWtVxyyqbga8txhRDbIYj&U(YTJ&WpZvR(Cj zH}~<2wJggvil4q&c`e|4UK#h66yd3ovHFL#S5LiZe*Y-{rMRL$N7sgC_GJFI*dbfg z8FEZ|PSK%D4u5~%kSbo%$d$py%OYs$Sbk^w?&W{&^K$G;d3CH0cy77UUF64P>3HJ$ z)#$9KJ38^R--7}NQFD~(O;Rxj1`Y_z;|QFx)S}|d{5(R5s3f(hC^0R+C|9AHOF^M1 zwXig^C^aP>s$0QULCMZm!BEdw&rnCf2FNhiGf?8HxCrPFI1piwfU*S` z-a3Mq*lRXcNX>>(tAR|$Rj)xz2BryyC5?VKOh&Hdh_eH=q(`=60njRJu7{WV#94rv z?U60`0<5mFS%6vy5N8W&odvV;|=nSp@~ M2z{9t7*2tC0Eek`-2eap literal 0 HcmV?d00001 diff --git a/examples/azure/poc/dsf_deployment/agent_sources.tf b/examples/azure/poc/dsf_deployment/agent_sources.tf index a0bfef673..c45ae7edb 100644 --- a/examples/azure/poc/dsf_deployment/agent_sources.tf +++ b/examples/azure/poc/dsf_deployment/agent_sources.tf @@ -4,7 +4,7 @@ locals { module "db_with_agent" { source = "imperva/dsf-db-with-agent/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = length(local.db_types_for_agent) friendly_name = join("-", [local.deployment_name_salted, "db", "with", "agent", count.index]) diff --git a/examples/azure/poc/dsf_deployment/agentless_sources.tf b/examples/azure/poc/dsf_deployment/agentless_sources.tf index 807dca3d0..6ed6b5c9c 100644 --- a/examples/azure/poc/dsf_deployment/agentless_sources.tf +++ b/examples/azure/poc/dsf_deployment/agentless_sources.tf @@ -4,10 +4,10 @@ locals { module "mssql" { source = "imperva/dsf-poc-db-onboarder/azurerm//modules/mssql-db" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = contains(local.db_types_for_agentless, "MsSQL") ? 1 : 0 - resource_group = local.resource_group + resource_group = local.resource_group security_group_ingress_cidrs = local.workstation_cidr tags = local.tags @@ -15,10 +15,10 @@ module "mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = { for idx, val in concat(module.mssql) : idx => val } - resource_group = local.resource_group + resource_group = local.resource_group usc_access_token = module.hub_main[0].access_tokens.usc.token hub_info = { hub_ip_address = module.hub_main[0].public_ip diff --git a/examples/azure/poc/dsf_deployment/dam.tf b/examples/azure/poc/dsf_deployment/dam.tf index 2129fe241..652a276d0 100644 --- a/examples/azure/poc/dsf_deployment/dam.tf +++ b/examples/azure/poc/dsf_deployment/dam.tf @@ -6,7 +6,7 @@ locals { module "mx" { source = "imperva/dsf-mx/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) diff --git a/examples/azure/poc/dsf_deployment/dra.tf b/examples/azure/poc/dsf_deployment/dra.tf index cd063b813..c0fd0242e 100644 --- a/examples/azure/poc/dsf_deployment/dra.tf +++ b/examples/azure/poc/dsf_deployment/dra.tf @@ -4,28 +4,28 @@ locals { dra_admin_public_ip = var.enable_dra ? [format("%s/32", module.dra_admin[0].public_ip)] : [] dra_admin_cidr_list = concat(module.network[0].vnet_address_space, local.dra_admin_public_ip) - dra_admin_image_exits = var.dra_admin_image_details != null ? true : false - dra_admin_vhd_exits = var.dra_admin_vhd_details != null ? true : false + dra_admin_image_exits = var.dra_admin_image_details != null ? true : false + dra_admin_vhd_exits = var.dra_admin_vhd_details != null ? true : false dra_analytics_image_exits = var.dra_analytics_image_details != null ? true : false - dra_analytics_vhd_exits = var.dra_analytics_vhd_details != null ? true : false + dra_analytics_vhd_exits = var.dra_analytics_vhd_details != null ? true : false } module "dra_admin" { source = "../../../../modules/azurerm/dra-admin" - count = var.enable_dra ? 1 : 0 + count = var.enable_dra ? 1 : 0 - name = join("-", [local.deployment_name_salted, "dra", "admin"]) - subnet_id = module.network[0].vnet_subnets[0] - resource_group = local.resource_group - storage_details = var.dra_admin_storage_details - ssh_public_key = tls_private_key.ssh_key.public_key_openssh + name = join("-", [local.deployment_name_salted, "dra", "admin"]) + subnet_id = module.network[0].vnet_subnets[0] + resource_group = local.resource_group + storage_details = var.dra_admin_storage_details + ssh_public_key = tls_private_key.ssh_key.public_key_openssh admin_registration_password = local.password - admin_ssh_password = local.password + admin_ssh_password = local.password allowed_web_console_cidrs = var.web_console_cidr - allowed_analytics_cidrs = module.network[0].vnet_address_space - allowed_hub_cidrs = local.hub_cidr_list - allowed_ssh_cidrs = concat(local.workstation_cidr, var.allowed_ssh_cidrs) + allowed_analytics_cidrs = module.network[0].vnet_address_space + allowed_hub_cidrs = local.hub_cidr_list + allowed_ssh_cidrs = concat(local.workstation_cidr, var.allowed_ssh_cidrs) image_vhd_details = { image = local.dra_admin_image_exits ? { @@ -40,7 +40,7 @@ module "dra_admin" { } attach_persistent_public_ip = true - tags = local.tags + tags = local.tags depends_on = [ module.network @@ -49,23 +49,23 @@ module "dra_admin" { module "dra_analytics" { source = "../../../../modules/azurerm/dra-analytics" - count = local.dra_analytics_count + count = local.dra_analytics_count - name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) - subnet_id = module.network[0].vnet_subnets[1] - resource_group = local.resource_group - storage_details = var.dra_analytics_storage_details - ssh_public_key = tls_private_key.ssh_key.public_key_openssh + name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) + subnet_id = module.network[0].vnet_subnets[1] + resource_group = local.resource_group + storage_details = var.dra_analytics_storage_details + ssh_public_key = tls_private_key.ssh_key.public_key_openssh admin_registration_password = local.password - analytics_ssh_password = local.password - archiver_password = local.password + analytics_ssh_password = local.password + archiver_password = local.password allowed_admin_cidrs = module.network[0].vnet_address_space - allowed_ssh_cidrs = concat(local.workstation_cidr, local.hub_cidr_list) + allowed_ssh_cidrs = concat(local.workstation_cidr, local.hub_cidr_list) #allowed_ssh_cidrs = concat(var.allowed_ssh_cidrs, local.hub_cidr_list, local.workstation_cidr) admin_server_private_ip = module.dra_admin[0].private_ip - admin_server_public_ip = module.dra_admin[0].public_ip + admin_server_public_ip = module.dra_admin[0].public_ip image_vhd_details = { image = local.dra_analytics_image_exits ? { diff --git a/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_5.zip b/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_5.zip deleted file mode 100644 index 645772f12ab189a2aa45e79e6fd17568e372eca0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 11256 zcma)i1#nzRvTci*nVFf%k}PIsW@ct)W@eUbFcY%y5O7FlF{&Fu2&cnvU)>)59k3)}* zK}8t~0D>M>YVybJ;tm4<0zC!+06_iT|0w@%4)y&B`7d+VR~bG5??25W0{{fSGiT@G zZ13XiMDJ|+FT-emZ}?n&+G>pvwd=43(X@oFQNn;H`QwT{BY686vn!+sWrAjV6PeNI zqrmlB7ll-UiJIhG^hNy>>T&1gvBc%g18S6JN|PW|%0qfRGsaq=LkJg@dSI>?WRg$a z-V;OTdp2pHAc&ixOQd`FxF3*m?UTx)jhq6`9;72$m8B(vaC`8wf)L#R4XiYgp&4~j zK_Ev_Gt3C$+E5@kgI%ck_BgqrzGg3~#jnAjPrB#31eBfCqg%3Fd~#SzyomW-w6bmZsAm4%atO+Z+mQf>l)lF$9B6l?T~Xfmxa)N26NIHH5ltK+ZZ> zGs?c5VHM3$$Z@TO!N$f{V8HL zusyBVVQwa?3HutG8fZI5{0%PQWAH(yjBLz{6gE}iGJ5ToO(ko?Wi-|^sKJ93cGMtI z%;h3EP@F@>ICQ+HCb(W&6v|WmwSG-?A)Wos82-p;J<@F+ImHr5t{iE7M4nM&PcNru zhs1TAP`O1Be!f<>rP(84$yS(oou)7jTrc}2tFXD@pck_xJ&#Frc?5c}?7I7=+H7S6 zd!x{B*dTtKzEIc8`vpndk+lRL6)#z%r)9idU%2QFXgbOlaA6N`ap(u+AMw$zH0L}| zckVEqF!f?WfyLK2HsaV4GAuu~C{CblPkj=+?|+!$!6(JiUvVo@*&0AR)kw5w9k(|0 zSZZCE&npg1a3ThQXQd*2%$lU2$E1&+?Uj^iJRv)O&Sh z7V-+=`wj)P@N>RQ^<0ea*?C|Y^z0#y-tZyi8^W)it^1W+ln59Ar~m~3$bRS924;U8 z8cudDjz%W`_3z&t95KoUQEQB_ubX-X%;3D{^J_zxu+6XW^3gan6>hOMv=p7T>wbBt z6f$k?z0f5qo{5|DNmf2pw2@mlM7I*9R)FM~IK`&z#2@6e!{gVaYf+Uxa?4wTML&qZ z(WF>)>{OUHM>*!YBTrgAzFKqFc)=7Bjtmw%#iAQ2-TG7t$d~mw1MTL+V`p{ponw6= zNPxKe9EaE*cm*O{Y#aS1?@Psxv718(>@Oi)n~x~0NC(8CL~q^Oblfp1soUVag4h-T zp53f=tSn|d)RDK@YE#GHTA1lbr0#d_jtZMpZVlXNqytKw&iH2P(ms*TD%*c^9pEWE zVrYWnL*N*v{ew?%CdnZZv*4Tin5W0Orb|X6D|}M@{E^v$VWB#oQ_}L-XEvexLVm9N zInR`=Dw^Y;yL(D^?z9j?#*}jzH&?WI+mhz4ta(Cy^`-bVm#w5x%)%`3Cb+a^>yEur z1U<8Nik1Q6L+bGYB{#HE!~rtQAklSNynMA1%KIT*tkix$bX?jvcnROFF3qjiA`fO~ z?XK|=^7s<%lD=JJEKW_zxN~0oWP>YV(+Ecn`ed+P23ggM+Q2IyvbbaOVcw|l6NXEQ zS)4`2&CAS%)}g{jnHv8{B1NapX4kGP`vm;adSfe`26E)h^ycX^^UpYoTJ_E;X)qa$ zn?-L7!XEQ0$5gv9WCZR)0WXV`!zI;2vVIY1P3KHV7{RQLJNya!zwSS=e3j3R?~!E? z768Ec-TpH+u=!6^`OU7|P}Pxpk19TgYU*EM#BKb0Sy`d(N8&z?IPOWE?5rf5-x{I3 z`8=#jBqcW*T`^ZF5*X%rU6jRD*$_3Fb<1L+kfryGvoTm30k6HJX^X}&P*9|##DJ%&WYL!H*z7@v)2pZiX+=04=N&8_XunwFwnlna_js7V1<>Er zJf=na7-AP)1#ry}eyAmsgs!d{6h=}64fk+_j$T+}-_pA8r*_JmY{2porxGu3+E7h~ zFlfc#_Rk*7Czy`!6M*JHvrT()$8tEzaI3p4#HLmJIobDdThcW}4s6W9!Di#8f6%Cl z_+y{PizrDIG$Z~H9mS?=ko#*Qe?R&|`Pgy0EjncQxHTuEfR`>$Q(@Px>E`MIZ|)kl z$7_Ar$&(rhsai+IKAZ{3|WrdXQuVCy8sLR0wn(LZuw7wlGfFSUFcx2<&+I-v_&%!Ll8){ zYtIg}S%U(59D@Pc14KlSC9m#BooszOD`gigu6SMsA>evF7N?==)CI7Q7FpFNSXrw! z&($Xl!rG{)a<$X?Pqks_Lcx9`!8ECynDkx~dy2*aB~U@%?5b;O%tfyTGDWSZH6ROn zDvFGPEQ8M1LL_cZu`MIfs|N<^PI{OSG1ZbS8{$SjPf9RY;4eaG`<3=48+b^%>Z-)Z z@+QOJH?z6_G}g&1W^u(BL`6GNp=hVd=bZ!TF(T!SQ@lr1BH+MI!w;kW8grsh6`k+# zgdL@H_{wiw}!jfSYFxv>c(n5-sr6FVFVf+@b1LF;hQ!F7PkM3ALl45#H}*I`W~ve zf5`%!M`}e`V}rhRe{RT`p0d`)22H?x zu8cvk#{_U{DFy>z5G_;*&u>XxvmAmlj`YZgOo$2H#Oa&3NC@`D9(8;0FwbW_2wBVV z0+&a(IWZC06-4%`WhtnMw9tV;$=H01$Jap^-(-`l_w?)hJ6OT_`bj1Xu&=&MAzF5{ z@?+vykQmWMZ;{xI^;;V*kq?~saNHik}w)UuEIc|dzmFXVR7q?|HFf_KuAh&DsvxxoGOoAY;8 z6a;~IsGqozi`2d?nxj!_wJyR5=PH`fqNhDG48=WH8>Nr((LpzfmlZ+n(4)Sm3XtmN zhk~n2jd@Sa(?e3wOg5z4(`%2vcHV83zRboDu;5M8DgK zt_F@428P!ELuP)HtZZn$*{!jozw!DFW_hNc_a^K$ZY%+F5o)zq*~=g;bng0>Qp_OR z+)zhgOMG=`f4TIED>fcg)ux~fUHd9x7!?9grpDpd-aRf-GTf57cOEe3#Eu0sw% zVh&@0oFXy;8^J;Z!-S%hIICd=8*HLgnQ-xco@m?N)-!9YsEI*-^w#&7QqREdzJI(w zx<4}4$kVBdIFL*YNh+M2bT~o0P^#d(!YP2OUjFWHg4)N=#o%uiq7jtdtC?Dh>?tre z9LdrjATXt-wHAoyalM|Ve0l9DPtBQ~2&kYH- zAT>@=6k;IqO%Z<#b&+5gZb9buwv)8dYW0jgBnJmww6J50W_fk7t)N<6@@;e-7)C?ESWd0$bfZ~z^ zNv)Ph6V(x1wE6U}hy}r{Xk5F=4auqv%or-AUe^b>%Z&zH;5RcMb9iR`V|GlD;PgOc zn#jmMJ5$^OlmH}%j}H6a&nFHXgB|pHy&4}((wJg!lpjbc6b-5hbT=Ek zjIdB?z8i|viF3~@MXKCPVZZWmLY;d#BYPi>TCdaWY#BD==2L8Fe0Fv{yV3N$K?pLNJyv~~x znY^I7wi>rhXPgDQuJ)&|q2Y%Zf^z^FH9V4^&K;EK+G&O?B%~9yRQJ8uw}Pn_f&+Iz zAE3mu$fQJei8r;tg+3tN2h3+>9t{F&gCo_vZad%f2>%C{=;<2c4k z<+T@DCK5_F7~BCVV-U?&RtUXqo%Q69l7h!_1?>R?FCkt((^wc-btZS$VHASdJ74ZW z{-R)V+1;|?NXKUSKo(K_oOfP85LWAqpf!=(FUI-ILpOPa@(H`KgY09ODE4he*RGTA zJVM_ky+~zoDho=NtBFG+>R2-Eo!%Ygi|w}@1b)Njibptbf_Gx(u&YR9@zK_9wqmv~ z+d;l_2*afXnrTHxY% zgYaG|uhsyn2s~#O<=(8V;8lCMrsKM2N{ud9^RRsF)iKH=Jbm;NvSw?i<_P_u_iydJ zR?B71N^^@+&d)69P8(r=A}_& z2wtAsZc~Bn)HvXs?{FwmdO5S@%?mw~ajPzPi_Fagi*#vYD@N!-yfTwd+arM>!8_Qg z9>3%hl5cVWUwD1!6%~>`MceI5V97=tw*44 zL{Y_q>GOtd#oz#6SzpyB;nH9`I0I^gy!L|cjp^CF|_1&6#7IF0iPi$ zozWboyB(UD@j2QRqwqKbt}5aYZagv>A>u35)Wu3f;$gNq8N{&Q$p%JD`KV_T$;yRZybGfeTU+~A<8yg*wgm^G1DG*3 z9xA`*)WfFI^i_+ zz1s9vo~I$7=`OEtZ%|xr*tzf@KhsEL8DA!)lDEBy%Ii(OF+-F^vJQl3u!Myte;7TR!6Q%X6%ruO93YKn{vf%SzF|R z=kxKbe_LSPa615BP_rY?lKpZcxU{vr_^@7^Y>{DLjDzYONwc!4Jx5kHVy0YK3-lz6 z=S6J985+VA;>(A|A(?JGQ>N6BAb-E$eu(HM*e~{|#(Fp1x8%k|f z(S4~@)p0p6s2WrUuMR^0DuV+008fIOwY;A*1++9NjlCo zCT;iF5xWklAl>R}fwVLTBEf*&y^c|CEipmq=Gbvw1Cq~-LAt%n#9yQ8jfZv4ny-lh zMl#}9`gb^Rslt8G&A;D&gj|cFgbQAB_AB(w7NOEeAW_NPlHVXaFxl^!A>dxR0`WCZ`qCf&!Q1fS_-`5n;WSV0RcG0LXf zF3)bc5j#@-iWw>eVnk_}#Cl%HRkVn;t`a7&Vpqw?aEKaKL!!!!A5|k;b9vB$3ImELdQWO zlqz$V_1HI&N~#h=%|5P3+Dk*rIE0{rD2w$#7E9Y`ASMInCo@(7%{5tCSP=!OmevKz zlxP=A3kt?hVYe30QOzVJ$ZCLIl-5Xa429?lLGuPy6>C%PfNX!38n-4VjrWUB$d~b$ zSY!>M%GB>WLT#ZPZ4S7tkOmN{U{xmuD6*~Vl3@f2qeDAJGj9!h%kG&W9jC@GK|Imw z8UT{M@*R$Ft`ESm$|QdvCYSd7Qmr;R&lx~=TM+nZ;8<3Wnu3-WwOyDEa$FfdB!lMq z3g`w^ehM>zFkCKhK53;dAlez0k#;wkEb%FkCI_OKFK&-bWu1zKn_CX+5W1)ovTeOX9A_d&yC9@BuZoADYZtuKu^2?w`V0}{4wa}ZjX&;!P3dxvUkEs?fo4kJz~ z2XsO)JY#Bdz=Gd&yO5!jQ0?F=Zc`*&%IE~806BG#72~OvKZ|Jbhnm=ak4=9Ut771M zejUkekngyN7+2Y)peOBe*G)bA$VBrI*(GP0N$7FL18M?gL8qTgqUv@xN*I?mC3qia+e*zE7_O#k*{QL znVNdLhJ#yq+ciKB#sh=nA>aK>HVBrBzDQkvTBCJ~s(Y@U@shA#wjGw-`}9y=f8LeO zX-j(0He1n9G=9dQ{D{kTcw)Fm8Sp@9Na1v!4+t)a8h9N1CLh;4z!(77R1RVUPgmc`b}&_oWkX%xDM%ZUO_+h z?DP6SJ6!PW?OON6t5>;IyD$fZ-Uo4b%PzB)#V_%drzy{Pa4X{5qH^~NPJEVAa@tP5 z_RGtk+!}bAy+Ohn=4bAj1D1jBTtn&1!VK0ocHPtc>H=^JyQt-CBFD`!-pXQi-H$G=^swWq$qr;RVfWc~?|^5_C`m~&erQMwG+d1%*)~4S*mF8*!|{CPGQ3zi>N=<) zNpGRvKa8G376-SHhALPno_EP(`ax`Mpl9#_iL`T86jP>nPSVb31ex`!O6i`dplF%*TsjQ8UZ!-U?==y5pDX{c~7S8sQdPv(xVpC^yt$P~;= z_j)!(7JiXI!X-15hGH-GBo*!DgO@6UC{OQo3Y#>?XZdzm6~`PyR_z!|3GMFH4W3bZ(){)~vAmmVT}{NCe;(qh1wP)P$pyIVRlLPBZ+X!CSn*x=o6MO7g1 z5W-KcMm|8Td9GQM4HgV}ppgznw#couWRr=7(wSLuU&gkSqr-hGyo=^}c{ad)Eu|gT zg?Hk;SH#WW0083O4cgYk+0D+;%EH#{Ke6pM!!A)>vwd&J_&lhY+d`0jJgv6t_t!r{ zI5Y900Tyaf7W+(#(?)t6`SM&Im9&zYBNg<4l-NZaKPjwBpo5-K?TF-y0A$sKRP{tu zKDQaD2p>%25c66)<*i9T@DA?l8CE_00)q15fPH3F*6!mPv(*HQnTWl-eLaGlF>TQJ zt}CN#uCr*2e;4Tszu`vT^Mh=7G zXNkr&3Xmb=F~v33QfLDVmz#V0KkA90uq(9 zD*=!J7q&Ukteskc zQWkcW#cL+u3gJYWNBuZGmP>5(0iP+j32bfvCx$#5Gk58SSh5nuU^rnProm|>@u0V0y5^?!XQs7e$dNo?iC!1*zf2t&wTV!nHSKBPiNLG z3I8Z;<$z-)FKXw}Pm;0995%U_+F`CI+{fL*KtiwhOuh?jEREQv18>12vU2g4R+Krr z(h$QtpM-%20Puh3c#0wd!ZITCHpc(eIQ-#we-Teis!7?ci6VC0s7dbw>HtagR%(!- zKemM>)`N6N9D{%b1n5S|n&?JN9*8v9U$%G}q$HDZTWnW_7+4#5YU~cOGVXw+%?R|z zvJ|UnbaA%bDlH}Py&o^e#SG|efJ4!`@#&*2ZjD)yRgjKDwoOV&h{Qq|VX~rANl^RR zLqC(@m~g-8q>D2|?WoR5iB?qJe-l?h2-neS2t}Y( zAjT7HhVu*=%Ap+c0>uE!O?fY?jlk;FHSq-=52myvF;4Cfvl&V>R~yqsD;Ls-_MA+7 z25!h;%r8-)T2?^B#m(0@l@k5QB)|C(qoDS4PD9^>N)5a6Kr$$yigYA1NSU(Y$_^gf z=3AohY}4|gCo(7nlJ*Uncb5l-H$kuTk~A0q(RJI^x91i`TX*~LN)Z*NRh?O(UN{-l znwoV!l;+2P(wA?Ryuq5L>!w=(}PmmlZQ0=l@g*BFkoW9Te4nGFRCZ+kSa?;k{9DOZH&n- zzR*b4)IwQ07>zJ*6f06y<7k*U*9+6vg2EYmFqZ6nuO{s)s!(bi7S={$5uHNPb1h|4 z+2s|gv6p1=@wz_N5}XYX@%p2rssE^;U+zpj?@x9X84{neB0!4dggk@n0sz zHLDDC>bdf8D~!l@Pi;_iqBvP|9|m_d(+FH%iGovw3D|grC>Pme>yN5^ zfO}a!;+^CDK~KgY(v6c-K0jxQcRLCBtf|{<(O>Dk-4U$qAWOQcxKiMe+h5t+yGrQU z@1>ESkZ$nQ(Y))YUcgz=(s1cSfi=N-&vm~m3qE?~?S!1+4bLSamprV%fY$uE_x7`l zVViw(fT;bmbOdt(Hndv}*KD#wKd@M}uDF(I{PwCo@eNBVR$J){&hZ+ADLa%MDmfz? zH>ANP!>%{*rB8&n2kRKSZZkzB>I$?X*OTEU1U-9p_+@cb4)H0urFP|Rvg~Y6Qx!65 zAKO)mz&h1yNT2G;qc?X3f`u`{C~Eb(dv85{m#tfee(uBB+4c(C572&orgOj#8AdAz zJ|q)zYVGoBZw^&9MW-~(POjJnQufo(Q_Mjl3_MY1DT?IMN}XHVfwq=laxLR03-BFi ziGeG$+6$&vy6Ff};5>*GIy{3GCqpTbGlK`n9$3V^TAmpSIJ~tF9B$;G;As&;xEPYF ziXHjkYh{8IFtVw*+y3Ghw=4EwgKB8>e6o|73rIP8&`HcOyG9sg zxy^l^D?Z9Kxtbq!0@$ZW^5g5)yiNAHw)_GBI7@18I1Xp!ow(9rC8$(2Y{RWoiT7zO zLb@-NIp4Ft&h_fFCKw`Pw0Adbb}^c2gr zXLhFTYWfc@COPr*LPke5SVhB)`ndS;2)ZAMByTssPxHlEZjchJjK7uhVj}I;)=pq! zwL$dG@$3Es{gwYrl6H3ayc4$Z{~u{{HF0#Zu(SQI809zYM`fxPK9CU>eET_fcN$+m zFnjoOy2(NJZ@Ai+4);LveFWRNX`0S}stWltRKa~@ZawBKSTJn5BX<=r+2B#-y;0lmHcOm@@o<7&oJN6e*^PBC9!`tlV7u_ zKSO}y{RZNfoa&!VZbU{|EITw;lih diff --git a/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip b/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip new file mode 100644 index 0000000000000000000000000000000000000000..7ba52f1385b2bdf299f4bfad0960c32aaa04b8c0 GIT binary patch literal 14050 zcma*OV|Zk1w=Nvpw%sv1Nym0lv2EM7ZQHhOb<}Z3osR8vaI*F}-}zRb{q|mK)-`KZ z{g~sPPt`Mg4|yq2Fc_e}4i$S2wg39?f8Nl6@PLdQO>~Wn?W}Cwt&MG*beVKHblDk{ zm7sw@_r_|C|2m!BV1aZQi_Hl*!FL9v6W<)4pKtLmyKtP0l5@+k| zWasSUNbh9wKM6illZhndKFd6CCmeoFU|N8nGTE&YiO(Q{1-IE*4=$6Hn*GpUT6 zd^QUsk&Iz+Fw1!?QPa>>Y0(I-;ntzPikd6Xb;Jl()C}C7=833d^{>`^+|9nGIQVsb znr<&78G{X=JRNU-!dt8t45v{SZi9AW(%GDF2pF98b(#1pgToyc>3T3|inM8~5_fUO zjU($!Q+-@8TR6=L_j&7uHoTkkRbW3CB~E-mNxdc3A~~V*m6)pQ&&7u);)LP+LZ^bw zsly}@8^|qyL$~^>+m&xYab}bsa5qrs`AyRJ%T74pYZ)(O5pGBDf~(mCj?MfaJ;gYk zu2?R8hoLg zxABD+IU%1Tu?atW`Rz}Ms%Y1ybG@W#BOrX9Qe=tp@&kg}Km`Q(jb(=_C6h1u;W*)e zu$5i^s1MBeifT`P6;x5FzMHRVZ`7wV8VBr2#}}|vI~k*&3Bnb&@{ZP+P*QDDVm>kkX+YH#a*7)^j zG)>!aR3q85%=qZ5+~C@Cb?ytk*HvX4_f_Pg=sR4GCIj_4ef2kJg11LV55?N=PQEP2 zUD?7Ep7(0T$9eYb*be9Kr!)PKK*!4GJ4a)Br0@J-S5# zK~4I+X+_Nv3O0J65dl!ZO5hS!~mTT74z*5L}F+Ra~8;N#lNM z_}xkX9JlSr3zUJdGTSZ1g!;*FLc14Zbit9=_KW76OEIJlhrOv#bkn{(sWnvdeLb4q zY(SNF7LGRgVbWI`J<5?K=-2rboR;x6C#TbT+!w*xj33*&w=BN$YP&lvi<}8tx_QkPwvNU^``YUqhdC(V`JOl(;II4f1*O=H zDmZZnZw~IEu``i#2 z2pzR7>Y(+cC6mgKDv!TS!mTo{-PX^d7%vU8)zK65-`K|IU~{R1t+uHb4?tC;`*tvlBzLnM`ce6t%U8ki0NU0rG4m%d)LXI z;j`w^oZahA1Y-F7(HqF`rbhY`nmNvg6#_;80>b^1sWEcU{|7TOt)g$cPK5NDqr2mt zu_#%-V6#Ob@=B}_6y_~s#-!%A;G+2c3&9GtP9meJqNxmk+V*gcaQ?mDSfYLAZKk0L zkR&hgRHT%~~!99nC$9BkUAL;7lgKbKks2x74gq%Ee3uR1`|%PIC~fb)EbxlabE z4!1FbzKL2-iWJUTwtuNA(ImPYh?+Sybrwp?tJX4^MHFo-V^++<^R|8V2>y zNt2g}vi5p&_%avDM31WKC=o?~Hj+-lLpsyCTGbgv`|z}1Gtp$F3_X^KIXv+0JmMkn z-UOr6&Hq&fQczq~x16Q}w?g(SP6KJK@jX>~+k|c1gv#r_(BQr$`~XrUS%w4X(gt{> ziu-|wxAmSiM@xuWvJo%99$$RV)~IjIku&kb+_0D&f<#zXX_6|tIWtk!WX4yEoNUT} zle^?{F>j-YHt@9Qv%&nf_QppPX2rkF3~;7Lv#MV}W0N)*l&@ymoDk!qb#pxMt;--g znXcwJxW=ZrhQnP%&L{s~eRi6kHF^R}hC~GU*`6>S1PrayWv|~pYA{AI4M?8_m(=6# z$nRS%`=)^UV7rtdh^xkev+0Vg)H3O73?fCf#6$O4+klotu1Y0||6w~Te!huVRFmiED+Hx7m|u>88K?$Vzc`_gcs$6hmRqqIDSte_ zx~%=M-yzlIXyzwpL$h#iU`az6^)qP7qGUN%W+z+@PeIzMXk2AKZ4Gl0aGUC^*|s-( zbDsF!d`tQiLqs@o&bIYOo=fzKQ_?h7U^Ho^%WL=ao?jN}_hL7?5_iNE;aa6r%I$`p zw3p>|xk~qgmNL5ZU-LJ5J~ct_w-jG_Oa3fRSj#fP!5Fp4j(bo(SDr%x(Uz z2XYr+2gik_^@TS*9uZcI7C*9>XDL|)ks(F_crT#2A6^i2VynfGdDE2#4;<8 zZbNM_nl#3D6X(vUJXYDkn=5}0;V}baTyH{$Sgl81!LNz-5m@;@+$KESH#D5nn^+MN z8x{^t7Yz#3cpVd$Co0*5?hE)h^X5I0Gpj!xz3uKP-nr32ju=tRr{7%C=59-xxv=I6 z`8Jdg)LyiaMKTMs#2Mq!mToxoOA+?X-2p88Cr8xc1d4BHrAYi`m_eiJHFEicTh)+2t-&DmZNAm;KW*e3osPhXmumT~)h{>BDh%%&cO5?Gps?p+_5n12x)aElL zWXvE|haJ9nzTfvB&$V7l$cMQHh5w(-y}tE7nEOqYY1s`%q@Eiz6%Sx@4t@c;3NW5) zBq;UoZetyvU5vPYEkw9pL}gngkarf_m3Pb&Fy}n|d~a-~3%WmDhBhn!Lv?Ha8Eh@B z*SSTf37r~<3=6Ln5#b#hz;kDN3c@6btVh?<<O253}+1k zNwve1W8(!B%AOIh?&{<^$!iFeI=44DE@5n3=x@A45ozwW-Ud=2rM$GQva9u6>fX$W z$%hMBLz4T+PDfoxGWBWsMQVhXDO%yN56=vVKn;l;eEFL}0TeaJqPqi3)Z#k(mgfB+ zjbp}iBethFwRl~E&YDLza!u0ddROYE5&APbV3V@3wVZNy1HeC}e zBw0N#qqis))-SKs2wbz#+6_dt9%^EZi&VSi7u{I1g&dF(rro3B+=;y*DCvraPv31U z7x)3A8Q;Sc2Mb;VLzPm43f>5SS$VLg6&G)Wa^mVSWDX0Qas-E~1rZZN6~DSscCiiY zs1)s(ojs2QL+JLIpM=QME{hR8YIwwV|x*z(5fG5 zw_i0R5J3hHr-Do9ZSUzRKpqHYkN&3AfF$fMB%v8>6tuY+EU|ZnbDWM*Gc;6>+sA~2 zrJ7{XSR1dJnV56+B>}a~XTLv5-(Av0M>$%yI~kUsh0X2FNE@e##Ran+1NvB*vh%5g zr2w{%E-^=}#51fs7B{+JlsMca(JM)^aK1~+H%`8E#p=_=hm%+ok(M5O($<}|TL#}31W9GK2Fgs#B7;5iRGrNh^zv}UuTea^Xn!le=G z(~I}+$+xj7xO1&8TLzn&f~tOGyjuPSyq;!pN?@lURsmiHG2FFeCw8=5mOtd6*81i)|DfC1N(!-SjBq{&s&4I>U<=4?s2%3wW^1}D1i&Kg z-;&PfOB?{~A&(c4>jQHs_2%B@xW4zM+_~ASZLClvO!p$Vl-rCzb}dCvz!*gHRs3s5 z5~u8Y5G-@Ol7bV${O5667LKC46S3FoefU^sbM8c}W%vQhixP{A$SK#r}S|y+h>q0y4v`#aLq{#X`?nx(>#Yw_M5J- z2uB}6t18skhsVmu43v)IXb$5~c8PlEt8xRl)Z1&+JYQ$owCN5v31K=QOh&lFpoC&~ z&>t|Z??%c4=C$j}^q@CptWOwZ`7?(A$F10|M<=ZeTI8J7I)IBbOZL~>jh@nq_zC@U zK<>G`H6U=a%uB_%^D{1M&i&2+~v&A`32>@2t-^msQq`}9tY|z zwu5QZeDmFUgA*;q>P+dflO`H2Xp`18LyW&^KrNeU0~)ew_TAa)7KRNvjuwA_+rhzK zTwR64zl%J(&W1c;jU03Qz7s>`lNjh=KdKq5KtRNQ+KDdu4(9p>R{t2_Y-(6LuCt@O z<>=Nc+mN`67SJ6OOPE~uo3D*H+K-y@9f zBr!FR(xSbG|8+{=WE8Hq;3vdj?6?#-iwNXZ(~0@BEt7d3kkemDt*-lHO) zx1hm2Q%jX#(G@2@%VS;VMOJ$gKsw;>+Sm*U`b0)oc6pFQxi=V*>P~xDBX&_^gEEDr zOY=*-1O|B5GpS?m%hu9k#~!v;8V#Xjswq+jrpTKoT(!_1{IC?U{Vwej(7LL`{c035 z0Io&-h)u3u-y8reiG59`HW<`G?kj;x?a>@{3H>PzPT&ent$#SXR!h#Lj3LLbkZ$df zwu?_&c4qr@3s+f^t;H(4?$`SBE|}~K(xCPQLA_o!Ol`aUIx9PH0d3ZG5&1w{_d7#I z0!Y~z7o_A7m8!Z|=H(W%|6EC7EsoZ{Kk?|!6KU8)hiPuiQN}^v0b!_zF1bnQ z$XtZzC8hcp;UFAi@+1K2NJcgUM~3yrZ*^lJX^9AMS>TchU%rlbw%rsHl2VnFo!1sg>RW>E@8MT+wh83_+O;0lozp9C1dSTVfw8RR59a?2YBJhr} zk08k|QHmwY8VC|oYR&Uirl$;)r|78RhjsrkvEW#Jj96+*?@)|0>Yo)dC$hUSeb|v? zwyb?%!fkAkx+LfZn8#N!^mp`p--@*hjL?1iyZBIowMD-J4cb4KR>!CrxX6CC`_%>#NE*9;^tsZS1P22UI zBqLbUau6e3R9TXnu7h12x<`2)W>seSMx68THo8Dj;od%^6oDR9EfWW?akHk!MiE+( z;dbW*GTX?(2jLN2wW1)i{~exz3%VrW+h;8cOVh!zLyT?Zr%7`kC-{>?)Abv)b za^eY2n{K$Z&qRAKDBN&1hNP3aaYNvoXu*-YsV1MSRs8_mjd?xRf)2u4SFXtVqaHa(nsU51UM3ru3xY0 zn$*BTcoL~*hv9zQT6ztK@o8MSTsp2baw+=UFLQQ|kQ#L*Mos@dk-L~F4L`)%o{?$& zkpEQKIXZvwto$=xJvdNOY7U#;ySS2a$B>nD36#K;)9gJ`P3Dd@J4 zbBwG@P4VrA1g(8LD5Vqy$U>RrPqT^CuY9RA*_3$0hnCB?&EnpWKJnDN%MtovlV!Oo zrd3T+ysUGh{w27XH3I$H*)>_1RNw3kxg6}IFx*7SL=Rl;p8C?_*(axEAQcSH=*9Xb z2P!S>R@cqKfaKM@)EHTzF0WjuN@yY~XftfbR;AjiGHldV&h~oDzLdlFF20#nm73yT zwL#Pe)ureJ=y73IfG@5jncCB$M)r(DZq6KJ?N zOZcmC?8RH$cWx2N>N>Mgn7UiZy_y!6z{%9f^O~0AM}yNCq(LmU`EPV~)@5HPPS4YB z9ThiidrIkz`cDJXJEu;|dA%ZM=o9Lpz}SsF2q@4Btza-W60ztkc?`ZD6fhU8v8}&L zjjhtec~}Qxpen0|%Xz{JP_#{%hF`or3b#*|ru=ZuXoN86j=kz>lh%e)##75R9D?Bf z$3%v@PAz3S`Y{gh!56Bd2V!Ee zxf)Ka$h1{io4G%Y@UY~cf8a$jHz}~R}xYAMp<%dP^&WTahLqAMBu??Q#+2E zW;Uzc)`e>8z0RFNv!a*Oh2=vmdA-_b>IUAk=V#I~Z&x+Gn$y2VxoPMOt1IWZx8w+o zlU6z%3vh?{*hgu_Iv)JrqzC!F1W}q%WRUX&jE?g4LVOubfz51`VXsUDf0lGAsNJyE zg40-P_+k&&}-|CFQay1XIROCVlWosr=Dm%8nm#Ov3Zmx!<%~b=Y3)zd>33%@hP_A?y)|X?uCi^#P*C~XXC~CX29PHJzEQLsxj9o z*V1s($!5Ab&JDVivj2{F`AOvI8&KWV>q@7eUgU7L-&d2Jbx=z}{wDfkxQK5{x(HbB zkiW;_TLh@lgCE%-A2kpV{-5G-M_U_xhkr;3&op#x_t@clFG`WR*6D!fZ##f-<%u}p zRw!2{2_pFAt;y#sCPRLZouNOSlkWQ_(2csR;kRhs*zstRi2%rai_Sj7t5=Orq7z$9 z8WT8HAKi-&Ix#plkU*BCXf=eUDP~KSjMe^33B8Z;>HwkcdpDeU10 zFU)Z|sbilE#_zl>8L33FbatJ(KMRcKGUb2}qx9vc^k8@+9TLXTLLybGvW|7qHgiO7 zxe+wwxvj{XWN;SvvVgVIP~&HBSt2QT&?VX#_a?>?Fv~BRb&D$ktu&ja*8ah0sSq+- ze0hb!!X3TJxtg#P@XJIy0)F}dmJ!@P4v92DJcvw>{fF&kfTXb(aD<;-s-3INqXG`#0Pz-A#V30av-yIN+f?RcXov#ajj@w>6kzggs0oUx z1hBR_gDBICdQLH7CYY64XZEQ)jGWF(tHopi6;tR#SjPHc{#m85TE`gi-?*R0a(5sg z9PPCwN7idL)E1<}K_`NSjmJB!4$U+AF+7&TEXIyR`Ke54x0FkT*^nZ&@Y>WX_jkZY zsKq(+#p+#1l#k|%UQePGIbLxU=vP*mDI+7$ z0-J@$Vr-PLI?+ll*DCmRZq=193vrNg(>`0L<~9CGgD-16^5bx?XdEk-Lzc?p+5~+B zh9;BUhiYs4v{yl|v|U_kOy-2qSm2euKQA(rhYk7=;sxP^fv~NNEe(_t0^Pum-7Z?< z{nBP2eyp)W4Ohx$<{E1ZwRy@R&BRz`EWqJ%Y&bxA(Q55i&;D(x%dsp4nn+6kAJ{3s zg@tw}VR*J3s{T7YzDDZ$^#W1r*+7Xq@Z)@Qgq#0o@IKJb#pMD$o{hzsq;{5@Bj3cm zt&PrHyb9x7m=_0fx8AWJHYSl=u^enei5{4zvSB(f3(te=etB%*Lw3QVLm;bZeSbd0b$0jqjgez>#FVa@yGwYv|Qv zkHQkQ3B+|E(RnrcvYjt8DxjrGcAR0Gf=4gnCWgDbUY3+^A}mVFz%C9d)uw78LCWT9 zWV@5i)v2vNs-Id<2-7Ak@vI_qMz+=wUX`RPwnz>%`U99~*EnQYx%>Buer|u!Rn)bO zt+nEdNW0)=J+b8|xy5eQI%RJe)l)d_LSx>QGu4O<=NWB#`o0BG)gcGp8SU3AcVsR9 z;vHyOYM(t=meRk4=H5ZPaO}kB!#eaHD!&})n&>|R+Ph%i3hR=Zuf^8|-Oi>NYMyXf zOhpn;00tUbA~$WG{%H*#L<5;AA8%L}x!fmgFj-AYc^;3l})+0Y1(S+9Qk znUbHw(8;GkTi&Pa>aq8bc)OuG7lnEkvZ$KX*IzxaUpbts?l7+#!+(??*m4rMbfkIW zp6fC(#h{(S#b5B>At-I($b0WUHGn7FaNyBHGIy|W-6Lcvg5S;L(HVvgKOW3q8NBr? zIG5?L+iL{1#bw@RN_M}op0t_Fb*@Dn+27Dj+?z$PsA}@EWHCHugCiq5$w6XhGGuXa z3$S3WbpN;u#nj^lH@aJ`%fUbe6I@@xz@)Ana?fXL>wc6c`R>T`DFS7Kp0A`VWpWlP ziXo=v7|v1{*K9cJBq2{-!8U+m7VECs z8D|&UrOzxuYCrex>h4Qc2kz&-Oq}~0kLZ$q{ z*J*lTbk+PQP`Q1aM1S&(b`G{K=0?W<*E#O~XX*}Hqy&r~BNEt!yT~4&*Cdj(7)SowOB%Y?%^abk0EJ36=2J> zIN#saNm_K9i2TGS`@$JSNs`oWY|o8FDafE@mZeyOmCQWtDgZMxs|RKg7fRKlHpdH@ zy^t+fGo_airGt_KKkwmsZRq_qIKu~<-Q|gEGXQhwoIiUxKzJK1v0>X#LQCEq=s1Av zvx#lR*pJZ>eYoQU8$8_bPb0e#@hf6;0)f2BNL$50vGJKy1M|J7ODp- zOHIif+zOH`GBVg(*EAYF*5BdqDp)r_HPUHfV}Lg368>7#6meSMomgv6?J_@1Sjp~ z(=eU_JePMA@BlIdTK^WYvf#ti$m|q>1IkypDSK`fo3O7S=qTmzB5xMkxsb;^rx}I= z{RU@}xQnZu-)S==!*wryIv60foR5P#$j&vqBmS<1JEwDR>>q6w6L26P>OX1We|7Lb zYTJ(gx{Kfcmoj!Ad;+_e2MJHqVb|mDBwRrlj1eFnLpd|6Czne~Fcx|DF2bjD*{+$S z#vuGSsF!pqafT-ap%lm5EP#!V0+rC))IbZ|(AW&GC&Q~^0Ka||xS`-)iQp-X&9RrO z%z035iX0L12LfS zDgi9msPll=cK#VE5qTUK1mI5LKE}6C$Z{nRN76?HviQ-}S3(E&JkpZ!#7uT}Tju!8 z;6>eF`?&XO`7}qvJCB_mmIV51WQy`-Ir_rZ_6piibbxICh@vl1btTBJ@@i<++*saI zrh6TSpvm~_PkwwOvI*ynV#1%DZ++?TaUXjEPZ6oQNq@llLRtDSn8RD><7ZYVcbyFH zZw8%@vjv2WmLlA8S#D>RkS_wvr$t42A#*O%y;5OTzXG*p9(YCdWjS1*GwicWbj&xd zfyb6|n-w#MZ01f`hqTFvShJC9Ijrj;8bu0kjPqm}RqoovF~m=-n;{ZONlBYZ&k)M8 z*%9yX3qo;3vXJWW11t`*1e=mUnGZk9rfba-KTvv<21tL4LJcf!esU$bJ8ZHpCzjlA z6%bMW3Ly^aWNguuCNU|tX66btX5q%*kl_&Eg@;pDjd(SGiZ+=K3{lg7V50AB2Baah zYi&M0rn$|=>L-TU3!W>KJ?gj|eVq?(D(@mU)l&EcR}Eyd=)8x1baeB00l3%07x?#$ ziEMCK`1G+U+mL~P2>!G&0U`pzG9vWWM*kCMbXv{YcAXvRtwz`05rz!Hs@;4(k1-C> zW|JK>r7E&fkDqBQNmyNrT!Ear(`N3yhZ~S!+-b8=fOS7CG1j@~INQx7#+cn5K+V9? zKI5+M=d0(QZhvvcV59wbC}zr;*#J?c#6R*Kkhl$EEeRb6)OJ$7}5d_ESg}3y*8SF3&f74A)mt0 zsh1BgL%f3c1+!IG0Objk2%clCW$88zr(54l(C6fEb{Zt@m?kVrJN~ViHYi>aEs}R) zL-x4UCfEluF~Hc8lw=c9WoYL3Cx>OOay?_7aWP4a_bfM;V5EIA6G%kN6}|W^vuo-% zm`UdLd3p01RxEX?0NT&u!3i+F6d&;ui3A!Gmv_x*j_dItyl($%CgyikLX!r)2~a=% z!GUjthuB&&mwP`XX#r`p>0@eC%m#WitP3HZ+V zeNJ5Vb(Xfx;eMc|y;IJL1c_s4QpjZ`u8?bfSPYfmpwceXoC`?w%$FW!ZZlD!iE~yk z8-(dPzTjF_4oX}l?A2$UcdVAo74%h7MFqD|xfUlQaX9j0?CNA6=xDDj&hq)e!^_x{Z?h51j0`4>f^ybNg?V{MgTPUt@-U)MwJ7&0!}Q|ETk>56-dLq zJ*FAa3!EOX*GE*T87xds=Y^JnUvXCX0sbQF;MVAhA}m@BXsqlwPCrC1x&N76o&KQOu@xP>sKL04gXwd<5H&1e9nF7N@h@olZ&ag z!EFvr&2^ik_7j`z%8He8v#L%!R7gmy8tfH2z-$vfh$&|Pfx(>aJ;LJiexY2=4Btc6 z_LWV#j?b~afpz7>$XCzX@|iS!M~)`fTu)G<=x6q_n{tltW~`pRxFm8hamCetBvAx{NM(*=oP7{FOQ)ul{wAFLw)W5^|!SL$vo~hicysw$}nKR9egYZ5(vx5?0R2c+QT@|x~8AoTarr7)c zlW$Cub@zCGBuJD0QG!X~v6nV011q zfkwQYek|#!6f(VUXNkfa$@?M7z=E-8K_QcZD4<*V`JR#AoJy7|AQ~@GLS*ng{XEI@ z>4sAX!m@@?@5APXncPyIl+x&bUPznbEO=2qm7#iaD2FHeJbb=jc(qee_x>2J00tod z{nNAt*2nVxI*@?Q1pd1IVRi%jf6s3Gx4DhKME_}W<9~|={t#N^FZUAX{5zQ6tNDM2Nx}OA%>Q58|7VE* zUKaT~L>=iLAbu;7e4zYQB>4v&`Mr+ucNAl?KcM_SRgHgM&0j-Vzh`QH$2p<=1I~ZW z+x{Kg@A3EF;eu%X0Qa|O{NG{xZj%3wvBdZXjNc6OpHRR*x9249 E3*O?~3jhEB literal 0 HcmV?d00001 diff --git a/examples/azure/poc/dsf_deployment/main.tf b/examples/azure/poc/dsf_deployment/main.tf index 5e2acd163..94e7d5bd5 100644 --- a/examples/azure/poc/dsf_deployment/main.tf +++ b/examples/azure/poc/dsf_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag } resource "azurerm_resource_group" "rg" { diff --git a/examples/azure/poc/dsf_deployment/networking.tf b/examples/azure/poc/dsf_deployment/networking.tf index 894454841..c91e60573 100644 --- a/examples/azure/poc/dsf_deployment/networking.tf +++ b/examples/azure/poc/dsf_deployment/networking.tf @@ -18,7 +18,7 @@ locals { module "network" { count = 1 source = "Azure/network/azurerm" - version = "5.3.0" + version = "5.3.0" vnet_name = "${local.deployment_name_salted}-${module.globals.current_user_name}" resource_group_name = local.resource_group.name address_spaces = [var.vnet_ip_range] diff --git a/examples/azure/poc/dsf_deployment/outputs.tf b/examples/azure/poc/dsf_deployment/outputs.tf index d760e409d..e99d7a42e 100644 --- a/examples/azure/poc/dsf_deployment/outputs.tf +++ b/examples/azure/poc/dsf_deployment/outputs.tf @@ -13,8 +13,8 @@ output "dsf_private_ssh_key_file_path" { output "generated_network" { value = try({ - vnet = module.network[0].vnet_id - subnets = module.network[0].vnet_subnets + vnet = module.network[0].vnet_id + subnets = module.network[0].vnet_subnets address_space = module.network[0].vnet_address_space }, null) } diff --git a/examples/azure/poc/dsf_deployment/sonar.tf b/examples/azure/poc/dsf_deployment/sonar.tf index c1133a8c4..3f6f67ca9 100644 --- a/examples/azure/poc/dsf_deployment/sonar.tf +++ b/examples/azure/poc/dsf_deployment/sonar.tf @@ -1,7 +1,7 @@ locals { agentless_gw_count = var.enable_sonar ? var.agentless_gw_count : 0 - hub_public_ip = var.enable_sonar ? (length(module.hub_main[0].public_ip) > 0 ? format("%s/32", module.hub_main[0].public_ip) : null) : null + hub_public_ip = var.enable_sonar ? (length(module.hub_main[0].public_ip) > 0 ? format("%s/32", module.hub_main[0].public_ip) : null) : null hub_dr_public_ip = var.enable_sonar && var.hub_hadr ? (length(module.hub_dr[0].public_ip) > 0 ? format("%s/32", module.hub_dr[0].public_ip) : null) : null # WA since the following doesn't work: hub_cidr_list = concat(module.network[0].vnet_address_space, compact([local.hub_public_ip, local.hub_dr_public_ip])) hub_cidr_list = var.enable_sonar ? (var.hub_hadr ? concat(module.network[0].vnet_address_space, [local.hub_public_ip, local.hub_dr_public_ip]) : concat(module.network[0].vnet_address_space, [local.hub_public_ip])) : module.network[0].vnet_address_space @@ -9,7 +9,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub"]) @@ -46,7 +46,7 @@ module "hub_main" { archiver_username = module.dra_analytics[0].archiver_user archiver_password = module.dra_analytics[0].archiver_password } : null - tags = local.tags + tags = local.tags depends_on = [ module.network @@ -55,7 +55,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -90,7 +90,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = var.sonar_version @@ -108,7 +108,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index]) @@ -141,7 +141,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -177,7 +177,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag count = length(module.agentless_gw_dr) sonar_version = var.sonar_version @@ -221,7 +221,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.5" # latest release tag + version = "1.7.6" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/azure/poc/dsf_deployment/variables.tf b/examples/azure/poc/dsf_deployment/variables.tf index a6d9d0034..40d3abe1d 100644 --- a/examples/azure/poc/dsf_deployment/variables.tf +++ b/examples/azure/poc/dsf_deployment/variables.tf @@ -155,7 +155,7 @@ variable "dam_agent_installation_location" { az_blob = string }) description = "Storage account and container location of the DSF DAM agent installation software. az_blob is the full path to the installation file within the storage account container" - default = null + default = null } variable "simulation_db_types_for_agent" { @@ -288,8 +288,8 @@ variable "dra_admin_storage_details" { }) description = "DRA Admin compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.11-data-risk-analytics-installation-guide/page/69846.htm" default = { - disk_size = 260 - volume_caching = "ReadWrite" + disk_size = 260 + volume_caching = "ReadWrite" storage_account_type = "Standard_LRS" } } @@ -299,7 +299,7 @@ variable "dra_admin_image_details" { resource_group_name = string image_id = string }) - default = null + default = null description = "Image attributes for the Admin Server" validation { condition = var.dra_admin_image_details == null || try(var.dra_admin_image_details.resource_group_name != null && var.dra_admin_image_details.image_id != null, false) @@ -335,8 +335,8 @@ variable "dra_analytics_storage_details" { }) description = "DRA Analytics compute instance volume attributes. More info in sizing doc - https://docs.imperva.com/bundle/v4.11-data-risk-analytics-installation-guide/page/69846.htm" default = { - disk_size = 1010 - volume_caching = "ReadWrite" + disk_size = 1010 + volume_caching = "ReadWrite" storage_account_type = "Standard_LRS" } } @@ -346,7 +346,7 @@ variable "dra_analytics_image_details" { resource_group_name = string image_id = string }) - default = null + default = null description = "Image attributes for the Analytics Server" validation { condition = var.dra_analytics_image_details == null || try(var.dra_analytics_image_details.resource_group_name != null && var.dra_analytics_image_details.image_id != null, false) diff --git a/modules/aws/agent-gw/README.md b/modules/aws/agent-gw/README.md index dda1a5e82..f15acba01 100644 --- a/modules/aws/agent-gw/README.md +++ b/modules/aws/agent-gw/README.md @@ -83,4 +83,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/aws/agentless-gw/README.md b/modules/aws/agentless-gw/README.md index 6708505a6..b4a790115 100644 --- a/modules/aws/agentless-gw/README.md +++ b/modules/aws/agentless-gw/README.md @@ -194,4 +194,4 @@ module "dsf_agentless_gw" { For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.13-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). diff --git a/modules/aws/db-with-agent/README.md b/modules/aws/db-with-agent/README.md index 6176acc74..ce70f2666 100644 --- a/modules/aws/db-with-agent/README.md +++ b/modules/aws/db-with-agent/README.md @@ -69,4 +69,4 @@ module "db_with_agent" { ## Additional Information For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/aws/dra-admin/README.md b/modules/aws/dra-admin/README.md index bd5759af2..33544f94f 100644 --- a/modules/aws/dra-admin/README.md +++ b/modules/aws/dra-admin/README.md @@ -72,4 +72,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/aws/dra-analytics/README.md b/modules/aws/dra-analytics/README.md index 26a6b9b1c..92546912c 100644 --- a/modules/aws/dra-analytics/README.md +++ b/modules/aws/dra-analytics/README.md @@ -78,4 +78,4 @@ module "dsf_dra_analytics" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/aws/hub/README.md b/modules/aws/hub/README.md index 953451a70..c6078a109 100644 --- a/modules/aws/hub/README.md +++ b/modules/aws/hub/README.md @@ -147,4 +147,4 @@ module "dsf_hub" { For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.13-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). diff --git a/modules/aws/mx/README.md b/modules/aws/mx/README.md index 2f9b81dd9..4114590a0 100644 --- a/modules/aws/mx/README.md +++ b/modules/aws/mx/README.md @@ -83,4 +83,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/aws/rds-mssql-db/README.md b/modules/aws/rds-mssql-db/README.md index 5a88bf032..bb49c731d 100644 --- a/modules/aws/rds-mssql-db/README.md +++ b/modules/aws/rds-mssql-db/README.md @@ -80,4 +80,4 @@ module "dsf_rds_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/agent-gw/README.md b/modules/azurerm/agent-gw/README.md index e97205d9e..1abfe8a6b 100644 --- a/modules/azurerm/agent-gw/README.md +++ b/modules/azurerm/agent-gw/README.md @@ -84,4 +84,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/agentless-gw/README.md b/modules/azurerm/agentless-gw/README.md index e6caaef33..f003f4ec4 100644 --- a/modules/azurerm/agentless-gw/README.md +++ b/modules/azurerm/agentless-gw/README.md @@ -100,4 +100,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/db-with-agent/README.md b/modules/azurerm/db-with-agent/README.md index 6a7eb8d35..5fe941de5 100644 --- a/modules/azurerm/db-with-agent/README.md +++ b/modules/azurerm/db-with-agent/README.md @@ -81,4 +81,4 @@ module "db_with_agent" { ## Additional Information For more information about the DAM Agent and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). diff --git a/modules/azurerm/dra-admin/README.md b/modules/azurerm/dra-admin/README.md index de6983c10..04fe0ba8d 100644 --- a/modules/azurerm/dra-admin/README.md +++ b/modules/azurerm/dra-admin/README.md @@ -83,4 +83,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.3). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/dra-admin/image.tf b/modules/azurerm/dra-admin/image.tf index 9b77b4c87..8d7357849 100644 --- a/modules/azurerm/dra-admin/image.tf +++ b/modules/azurerm/dra-admin/image.tf @@ -4,23 +4,23 @@ locals { vm_user = var.vm_user != null ? var.vm_user : local.vm_default_user create_image_from_vhd = var.image_vhd_details.vhd != null ? true : false - use_existing_image = var.image_vhd_details.image != null ? true : false + use_existing_image = var.image_vhd_details.image != null ? true : false image_id = (local.use_existing_image ? "${data.azurerm_subscription.subscription.id}/resourceGroups/${var.image_vhd_details.image.resource_group_name}/providers/Microsoft.Compute/images/${var.image_vhd_details.image.image_id}" : - "${azurerm_image.created_image[0].id}") + "${azurerm_image.created_image[0].id}") } resource "azurerm_image" "created_image" { - count = local.create_image_from_vhd ? 1 : 0 + count = local.create_image_from_vhd ? 1 : 0 name = join("-", [var.name, "image"]) location = var.resource_group.location resource_group_name = var.resource_group.name os_disk { - os_type = "Linux" - caching = "ReadWrite" + os_type = "Linux" + caching = "ReadWrite" os_state = "Generalized" blob_uri = "https://${var.image_vhd_details.vhd.storage_account_name}.blob.core.windows.net/${var.image_vhd_details.vhd.container_name}/${var.image_vhd_details.vhd.path_to_vhd}" } diff --git a/modules/azurerm/dra-admin/main.tf b/modules/azurerm/dra-admin/main.tf index 15e10ec2b..a397f7f7a 100644 --- a/modules/azurerm/dra-admin/main.tf +++ b/modules/azurerm/dra-admin/main.tf @@ -10,9 +10,9 @@ locals { admin_ssh_password_secret_name = azurerm_key_vault_secret.ssh_password.name }) -# readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { -# admin_server_public_ip = try(local.public_ip, local.private_ip) -# }) + # readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { + # admin_server_public_ip = try(local.public_ip, local.private_ip) + # }) } resource "azurerm_network_interface" "nic" { @@ -45,11 +45,11 @@ resource "azurerm_public_ip" "vm_public_ip" { } resource "azurerm_linux_virtual_machine" "vm" { - name = var.name - resource_group_name = var.resource_group.name - location = var.resource_group.location - size = var.instance_size - admin_username = local.vm_user + name = var.name + resource_group_name = var.resource_group.name + location = var.resource_group.location + size = var.instance_size + admin_username = local.vm_user network_interface_ids = [ azurerm_network_interface.nic.id diff --git a/modules/azurerm/dra-admin/sg.tf b/modules/azurerm/dra-admin/sg.tf index 0c9ec374d..88667cf1f 100644 --- a/modules/azurerm/dra-admin/sg.tf +++ b/modules/azurerm/dra-admin/sg.tf @@ -58,16 +58,16 @@ resource "azurerm_network_security_group" "dsf_base_sg" { cidr = v, min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) - } } : v.cidr if !anytrue([for i in { for v in security_rule.value.cidrs : v => { - cidr = v, - min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) - max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) + } } : v.cidr if !anytrue([for i in { for v in security_rule.value.cidrs : v => { + cidr = v, + min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) + max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) } } : v.max_ip_int <= i.max_ip_int && v.min_ip_int >= i.min_ip_int if v.cidr != i.cidr])] destination_address_prefix = "*" # The below setup is a workaround for "Provider produced inconsistent final plan" error - description = "" + description = "" destination_port_range = "" - source_address_prefix = "" + source_address_prefix = "" } } tags = var.tags diff --git a/modules/azurerm/dra-admin/variables.tf b/modules/azurerm/dra-admin/variables.tf index 0d13bcb69..62b30fc26 100644 --- a/modules/azurerm/dra-admin/variables.tf +++ b/modules/azurerm/dra-admin/variables.tf @@ -34,9 +34,9 @@ variable "instance_size" { } variable "ssh_public_key" { - type = string + type = string description = "SSH public key to access machine" - nullable = false + nullable = false } variable "image_vhd_details" { @@ -52,7 +52,7 @@ variable "image_vhd_details" { })) }) description = "Image or VHD details for the Admin Server" - default = null + default = null validation { condition = try((var.image_vhd_details.image != null && var.image_vhd_details.vhd == null || (var.image_vhd_details.image == null && var.image_vhd_details.vhd != null)), false) @@ -62,10 +62,10 @@ variable "image_vhd_details" { condition = var.image_vhd_details.image == null || try(var.image_vhd_details.image.resource_group_name != null && var.image_vhd_details.image.image_id != null, false) error_message = "Image value must either be null or specified for all" } - validation { - condition = var.image_vhd_details.vhd == null || try(var.image_vhd_details.vhd.path_to_vhd != null && var.image_vhd_details.vhd.storage_account_name != null && var.image_vhd_details.vhd.container_name != null, false) - error_message = "VHD value must either be null or specified for all" - } + validation { + condition = var.image_vhd_details.vhd == null || try(var.image_vhd_details.vhd.path_to_vhd != null && var.image_vhd_details.vhd.storage_account_name != null && var.image_vhd_details.vhd.container_name != null, false) + error_message = "VHD value must either be null or specified for all" + } } variable "vm_user" { @@ -222,8 +222,8 @@ variable "storage_details" { }) description = "Compute instance volume attributes for the Admin Server" default = { - disk_size = 260 - volume_caching = "ReadWrite" + disk_size = 260 + volume_caching = "ReadWrite" storage_account_type = "Standard_LRS" } } diff --git a/modules/azurerm/dra-analytics/README.md b/modules/azurerm/dra-analytics/README.md index 546461145..2b23be675 100644 --- a/modules/azurerm/dra-analytics/README.md +++ b/modules/azurerm/dra-analytics/README.md @@ -91,4 +91,4 @@ module "dsf_dra_analytics" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.3). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/image.tf b/modules/azurerm/dra-analytics/image.tf index 9b77b4c87..8d7357849 100644 --- a/modules/azurerm/dra-analytics/image.tf +++ b/modules/azurerm/dra-analytics/image.tf @@ -4,23 +4,23 @@ locals { vm_user = var.vm_user != null ? var.vm_user : local.vm_default_user create_image_from_vhd = var.image_vhd_details.vhd != null ? true : false - use_existing_image = var.image_vhd_details.image != null ? true : false + use_existing_image = var.image_vhd_details.image != null ? true : false image_id = (local.use_existing_image ? "${data.azurerm_subscription.subscription.id}/resourceGroups/${var.image_vhd_details.image.resource_group_name}/providers/Microsoft.Compute/images/${var.image_vhd_details.image.image_id}" : - "${azurerm_image.created_image[0].id}") + "${azurerm_image.created_image[0].id}") } resource "azurerm_image" "created_image" { - count = local.create_image_from_vhd ? 1 : 0 + count = local.create_image_from_vhd ? 1 : 0 name = join("-", [var.name, "image"]) location = var.resource_group.location resource_group_name = var.resource_group.name os_disk { - os_type = "Linux" - caching = "ReadWrite" + os_type = "Linux" + caching = "ReadWrite" os_state = "Generalized" blob_uri = "https://${var.image_vhd_details.vhd.storage_account_name}.blob.core.windows.net/${var.image_vhd_details.vhd.container_name}/${var.image_vhd_details.vhd.path_to_vhd}" } diff --git a/modules/azurerm/dra-analytics/main.tf b/modules/azurerm/dra-analytics/main.tf index 8cedaf8df..5a74a8241 100644 --- a/modules/azurerm/dra-analytics/main.tf +++ b/modules/azurerm/dra-analytics/main.tf @@ -40,11 +40,11 @@ resource "azurerm_network_interface_security_group_association" "nic_sg_associat } resource "azurerm_linux_virtual_machine" "vm" { - name = var.name - resource_group_name = var.resource_group.name - location = var.resource_group.location - size = var.instance_size - admin_username = local.vm_user + name = var.name + resource_group_name = var.resource_group.name + location = var.resource_group.location + size = var.instance_size + admin_username = local.vm_user network_interface_ids = [ azurerm_network_interface.nic.id diff --git a/modules/azurerm/dra-analytics/sg.tf b/modules/azurerm/dra-analytics/sg.tf index 6635f8547..d8b228b10 100644 --- a/modules/azurerm/dra-analytics/sg.tf +++ b/modules/azurerm/dra-analytics/sg.tf @@ -58,16 +58,16 @@ resource "azurerm_network_security_group" "dsf_base_sg" { cidr = v, min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) - } } : v.cidr if !anytrue([for i in { for v in security_rule.value.cidrs : v => { - cidr = v, - min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) - max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) + } } : v.cidr if !anytrue([for i in { for v in security_rule.value.cidrs : v => { + cidr = v, + min_ip_int = (tonumber(split(".", cidrhost(v, 0))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, 0))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, 0))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, 0))[3]) + max_ip_int = (tonumber(split(".", cidrhost(v, -1))[0]) * pow(256, 3)) + (tonumber(split(".", cidrhost(v, -1))[1]) * pow(256, 2)) + (tonumber(split(".", cidrhost(v, -1))[2]) * pow(256, 1)) + tonumber(split(".", cidrhost(v, -1))[3]) } } : v.max_ip_int <= i.max_ip_int && v.min_ip_int >= i.min_ip_int if v.cidr != i.cidr])] destination_address_prefix = "*" # The below setup is a workaround for "Provider produced inconsistent final plan" error - description = "" + description = "" destination_port_range = "" - source_address_prefix = "" + source_address_prefix = "" } } tags = var.tags diff --git a/modules/azurerm/dra-analytics/variables.tf b/modules/azurerm/dra-analytics/variables.tf index 99c3556e6..b69f4f5bf 100644 --- a/modules/azurerm/dra-analytics/variables.tf +++ b/modules/azurerm/dra-analytics/variables.tf @@ -49,16 +49,16 @@ variable "storage_details" { }) description = "Compute instance volume attributes for the Analytics Server" default = { - disk_size = 1010 - volume_caching = "ReadWrite" + disk_size = 1010 + volume_caching = "ReadWrite" storage_account_type = "Standard_LRS" } } variable "ssh_public_key" { - type = string + type = string description = "SSH public key to access machine" - nullable = false + nullable = false } variable "image_vhd_details" { @@ -74,7 +74,7 @@ variable "image_vhd_details" { })) }) description = "Image or VHD details for the Admin Server" - default = null + default = null validation { condition = try((var.image_vhd_details.image != null && var.image_vhd_details.vhd == null || (var.image_vhd_details.image == null && var.image_vhd_details.vhd != null)), false) diff --git a/modules/azurerm/hub/README.md b/modules/azurerm/hub/README.md index e87327f99..666323668 100644 --- a/modules/azurerm/hub/README.md +++ b/modules/azurerm/hub/README.md @@ -98,4 +98,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/mssql-db/README.md b/modules/azurerm/mssql-db/README.md index cf7b1b709..84694dedb 100644 --- a/modules/azurerm/mssql-db/README.md +++ b/modules/azurerm/mssql-db/README.md @@ -54,4 +54,4 @@ module "dsf_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/mssql-db/main.tf b/modules/azurerm/mssql-db/main.tf index 775ac1e07..a3a48c1e7 100644 --- a/modules/azurerm/mssql-db/main.tf +++ b/modules/azurerm/mssql-db/main.tf @@ -6,10 +6,10 @@ resource "random_password" "db_password" { resource "random_pet" "db_id" {} locals { - db_username = var.username - db_password = length(var.password) > 0 ? var.password : random_password.db_password.result - db_identifier = length(var.identifier) > 0 ? var.identifier : "edsf-db-demo-${random_pet.db_id.id}" - db_address = "${local.db_identifier}.database.windows.net" + db_username = var.username + db_password = length(var.password) > 0 ? var.password : random_password.db_password.result + db_identifier = length(var.identifier) > 0 ? var.identifier : "edsf-db-demo-${random_pet.db_id.id}" + db_address = "${local.db_identifier}.database.windows.net" server_name = local.db_identifier database_name = local.db_identifier eventhub_ns_name = local.db_identifier @@ -31,10 +31,10 @@ resource "azurerm_mssql_server" "server" { resource "azurerm_mssql_firewall_rule" "allow_inbound" { count = length(var.security_group_ingress_cidrs) - name = join("-", [local.server_name, count.index]) - server_id = azurerm_mssql_server.server.id - start_ip_address = cidrhost(var.security_group_ingress_cidrs[count.index], 0) - end_ip_address = cidrhost(var.security_group_ingress_cidrs[count.index], -1) + name = join("-", [local.server_name, count.index]) + server_id = azurerm_mssql_server.server.id + start_ip_address = cidrhost(var.security_group_ingress_cidrs[count.index], 0) + end_ip_address = cidrhost(var.security_group_ingress_cidrs[count.index], -1) } resource "azurerm_mssql_database" "db" { @@ -53,7 +53,7 @@ resource "azurerm_mssql_server_extended_auditing_policy" "policy" { storage_account_access_key_is_secondary = false retention_in_days = 0 - enabled = true + enabled = true log_monitoring_enabled = true storage_account_subscription_id = data.azurerm_subscription.current.subscription_id @@ -83,8 +83,8 @@ data "azurerm_eventhub_namespace_authorization_rule" "auth_rule" { } resource "azurerm_monitor_diagnostic_setting" "settings" { - name = "sonar_diagnostic_settings" - target_resource_id = "${azurerm_mssql_database.db.server_id}/databases/master" # creates an expilicit dependency on the database + name = "sonar_diagnostic_settings" + target_resource_id = "${azurerm_mssql_database.db.server_id}/databases/master" # creates an expilicit dependency on the database eventhub_authorization_rule_id = data.azurerm_eventhub_namespace_authorization_rule.auth_rule.id eventhub_name = azurerm_eventhub.eventhub.name @@ -95,9 +95,9 @@ resource "azurerm_monitor_diagnostic_setting" "settings" { } resource "azurerm_storage_account" "sa" { - name = "sonar${replace(random_pet.db_id.id, "-", "")}" - resource_group_name = var.resource_group.name - location = var.resource_group.location + name = "sonar${replace(random_pet.db_id.id, "-", "")}" + resource_group_name = var.resource_group.name + location = var.resource_group.location account_tier = "Standard" account_replication_type = "LRS" diff --git a/modules/azurerm/mx/README.md b/modules/azurerm/mx/README.md index f228a2ec2..26fbe8ed3 100644 --- a/modules/azurerm/mx/README.md +++ b/modules/azurerm/mx/README.md @@ -84,4 +84,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.5). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file diff --git a/modules/azurerm/mx/dra.tf b/modules/azurerm/mx/dra.tf index e5ab7459a..1ef21d652 100644 --- a/modules/azurerm/mx/dra.tf +++ b/modules/azurerm/mx/dra.tf @@ -1,5 +1,5 @@ locals { - dra_action_set = "Send to DRA Behavior Analytics" + dra_action_set = "Send to DRA Behavior Analytics" # todo - currently it is not working because there is a bug in the mx dra_all_events_audit_policy = "CounterBreach for Database - All Events" dra_all_logins_audit_policy = "CounterBreach for Database - Logins Logouts" @@ -25,7 +25,7 @@ locals { "useAuthenticationKey" : false, "authenticationKeyPath" : " ", "authenticationKeyPassphrase" : " " - } + } ) }, { @@ -47,7 +47,7 @@ locals { "at-time" : "03:00:00" } } - } + } ) }, { @@ -69,7 +69,7 @@ locals { "at-time" : "02:30:00" } } - } + } ) } ] diff --git a/modules/azurerm/poc-db-onboarder/main.tf b/modules/azurerm/poc-db-onboarder/main.tf index 7b6a3691f..69fbb9637 100644 --- a/modules/azurerm/poc-db-onboarder/main.tf +++ b/modules/azurerm/poc-db-onboarder/main.tf @@ -21,36 +21,36 @@ module "onboard_db_to_dsf" { source = "../../../modules/null/poc-db-onboarder" assignee_gw = var.assignee_gw - + usc_access_token = var.usc_access_token - enable_audit = var.enable_audit - + enable_audit = var.enable_audit + database_data = { - id = var.database_details.db_server_id - name = var.database_details.db_identifier - location = var.resource_group.location - hostname = var.database_details.db_address - port = var.database_details.db_port + id = var.database_details.db_server_id + name = var.database_details.db_identifier + location = var.resource_group.location + hostname = var.database_details.db_address + port = var.database_details.db_port server_type = local.server_type_by_engine_map[var.database_details.db_engine] } cloud_account_data = { - id = data.azurerm_subscription.current.id + id = data.azurerm_subscription.current.id name = data.azurerm_subscription.current.display_name type = "AZURE" connections_data = [ - { - reason = "default" - connectionData = { - auth_mechanism = "managed_identity" - subscription_id = data.azurerm_subscription.current.subscription_id, + { + reason = "default" + connectionData = { + auth_mechanism = "managed_identity" + subscription_id = data.azurerm_subscription.current.subscription_id, + } } - } - ] + ] } - hub_info = var.hub_info - hub_proxy_info = var.hub_proxy_info + hub_info = var.hub_info + hub_proxy_info = var.hub_proxy_info terraform_script_path_folder = var.terraform_script_path_folder - depends_on = [ azurerm_role_assignment.dsf_base_owner_role_assignment ] + depends_on = [azurerm_role_assignment.dsf_base_owner_role_assignment] } diff --git a/modules/azurerm/sonar-base-instance/secret.tf b/modules/azurerm/sonar-base-instance/secret.tf index fdbdd226f..9677630e9 100644 --- a/modules/azurerm/sonar-base-instance/secret.tf +++ b/modules/azurerm/sonar-base-instance/secret.tf @@ -99,7 +99,7 @@ resource "azurerm_key_vault_secret" "password_key_secret" { } resource "azurerm_key_vault_secret" "access_tokens" { - count = length(local.access_tokens) + count = length(local.access_tokens) # dots are somewhat common in server names, but aren't allowed in vault secrets name = join("-", [replace(var.name, ".", "-"), local.access_tokens[count.index].name, "access", "token"]) value = random_uuid.access_tokens[count.index].result diff --git a/modules/null/poc-db-onboarder/main.tf b/modules/null/poc-db-onboarder/main.tf index d6de1fa7a..a092bac9c 100644 --- a/modules/null/poc-db-onboarder/main.tf +++ b/modules/null/poc-db-onboarder/main.tf @@ -7,7 +7,7 @@ locals { locals { applianceType = "DSF_HUB" - admin_email = "admin@email.com" + admin_email = "admin@email.com" cloud_account_data = { data = { diff --git a/modules/sonar_python_upgrader_1_7_5.zip b/modules/sonar_python_upgrader_1_7_6.zip similarity index 75% rename from modules/sonar_python_upgrader_1_7_5.zip rename to modules/sonar_python_upgrader_1_7_6.zip index 50dbfb968c48859165b9f392c09d1dbe4c447b1b..9ec21a999ac7425acdb0f20cc119e48cd79f0518 100644 GIT binary patch delta 1785 zcmaJ>Ur1AN6uxuQ;mW1c`FES9%i(VAg4Fa%qEaHFLg<#l!2Gvzw$1JC-f2mVUMd1J zy${lx5cDEta((q7DyWBu9(o7~lzd6TA_~%%y61QA{oQ*PG}s=__nq&Y^Zm}*;lAN; z-%xO&$7r$;@VS_5S}Y)~ekvHqCybw8uZ6`g|1?l(42sA&S?Z^_#1&?AA}ld>vKY@v zm&!f*yN_&{P@bm{^46nX4a(ms96;bF1h&K)G@x*{=)M7=Z*7oz zVDl*@1z&M(PLbH?P&x5uhqDqysEZ(47n4qrm$7>=?}>fEiX__Hq(gOwV;^dUW}Rk}G*DFimmwC>Zn3ga}Ve&Fm{cO(BD&UFp4|L&-IdJeyYE-<9uJIFE*jwPGPgR#f&5l z2Vnb{aFUBK;aE7%rhM!yt1ZW$3p60=bbu`JQ*1buy`J)_^U_;Mg#Yd_6@yr>V+o4gvtmhxW*yHIcbAy8~j>zueXRBS=$@))2SX^%!!_&K&I z9md8apxcvWN;mvY+JPK&MraG1buKz<6owbfpTbMu;ki7ImPe zLQ}L@Ryt;<4%w3tDo;rf`+>rA!J z2Kl=vdSD~7m2GjLXY6ha$l_MEihmY&m8+8~$Eh?e_m(>i3T@L4UBMeDI_yzLk#&!8 zRlGgn5>rOJj_jgb0<_i=6*{dw6m2G*m@b#ToCNwxvQ|gmP0|%=*Z9D)+72?1yTFv= zT)3$>3|*|dDKQKF?O|i!g-)j+E1oKqvgGLF6kVuZj#3C4NsA_CUyVYNC%MUjZYbD@ yN5pmk(9KojHldAs97JDoHM(eC8lvrKbtK?kN70S6SKIQ^3{bZxOO$$nnfkvYnxZ8D delta 1785 zcmaJ>Ur1A76u)!R;Y!oZ&3~Jkn#0}N4Qb_-M5RPTh0qNJ!Th&!w!e4xPD@I9sYuN9 zK1gpu;ER;WeDxu!haMt&=piIf@FfY0C`e!GJKw$cyZ0_=usxjL@BGd=zwewK9T<)d z40%_&j3x^OA6x9~Vji9EV*>tM%4nZk4Lasl#pnJqqZJ`zw8O^;@$1~kcu-;#AqHX* z#!I?FWhBSAP@GTdncqBEOLQA(gHK#BImETeG7BmOQs|qWH|%9WHIX+-j0Up;eKI}G z#?Y( zPo*LO?}aPjN0)yXxss=p&=gmX(;(1DS1CyPD&1qmL#=xOT1ixDToX+UkHHy+cBvCb zMnX|<{3c#4JA|JyClbP!&uevC`l|=aO9y0;x zdobW5)+`4eODiMU-YGaWBauaYg5Ts#Ke1H&+TVeDJ3j!5ttp)ocL!`1j4qD?x|woo zMAJVP%pX>Cw^fTM?2I#byi1^TSLmH@JNK3^`rh*p%SlPbrlG%fd*9Rr1ym{V8qHjWOt z)lp>K6GFLYk5{0SVUIJjs1OIO^?0dHYad4&X&0f(rLQG`zLKcc(f1N;soFI;u#C0? z9ON!=B_tPa>Mh6GbT@^v;J+L;243h~60)L6hm<8pSCedkdO1oVVkC=9%)A Date: Tue, 23 Jan 2024 16:49:03 +0200 Subject: [PATCH 16/32] DRA | release changes [skip actions] (#361) --- examples/azure/poc/dsf_deployment/dra.tf | 6 ++-- modules/aws/dra-admin/main.tf | 44 ++++++++++++------------ 2 files changed, 26 insertions(+), 24 deletions(-) diff --git a/examples/azure/poc/dsf_deployment/dra.tf b/examples/azure/poc/dsf_deployment/dra.tf index c0fd0242e..239041df9 100644 --- a/examples/azure/poc/dsf_deployment/dra.tf +++ b/examples/azure/poc/dsf_deployment/dra.tf @@ -11,7 +11,8 @@ locals { } module "dra_admin" { - source = "../../../../modules/azurerm/dra-admin" + source = "imperva/dsf-dra-admin/azurerm" + version = "1.7.6" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -48,7 +49,8 @@ module "dra_admin" { } module "dra_analytics" { - source = "../../../../modules/azurerm/dra-analytics" + source = "imperva/dsf-dra-analytics/azurerm" + version = "1.7.6" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/modules/aws/dra-admin/main.tf b/modules/aws/dra-admin/main.tf index a8ac27f58..127fe55e2 100644 --- a/modules/aws/dra-admin/main.tf +++ b/modules/aws/dra-admin/main.tf @@ -13,9 +13,9 @@ locals { admin_ssh_password_secret_arn = aws_secretsmanager_secret.admin_ssh_password.arn }) - readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { - admin_server_public_ip = try(local.public_ip, local.private_ip) - }) +# readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { +# admin_server_public_ip = try(local.public_ip, local.private_ip) +# }) } resource "aws_eip" "dsf_instance_eip" { @@ -71,22 +71,22 @@ module "statistics" { artifact = "ami://${sha256(data.aws_ami.selected-ami.image_id)}@${var.dra_version}" } -resource "null_resource" "readiness" { - provisioner "local-exec" { - command = local.readiness_script - interpreter = ["/bin/bash", "-c"] - } - depends_on = [ - aws_instance.dsf_base_instance, - module.statistics - ] -} - -module "statistics_success" { - source = "../../../modules/aws/statistics" - count = var.send_usage_statistics ? 1 : 0 - - id = module.statistics[0].id - status = "success" - depends_on = [null_resource.readiness] -} \ No newline at end of file +#resource "null_resource" "readiness" { +# provisioner "local-exec" { +# command = local.readiness_script +# interpreter = ["/bin/bash", "-c"] +# } +# depends_on = [ +# aws_instance.dsf_base_instance, +# module.statistics +# ] +#} +# +#module "statistics_success" { +# source = "../../../modules/aws/statistics" +# count = var.send_usage_statistics ? 1 : 0 +# +# id = module.statistics[0].id +# status = "success" +# depends_on = [null_resource.readiness] +#} \ No newline at end of file From 02f47b8221dd0885e0fec972435eb603133b9827 Mon Sep 17 00:00:00 2001 From: hadar-timan Date: Tue, 23 Jan 2024 15:41:02 +0000 Subject: [PATCH 17/32] Automatic commit before release [release=1.7.6] | [skip actions] --- .../dsf_single_account_deployment_1_7_6.zip | Bin 15413 -> 15413 bytes .../sonar_multi_account_deployment_1_7_6.zip | Bin 9284 -> 9284 bytes .../sonar_single_account_deployment_1_7_6.zip | Bin 8051 -> 8051 bytes .../dsf_deployment/dsf_deployment_1_7_6.zip | Bin 12907 -> 12907 bytes .../sonar_basic_deployment_1_7_6.zip | Bin 6063 -> 6063 bytes .../sonar_hadr_deployment_1_7_6.zip | Bin 6810 -> 6810 bytes .../aws/sonar_upgrade/sonar_upgrade_1_7_6.zip | Bin 2349 -> 2349 bytes examples/azure/poc/dsf_deployment/dra.tf | 4 ++-- .../dsf_deployment/dsf_deployment_1_7_6.zip | Bin 14050 -> 14081 bytes modules/aws/dra-admin/main.tf | 6 +++--- modules/sonar_python_upgrader_1_7_6.zip | Bin 30586 -> 30586 bytes 11 files changed, 5 insertions(+), 5 deletions(-) diff --git a/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip b/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip index 1f2be664484b0dbed2af47b1b2239706646e2c26..af741c74becda92a0d6cb4c5a00d68915fa25b4c 100644 GIT binary patch delta 377 zcmdm5v9*FHz?+$civa`_YbWwpv+>?rpUQi0a-gN~!~_l|h1!W(u53JDv5i~TurMjs zPEKZZgsR%Sigg|nNXUx=E;NzjC^JYXg2xG_Y5~tXW}r!vCkVJhjoN%yV6y;7)g(n{ zn5x@~)*$;POK5pORZULQ+6_{qtnC6*l&dYw1ya;x>IPGE&U7wFB-adP_~cz?tsrfV z=AKMopU8sbSDObj@qqj#3zCz!@Q29(dHpE7{}ur-IiS7*%TOeJ&nyFxhMFQgSFV6y;7)g(n{n9yxSYmj}D zCA2)CLX*?9c7sHewOwF}a9zb zZ61uoleh3k;`O8O{#yhf$rV_JBJrMC1|snytiq6Z=dFT}cuv+KNWAUVP*a2_E82(v E04L3y;Q#;t diff --git a/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip b/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip index d2cb02eb9feb64a00f4ebb40b0c2c951fa4d9e2b..00b8097657b8ed2e6f4cd0957f23d4f80b8dce5a 100644 GIT binary patch delta 238 zcmX@&am0fsz?+$civa`_YbWy9u<_nopUQi0qMtOALhZzCH#QzHf8+LACMLz&$!5&X zP!*f&nLls<)l4qr@qjAYyq~9*8>Grk!WE{fQ(_exNR_F)J5<%=Ci&SQ5qSlezR9@? zi$U6i6up>u?@cyPmIcYzDuyueKzKm8Pl|y^aw$q-NOHH8f|2C>l|x~2KvRw?gH_6^ Gr~?3=?@dAg delta 238 zcmX@&am0fsz?+$civa|}3McZ|usuGpKK1d5iGI>dKz_Cxl)rI%EfY{+vKg~8RAh5K z^9K%)P$7>8OlUt(EjLKWPQn!?)G4uw4J2eL?+z83+$296BqFZ>(>FO+VKGQVNYRVw s@rlU>%CaC{tzrlg?~`I65-&w542gGJDHw_8uN;cRJE{y;DXXFm06%44Pyhe` diff --git a/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_6.zip b/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_6.zip index f55445d877632f2bb5f746402f87ef026384ea97..42a6f8fd4b7610a108ed5d7e9806e2a4120cc6bc 100644 GIT binary patch delta 206 zcmext_t}moz?+$civa`_YbWy9vhm(qpUQi0qQ5kgLhZyHcQzg{f8$OECMLz&$-kLg zpei=IGK;eV)l81#@`Nhdyq4<)7f97~Q8$>X$D$8dL8^{Qdq7o97M7U{QnX3Nn~C?{ qgub)ez=SM0?l6Lc#JS+A{JAzTgM=9QjA5#*_^vPl4WBF^U;#CKv!6f_ zH%QeXX%m>LKhpErK&s{{S;AD^QBnfgI7!t3rpQh81lSD%8m2HIZ;d(@kiOG8=1_f; zIdtcP3}2~h#l(AWvV(yvNS;N{g^35k1IlIUIl$zAyix zAL;pQAfdTRmN20^N=hIbC#gEXMBG$QfZZUVVG0xS)~Ex!^t6sSRA@4X?tG9*D|M}y z9-o-(U?2v-%hJHxA RnTF0tyuXI7AfAhnIsmd5qYMB5 diff --git a/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip b/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip index f3ba921d4ed1287de7089551d88d29478942eb52..a517c140e39f58895a424f99e37281456fa55e88 100644 GIT binary patch delta 229 zcmZ3lzh0jwz?+$civa`_YbWxUDD&Q1p9;dI72FJrEH9ZE7+C6ok|1RwK$?R=p>|@j z9UBi=*~aB{OiYTklhv86*&rG>XD}~jV^XM{%**8fRkS&nYYiJn6{DanOqGk^FD8&G z2N8Rys>!V)b3uw!M4gy;?@hKBlLg7Qi~2C}KzKm8FQT4Ea&cmQNOEVzypiNA#eG3? H9pdT$M4v;i delta 229 zcmZ3lzh0jwz?+$civa|}3McZIC_g^2J{5#ZE4UdLSzaAs4}4V2utU_E4e8ts-+l t`cy=nm>!>)Y%eAY;|@D zEgKJ5*~X=7nV1x7Cx~o& zM&fo*Rg=ra=YkZ8N;op{-kYo|DGQP>m+)rdf$)HGk0m^iqwsdLhZFO8J1~ Hilx*6KlwuV delta 229 zcmbPbI?I$Nz?+$civa|}3McXyD?dK5J{5#ZE4UdLSzagiZ?Ez=XI(RGC3SM&fo*p~+?9 vb3r1a5{^udPfXU8lm+q1CA^V%k0m^ics`Q8NW5K=UPwGuDIXB8SV|oLz}-@C diff --git a/examples/aws/sonar_upgrade/sonar_upgrade_1_7_6.zip b/examples/aws/sonar_upgrade/sonar_upgrade_1_7_6.zip index 66ccede2d5bf33b91dd21d4ac75211300fd0d0d1..4b61334fdd8bb4af8f85d81286fe309b09b20e2e 100644 GIT binary patch delta 227 zcmZ20v{r~Gz?+$civa`_YbWw(v+>?rpUQi0@938NGfP|YM3bEulhwk)qeYBX6*U?wHAJ_IV6?8asWQ`5v20#b8>&5{Xh zllbKK>}()4M(oZ^JRrLvB0x3M*d5T+d}nt>QxnVK1W_XkGUEV;3q)RcvLvSn04mZ+ ADgXcg delta 227 zcmZ20v{r~Gz?+$civa|}3McYtvpqhsKK1d5$qPAzCkAjZ0mY(Bp<)}SiZTKPCa+;M zf{JW@!YIWA6q>|h4%27L@(QFzlhp(!lFa%LB;v+q1`}yw3jvATV6$Wb+ax~uJv$pn m#E9J)O=KFo1DeQpc2_i!SPmzMh%CsA0~{_8p73NzP7wflLRg{z diff --git a/examples/azure/poc/dsf_deployment/dra.tf b/examples/azure/poc/dsf_deployment/dra.tf index 239041df9..aa9c09852 100644 --- a/examples/azure/poc/dsf_deployment/dra.tf +++ b/examples/azure/poc/dsf_deployment/dra.tf @@ -13,7 +13,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/azurerm" version = "1.7.6" # latest release tag - count = var.enable_dra ? 1 : 0 + count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) subnet_id = module.network[0].vnet_subnets[0] @@ -51,7 +51,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/azurerm" version = "1.7.6" # latest release tag - count = local.dra_analytics_count + count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) subnet_id = module.network[0].vnet_subnets[1] diff --git a/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip b/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip index 7ba52f1385b2bdf299f4bfad0960c32aaa04b8c0..cb458702aa3729f22b70d71f01ced4419fd9e4d3 100644 GIT binary patch delta 1526 zcmaEq+nC1_;LXg!#Q*||wG(-C*m&=)PvyNgInYFyiH5baU4JmfH*4vYT=UGyYOa4316w+3eIpDb8ZMUw z|NqUGBb+nYBr`Pg=Ow9ow(t6Omve*~B%Zi0skk(4iljNfedk=&v`vpDT{|1~q3M&=(M>f0yOO>c{m#nUSAY81lAu&&1^#EJZ->fB ztP896*dN3Df;%otYe%7+Td-NOU{%_tJdXm}p>vZI_9JsJ1kKu0Zfjx&B3byMi@6ud&+rC$CiQTut zi92Q$*YLP)oUeIF_)pE;v$swwM0V(Z4owSL%w2FqvVMKm1?#flS?$>_vDH_2e_zhH z5ZZP_HskQrk{i4Kr2kV^7I!h=u6QoRV!(W46ED+kE|rx|yI*q$Z{j-9c)#gSSWH~n z^@xts>+BYYy;{nYxpMQ8HcsxRcaAr&Si_rH`qU}w+PX6pGgIsWrmUTKFhAwMr!Scc zrPt1?I&;Cw+hFT#>vb?O4K&)DQdOIST6Q`e(67Kj71EscM>JcTj4nn^bH0>skBP z|M*yyB9uAB+@eUHd18mgwzF0e{Ize&_i(t1>22ERsvfX*q4o6}W`Xs57T*(n&g_-h z$}3ZT=g{`R?ZR_BPhYETmkpnx|MGFuG<6-TbzA8sCpx-c+|H=ICuzxLf#4-PR(gAaj(A)!37VE1ASYBIk2x_SNfXE^C~*5T3rRa?$vL&DV+4spl%jpS!U)6@rz6CizEK;*fMKH>3!3D z?Xvzq3$om=+t-BFv=y|!c(#_^a=NNbeay-CcF`xDv;JwD-mf+d{2~$~9^EH8>B7Io zkM`Gpp846-ChUp%Rtv><>rC{Pr8H`3-uGNqS6H*=`ma2Lr1qVEO1?j}w*P6t*U*{i zc%jF6neBr&oRe!R=GmlPI)CZA|19R3=RUKKEdKtbb8?m7{^VCGnRW)1lWOvP=jW~4 zQ{3=}8I%hlnN6{FvMGlRG(&AJ=dfX70t#*AGJ*-cPbT1y0M)I$TfQF4Z}K=$o2v|<7mAF?2WMU7mTctC}TELxe-YGevi2Gn%h zNQTLSWAaB6@yPp zyuowUmQ`C;1PSl>{*Le6y@RQqJJ0<)w`on#lmN${s}q;1EzM~?Iql}WRZJ{*3luUY z+}+(e<>mV~Wo8>fOof+Zn$MZqVyZdqYIBIGY4}h6y+6Jh&rjdFCW^1MeSO~b*7O~5 z^~!&_-D*G|ecPJ6-BmAfWdIkckGP-ETfiECY7-wn9t|G}y( zbB9`QQgzmWJn{N#xBl5HbmTZZFbXQw6Uo_lS;W*Q>2SbW!@H;4?R6@OpVx1grSkgh zTHEKJB(*;ANM8|LsCsYh+cyj69DmKIBA~!-Q7Au=iA7|0+2ezSJ%{^(XD}ohODk7> zec5nrz1dyI$iq9mlbOn+E|;d?@bkW|{I`!^ZLR0`y>E9Mit(HuR=--Q@x@N7-8=61 z7xQwse`u4>lEvNdDss1KLCDP{APC9FPr9&HHqcW9P z^VZHezvEwFrtQQ>3$yj6CD-%ws9Ns0{loTy=&Co$Gs+o7d_q2as+_s+ch<~r?w{j5 zzbdZkj9GprbZ2t4&WDv7=7)Scob4O0cVXe3ecD?%pKe?FvDWL^%1O88q)3S!&zn2p zdoceL>-qoo#YC&m-+C{B>1$H~kCjA>jol>wW1HPQemVa9Xjs(pep2A1igoks{gi_8 zZ}Rs{Q8}xA%xlv7y%#U>_wxI-*MqVdEH_OK;jn?`n9b8TY?zqB3MXITGJ*;5a4%#A z39aWdh6%mk^9QT46tsW|l?!@sgH#=qF@XvFmbu5q6k0g>wz4_fBSf`nxJ9{ zQ*>U%6>Pegh679}Mk5ex`g$!>n9wUN5jLR4NrvW7k;%4(vp^=@G_+y@7Z0)^o{5nQ zl!sO(EHN@gQufP8hDnoS@OCKvUueR_z`(`Ez#xO7zJ(90{-A jjLxd;-B$~A#AytNT%EkZOao$?@Z`5 zFDindWuSO2dMhgADk7ddc<|_6?dAMV?0bD!=Tc zwC*2f)S3cyKmB%>au?w#RJZvqmpVoZ|K|VwZ^b1UJw~OZ zUw}H{VOkf*$&?XL4E;ohm%kj0iW?S=+B7y`RG*n+gzxdf#5>3jbC6CtKfyPAFwx_u zv}u{x>9_SBUbZ=Rx!tLoXf_1H_J9XAY(sT d3Mee|q$cj%Sr_-YS1)1}>vLEiN10jeIRYSde(eAN delta 1161 zcmZvZOK1~87{{}lZPZN-8{3@B&0uIs6C`+$NTBi6n%Gx%yEUy=7gD=@B)iR{C|bOz z2!e)z;<@OpsF15j>1huhJob=F2!chZh+gca-I>g{u|wzh_gf@sLw5J;4i1JQFy#-t(L22sNQn#1VpnQ1@+J?BW@L_h|#8F=Hv zs$^)8AhH$d+XxMV=yxbdd>6tnRQ*|alb}8|ioS(>s2Gu``p8w#M&x>jlU#5AEy%sw zKjOyaAEKima>pu|Jc^}2v>i(kpC^3{(0Dq`@sqYHbD4fc{c|R90vrEj+xKo-C?!WQ zDae8 zD`K>+sgU$X`$B%UK7X~7)Pp2l#H$4LL7q(5Cbo4=ALi{X{E9<<=;J_)B8kr}6d1C* zunYtz+c~R?GeD^8@8W$RR8w7=2SPOmOAi?GVp(U1zn}r3Ij74(^r;XBO0$Hb%80vbwE}C;tod7bo+ItAm_RJRm From d31e19ab38d79118eb2fe7f559434e7d424fe97c Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Wed, 24 Jan 2024 09:30:32 +0200 Subject: [PATCH 18/32] DRA | change release version [skip actions] (#362) --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index c8158cb86..a983a4377 100644 --- a/README.md +++ b/README.md @@ -412,19 +412,19 @@ The following table lists the _latest_ eDSF Kit releases, their release date and 1.7.5 - 1. Added a new agentless source for AWS - RDS PostreSQL. + 1. Added a new Agentless source for AWS - RDS PostreSQL.
2. Updated Azure IAM required permissions.
3. Improvements and bug fixes. - 23 Jan 2024 + 24 Jan 2024 - 1.7.6 + 1.7.7 1. Added support for DRA in Azure. -
2. Added a new agentless source for Azure - MsSQL. +
2. Added a new Agentless source for Azure - MsSQL.
3. Improvements and bug fixes. From 759e9ed485401ab76ae4464f687904c7e3ac9131 Mon Sep 17 00:00:00 2001 From: hadar-timan Date: Wed, 24 Jan 2024 07:38:03 +0000 Subject: [PATCH 19/32] Automatic commit before release [release=1.7.7] | [skip actions] --- README.md | 62 +++++++++--------- .../dsf_single_account_deployment/dam.tf | 6 +- .../dsf_single_account_deployment/dra.tf | 4 +- .../dsf_single_account_deployment_1_7_6.zip | Bin 15413 -> 0 bytes .../dsf_single_account_deployment_1_7_7.zip | Bin 0 -> 15410 bytes .../dsf_single_account_deployment/main.tf | 18 ++--- .../dsf_single_account_deployment/sonar.tf | 14 ++-- .../sonar_multi_account_deployment/main.tf | 24 +++---- ... sonar_multi_account_deployment_1_7_7.zip} | Bin 9284 -> 9284 bytes .../sonar_single_account_deployment/main.tf | 16 ++--- ...sonar_single_account_deployment_1_7_7.zip} | Bin 8051 -> 8050 bytes .../aws/poc/dsf_deployment/agent_sources.tf | 2 +- .../poc/dsf_deployment/agentless_sources.tf | 8 +-- examples/aws/poc/dsf_deployment/dam.tf | 6 +- examples/aws/poc/dsf_deployment/dra.tf | 4 +- .../dsf_deployment/dsf_deployment_1_7_6.zip | Bin 12907 -> 0 bytes .../dsf_deployment/dsf_deployment_1_7_7.zip | Bin 0 -> 12904 bytes examples/aws/poc/dsf_deployment/main.tf | 4 +- examples/aws/poc/dsf_deployment/sonar.tf | 14 ++-- .../aws/poc/sonar_basic_deployment/main.tf | 16 ++--- .../sonar_basic_deployment_1_7_6.zip | Bin 6063 -> 0 bytes .../sonar_basic_deployment_1_7_7.zip | Bin 0 -> 6063 bytes .../aws/poc/sonar_hadr_deployment/main.tf | 24 +++---- ..._6.zip => sonar_hadr_deployment_1_7_7.zip} | Bin 6810 -> 6810 bytes examples/aws/sonar_upgrade/main.tf | 2 +- .../aws/sonar_upgrade/sonar_upgrade_1_7_6.zip | Bin 2349 -> 0 bytes .../aws/sonar_upgrade/sonar_upgrade_1_7_7.zip | Bin 0 -> 2348 bytes .../azure/poc/dsf_deployment/agent_sources.tf | 2 +- .../poc/dsf_deployment/agentless_sources.tf | 4 +- examples/azure/poc/dsf_deployment/dam.tf | 4 +- examples/azure/poc/dsf_deployment/dra.tf | 4 +- .../dsf_deployment/dsf_deployment_1_7_6.zip | Bin 14081 -> 0 bytes .../dsf_deployment/dsf_deployment_1_7_7.zip | Bin 0 -> 14080 bytes examples/azure/poc/dsf_deployment/main.tf | 2 +- examples/azure/poc/dsf_deployment/sonar.tf | 14 ++-- modules/aws/agent-gw/README.md | 2 +- modules/aws/agentless-gw/README.md | 2 +- modules/aws/db-with-agent/README.md | 2 +- modules/aws/dra-admin/README.md | 2 +- modules/aws/dra-analytics/README.md | 2 +- modules/aws/hub/README.md | 2 +- modules/aws/mx/README.md | 2 +- modules/aws/rds-mssql-db/README.md | 2 +- modules/azurerm/agent-gw/README.md | 2 +- modules/azurerm/agentless-gw/README.md | 2 +- modules/azurerm/db-with-agent/README.md | 2 +- modules/azurerm/dra-admin/README.md | 2 +- modules/azurerm/dra-analytics/README.md | 2 +- modules/azurerm/hub/README.md | 2 +- modules/azurerm/mssql-db/README.md | 2 +- modules/azurerm/mx/README.md | 2 +- ..._6.zip => sonar_python_upgrader_1_7_7.zip} | Bin 30586 -> 30586 bytes 52 files changed, 143 insertions(+), 143 deletions(-) delete mode 100644 examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip create mode 100644 examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip rename examples/aws/installation/sonar_multi_account_deployment/{sonar_multi_account_deployment_1_7_6.zip => sonar_multi_account_deployment_1_7_7.zip} (54%) rename examples/aws/installation/sonar_single_account_deployment/{sonar_single_account_deployment_1_7_6.zip => sonar_single_account_deployment_1_7_7.zip} (60%) delete mode 100644 examples/aws/poc/dsf_deployment/dsf_deployment_1_7_6.zip create mode 100644 examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip delete mode 100644 examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip create mode 100644 examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_7.zip rename examples/aws/poc/sonar_hadr_deployment/{sonar_hadr_deployment_1_7_6.zip => sonar_hadr_deployment_1_7_7.zip} (52%) delete mode 100644 examples/aws/sonar_upgrade/sonar_upgrade_1_7_6.zip create mode 100644 examples/aws/sonar_upgrade/sonar_upgrade_1_7_7.zip delete mode 100644 examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip create mode 100644 examples/azure/poc/dsf_deployment/dsf_deployment_1_7_7.zip rename modules/{sonar_python_upgrader_1_7_6.zip => sonar_python_upgrader_1_7_7.zip} (75%) diff --git a/README.md b/README.md index a983a4377..b4bb7d59c 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ This guide references the following information and links, some of which are ava - eDSF Kit GitHub Repository + eDSF Kit GitHub Repository @@ -481,7 +481,7 @@ e.g., with or without DRA, the number of Agentless Gateways, with or without HAD We provide several of out-of-the-box Terraform recipes we call "examples" which are already configured to deploy common DSF environments. You can use the example as is, or customize it to accommodate your deployment requirements. -These examples can be found in the eDSF Kit GitHub Repository under the examples directory. +These examples can be found in the eDSF Kit GitHub Repository under the examples directory. Some examples are intended for Lab or POC and others for actual DSF deployments by Professional Services and customers. For more details about each example, click on the example name. @@ -500,73 +500,73 @@ For more details about each example, click on the example name. - Sonar Basic Deployment + Sonar Basic Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, federation, networking and onboarding of a MySQL DB. - sonar_basic_deployment_1_7_6.zip + sonar_basic_deployment_1_7_7.zip - Sonar HADR Deployment + Sonar HADR Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation, networking and onboarding of a MySQL DB. - sonar_hadr_deployment_1_7_6.zip + sonar_hadr_deployment_1_7_7.zip - Sonar Single Account Deployment + Sonar Single Account Deployment PS/Customer A DSF deployment with a DSF Hub HADR, an Agentless Gateway and federation. The DSF nodes (Hubs and Agentless Gateway) are in the same AWS account and the same region. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_single_account_deployment_1_7_6.zip + sonar_single_account_deployment_1_7_7.zip - Sonar Multi Account Deployment + Sonar Multi Account Deployment PS/Customer A DSF deployment with a DSF Hub, an Agentless Gateway and federation. The DSF nodes (Hub and Agentless Gateway) are in different AWS accounts. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_multi_account_deployment_1_7_6.zip + sonar_multi_account_deployment_1_7_7.zip - DSF Deployment + DSF Deployment Lab/POC A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways), DRA (Admin and DRA Analytics), and Agent and Agentless audit sources. - dsf_deployment_1_7_6.zip + dsf_deployment_1_7_7.zip - DSF Single Account Deployment + DSF Single Account Deployment PS/Customer A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways) and DRA (Admin and DRA Analytics). - dsf_single_account_deployment_1_7_6.zip + dsf_single_account_deployment_1_7_7.zip - Sonar Upgrade (Alpha) + Sonar Upgrade (Alpha) All Upgrade of DSF Hub and Agentless Gateway (formerly Sonar). - sonar_upgrade_1_7_6.zip + sonar_upgrade_1_7_7.zip @@ -585,13 +585,13 @@ For more details about each example, click on the example name. - DSF Deployment + DSF Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation and networking, DAM (MX and Agent Gateways), and Agent audit sources. - dsf_deployment_1_7_6.zip + dsf_deployment_1_7_7.zip @@ -666,7 +666,7 @@ After you have [chosen the deployment mode](#choosing-the-deployment-mode), foll This mode offers a straightforward deployment option that relies on running a Terraform script on the user's computer which must be a Linux/Unix machine, e.g, Mac. This mode makes use of the Terraform Command Line Interface (CLI) to deploy and manage environments. -1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -764,7 +764,7 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann 5. In the Network settings panel - make your configurations while keeping in mind that the installer machine should have access to the DSF environment that you want to deploy, and that your computer should have access to the installer machine. -6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.6/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. +6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.7/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. 7. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -783,30 +783,30 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann For example: `chmode 400 a_key_pair.pem` -9. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +9. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. Run: ```bash - wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip + wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_7.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip + wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_7.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_6.zip + wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_7.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip + wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_7.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_6.zip + wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.6/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip + wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip ``` 10. Continue by following the [CLI Deployment Mode](#cli-deployment-mode) beginning at step 2. @@ -1105,7 +1105,7 @@ After you have [chosen the upgrade mode](#choosing-the-upgrade-mode), follow the This mode offers a straightforward deployment option that relies on running a Terraform script on the user's computer which must be a Linux/Unix machine, e.g, Mac. This mode makes use of the Terraform Command Line Interface (CLI) to deploy and manage environments. -1. Download the zip file of the Sonar upgrade example: sonar_upgrade_1_7_6.zip. +1. Download the zip file of the Sonar upgrade example: sonar_upgrade_1_7_7.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -1171,7 +1171,7 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann 5. In the Network settings panel - make your configurations while keeping in mind that the installer machine should have access to the DSF environment that you want to deploy, and that your computer should have access to the installer machine. -6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.6/installer_machine/upgrade_installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. +6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.7/installer_machine/upgrade_installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. 9. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -1200,13 +1200,13 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann If you do not wish to use Terraform to run the upgrade, it is possible to bypass it and run the Python utility directly. -Use the Python Upgrader utility. +Use the Python Upgrader utility. # More Information Information about additional topics can be found in specific examples, when relevant. -For example: Sonar Single Account Deployment +For example: Sonar Single Account Deployment These topics include: - Storing Terraform state in S3 bucket diff --git a/examples/aws/installation/dsf_single_account_deployment/dam.tf b/examples/aws/installation/dsf_single_account_deployment/dam.tf index 8f12d5d5e..86260875f 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dam.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -38,7 +38,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -68,7 +68,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.create_agent_gw_cluster cluster_name = var.cluster_name != null ? var.cluster_name : join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/aws/installation/dsf_single_account_deployment/dra.tf b/examples/aws/installation/dsf_single_account_deployment/dra.tf index 18c8e746d..62312e9e1 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dra.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -28,7 +28,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip b/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_6.zip deleted file mode 100644 index af741c74becda92a0d6cb4c5a00d68915fa25b4c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15413 zcmb8WW0+;jwyvADZCjPLZQHi3O51j3rES}`QE6wTZQPpYoPF1vd*5|d-9Da<@h9G= z^%3KXh!$UymjVWX0{H77{LZHSzaIY2g#-Wxz}U%D&&k5p%-TfHz{tqX#nxHR*u>u2 z&cnv!_alQIn;z>o6=g^OVA!o1lfOI?C@m1OUPB*5R1P ze#Cvk^A_Abs&bk3&#iv#oj&AHH+id<($>6y_Z6qMqcl?7`KC5&@5 zFwi(DN;QEW&}WV(bFh*Ut!IKH{d$v3p^<9NG3xl0hu^m5(^K;Fu;8WWu7ai#jwZ}Y z8ia<)ca)S2Il!TlTcZYX;h?I}D2lngb6!lGAfA<+q@7(|-Ks*uF+db_S=X8e!)Gd~ z>nnnPIsS>D06XI}2~j^r2f~MgEFG4snE%k8qNcIpi7tuPB{LUUQ=Fdxnn1>^ zcf#Nynal%9=SEJ7UMF0mAwebU`?y#*WMKd+Ol>C;!)sCT$(T~Dx0d=vMT?K=Yx-rc zG2XM(eny)2W@6)DV|o^+tDE`W(kKB7Tno&PWZmzXkl3?V&e{R%c4e$ce4u?Sm-9B$Qn zXKq#NBw;nX9bGRRRjy?ul2t7^1TV6@MhB0oB)*Us5#Upff34cICf#8Fw$V7|mDxv5 zCoc(S=Nv0?8mW^Huc5&&G((}3gcOIP;Q8!_N1UHE3lRpUKx7V}{Wf>H66fCM>ooQR z1f3etOjJq3*UBf}rMIP*3ArGQ_X>LHDS5rjno4O>1JD!sc`L%#`1avV>I-N$5TMq* zomsv@PRsVjLe~l!Cv%a8$sk`s1C|tgN-(oWOP=4L!0H$o#=v7~p?u}nRITP2Di`2% zeNxul#=yeIFE*W`?rJv%Z$!RqaB@8eWiTRLX;#}69QYj^AU2B=@II`pLB!Q9``zAk zlCeTqw99;^{bdKmtbawEg#wrG;A?qze&$}mBv>L_mDb7t6HO~ayeOVbGRM_m^J)vS zj;xmGYSckRsybJ7Q`AAQBPNiD7F*vZIszH5uroBA21MRgu>;;feqtL+7ga)%DDG%s zCrO{6fef@u?+b{ypLD~yE_PO0DE}NP)T~KH@T2=z;jAoH?Y(v=_-3$XZLd8v+G>-& zv?GtMd|ip*;ztb-Ig9x+tRf80E)r#sT(?+6e<(In)DI_O6bcL%N|b`O1;=I~@G}uC zmbjQ{n=ne0kOrf4+k+P$MJty*dnE=Et8G9V5)`GYEF84VY|FNM*NJh^D?i!|an>7f z*PUPMb~{gU-Qar5E2G0d(LB6;U3`OK6Z4i1qk`RjBFX};SMhbP73jBqoGN4CJtyX7 z9=&sYolu;}WfOzR`u3}CDKyi%4fyu!6g-`%qCW1V!F>3Zm>#-aoocN0a6EwDJb(;k zQ*Kx;$J>pAMtHaUYEpm)W;BOhEdbIYYXfJ?vG{bES!#I4=9G|evA*75F0n5-2Z$B- z>HP%%m+<{1tF|`Ll7T<~0I84w091b{e8!Fj|0R0=MqG@1vj=tT0}^_fHgIuaCQ-IJ9&AS-7;x-oR3xSb z8wHm&k$*cFr3IaG0)+uQaPx`__#~36P#3`|Gz~^cq5LJ79KDmHw8egOsvTIu6V+U+ zoo?8p(^aJkPHYKEat5fep2gHe>!)8PjYm~0_DQjEhNWF^BY2n<+T4`xn_)2b^wQp~#j*HlCnnLXT3Vr`lrypo+C*w?)GN?EtD8cT@_|@oP0|X@iEa z-ifB)5xgMMma8;tf8HSJMbd{spX#)+_@|KwqWEy265S$?(JS6Co~QKh3jLameVlFL zFG9O^W1us=&9{5rnpB5~R<|Q$=S{>h+J3m$#>XGy$1qMa9gPOS{OqGse3Z%-9N)-SH)AH zBdeh1dr-8?X?Et9dEV5H=N*YH4My>ji`txI5R@-0K$*SdGe&>h4BCE{+24HS((N=j z`S@?$yw|-@r~LQOF9!GjqnjJp{HJcNwr;yl5A*#>&3#J>n&c8yOMzhBh>r*YWXMp7 zw%$0*kq+bas^CD%dPFvn1zv>s1}7fHqm&}iF?epff?|()Hm0hXh9%fl;VxYS+ZK7& zyUY(VN2F&!aORz~oj3;7t@hBXxxRQb{Rndrr!J6&EoJ?~%Hr-+#<0H-%{&xBNUm-R>~kf;RJ#Med8v`F5aMSaR)1bM4dL=qpS6`wS7E_0!7%N zIZ_B|7KJr?0xmvbd3C=Q{c_u)W! zJ$qdD@Dm%g0Cba`N%>Q{$nQVK$_;al@Es#QkfX_CdhEymhT|c>v>;3*wqcQw`o+<8 z$$goL7=`*?mCUI->3v z3NsveExx^pR4L23#&i)+Fcp*R<2vz4}x1OB*}0#(NS>jCmbq7F6W1Mi%Vir-2Y6Rk zsM*qW7UTY1&5g^4&WiehbIwg40h4etkqbm#;jLi0^^ufu5+0UBO@5o?30~=o)9nQh z+Ic)kt0BAG>A1-&8OMd%ctxK`b)DiQa$!au?pm63YOI{CB{IM`YnRqKogm-cpY@4P zk6-!d;=4StP)DPz7@X_jw*TezyRLdcoAHEj0 z3%4?PpCK6vM_jt*Y&bl_e-unFKrzC`Y4JIClPnX<`Rc_tIaPU4CeE!rvqC4&?-+ zJ?un}uEVT>B5?S^bnOXnopA_B3Zm5&g3v|{xQh)V&4jB<+Gb#`3W0UCs7N9O4_VxL zI<|3~1A(&S(+LECBS=LcAH^)X5umTmdxrX}xPkGBY9IOA>HnZ$6s!qfA+P3((`V{W*;Va>(Fh^f2+M|^k%D>JOqy& zN*rtG7uqM_w8tXT4dZwqfkTqq3ED=49+^f7_@Nl3(jzK~`o!%Y#E^odkF5M*oNT#Y z0t&?@;OC=?&$qk)g_98G6)Xfzn*0uH^pF+uf>>nC2Gh%g6AWo^iU`LoudXUphCM@$ zix?KDF34eMP;o_^;Lyw81v*=SLoVkwV}4Wc;{F*WyW_(Rn8g?Z)sO}CBgSfy@=B|B zZ!yVBL9}hG^ph%sb1AG9n_yB_5{nCnp~2&#Z^=kp^&&M0_K=x?ppjQmFRO4 z!szKxMcL#26kdqwyG-+8-^~yFB!9hdX+<6_tY5S0vv56rwFYzbMNyzJ|@K4t}4nyua%g^SdjfaWMA-qZqXGw_QsAo5x^VP-a3xCijw z$2e608zNNXeE1b}Ggptf5U4q1R!p&*NSvS}K$Lr17&~>)np{UDlb%7ZynOoxT4oG~ zs*Ad+vB`eHhbz;>{-APHW6S+a!usr+An5UIhV#_pLqW-@IfX&SayigFeri~4Q?p&ggW^9Cx80G>~0WGmS9tO(#wd!VB&u)p>8;ETl?jnyoVc)erEqkIWr=1A*ZmUY@l{B4>QV0KH6GE{6LQ^1FXq+G z3dN3JU&ZJXFS0pW>=oAo)%InLEK%u|;`irIK6lD~>wE0N@nw6L+d|S_92jgO7JhtA z9#8a>#c~t$HqN@-5DV3dBFkT+vDua5taEbpN2X5M^}ou&CDep_&Kf^J|D_v$WeH~e zKAh4J005kH008L!P&Zr+94!nCtxf)8o&d+nX?^&n!)GY?SCXNiAQ3KCGugOuc%tV1 z_=CD_X4#=3|BkqBklGc1LgW6|)@IiLcCNUV;eqs_v^Aic*IWB$*CvlPha$VukA|EP zBR)+~Zt3$`NcY&TZ6g|up{(>DM#V^!{T$qn&yx}#gWQ+l1V^{ym>!nP1uf&rM6$vt zd+Q|}`XPR6Gzroo*Rkfq37}@x2eSPZ zQN{u|CS_ERKr8i#b7!hyY=oL46pPUmPQ9W+sgl9itMDY$*<%FZ)$DKV1hs?iUk~(- zVZxw;6t9&{*h?a$dT9k0m2tm~nen8ls zJ~&oYrbstFtpcHcB>=O_V9wnVq8FfH^Xd#gRgY@`#w>mv8#<3W8}G2&e&kl%+!gZc zcgH!eNUq!Qo8V&vS8-hGUoQ+!-hA`C$k$2Mi@L|m7T3)}=nUGxgQ6Eln z+}<#gOggmg1`Wx2Tc}w+nkq&$nVkWHJy;1l92?{1OAiOEi z+USBKU)-HD%NnwkG=)UB!gtB!wktj&(~HqtNiP|fK8Mr@FTbas)2b?|o{9Ofm@7|# zU+y_7^uDgzYrIw*v_Nr-JsuihRlY5SsRP-lR%&^!!Abfmd!(P`txxwxy}Dl15RmOp zvp=s_=cMhbU$=tz6NQNjYBxF&5VOA;7>J4D(c7X!0qPNM@wL`=0fr?9c>|A@-0b{3 zH6SS~DyFE&$xEt-(|}wTK(J`Z0J{=tmvz!Iki`Zf$b$Z`-oL-K?GqX+{B;8bcQp!z ziy4`=KKZ?;3;y#Mz6?Qwwk1r$#@+~1dTpq-tw=pAE2hi?f zpqOQUMWG{Q{y{ll-bRGjJmSKbu}h~fe$O};5ZYtNBryN=%{9NU0ac-{V39E)r&w5E z6&UP2B6aC|!494D_Z|}~j1$dL{dfif#YV0T3O{qGpr9?7LK%l-2!W#$xLupLkp87< zbNm-#!DM#A=e|5d+m1Rc(@cEnIf5@zCVMGfk&pF~#%y zBEbfx&?zrGC$&k{`_eaV0E4e45ns4!m&Km?lbJrK03V2h6Pm)hKowKN97!AJg0xH~ ztH>K;IME&l&WGU0nLevr9*J2`@tEbzP`r|YC`NZqny_A<{$il!R`&$H?-GTd?yvXB zgyp7A@{0QRh}p6G&K-wAE*2a^rby>4%?ZcHGjOuHIgBGN3hOCAov7?HH1cAC?g_(9 zLf%UudtAw~Li7`F8E2v3iFRNbti83+DKm;#JHQJ;Ff1j;z-BeO_WQZ_VTl%LnMT~x zHbnDS&@7zI*W<<4X(9`HZJFn1N?SzPKmCaXx$q~|Crp=tdDd7fS!|s`{_7pl0Xt9I1pF`0GRmWBq?0AG##=ifk1o3DNdAEw8 zKeV8ytpCbE>%^(Apz%-wavh{wyLo!H1p5M_^4eOY%S?a=#@N5J&!Ks|I|hE_$#TLY z`r5&?j@ny_!-ZRG0Un%BD^$3;(C68nZX!iRNr1}Ut6NQ%IKrUNOaH;GRKFFSN(318 zLy0m0HFJU@ddYRyFGQ)i0W3piHcrB|`No!9rF7s8Y4{ukB)N#mA$vnkiAZTmY~|qx zU>mjMhMyB&zsqR3;GET-FHfX zN6u)5l-AUfnEhs10r86(U`3#)xmYuC(2rW`8xaf?c~l3iB6*IvO}WGTs}R}^d3-6I z9VHr4IFv1Vm`^lt#|kqo^WKWVA`F}oH;dFaq9$TYrs`BXKrF@Ln>|?S8gWH9fvjkv z`{RKd`ZX*X*+b;XgU8m4r%*nQUPUxJi$pbe=sxtI-HL)?Q?_%%qi?j#jV3m-t&D*~ z(W*8MC?NQblM_k;$g#74sHY(SSJhL2cdZvtAEH@&X6NC8%ZLM$Lc&jlSm?J~Rz0vr z;)T@=wi3kH4FRmBPt%9d-Uxx#UJz?xew2brkNW=tse2@*0%j#?G4&J;fv`5j)!Y}7 zR-XNqM7QiG9l~L6m~2Cd&kP;}PPI>08I7c&2f)Fou$ou2plU(}7tbbFxdrfWc@)1d zgz>XlH^{{!plr>gT~r$w3*E4Lr+z56@2ApE$Awrs(VETpBCuCRdn$KX#y59sthm$I zIfxDGv1xpIU{)c*1}^t$7R$UJ73L{40+p&@Iv9~5Txrb>h^d5%b3_@7^O)u)t+Mw5BL8K?=8Iuq5oDHc@$urnIPgRYa9`MyC*l4(XiQ zl^&jHG2eAu`Mkc(c-7QJN)$ zmkB1zlnM!|WdSrE#T=>3efjaIw|De9OC(VlAK1oV9FfIi4`h84>d&7Bw}J<9Uy#h( z#OkMBX=fJE*bR$d^)mPH>_0;s&8dFF77I;biA=cyXFFyva@u;3UO>G>Su}{}VY5e*q=T<<<;Atroe9FF4lBhw29U zP(K#i3se*YC=nH!*p7O{<=b`VSSF#+i}D&?=t6Q&G0X*|iv{&fbyaE%>P7KJg9wO# z*`ZB+oC2rbpv8RFI+~mb*Rb*qv`SmVI|}x9aKPC$I85F2QsEQ9AM0KR)X-Gh2W zEfR^!7&y2cHk0&qSTsNGwBo$uyFltFNij}Csu6Qy{j;#2kfL|W?(YO(b$H%y&+B8z zR`DPvEIg*!lj+>t=X;X|=t{$hp;IT#`AScU$}(Kn9MHDjS^*PMZ%<4^igc1bpO`6N z4IPQp(RrDNDw@R?j79V6J~lBk&Ji1OQ`DzDzA#*IXw?Y73e9j4wv<)5}-P0*1K zmYUi>nd|5#Yh?! zB|7rr%N4)$4W}zaL?LB&Cx*~3G^}!v-j0j!xP}n>9PbH96C-i3gFH*?96czYy%{9e z>93LipfNK+LaLJ&duhF@T2W&E^c0|9n4A$pni4w3mnLhUjx%P1vz}68w0oqv?Yf|Q zLSaL{H@cu@&PphoNe%P`bs)iQ8z;+kP|^5w`z}Jz17lw23vlsC%dh+lEPIVjJ7& zDVik&!KuI}d3;5hj;`}*fA?TuD450lYe(pj+NUL`y%6diT!$?XCgK90;)a|0ZALsY zFs9e&;}>E!bEw5w!hnK4x96?!(~p=kbTA97#)l(7&D=?DW$wuOj0bO89;PTkm%%W> z`14O0lq0dO&Qc!`9o@Xt zpG>_nT>6Yay~S_WxZ20FGJsXBGV0t`vLz*Tz%i1x1e-BH6~=ZUJYR!4p!J43Kdo<#+NJvc>3Uy}_PoM0=NDp}4R zV(5xgha`9XlNyGu$g{ z-+uV2Rt#=j3aeVonzmJp2k8`7NJ6hLDdTpW_>?c>SEhFMU0^2^ALeNpOI0km=8(~T z>(PDVmvNgt1KF}*`_Sq*-~6ewo${i;x*XJ5ebGhrlh3j=DSLwNPLxySV-Iu7y9Nn@ zsaH{-YD6N@JjoY30!>S3uDGN^jr@nB7GRCs#-$FZp!t3#)S_d}723w0O|ZjDbN}XgSMg9$bPdFH3qR!u6I5 zziH1KR;pKO0^SFW_q>1b{VN0V*LGo4jE58f1OUJT2LJ%gA7((D>}(Aj|3m8ZLTlZ2 zpB3Tzj9TfXs{wFK!x|7RLhpL2kANO*U@q-X(*kVqHC?vr9=8xAQpG|#U9Sbh#P6eI zdz1F2?5P9sxJ6c2V>^d*5RO!;%n{-sv5q-p0tl0Vz^F`SyCoiR=LHnc13m93gBGo^ ztJc^>wM4j3t5LQZ31ZTc^*jkK?Q*w{OewP}gJIIhRO7JRjdFb@Tygd5HR949g7qI% zdsh7o1f`3%;#gudYeyXpWtpZr-kQ@?mlD^c&mfJN%7e`Ku|DzeJwA9cfwnp1hp->M zWvUcdlCWyjD5+G3_U~?;92sroM%8K48nRjTrT1CjF`8&5H9lxfMJMwxKTgA{A%D=vzm{@_pT5^F zgYwO0p(PnbH`ev+=lw$}1AtFH%?T99u{K?OvNLFfo5I$*9Z%V>vGWp2y(~`De zh-w)Eev`O7#W)*riOJaHtZU~b+*+i4Ca&7lB_#|EFv^+~_*k!sh$b=aFi8xlf%?d1 za6A(P!q0kW*KN9R4bZRhI;SMWOnKahsy}2kK=&J#Gl(=&<+V>+mmTCLk=sFfwzy~; zfFw-CUS5o__J(~}NYqh>Brl8RX)W`;Y5>%!6J^ z>kJYjCYJLo8iUo#n6MCPs97&qU6gco$rv--XQ{aH}Sn7BYa)7$8EJFlHI8<f8y(B*|fj#_xMPeSZ z$;_4$aK?<-Kuc9b2@}lQ>cATXv)W8$zq3gL>;lO`JBFl9(+80=a~^urIsiv5AF;kK zPS~{9Ru9Opq{$ZG3z&8Rw=6kOFroeCX;5sNBZpm#_nUs$J;@aj`*OGP-)i`Sw(skKQ<)b33P3+ z2P)YSFWgl6xeclC;f^lh_)o8!C6UF}$??T531S&6aH%t<3$zYw%=vw<8ij{CO)2zU z(rS7h+@Uz7mSg<|zZ3^pArv8*?`WKNz{1UD!>jz=$l|EzPBM>4fco_9;wAz+s)lcW zPloJgvU+EYb?mj$Sk4WJv0i9QJMCt-&C!MXW5li-WuDigjm*I zkoq*P#Wm_LT3w>{S+6InnPtqErqoElZ|+rZBV5ltsL$KY30oj$YzJX&!4_E`@u%%~GaSRL>rv}6hZ`rx} zoa#pfBTBABDT70G4<$8Wy0Z;vS2?Y?4IZwYdJ$H~5T0`#d5&mbrJeN*Y1eS8*r1$@ zx#5>RGS}}aElYtm!RcbtouKdk7=lAzV9CMdy*}y`_K-WC&#zYQ*c4jH z0kW@anqm#w<%*aWT(q7|WaI*C^{|>+gEcU68E3@>4vZrFLO&-6V0yDIJ8O!PDLQPC zIhe)3$racmK&ULr$m>saA8RB`OBI*wvp__Wy#Q>^&=@-@BXli(VSu_G)=!cStb8P%@|Pckv}Zn>(M#>PaJ!a}VW0nP zAI6WqnLPKmcQf$!9xlTl&O&TWoZajkt$sU3|7$ApZw#A7@e@!$ged$^K0`y_1ux#v z+7^-}FlZM&geQBmNW9;3{io6q$=!`QZR?tvhl)_iEhqRcK(2+`3Ntl0r%aN zv20niwzcs6>8+r;$W>Yt0%S>|_SJ)HZTXh9=ipA_6;5N~zn1*%pA)iR^8L%_-`=f8 zJOBXNKYSI6A_BrPB6K#!|2Kc^l!lhmdMm2WaSi_kxE2#*Q%aW9=G1iQqv^gy@|5r| zR$MtzFbQ!%86<6hqwPVvG$W6o?-{AD1xY1r+yo$I8HX}v^_88u4c1$H!( z>M>es#kvWM_c7juN^uSQuh2KWRv#r%;f1A=yQbyfcD!i!W~il%24)39^a9kCGe#^M zQGO6F&_rxb$;I3FGkF`;z}MU&7^C=$xm^VohyZx2>P}}x@w#0|rJw|p^kUKDJFRlc z^oG_X?W<8MED1b#amBN4P|OgNMZAPxP|J$NC@;a5%|%=+BrOZ+hsX-SM^@bex=is- zv?S~%{N_1v>rYDLmpp2*#u*FFB_5SvzC`}XBS`&Dv$7guipS#Il`R3{&3i;@gbuDO zNl^yb)Ky{Xy5M~#;-)AZm}R;i2R0gU6Z#uu9Q0OKz3gd0!_#XcXqnUARY{r?O=UxBv+SOBsid z+V6_ux3UqWqu>(E!3~ZBM#9we5mH4W!-YiaO$1s{hWw!reIoZ64ibZ`+p5wsB-@?#bt z-R+{4-~GCNZ6A*skNKl<#~z&IY4dkxr|X283g__c0DQLx=nG*kkLo1>j=snkv05At z=$7Fd{K18^kR=RL=AbqQqa6Rtv^znXcw|d6()&Vy-o6eWBCsBKK*zD@EKX#P78b^E zAC0E0nofq9kWCS;8ObOEA%oJp+Fz3R4R>GS2O`vKjVH z2uTC%CzEs;(hBM)DA-Fao|=Z8;;o_y0Ur-vh{5ly2sDnx0aA&8)Iaj|rF+Uln62Ln zZkGaBa5NbHbs1h7mkctyXSaeS-IhYmVo<5^Hif#Jx%HkWawueMv$uCR=W3LV=WLr$ z&>%~|vYEyVAG^}Z0XZ>nGi7Xchh%40Rol`v5^B@uw49UELbo>Un}M%s7wA~kZS}3! zbRsJP0y1mj%{Oa!7LuO^SSxsYb#V!0g6cFY@&|BB_-RQfK*U!2TqJe?!ekKf&@;&? zCY3T77G|-p%}>c)tSLDOQd%26Qwur;=@uE3_7fx^xeX-@ccYk?( z!JNR#U`}->x<+5}G$9{u{nJFj8X!8UbJ>mBhT*0V~Wl`k?^b*-M(!DQcr2S zU2%e#>q3nqYbBKq+jK(GT8k3hF}C~RG57}+2SDG>cJ78+-8OX5cqz>O(nd*X7Jzy# zg}gEJ93`=d>+50}tE4I>i^E=+?-O9J%k56pOOu6X@1$*jD9!C=_4+8!?d3R)+%#;u zU|&`s{>UQ+w=^s`GnnHZvE<}ez4q3ww3xTod$@k~EVH?`Ser9ly)pIRv@+^lFRu|( zXb#o67WR+oST6^@+hp8pjAj`C6@+8mSYQht$>&jfdNwPM5PAxrvfga$awEEBx(I}x zh1PNGEPjEC>@b#EXUpGsGbQ=X2`@Ia4UDY8YLtLY4!2(fr*M9(4LOpS4+2{YX?Yl~ z`mUPpU|!JH42dQ!MA28JVXCJ&D#jQkE;-%E0Ts(O3+rCq&@0?61=VDRM9(>_)<4Ud zT%B5jB8i3N4^S<1W;X%|l!h?c=n45%qSbV5SEP18vfkCeC%cjJ9gUXGp+OlPCeFd3 zt%bwZHpZbL1l0NiT8lkkXBho5|0nT3&WuVZ@?4&xuO>h@U!4Iyw8U+X+C8;XdgJb%16!2hznsmxqP!A=@$e;g_oF zSIn4i(Jn4xZIvyTZdo5T{*3t3A&l&8g{TCR>!!n2wCzX6)E4o28~gqHhe8w&&8{T2 zLu4BH{E5$tkohNebWM~YWvoW^Y6bFBC{{WqQ6{=N3c4-JBvczm9qG{G#730MBd2tP z5mtq%v?u@LPIU3Y6-x>DkhV0T*-m3yLn@lt2al%W` z``Sjfho`@-EsnfW1#44>6An6kMs9Fe6biVdiLDm+8$VY^EJfT=_(I($3%gS+m^pmP zv#TSI@U-D54vJ=bkcIinjtpZ#>}oY;QR!jiepwD8zJ`*uK0mE-S8yx+53t(2dnL^Z zAMsakJJ3W-wt_>;=_9^;l4}x4P=p`?h-&H4es6`cS$fIcc1dwU;wKcPEo&CVL?xEC z+S_kff?$v3rxu9KOLh+QCbJZhGCs5}ARk_aWamiZXg(Z36}1k6Y59Oq?}Zw3S(~$# zuTVUW$K;srM0Z=TjR5UcGcdqz$28mal((nQ@Khw7f*aJvn=r*2Nl0Qjw!Np)K&%b1 z&A5~BeE#{}ve>C>0(`KxeV8hB2{)l=dhM>TE`Yu`FC z5}XsGqdmXgc?Q)VPfFXj;f^Aj(lWyQ*a1NLq_~R^V64nunG5s?R(-oMweq=HjR1wV z033$KS*Jytj{zK~+>rUogz#u(SWKJerI*_*%ObIxIK2ka5jS3UD<-7;-f%(>>_qnP z51}(|M3#EoCbizh;!eS|N#0V`gcz8Pm_LIvvw{wWUw#^=Z*Oe^kR=G(zkP&wrmeK6 zn?%B}?+7#?ndZiRvz4-8K*7`gm6xXI0p12Zp!2RxaqXfk0H)+^>oaZlg|z3!Q^Vmi znDAVkCGeu-54LR@jEQ^U@NC);b9Vim?C<3Pe>t9!dEX5gl6HzsGX~y5kbuJ{4Qt1%YlX4TZK@=6O8nBTfDdpZAjbK zXaF4}2Wu{=YYx}WV!&&xv*oIup-xcbE^+xJV#RB2klP@B9>I;T#sss2%YF!SQQznD6<@){5Qm`tHIx1;RFM%_M)TicvHiR1MbCr_bX47JA@MZ(51^@gd37r2)5^EHizqQN$C230o_le2y2v1?f5G7*{pfNLtFy(@c z#za=~QOW$^`0r&BAP^q#zbl%<_#NF}2Lix_z+d-2E1?7Z-z9YaqkQf!(!VR9``@JB zFA|{8U-u75e=n!|&HQV1_J3ji&)Sv0Gu1%A%e5y9ViyuVZ8fAThs z|4&K5pYi@_Q~o^?KMC-kZpT0S8UMMb@ONqm;h$0e zwZrgdasD%Z@OL5%)t?dnTQ=d(0{!P&{qIOaH&ZRP%Fk^WP^|BiHJ`7`7{)cilk l`9GEP?@$BQKZE{LSN|Oq6zne*gZ}+F|6RJv#P-*>{|DyuoY?>X diff --git a/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip b/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip new file mode 100644 index 0000000000000000000000000000000000000000..c307c9a34f0dabde986160f8c6c69ffee27398a9 GIT binary patch literal 15410 zcmb8WWpo_PvaZ=;W@cuvEJll&nVFec7Be$5Gcz-@WHGbFXt8v?&%I~n^O@PRJ=Lqa zs{iD(qB_@GnGx~INrHev1O9dNakH!a*UkU=A_d?Aj2umL9nEb_t&DZ`4GnFbZJczC zjP0y!-K~v(-+t9)(`EajtONxB(de!<{@3a31_J;B{Rsj9fcpF%NACCNsK2j}|1~;1 z^H@$CC;%Wx007Yc<>%p+)9_3kNod|2>Qa8pKC4nr6E zMiz*U#e0;P1U0~+om-;{d10?2-zb8$y>nhn5-*mSl&FMN_RhiowWDFd0aStB2D7u^J=$WxJ9U9yy^@| zE)@-+DTCK2^wd&lV2yN9uy^WuQg^bwnQ=CXrzR7OXi*?aFRUNEuA7F6{8c2-xkJsS z#=wmEfO;I33|psg84ow(I0;!lMi0u1iy{@8tC0WDo~)|A?13SH-z7a4QB$0s4i-<& ztb6j+T_TAGjNX-k45Ln{MqQj*#^={!;gGpLoDhwzaP&9xiVw!*YTeb8Pii^>EFY6k zJN5CNAMIykd9TLS_SPn6u{z3{rm&u`1RiagU9=v=QTknCnL65wH@mkE^0nsF&lnna z{e`LaShlPZhr;-=@F+&qiLLS<2H+Et=Z+zz2CZJeXTuJfR@4{a>QKTg zd+*FFYaPWcXSbv3g(Ax}4TUqSC58}$msaT!&=kcM62kqx%L%SknpUM6>|Qq-$2>Fo zDCp%R;BB2^gij;1^AXh5`2=Su6%&zTapgUpeDO*0GiM<~!R3j~09vner^~T!eLjw3 zkH9b~{>{Xdw7jjnVqLmhx*1RlLijIWmmU(=OROnW#x;PRh>u%g-p1E=FESq>+W~*o z?(K~7WePgBR~GtKuvqDfRIIOZCA8p)L8pW>dvp}}4f3oG5usmsEXQcvn4f`BXd3MRwKSpS)qdPQdl|wK@MEuyi*d&-38gS;Ok$HE! z@UG^2P#ZU;55;)iK{f4P7Gt5rBRcq8+MS=dmp2X)&r+eY)W<^COcyJPBbUf_(ciq< zf~q60CB7Q9SC*{KRoN7=7wCu%Ag067^NtEf!7uC#38Mv-vr*_k(3hLohSot7mmrQk zTG&a{BWxfC>(c!MCg~^JaH@-$l@iQ9hYm4qk`{RH{#iIHgI#;C6#}stq*2>z2ZO%S zq$lOTqa#;WVzBsL15CkUwgjgD%d?A26)4*+8r~m*!xWk0NPvEC_KX zjLi}oJ#8IIg&N#om}YbE?5$wwyl1EQmDF+@$eI*Y@hTG+JtNDaE#GBg9PG-MZbOXq z2Et|M=eq6Aqii>X?$Yw;@EW?imyfeg5L`mukHg3y*EJ*=p!F)=?$rXl*7s8-Z2YH$ z+>E0)uFn(76WJ^ha2cO|l`Z*ZI@bZ8e(i$C6BV>yJE^emJ|!lHu2-k(t34bK5H}B? zLs?WC7E5uq<6z-lEkB#&5kMHtU{(r%HObo`*s{$(oM(PCyy0+)OFLU#Z!nkG6`TWN z#JqbyApR7-G7rpUe_#M01quM5{!8IAa?t;8(fc>zTBJN@v&Vqwbxc#aF_8sokx%5}c7t>?x#ppAAuzSE48$zUozzil zIe%q`I%3kp{<-&)JttZ!>ezU9L8x7T3N8K%vK+I@5`~J!f)YME)mQ#nwbRZr!sW&g zZ-hoAa?yZUB+Rnd4yeQ1Rl%81V_*yVBta7&lRP0^H623^75ifiLoh~9yaE0|t`-8h z0to3{i8ORjOCnKK3sbw2EnWIw&fl4cqhP-m$EqKLp9Fb^D7=yrptV`CZ8+Bqhwg`D z?(ewSR$m@+y1s)`EDEjNLr(`sN|vT;jrqIBw~*f!4g0qPRMhXN<)h+OYgAJQ4dA>I zOui#}T&GS~Y19tiAnU^LhTffOx3T!8k_sStbD#m=!i+H}+%TRe_wOqHL=@G0q?0QH zd()1LNb3xR+s?p($wNA&107L~H$3lH`FOvHgAL>lHV@u_jNK(TCsw|C!@>DM_1-Pn zs6HV}q}J~^lVZ&XuYkmuLDbT(H#|Zh8F*lEWZ<`M@WuWxY*Hp-D}=kdJKOLO>Cm9Q z{Z=v238Jq2_nTi7{{P1;*SG#pvs`uEW}N}{`<1HOmLv@6C7PK$;kqF&F(l}afg)YK zQK$nw=F3&Vfuz-lOacpnFv$&W9IAUMWr9P{+;#=!9?fiYRWmJ1kc<3XnlO$H%B)wJ zFI2X0&w#+p8%sM$G@5Jep=Wb_@o3r+)*^0Q04-bc`n#t2-I26Ge<8YA5Z;rLA3Uvo zqHDF!Y>oOoAN@uM3YU$fep>tqBnQUEO`vU@e%;~@c08#XU6^}U>q}?*cqApNkbQH6 zAo46KYtT;Zq(d!^H_i3;^b4D?NzV?Th z!kU}+O^I273(d6C?7&{{>dfb&dtG?&dAk4)%ruOlVB!_2u~GbaQetf~|2TfSZk^Em7cda{>VxXF6cDcFyOuDBW%t$PF3 z(hO7~FI*HVQXFq&xr!IyI!!93hmiiB<33%k*YO@I;wXvtQ!^(MwIA4EDjmBTpx8<; zOzf6yUv}&oQCJRyFY?Mp=A4eqMC!A zj~Gd#nrsm;#{Kk2fmMF%pk_<$$97O@Mq>m&LO@~0X=NLgOZ|5gKVTmXRPFW-6A`sOzOK@NVX zj{TMc#I9EwwIZ-{;^cioK0km>%zG$1B4&chN@zUaI1cQmXUJM*RAD8!_=O<)R6pC* z)F>`~oHSqDKExahd|^N|NuW_95>5ClFh}HwlGRP*=mYa(+HRIpucc&=k$h?A(IvuT zNPvx;FA6mZsTp5gA!XkOWR~rGSH>nUdkbK=pjr_PPh zUB%4|R|rC8U=ZeON%kPW0958Rg~9Ghn!vSUc-`f)MA=?8MJ&Ux07LH+EWbFN&x9IpiLtj3)hZpxHLR$!1U`_u*8BFc}wnhcB>Lv)WiJxxsDt0??V78pvg#7@>j`mQ9^NOi@S^!M5dB4x(6>tJbKv%v0A z`e#@0&`vZ(j#;HZ9V=R(XYb#*(Co0@lc{z*Un348@j6-TXp*;3@4CX2gC>97wqm9w zb-*UHsiIYNbx%v!CJZaT8gD|yEj3Hk{d(ra@omy2IihSzET5ny-|!G-*Zt093pd>? zXsa+Ghf;yoDx&cTRGqYpEyq-6hs8x|MFw}E5}Uk5-bhz60ZHFqMVgam8RiXf@;+Ma zzk~=Mu@ZH|)Xv{yE(T@=mlsp$B^=AQ<}bp%Eu@(;XhoqdoWU@sTYkEI6A>TJq2!^e zZjQ6t{_es$u`{Y3*U)~$nvlAr8wfp}$MQ4%B12U6$DCY0bCoh(c$A6w1F(;t0#5>T zMarilxJ(Z|3N@(8nQe2^keje-pPj;s ztAw!7m%MT|zly}LP<~>hn>OU8%W{<_Sl5#Zl<93aoSOIm;sMc6w{6)$e2|i^0Nny# z5bzrE?GdS59q#UyQ{}Er-7F!w?V^|Kcb{v8z||8rv8Jls(*toyUk*%GAq(Gc&K~31 zz2(Xy^bXDj{BR4EYmz^xNqAlBE!Ks2$JR2YoX1sEc*NR?Uj$1ozWga0v%c?+sfYl8 zqc#A*@RzdTqVHg?Z(wEoAF~9wmX7PgHyz$XK|d1>1O$ljxSGkwmBJD<_QxO8Y%CdpIe(<130;2ng$0_hf-ERuAZ;$n_ZhcS{w@Oia8D0BZj;hVBAvY zvruj^UE7AV>O+}nIfli^RQ(*>zn&(=-v_xb!w8RV$FbZkmI_+NlZa)6Q1{kLIP`*j zS83y=gs)@FhU39Zs}E%QdC1$s6@EGx*I~%_?`9>`9{Pt!73)L7ESvyKH=~aEb4*Gr zBZF1ylH|@*!&(bAhbt7L%b$8ihEOMgvsdAZtFcE5AgJ2i*a~O`-oG5^9>a#h1S(uB z8MBv!OZL(UEGprB88iLnit^5VFabLNOHk4BsBe2kecaigr z%vUrymkdUh1A^<>ITc<5^du#ggs90J$Wl@N-Db*9ndGw6h#AYt@arl%%#gf7OF(c5 z+2xbV-lQ@PdAHnHw}|QN><62zrclCw5o7`xQh@RG7onS<&oeW^3QLbE=J^oVRT;wF z1a$I5ew6@b=fUi|A4r}+2F)uoeAGQI{+P1_b!-?sZfxI%UH2olV&|?gdHAN44$KQ1X*ZhSQPDB~U2PS6L-W{5-TxrWK*`c=@&K^SsAi z0PBhtN?y_F0Sv1xP2jRaY={+8w2l33bMjjE*<=jxnfFEU4ZnO=JIuQV&`MGgL0ezg1Zx^<3P zE_!v#NNcD}T+q8w2|!r=)gZu3l)t>pJLI8%!7skl+AP4bWTR~0(@~h7pQrdIW=2LA z6*+oJ_HgP`=l}$Ye(2*=BJZ+JS_H6ILk5~N9M=2wx3+!2V28bIpyI7W!g4XA(A6is z^^^f{1T|Dusy7hwc8W6#p+8SaP+s7+1ATdev!Pz&v%=&+&3hZubG3nNF9wQP_Lt>5 zlII_k{O7HONzB48j2OGL`{MSDa)Dsnhl~UAUtV4E3meen>k1Yb9cIQK}dBl~AFPYlG6)3_37y3${?&J_(Zl=mdV(IySif$Fv#2Gl@VF zJJC~L9+FK*9kxjZfz%w~CmEBS{JWpb6=Pg%mSCMZLqEpy=_@7$Doq0WVP%k0nBc8Zn?#d;oLzTdJ&_K zjnPJKM$yoiu?Y!1AOd_6(%42$UG;r^0sT!PyxR6Fl9{8ELcmpmo=ucsoNbSJdhJAu zI$W|Eh>=CD{^A5Nr9ibzfk2gT-UR)bMmIMr#15D|a)~jyF8*wnM;G=YfhT%S>y+MY zze02xFt~x}dV~xW&(Gc-(pSOW^#rX91+7%ws&H3cC}SaH)B45*!{Wyj&hLu^8kj<+ zJnCspoCU%3JLpH0F(@YT+XJ@qFuebD~ikOwEUg>?bSCI;CO)=mYf8BCTDH%9Ox zJ@%XrK@l^3mbpCQvmRp6OBo^fB?Xa;Zk)8Cz25!Bz|F00@x0%~3qRam?vsehO&sME z^zMvR1OzBJVBnxgu2hRl~woucuh+ zV&`oN!3H_D4rqw5LLAxaI@_7=gz$U9@7+@s1w64(Qrk$w`NF?y#7IyIyBGogcHk_-Ets_y1oaJGMeGgoPnzT zGaJ1Vx4webT@l!2kbd>%@yP=G6PVg_Ymq)99svY%|IRL(_SfAp$SdsnJloSvWN4`I&{=zRD{10Kn3TF{Ioyi%TTv;*K%qH`RPksT z6O>UuTy}kf6`LEt)1_x)#a)_jY$%jV2VRkf&rv~>ikR%PHe?lv6{kd(A98@&Xe2g# z9r6A5%lj5ZGiev1r?C*MhauK<<4{zZK;lwEc9wCDgW!WV6k44?xCnDwuO=Bp98JgP zAPcXUOkIk}au8Jg&$4QTC}gi_P#7_KU{sVCLm!h#+;JN+;1cj8u2{HkJ725S;!RDi zz%;{WRgRMa&%eDG|764sYa@{mRF2_&S(G55TwY-(YQpo%zC$bMCp>i9DFqohqa9LQ zRZC>{on-|gC~ANchNj_S&A`PtYN>BT)K}n98L*7tIp#Lu4)v=-Y&YQXp>lE%Z%F1) zGVftNQO6rA%&^FNEd~$QcTCtUQrn1}h&G<8Q|SP;5RGegXQ^w%6XpcAq>bv218L}2 zH*aJQmZJz7TQ!rKA`pUlpT05*SzQ;v!6?6ySG1sFOb#E%CR@1$c(^=@+ZV)KtJVp0 zcK0t^HEtKt0>Q>G=-#Ox%I#ZI-08RwZ6{u}9$y6UOm9!&E=&L7W`!Ml8Z!sEVKp{Q zzyQK3NYudPHqBy@ms4SuOv_)X0!CGS=?9chOFB#Z4q6kn`)G2DnrB61X=hY2QOJx^ejU1T;2;kdG5G*7g@72=QIvjj{yfFHm;5?ZFFE0jd?^Khcl4*MX*1A8p09**lj@~Zxg$pX1SeN zSbaA%oYm9J-J|~uX*9d~6-P8AnJq$+nTK3m@o2_rNG2!Wd_GhkhPwVP{FTO{fByW3 zX%LO*Q~D>na+*jw2Q2&)a660S{>2>)M29sZmQdcKvTVkq&M-s(6(c*~K8rM-^M0&$ zn%c8)!L)<}1a8$CK6&TI2`l8WfrzgOeq0S5ULQ?6tAid~UT>R(LVy@hJ~0~c0z1u= zi9#aaJ$WucK|`k?703=FZZEGXM5Cu@h)KFN!^uZ!A}I}Ntlh0nT8WDN{YS(R?>qY{ z`x7clsW$%!xXIlmq-DB47X^}Vv)vj>EWrY5sPnBUqG~Nl7jICEsW&YYrG2FHQdm$=64wAq9E~?+>hG@P>{Any9>t zLuHNP3&x^(HE-+a8K>|K*(sXS9v|2)ny(&ROG)51)s9Kx9ZRkAdzKGXt2R!&$~9dp zAI}x~Y@Z!0^`6rv<83w{^bd_VF;mLFzO9e*wzu0Ded{ps3M~Jy0dIndc(BmWT4S!G zpN#XRDPC!;Ub@YuTb-U)R!Og1kWCtF9AjJFyIqGHBKV#CaVr(P5oye)7uF)BL*KYb z07D1$%{i>}PEv_i&~z@&ye?$yqPFoew1Gumz~GRC=_Nm`lVNRxxzstO!cK7bMj%`K z+&7#iA0COE)twN`u+Xr=L3TSXw&M~^;(fd)C`E$I!4CQ)rG4}ukN&EkRHwH>3P5LO zf`U?`DE8ERQL&`LS@Ym$SeTp(Aq95F@CoV+Nn=_1>6_uemMg3Z+h z@^zka1iB!fmDJsr?J#3L%RWZ3fj>Ko`#Xyfx4mZ5a&7K)U0cA1(Ti>k2_=G!gx{RC zB6#pE{#dj41btCtXDbbnE#K;9#5$`pFHVG>i+*KusR%*pNm)S}C=iCqtQN;Wf8Hfy z+(yaLfK}km5E(m)t9?z2uqa$Ja>}cD^JVExrrv;e`cd~#6OJ{L^u#uf;bRm_Frs6D zchdN>6g_?CdfXnjLXSDoWf0&(Xb(x^wG zU7e-gpeQ5gTz$|@CIt~m`R|o5E{nH4or35`GPJ+g8ce!pcIt-B?zDCCQr4JyrMdJN zfqRQzuko~wXQhFvTBX&vE$QS58|?5z&KNXI7ee!+bHUtjGwd*I9h;)5uE$|K>0X?F zNrF`E6(HHU>z*!#o3hxZTHF*>j4EEp_A%9Lbq;rBVXDDYnxr<^bP#==s z^-rp2fC0H|Xt7#U>?&ap@N!zIx3R@gXmjL7omsT-8$WFIPeXzGZOw2muYSq#QK=Z* zxD-+`pEYT#7!TAgu8@FPW>UiIIPorDBB)I1?7P5;FFwrEG?J`XaLFd8`_iNH$|vnQ zdj`5?&i1a^alW~xy`B85x3U!2S$)w(y~b-%nwT}gdndxF{Jw{^-+YK8>qxV zWT9M2!CSCGlan&F8jr{AQ--K^m!a}Jg|_}v08Y)$Me^LU^U6%>>i)n@^9Fg+mT-$} z^`z^iQiVn%&6>k|o8t>A0uPt)zR7~?u+nnV4IO9s%!6}aXkSQj)fza>@JLpNV_VQKJ(r)leiw!_$WN`(z#75M0`Osr|x;~RUG@OiW- zqiYWgP!6;i=5R647>8_fe#FTD9yBJ?-4yrO^L)yufu1+iLG#v#6)TjYT4Frtl}H=4 zcu^^ddX8A-cF9`@rsUbPzvmAd}S3=_sPx7yaP-8ALNV-VbVEjccg7fSK zW8~Y>lAFwDdkYRK_OkvpeH6LcCB((gZuc2pPw#hT*iLucRJJFdl1&10au%%`dF-lG zAp;fj;QV8Hjbs2ZkuN?+kB9)!uzJSqej<@MF zW-dT1+Sc9Tb)2)uGK#vCrIEo`@1e2X7 zC1u_(7n@KBZi}9QQ`vOgFnd^ZDaoLP6PJmIZ7SS5c#|GPM1qEviQ2Wwpf*Qh6;2@7 z@0m(nOL>XiSkR69*4aFtRa^0;?>UG(7VV3iiIP*&x1=xJ6%jMZ{O@bXl*L}!!Flok z4|AmJuSAsj(8Q|#rfuQa^)dx=qT%W!?WM}A5cvT~?k4T){qWTE8fI|%&fo%WhqPmG zA;){{(_k@Vy%?;+v;=I2%je2SsZzyY%#0Js`22KGfgMpibRjNM z!cb=)m$N3Z{l;0c>?b|QklS`QBJ#58FC0Q|MZS$x`whYyIOHA}u?=7k+OL~WBPf%b za-+&Or=^guGHmp~{t(>JS3)A)M7j8{%CV((UCGsSmuYJ=5+0xr4i~U8T~Sga4ZvGy zs_#yOs*a$XwmI_Y+{54Axm94y1EsI@#*Dys;T=Umel-#EQkH7Qe<<7j*h2{@D6QdE zFX2@d1h0grq7EC63yNR9-e`Q5dx$DZOPQt#ng*>Zy=`h>TE8GgCFV>8|JK zl_m2WPKf=E!+F~5^xB=)vcC!wyj>J{x!TgS`-_p&dvxZ00^dLot9=vm>>5_o$+K2AC$DFJS`qwsYHTe6x_3p?9&__=1ha<`gTl^i} zPJkow;bH@viq?0`HHfd%sqxte%-A8T!0gqGY|0M7QPMMD1W{ev7jKJwm@p)X^jKx^ zs9sT2mQ2^x!EGAH)og=@tEZww)zL)faE_Y{%W#hGEvaWwCFN1TJkPr%Ke9zwy~aJN zbC>!o2f*G9-WpbR4cdnr21N0-9oO>cIvw@aAvnON?YQ1=vq##aeM+h-9&*{rdk$*l zi^xn228P4$(0Ek|t`RS3J+ZL}>Kt5vA4HBWE; z(Y+kfv-8LU6%@zhw4`U6GiNnqpg#pj=(;D7E>dwZ9CmIBdn-M#+Nl z+f!Yz`H0*ty0iOiv7B%g-^oRNY^+aJC*EV_E7DKFA`1$sO9YjyT%8~K+Q)PF2toEE zaINWw9%CMd&Z3Ctz%|R*>jsv*Cc-{GqS6@#-3*7K$;It2a}hI{4%}KnvZx0Zf1cU; zC)P2VBNd)2P+|-E#C*NN2n$>Q_+ZZk>nib;!i?Cpk9-oOl+4u&o39)YWDhY{40-(c z+B2}%;%Q)z$O3bN#!9=sQy3;=!3j}tAAo8HuMaq?e2juSY+N-ipiKAkh<$GFEl=#9`a z77v9r6H?B|gF8eG`ko@cQ%cDkR?GGcj$CAOrm`~!j`lsQpa#NcSK6Xw(aOf$XU$7q zWs$42C>Yp+RQ0n5&&uL8bI;z5)H96M*l#uIe^jJ`DE2R(em8D4;sXG5fB7gBg!zS} zh3T!0{=b@Ir_?na*IUuNk8AiYAT*g6o02mnH>ajcf0^u?Crt_cWW|#e0T&k&kVe)5 zB<4H4Y+SC7%rDAY}0zKwlb zs1#GT`wV&2ZS__Z5nA|Ba@VvJ)Q%tJ)(rh4y@6St2%`XP`HT_UT7(bO6D$FTQ)2Np z?o7^FCEz8u2-Yy}Vs2NS1=1hEvbxhrL9A{UN-;3rIIURZ_)fE&Dy^Y4QR`~d5?dS} zK}_MS8w@KLbrC=QC-jm+G3s-WMRO4s3u((j+98U3(2->~zYbHJBONKbF`rp>?E0f3 z#U+nwj8Xc6Q;B;exDT;k(gE3?1bJ1IR}H~RWEyL;PCY72zmxhhefoiXvRo((D0>se4oYLfn&>V z*DU7)ab==66W9alf-zDjY{z}&<0oePGOd2R#Q||LDYBijdI-g2mVz&z%OnJK>l+cN zYnutph$EG7F#T-4f%7*ylTlO$AQAWCCS zcpqHh+maobf&!8gx{qE5f}|Zcv(V_ z!Xt;u>e;PeNwcApH6K)LyiKMlXKuaci5LnV+wAQf&b}ID<2lpuP!#eOhAoxS?&P-2SI8gDlm!VJ{PGiK!_YN4rV4P*|<_V-P|)mO$(=*FOO+ZLUi0`3TrX zU=x|Na#O092Hmc?rh$f4-WGpV!@cLJfr0ebQZy@%ZBL`u>Y-;cCvU9v`FGMDrIOEe zZ}aD!P{YX2?DG_f&6?LD2mQm8un9ET+sL9ff|p{b!mBqVk? z9j0V~qwKSThJl4vePUYRySNQ{ko^A1aL?2GT2j{iLTM- zJPoLaTfbBh@CL|Enp}3nwqf|Gj+0u%_2{Cr4`h7HMb|IeKr~ZYu2-C(W;)R0D4L0- z!`7WpbXFq7cZ}`6_+R}3i~V74XFGR8EN>gSXg%d;e`=v7H}gY3l|tPZc#M)-$M$ux zj8#$>lgHvL%=huL*X4Gn=%&gbuy@imK$hlqvwFUl=k{`(Mr;~1U9d07lf37VKv)sa$($RhrM+={{UPd6ZdSo3GB9tlXHmb6Ohqu9w${$~T8-Ukmv~cC43! z+-)-MHAb-vfC<2}ZY;0`jpXyFK0cY2hYLRXQ(J8|cDWMYGF=3~%))3pbQV8DM|2oT zuCwKDyqb`H=R^>l+6F;UXElt+p@82nf|ox()`A*I$Onb1g|avdQ+ZQKvo|YfYlcFX z5~S>_Qa91n7!_rV6qA^4_f?4mx)WTxNbUZMA~xFr?yDe+t}~l-sK~CXm=%W>?2Ys=1;tz1d1x`CpIFTe{o8MD zLa#O*0>Ry5cPVr+UJ>-jQZ3h*_z|Dk?pU*e}aQB2ZVf(&M8u>I!OQ$N{g-yI0hx@D_W4umwxNVk07DEUgshet?e~%|n`MyLZI=)uB6&nr+_GX(NKj;HtG)e#Edc(j{L~z& z`G>7NgYhh-gtRxEGw8dg0r@%dIJ!3na7C@XKx#e^^jo3&T;}Gi#S1i#!!ZTc8}Z#1 zTqB^pY6cd>^_X_sj_URl27#KiQ(%L}XcM-0BN16N+otza3YfJarWtP%f!FUIa&`Zr zWVW34I%_N*Q8fDMjeScPJ#G53J%0t>Qyt&2xOz(L{iwzja`j6mX1r5ERFuc(8_%HH zuanaDZTO?`rquLMUv>a!pCoq?BCMt93v+=k;fhZ;mS#RTt09o!7QlXJoON2H`553Z z<%+^vCWucb&0^9#FSXQWQ5J#I#OXPZhP3grTQMQ&`-&TKU@N>wa0rurBmASsbyD+9 zH1-r+i}W=`Rq!j*5%Wh-MrPo_@bj8c+V<8afIMEn?)5#`BXzkw%{T&xK0a57c zIh@EetQf6xlwmqAH3D+Lr+p z^fl8UtjYgZwlMxvzTXp3SRLY3H9rWe%gV);^OvN5dg*>M|Ft{& z56nM}EB|Dwg8f}||7~OWyBPnp5d4$J^E)H{H&4^({}>AXj`wGi@;`Z!uz$zj_M`Dgy%pF}9?za##SY{K6K z`sZH#pIB6yzr+4x=l*w*{;A*pL^`tk9r6z~|GPN 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -137,7 +137,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -177,7 +177,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -220,7 +220,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -266,7 +266,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/aws/installation/sonar_multi_account_deployment/main.tf b/examples/aws/installation/sonar_multi_account_deployment/main.tf index de07af02c..bcd36cd8d 100644 --- a/examples/aws/installation/sonar_multi_account_deployment/main.tf +++ b/examples/aws/installation/sonar_multi_account_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = var.sonar_version } @@ -25,7 +25,7 @@ locals { module "key_pair_hub_main" { count = local.should_create_hub_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-hub-main" private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}" tags = local.tags @@ -37,7 +37,7 @@ module "key_pair_hub_main" { module "key_pair_hub_dr" { count = local.should_create_hub_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-hub-dr" private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}" tags = local.tags @@ -49,7 +49,7 @@ module "key_pair_hub_dr" { module "key_pair_gw_main" { count = local.should_create_gw_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-main-${terraform.workspace}" tags = local.tags @@ -61,7 +61,7 @@ module "key_pair_gw_main" { module "key_pair_gw_dr" { count = local.should_create_gw_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-gw-dr" private_key_filename = "ssh_keys/dsf_ssh_key-gw-dr-${terraform.workspace}" tags = local.tags @@ -106,7 +106,7 @@ locals { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub_main @@ -144,7 +144,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub_dr @@ -186,7 +186,7 @@ module "hub_dr" { module "agentless_gw_main" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"]) subnet_id = var.subnet_gw_main security_group_ids = var.security_group_ids_gw_main @@ -225,7 +225,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"]) subnet_id = var.subnet_gw_dr security_group_ids = var.security_group_ids_gw_dr @@ -266,7 +266,7 @@ module "agentless_gw_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -290,7 +290,7 @@ module "hub_hadr" { module "agentless_gw_hadr" { count = var.gw_count source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.agentless_gw_main[count.index].private_ip dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip @@ -324,7 +324,7 @@ locals { module "federation" { count = length(local.hub_gws_combinations) source = "imperva/dsf-federation/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag gw_info = { gw_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip gw_federation_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip diff --git a/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip b/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_7.zip similarity index 54% rename from examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_6.zip rename to examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_7.zip index 00b8097657b8ed2e6f4cd0957f23d4f80b8dce5a..34db505ec67b52e58e88af84fb4a2e4f928e1225 100644 GIT binary patch delta 2726 zcmZ9ObyySHABSm)Q38U5l!OBb9WY8tkY+F$qq|cWN{w9*nJ7K_g0wOj-H3#=Q-&b% z18I;@!ch{+1%CHF_v(3`bN)EzJ)iIM`S0!0?$V}*=#f*-e+aWL*`jkRu9%TY$t3du5_`7JXSAchTC3yFvfK3jacY=hykA zc>zhY%1DzXI8n0TEij`)ObZ--LYk@apk&@?IA@}}#n`(w^o>_Sc%w!)KjDL~Ta^Ur zK%(?HCb#SO^WhJ4KcIGEuy=KF+m*PzObA%u&7jkH)nZj(q&uzu14+}&+)Ti~;JFU8 za#DPvnP!%f(fq@-+Cia-ER(Lu7~Ns1LkrjKKhmcjmsd;5o$%pFoyN)>_ootSB2yGU zU8H!&Wz$z!&A#(og+DNInu7ZZ&fFQrUE5z(gsuGo_6)hZmo;76V4h9}8=$r)j*0iq z#tAsU(sd<|W80IMN>>=F1hkK6Vvqyv!yB{jgyxp!U1B!EchSD-E0le?wkeuqZ{Z>9 zqBD@O_d=6^lq_(#3~BTsiNKY^8=jwec8kBncn9~<*xaL?d)j~wZNbAM+6GY~TU$)rV>h{A@3wEeOFPsY7vFBE)^=b zG!K^_R39=`(}gfJFC*SxnL-s;EDq%zrcTtnOUPF4Ti0%t!DAOwckGPig^S7?4~%+) zb{7IP#%>w+ zIv-BS1;V2e6o7Bqh-%DNl%ETGXNMWuG#|JycmyaNB+B+y@EE?Q#iATJne`1BPNL)8 z^hK|gSA=RQBx=K)-N-uO+#7Tj2CCO~pF*)5tCvjLXP!&L5ZfM`oMkFqW{?T0#m*p; z=2Vt9^IR8g!@u+)>5A&iDAeZaHhKcFrJLmyf8@d@MT2Up>f}@y^}g^mp!G<0qJzcR z829BZ=VU2xISG&tNvJefx#JfXA!s3wQ_NPhqut2Z`wZp&ps4*!Lm)follBr-W*JP( zqqhE76L%?MvEE^0$F4>u_S&n!!$3$7c>zz=q*oJHMR|?OZCTi2%8VYRz(iunY;P}9kH%H=FydMxU(if;ot@4F; zy(<$RyOfj0#npX&IrD(=Nw_&DSq(i{O4XI$aVnXceZ0t6V;<10Q>dpG+OtPCdErh@ z^s6+cNDOaoDmjt(4Xaok%fz4<-1Kt^$rF?qut>sz3TRMd#ob39x8J~VSW3dwIbCX+ zN(`r-(KqI3+EvzCxTC*r*%;Uva)kMR=Mznk7`doj;bAd5wAohqnxX9aBd^-j>tXdi zd)`rZCCggkYsXl{VcF|q#lkk}^6sXd6K`mm_rAUP@C0}>0pY-@fVGYqWqMvncU)A^ zgRBWZL_zM=L)lBQv9nk)+nNWY;lbEk0Yo%ufEd}UfdV^;o9@mxqC+BS77(VX$NdEO zXgz-x%n}Ci3ZP%n2xY%bT1=NsUcg!Un3>Iz2AwYD3MatqDc#a`AarBU!S$ptw-wiikBjQ6SOp?q|C(~l|R(a;VuQ%Ef7epQ-VkXpi#yH zT(zKNgV~5g{-KgUDUCc`5qv=HXDX&Hok4z!6^wGCYOzZC_X@N54$_~m*uq(akQlNy z`BrnJ9CY<0ujP)7TBV5*k%xkS3RxAHF;2kkW}WbQ*iZmZR^wv#`u7@dY2lUgbfh?_ z;Z`CG5%EVVg9ab42>Yq2?a zG^M1$UT;~AwM*r??8yC>-s^{Ni;WetL-LD5ObZ)KM0aqJjSP1WPLQGy1Ni)!i*ro( zy8pDr&_I@MGi=mqrL5?}aJT!=f;U;PJza5X(!`&aOLUk01vPeFtLw^wb zS@$9-h^N&ZSn`?(_8IE^mUBs-O=M{_ge;Ue3QuP)$1^jPA^oFe)4%b~#BCO|{zwniAel|COnlCmdL+b4ZpKbon&Q z*+0PD*XQ>v%tPL+bBd4eY^0yR?|pZtQ}iF9`rErOK70k|7z@8T?U}Vvo?9D6T9Etv zI-Fmf^;c&*1y28-0ss2icYbB&|M=Q(8O{Rgmwqq(Z_4?YPXg*Jzx4er0wSn>DulmO T{VkzK@NCGhHUCDgTowKcJsA4A delta 2726 zcmZ9Oc{tST8^&eCkTrYOv70goBU!SIv1Q9T7`yB<_N?C{$(F5&>5!0}5f0fo2$iyA zO@uO*AxpA_^24ulom201z0W`I{oMC;zkhwYw7azFjPyVhG-M|S5+R>PCrb~PG&7|p z1JO-ax*Xp$!wVq(;|DKU4!9&HFaR4E;13IMJ(bY@UsBx=P7Xd^wq#%-iQ<$%lB{q^ zZwGgue`G(MaDRZf&+*LCCgXy-DOq0bgj*Q}LYJ`tHg4-LK|+(6DN!<=gaNq{{}Xm!&sUIiK=v%M?4q_w0X$roH( zf=yc$W3xgVJ1*~7yhCqf$8d^NIfwWK=pfOp) z>M=@TZb4Fd(Sun(;zp=LnX$L3T+;#HL6H~ti-w-g5lF@po}t6juC_Fm3W9fD+0}4I z%O}KH*+N@4n8}gqgeQt!3H+-_p&bQ~VRMWO{tiAdOStKKA75m>=78#tEyAVqMmd|(r#*hshmwrf$I`e@rja~K1t+@6t| zekUe1ZB_b-ibl~oIzd*9kvq>x=H@*jP^lpR#+JbR~Aqu_DVwnyZeBv zJ>~U=tn*5^?p%ZG2VRIA(P}a;2{F;p%z0(OD&>c%=CJ{O5B`2W^EHT?BQgWcs3g^i zDRF+G?N4->tTU!q^YkfBrLP!f)3MGACh#K#?{|>q$cd-CScGr|rP&nke z`b0XfprLJzlcXwOm7YgU>*U*T(M|45;fSO`p<{uy_8B0n$MS7od8=pb4@NsRcdk^1 zIUSO@0XPw(9saFCa91LA49!FlGv35CUih@Fxs5y$<()s<*E2SKsC20!dWsizW{_*4 z+Ei(3-YaI3u_{PK9f1T;sK(@qtaSaPpj6>buH+~)J9(!ap*g1Mn^#M12C;(aT+Vf< zijueQH`%LE6!#|+8i%9%#-xfqkCE8nQ`+A{C2qQ9T(<4}&{@x5SS>wW^e*&X#>O-0 zOgd@Hp<#m-JJKYE&pJ`+vxgi7I~lTp8P0Nsppbv|m2HabRb(kpeyC5PHDxZW^Wc>; zi)OM;!FI3)1kMsdySUK2JMBWU)$%Tvr>g}(qcNjBZ}&P@S}Cki60L93Jb>;hrQ&VZ z>`1(VaH1=uj9_VOqr8^=Fk>GztZJ}M-pY2Je)!=a)TvQZbt1Vt&O!Hm zi^&|R?@$-WY^0Qhk7bre&hUusySRhjz-QaZvSaQA>iOB&~X2fe-CY*{Mt!*!y0UW}3P}VdPZWpch zygq!M1ec;wAw2Gt;+BLflNP$yTVVb}Wn;B5%mJ%&G5M@!uDql!*#MJfa0Nsk$-bw9 zNIG!+z6Ioc@+yXz-{9=HVbSKgPJXy)at*OW3tBLz2+Bru*tib$I@4}bF!zwkpx^Ry zstMj2vK4iN+;P3K_jd!xUs?7OUkH{V1NPypD zdB93-NdpiR7*k--_*3le+j|aigA+j!ah3!{ut!4vL2HN9h8vFLsq((V)ZNi-#h*`_QwI z{^8H|eTs&T)Iw5PZrc|=CMtp-1KUH0wtQZz6}h8pBQ0RlAH!UntGHF)h?*FnXV-)g(qbFjYylZ@DNE+<_39lh>V*ttb71${kxI=uMR`#T- zwYtQb(wfgX42MXecZf2*N%%-mzm?iynHSrk3r$wsYBRULJh$MV6D4tEmkYZ;zDz2yF1eL|C^XlIl(06i0bnCLUmS+ci^bJB}2TZ|!6wZU%N@(PwA4 zS;;f-W}Mi+3eKUTRESk&MY_|UNyPn`ukuU5() z{;}4lz`Y`9-cILSgAU(|U=-2xQ8->vFF!24e9p|eA0BvsIYA?qV=w}f9TO1Fk5={q zTr$YP&)vb%%jI_ns%fVUKL3>~L)29T~nSbf~n}v~}`Y{mx XQuRL$C!f(HcoOn!&7TrpA(8(9ctzv{ diff --git a/examples/aws/installation/sonar_single_account_deployment/main.tf b/examples/aws/installation/sonar_single_account_deployment/main.tf index 3e46c3f23..e02655ce1 100644 --- a/examples/aws/installation/sonar_single_account_deployment/main.tf +++ b/examples/aws/installation/sonar_single_account_deployment/main.tf @@ -5,7 +5,7 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = var.sonar_version } @@ -33,7 +33,7 @@ locals { module "key_pair_hub" { count = local.should_create_hub_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-hub" private_key_filename = "ssh_keys/dsf_ssh_key-hub-${terraform.workspace}" tags = local.tags @@ -42,7 +42,7 @@ module "key_pair_hub" { module "key_pair_gw" { count = local.should_create_gw_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-${terraform.workspace}" tags = local.tags @@ -72,7 +72,7 @@ data "aws_subnet" "subnet_gw" { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub @@ -103,7 +103,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub @@ -138,7 +138,7 @@ module "hub_dr" { module "agentless_gw" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) subnet_id = var.subnet_gw security_group_ids = var.security_group_ids_gw @@ -172,7 +172,7 @@ module "agentless_gw" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -199,7 +199,7 @@ locals { module "federation" { count = length(local.hub_gw_combinations) source = "imperva/dsf-federation/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag hub_info = { hub_ip_address = local.hub_gw_combinations[count.index][0].private_ip diff --git a/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_6.zip b/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_7.zip similarity index 60% rename from examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_6.zip rename to examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_7.zip index 42a6f8fd4b7610a108ed5d7e9806e2a4120cc6bc..794d239cc2635e16d1200dd1b9db3823d9d8c15b 100644 GIT binary patch delta 2326 zcmZ9Oc{mhY8^$NgVC+Of$ewL7(-_LqnCz52OJQQ{j6Jf9tuXe6$k=0$ZH%(7DU&5p z2BlDmgwzz3tq-p!L``q_=&Og8Bt0qm8-PDMl0R-4zz3Qr&>@W^E*vgUx zKyTMYLhn_ksUZFSfe%ao4#orr`2`0BDh0V7NNoQrX=u};YzedQEb}DVZ5iVX zvD1Um9S+>)NdZrxx}OFDCA9^x#MjKjEVpQ6v6q+51gwVyXXhBudm{3(+hvzi2FTpX z60a8v8Pw}@L(_bDTDw013u zpo`9;DjfR0D;L%Ps_R{$?{^zeOD>t2P;t;P*Z$1nujMl_LWdmg|6I_Sl87rC_5jZr z)HU9aaH@N6Jj=}&13iRo2M$p)0eTP|WZe|n7mya+nh#x#cQ@)OHM{Az4I7lTEDrkW z&dTQ1#Z!6wf!8fwhfwrdVhw~tCxkORHFh~6-9F$K;Y>uk6h>@!lSp&gM73l=Ga>CQ zX3q4x4Av(Yi$`4}%J^qhUU$6zDVYAY#G4%7AKQy4PjJ;Mn!>US#w9C37e>_-@4E}c zlbI;F&e9qjas@{t-5-Lob`u7kQkiH>^10EM70t!p$3z>18B{SfM}@JGby`}yaW74x z2-QgsBcz(=zUeVZfVJO0Fe| zZZI%(-e5MbD(rfUta537q6hU{ifjl(Lw~Am$^QhD?UZVc(B^1FLA@yYY~Sqm$Rm8` zT#Y`Yo$g+pKkhkv&@IC}oZp)-yZPtaq@@H56C(Ff>fCw~vD916^ky6hdL38X_-?c` zP&#$SCmJhJu}ll8@9da}+2}U6u_dXTukNN+kaR)r3dy-+o0hf|Cg)Q`MEe0P8=h11PI%p(rm)Y8LlgQwHMV`e2oUTx!*L26< z_Aw6|l5pV;uDaiTBeg>%{av1%AV%l)W6{sUH?Vz~?9+IWyM<9qBN{$1BQsDrC`&%` z0XtsAXi-Abl?~)MtoTdn9SHs*=^~O{SRg-_en#PE;nmE*6uLOJ1Qguq6=wqwF{>@WO(%kQcY_}GuBNzh@DGm z%h+J-7j4+pDb5x)f-|KnmeKSIo8a=YqQHGJKi&e>&+bV zDV~p+cj+==>E-344+`|oW1Q`2dBrz+XT))%<6SXwz|}`tU$%;P<55zSxi#*Wq_3^< zny;P^^dy>Qq)sbGUecB)E_h$_r@D@&RAI-TJvmP25|7on-E#eEech;7xgGp)2?wN- z3FH$v1qYN!%)^w6pT;L4J}|*2P_x>2+6Fb%_U{)EC>#|nxE zWJj0(vUU;I95GdCUgv>>wElQkZ<_L=EL!fEmS_P~Ej{71(pU_|MO+IEmY#oMj8!-2 z1qBNO33^UZhC3V=n;R&4&=&)dZ=Exr_niDHfJWZBJTRiJJjiO}Rn0AvC=PwHiz0hP$cY$x;H!9uKy(5W`*Z@uuCS~v!^L({bSH@O=C9r7RTu}=t6nrCm zwDX014~~@c>yo*#o=!KbOkVIdR>^RDY`MEX(Z*xy9=0!)`=0N~?6q!aUj5XuRn~gr zzFiIV<3GsS2(J1FUt^Kg#!n~P^pErmH{UHMFxL|?PgwJS-&(vJZis^!QkiNHW0Fq8 z4?ynr#Skeg)AeG%F*}Sir`+7^H3#u36-7!vp!!f4k}Npl@$BKcp=}rm>q7`>UbTxp zX=+*vG{dGMLTTg}KS%^&rs_i{ix|Y%HycPdXs2Zxeyh@L8;uIdBf)C)m-{@Yj?2g1 z58 z9Pe1~dU&EBbvnmc_w<*oGh5`aWd@G7YsSRMg&-vvdwp-YnVbQ8N9pON%ArMUTR5R# zv&@QqE2w9Q>oaB_#)tQS$h;3@ydwxE2nUCt0z6PxywQJSx3Lbi2-;^eK9>)61P(UW zL7X$uQSx#5H@+L^`DPgpMEydrqkCrPfItt7@84ed!@~IoszzZXXnz1;JQx7*C=ua< zZP8=M!++v`Pq2soeF4k=(T^t_)8PIW@PC_#?Q7VGw4En=qlT3n00039?2jCPLwi*g zV+O*H3QP0<-Rtj+gGWS*2+`sA_LaPUbo)C-bU&umiP#psXFI%C%74VP;JHO*`2PBY Qe?m+|#ejE&_pSi`1MXrcy8r+H delta 2328 zcmZ9Odpy(oAIIl1F_z10Xvm$pjcRk3x&Gv~RIcSV_hG^kVY#Hpr8T)nc%T|S@h_mAg$U3Wtlj5T9n1py8o@kli?7?4y)lb zd8Y_d;t`uPi>6(%;L=a`&PsL?t57$-^@ApKs_s9Dx9|0d((Q2MWNOw-Z{SX(0pgBa zL0AVX$K7JC?iHx`9l337++4o4i9{U9bv&gl*9C#(bn8V)+7fJS!?H#SVI}sBH|xeS z74f{shoV+Z+cpvt78Yg5dn-2UY#D6tykttA(5STd*7#P|ITotKtCE<}<1ka>vuVD= zMpE8oBbVKii_X{!y#S5h!6EWX68U=vGG$|;=v)q`a&3|qTvseJ3*;Vlb8nMM%IlLN z#JTsZ=g1Dglhn1@zOw#ywv9F?oAz1U`o=8I``e*lUHr<|^!Gkj;QPU!cG7F)6|6KA z_?7PFo)+>*l%A$JOCxRCQJIl#JHn0aZskvj$+qM)o(TQ;0vWtlw5}(9=gkFULnG_? zN02qC(3(!YHYdDFq)7;CEC=Z=%Ffb=S(qxmveEF zKCs7C^g?u0pDi=Wu)$4Z=9=wRO1Jzh)_uF?54nb@od)UcR`7Mg(>d@<=cy1;zmtj? zK{D3!Fg0Jlwt_aqJpg}pQtHTuiPF4KZRgq3+G)h}0Xr4-@=fgLMF>d?6Ban=*(s`7 zW|WYPk-HL@1nw>Aa=M4Y9Zt539{QoO+ep{@?gE6=R2rQs(dJP>AQ8mrF{M-tnq44+ zSQJks1fj^8$T?W(>G+#??Y7I&1?qZ&Q09olC{v(@Y2>%wrsFR{>Y9n z$Tb_z6P?QOk5#TYH90EoM_kMEfZOy{3=n3y9?hFFmv7t*T^)Ir)b;2!O(WiDRUK_C zqJhtq#foZ2`>uD*VPq$Gah{hPhGx&&3UqZX-VSw&^-jqeAp&96l4%ds5!J|C)_ z{}JeAbh{Di5|Vr-w`EW_HjP&AQd#kwDq!VzGD3^JL$MlYE1R8ISFLBd)e(z0%bF*0 z9hP_8=WBotNf_LuOxPZ$!bQBd6|UU@;y;AY9fLvmlB=C{H-yfW^=Rk{7Nfu){1$v3 zhhNMrf3ZlJDan^-k>+_?LA5;C_=5AuQH?;y+eeiaP)^g_x z&nNH)WNq4M9{r+#mo0L zs|O>qW?ZK1Ssv4S2^}f^o z`IHqBF?101#(qz@ow>5sz^g~X7cf5<#|f*n&W$&D4T4W2bk|}|JL2grb7^q_Njx*t z>?3^3`dL z|LBXp923cEnzUwZe*2m_ zmXsyix$StbqsTN6?`d4!vt|=WoLIWml~!$5|qH9jfU)og{g}7dy+nw zg2u{^yVQiS&XozQ{HJ(-Y+Ksp&L!^>pcUX*!Fa?C&f;%VR^qn1Ynh0i3h-ut7Cu3|zXtA8Nb@-P7Ca zP#CVc!fnOgQZ>NyQlS7&G1;q{NL3yJs%$)1UXQ)(ARCa!5`(4tI6*>T~g|nBeS@S_dBmZc?@X#Of1! zP98SU{XsGMLsfPwCp3>`JYm=oTCc`r7*BmLrl)70Ba83n+fQm${AdYz5)ZA=tfGqq zN!Y<<2Q@;P2ipgq1@?@)e{plp&*9L)?%o)vI@Ur2LNhMiUN2$L?rRmL6;5y{5wWauT;a*2glarAodVy9KMX z(pqkx(GFcmpabhS_yLXi8AN0UFrZ6u0-=tek(XS9d|ci9JbveH{R7Yfh=l=ON(K}q zfJRyyVGJ#dl>OcR&F}hI=oIjP;FMQzln^7#BPiI15b%2z1tOgLGpbJ50Ccbc0Do=( z6c@!B09YPBK|)iVvG~maWVdUA7j@zCl3G|0|*}M z8~`T9ltf#DD77Lou;1_cPsh)*kwoFlH=zeg$S=43t)|hXwCO4%wwE!gztl9s56sZt RzQW%v=10ZYN`x66z+d-E5E}ph diff --git a/examples/aws/poc/dsf_deployment/agent_sources.tf b/examples/aws/poc/dsf_deployment/agent_sources.tf index 1248ef5dd..3e2b03306 100644 --- a/examples/aws/poc/dsf_deployment/agent_sources.tf +++ b/examples/aws/poc/dsf_deployment/agent_sources.tf @@ -4,7 +4,7 @@ locals { module "db_with_agent" { source = "imperva/dsf-db-with-agent/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(local.db_types_for_agent) friendly_name = join("-", [local.deployment_name_salted, "db", "with", "agent", count.index]) diff --git a/examples/aws/poc/dsf_deployment/agentless_sources.tf b/examples/aws/poc/dsf_deployment/agentless_sources.tf index 91784f1d2..7621aef39 100644 --- a/examples/aws/poc/dsf_deployment/agentless_sources.tf +++ b/examples/aws/poc/dsf_deployment/agentless_sources.tf @@ -4,7 +4,7 @@ locals { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = contains(local.db_types_for_agentless, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -14,7 +14,7 @@ module "rds_mysql" { module "rds_postgres" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-postgres-db" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = contains(local.db_types_for_agentless, "RDS PostgreSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -24,7 +24,7 @@ module "rds_postgres" { module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = contains(local.db_types_for_agentless, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -39,7 +39,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } usc_access_token = module.hub_main[0].access_tokens.usc.token diff --git a/examples/aws/poc/dsf_deployment/dam.tf b/examples/aws/poc/dsf_deployment/dam.tf index 93267bca6..32c46db70 100644 --- a/examples/aws/poc/dsf_deployment/dam.tf +++ b/examples/aws/poc/dsf_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -67,7 +67,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.create_agent_gw_cluster cluster_name = join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/aws/poc/dsf_deployment/dra.tf b/examples/aws/poc/dsf_deployment/dra.tf index 9caae6102..4ad67bf59 100644 --- a/examples/aws/poc/dsf_deployment/dra.tf +++ b/examples/aws/poc/dsf_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -30,7 +30,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_6.zip b/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_6.zip deleted file mode 100644 index 1e5a366a07888a2e07e5aa79554c07d4a2a25d16..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12907 zcma)iWmp{Bwk_`N!QI`R;2MIvYj9{ZxI2xzyF+ky3GVJr2o~Jok!xq~cW&-E)n9d0 z|EM{7)tWwsf-E=$9LVp3#EVPgKW_f(3ljt%#Kh4|-^A43+U~23sjZVfi$0e=CzGlQ zEC@K_Mz!hh)7cFk1Qg;390UZy=lwy2cX1f+R~QiDcX2FFUe}orARuf6ARt745@+Y^ zWbf?c$mnGDAA%A7cfqHcn-QzrDBhc0B7t-^x$78J$P_4NTR9kK`+7hR4Xj*^6)|0H z00qzTw>_V(SRa|jy(PiM#gGFEjWj!n{0H{@8dJl|-W<$%v`S}#k{%q(mif;m1 zaCx54K(TdJVV5m;o(ONzM4=F)5Vl^(Ar3b{LGl{U^oTtKUTVC zT=3Urf~E^E%76G>RPRr0`OmWKW+p@z=^WDVB!`d#T?#$h<52MO`hVFsyUDX!Q+QPf zfQOB-l70!$?ZI)MoMxINquK(S1tn9{%}s56Cd@eVch!72X1;=g~|J zWv(S+%#Oycr^z0H2K%s4kYxL$9RKU=XQ7}}5Vx1Rc^!p+>Pjz4Z7C=sazFw%Z`O?_ z%AOxQPM{!;XGG`#AC3cjC^Qd_89c0{3wa~jOX1$^L$sysQ!C*!p2%Hs4Aq6WWxkMT zNt4wG(5l=SjAY|2K#zd4`tmKV(#`v;K$ypZoq8eBg!f?i<@`&GkTIRl9`q3I6>u{d>#}un_i(8DgM`z*Em(i>utObW3ZiZ2Y#TW~8OMZsY zb*R7kcW{J1Qv(SAwtf|I5GhNWXM#RIQ$-3lM!IAeH!42f+B!2+E~ek$66TTU*a&*v zUmv?Wzj5Nnsl7Oz+UDf_3|pAWQ#4=gNH^dFi%8hgcA zE`R?`qjHH(b1!8Uq#zZSfr-F`qcqL48jbyQs7qlPmJk{qHVf>|1*1YCyq_+C)Fz0O zeHW|`EL!f9`zKHX9e=DFKa%T6wW*NFGpK-H7p<7znU0S6A(<9dzN&#)10ix3w^XlD z$OZ7SejI;ooLdS19&aQ5)0RF?&x-}eYClv4Ng-V2NR8nzN<3~NI>jL=@aI5VrGg*{ zh%vFOB0wdYnd5pJhQ}Oe>ROG(_q( z+2s$PN}X-Nj(m~p7w!U?G6$E1%^Be`YjcB_j%zqJo|9F*#1)SeGfJ3Ir?~{eG{A;~ z?poc}hS}*N+Luqp`s`~F4jwJe+RIzxOC5oqn|<04zhgzYfYqEsOd)wbYczsy6r+^` zfP;D=)1?Sr(ie?2KDtMZ_Q9^xs{??$9rfU^uQ&QQ^p|!OvKhxqUp_Yn1__r*u6Eh> zy+Z!O>-~13JM$U|ieMlh5ilSicz^PGCIG|#_IQ7Ar5&oL;j7Fj&)LN&j6r--8Esfv z)c9T~=z;X7`%bYG`HAttGp^?&MB%zmGf*oB>eiDdXD4S;gVKgEUivIW?OVNYj!0Uh z$yGIe0yX)+cr+Aow;&AkSFvTMm`)5i#1s=7bu9N=rg8G6%nM;$gV2Qcb^`I!XGDh3 zdF`eP9WK9VPsU?SPN-uLdql5B6V-B*XILWW+z<3IR;SN=8Fu#S%C`((fBE^{avoGO zDMphHOLv!onU-Nz74en25iXl6aHYP40W%f#42H0w4)rd@XF|yIgn*3{r1a9@Bk?!l zTZogi?j+t@?(4zua3#jKtflhVTgKIx=HC9&JvhtV3CyK#viN*v(7D!mk&=pdQC4aB zRr#uUqdh^LG&zyGD_pUORIl{A!NhvX2N*dO>I()AFFZyX*ilS~Ttu`h5OY2F)8tgI z8Bq4O*~Wlgr(A&(i{W+{6-+M)exB;MpWEX8WSu$+b(B%tgU#sF-u`iFYkB#8gA4=Y z=Zj2aGeZOd6mdy+KE6N!X1JS~gnZ&zK!{!Cq(lZaVB$!3Nl|(qRCKWc=2V9Z9;Hb( zkeJ+=L7q@_?Yjv_IIbtSL)$QP3S0!TLt741c}x=$ty)c_ck6epnO$46>D&)pO-H`% z(`97UjMbY%46|fsMBLn^x~}5;E4246>4nO%Z;J~wr*kV!?w3k0W6A3LUt0|ARaUcg znVObOcD~UOK4?p(B{QX&)!2*a^2`k3#O~b0-U_q=;+);3DW@W{_`RY8eWCigTBy0Q z!G%EouB9DzM=3p^ARtZep_}4QT54$iJM25!IRlJM|0hEKL0_Yk4Xxhw_2o?8;R}M2 zREBK;64a`9D6B}$1dw-`m6xW9=H*;KS~`vMNx`p%qQm2EV|}?*P1FAn?&GznOZ6%KVm7J&Zp|9c&1I z4xj{>Zi2~>PB9emQPKXiE^*EU+cG>6zd8kpk_ zg_RgKx3d(|SJvFD>ZZ=pdIcqEgUwS0%5yNC>OjG1gg8!vM0K1*l1MB}PJ^dV9Zv)m zM$X<5QSLmfm#(-w%SdIPaK-9Ot66G#!9dV~`KolPojJ~7o>$OJ#3Gfy-EOPp?8p2} z#0XFt?89tlFBH^Y_cp1+uc&Zlvy^sMrHoo%wz z@2$hBf+@+BQ5YKVhC^C2OgC_U*N@0IJEX*S-RMC4zr2{C&A;$sm1?85?^@CRLi|JzQk1S(E$j0+jm0L3}<&lQuL6%4iHEhyL1G7aXkCShy!Z z@+&oXBX5t?_Ro~26u6MmTDD5r5EZ!b0j?TJ94VMxsQ0{dTwG!Y?Ye%#nil5v$uC2l z#ly*Bv2RWlppf_^HSP9>4Vw5;n-h2HWWw+bQLN6t1Sq@cN~>oyc|RSH5P?~$+Q?!@ z2e9mo_@_ML=v9R!A{l0;_v!zlsU^dp{}t#=q-u+k$_kn!8^mZT*e4f`YVa!~htC*{ zHZ@>yyBYb#+6MLpN?Xm*Vo)KsOw-)`xzBv!0qLu;ZxYI4;)n2@s}432lpq!`ZqOYW zRVx&0M0iV+C`@PYMgI$}$B6;XCAZB=$tk^JFqi=lk2Frp zJoP!#X(xpk(oNkEs4hIvx=Z_seYx~_nBg>7W42ZwZ?#gVv=)csu^ncr^JknB9X;fY zawxY&4ub5@MD5rb%N!q9XBVn4B{3K9#=~!@oLqjia(^~$!l?M)H#Arty4Hyvze_1$)ZS0&YsyG$Dic6W5rA zEo0IiupILMnR-&;#|s@ibTq#ZD#c>`E_8uvrfJZERk)u&`Gi};@|{#m*uMJ0F8-Md zLMz^#=IAu+A$0gMvbBOh+m?jhx8jwPrPn}zV63NvYMYGG8NEQsI|Qx#{~IMC-|u?yjh&aG2+L}xErqM0jIH!&Ai zT607h!A96*`^2Q**<)mlbHcx+I=dsr zeC=!c_)wC>jM;;l3pFNv>a;+$mI{(2$ZM^5EyoBPd&AY&K%Dymw!P9>V%xE7YD5+8 zXPpiaxwW{EYY*}LnVKW1W$fE<=Ls2F&x&%UkcayY2nC@SWlL>ZRUx1gB3V|s_J_+F z|G6wp)$^xL+%A&6a} zfx7}p-R{Gpp|i|lgO<)DlocH&um~9{l%&3D;(k~rt&N zNRm2*1&C(L*fXg#eSgaWp~ZGn+EGm%&X6I@xAqr{S8Xv8ylaX7aZI9bj%Iebq_%v? zUocsUK@yQZCWzi!{Xrm1S+D7)O{0Q84nv-*ddry?9IKUCFGoW#8O>Wlwt87Y1g`_- z*V1Np;F62=Ju&e}HWtZ-;fGj8sVtDu5;^SSQZl7E3^My~qIk)Wcg3Uk2otZ$C2{37 z0nTG*(Kk;lk?SD&!Vbu(UDEu;Bh9vHl%T!rDHqL@z27F@up8q1E6;fG07ukDc%FDy zo65)mS_7Ld_WP((z;uUw)#n9LvidS_72b96Y*hY0Hl}NTb`S!}`dx?Y$7aN_N3WH$ zd8e)<9H*ukR5H^M*6fYyU6n190>yB*f!#ET`KNK2ffF?uak-I(P~FO~{=kqAHUmw4 zFFEyuMH)JUy&edjsO%@GeG(qn$x8AGmg(H2-GSj7aVZkhr?d_3B)mkJMQy^k?nufB zD<;%T39#@iH?C31>2+#cqhKlVyg%Wu3W;S?jx}eruRat4Xr>5lDnSm|3ceewTDJ29 zl9I5wBwP@l3C!8Z?ZK9LNSB#3CdF)STsdujz_7CHPvgy6O*!%UOvz_;OJ!wH-u2qu z`lX~^vvp!Dma3W|K+5e32|OwY-nNf?2gtQqB3raG9&{eTQ7TOVR&IhUn5nJa_;{?J zsjbW1#QA<_H&F>sPf+%1Asjoprd?2TTNT<|8vUut5Qh<^kZsfP2k#(F_%$VHG$&XP zEV6EuJ&+y13Im~Lw?^`XBt+-oAXDjPAbs{uqIATCxY*DsmfMw$_cWljGPc@?%8=05 zMxRN*95#OV`1O7r&j2Xu&~|IDz2#zRqL>f!d8PymN8ym4ur|)Pfq(wPZB! zhfC%Ik=qZRz2ixga6o%VYi`dihp{1#kvIz}qGmo_JUxPg8B3a}%g=>6wCE!N)^0H^ ztjf6-aQXHf@uGfWWfJv2(|7XdPiX-~dhDtvwgE;V%Nw|Y79VSfHakFObjuY#wbV5A z_Os4=^NsQEdsU_&Czem+JvtS9#^dCLHFh(rsnzDhWY%X`$st{{w-0dRmA8wN-^_MD zYc!!EHtQnsx1GiGHRVk|I5v1%dPg}J{6r@^Dx*9la)RNE{bbD37KOOX9kvCPM@?2*_zh`mHUWhzgg;?8b*#89zjn(LbLqd+A)R8hykWq(eN(Cf#&dW+=qmHp=DiHet3k1rbP;W_KFt`LWQ z$oNAA7zTYf{z$lSMuD=!(;kOutR;rN$t$h>`nA*P0V9WLcx6$Oi z3$z`dgSE6MIvCc9n+FfKNi`d*5>&jVeBjyDVcanj|Fk_u60UY z)A+f1pG0A6ZZf`!TEOg68&CZ*Qs9)E0-b)hIWLmm)G7lWe9;_juBa{bSwnlF+p#3g zLrIY+UuQT3;c_2Y#b95LurxTjGT#Bb_k82)s-Tc-7eZV9@s(rS)&37&z85?!dBAPb zeWtF1l^8Yj;jNQ?|`12@YNIVeh_Ht_aCTY-VtONW@TXlbxBxsmU+7wqZ9_vzi9_f5Np5K3ri zz=dw=G9`PU*CQTu#A&qaH{vpatpfZs`>FELcW1>JTwV=}QZVP9S{12EM-`N1c6LHN zJrhl3H%+9Em`b2mvX#MZ=A zBrYPJ9=l}mGqm=G+-<$GmI8eX+_s^6M0tUyzkO^laR&I zSk*yE<1hK~^*V79X{A5-KIKkjQX9%6GxbwM zHf%=8t;tyeF8g(EhDi|UT(FCTYA9Ywc4DXIg4J=Tgk1rF@*1KD{9RYsU;ha!P+2 zub> zf(R4NC$28P@XBV&W+k-wv`6NscrO43%1fOk`!fjxogWoVbT;SFtilM4mVWaxJ(B(5<6;yR;~CNV#7P`*UG@} zcun#bJciRkI$ggKNufM(xYNsCWSvvs30U2c=l3I=w~$Tk<8gGV;MzoW-F0w1cg55} z%~!Mv*Iia$-r3B^Klj&FV@O#`2{L6Wg3@DjXfK^vJ1B7s>{Q896_kBF~}SZeQ< zmr^kwC!SG`Y7|6Jh}1sT75eD~_v5A*2GmE)8eqq7|8M}Vrf&!l_@dVs7u<2riJ~=s zOfB)T4+0m^pp+($e)8gvZ+x%_iz0v0@YT(}Q%`X9;H9xH&Ls?X{oJ8{#Go{}{{kag z@OHgCJMHL^3h~r?$h2Ly?bTMck@P}=fA|wH@mxy68l^D?29#!ayHK%+<}z%|fGG(n zTv;y6GqY3`-+r3EST?Y~ZWjLD@iCp>C1m69KeCADIA7xwao5tG-y){gh zcB80F7UGC#N~Sz3ceJ{bc7kkV)bv8w!za*j0ytapyHEG$#~%2FcBPZU4LN5;%r!hT zDy`YTVly_I*j7*`TY+RRq1TZX>#?&IbVX8vwGir$m3$!{C*r}Y9Yeo9pNls}YFuM~ zs+4lxu1YFwJzMrW1|sQj@!GH3+hx}`wC2i==qlJImI>`DF=cly8&up|jA!e!g$Rt; zcHoc*Gx=DlRWWLF>~n@){hQ7@U_`l{djf-_!t@^L-(auya@fh zfE%L(Z3=_}0r8~*0U`KP#_nimYY6xk72K)Ts_iZ(%6kR(?Wc<&IIz~j4-01NRJJRp zI#_s$)TS<%5yh0xcFX4+!8u=Sq&D8#*LDGUxq+JvcVZtOXp$%)XL0E%D%Ep|sT@w* ztTMz-5;!)TwVzw}Yc_+NuW%^)bsrk7*t1xyS&^pVizJxsASWqJ!c>|q61$A6wBouP zxpg7LyhZQjPbk7==*xYm3Ts!ov{N-12^F(~2RDXK2~wN`E=mu(fk^JcEO2IbAq!~)E>|BZ}H?$c?5a;b2QfJ|5A(yleEvP5O?QHQ0+*ARt01?tRY^X%y^C;F+p1s z3CA}5)jXu)9%*PU;b&O{*JEymM~s=0nG%|$m=lM7$JV4YJ>)kbOzyxQ^SHD6-*|9D=pE`ha%R#HaQVr5~i^>ed9>K0Fa7Ntt?wXhMq1+ zGfeQ)O|1z7s}2E;+%lIHa<~uHZmwkEpXgi#TxTq8KqC*Q)xc_%`EZgh0!xia$fCG@ z47oH^az|ONl2{LaC=u0GXzK|F9fJ;^nv0p}U8||>oFu*fIrU+3Gk$C>U`%}P7R}}9 z_}szvI0oEf_fse3W$!(CC)D#q--l#ThMv#RM zphw5>kl8dd5`}VwY}OdZ1t@#_QE%;gcXHTJ5;^Wnm@K@7^mQv}=md}GIIPCcWLB)c zaf5Cyw^X2F&tcWw26rYH)vjrUe~o(H#$;ksu+Xey#((6;*8KBW#cG*G(?$7GlSK_E zug^E<5D<`t3*wK#8P-$fX#Co|4ZRgU({rxH1-uO0yxp8LP3e7fLz{~)&D?Ugi{Ctr zv0Jg-7;$VnUYDQG5BFQ1N{-OXZcA=jmVGvwA9J>O3{!^J4L2i(@80@D z2sv@T(zEm1yTbqyJ}|j$%#(ahZqbv_?9-u$M+AyYxjVGWnrI3*F?}dt^5W%$<=8CY z<34%Nx{g29fn7Rt>b{CZHKG@49^jF<=Y zeD^e6LlmH=mm~k3Rz{MZGQ&u=NJ-{YJX-PAWj(*&+^AyON3vwTt9A{&=3FNIsj+9= zvssT-|F1eT?OPW7ewI`Hk3HQnZ1-!&jh>u}o!iYzu=!yit3MfvZ_WkBT6hL$iNMl| zO#8b@LQxVZHvK-2^MRl@JvKqBCKQ7Qk98u%8vEa+Xm&|sWS~A zEsuEA?b^U~4nz(_t9XP1a+hP_HA@!VtxW-X|`THWzgdQysSfYN6E66{6hFH zwGoPo9}ORUCb2A3`qm5{fRTpvZR6WXJbE+_Ar~RVXml!pHpvGE`eha~Uog5LT#M=w zM}Om*MzF6gq)oA}GN-V>eGkr+3#wbs8=yW{I+iFJ1Vz-a#_6Yt0GFL+mS2+T0C=i4 zo7h{#Si5^6Ve9cIOfAThXs7J6ctpa36*?~Y7yHj%(WR$gO2Wf^>&X!al*z1m(q4?B z6eMB{Qs0-Ip8!X+GzAk=2(xQ==n5Nv*^kvE={n4_M@B#ul{sHpH-#NI)?w6efnLIl ztu?2`50j$9BA8dxXN<~8gbmKZ6B~Jk?%91I77hdVi^3xc0WmSKG;68emIJ4B%N=p& zn=wYrsa3%}7Tw~j9@^18@JOF=Xjd|g(ChQi+DD?_WB>~N(wmNU(5O3xJUHCMut;sj zpQZfeH_oJu0~q)pi^euZ-_qMxng&u=z3>PeKf=v zch6kN!eNO#`yCuBEwXBgNf!10p<=(s^>k>!$jWyWlY#{Sq4|@F{l_5mz1`{fZw^D} z)jrvwv!HYws%vb|$P5=@qDe_HU;~Lk1=JGv8>sMRbv-WJlt~lbCdO>r+aAEk6;OFp zN)N{uJ=k1is#U{wp2T3{N1IDQ_h+C>;p}T5#2mMu)p}LZ0Ie8u_zn~=8SeE1VYB3-%9yTmG#!q&P zcECaPiU@2QO%HTK4x}`(z_1k(TfscN!3F^7XtP(z@q3U^m|P84-S zjPSPqNaNRimXj0eYC|XDbj{xQ%v8E>WqD{R;@1ps4S-hE3NU($Psz^#5B7juhrr{i zh3PCUbQU+zYTz);c^VFpj3g+uCJ`!oVIFW`g(A4r@rcaWMJ|;$%nCV;)@^)CxP*J_ z{jz%%#rZ0mg+A>O2&V|$)!2`Kmm)(>P9cJV(_Usn?4e5q z2}h%Hu=~>Dg=-+b?5)+f2C9PlfY+r^Z<-xjtGcWq!DxwU`wzI$M=M9lK`MTlq_*_(00zlKk&C#U~kuG}JY0W5W z4KsRRi>vgrHj$Z1o0(lmL7y^_QNUd59uiED^ZH1%^8q6rEwXV^yscjBhQylrCN(6L zdt@yY4Nb?8AY*JJ70q69l4c8-b(-4N_Yo1unZN${#JM3~OECp(OrEs%3F*fd$TiPR;Ah@FdQQVtU zNQs=yclnvnERXS~6K%xrK0?)*Cazk@>xFzhV6waBhNv&fv7sYX&ZI&9R3bcXRpsZf zR%_HG7c2|I` zMzof6ag@q2>d$t$^ftW$ub@(+{f*%@pf3%fBJvxg=Ru2;K?7IIH;Xs~sL&y=;UPr? zx$De+>T)+61r5!gnUHotHCs;kuv)NFP#lP_4BaFWxzd;Nibd)0y!9cklyRx-AcL^c6Pm&N4?$hpaiWxfgHFsRYmJKq2r27=+ zn9p!OI=@gP(Gr?M(%De$1v``00xS1nu(Tmv5=(q`7*9CSgm~1f)Ed{Cm_qgFZ$g5T z>$mrL6An$=ofh6Wm?ZH%15&y-2il#^yt9*my};z?PoG;uQ%fF%0JBU5M5U?5A%!Ed zlb=IBbdBS(I_pW_i6kiCko?djOcM#ceyQrV%t+*5-4%-_!L`FLjara+J}N{tk;k6) ze4Htxbo3*LPyBw3c3Bo*P^BR(?4W?%b5V)t@-d`^g+RPg2>P?KMti&vqod?&)-_)s z;MBeW?^G7)Llv0ZB{y_xzVS%lYzDl(Nf5_7v$4c6kGf!*`8&n2-6nFMrr z^qoZ+uHkz1ZROx+2xL!);;xeU_j1^@7`A`ce;Q#*ITFao=LUjK8r^eEk@!+=yR5Vu z=}xPrAW*C+0U}&IvzA>zbE5!maFmtVZbOiut_5xL z7Zym{_q}E3@~f;IjX2;zO;m`5)7r~{=$5o$y0iSmP8$R=i`8a5rY4ToQ?Co#@`1D$f@w} z>mR7vkpD^5{wJFDZ_$4uYX7I`cSZn6f#2spiT*2X`yJ%>Tl_yj{+So~R}gW?Km7my zW=a0*Rs06{JEiTf0LRdO0QhHu+rJ0(cXrfYq2S*)?0?-0lmFsM{d)j^CuRH<;O3o> z^}hoA4@Ki&BmDE6|E~xTD1Sis`_%s(=HJ-$zc(lU3e$-92bh1fD*wHe{Jlv0D?}{m zA0Ym}lJVbL%HJ!6zv5hz{{iQJuN(gLvi>;{`zss-^&jB=l9v5zjDPl+f5qsc{{zO~ b{O6xu9OQdD8UzI4{nPrMN~SaX{`LO=9&qGf diff --git a/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip b/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip new file mode 100644 index 0000000000000000000000000000000000000000..f8fef7945e288d137ab52356e7e2d414d735ef94 GIT binary patch literal 12904 zcma)ib9`M}yY-G5voUt#G`7{)wr$(CZQDs>H)w39v8~2VzMl8$^xoU=p0$5#ueJYJ z&)9R#F(1t#D**-$1NiIc;bK$$*Ui6wp#g9Kh7QI$hDNrQHf~l%){Z*#I;=XZv`UK5 z05J7$Uyc4com^o7AmB$}006kpuLos+nM3_`h5DB{`e(13EN}pT5f1?P^e1yRPL8%t zjt(@A#{V*`_P-lGQ`?AGVMFrX=;9Bgw8~pUtwtn4I^WDiJ>S!g_E1I7Q(YF+(y%9C zU;4W1(-r3<-n9FJr)e={pF}m?M!4XSsi4+K@2WQ!Z5}bTjw|UP5;_24_y-L42EHS) zS zbn^7~VdTeXr6AOdIySBpn0_Dy*@zJol6O zsr(sZ30n5WPs-aIT?|-?;Wn5A-z_6PgoG>(o&>k3tX-`Z-dlF(-OADo| z`$UrygV8{qGXe>UwO*KP{j8Ai^ZdAoM>L4d%iW}NAh7pblc1RgOUk&Pq!Rt;&_ z4;C|!2h%emw4W2x4mK2$9n%;VTEv;S3FWnDclI&H-1@l<_=3ZKUlL1pDP&&2D^S{O zF%oT2;RH&s{vM!>$5M0k9$)3^?ZzGEv0$T8^l8F-pyF!&HCEs1=}P#7izUPr@F3Qn z(*QezfU=skr=4-M%E>UCukt0;qQdMBwf)J7uk3X+yBK}J?$A{)O0NWUf%1o+UQ9jm z&%SL;KAF$ac=pzQm6G78KQ_*Je2&xji`GZF#A((mzuZ|n(UC4@++qXs2{f&EydG{& z+@0Q8aO0I<9nY+D^N+(8rt;-XRys3`J6#$T1L`;fS2q?|z4SR(?96c#C^f#z=if~+ z`UwZ~W#8((x*ecv6x)ezeYC+=w*NSKxkfWFbgd_gzbF#z6$X=Ycj)Fq2O>MWoz4V#)4&ycw+-LnRT>1?P=b_p5?2@9PKdhd){DI4BLnMi0AM98!Q z`W-YzQp#NlL|4-v{nn4*CQ^ASWb*t&z|YGzv_aaV6D|nag=IHoP|IlWyv0qW8zf?G zob1CBx2Cz}@WBKtp<`>Rcx^9wOpCoxaRk|L#Uo|vgD9c+iI`No}4kEuxr88R#&rM%a0@I%zCzj{oQklxgv4haW_bat5uv0G~qed{J!zTQ5PWu#XnO^C)zu#5~c6+nClEf?dx=Zbj4f=*%`BH_*%JzpE-yE<3$*xVFFG)22!v5VJXMRO~W+X7CzjK zA@pMC3K{u+^z}N^rsC`R8e$olZ*J8(H{wu0FB~@^j(jdo;{Ul1nY}3~NS4@fI*)Q^ z*SkHPj9MqNhWyJLGHVX+9;GtpJT}|)Xo%HxL(+8o$-cM5eB#RUsYvqemt-=-^)R7D zcj!p*QKvOu-q5Jt6z04IJaYk|{XkA%ku%FaZgiP`g$W)yBG6b0#1G)0u=*n1-=Hna z3}OsyDoe@tt}fC#*{v?Fn8PTgGR5<9>CY7d;JFysVLpDT;-C&3@n9!T*mXSHRi_pP z_7)8j-_X^_?Pjt!xS41QS;$Lv3kJb#C@?l`WyXKi|yyTVlD+7Vl zD!nYBncKU_;T%|kY>gE&w7uH-L)GXDpK{TZ28r=W`>cXmrq}wfm&{Hw^#9!xmet8PuO1IQNcbga@IVM-k`s; zw6%#cz6S&VX#N$tN&duAJ(It}zJraEy@AnxM(98AHA-RnFTQ%-s~`bC6n@!uJo&}f zmB0AfpO4pAM-nQpX>iyT6CclH^&|@tOnv0qL1bpYX$JMC1Td%V-HsKs>5K)F2JsFM zyO&xI(?idS@_d0j-=f7WvJs7$9?Cr<=7D~PIIDKADxWSlMKTW_xU%1Vfj`X;a` z*$BjYDp;jBW;O2;8nBsq=QuXU^3!m+h41OVa1`JwD}b>-4T;iU!G zD#If*f?UuFJZkLZjgb>@;|#JZvz2d)wFNxF1x!vEicyF|@y$TXovyy;azIO6Y@2J< zvAWAY)Qv(@?R7|Ii7T6{dBRHA1a&DsE1P(Xr+p?rCxhdsWUI+g*20JL84zMCekE zm;8Z&Oxm5DGi_U!Rm!8kSb@~>ObLD)4`_;K`jrle zx{rxqg78J)q`?b8YmOkIKHk%a4HsLg)n*(UCUAcDLMSWGq?CMBO zSi4WGY#IJ?9Ry11n)Y%93%Spmpt1eAC5U;Wu2)fNoQXDXN0d6z$*5)N8+ZnWNjwTE z>laGP$r9`aU8sUghY(0^UXqRBAWk3sNh@+V1r%z61AmR|OJ)X3bnMe;;%jACeQ%#E zPf1cE5^M-Db!+(?@Jj5202kF{=2WyUMB&x^S&^_{BWI zix&Dt0;&i5KQTPRPoW@Sx%AdVl5m8JC4Kkg^CZ$H=@Rt8F}cVNCsKXI_jB#o&INci zH26EeC(mo9(<_#mFQftAf2KKn6IjR0CFyfA3MM@CypV(v)Qbd2`?ko>V}oma_s3Q< z5L)YQ)a^+A=1>dIvhH$%+^~4`gZH8%c*B8!CdN#ihJ)wejw0~Oc~`++a(W+FvEBos zSvAqQQ9au*o+u|QZ?!ejD*uYyt6z_}g8rbe z0dWiW5xZn~sws}LgrmU+uk<=IHLYr$?}GDla34CGOzUt;`~aEP_)EMAK~TM1LkzF? z>g*Hbc)N9?J$qg9frN51t1P9h&qt`Edl;$B2L&z_y)j*wN!F=|`gam!olKPKI>g|y=ZoDX;{*gN(< zhUwpd;V4ehw8UYYma%X)@#f_k5bMazSH~xEN+2FPFgY*q8w2fks*7pG&ciS|y5iIi z@&(`8$BL;nT=x+a%^N;5RXmdo^mynOHs(uY(cG*IdUP$wmNZ##8@_ltu=wT9R)JVO zVODvh%$RkEx_BK1b^X53eWR2}TYd!s^;jvqS|^GhO#G4(18Ct>3JK(JeKF4~bxVU-q)BiKj@;kKHpSA=Kg7!~JoOIyvRW9w4r-JmcRtdhyFUuUL z(VM9`g#!#JSS(A;UV?U#bU4 z@7U>DLY3?vPOKOg)d+bV@0ka(#9%J$2*f}fu-iE}3rle`bdt-LI7+-@M(-8W{EM#| z-M}gP3D8^N(23OdQ2SdJaTujaN<3OqLK=miM{OSkj8$7N|RI=}AH$ zjMJR(F!5%b3-1SJJmOXcQWrw#00AwU9JLrE*-%^HmGt0Lp!AUHAYp+0w&U;j1pD%Z zwcm?^CP^|v1K6bx^O_{}X*C^D$Jr%b`&OUrUpJq60+c3J_Tp$+KoAqmhCr+PKPSu< znkQ1xhPrm>bE`~LwVjr*>*4p(VbF{E>4;{LK$7iKZCU4qz;}fP?rlVFl_sm%bm9O*Z==)BRpm)R@fMb-SrX>Q=|uYZW1~CphqL7aKK@7! zI>EXgRve9JHej?=662(dNPZ5L$o8uMP71_*$>;;z#G68Cd_`@5)7W{;?K6Gk8lZsB z4l%7ujH_g%#X6l7q?al6vW2ww>%==oW4wRWIR}pY(Pw=ePn_!w1;haL{tai_J!H}7 z47)w0mjyzihH`I3jy0hiWUfF)+8ci+03K<>j$O`E3;fuV*Yf$iV^=b!WAh9$k@1{+~_VEB4`s_^s~MWZ_b$0xMnc0O!(1ck(9!_Tyd(6IEkE>S5N z^~$WHps5KQ$FSE$_!6lnYBL(wSVi{aQ$VXKz&>N)pn;Nk2YVnP0i$!`CGebk&Ps9@ zy4*vo+^{J*c4Ph8aSIF8!n`k?BYP$F)Jukx)8dZILbsypt-H;%v_Y+HVl0lVhB`ph z^%?;zDhSs4JMnfj>qeFAtFzfhDy`ZiB6V=7F#pRuREKGDp)GK z@;5WSxY1RO!rHs)(3Y|oscJn;8l)n|4TnRH0rK!0Qji!H&>(0;t!mq7CVK`baAliS z0#kwz&By&L`P=@C*?Zx#5oi1oJ;yjU7e4D!tlx4!y1lm zw18dvovp^Evyq`(0hG*4DJZ7w0T;0SI9t*L(|T$_`O}R^3h*Q(R__K zGWJh&pMU&9*&mRilo%CPt!i++uR~dysoOLUF@>KqhqD+(1?B~6X{hKVe@{Lu+B4EH zPC#3t;OXLFI+H8+aVUSn_YPtzl}???=dQfBnI6%TtKIsPDbgMAc}aGwNZaykn1q@Z z8^Ju`v*qU$9Cv3SkdPn>#K2(mvRoWArHLLR=nVQWNvVpE2!{_Gc9p3Yt!)fPQxs3! zRZJg>JNvKta&vj#zU(%brCcoUwY*GJzP@>ws;Y$Nu1UCnANV2S4i%!-v&Ql$Mi&ot z>NyDjF5L1_VT`pf_Mrf7BCRME*`XyM>7WoQYN3zhA%F~oO(1$oDky(k2}mF)DsXa( zGHCF2F$7AUFmmm!uo$;hKeS4jINH)j4vx0{>kNiOU-TA=w0EI~!%MKbI!Pz>YDvq$ z!4{!f)Ab4719C>(pdoWda7J6pd=MW-wzH^sg1N_nkV)4XDTh(QT!T*%pCua+=R}?T z>~lMN!xBQ^l&dVIPPYjMg5T5%H4bd?97Udh_2=`(jw06+5%R~o?&pyeDAB*Iz8&UQcy zic+l$yu)fQ)D?W~6f_Vh3w9#b_r39gKD!*8-s$-@X%FDMiLH&;kj-62M2}S3_yZ1@ zO*Vb{toqQ^_Q%G@ieG%Umz}_*mC;Fgavwe`AyjKBfzZ#+PN-yLp(yU8^H+OvO(7-z zkW=ob2uAzS{25olLMLYY-%>Mx{G2(0EMv9Cya-)C?nBMPQ7sDKbATyf!Qf5S{; zMaaXFFGI-xsw^zg|drJ9rH_s&B(hpI|;+&yv@zf z@ALB-_qLg^BJF^6T=||Tb}BYM$HNs40DwfXLNJ(pehW0g3Qm0rwO#dW+I3+ z3@q;<#vwIB4NKjgT4nZ&>Ii`yqr zq-SP#Dv8VN3lbb|i+kdNKDdikqNzO`=5LDFR#9E|ovbfivGpJ3E8F<$uWGLDt!AWO z`s!;?MJ+{nXtU%%s8BmKew=GWIEJPnfSOg4(K0iQ2(9s(YwT2%kC`!*mY>{vg%T)yzge1{cJN38f9^e? z-74SmYA;_;ekH*@IJTd7DI;KrQXK=07NdT@R5XiW)oaRxDh(-GUMk8rHdhkbdY->r z(zU&5;T!DylELL1vVQP-1U|95n`3h^^DeuGv?cjf_5GB}5-MAxNkBXsencQOOPYZ# zM#WJhQ6e&GdLisl3S=A)#+vwE>fz$V<5#1pY;w3U_q>>{mYrO&EhoCfn9(Y(4TRR3 zJH?ClZKTz5?7a1(93kFn$mcIroFN{kLcuGYLqBCMgqk8%Z!n~)M4h&(lZ)EUm;6qm z5j0sjY}agUavB=j@+3yIWUZ6Rd3WS#bG|LF z`%}j5U}LRk|9=#4XX-1~J1j_ElPX`2o%O(?>&!l(Lv5Z(bmi6r^Gy+2)#uS58F5-~ z`dq*{6$p;hC0P1eFCZ>8vN2*$?BPZmCJ9TLU3m(K_FSPUgj2LA4lxk~jtyt;<<yxBd;_S0ks}rAtX%BVu09=B+ z+WSyx=|Y))rYtV3Xk7T{N-dQr%F^#F{}^0OpD?^V%3vueIm~(mVYp}ptk*|*DZY4n z;7*OZ=0GIHzU@lV;Bw)*Zn=G|Zw-dg7=T>eeQcEGz}Chff|jNzgXOfB!#1I!AcdWP zL9Yuac5fCJ^m7&{sP$*!nFuw(J6}QW@vQioK>VDKm%leh9zM{{ZkJh0GU+}~zhr0Q z=FrwkZXoQ>QSWyIo^^gDs>=k5WkR@7&sn|LjPD3p3>Nz%LeroupwH`p`2{;xCrm#G zVB?SnJ`1{R2Ig86H?cB&A9vde2DqUdWIJ-WluR<$X9en$^?Sven~$>J?}-4RwI?#IHJhBj*g=F#uX&y_~8f0ny48O)DRN`k3 z$Q9BDwO3mDDL5%xRZaiE!)z}5-dbx}x$HKGMl{3JQj#Gf@zcgnt^dn&b28%(bsI$G z((){pF#ZoX>uaIIxQ4IfvC=L4$ z$5ZHY)?f7j*M5Xd%!T!IE|rxR^-$k990#uNi5c(l9gtf)1J~Z3JTg}}c0as&lXrC{ zZdMz$V92e)vY#`=TNKgxVAd1wMMGAhX46NCssSJ)QY(uaWX7U17sVyK52_mMiTYj= z(yDf&GLLyVsBt#ApWUb_3>>lsjgVRdfUX1#&jW+*`j+@hOvqJL_b^VT=7^MTt4-P& z!3}zSD^)Crtl~~MY1hp%Wok7IxeOex%)E>zO%w}OFBErH>XyC}pDfo10AH-QpkfKg zaBj-MCzGYC=uUK)Zr8}mq+z2GzDC`g?f-%%6pj?5+w|Tg-6T;`r{f6 zz-GHR4b2)=r^qePsSFzi6d*Nd<6fYsDI=~)d^nQGiI(CYXFW!c7C@TE$%=H&Iz$lH zRzNJm`Xm{>y?aFcAzxds15%u$MRr_B;P7#OX9hD?n_1)*)DHSReV8B=}FyfcOJSqv5n zq~*2hE)G3?`sBm6Oi=`~9Bze$3bX@hTO`<1#?7-56Io6O!?*F$Y-1J7Kq8$D+{sS# zlA=Y$h^rDLbF!PlKJpeWY8m`n`$W>Ip}h$%+GGst!%++-#;)M!oAoALU5G#JEDVi^yN*6Z?PE`y)6_WxY4l7rouHs zcVE@p86Vo-kuO0#t-x;TCb#i|4GM$__`AAW?}jRPPWC-g-7NK+M;8~wC`ic`>H7$k zv6{ugN%U(4^!v9G7NIJL!NIMst9!*f?2YyaLQxK=;2|*RR-85J?i2GX=YW*f*vD84 z=_y@P=UsmE<3`{L>A-Er7Z$D#II^ADt=}x9x)> zraKv3_f~J;HOm??~J|z>giky(pX;lgM6Bdb7Ca ztnwrkS_h%Zb}S#0gsxGDVtXU%K2D7qesjT-|Sb1uBZTlU@p z7J!+9ef0>e1`qfs(E2iuWRGx46`&vo_9BB%JwwM=<011I0wdmlI)3f~%1$p7b z6x{48&PUmG``Irw1R0uivq$>Tii&f-6t1${Fbu=U;oQBz%*|EDMXX7IVScph>2n%| zWMHEc-^6;po_o&s5Hq{}hef^-*?`zsX!6xGZ}a{$%B9Zui;Y-)y0q%x9FN%pm0|4ZIqS(K-L4UP79sc1~=)AI&%}08q&I1+I(W0byDN2N- zSalj)K2Y~cict$0mg4ri?aN}p&+l1jYi#Y0pv1Ds?22Uv>My-**fd)8^J2 z&_by&6K}D*l+{vjy>OVIMv|A>{JzRN1VpIq+>W6#Ucl7&`_ZXPvgO><+e*_LYr*vz zq8dVglz}7IXKn1Vrn!=oQgnX?Rm?>aR3rg;zGBa~qoFwYnQwFDc&QNQST(I}QTiR_Ql9)U2^;9Yfn za5$-=1flu$>akYoU)bX)fw!+Ds>#fj=C)FD@Mw=%F~Fk+oLwSWSs@htupS!ccF0^7=c+DfwpuYWH6#b(%Mf2NLELHLwKC_(@v}5dsz1p zf6FQ?&JQv>mkuHo#|Q&9<>BS{c|{=0{pP8L>9p0OWoE9tv;;=qvb7-?f@zB$x68!WV1p>ybt?+!qIetEfYg)!!F`ug*BY zv=o^*?4Q$3`4)^HHofIVG$&btG!(4uG2(qfjBs*I&+ar}v%$l=x=8=@`*J7&SPdKe z+6W4V0|0=3S`P9;e1cL!G**WHKP6zN%7)Dj3!L}8P7eVsbSy{9`klNkBHyg`MV{6) zcnC-cK^!$ZvbjXIH}UA(Q(XKRo0vxmUT|k2ypT5`uRJlM@6rpTOYzq$|)ATWZu}$xs) z&fFZB!sASf^I^cWWx04NmYJqz0jnEjdp$qCtx*Ox_DuRgT^f6v!joCRSMRJ-X| z0Id!^^?@1wjk=paI8O}CEAp;)op?9|HMY8Iz!CTphkjFitI`@^DxeLZI7We|5c3=%Ex9XwR0u$VC7zR{^A5p93smqG_qmz zhzKL7z&E5szaY9`v}MK8GMLu8VD>U47(~#B(6msQb)1}8v99%K*weYC45T9fPoQLv zP5J7*yD+b$lnA)6`?R~HT&AXN?LF(Td82qB;U0+z+6&C#H&c>i3ZM}Lr4`w3uoGcj zbk!adx(0-EQmM~2%_$2CFT1jZa?@%vZKyWYZAfrR!`2>0;(<|zLtq87XKx+3! ze~06_cTP%lZ*)qGluTP_TInON{VZ+ar?NDIkfITZNtsZru5oMzCvCBN{zO?!fhmylL^JfSLHNErpyjs#vB2a&hz8_q!cGuuX-GYJH&YEa25HpsLBgOR}5 zTB4p+6P3vi(}Y$QynkJHJ60n+Q}C7brcw@%D`VQs6X^~=f%$B1YZ7Z_oLfff_8MWWdN;icj zl@@Q6nHT)4!cH5o&9aaV_^A{(;PSXoWhY%n5A#91Hf?(?qtB@mn-ksng>paZ8_b#o zj{5n3>w`EN`vd)dNslLfo%nxpUCu`K4rVsi|EXpAL#n70)dSN@ha`CM7*1dkR*cs1 z<1IXpY37U5$-qKD;l_F)%)lrEoy|HAUVSUd#!qxW`{3@9Q_7OvPe&23C6=jjW%m#V z7&52Wd}5K}B^T%oa9_8eh9^V(slEjQ5BHDmHerKa{JYKX?+%JeS+A{OD|kccc|Xx! zX7c5qAVrY-VPqvhK!IR?Qf6cR8slFF65x#Quj?Ol+7SPy)BYbC?Y~U_Nu~X7rhn-H z0EK=se=_}d&Gs*lzuw~i0rI;j^6wx*5P$gp{~?k5XQTLC&-QnK6UaXR{7-e;KZE*R z8ufQ5*k2R&zs`l>zYC@Q8Nlz7jK2fi{8D56uK@ok(D-Kvzi;#Z9RU>S4+y_+`u~FY z2ebZrZ}RUj4LE;*`L9mpKO4#KHR9hPVhH~L@!u-Oe>Rlg3x&VqToL~P=YKC7{@Jj8 zPsIKX2lDw3aDPk7{u##a9`o-Q9aMk7_|1R*>BT|(>P7c4*dKMSq2 A4gdfE literal 0 HcmV?d00001 diff --git a/examples/aws/poc/dsf_deployment/main.tf b/examples/aws/poc/dsf_deployment/main.tf index b31808ea1..1a7cb3311 100644 --- a/examples/aws/poc/dsf_deployment/main.tf +++ b/examples/aws/poc/dsf_deployment/main.tf @@ -8,7 +8,7 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = var.sonar_version dra_version = var.dra_version @@ -16,7 +16,7 @@ module "globals" { module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" diff --git a/examples/aws/poc/dsf_deployment/sonar.tf b/examples/aws/poc/dsf_deployment/sonar.tf index 01104e13e..549860991 100644 --- a/examples/aws/poc/dsf_deployment/sonar.tf +++ b/examples/aws/poc/dsf_deployment/sonar.tf @@ -10,7 +10,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) @@ -53,7 +53,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -86,7 +86,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -104,7 +104,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -135,7 +135,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -169,7 +169,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -213,7 +213,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/aws/poc/sonar_basic_deployment/main.tf b/examples/aws/poc/sonar_basic_deployment/main.tf index 96ba6a879..0809c8d65 100644 --- a/examples/aws/poc/sonar_basic_deployment/main.tf +++ b/examples/aws/poc/sonar_basic_deployment/main.tf @@ -8,14 +8,14 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag sonar_version = var.sonar_version } module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" @@ -79,7 +79,7 @@ data "aws_subnet" "gw" { module "hub" { source = "imperva/dsf-hub/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub"]) instance_type = var.hub_instance_type @@ -106,7 +106,7 @@ module "hub" { module "agentless_gw" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) @@ -136,7 +136,7 @@ module "agentless_gw" { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = { for idx, val in module.agentless_gw : idx => val } hub_info = { @@ -164,7 +164,7 @@ module "federation" { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -174,7 +174,7 @@ module "rds_mysql" { module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -189,7 +189,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } usc_access_token = module.hub.access_tokens.usc.token diff --git a/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip b/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_6.zip deleted file mode 100644 index a517c140e39f58895a424f99e37281456fa55e88..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6063 zcma)A2Q*x5w;pZumP{CRq6<++C!&k!qIU*CM(;%QGNODKA*0s>89_!1q9s}gqSw)) zw-87Nk>Z6pLS9j|cdq#={Ib~GlD(kR#u@$ws@Mb~bp?Dkhl zU#~@atAhCa=b2GUfI<$gk(VojghZxPAvdJW8d)3oNy;XMBo!IrMJ`0nf{$yOGiM?3 zEw{z*BIn9>r=-p`@5yEgzI*Pk2_^>bP)1lCFx@H@oMmjX3A=RkDW_LyS#T9?<~@%! z5QUt3@@VLWAo}b@(^;r&M|D$zAj1iEBSVR*1xmfu%PPs49P+5IdK(sDcVG2aFNI;MxcJ}etxHG;k0nN( zeV@NH&98_rnT_+CdU(N3*Xkmv5d=TN(goQra#n=j9^v;rN@9m=f&KLFF?=KtWpGei z%Hpo9tc#t%5M5$DB5H&S>N^h60|urJ;`S5^<(u>Zma`%I``jveagglX6bLo>G=266llc{x&U zZZ49t(ypH4Es0Ele{?E7HI=z`ygrK7VahRfs*1qlUK}r2=8lkn?RfOhH#?r&AD;Di zq9;w)UEUgSnqN0b=Qxd;$@6p=NOjW;4EVa@QvF_LA!)T|+vV%*whR3QVbFsYd^CQ` z+0t(7mlk9@hI?iDF?{K@U-N8=zYv)3MqJyMF=?w32XErI7Lk3~iH;EV%W*@V3Z)7{;)NW+@X6&qxyvAW>^ z4do^sAe&P1ChSt5N1wrpUJTz#~8$&5Q!VItTj50 zj~x+agC#v+Et4EC*h>RSa}>@?ro0(O!txB({zdl-+{otLOlPiCt;MqkD0N?GZp-2x zatJ~}(IwN^@K!&_a`4W8V?~i}9zir&FV6xnG*P5I*ql;{PNL)48Uc5cN+jWceQLN>W`~+{~$5h>teh8SxT}mLYpl`tuv>5 zo0!idK>PYY4-zUbmbkdb;s(*TuyU@+UD>}ZQ6lv z**l|+UpYwUo|EHk@k#4QodVzCXzn(gk+c&=*D&KUB#Kv;f}gax0;wa33xi%P@{YHR z9wKTp96f7#3Rhb)%nP_WK$WHE2SqCy&D2h?>#<&tCF)|o0NGhw-$psDf
    MRuR9zuz!s*^`YucVrIk)4GNLgxDh5`rT;zDOqx% zSx49JkATlf=+U+}YS8l~ke=@T%di#~|zolI9PXLoJYu?N}jjc~sW?c6^da+O)g$ zHRYbecpoS?BCi@=|ExR*b%vLjVxPV6cwN1kdq&^hhwt z&~CuDP(u(l&Wa1#@Na>@MQK%Kq2HtN&IL)|`B>-k2tF|QLg((p!xY~*oYonk&H%X`kr-`^#vjcyS*ZBj8_LKHS{HaAbE1QfCl z_ryPvT9j?N8%Ic4M|H`Z#FU~*B-Y0Bt;_h?st{RuwLXf7vK*MPq8i!>Y_$U#&~=bT zjjWK+T;&oy5NHHg3(x-$-9PeRkW{Z~We{4k&Fu4I{esE;*-L?$2dTmNW}4H_HlD$USn;9MTxY|HLT)i?O;`n3F29Q8PZ2NOK{ z8+ux8(ogC!0oQenH;nS_0^QSDd>U+p_Z|Ao*ZUyOf~(1I>HNmf6(<%@4Z{G6yY12% zxCZb7Dax+;37BU?wIIK}o`JO{i$=ur^p&)7eipv*lrI=leZ3;tRJt`%k6iS zGu*wPeI~c|tR!woyn>Y(v-vxKNPEpDyDgcX$+ziRhWGQSYW~7%$|ZHm9JHOaGA!HV zDzYlyCxQdNuX(D!o(|vJnhACAY~P(4*XVg5WLZzB$Ut8%W8^i(5ch%x_Jg+<~p!+=G(hHqV13_@T?- z4&5a?9quiH36*3F64%{#XYpu%>zjppGaX^^T^o~YSs^rpy?vTzU(Nlp!m2u>rE}xF zNjerb=Xy@*Dn*JxnWP%}ugq2AfvWZBUKP;bsy&U*460Nm#mq5a?7TTbbvuv||LxvM zV2RC{(O5sxP6>I;@q`&zc|gcS?JVXnrLDYC8PjGRnhS>dkfEe?{kdwLOBCFWvTo}1 z(v%L~OYLxcqruPM2*oy;Eb-A}XV?o!!>!|J zVZCl4a@h=1GgP6az=KjmgfT)$sacofP1do42=3d8em|prA0b2|zvSE0`*ux6i~4JK zwvQpqoe#`JScQ3qm5_+SZ?X>_>-ZttmiV+nBtnQmR**7>+;Q7zCV{V|0d*kbU5A~$ zu#XOX5+MQe0(BU1-0PoSeY6o5GrEo?Lt_ErYgpWY^hKAoi$K6@M*%%T zXq6sMtTO<|y$t*6m4H1j<#SDe*Sk|6UxwsnOMU2J=iwDm{C;;&?ZZ0hfr>b+tZR>V zm1C~}LrNdP{&=-r!zrkAR6~MT5rwSxocc8Vl%f8COe%>v&}^B2`?ptZf3_~TZ+_A^&)ov z2#2^vLR9$>{Y=5WE9+66{R(aArrqjoZVotn$<~j8z1=j`yOaj=OAaTQPD=5hAzu9x z)Q`iLRxu)-Zfo|K6~D;I*dR}Su9pev$J2X^%4;lD(Z_;5ZqK9!cUx1%^2s*NJ+EoE|+F%)Q2TId#N}Tdtf%WPmy}kRB~V zY3NSFWrLcPZAWmSYxxZ04m__(wghO@=ojLg;^FUAXDPVEND6nQTXJQBJ@@(sb~7g! zJG4A0D9#%*)^}O$-QDY-cRyM`$R!(9N&NmAPyEC(tfNG2NC;toNMZZ1A-);3{@m|{ zqW>H4<>mAkZ5QpQjLgl2Sc*!zl9-73@ip3X{w)FWZNK)Ye9|95VDc5Sl3k(OFM4yj zwC-?9m}n>S$u7N=W6P-ij4_;*cdAvQw(xaUf5K?KlT#u=eL+<&s#KZS69q*`wpCrE zxt{_bV^TvU$dX!c{^Y!$on0FW`Umz(ok$`8062fgd3wt7N}9_2E_VNXe`MuJsST|Cv1II@+dXK&HAy(Zg17kUSli7zyAs(`$iG^!aE2~`dIHk7k#y9DD z&`}RIPEfU#*^eH0uuUhPf+yrqN<+%Gwwf8bG1cu-q*A%cL;PV$kIAhD5)1F(=7O-+ z%G!;&N%IB4xLjEtirIrafhzM8d+wcaa`H9})0w$mmQERv*}04GTaTaTcElWA9GtI7 zhIMp04Y1NG!=jap_8SFTi7Fggdv;un!tnFoC=!ZcK|CnO(jRjsP zxuJGmm5jToE}H_aka~Iry1_!KdBlR$gB$)R2hkMebF2E=bk#BOVh}{blA|<$3FnCx zX0mS)|NWgkS>DlmqRf~r>&5&Yf7}w?Fw2VKkw-{R8WJlDi{g=I3uN>4LL=HVgKs-0 zQF`B8;vNyo#jS5jZ!)#UzN`uN&=dO5kd{;py)NN6Kz7o<|!J&j{|h$z8np16#Q z6!|RYvsr>BL}2G8NIE|X3%boE=1f{5-290{zr#qjrax{;0^b%!!<`-Nk#h@K9coNP z+&y7V6fT`cIM%sBuWQMaP!j=MtBqmF~ijQ4lCDEP|LpMwgpE&p@-JZMR3%8Sf*?pox`>nj5_<1a1ql%8y|*AmI)o-5NDERz6ObmoD?LDh zD7`7t1o7eh-+N2fd-r&hcT3fk0+F07!!Jw|b&UP*ymO_@|mf`~Xdc*)clQ-3NKf9+72>|EH1|9%#CHOLc z)@4}Gw<;QCWoS5FU^r-wVghy7mw#{WM+S{mjly%1#|<~wgx z&&n=#Qhu+1C|$k)^zB{7yXY07CscPHiOtN_v4-A>*csgb5? zNcB(#@%dnx5i5WqPOiz))p0^16Uty}Y10<=W`1D#?1ZEOL!9Wj=(oV*`nK#vmbmuY z;`dUQ%J=4_&eT<8vjyK|`KZ$p)9zA)TOKgoDid5}Y_$r#aPX|42e&V~+-c)Ii_yQs za^}VZ(GG?W+ug}v?;Dso7U!hf4O}a5XziCGd8tit-oi}k(ZN)rxjd~uNg=84${j2y zmT5*RS-=@;O`F0Y+-bwU%At)r$jUupA2!UodhI!}On51%n1-$m9#L_tdmzG0Q4xB| zsHQ!AydNyZb0eG|gVLg)<7v0$U3(y%3)zR^ghIbZ$LAyvT z2_C1$c|nlDEQg_iM9ngV&e}zdldV(t*9>! zFH8!m;z|}{z2_gDbI^4-OG5miM;JPP>kl`p!fsFUdmSZmKs9K+^;8&!@b56#tFGj5 zS64U2%%X@cFi*nkg$tXy50PW~CidcX})kIgm(mN7K$M76hzn3}wafEyX%>O3vdk#b8sLKC5ad&fL9H1RK* z_mjEI$%{GAZYGXzt|z_?^z-D^i{>&g*~S85PwKfP2U$lm{mn#t1m=T`+k$G%oEi-L zvUk&h1gVEkMVRqS$moKqRLk59N}AwrV3;`fkd%huFdB`(b)1pLf?Xpn3njDEt9iK}WN;SJ^-<>dTmYri z%JkDf*LSuGnd`*(b;F0}M_(g2wBptCV!FDEfVoNNZDngKWG-SUuspyk>MVQgtM}}^ zz+oe&PCIR}oq&%c&$*a}_U+u8rHAp^LTBto%kJu};0Z0Q?+``aRPqpKnv{4DVT)VB z)~Sx+FS%wlDFD9fCV$%@Kqh+_6?!+M5Wi82J#%f?Bpve}SoH9=)X*dM{BEtY&M*7e z>nKOzDBbk61=`0`cp3J9$AsMCeVsfdDs>W!?EtI2vy%CN7b#5_sjJD0!)vc3WbD31 zhj$B&xm58_<U-Irt8?b2msU|-hWkFHZ?joZzn>P08Ql$#z`&eo)7Qx+&bd8G}ocPgb zTomXg)P@sQiJeh77COOm)7FE`GS?DyGx2uYpr9A>*Uvu_Jw<7dA7Bq+Y?Eu&9{bCy znJvA4>n{8W@+`hcBA_2ls6UfI4}Dp*;~EDTe_MrB)_+RyMz4V@Z6m-~o@$zQ(agEA z9;9Bmt|16R_{sQ)zjjTf#xIP+`{#t3!pU=T~14*L6*~7iPColoT!ubpzm@Q5&q})PgNLr3 zfrWfG5oXR`)=vd)W~>hg;zKttWXdFiRI|@`%w6(sKFJXQLpj!Fzu`Hk#Gd4RwmGO% z*#Y|r6fG0GS%9mN3akv>q=@^pEjSo|l3GI7_X(}qPQV5!2f-DJg3ge==a8YL3tFJ* zgwBb}}7h&DX@-`Hk;YbK<#*d)*XU^8(QTSG~9?lb|1aN4}9Y>;SEFpwOQ| z`tp0kwL86U!oU?qO3oGMguknt|J)H?(xu8xUT)rQ{YmA#tlS)}tf6*)+N(_&nO{mB zC~)jm)BBKKX6T$ocF+}-P?Yh^L#L!ErQ`7{xO@|0hH#L|V8YC5`<_Lz8+6Vkxt_M+ zge_ggJkNi3Cg~A`L~Kw}kxsz9p1TPJx5ZDy9x#WPr!sb7glH=wbFe#ciN4*)DL}3N~7S7qxA*waq2_7IC~E zh;x$qAlrH`mXM;6@`5>$DOsIJtdr+!pHcdn5NSoN9)gIXf*^BMIi#1M! zNQV)3mikMfW>K5w{>+1zlaRE2pS55)Z`7SsJiZsg7B^}X7G$0liOKlDqI1J#T|8gH zkZBq~7t-u~#85pUk#SE!$Fr^&|LO6*vP?+x&5tu%ow>s)diw8No>o-GUY%ih!UT=_ zibSiyn1x z>O%{qDEgXaZQPn`1^MlC^dG9TLBg{#R?{l@+4yFXKcP(YbY94IAk~9&;%BBxcivPl za1VmMFu8W+ByzLF$y=H-o4o;ucGYijSd;1)e?>Piyv3%d`UtBkl{6}G()2dSu9VL=l7A|GkH zwO4GlxVQ0V!AYo8T$tDHhodjsU(I1{bcDtCtcV~Q)WLW9tSwx5$B*&K>-`hI z602{9(<4N?C1laZv!=94V?xHN-=YtbJ1bh0P@NA$@@YjpNfFZ8K3oltOXOXTa#*zn zua}Lhq;xyfLHHRQL@=$!c@g(hQz0v<-~`++y->99j7B=R<1W+;LwpqQ*ybfm^R443 zVV!;cVVd-l8g zp+ok=62ZP$fku=#F4bt|kd?TYAr*!ci2;bOV{peZJ~*$R`?1&R+x9&N2N$|I`3?vn z!2@oX#{e8yIi|8wz>b$9OI_gA-uzH$aDJ{-&j1Gxuc*TJd;6+A8zcu{ahvkKecm(EUbS+|B7%Wx|-&bxedm|*2~rOSZrJ2>QkNYy=P%8 zE)guseDD#bK(Ez}$lek8&J2@&wN6)i9KNK7PJte->S}$8;{_#$b4({?cp|~>BePcn z!dBK$qP?!`cBobFh`AVlH-4_t_>5!pKBLk)TTRrlpr>oP)c9UUidX?D=VUxT+H%c# zT`fsVH&#l%`aU5JQ{_46qJi5XwsmVz_!IHeMj)ah==O(-9LL812F@dQKR~^mYhshx zRq#lb>DJ_xx@}ApiY>WF9idglN!JMZXzA#bC76Hh#>M;*J8p$i4v{|MP+xkg90Acr zLuLKjl&mLlMb--#X6$)h0k;LNtI{vWI>tfYDld|Ai2;lDq}%gl0^Rn9$M&*k8M`&y z$jQ%IGB@_v?O?E`tbV7BgM88{aKiUjc;Y7(q1`2_6GCu(c=C;&P4O-NjV$k%3O;qT z7Z>Phnm(G*%k%sNd5|F!_xj(1mN0m%=4TC!Esl0Bi@F9-AbH16J% zFxE`slU*s5yOCM@4rQ=--?2gQs=3!=wID{b-MkWstLKyzcND7=1|mh^lASf@X|Pj* z08~nd1ZiSB&hMJni4b{)xpXHI@d1FFf6_c1rTdENO8m~Y|Kxte>zQk!1^*H}UWx*p zEr1P6c`wKFaP@gY1_uFZ9*u2|X-4T;jh1aVOYL{bpncL!veP*|2@g$9RC*l zH4|+-<;hsm)z^F4Rst>_3uM(HQA;U<$}7> z)De}}NV^&l+0^QpBkjb>+vT(vPOl`6_fsrSWTz5})+txlxUe{7)-WShx&dUQ?&b-i zp*q(|_sI=(!YS>n971tI>DG1|LqDpvONvA)Uul9rG%LW2^F$$coW~E0o!y7^#>(BdYDQ=0yIVMBvMes0husRu%I}UoIzKpDmkjOhbsS@- zQL>3rH2l&c*g;g~z$3{WXY}Mb85O_ZvScxW{-)klomFMo>3n9YKvitv$0$6Y+|?K4 zM$8LTy@+>@e^5R|Mw=H=Gfm1pt9$O}Q-hS}h_>l0Eeh!whxkMnlWi{ZijWy-KCh91 znP}gTrx8-is6sZIOSMg!lRV*uI_1GzBRy}`UPIR$6Myh$fmm>s`7+@IX`tqYKU{fx zcVCuwO63kSYWv}bf&m}g675ins^UqfRJZFuOLOz$$@FDXY?IKW=JoN{y>keiugW52$6mrS43{RUii*|d?f+s$fdO&pB6ReXtz_JQws_=3OA*3 zc3u`Xc(8@$t?N#nKS8A>$4x0 ze3po@{-z7W=_CUJjjF;6lo^S{Im`Lfp5(_U%eNYQlT_!l`1PfP8yn9xK8pWdKFtqH zUWZ&-eZ!ZX`%mTLW#{JZ=<4#P9ix7HC$LM9QgQDzmhBO|1gCBGA~r(wot)=Z36c99qdwtA?Uudq1^wfP(56GfO=Kh2qq8o9@jZgHclRXV9M`qfaB!LN z{>~Sry=3~cQ37`E{~Z6|lH&izCH+4R=}(Bi^GN>#fpZ!BMX2GQAbxdBFTs8~rhfqY z-OTzGjN#J3{YO6kYi<2ITE8DCenrB${Jj5&^!xGR-x2$LE&mnnkn#_3zpU*4j@s{u j|0|a0 val } usc_access_token = module.hub_main.access_tokens.usc.token diff --git a/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip b/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_7.zip similarity index 52% rename from examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_6.zip rename to examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_7.zip index c1360fbe534bfc0f3c99c99c863d5a9def5efa71..1c00aa57c95d7b4e6252e90028b2b388948b7bee 100644 GIT binary patch delta 2175 zcmZ9Ndpy(oAIHZwW$foR%rX>Kk*(Z@;}XWED3Op{BU>f6&CuFcN;Hnra+gp!cq}xR zTsn(F9hZ}3)Vi$5{X{IfO!33-{2u4j=ka(yK99%e@p?Z$kJn$%0~p&g-Bo2z;1V8@4vIcsY<1WC{!dL4eiJS{$)@Z(NTbHALcZku+))jT(!k z9$R1Z{omr9a*p)IRiqETfRfKX492M9aS_3kQ~!_s&1YwWb%AuKbQ6>XIz!QJNubI= zh$9&de3F4nU+B;r@WE2>E1q&{AM5pPr4F?O>}WG%!aYR4+dn79eoJGnQUWibxw-Py zE(ge)&@g)~(!m~RxQEfKF7jAHmtOmDm1~77;m~%Mu|Tq;c4>V?{*dKXJ_hH#BXaBy zuA1!D8HKrU)Js-6x^?eZBHu$)8dvfyV{in585Gx4w0Z4(u0C@Yf^;SUlQbkea z%gHBf3B*h~u)A&-6eR^{zgt2|U`W^Q7I&t+^}? zj+aq$|IL=2$E_n49-vAk?rk%0qMQ2(Z_5oHPI$%k({cU5RfN9io}k)!VGiC%?~K7M z2O77q({|c>YIphhl0_Z%j89ITS5El!Zoo+HKOjlmK2cvrR|x=LsNN&IK?)yp4D5Tq zgWvDTk3(dDp!(soENi$QtWohScBCk2QxQGmwwz@zwpST9+gl7zljfTbUX~g=9D0xR zvE1n6C-Q=tXEgqqA;jR?2w&MITh;wW`gu=U1*3fu{_3hzil52b_})>e`YoZ^_8$tP zDMP>;?|{t;rhu(hA-`wNYbUbEO-j|RIeA-`d+44!qZbcNDp&T$oN0px%S=(^Ta*3D z+*BNjxO&4L9$w7x6l&UwY9IXcPS*TW`4$^9_igeE=1W$^79>20q9!yGe^>V3F48X0 z?6@}x_6nFy*z=j;#O7YsC!ghIaSaC0{<+V_tur@q0P@5I!RLp%IhpYlnh|GMw7Mqg z-k($P3L5_i=pa@d$i^wtFc>hjVYOCKljTyVHjB)WKX0FGZljVBd z1f-}pI5}VO-L@Vz*JP@YGnsOb;dihFl4JXgp?MWcxHXR5E&y%Uz zD$|+@08aUd$Ium2v5xFuq`@bdJfz~&!ItN`Fcz}^xI@QoD#RHmv_OF#?s{(}x8Xh< z6mWr|ZZ9(P2^UU~O@=&i=1V5?HNU7+PZQ{G+bnh#pG%8MD!{`=IHa$+Dg}*0g7M}3 zj*l;bMMyG~Dy&uQ64bSuCY7Onw+XU>=K{>VY0% zOe2+HzWxPR166KDhB!w@es<)M>w1}3f*r=wu&3wKD7I6%z^XTZ#BzBE(TO#x;z>k_1 zvp&re+7EetT`~kQfBU?mJV(SzZ9@*wCG`pr`WLa}-bdbdvzJ2tb9z(L(o^`RtP{Ue zK4w_Wu#0chH8M9%L@%(7WL}Z0`j?n4 z-TCg~ghrUH)h{>8qA!8XroTN8*`L;)nTKmm9xJDnooZ+z;`?S0f#!SI+$09YB8@lf zz(o{{p?gY0GpqCN5m|@2E;1xB8)7J!lO5rhE>1#~-L>q2njf= z=!wwnM7W{O;%-&eh*+Wzq7 z7sfTG4`|Z? zL%fWohK~lOLp0=!z+?amLAM>Y=v5aVdh^zA>Y419;N(Vw2|dZzheUDB!$-i1NkP84 zV-$Gy))rhmr`55^tymx(>3x#m>s@aLY9O}r-wlpFB7AU$xIj`PRGgz`YGcGoJ78KX zbM%+XV%7J!`xn2Dtvp@UO>LUhs(bIL$uXJM%`2o6qUWq)9RWn~fG_!`!bwhp;`{by ze@3#x?eq@fYv?t|m}}sl37AuU{5Zo1(Pzr*yXI#~`r2aKNLtHPzJdLm23O9dvr?K| zo@!T{;$L=8rlFa`f03h^*)JFfzx=Dh^0%6`S6t1f-CF_5zJLbiX`uoHACMoabqTIg_ko!? zq>uv$hepu%l>u+zuWP8 zsFz@K-Ms_7)z!RZ^&i~l^PoDa4ac^V*GJ)TaltW^;EMuh%bv32qYJ+RW6Dw~7KTas4g+PgYiv!c-&tK_hlSW4unpTTUpdeJ&p z4QUBmGd6VH*letZ=K6Cy(h~8bnO6g=W?l>YW92ENsnWl!{1d}X!&2?%YX4ByziHL5 XRQaLRPY4Xka#j03boiS?iD><;1E#GH`=h=|UB002>{F!U`B75-p=rZDc0gjt}%W5^LP^XI=y8P)C6xBS42Z&Rw}ttTiY>C-TV< zamTfy0Mn4w2P^8cPjbvG5p4@E!6#F(%8SQ2(RwvodB%tCX(|kN(Xg-CBO~q$Fs+2} z+FDJy9TmKUo#jd^3eqgB|L@}w9&mTKc4bD<;;(n}>8?Zd&U3j;BJ&3Fdcz{#D>ae% zNqm*1N@{DnI$9jnOw<>++Vn0orkAlxo9UZdH(|`fqSD*-1XYJ#mRml|r!zl` zngefjvCv|wBGf(YE9fOflgx~m{B_tFzW?|(^$jKc`@q%Fk5D4p)`j?v-4h7N68kYglQ(Myvuv!emQ&c`a|DImQlF(fzR$vmuB&n zsgwa!U%az~-JBhKxW+KB(y(VB{;QjkI$&u&mz|?>#g3}R$6c#+WOR2XbF%;RD#$M_ znAd}eNIG@TYR9V9LqoNIxW^a~ODh5Fm~vDmE>ri!NY*Yjd9eagg%+r@?&%rEw9B#S zc`o0mWFoBkH?X^PTcPe*17zNQWr@;R*R=$$TBCldWJ5s9hs+KT(c!7V#WBmtzT2Ce zJM6vNh}82~i^3akDt%3?a)1WeQDTSF@}Fj$?0{7D>bm9gKF6uGO851{PKhiz?QiNzKUD;cCJL{GgM?D&%v)d9E-%=~E0gGCeH4&#*RR>WglZ8+(r#h8D{e zuV9aS%ve}UffKY2^#Un61dkG%CgVHLW7RD^soZXvazV1Ap~eSS%+P1(TtKAQFB@#L z9cYuvPVUW|W+PM0awCtVGK>U~rDsTxzu?~`d%9uE&LL`=%5xsqW&Fk+Po1pYfdI_| z72L_gUnoTL@yMWUhFq!g)%r5Bgdt^h#!3%IbDDJNHPgeTIK6G{b7&;1n#j2SDt$_h zx|w3S{LI>QX3B1B#cTI>GA3xvqRN;WM<^7X_ac!N&j+V{wT?6cB>4}1F)sn zj1$-)e{|ROa070ao(TOEIN@{JnE#2k&=Mc%ixpRR127MVKK5cPq7Y`Js`BR>x02E! z;%s!UB)`@VnN}WnF$mybe)e1oS=E@jk=;9S*Z!8%MCu1PO%am5wEPg*?GJQeWDJvV zc$a}*+>@4Q-i>{NLmT#9+1hn#PGN~lV*S4JJ!O=lTov&vFnl{}ouNp^SIwF4;Ha)@ z%&cfTuV= zc{!n~WU=8l!1^zOP2KU8<3LxF62Vf?cJRV`-g4|)%9oIOR$+}GB66iz%|iRt+5Tyj zm?6Y2$3W7CMfW5haZCw(cn%g?Q`CAyWGN{D&|Kb?r%HaM#CP(CtHzRQOK9PaM6@@ zNYBpB^W;+p945Dk2M?^(wB3}ysDbv066>vKXg-~^Giz6g2Bqf2;w zvo4$K`#RKd=vX?mDh;x>#FL%sa~`DiIH!4ibf;P)OMUK1<6qfQox4-7oNXe_;#+RA za$a^HwVjPOfHH6$GPGLlvDK8<`wgO`&zZLQAa=sO1d2V_4NlyEMSo z>(ntDVhQ0y5I67HoRQ?-YBN6NY2E`J{=1?6$j6Vp8Yl{yA?MOJI}nUw1ExchcSc(U z9@yH>QIarK^4`)*Jr1^xtBc4)O;vFoHuT+ryniH0^5{Oe)SpbB@=2y|ehoC+iAoyZ zGIGe_#Cy-v$q_l&a<|NmK}ztjSumDplo>xeg=XMat3Qs|% z#cRE!-h3gY{^%8VV%?x_O|RZmpXKrpS zokT{2ufVA+OHF%4<4Ov5*|v8EZB;p4gMPtK4M*eLCP$0mgaX)YKW3{t>JMmeqGYMH z>C=0A33F*u^w7*%bGe7(L187;}-SD`i-5nKW z`vPJMGjTY|2I>d*dA3$Zw4j)Kq;*v-P^bK&g8WW~5`LB->w@$_agfl0%uWbW*#hO} zU}x{*U`)dQU$HD{=njyAP^X^vd`p_*gmQf*90Vg$Lq$j?L`4UMhy4s@o>tEN&Q*e8 zB)=J3?7Oj<#wzL{A&GeghJpTQW??{R=5K-jtULoVQ}~~ie`2_(V3dBY_8;Z@_4_Iq W$PcZ4LcmoqLhb+1;U5B775*1UE#2w> diff --git a/examples/aws/sonar_upgrade/main.tf b/examples/aws/sonar_upgrade/main.tf index b8d02b24a..81bba9dd2 100644 --- a/examples/aws/sonar_upgrade/main.tf +++ b/examples/aws/sonar_upgrade/main.tf @@ -1,6 +1,6 @@ module "sonar_upgrader" { source = "imperva/dsf-sonar-upgrader/aws" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag # Fill the details of the Agentless Gateways and DSF Hubs that you want to upgrade agentless_gws = [ diff --git a/examples/aws/sonar_upgrade/sonar_upgrade_1_7_6.zip b/examples/aws/sonar_upgrade/sonar_upgrade_1_7_6.zip deleted file mode 100644 index 4b61334fdd8bb4af8f85d81286fe309b09b20e2e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2349 zcmWIWW@h1H00G5X^9V2lN{BGXFcjzKB^Je(7Ni#?rliIj#+%2R>4%1JGBESrTb~NT zr4`%^j4Usi85mgVf%*b~rilP)4h99FX&qsktbPG`SwLwy9H!-$mK2nh6zi3wfz9Q? zZtl`a7qeOn1YGZb7Ilml>8ihw&$&6RL^s)OQm5;*zu#XyYAW1ra^d&{%jbTFo@xY( z#5(l*aX1_NE!X(sn`z7JdS!l9iZti!1AKcrgWn%qlrQ9Pcj}|NDbDHZK2B1tJSSJl zcz^K>$y$jUPa}eq3KIn`Zz{gwwNA&i&rE*qOq(*3FV{`^GB#{Dn_~Ml{KuRP!aL9X z{jf=${payT`7d=B*R*YEdB8K-R80L*YRu~oAEwu{?okb`tZ)#R$76l@pu@%V+M}G7 zqOX`-+IF;F7d!JoBfzL|iL;FR2XC&<_*LsmnY(qP*X(NCp!F@*M__`)thf7Cyykza z6u9=CJt9Ow@x%Hn)%HIl149Wg%A|3GXl`O=9xOO9h+`{WSwWL@a z&uQr=->(Q=DE>j6SwZ|S6Qf<@h1mYOm1&|^FEd)nE;Qb%bnt;{)unT41rzt5zt6dY zVKGw>LqD6SBFoj3o;?lPxjZdm3lA;WqFC_t!>^r=(mX;3&C}LhndNYkYhPUa!S5B$ zJ%NnZ^bUF5WH@**jDJzP<^yaLv>AC-_>{q?= zzx6YJ-uXwi`#OV|rlFkLC&NK<8rMVX07IjMy5X==Y=-eChC*Yf#~4tqx_gtni# z+ZCt4&XF;F)65l<6fSO^t5m)|>9|9q9?M6Mx_|$DJy#U=L}{8nxpT60T1eCSkHL&q z?#HB^il2qef5&p7J=l1Q_%)*wvyPNY``wv(y8g$Z&wGD2=bv9%Qzx8~7%zh+Y_gmP!=BpEhX8Xo|+LXcmT)?wBBjSLv$eJk~i!=1=9=={|o8$4I zbKj!Jwq=GJr@s6;r+N7oqnS5j&StO$hxnA=z1p4b-5k88vgT*_-Bt03fC6Q{O^Ib6 zjsXKI3>Z+dI07oj)zQV*RWCOMUn$w!XXt;}K%lk!f0uLYtfTjCDs7$8x>PjyNI|aN zx6T`VHP5H~s}^c>*l^&_zVCatH{N~8DEC^@;Om7dFRMu$G665U%q!;A9Gus1&%jT4 z=DT&)8`kYvRDYB0s^`18k6)~1S+-I9^v%j^0q66|xVNMTPnC?-Kdila>P_?eNBJ+s z75zE7HZ-#*^S{Lo*`m&nW72bq4qbBi`}2lW@sdWa3^raCK}*N-JKJ|J|7)L@V^_+n zV|~DL%a!gTKPF4Z6W6asXGPu7iJ$!*6gZHY1C)x&^d_m80|N(y<#7Z~S!z*nW_})_ zL{ySmRFs&OUzDp*&847Flv-GtS(KU*57n(;tDt0Ot6->StY@gBU;|{B>lr9<)p7-R zGcw6BgT zODnh;7+GF2Gcd5!1N8*}O%nmq9AMKr!Zum`0`jte(sDRV%P%b{C@m@0D@g;J8;RZA zrIRjZwHOGv-v2D>7%$RQe<7c9b6SaRvfHFi*J*#hzk1YExZUK!@d=jC{SH0V2o{NT z==bArHuzhv@x?dOmf7{n{Hhdb&e;d}_H+inKe#Ag$l>nPM|V@4)7O2Rq*{4Su9ETo z;u(^)5;vYk1Su6J3S8b)e8X#MpKn+tTuYXR@i7`lHmC*B?GiuV>w(8d_Q5ATW=|`tm`Ci|MsTIW0wB zF}bwuXuU3W=7UCnQQ;D28TSv~T%GZ&)|WDO>qf8H)wn_HTda@31c_O1_pNx%|5hn* z?K^wa5LG?Z=h(2<-gqTlo9``kM_d@~Z3XfA2KdE?lp?{oKA&%bbemyr~U<2fz; zUC3>(TbiaCdYREmcA@dr$q660Y%|k^D<;N24QJ9ju%bca zz+y*N4#%sK%K8u7q?s2wY8Yzda>SVKsatiCt=Z+n)R}vugf*fMO}{PuL+pKrq1J(0 zt}mwY3drQR76h0ErQQ|p{&6nZAY~%oMXg*`{(fegD;8W#d~%xYm3HUFe>&L+bx28S ziar-$oPM}A z-s9OCss)wDSbqF#*1xwjWwKe%aS)CWZ%Dds$Z~qSjD|*h@&xOD8i|*K9)4AN zxBSJX2Tl=I$_vyx6;d37(Z*sGX z(&GqoyUzPMz-{`gx~AGQ62CmBmOuXR-&)`Wqw~SiOOcTq*LKVCA314uQyw)*y{+~A zb{?2XU4h9;0Y{Q5ODxJvOv*_mluc9n4f75g@VJ)Ge{|S8N+GoU%-yay1$K^%>6>P* zn51xV>s+Ps^-0Ga8ueH{der^<@9VjuuqR5>^vRu*t)YJ7p4t?JHyE*^-(wd^Y$u6<}uO2h<-#p9I)cURG`(ySa z>AK&-<~3iPC^XwQ_S2>e_U8hg)fo{7lttD|=~$ehU-$6!V%r>#2c7#CJ+>_~+&J~+ z*E!A0zZlKD8FMy+EjYxd{O;B6bnoWiHI+3#!|$$&M-8Y=iDe&-0Rt)w7*Mh}0xHPW z(Z$zQFE<5WA=%q!=zrKiptbyemvii_qxWtqZJpA(R5bWVL9X7n&KrF-&!_yW7HV|Z zaNy6r?|Zj5-hIg^_gd26>xC*Wt4SO(0WZ7EE9TW4oY!#Az)yMRyLHwZ*6mqTf0OO1 z=exO&U#w+Wwo&}_&B|*5=kvwqpU%Dr~NY z7yHC{0yWzsTksiJTVt~TwGbfA8>o2(*%ldA?6x4~AbcJ{#4~EjL$<<_4Z9U6=@6Gc TSb>@u7}$W&mx+PlB$x*Po*`er literal 0 HcmV?d00001 diff --git a/examples/azure/poc/dsf_deployment/agent_sources.tf b/examples/azure/poc/dsf_deployment/agent_sources.tf index c45ae7edb..ed0478bc1 100644 --- a/examples/azure/poc/dsf_deployment/agent_sources.tf +++ b/examples/azure/poc/dsf_deployment/agent_sources.tf @@ -4,7 +4,7 @@ locals { module "db_with_agent" { source = "imperva/dsf-db-with-agent/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(local.db_types_for_agent) friendly_name = join("-", [local.deployment_name_salted, "db", "with", "agent", count.index]) diff --git a/examples/azure/poc/dsf_deployment/agentless_sources.tf b/examples/azure/poc/dsf_deployment/agentless_sources.tf index 6ed6b5c9c..423ca8f85 100644 --- a/examples/azure/poc/dsf_deployment/agentless_sources.tf +++ b/examples/azure/poc/dsf_deployment/agentless_sources.tf @@ -4,7 +4,7 @@ locals { module "mssql" { source = "imperva/dsf-poc-db-onboarder/azurerm//modules/mssql-db" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = contains(local.db_types_for_agentless, "MsSQL") ? 1 : 0 resource_group = local.resource_group @@ -15,7 +15,7 @@ module "mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = { for idx, val in concat(module.mssql) : idx => val } resource_group = local.resource_group diff --git a/examples/azure/poc/dsf_deployment/dam.tf b/examples/azure/poc/dsf_deployment/dam.tf index 652a276d0..9bede5e5b 100644 --- a/examples/azure/poc/dsf_deployment/dam.tf +++ b/examples/azure/poc/dsf_deployment/dam.tf @@ -6,7 +6,7 @@ locals { module "mx" { source = "imperva/dsf-mx/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) diff --git a/examples/azure/poc/dsf_deployment/dra.tf b/examples/azure/poc/dsf_deployment/dra.tf index aa9c09852..6e2806c32 100644 --- a/examples/azure/poc/dsf_deployment/dra.tf +++ b/examples/azure/poc/dsf_deployment/dra.tf @@ -12,7 +12,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -50,7 +50,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip b/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_6.zip deleted file mode 100644 index cb458702aa3729f22b70d71f01ced4419fd9e4d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 14081 zcma)jV|XRowsvgWcE?7?cCx~bZQHhOJ007$I#$Pa(s9xqeA)MY_nf`&Iequ3_0+1h ze$;qt&YDB-7*jzS6buIFkAv8oL;b&g{Qoa>AUq%=M-yEmV>>HbcWYxCCtW684qbKz z6=i53Q25On<3CPkH&`HGuoF-qATZyL8x=mpp?zGTfQUZCffAb$p@0Da4PycU5&lk` zt+SJzvy&selgWPxhWqz|FVtltNjZ?ZeyKqv8oTN*>x>d$1WFPifwb+TIAB2#x3JEC zKS|+E_)fs`)KglNVq7j>@0le7W%P@pT&KLq<32y7>%=4QP4lL8K-$k_3Y zRoF~ABPXBD!bmh@NCM1q4ol25bX7(yf_tcCu=i{AHRu{*1S@I=ZgH$Rar)+>hds4KStJ8_w8E;s}XuDaSx{FQ;B_N#O~7&Il? zv{lLbxYLH=HKxg4ZkR2cri6#QwL%-d4f;y3!v)DRA5cHi!~E5`k5dcVyQXIdw!}m ztVOt^UL|!gJzMywz0oaqax{Y{dytvDNR?0UIl`(0c19vgb!*3ZhPozQ=D_5TCfa7e z#x=&ThtV{xr%?@LKV`>8UgZbA|E$V=!S}kZh~v4ATo8MQ>(*qTUZbyCf+l!-g7i?T z*>v({LGH{Jq40cAH$Kg?XUBHvyKtNfT8NwciFb`c1H6qJ|HdH_K;~q)idL_+c)0+;c^v=T3CO=M^q0yrpUW9&~Tfu1_Yjtuuufu&2s>#^j)+NWhIwbOBsfj+h zvuFzvJfS$MV94$E>dD&bp5C&U;nQ|^S{A(!v2^pAD{L8wh4!`AISq4A#PdCKI>KM` z;}1%)8&P!P5ZM^mLt|xzyRm}9tr-~`cR`(zl(EvUGUAfWH@^@gM#G~b1QsRGJ>~v} z^3;>?L=ie-S=3JJNlPZ3AzdDSmxNnsT(hm8MKM+yW~-wo#%^%4ld1~}u-R8*{2(sO!vwRXourT-T8U`lzn zU%VA(?*I?Ye7V!G$|kpu>fokTzjSQHME!ys6mj$1P(js@wxhZyjaI^TTEz4?&(bz{ z&9m#|&%mj9GHds`6M+~$ck%}EPgC=U<*J&z)aClHLgENOK)Am%HAW8l|6^u;W51?U z^=;RPkY00i`?O>&iWjUo%o8a@Ux^ii!n|eGnbiH}U6kH`Ay}bWC9;~Um_N_qZ1P^l zbhtvPFzSzPVG|ddBuP@}&@#Z$DU;HDiNl}gl4!;dKo+=s6@vL0x&F-~rG7VIX-eZq zzzz3My_Z6}!2|Oz3!84=iNhj*F)0z^;l!E>0amrDM2{ByF|3XSO{={eh7^XxlD$N& zyc9oo2>x5_6CjXjVWHBG3z>fZ^Ul%YjIT}|yn@@|64ImQxp3@*bZwL&L=SD4RZ#Ct zr47)AcW-CEpIr+bX*+fP8h5#NJ-d~1fI7o1pKF7+Jhi&ys4_X(meVGOq_Cd!4d zc7xb87Bf69N*SS+BHEq{@W1BGW>i8}@XZF2omM(tOy5XJF+~_*-Hvd;7(oZ?;X&45 z$jXH}&R~`5VMhJ80$xj$v?#%OXt1>($XSi7hTMet`t}hUxLyFn@xh)$mKD{IB42x^%n^ip{ zBwjQ-hPwDZVkj>X*<+V~CuOy&#b#@8Gi)>&)@wEX(X9(*=j#)j0fxJcz!2mSkigf6 zQ!IuP?0S~bQ}cA~VT59y#KGx62pS(o)jY+Gh3I|m+6g6!L0?}dN~utl&$GP3u86?- zs4p|wh1Ud+=epkCqS%6(B{{L=9g44(#&EJ1kU~kzU5&v(`?#mo6-?@cI1jkL^2^f@^VFjcZY6%Al()`$4 zOl@zf?CrK|H?5q{aSP)P7DbZUtX)Ml*kSa^0Cq7qFT&7Q`Vu358tN^{5+8f7%H^Lnj0T}?FHVmKJp9j`2!7$_Gf~1NyxZr{ ziC%6wpN;3H=N{!VK)sG+G6xGE@4^#3kb4YI$;|l}-4ncQWpiz+J01OAK>w9CJMpr>*X*R@^n7umwb;Lq(1;7=}uB-j#w1 zrTtF8yLkvWnO%Gr*lmRIkoOg_NF4z`Kt+mdqTUsJsQEE>vxz|bBt>fTkVF7A84kqiz87w2aEWDBAYF#qU^Hor z?u4zXHKd_psc_7Pb5`)=bN?&})P>5Z%iiS_fxrV9oI z>U@rg%i|Sn!Vd-fTzPXI$(dE3PTqF+lNI)zY9*Bqg1cF1e1Yk> zv~cm`Z!E9Otkxn9XJ>7%2@rGn5^NLqFVh#lP06}(UcRxx7qfi{LkawYYfok7HXe&vLEH=3N#P1yfsk!qy4dRWdkJhkb92^lkp)nSJ} zp8v1wkM~BeIpo6|fWrS@-ay~_Z@j^V>Xh6%BU1M*nyLq|IfsBC-B&Q)8ziVNn{K1+ zoGwN@zvd%cucET8639D>?aJHd2$*x858oS_=z<>3m!S;{z);=V4uh>_^g6caG@(-i zkzwJrA|kwF19-vs$b!2AOw_^}`VP#~HM%{u*k9oGE}%ay^FC>s*sZK_{jTgoL_9(-J} zwfXXSXO~GgUTE(2DOyYeUGH<0=Eo3#cYc!lhS23GCeOQW&?*o|tlH@XJaoEPhLv$?6zA`83o_n6?X(u`ISkg(K}EE;O! z)iM)vu0JQBw)!0OCF#3Mx#*}w%XKBg5;U{9y%}laG_ts0wqZb@s!(=3m#`GT_R=Nh zh?jVVmB->n7mN^xyCixgNfpj@YWc<~l&-u6I^pywFbu$%jHy&d1x@h_*1v-X#vEA% zh${(~x*syMmOu`sAry8&{$Lz&@uQpX27iR_T2j{b z0l*&ebQQVQKbul#?ro0i`(VnGo4wk~3Pr;7Ac{-5%?M=ITm%J-K{Qt>@cl&coP7_1 zWwu93Xk0|#GEU3FQH*aq_U213KGwyoI}vLce!%kBHYXMmyQ1h`wHzf4u_gux7&)7_ z(Zo6^Yn4E&O z&Lyb6XF8U7U`UY123~+wKZ)|8-JFc;# zyyfWDso0RXixtov6-%1j^qGGjcC;TcJ#gSKJmN%xmTXM`la5PBUU+|X0Z!P3B~z-- zv?MV#kk+Dofd6$)-)I!BH}5CRVC=XUIE@J8Roy8vSRRMm8L$Z*L<_+MTHvP)a_jy2 z35sY($|QV51#!9fEKT^$Lo^bCMplHCf9A6(E$rOO>QN>n2ODak<>&Y>Rz+ow zELpVu-s30;FB)ZNxv4jPCi}fxT(SP4_U#Z%flZTo&2yi6b7PMzg`_c78 zE97;!60z|TzruWQ{729rjZPO<{S}bL&~`=WgQvaq;%$?YprT3MkmkT!;w!;^nvcVB zBOwEJ+l7p<>`W0}3Dc!^aueVDL9gN!10^NT>%!8W4cPafV*zR8%nO=52>VXLp%19Y zm(6H!KdGflu;_}De=1L4tvhz$@v#aaPEYx!%UNx_M#}yK4M?r#Y zLY&5!kJ{G@%ba|8*U`99equw%bo?-fOgdy7EPu6Z&us^@L?v3kFDYGk=-2^(UXw0Q zqi#wFw`EoQ3?M<5)`5SNGmiyOwcmh%>V~ASB-k2uMi!-$z#pf%F-I8(Z34njk6m(; z(2=~Oi8-nmz?g;MKkD)dEIR_ls|IE59oPfbrV4Zp6AVtQfK%(TP`fgN0BMI!Ky zv5z3hE>Vsp%jypjS8mDkRiUR0RG?_D7Jzl%AD?%uIz=qCrFSUC8S&2wnHAk#pE_<& zGF#R@GT||{NL>_igH4m!B*@9i1-bnku~uMaU^J_RoMS+oWD$sN40@_HTu9xk%syln z=wJ79cIP@Vupnb}DtHa^0Gyy1E*2xguPN#6m{%S}Y;!(klH_M_>AdT9sSUlgkbnG^ zibcL`8TV>!VjGN7zB#+t&LNpNN;+%w3jIAj|5CAb!HE`fhewb1c&EL6>+m$K@h0R= zSXeX;JSetrTYrtlA^PZvZ(AzDF{+;^yR$TRSvL&|HZy;n;?k%Ex_Go3&zETHXxh$A zl8j(Y%K?mZF%>Bux_0(2(A_F?Fsri5w-Q{(chLn(iVyZ7r3mz>>X|rr4I9k|mN-HAq*u{AS%aQ~CqZ(P6fI``9LxJXF^oRN&?KzT*>n^Oo^DpXNVk%l$e=RzJ27tjl(i?sV3gu}9V1UKg?s z&-EHYGEv9>0ctHL6UJ;Wj0SlySDFrv9g6e`unoc@FC;gMtN2(lEB2$l*?v@3F`!Jfgx0B?WZe-*pj6<>It4&=_MHamyL$tN&u$bUkD;m80yP-ZBqVh1 z?U~>ee_+L@_ggnNFGuGCJTD(FrOsDeA?UVplD9r~#C;MA!o2H=8)4F{4hk zt~9B5B2O-yal+f5QyM{m-UNKFf~Qf&^lZ%5ze?LfzH*ET*H7+Dn2|AX2hmi6OUP|L z=M-6&nqp~RlGeTrlv0`kWWLPu&}=+)hCh`in-Xv6*mC)AIePT)$Qqk~&Uc7gr zzrw<9b##Rq58s3>)>8i@k2M&*ktv3vXtXrKb4T ztq^rVwJACQdfb>_!53DNOzmk=Bm7>>3B*UOD)&M!$#kUQMgJ0{P|`Me^((I?bFfw3EV5Ky2MTESqhCt}fA@*2z>6)+ckXIp!h z9$lr0^RN!YKvhu-m-mDhq-dQq4ZnJO5^0+#P1$$OXn-*2ioNb`mC=S%!BfvQ9E9LG z3%wuPR(UI`Y{gh!B=V{N8;kK zxf)Ka$ugs#gH$g8O1nQ-*gTJ~?)j*18B^_~uO*}Mjk4s`p;l$x<9-OZ5`hPoP3|~u znAxm$Sr@9W^*DD3PmBGaE-W8p$?MTZ`(ofdeR&}x`*vOJt2y;+golRCu&QE?XG@;Y zIBBKBu>g0FpM8W@y#3MtO=f`qa}cE&MFu%5(AbMX6TSP~V$d)q=9K)}8`#-h9-i97E(^m(J;z)k^a(bERUfp_gI` zH|RXRS4TI;akEe1x-zY$q_97u+8DTSJGcF?b)~*3YKv(&iw8{DVSYiE+SWlH%&v3ZZFYglr;k(d^s!y>MPq+1@Ob<-dC$^s$b~awDZw3M_(9<;#=Nhve z^3C;U9c-qnV?3Z+DF^R}KR$^*F9FqFzpixn=|v7@`^}i_tbtk*3N+H6!bL1C>LOsh zL;f=k|AYG9B0!BE_{awNseyp-e;0>4+S=$l{7p)Dp`mNL#}4OvRf^QPMh851*A9%U zK*RyJLb)tmeLNC5#jDVs_cg1C6w71Z-BM?o+g*O)6_(2%_cnuByflI63oTuiw~ zCyQ7R$YfaXupzV(c7Mr%PQsByNGAUFdy;5;f5R*`>@!Fh>XSTQN9=WN>NjXQ3CH<| zIS)PtZ&TYdp0SiY3UhW@QoFT^;y`U86S()qlhdzxq=M*{{*q|fm*`oTPozka!;AhK zA|8(LA{^%vI`+w60?yk~k;){C7dNQ~)4+HxlMV6RBEMbgYxM znIm$`ji4znZAIUtg0sMv1+AS18#uk?h@{~`7iqt_H!_xhS$@{6U04xpq1iCC_76r& zg^=Ci&npxWY41_V)r6&hUnbfS^wSTpjNsWnCej4)ATmAmAF`JPlEI$G5&7v-W^ zF!5PMA>VA!ks_}>{u_Z?9v#g#D&PnX5N~l^e6|-coi7x*O=V7ohA6n*5IccK0jAK3 znxK?Q0Bf5wfHK9X=M*Duf?1(;VV}y&$mP7aT1*!3brO9L%UD0mKdUrW>l7n?iRb5N z?hXWmqrJA&@LKh{`n*gy=y=eO@mPn|v3W)xhR1T4#psEc0F^22mP)Az8&aeeUh9{N zgB|c;Y6-4<@miRhFaoZHT;)@=K}KxF6lkSbrxSHg{432$m6N%m*RyCPj#peo`ju5? z%E$<`z$TH=7#kI=4z!XV-@gjz+dDx(jAzlzp7zo=c*fKylA<*># z*ll7Z-Y=~N5~mtF)NrM2X0EZuP#fnQGE9t>#)2F!r-uEcS1s0lb?i%vosMNG&_r5- z_`pv2%`CJ#2}9FuP<5O1_!_BeH}ga-7yTvfz)y2c5pMpR;Ju)n#pQzCo(;vBq;{4Y z!%Gt0)k~+>SPr(KM32mq*)Z*xg_ps#zdY9QAv@vGA&{FZ zn4`JbS(R6WaS}*iVi7K@y%J?ZzkMq9U%v(5wELUvbZMGZdR$?2jvbs~z>#FVa@pAv zYv@&HkH8YO3dXe~(RnravRy7SDx#%IwO?SHf=4glCWgDb{wOKmKvu1VEG zf|SeG$aW{2tyN!p`f_ePE<&5I$h(Tn71>ftcwLgN)GXEC;16J;{mvoF%G0-3bh!Ol zS4r14w#JG-BJGNg^~{!|zuuLL{IU&6ODOS-c%ztoOh)4d2M&U0$G747{3LYFBbP2R6XXE(V8z z%zE_OE|mQo2G2eX*z!GRSB<`h#M=$lx+vDUkVRFmzW(Zdo#AkA&3M`sv1^mH_L zZSdBo=v=15Zm$v48kc#ODb@AHde&+(+wnc>#Qv6U{J|`OMNN~BC5z!H8yp$gNgfhI zlOcy*NJOAMtC>*R@4%w=5da z1L4JuJDSrKwm~vi*?O4aD@EozObSq+!St~&1WSMZg5PU79f+HoxFrxArjOFSb-3}P zJi`nRf(>}rI117Y1tZi!*sh;vd+XB94RDT~s~y9PC#SU>^jNIpH@{xvZRs-`AoXHI zoS=tk(l5(D^P6SF@pq&OrDzM0i*-m|mD^$FVAeg*Kt^k2#c-C!xM9OtBMEu#47LFj zvsic5d~U z7^=n>Mpw-bg39gVB>J6av~#d^F*h>)hjaW5LB$p+3FF6z1a{>vy2tM|fg~dik^!AK z7`VHoJtHivCWt;y2aW^L<62k+iU9dxX$`%BTXS79sT#}~a={|(4Q)_bYsse)3S=@e z<=e)$l%v9Y%DoEbd3iR#|LM;Epw)zY5hZ9oYB$y&wHuP(J+zInldG+RrMZpi|M>LZ zJa)0_n$1Vy(ECx%>=J@Z;EWv$0uD4FpT9Qsq6!Lb2!LNxZ*`o|`03`VkY3I!K3h8Q zGZ}@m1VLhGyI|!wW8yJyyC9VH9e1+FRJjyv07x$RcY}C5EwZ1DB3djVJ`Zq`n5U35 zp9-*Lo1Gu-YNaf?Ohgay$v$%hQIaI}8Qb$s*YxO~ZA=TlplW zC)@Hk(V<^&TM0E|flZlUT=eG4Z_gVk=|~z4r&X***rmz_B~+_h-ad~;2bCJ2_>v{T zj5-63Oz-lfVeu65cC|L?=|$nEJ%hVd zaBZhssmN!DHRjuQ$tkKkex@t`t~^M+ZVNumObWOWeLTBC$kG!uVDT01rrC$OtIknltuc0GX(!WD#p7(wDulnb*ua`~hLW6^i- zB791h?dl0?48o6tdQqnWXJ|qQN@>*10@(N@P#L{d9kjp=jm_|8BD^vN@N2)o4F&gF z6i<0{mc3kc)`M~@@0qrFI&yia;F@BQs2<{4E!#PGwlq&rp?H#=E+|j~msYK6`IAy* z=ci5>h<=S%NnoJ{okzUZOHQancM3G_^4ipr02^!csr6|}+V0J*+lC10Yd3Xosr zRnTg=v3%!D4>}G(6Y)2n{P>6E5-uCWML3=BeChCUpSlCj5vjUJ_hEgZEPWWv;Vty> zGry{Io(&yr1YM4?1%!>1BHVFXZfBN|F96J^#6)`_bAF_IrNXSv0JUTuc}4YRIow<_ z9I%YH&oz7pk1gdfD`pPa$epwfX_XbVW+T^fSkpr^iWFHNVXb|tw# zZnQ2ZmO5w=6jhmlkN|Zuw&+ZgoDlzR<_a}x;l|*Q;Sk`3hf`aHcs+NHHjxhuQC*K< zqVH`6q#?X(Z9X=txy{DvCyv?!o-3R^;DJb(n_4x9M`tcM}V(T+XG=`L<@ z#_X;DY6h0JZ|?ejzIyKI_E#4Swz{y6D#3ayyH|+|X@FR9(s%~1Y?z#(@0bpaNEB85 zvkpN*ZfXuqMuqB>S3%eJ4zpWS+>-nW&oOxAr`<;z#X=l4!sYvbK`qe0qH$)}8>4Z! zKI)(5u#A}FOFk7_+P@X`E;5o)xmTpsUx^+ziy-p4n=Rq=#X(D2@V@pl6 zLGe;(k$mIpa;Gge!9I|Q0mhc3BpZ;bgWpaMIV^Kk>KOBki%F`zr+K)ABJGozKq6wU z=_T%%T~n7}CYami6wIqxvA#$L&~i!yC&2hpe8f*Al4wla-qj;HuBQX=x_z&in474C zCiQybpnm!T{Y!+$*jlnb_V%S{0co`9qv}-526{BC^C6#F58|~Pnl6Qj4KME=(?2`C zfy$d*O_sKDCNBFr%h=}dJW|u%t7Juj#4$7~=CTrhm2Y}n2$kfZ(k|4T4M_CNmltdhzV@>Nzt1-DSWksu>+IPqib>|pP2Z>uQe z@@uLjG5{AzW@pAEY=iftbQW6J9gZ_@4=(~}rPha?7=^D63$X^-jV1-~RHI23jVsnm z3>E+;p}suX4KY=uIXpmjekEx?q1bjAz6ikAl#ktB2tn{+sCO<6ciKpD5*?QKW{x-- znGH!0<#RrD_h)6r<%IxH@(JvgYe0U#O- zOTLA!JE5M4JDA|sQWaE2xQ1bSrL!4X@F(in=Li;Xme#Mcf}fr2RQF2Z<&ZNQx`h&F zxH19G8qs}qp@$^9a?~E9i#YaH=4uIT>ZC)CF2ZdSxXAV)*pTs#0Q&DNSU8K!3%#pA z_dAyYPX@@?0Uh&~GfCzlRdUA3LrA+8y&~s_BrHy{{)}^MWN9ipKca;oNDI4&Cp&<1 zVt0xolOq$wR_DfCM3{Kl1JF`I4I-Qe8LhOLAcv+xFzab5Ni4uBv6TfyM$C3f#)Xsm zk>$l6AhBucO@P277cuX;8MAPUYpAS(=vH3My@d=r%F?Xl9F$DI9k{Y68=E{}uEBF^Y$ z5kxy;E$T%}9?O36>oWHGE)#V!93GA_H`wO#b(|`0jo#@bv zci!=5#$20LiM^-ucJ|s>ue-2|#Os>{Op}~6hV#I;f~%{R8DT~Z|6FL}Ql^f4t^?=_ zW>AK+tI5`ZZ4OP%HJhZiGn?#+uPfzdl^uAfkdRo_*eiB`=|+4IQ?394gIV1NgoU36 zh4R(k_#d;juWizGd`|TZtScUeXFTu9zoqFrax}W;dV&%~|70(_E$7%YV>K1*bBMVi z+bqdMw|YN~P;l70;CI18oPM2Wd9U;RiN%l9(DStN%S-FmkLZGzt+u<0U#Y_iUuFjQ zbGP6o5U1$_B5(EGJT7(fA~E-mhE|96Oyyq{e9gQsoM~9${?6(E14b4 zI68_o#ozx|zA;7C)$RR}AWi&VNs^1PgQK~v%|F@{f0J#feCtC9V1$F%{*|*kO`sQ$ zHBymgyif~9=MocW#Mj}+lAcN-+w*pjD6*b>5TXJs6pI!VG9iQlx}~4*8M)+CviKFE z;Ri~HEWW3oCwV^IPzpg<)*$Lb*z6FKTgtO?8vWswj495%7v*yqswam^c(TtU=M}@N zo$43wkG&VbAOxVl+suLWF}yzxB%lkyKd!&o+5!IGTRZ+`TgM-wf48yYzeNLo2rcrL z|DEVRZ}a#7`C|hA50HOt>HafF`$t>pzkUAyY4HC0QTze$*DlpR14uyq2H;YN+t$RkZD+!XZF^!*>||owPQL8JJ?DGpoW1($Ufn;?@02yz4r0083q`A7Lramb%{h<_6YOkj@x1q1+K5DfqT?@!`vot^BQog8VM zO#e-=#=jPPrY;jn#D>uMq6U#@;%cy{JB*7OD1nav)Vlk{0UeB>nR#~QD1|d&1()fu zySO05q*ScVGgBJE_=U7ox3s|HE;ps~$RluHdBb3|P4rxg6b7}x#POC{$XqHtJD0`M zSR{Qw9K>n{UDPaeSz0uLbD+8ZM_JVs@G5)+Gg3NMSL0~ZvBs1&A6KKV875ARpO)Jz zVR~O3Fi+dNpYR6r1>I@Xg+#)ZA}KwQr|$^#W#H@WF_jfWr@4E zhVdVqP#c(y3HRSu^KE$7X)8eX=Oj*ifQh^%Rw6kda+Mh>YtO|8M&pEG{6fcrEhxey z;p<2&0Yf)_RJN+z0%QJEdB9rxLd$QO#$R&623t*kAq#gqh#g$XB5-W(2kt4x;e>%* zpm?ihhJDV#6Ur-5Xg=z^7}sfJhk+x-Q?H}k0Swmje()7uk>b~v$^>gE5FSmwP>$R9 z{EO@m_DBpob}zrZaZy#B>TjH{X*zIl?BhyIQC@xk5Nk+^L4Lzop~}f5bAFgk*gz~L z*SocW=~GDdv{yl8?$YWBuIbcf;qJ!$v?=BvkI3^IV&L{qaFcl=asmy+9tzm) zazz*}+rd`|Ltzz`ThdXDlYxX*FZ$@bBd^U@t!bA+a9uWgGok2)J$WK)h{pR`Wc|s2 z3hzuz9g@SODN22^!FkBHnI+7okrpSX(^{-o!RqwgO+6B{i+y}grt0XUTg%oUfg{p` za=M%@ukOr^uE`C{DPA3Sr$v!7VJkPUnf&IVSV&)c-QzF^1#I6Frvsc-Kfa(8yCDT9 zHsSTY9b{%knCq`FSk*%#qb^8O64GA{Dvdd0axKn836QbL@c>0|^^Q4zetGOpcq9!S zvMOk!_M|43N|!2)zfHobFsa@&$Rr&p4ztzO7xZ7-#9?D`se!JvsTB|SQhyQCV4s9x z8W1#R1j(03GQ$QZ<8hFgsr?!V#-ez_m!Y6gr=;(6|7PuuhD7@_?B0y*cDHaN&fWnQ zlJR`2ewjsf7sD=ofE0{8ke)l3O zPLXMp7^yl1Ed;eJK81QX<_Mcu3;H_*KD-YB=$nX*8IP2Py~K$rjhldbmZ1hOr4EDV zH*YpJK3`);#nL*&IPjajGfH?EHL3!=DzIBnIu?{Qb~0!ZXyOxg;w7`f9PB>04>7OO z9&}4f)gPGFEsbLVlO1>gA9QisKTs*`sS)^e&@V~x(56$ zt0{=HQ6CAu?`Ad_?N02^U6Q*Y-an${(Pn1k$)1d6zQEDuQIPDY@ zJ1lusJjWq#7R-l~LZ@&ITauioIzBlYX1f6prhpgPfdHm{>P-UrTK>c;=C0lblB$3l zms)Wf5o2Sgn9%mi^WbxWovQdW&M9;B2DzCpZV1VZ1eI0V;u9;$7<7r_;1P8!jE~VU z>e;+BPWdWIu^5`6A?U6ZDx6*GxzjZbqUvVWP2PKaJtvRiR4|n+8wPdjF6UF{7rz3^ zFo|i2R6K)1U|I7`QEj6Z#?fJ#VSYV81D;P_C?x6wuWbd(Ps-1jsprp$=U>|B+&rN0 z>BdSEMqh)8og3kQK^$n(0N=@teTzZM9qtujZ8`)gV{tmbTqPX^Jm8HAZ%xf_^52Qk zdSpFz31G5V_BgEBfx02_)}Fc!5*eD`4%zd`EN{L9v0aLnW!is-7Lo#~P5tf-!BVef znY_y7Ws_9O&3H)u%&H%(7UhI#7?C6}6s#734w)`G>JVjRPA?AX)A6L(oPx51Ci@WO zyn+O;P+S8cID*CMDM*byD97}JmIn5YutMd#7%L^3>FobT_-81?E(NC*S~Q2OcnN&cja z24;VS6ppse4n`*b<^BJlmeI-vk*oADZ@=^m7{PeVXIJmH^lQ#SgACWyB|06y8gU#s z@4UYhuv^Tm!>N)FEF|7$XKSBWnJB#eg2rO7@-Tt-K^AV{xMBrmYztDnMJB^T3>eRb*ob6U3QP8Vw)r_wPkM=)jsm@OULE9Zj5A`1e(!6>{26253_C2{ z5cn}7L1eP^t@kjG!`2IgfZQO3VNk*j#mSz%)x62f47>EGY<`YHWVqqexXdrg>IInP z$oE}8$rBZurmBLM$k@sGomy=4#9VQ+pMCXSAym1`(_V0IBk3L;T{{WXqX-lHDfTs) z4r8En-T-2YQl+4@SVjV1$v^97^HtgD2I|+|gcjnhx zQ>BZEbq|Pfdp${a$t1L+sdBNgZEdx9+G0vt)gh38sr0qTA!-Ivn0f|8l=ZE;6%7fi z&>d4w;?6Q2Jms!8|IGJG*9AloD%kh1KJ#MRBIHRh8ChU8l_Bn6u+CYYR%I(|Ha?=H zLu0h)6#LK%yDqAoRqDr*;=K$3dMa0lkr3eSKLXE--~p$Q zPj3JW`@eYu1MC088?38N$ga^Nblo7UdH`Cm@e2T{1mLsY{JOnTjXEU%yndfuM|F(?E;c4*)9vXa)UU&K@fjrD{DgVBl%bcyw3 zKeM^`qZdNdpla!IuFkE6L2*V=^Q&l)t=$tGamPu9um%GsUE<2I@%jm2$@H9YwRIcm zF$9erUft~$)YVP@sIyEQVD7Ni2AnP|v$UhKr+vHWSjmjci3V1SpG0A=t{^BJdnN52 zSwbsffWk`yhV2E0&MVkl(Ue9e5b@)jl=YAISl#y=@=-UDt#@ZNilqRBY;0PMxW>mh z4~D}xV>m2k3bKpql?`4kor)i8*+LQK&iXc03(nSNOF2xja`9lX}5O=x!Obp%P0 zBm%xO=@O5@BH7hi`8y3DTBr!JB{X{PC85aN5a012suXrMTF=pZ@;rRRV1euA#YHt{ z!Ir6_>2yid0CGEWi}JXrn)Y^jiw+$jp4r~yG8U4jUyhO6eG_Df(2q^hdZ=4RljCci$i(lv^{1{fWiHJv51A)lK^JfR z&}R)AVgYdXm*8qlRvtFH0$pF&qH}Iv&Os;*YTE42wa(Qw@d%mN$>U43ccXA?R-!m= z*}>M`!g)dk8qsmy-uxd1-DMo~o3F&OBSQzzD&GNdxxubAY);d|@1P$8a2WRh^D>)J zZ_MpwU8NV44A2(+UF|yPHDd#zyfabjQE584$u#X6R$8Lp-nw0v@xFcQ$%=e98#q%* zVqp*1K@m^sYeqdH_KQg)9X_}-7iv%V86wybp%mx~{JU=vvdSH2{`4(SU;v+<56s z>ioKxz&Trp`}DAn+GY?ex@&k*(GBqosDtNBuhATdRI70ojz3e;j1oQhVW%VRztt{t zlZy_1K(e6(z6d?ybD{vDZhj!R!qAZO+%!4JrqB>`uwGMevt)V<(lV2v`kGxkG0QZW zi(5?P4X13-fODGzYAg;3$5qPsoSRqL4TsMugVb}k@Yq{xxfx8U?wjk@9h_(-R%1q! zl{8v+L7lX!6=JfW39)FVqga<&wdc-KGdp0|b~LvOY6k;*adj0E{~_}1IvMhWK6uRb z`%Vm%PokrN{w#Jd0{{^GX(zfEI9M1Me*NzV=MVLbbxmu>Rn{->*?P4qHiYh?c{B%w z5~kNZ7Au2}_CscS4s1pT>v$Fgl2|P+SK>3FQ>E( z#^L(2enNC6j`M+&@Bm&_9m4&kaflrOzaWFC!8m~P{FH%iyx*uG@V6vQ!-rJh7Yk3) zgx)mO?02F4KBIId4J7f|r<<)#CLz-i+F`V35nC%u(T&b)*Z-L#WWJeIjwHET_>T?dnCm3CS;gr3aKJ=n!@B~ zdGzb=k(J)K;0`$3Ha7i&K9SMo9Ug>H?sdjQdJ`Vj@EsHwzziYZr1>RY0|UHk88k5V zWUFa0Vh@|kjr+f3s4GzfrpQ|)Ts2W2>{^M~{*v|yXkJ$4dNYpc1=Xf_#30eAZ43aE z#JDC_?+a=o@s&WL@Mw&>grrJ?5x7ED?-|Id)|N9Zq09Emr&)QV?%>mr{keI%fu$nJ z()2Z}=4JJH8$|XMp-<-mw^lz3s=C#Fm6;VVk2>?ZfTXvj^Mfuu0jT7R6I}9$Tus9( z<8p)1f4V5Y8dH1EpI~U~iKu#8&zn)O`$(*ER_B%@B-DD3hRHieX5HE;&gkh@5yRMa2fF;XrJ| z@`Q>Mk@PHZj&!T_3pK+)X^C(!nV^yhB-fLX1%OM)dRm)y3u-y#k_NHAA2|8 zE5uhpJ0^{k8zO)fAE294r#pg^GCcHut>l}Dlf6U%aS*ZmB3y$kYUe)R?s7Z1b*Ewr zq1M@$?+dr6))@#w8-|_#9>>K`J&E&DVK?5>b#&E zbei-p-0aL8pd0Rp)jV@U<7sWgY(s)1%Rm$p;A8E1^+5Xn!3)me(Oq>J(k1|wgs!osj6ideK8mqxU8G!t`J*t3K3kqAHSH zG;ORJkXP|GrlH{u+Jx6ye@3itLQ#c;Gp>KT~W_3Kq#HcF66bhlft;915FK5&mH zYGrvDJs+@ioRCEU3+%wWQp?Dm%t24V<3KrKW3bY~bQ<_xiHtH0`VqImKDJ3k_f>U! z<=EN2A2W7vBwOLM59nRWQ_DEWrYl7C{IbH(@rs_DCz}B+T zVT|@d$l!Z3#os_NLJ_DGH-VVs1ZAhO6dsDEMK9}`?1#nJbf`eR6o%?bzZ}jNDwe1g zQ9G3qt~p}z7xQ0Orzn!2tWZL%xYx7!Y)9d78JT&_QGhUvgG1)roCsX-1(s8N+_<@U zIXdrQd--@Nb-ZB-LbjF?zW1=g?-E+#eZLyJ79vWz;2P-0USb#O|KS=C0j3ncQ|C0` z4ze>HiDn8Uz=>m#1t*y^Um0;2&H~vCSNiLl89kCXPQBAKuJ{>w%84f^^*5u9JqGG~ zLE*ZyVFcaOwHsXLL`$}ub#?h}15&zf#9Tu4057%TM-1h@L)h3*JnVL(pwD`xsG=f^=b5g4(_n zm`sWkXtu;^-+VN6iZ7Kiiwt|<&}#9vQQRBcC!T_LF~T5htRzR(tfE1Rmw9@~zX&U% zN}y*mt11(Xe8Jv`)4@&()lH;C^uX2b=|@^T>)3=0xPs9ct=NyT-f~O3U7)TWvP~mbQ|@hvz;z;?o!z9xp(u5Vl$kp7O>i&niSmteNMD8 z(7B}~Gka>J2)|bgT(RM=6+5Bl#JW;2!~BN0^T|g*Xi4KRA;&7_6Pe5M?P+@T^l*=H zX*fppOuTskV%^i$9R^8(cEj6sOnv-6iZT@an(a6Z#$8Kf6DT=3iufxr?Zuniw{GD| zYTC2DFmyJPcs0z;gA!|yd~cYS9|}&RlLoTf16z>3;`cvk#wyH2wFT*vE%4659K1d{U^!!+#kXLc$E9JaEO6V;0HLy=h z!7c9$g_rV#6j73G!9iiZJE@lsdOl|82H(f~V{pBApHBS!Jg4)kN#=@8Z5I^UOHr4; zz;taZgOvI(gG!1XXDJDsR1rJHH$UA9r>2rEgBS7SF?rJ6?(#`cylqD~YIF<4ieqh-De~xJ!Ole9+*M@h!)7bDQN(>wNXqZs&HP zNzqG+{L+4=@7+4c8iwAJ=V#I~?^jj6S`#lrT$D6MmE|*B8*+FiNlWdHd072?tV7gd zZ4dtM(tUi~L1gBn=_EV>LqmMsVBA9~&>8hItmUbo&yr4g)oa#z5cEigFM$Y&k~(sD z$L?AiKM@osclP$qb8^~;h&XNXK~!*(i5@&s%6FU0=(73TO&zozEcchEX|?WX5x_n~ z$d^`;KAKw8g0eDK9|N-Aebgo#L*(8TPH7j_igV9%Bx9{17h>|)X*^b{qMPD4Stqbu z8CFwLSf7w=3|%;#TQ6;0DemfRD8rYI>s;&_J9Y1y_m|h#-?z@N$TRbYyqTZ#e{8h; z@?seVNk1E9{O}+X$SSfBmaWB}q{Pj&Nz7<-q*7hS;YSfHw%n^UP}0$7@hDD)HS_BE zPDO|JA-JUKQ}~su%lcfp8!C#5f24$GntHZ7tT4V8#Rwg%G=MX=Z9LfW_-rssWJ_bX5&ZJjB-55- zA-lw9C{O1^d%g)YLoO>gOq66%vLuU!tM^kv?_<2$fGFDEfG6(ZYavR9AznKeO&L;Gz1XB?%<*nW7)hju zU*t|qCb-G;hRMFK7f>2JQ9mkdyk0xj;2*f3hpi3S-!&_fE2hZe2J`wbKg2l=<>7)7 zv8Z&yiHWu1K|I~C{)D6vcbvVS@!+NNHnTn98cEq9wP2MY zvRf@L4Aj9lh5492IxhQ8B!FV&FM*tOj*^M?NQ59UIPbqM?BNJ2%yxRBYo83l@4P7) zsZ2P3c71d02oQ=>pBYGm63a1bxBV45NaXpJc+@&s4U42DYTJxbqc{9TE52Kiz^unv z9t-D+S~dr1Sh0_vCDIX>CW@j5a}t%B#bv5e@IK>Zl_?w5my*3hn(qIEve3y=u4i)Acqa2DdIp$R+WQk2dJvgp; zB-CTj97mvXfu`5lbIZ14$rK^GBqrp55W?f>4r3@JAo6+8?p)zeZ^l85FcS=V)=vEL z0HvDenhCtLtd6q_Mfi70M^FY)4Rk~NgCnBUHj#q67~X5M7XKb??bOdaf{JZ{S!vsk z(ZF8gnik6=-Lxk77fT+dLmMK(D8`uUJcR;mKOq{p&4Q)7o4-AjqU<4JMF4l67~CCM zGAAg5v}lq^?;Md1=YsCg3#ye$8?(iS$IhJ0hiDSCOVjvB9^rsK4Psrs7Rn%PFhxfb zWgMEfD#~jKSU(x5>?+CODX%H;u{GzWO!hIg!?9BTmlD|r03Uv!a3u~P+VjztGH4XH zBMS`3tbq!0J=0bvL)bgTL@fLV|Rp<$As%}ty7O*Sp zMi_!@FR)55Fjg8<(OJ)Fm%}gCSo#&w&MX($WhOunYVu+LIwfZ?QZ2?;jS{X*SogC~jbCwBu}$7i7USULHK~ zg#bP<_Tz-Ctr84(!Z;QOoDY~*KoT)#Vr5T4r=T0)CL*|Vde{`tsRD%W_54{1Yv_vKr0NrajF;n z!Xk}4P?%ujIjA8(bT??6r^DA_Vc87KqBIM1M?Zf;g4XY^RHABzE5S^?!0LnQnZbw{ zY3wZLBK&ik=2Wc1Vn3-e;qvQuWthl&8Keo>OZHL@_Q}P$#nm0E)mXy)cKC_s)o2QD zQ5v-N=raa&WG=eksK?oF3r2>M3^rX4&4A_SN_{p&n-@wRSjfH`o68p32lQnomuw>0 zHp2~^I8k`8S04m(cbn_R-*0|gIIW!ptecQ8!rKbkOe`3r6MIrbh!=qO{K!30a@5?9 za0&g<#kq(H4D0GFEL)1>E0~O~SBXR2M0R243aH6d%K)%qt8T-E@*Vr?dGsD%M;DU&b<&^~4Y!XWFj{sRlp#Xn`I#z9@^+~2l9mt+Ao zycsHr2SEI%Seph!Myc#|&0%fmc$2~&v?n9-K$^#5Da!V)nZWYH4hlcK7w-ll%Y$?B zUl{vR^s_hS=(;Rr@X;F-3SZd^rYHK9$pab(yrLU%7<98}F-&6tqUSJml18juPF(9?g}g z%AL*EHfd678IK-UYgGjSrHvL@PYCvk9&8FT;I+-oP(G5zx+r(dTGwLv2}6+bFgE!w=lF*L6-%T9lpj3;$c4Me4xiT;g0vV=I%Hyh;P!^jl#q~`0Lm;4C?;69 zYknm#9Juhai;*{AOO8thdA$W)4oHN(k9Qm_139llmZ*aiQc*>eIa7S+iM!Rpa{UQMzBUVP`yC zuZ_H?g42C4SY4ht*8|Y{&-t?!1B5q`6YDmOB(&w-0geNR*-dTBhIfYs4PcHFY_PGy zsRp+r;+Mpx1@aNDL#+gIBGo7fd{hy(;K!whD?zK3{M}`3r(GX^5&^Ud=r5^klQ;+{ zoPG?UvX?Wf1#Y8~8W)O)zN9=}<)GgFGFmgbkxOEDv@MMj8F+c$NT?nOY|H@RptV?h ze_BuZhM-x0T*+*VQLJoOM83S??ek!~SD^`vBT*DgudAtOpz{ExBcE!U9x1s<`*Wt$ zYo?K85R8nTpw~RO!d}!QadOsgOvTUV;AG0PDZe?KC^nf_Ew4WUMRCIL!2Th)zj+w! z8^fq$<2O)(gBy2{8hJY?e2Rf(u*;;WBA8&uNAtC_ltn44=R-OP99bP~Cp~=|V zWJu-576Ih7V&qJi71mpmacEc=!ROm1_fp>yT)bhb3=>qp_FJ%PHFb8LS5sv?&z+K_ACDXXCF$W2qa zqTElhW(zvWNThfz@^Equm#Hsc$mA>3OD$1@=kj>Qzs#Ap@idGl58LJA3upi_9JPOw zSV{0Pq5 z`woWiP3I%P4zkmAAMn3xp(rQT5X)zq#S|0(fZ|VD_-`%z&)T-*KW^jq{H2VYFH|5G zGeF^q*-$X%55TJiOAO>78hJQ0O}pWWbrpx*u?;)@kZU#^1KT@0J4A(pR`cK8CW7b- zqlVz*Re8l#0wZDZBgm%di`a99pYa>zXd}#OQT6(DgMq9wFi|R9uW`~R4Q~=UO*Bqq zEcth7wyQ}mp!4Mf0>4YPT5~~oHZrQya8;)kX?v)7puhwrKPLhOxin(3+s!*7kdh_v zfD~LyU(0i&#2zr#_xjSi+{DgASk_lJNcS^zprrnpN8DpC^ zIeI?H?&oK)kVx~zp32oODJx=Cp-Y(3Hh(>^f|?lfAGqUr4#o#~;m1c|0Fzt~bqiT(nj%SGh=_DJ)H ze9V*GZj%I$!yZ`YYskv8H}V7Oko4}snStkAEeGy#{ssE?eTisznE&*-CtDB!0C4}b zFBL@ugk?l%t&RUTs_KNgwe2b^!h4mTy(1Jc*wo09zB+jKN#)=We(|KhNIW!=UR`yOi1PQvSIW!vQtCL*>UEMiMZ;*3J z@FhIOV3!_u9jq4$vQ-O}?ke_c0|yq2GD2S)kHQ3E#8Q%sW9rt*hnK)#fxSR&)Z{^U z0wjWFn`m3PO~B~YHsbzpayUB;l6FiJ7Ns6pXrvB`mqd=_9bJ<>Zng>b0Z$Atu_7W| z2UqR?dA!eNm7`Ki|J|gJu*!Rqi&HStKA8b1BIb%#{Fc!*bpdLOv2{k?qKX+^Ln?rp zT|77e%9m7sN|aCnnSs;0YADq$-`gW^9e;D;l#z;UB|PA3i=W6_AQ`>8{v_#Zns zrj>!*Qfj1|Lu(Ds5G~qu>rGHS!J9D1x`EMDOMgtF&$5kUo@XTFeJKi2xY=Ip;I4go z{`8_}ITK^3;Ccju*AM!-nk^gqg@rYHdlfc{@P>mD@1bi>NJnB0rdT!Pc@+_^VHjTD zSd1(-b-PmZ>#en?_xlQ0^&g%YH@GAN!jp!n)R4oGxnt35;)u2n zK-jkYA$+<|$mAsBPd~##oTjpM87&A#l;24(-VT@@yHyyO9GNJ(JTu}V%)rAMfSd|! z7~$Mc|5b+pd|)C3t&XyS&=RBqLs>w0$b744R4AzzQBL$89D}mX6aX}G9__Y^J`=03 zn*3`J&C;8Nx1dpnT#=nMv?8kOqgBK!AXAr-*;uS~peL_ati_36#(ljymcu*=Sczv=6MNNKdetV`Nl>p9w6DxH~X)6o`qHu4I33`+~rw5GHK{X0G zOS97%q50r9%w>K>e-TztYZN6BCha<8W>!q6pdZPFIz@Gy4w|H`U5(HMpj&~JQYr15;OnW~d&Djw7cPhy;bWP2F7{Ga zTRyBdri9zU`+APy{0oNXfF8eWU(hOl`43-x!{0aOnRR?lpJ~-DviEe}%vv4!;V$GN z{`PJO)hH{4>fHA;@8Y6)N{C+5KL^sJn4vwFV-K>N5t#1eV!WkqlTAx&)h4O+#3rk} zY^l_|q8%Fv92~t0W64f&vH=Ikj3WToa9ZykZti(6U#{vW-$Ul+mCZL@pJM|<>+*-e zDbL%|pJ@h;Yz?kCp1}Cg&#WakrEI^|jLv)AXuU0eNgb5enCj!p*?<{?pQH_lyfJX|IM@3giMD$% zuspD1Cif=qYwmsKOnKuVyvNGupo|w)0>)5N!RTPl)?TP3_VGW`jS1q;F7MC$XzYK> zkz7n194%~Z{)?vghh#(LXAfKeJq+09OZN68u6{t~PR%HtE{uLb-+Kz?U*{~e_5 zlUDjK$N!)F?teCm-&v}E2M~k!1Hk{!S^Z~Fzw;6Q4mJGw!2b1I{)3(P&j5aBMg1Kh z|C12^F9H6GBlXV^erLP<9f9UE6#JJ5zjI$cVgA8W|Gk+1cbG=(KfwHVY5$+ih6=l4YI?>JE8f57?IY1=;D1M0?`%# literal 0 HcmV?d00001 diff --git a/examples/azure/poc/dsf_deployment/main.tf b/examples/azure/poc/dsf_deployment/main.tf index 94e7d5bd5..21ed0699e 100644 --- a/examples/azure/poc/dsf_deployment/main.tf +++ b/examples/azure/poc/dsf_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag } resource "azurerm_resource_group" "rg" { diff --git a/examples/azure/poc/dsf_deployment/sonar.tf b/examples/azure/poc/dsf_deployment/sonar.tf index 3f6f67ca9..4cb11e748 100644 --- a/examples/azure/poc/dsf_deployment/sonar.tf +++ b/examples/azure/poc/dsf_deployment/sonar.tf @@ -9,7 +9,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub"]) @@ -55,7 +55,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -90,7 +90,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = var.sonar_version @@ -108,7 +108,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index]) @@ -141,7 +141,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -177,7 +177,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag count = length(module.agentless_gw_dr) sonar_version = var.sonar_version @@ -221,7 +221,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.6" # latest release tag + version = "1.7.7" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/modules/aws/agent-gw/README.md b/modules/aws/agent-gw/README.md index f15acba01..750fdf3a8 100644 --- a/modules/aws/agent-gw/README.md +++ b/modules/aws/agent-gw/README.md @@ -83,4 +83,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/aws/agentless-gw/README.md b/modules/aws/agentless-gw/README.md index b4a790115..c76e66ad4 100644 --- a/modules/aws/agentless-gw/README.md +++ b/modules/aws/agentless-gw/README.md @@ -194,4 +194,4 @@ module "dsf_agentless_gw" { For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.13-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). diff --git a/modules/aws/db-with-agent/README.md b/modules/aws/db-with-agent/README.md index ce70f2666..28b7d12b0 100644 --- a/modules/aws/db-with-agent/README.md +++ b/modules/aws/db-with-agent/README.md @@ -69,4 +69,4 @@ module "db_with_agent" { ## Additional Information For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/aws/dra-admin/README.md b/modules/aws/dra-admin/README.md index 33544f94f..d53975c0e 100644 --- a/modules/aws/dra-admin/README.md +++ b/modules/aws/dra-admin/README.md @@ -72,4 +72,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/aws/dra-analytics/README.md b/modules/aws/dra-analytics/README.md index 92546912c..aed07c441 100644 --- a/modules/aws/dra-analytics/README.md +++ b/modules/aws/dra-analytics/README.md @@ -78,4 +78,4 @@ module "dsf_dra_analytics" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/aws/hub/README.md b/modules/aws/hub/README.md index c6078a109..74e796ffc 100644 --- a/modules/aws/hub/README.md +++ b/modules/aws/hub/README.md @@ -147,4 +147,4 @@ module "dsf_hub" { For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.13-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). diff --git a/modules/aws/mx/README.md b/modules/aws/mx/README.md index 4114590a0..34c02b697 100644 --- a/modules/aws/mx/README.md +++ b/modules/aws/mx/README.md @@ -83,4 +83,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/aws/rds-mssql-db/README.md b/modules/aws/rds-mssql-db/README.md index bb49c731d..8df5793c4 100644 --- a/modules/aws/rds-mssql-db/README.md +++ b/modules/aws/rds-mssql-db/README.md @@ -80,4 +80,4 @@ module "dsf_rds_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/agent-gw/README.md b/modules/azurerm/agent-gw/README.md index 1abfe8a6b..864e52867 100644 --- a/modules/azurerm/agent-gw/README.md +++ b/modules/azurerm/agent-gw/README.md @@ -84,4 +84,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/agentless-gw/README.md b/modules/azurerm/agentless-gw/README.md index f003f4ec4..dac69830d 100644 --- a/modules/azurerm/agentless-gw/README.md +++ b/modules/azurerm/agentless-gw/README.md @@ -100,4 +100,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/db-with-agent/README.md b/modules/azurerm/db-with-agent/README.md index 5fe941de5..a49528286 100644 --- a/modules/azurerm/db-with-agent/README.md +++ b/modules/azurerm/db-with-agent/README.md @@ -81,4 +81,4 @@ module "db_with_agent" { ## Additional Information For more information about the DAM Agent and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). diff --git a/modules/azurerm/dra-admin/README.md b/modules/azurerm/dra-admin/README.md index 04fe0ba8d..120d955a3 100644 --- a/modules/azurerm/dra-admin/README.md +++ b/modules/azurerm/dra-admin/README.md @@ -83,4 +83,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/README.md b/modules/azurerm/dra-analytics/README.md index 2b23be675..d9becb399 100644 --- a/modules/azurerm/dra-analytics/README.md +++ b/modules/azurerm/dra-analytics/README.md @@ -91,4 +91,4 @@ module "dsf_dra_analytics" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/hub/README.md b/modules/azurerm/hub/README.md index 666323668..7fe359183 100644 --- a/modules/azurerm/hub/README.md +++ b/modules/azurerm/hub/README.md @@ -98,4 +98,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/mssql-db/README.md b/modules/azurerm/mssql-db/README.md index 84694dedb..49ec84df0 100644 --- a/modules/azurerm/mssql-db/README.md +++ b/modules/azurerm/mssql-db/README.md @@ -54,4 +54,4 @@ module "dsf_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/azurerm/mx/README.md b/modules/azurerm/mx/README.md index 26fbe8ed3..29c5e1834 100644 --- a/modules/azurerm/mx/README.md +++ b/modules/azurerm/mx/README.md @@ -84,4 +84,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.6). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file diff --git a/modules/sonar_python_upgrader_1_7_6.zip b/modules/sonar_python_upgrader_1_7_7.zip similarity index 75% rename from modules/sonar_python_upgrader_1_7_6.zip rename to modules/sonar_python_upgrader_1_7_7.zip index 7498fc69cdd2196ceac9438ff707542769abd2b2..78ae84042770f56b5a04c9ab60ec1f1c52464319 100644 GIT binary patch delta 1785 zcmaJ>Ur1A76u)!R;mW1c`FB&(<#4xlL8>`XR7yfr2;FcsF#oNbZF9T3cUn@Tmx{nl z?}PLv1ig$>nXg7tJ@gRKLk}T=f-gx}L_zve-}&yn-@RMVV0$>f-}#+$e&0De+}9lL zYYHy*Xmth(KAWx03k9^%#dtmWl=kwA)d2bm&pnmemk1f7OI-{fy~d7=2SkPsF)pbX zn{>6ph>x+sC>PIUesf?g!LFe-E@4?$Dx@YW4X7AMp>KLlvzr6e1WqS1n)EXCN%tfd zLrDWbDZ_CY5@gx$7-2&7YRT>+TRNO)FND0ckVAzE_X-Cv_!)yO;YJmhZY_GK!RR{^ zq#l@@a>=x_xGtv%HR>y;{_OBZit=BesJ4Ze74ed0JK;Su&l|BsyN$Le?(keN^shHq zF#qG+czq5M%cH0!QSiOZLIi)<+Qh;q*biF^i1%AhQ7(};WG9}a@7hzMla4{?eb`YW zOTdfbO8C*GA4aO=s30`i)uS{BG}E;*lD(H=dRz2Z z;&1@Aj}655AR7n=B3#_b&2Z{+!Z}YPrcQb25*Nb-;@Rsdt-2t-l}PyS9y4C(+wVO? ztXc9t5?4mFy_>hFMk0&)7{AGzL1L-!b?^f2?W_+JI}#aA-0>9~FuF7f=z7Ag5>5Xc z-4G9BeFD(!i88qxVJBh14qAh51Dtg(K5HC?BTEL|Cgp`NjGl(TUxMyR1y+neDwr0s z;HLbOZd6u0W@`qrCm~FpoPzp+!ZX()C1t24fTZ;c15Btv)RE}ZA)v2?PN~%w!w_r< zpHv5h`#5@FqO+Av5uhi{HUdcEMy^U&jZ~K_lgh^_H!by+I|T~uQVM4lJu}FAKTz zY&pq=n|jN-i!*KtWx>BaYz(~6={RIX;-zAi6nz?Z7b=${7a~Twk%`$?Ba@^_ZgZgP z_coCciCqA6^EISRXyXA7(bs%!Ml>%0(T;>N5^!(g=z7ATZh3JUsM`}Iay`#Ur1AN6uxuQ;nbzm`FES9=5V)mL27y>Q7I8oA#_7wVE$V<+vaw6@3h25FBO5A z-UsPT2znW{WWM?k)k6;vJ@gQgDEN|uMHHkjbpZ)=lh+rlOx^9 zk*?@UzusUX;8VBMx>`hUNtp{X^EcZ}c^g1&!9S|7>0z+V7 z#!J$nFyd28Fv`ZY%x^BF#XEJR&ckmQ%K6l6wMi%jQo=X0tUJhoYCLNY87)Q``eb;L zi=d<6ww1|T58*NzdM`MRr_zd%5XI0?+HWEau$QyHFPcnC%DbY#S2=qSg zs+A?+y-+3e=+X}*RdQ8fn(S&J2?A|oos49zl7o6QRN4*DMyyul8gHOj1TIpfU70vM z5sbK_H_>XzPx^}Lu0d2|Kj^G5R+Ua>sJ}^ce{q1U@K8fN-IoV@+~H}wox<*Awg=jc zNaAD|wvP$KxF8b<2O@0T%`UL&a{MK4GosFU$ubYc2IAT4DXls$zLiM$?;cY==-cnR zfUQ~gJrbK1ZSUi3s*&)bK1OfyW&~Txe;w&Xy?I7Ku`8i*;?8KP38CwgfNmw6D$&f( z$!+m4wq^j`o2ihy;rA0ZlxGjpCOGR{bk;bW4AK_mg%B(}4Tir2>1qX5j1W{1EhLKj zXKA6Vc+7SUaws8Go}41}vv31aQYHrmB&}Zvph8Wejzpgi0ev%cPOZKchG2X6tUAcw zN6}*onXPPz06l4K#DFAjW^4Et5l5vmseGJr(^7A_bD+>UXVVm1LeVj&GK!>oimTzR zQHPK+?y_YU<)WaKj#g>34pFp?v}3wd`dSR=8?kx~{UAnHDP7|O%WB)lK<)}tsmXoI z(50H260+dGT;7=Tamb3q%f&2drl)bbSh*az5H^w)Ow7I-nIuhen+09JuLX~Y?E;{W qtJSpmfP?63u1*upOF*Xz5$fx0(SCfD=MH~j^t7F7EH From ce50a059f1e51bfcdd88cf71643840da61ffca89 Mon Sep 17 00:00:00 2001 From: Eytan Naim Date: Wed, 24 Jan 2024 10:20:50 +0200 Subject: [PATCH 20/32] Azure | Fix workflowfile [skip actions] --- .github/workflows/dsf_poc_cli_azure.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 99757785d..c23ca2e1d 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -207,6 +207,7 @@ jobs: mv $EXAMPLE_DIR/dam.tf{,_} mv $EXAMPLE_DIR/dra.tf{,_} mv $EXAMPLE_DIR/agent_sources.tf{,_} + mv $EXAMPLE_DIR/agentless_sources.tf{,_} mv $EXAMPLE_DIR/networking.tf{,_} ls -la $EXAMPLE_DIR terraform -chdir=$EXAMPLE_DIR destroy -var dam_license=license.mprv -auto-approve @@ -216,6 +217,7 @@ jobs: mv $EXAMPLE_DIR/dam.tf{_,} mv $EXAMPLE_DIR/dra.tf{,_} mv $EXAMPLE_DIR/agent_sources.tf{_,} + mv $EXAMPLE_DIR/agentless_sources.tf{_,} mv $EXAMPLE_DIR/networking.tf{_,} fi From b08c36a853fd4a3de6a075ba125dd1826703f81d Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Wed, 24 Jan 2024 13:11:19 +0200 Subject: [PATCH 21/32] DRA | change release version [skip actions] (#363) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b4bb7d59c..fc7a81dcb 100644 --- a/README.md +++ b/README.md @@ -420,7 +420,7 @@ The following table lists the _latest_ eDSF Kit releases, their release date and 24 Jan 2024 - 1.7.7 + 1.7.8 1. Added support for DRA in Azure. From c67c3d7e80881533d9c7926b7d4449a582e39dc4 Mon Sep 17 00:00:00 2001 From: hadar-timan Date: Wed, 24 Jan 2024 11:15:59 +0000 Subject: [PATCH 22/32] Automatic commit before release [release=1.7.8] | [skip actions] --- README.md | 62 +++++++++--------- .../dsf_single_account_deployment/dam.tf | 6 +- .../dsf_single_account_deployment/dra.tf | 4 +- .../dsf_single_account_deployment_1_7_7.zip | Bin 15410 -> 0 bytes .../dsf_single_account_deployment_1_7_8.zip | Bin 0 -> 15412 bytes .../dsf_single_account_deployment/main.tf | 18 ++--- .../dsf_single_account_deployment/sonar.tf | 14 ++-- .../sonar_multi_account_deployment/main.tf | 24 +++---- ... sonar_multi_account_deployment_1_7_8.zip} | Bin 9284 -> 9284 bytes .../sonar_single_account_deployment/main.tf | 16 ++--- ...sonar_single_account_deployment_1_7_8.zip} | Bin 8050 -> 8051 bytes .../aws/poc/dsf_deployment/agent_sources.tf | 2 +- .../poc/dsf_deployment/agentless_sources.tf | 8 +-- examples/aws/poc/dsf_deployment/dam.tf | 6 +- examples/aws/poc/dsf_deployment/dra.tf | 4 +- .../dsf_deployment/dsf_deployment_1_7_7.zip | Bin 12904 -> 0 bytes .../dsf_deployment/dsf_deployment_1_7_8.zip | Bin 0 -> 12905 bytes examples/aws/poc/dsf_deployment/main.tf | 4 +- examples/aws/poc/dsf_deployment/sonar.tf | 14 ++-- .../aws/poc/sonar_basic_deployment/main.tf | 16 ++--- .../sonar_basic_deployment_1_7_7.zip | Bin 6063 -> 0 bytes .../sonar_basic_deployment_1_7_8.zip | Bin 0 -> 6063 bytes .../aws/poc/sonar_hadr_deployment/main.tf | 24 +++---- ..._7.zip => sonar_hadr_deployment_1_7_8.zip} | Bin 6810 -> 6810 bytes examples/aws/sonar_upgrade/main.tf | 2 +- .../aws/sonar_upgrade/sonar_upgrade_1_7_7.zip | Bin 2348 -> 0 bytes .../aws/sonar_upgrade/sonar_upgrade_1_7_8.zip | Bin 0 -> 2348 bytes .../azure/poc/dsf_deployment/agent_sources.tf | 2 +- .../poc/dsf_deployment/agentless_sources.tf | 4 +- examples/azure/poc/dsf_deployment/dam.tf | 4 +- examples/azure/poc/dsf_deployment/dra.tf | 4 +- .../dsf_deployment/dsf_deployment_1_7_7.zip | Bin 14080 -> 0 bytes .../dsf_deployment/dsf_deployment_1_7_8.zip | Bin 0 -> 14082 bytes examples/azure/poc/dsf_deployment/main.tf | 2 +- examples/azure/poc/dsf_deployment/sonar.tf | 14 ++-- modules/aws/agent-gw/README.md | 2 +- modules/aws/agentless-gw/README.md | 2 +- modules/aws/db-with-agent/README.md | 2 +- modules/aws/dra-admin/README.md | 2 +- modules/aws/dra-analytics/README.md | 2 +- modules/aws/hub/README.md | 2 +- modules/aws/mx/README.md | 2 +- modules/aws/rds-mssql-db/README.md | 2 +- modules/azurerm/agent-gw/README.md | 2 +- modules/azurerm/agentless-gw/README.md | 2 +- modules/azurerm/db-with-agent/README.md | 2 +- modules/azurerm/dra-admin/README.md | 2 +- modules/azurerm/dra-analytics/README.md | 2 +- modules/azurerm/hub/README.md | 2 +- modules/azurerm/mssql-db/README.md | 2 +- modules/azurerm/mx/README.md | 2 +- ..._7.zip => sonar_python_upgrader_1_7_8.zip} | Bin 30586 -> 30586 bytes 52 files changed, 143 insertions(+), 143 deletions(-) delete mode 100644 examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip create mode 100644 examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_8.zip rename examples/aws/installation/sonar_multi_account_deployment/{sonar_multi_account_deployment_1_7_7.zip => sonar_multi_account_deployment_1_7_8.zip} (54%) rename examples/aws/installation/sonar_single_account_deployment/{sonar_single_account_deployment_1_7_7.zip => sonar_single_account_deployment_1_7_8.zip} (60%) delete mode 100644 examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip create mode 100644 examples/aws/poc/dsf_deployment/dsf_deployment_1_7_8.zip delete mode 100644 examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_7.zip create mode 100644 examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_8.zip rename examples/aws/poc/sonar_hadr_deployment/{sonar_hadr_deployment_1_7_7.zip => sonar_hadr_deployment_1_7_8.zip} (52%) delete mode 100644 examples/aws/sonar_upgrade/sonar_upgrade_1_7_7.zip create mode 100644 examples/aws/sonar_upgrade/sonar_upgrade_1_7_8.zip delete mode 100644 examples/azure/poc/dsf_deployment/dsf_deployment_1_7_7.zip create mode 100644 examples/azure/poc/dsf_deployment/dsf_deployment_1_7_8.zip rename modules/{sonar_python_upgrader_1_7_7.zip => sonar_python_upgrader_1_7_8.zip} (75%) diff --git a/README.md b/README.md index fc7a81dcb..937d3f321 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ This guide references the following information and links, some of which are ava - eDSF Kit GitHub Repository + eDSF Kit GitHub Repository @@ -481,7 +481,7 @@ e.g., with or without DRA, the number of Agentless Gateways, with or without HAD We provide several of out-of-the-box Terraform recipes we call "examples" which are already configured to deploy common DSF environments. You can use the example as is, or customize it to accommodate your deployment requirements. -These examples can be found in the eDSF Kit GitHub Repository under the examples directory. +These examples can be found in the eDSF Kit GitHub Repository under the examples directory. Some examples are intended for Lab or POC and others for actual DSF deployments by Professional Services and customers. For more details about each example, click on the example name. @@ -500,73 +500,73 @@ For more details about each example, click on the example name. - Sonar Basic Deployment + Sonar Basic Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, federation, networking and onboarding of a MySQL DB. - sonar_basic_deployment_1_7_7.zip + sonar_basic_deployment_1_7_8.zip - Sonar HADR Deployment + Sonar HADR Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation, networking and onboarding of a MySQL DB. - sonar_hadr_deployment_1_7_7.zip + sonar_hadr_deployment_1_7_8.zip - Sonar Single Account Deployment + Sonar Single Account Deployment PS/Customer A DSF deployment with a DSF Hub HADR, an Agentless Gateway and federation. The DSF nodes (Hubs and Agentless Gateway) are in the same AWS account and the same region. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_single_account_deployment_1_7_7.zip + sonar_single_account_deployment_1_7_8.zip - Sonar Multi Account Deployment + Sonar Multi Account Deployment PS/Customer A DSF deployment with a DSF Hub, an Agentless Gateway and federation. The DSF nodes (Hub and Agentless Gateway) are in different AWS accounts. It is mandatory to provide as input to this example the subnets to deploy the DSF nodes on. - sonar_multi_account_deployment_1_7_7.zip + sonar_multi_account_deployment_1_7_8.zip - DSF Deployment + DSF Deployment Lab/POC A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways), DRA (Admin and DRA Analytics), and Agent and Agentless audit sources. - dsf_deployment_1_7_7.zip + dsf_deployment_1_7_8.zip - DSF Single Account Deployment + DSF Single Account Deployment PS/Customer A full DSF deployment with DSF Hub and Agentless Gateways (formerly Sonar), DAM (MX and Agent Gateways) and DRA (Admin and DRA Analytics). - dsf_single_account_deployment_1_7_7.zip + dsf_single_account_deployment_1_7_8.zip - Sonar Upgrade (Alpha) + Sonar Upgrade (Alpha) All Upgrade of DSF Hub and Agentless Gateway (formerly Sonar). - sonar_upgrade_1_7_7.zip + sonar_upgrade_1_7_8.zip @@ -585,13 +585,13 @@ For more details about each example, click on the example name. - DSF Deployment + DSF Deployment Lab/POC A DSF deployment with a DSF Hub, an Agentless Gateway, DSF Hub and Agentless Gateway HADR, federation and networking, DAM (MX and Agent Gateways), and Agent audit sources. - dsf_deployment_1_7_7.zip + dsf_deployment_1_7_8.zip @@ -666,7 +666,7 @@ After you have [chosen the deployment mode](#choosing-the-deployment-mode), foll This mode offers a straightforward deployment option that relies on running a Terraform script on the user's computer which must be a Linux/Unix machine, e.g, Mac. This mode makes use of the Terraform Command Line Interface (CLI) to deploy and manage environments. -1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -764,7 +764,7 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann 5. In the Network settings panel - make your configurations while keeping in mind that the installer machine should have access to the DSF environment that you want to deploy, and that your computer should have access to the installer machine. -6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.7/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. +6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.8/installer_machine/installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. 7. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -783,30 +783,30 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann For example: `chmode 400 a_key_pair.pem` -9. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. +9. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the eDSF Kit GitHub Repository, e.g., if you choose the "sonar_basic_deployment" example, you should download sonar_basic_deployment.zip. Run: ```bash - wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_7.zip + wget https://github.com/imperva/dsfkit/raw/1.7.8/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_8.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_7.zip + wget https://github.com/imperva/dsfkit/raw/1.7.8/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_8.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_7.zip + wget https://github.com/imperva/dsfkit/raw/1.7.8/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_8.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_7.zip + wget https://github.com/imperva/dsfkit/raw/1.7.8/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_8.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip + wget https://github.com/imperva/dsfkit/raw/1.7.8/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_8.zip or - wget https://github.com/imperva/dsfkit/raw/1.7.7/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip + wget https://github.com/imperva/dsfkit/raw/1.7.8/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_8.zip ``` 10. Continue by following the [CLI Deployment Mode](#cli-deployment-mode) beginning at step 2. @@ -1105,7 +1105,7 @@ After you have [chosen the upgrade mode](#choosing-the-upgrade-mode), follow the This mode offers a straightforward deployment option that relies on running a Terraform script on the user's computer which must be a Linux/Unix machine, e.g, Mac. This mode makes use of the Terraform Command Line Interface (CLI) to deploy and manage environments. -1. Download the zip file of the Sonar upgrade example: sonar_upgrade_1_7_7.zip. +1. Download the zip file of the Sonar upgrade example: sonar_upgrade_1_7_8.zip. 2. Unzip the zip file in CLI or using your operating system's UI. For example, in CLI: @@ -1171,7 +1171,7 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann 5. In the Network settings panel - make your configurations while keeping in mind that the installer machine should have access to the DSF environment that you want to deploy, and that your computer should have access to the installer machine. -6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.7/installer_machine/upgrade_installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. +6. In the “Advanced details” panel, copy and paste the contents of this [bash script](https://github.com/imperva/dsfkit/blob/1.7.8/installer_machine/upgrade_installer_machine_user_data.sh) into the [User data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) textbox. 9. Click on **Launch Instance**. At this stage, the installer machine is initializing and downloading the necessary dependencies. @@ -1200,13 +1200,13 @@ This mode can be used if a Linux/Unix machine is not available, or eDSF Kit cann If you do not wish to use Terraform to run the upgrade, it is possible to bypass it and run the Python utility directly. -Use the Python Upgrader utility. +Use the Python Upgrader utility. # More Information Information about additional topics can be found in specific examples, when relevant. -For example: Sonar Single Account Deployment +For example: Sonar Single Account Deployment These topics include: - Storing Terraform state in S3 bucket diff --git a/examples/aws/installation/dsf_single_account_deployment/dam.tf b/examples/aws/installation/dsf_single_account_deployment/dam.tf index 86260875f..371adf71d 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dam.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -38,7 +38,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -68,7 +68,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.create_agent_gw_cluster cluster_name = var.cluster_name != null ? var.cluster_name : join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/aws/installation/dsf_single_account_deployment/dra.tf b/examples/aws/installation/dsf_single_account_deployment/dra.tf index 62312e9e1..188b2e782 100644 --- a/examples/aws/installation/dsf_single_account_deployment/dra.tf +++ b/examples/aws/installation/dsf_single_account_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -28,7 +28,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip b/examples/aws/installation/dsf_single_account_deployment/dsf_single_account_deployment_1_7_7.zip deleted file mode 100644 index c307c9a34f0dabde986160f8c6c69ffee27398a9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15410 zcmb8WWpo_PvaZ=;W@cuvEJll&nVFec7Be$5Gcz-@WHGbFXt8v?&%I~n^O@PRJ=Lqa zs{iD(qB_@GnGx~INrHev1O9dNakH!a*UkU=A_d?Aj2umL9nEb_t&DZ`4GnFbZJczC zjP0y!-K~v(-+t9)(`EajtONxB(de!<{@3a31_J;B{Rsj9fcpF%NACCNsK2j}|1~;1 z^H@$CC;%Wx007Yc<>%p+)9_3kNod|2>Qa8pKC4nr6E zMiz*U#e0;P1U0~+om-;{d10?2-zb8$y>nhn5-*mSl&FMN_RhiowWDFd0aStB2D7u^J=$WxJ9U9yy^@| zE)@-+DTCK2^wd&lV2yN9uy^WuQg^bwnQ=CXrzR7OXi*?aFRUNEuA7F6{8c2-xkJsS z#=wmEfO;I33|psg84ow(I0;!lMi0u1iy{@8tC0WDo~)|A?13SH-z7a4QB$0s4i-<& ztb6j+T_TAGjNX-k45Ln{MqQj*#^={!;gGpLoDhwzaP&9xiVw!*YTeb8Pii^>EFY6k zJN5CNAMIykd9TLS_SPn6u{z3{rm&u`1RiagU9=v=QTknCnL65wH@mkE^0nsF&lnna z{e`LaShlPZhr;-=@F+&qiLLS<2H+Et=Z+zz2CZJeXTuJfR@4{a>QKTg zd+*FFYaPWcXSbv3g(Ax}4TUqSC58}$msaT!&=kcM62kqx%L%SknpUM6>|Qq-$2>Fo zDCp%R;BB2^gij;1^AXh5`2=Su6%&zTapgUpeDO*0GiM<~!R3j~09vner^~T!eLjw3 zkH9b~{>{Xdw7jjnVqLmhx*1RlLijIWmmU(=OROnW#x;PRh>u%g-p1E=FESq>+W~*o z?(K~7WePgBR~GtKuvqDfRIIOZCA8p)L8pW>dvp}}4f3oG5usmsEXQcvn4f`BXd3MRwKSpS)qdPQdl|wK@MEuyi*d&-38gS;Ok$HE! z@UG^2P#ZU;55;)iK{f4P7Gt5rBRcq8+MS=dmp2X)&r+eY)W<^COcyJPBbUf_(ciq< zf~q60CB7Q9SC*{KRoN7=7wCu%Ag067^NtEf!7uC#38Mv-vr*_k(3hLohSot7mmrQk zTG&a{BWxfC>(c!MCg~^JaH@-$l@iQ9hYm4qk`{RH{#iIHgI#;C6#}stq*2>z2ZO%S zq$lOTqa#;WVzBsL15CkUwgjgD%d?A26)4*+8r~m*!xWk0NPvEC_KX zjLi}oJ#8IIg&N#om}YbE?5$wwyl1EQmDF+@$eI*Y@hTG+JtNDaE#GBg9PG-MZbOXq z2Et|M=eq6Aqii>X?$Yw;@EW?imyfeg5L`mukHg3y*EJ*=p!F)=?$rXl*7s8-Z2YH$ z+>E0)uFn(76WJ^ha2cO|l`Z*ZI@bZ8e(i$C6BV>yJE^emJ|!lHu2-k(t34bK5H}B? zLs?WC7E5uq<6z-lEkB#&5kMHtU{(r%HObo`*s{$(oM(PCyy0+)OFLU#Z!nkG6`TWN z#JqbyApR7-G7rpUe_#M01quM5{!8IAa?t;8(fc>zTBJN@v&Vqwbxc#aF_8sokx%5}c7t>?x#ppAAuzSE48$zUozzil zIe%q`I%3kp{<-&)JttZ!>ezU9L8x7T3N8K%vK+I@5`~J!f)YME)mQ#nwbRZr!sW&g zZ-hoAa?yZUB+Rnd4yeQ1Rl%81V_*yVBta7&lRP0^H623^75ifiLoh~9yaE0|t`-8h z0to3{i8ORjOCnKK3sbw2EnWIw&fl4cqhP-m$EqKLp9Fb^D7=yrptV`CZ8+Bqhwg`D z?(ewSR$m@+y1s)`EDEjNLr(`sN|vT;jrqIBw~*f!4g0qPRMhXN<)h+OYgAJQ4dA>I zOui#}T&GS~Y19tiAnU^LhTffOx3T!8k_sStbD#m=!i+H}+%TRe_wOqHL=@G0q?0QH zd()1LNb3xR+s?p($wNA&107L~H$3lH`FOvHgAL>lHV@u_jNK(TCsw|C!@>DM_1-Pn zs6HV}q}J~^lVZ&XuYkmuLDbT(H#|Zh8F*lEWZ<`M@WuWxY*Hp-D}=kdJKOLO>Cm9Q z{Z=v238Jq2_nTi7{{P1;*SG#pvs`uEW}N}{`<1HOmLv@6C7PK$;kqF&F(l}afg)YK zQK$nw=F3&Vfuz-lOacpnFv$&W9IAUMWr9P{+;#=!9?fiYRWmJ1kc<3XnlO$H%B)wJ zFI2X0&w#+p8%sM$G@5Jep=Wb_@o3r+)*^0Q04-bc`n#t2-I26Ge<8YA5Z;rLA3Uvo zqHDF!Y>oOoAN@uM3YU$fep>tqBnQUEO`vU@e%;~@c08#XU6^}U>q}?*cqApNkbQH6 zAo46KYtT;Zq(d!^H_i3;^b4D?NzV?Th z!kU}+O^I273(d6C?7&{{>dfb&dtG?&dAk4)%ruOlVB!_2u~GbaQetf~|2TfSZk^Em7cda{>VxXF6cDcFyOuDBW%t$PF3 z(hO7~FI*HVQXFq&xr!IyI!!93hmiiB<33%k*YO@I;wXvtQ!^(MwIA4EDjmBTpx8<; zOzf6yUv}&oQCJRyFY?Mp=A4eqMC!A zj~Gd#nrsm;#{Kk2fmMF%pk_<$$97O@Mq>m&LO@~0X=NLgOZ|5gKVTmXRPFW-6A`sOzOK@NVX zj{TMc#I9EwwIZ-{;^cioK0km>%zG$1B4&chN@zUaI1cQmXUJM*RAD8!_=O<)R6pC* z)F>`~oHSqDKExahd|^N|NuW_95>5ClFh}HwlGRP*=mYa(+HRIpucc&=k$h?A(IvuT zNPvx;FA6mZsTp5gA!XkOWR~rGSH>nUdkbK=pjr_PPh zUB%4|R|rC8U=ZeON%kPW0958Rg~9Ghn!vSUc-`f)MA=?8MJ&Ux07LH+EWbFN&x9IpiLtj3)hZpxHLR$!1U`_u*8BFc}wnhcB>Lv)WiJxxsDt0??V78pvg#7@>j`mQ9^NOi@S^!M5dB4x(6>tJbKv%v0A z`e#@0&`vZ(j#;HZ9V=R(XYb#*(Co0@lc{z*Un348@j6-TXp*;3@4CX2gC>97wqm9w zb-*UHsiIYNbx%v!CJZaT8gD|yEj3Hk{d(ra@omy2IihSzET5ny-|!G-*Zt093pd>? zXsa+Ghf;yoDx&cTRGqYpEyq-6hs8x|MFw}E5}Uk5-bhz60ZHFqMVgam8RiXf@;+Ma zzk~=Mu@ZH|)Xv{yE(T@=mlsp$B^=AQ<}bp%Eu@(;XhoqdoWU@sTYkEI6A>TJq2!^e zZjQ6t{_es$u`{Y3*U)~$nvlAr8wfp}$MQ4%B12U6$DCY0bCoh(c$A6w1F(;t0#5>T zMarilxJ(Z|3N@(8nQe2^keje-pPj;s ztAw!7m%MT|zly}LP<~>hn>OU8%W{<_Sl5#Zl<93aoSOIm;sMc6w{6)$e2|i^0Nny# z5bzrE?GdS59q#UyQ{}Er-7F!w?V^|Kcb{v8z||8rv8Jls(*toyUk*%GAq(Gc&K~31 zz2(Xy^bXDj{BR4EYmz^xNqAlBE!Ks2$JR2YoX1sEc*NR?Uj$1ozWga0v%c?+sfYl8 zqc#A*@RzdTqVHg?Z(wEoAF~9wmX7PgHyz$XK|d1>1O$ljxSGkwmBJD<_QxO8Y%CdpIe(<130;2ng$0_hf-ERuAZ;$n_ZhcS{w@Oia8D0BZj;hVBAvY zvruj^UE7AV>O+}nIfli^RQ(*>zn&(=-v_xb!w8RV$FbZkmI_+NlZa)6Q1{kLIP`*j zS83y=gs)@FhU39Zs}E%QdC1$s6@EGx*I~%_?`9>`9{Pt!73)L7ESvyKH=~aEb4*Gr zBZF1ylH|@*!&(bAhbt7L%b$8ihEOMgvsdAZtFcE5AgJ2i*a~O`-oG5^9>a#h1S(uB z8MBv!OZL(UEGprB88iLnit^5VFabLNOHk4BsBe2kecaigr z%vUrymkdUh1A^<>ITc<5^du#ggs90J$Wl@N-Db*9ndGw6h#AYt@arl%%#gf7OF(c5 z+2xbV-lQ@PdAHnHw}|QN><62zrclCw5o7`xQh@RG7onS<&oeW^3QLbE=J^oVRT;wF z1a$I5ew6@b=fUi|A4r}+2F)uoeAGQI{+P1_b!-?sZfxI%UH2olV&|?gdHAN44$KQ1X*ZhSQPDB~U2PS6L-W{5-TxrWK*`c=@&K^SsAi z0PBhtN?y_F0Sv1xP2jRaY={+8w2l33bMjjE*<=jxnfFEU4ZnO=JIuQV&`MGgL0ezg1Zx^<3P zE_!v#NNcD}T+q8w2|!r=)gZu3l)t>pJLI8%!7skl+AP4bWTR~0(@~h7pQrdIW=2LA z6*+oJ_HgP`=l}$Ye(2*=BJZ+JS_H6ILk5~N9M=2wx3+!2V28bIpyI7W!g4XA(A6is z^^^f{1T|Dusy7hwc8W6#p+8SaP+s7+1ATdev!Pz&v%=&+&3hZubG3nNF9wQP_Lt>5 zlII_k{O7HONzB48j2OGL`{MSDa)Dsnhl~UAUtV4E3meen>k1Yb9cIQK}dBl~AFPYlG6)3_37y3${?&J_(Zl=mdV(IySif$Fv#2Gl@VF zJJC~L9+FK*9kxjZfz%w~CmEBS{JWpb6=Pg%mSCMZLqEpy=_@7$Doq0WVP%k0nBc8Zn?#d;oLzTdJ&_K zjnPJKM$yoiu?Y!1AOd_6(%42$UG;r^0sT!PyxR6Fl9{8ELcmpmo=ucsoNbSJdhJAu zI$W|Eh>=CD{^A5Nr9ibzfk2gT-UR)bMmIMr#15D|a)~jyF8*wnM;G=YfhT%S>y+MY zze02xFt~x}dV~xW&(Gc-(pSOW^#rX91+7%ws&H3cC}SaH)B45*!{Wyj&hLu^8kj<+ zJnCspoCU%3JLpH0F(@YT+XJ@qFuebD~ikOwEUg>?bSCI;CO)=mYf8BCTDH%9Ox zJ@%XrK@l^3mbpCQvmRp6OBo^fB?Xa;Zk)8Cz25!Bz|F00@x0%~3qRam?vsehO&sME z^zMvR1OzBJVBnxgu2hRl~woucuh+ zV&`oN!3H_D4rqw5LLAxaI@_7=gz$U9@7+@s1w64(Qrk$w`NF?y#7IyIyBGogcHk_-Ets_y1oaJGMeGgoPnzT zGaJ1Vx4webT@l!2kbd>%@yP=G6PVg_Ymq)99svY%|IRL(_SfAp$SdsnJloSvWN4`I&{=zRD{10Kn3TF{Ioyi%TTv;*K%qH`RPksT z6O>UuTy}kf6`LEt)1_x)#a)_jY$%jV2VRkf&rv~>ikR%PHe?lv6{kd(A98@&Xe2g# z9r6A5%lj5ZGiev1r?C*MhauK<<4{zZK;lwEc9wCDgW!WV6k44?xCnDwuO=Bp98JgP zAPcXUOkIk}au8Jg&$4QTC}gi_P#7_KU{sVCLm!h#+;JN+;1cj8u2{HkJ725S;!RDi zz%;{WRgRMa&%eDG|764sYa@{mRF2_&S(G55TwY-(YQpo%zC$bMCp>i9DFqohqa9LQ zRZC>{on-|gC~ANchNj_S&A`PtYN>BT)K}n98L*7tIp#Lu4)v=-Y&YQXp>lE%Z%F1) zGVftNQO6rA%&^FNEd~$QcTCtUQrn1}h&G<8Q|SP;5RGegXQ^w%6XpcAq>bv218L}2 zH*aJQmZJz7TQ!rKA`pUlpT05*SzQ;v!6?6ySG1sFOb#E%CR@1$c(^=@+ZV)KtJVp0 zcK0t^HEtKt0>Q>G=-#Ox%I#ZI-08RwZ6{u}9$y6UOm9!&E=&L7W`!Ml8Z!sEVKp{Q zzyQK3NYudPHqBy@ms4SuOv_)X0!CGS=?9chOFB#Z4q6kn`)G2DnrB61X=hY2QOJx^ejU1T;2;kdG5G*7g@72=QIvjj{yfFHm;5?ZFFE0jd?^Khcl4*MX*1A8p09**lj@~Zxg$pX1SeN zSbaA%oYm9J-J|~uX*9d~6-P8AnJq$+nTK3m@o2_rNG2!Wd_GhkhPwVP{FTO{fByW3 zX%LO*Q~D>na+*jw2Q2&)a660S{>2>)M29sZmQdcKvTVkq&M-s(6(c*~K8rM-^M0&$ zn%c8)!L)<}1a8$CK6&TI2`l8WfrzgOeq0S5ULQ?6tAid~UT>R(LVy@hJ~0~c0z1u= zi9#aaJ$WucK|`k?703=FZZEGXM5Cu@h)KFN!^uZ!A}I}Ntlh0nT8WDN{YS(R?>qY{ z`x7clsW$%!xXIlmq-DB47X^}Vv)vj>EWrY5sPnBUqG~Nl7jICEsW&YYrG2FHQdm$=64wAq9E~?+>hG@P>{Any9>t zLuHNP3&x^(HE-+a8K>|K*(sXS9v|2)ny(&ROG)51)s9Kx9ZRkAdzKGXt2R!&$~9dp zAI}x~Y@Z!0^`6rv<83w{^bd_VF;mLFzO9e*wzu0Ded{ps3M~Jy0dIndc(BmWT4S!G zpN#XRDPC!;Ub@YuTb-U)R!Og1kWCtF9AjJFyIqGHBKV#CaVr(P5oye)7uF)BL*KYb z07D1$%{i>}PEv_i&~z@&ye?$yqPFoew1Gumz~GRC=_Nm`lVNRxxzstO!cK7bMj%`K z+&7#iA0COE)twN`u+Xr=L3TSXw&M~^;(fd)C`E$I!4CQ)rG4}ukN&EkRHwH>3P5LO zf`U?`DE8ERQL&`LS@Ym$SeTp(Aq95F@CoV+Nn=_1>6_uemMg3Z+h z@^zka1iB!fmDJsr?J#3L%RWZ3fj>Ko`#Xyfx4mZ5a&7K)U0cA1(Ti>k2_=G!gx{RC zB6#pE{#dj41btCtXDbbnE#K;9#5$`pFHVG>i+*KusR%*pNm)S}C=iCqtQN;Wf8Hfy z+(yaLfK}km5E(m)t9?z2uqa$Ja>}cD^JVExrrv;e`cd~#6OJ{L^u#uf;bRm_Frs6D zchdN>6g_?CdfXnjLXSDoWf0&(Xb(x^wG zU7e-gpeQ5gTz$|@CIt~m`R|o5E{nH4or35`GPJ+g8ce!pcIt-B?zDCCQr4JyrMdJN zfqRQzuko~wXQhFvTBX&vE$QS58|?5z&KNXI7ee!+bHUtjGwd*I9h;)5uE$|K>0X?F zNrF`E6(HHU>z*!#o3hxZTHF*>j4EEp_A%9Lbq;rBVXDDYnxr<^bP#==s z^-rp2fC0H|Xt7#U>?&ap@N!zIx3R@gXmjL7omsT-8$WFIPeXzGZOw2muYSq#QK=Z* zxD-+`pEYT#7!TAgu8@FPW>UiIIPorDBB)I1?7P5;FFwrEG?J`XaLFd8`_iNH$|vnQ zdj`5?&i1a^alW~xy`B85x3U!2S$)w(y~b-%nwT}gdndxF{Jw{^-+YK8>qxV zWT9M2!CSCGlan&F8jr{AQ--K^m!a}Jg|_}v08Y)$Me^LU^U6%>>i)n@^9Fg+mT-$} z^`z^iQiVn%&6>k|o8t>A0uPt)zR7~?u+nnV4IO9s%!6}aXkSQj)fza>@JLpNV_VQKJ(r)leiw!_$WN`(z#75M0`Osr|x;~RUG@OiW- zqiYWgP!6;i=5R647>8_fe#FTD9yBJ?-4yrO^L)yufu1+iLG#v#6)TjYT4Frtl}H=4 zcu^^ddX8A-cF9`@rsUbPzvmAd}S3=_sPx7yaP-8ALNV-VbVEjccg7fSK zW8~Y>lAFwDdkYRK_OkvpeH6LcCB((gZuc2pPw#hT*iLucRJJFdl1&10au%%`dF-lG zAp;fj;QV8Hjbs2ZkuN?+kB9)!uzJSqej<@MF zW-dT1+Sc9Tb)2)uGK#vCrIEo`@1e2X7 zC1u_(7n@KBZi}9QQ`vOgFnd^ZDaoLP6PJmIZ7SS5c#|GPM1qEviQ2Wwpf*Qh6;2@7 z@0m(nOL>XiSkR69*4aFtRa^0;?>UG(7VV3iiIP*&x1=xJ6%jMZ{O@bXl*L}!!Flok z4|AmJuSAsj(8Q|#rfuQa^)dx=qT%W!?WM}A5cvT~?k4T){qWTE8fI|%&fo%WhqPmG zA;){{(_k@Vy%?;+v;=I2%je2SsZzyY%#0Js`22KGfgMpibRjNM z!cb=)m$N3Z{l;0c>?b|QklS`QBJ#58FC0Q|MZS$x`whYyIOHA}u?=7k+OL~WBPf%b za-+&Or=^guGHmp~{t(>JS3)A)M7j8{%CV((UCGsSmuYJ=5+0xr4i~U8T~Sga4ZvGy zs_#yOs*a$XwmI_Y+{54Axm94y1EsI@#*Dys;T=Umel-#EQkH7Qe<<7j*h2{@D6QdE zFX2@d1h0grq7EC63yNR9-e`Q5dx$DZOPQt#ng*>Zy=`h>TE8GgCFV>8|JK zl_m2WPKf=E!+F~5^xB=)vcC!wyj>J{x!TgS`-_p&dvxZ00^dLot9=vm>>5_o$+K2AC$DFJS`qwsYHTe6x_3p?9&__=1ha<`gTl^i} zPJkow;bH@viq?0`HHfd%sqxte%-A8T!0gqGY|0M7QPMMD1W{ev7jKJwm@p)X^jKx^ zs9sT2mQ2^x!EGAH)og=@tEZww)zL)faE_Y{%W#hGEvaWwCFN1TJkPr%Ke9zwy~aJN zbC>!o2f*G9-WpbR4cdnr21N0-9oO>cIvw@aAvnON?YQ1=vq##aeM+h-9&*{rdk$*l zi^xn228P4$(0Ek|t`RS3J+ZL}>Kt5vA4HBWE; z(Y+kfv-8LU6%@zhw4`U6GiNnqpg#pj=(;D7E>dwZ9CmIBdn-M#+Nl z+f!Yz`H0*ty0iOiv7B%g-^oRNY^+aJC*EV_E7DKFA`1$sO9YjyT%8~K+Q)PF2toEE zaINWw9%CMd&Z3Ctz%|R*>jsv*Cc-{GqS6@#-3*7K$;It2a}hI{4%}KnvZx0Zf1cU; zC)P2VBNd)2P+|-E#C*NN2n$>Q_+ZZk>nib;!i?Cpk9-oOl+4u&o39)YWDhY{40-(c z+B2}%;%Q)z$O3bN#!9=sQy3;=!3j}tAAo8HuMaq?e2juSY+N-ipiKAkh<$GFEl=#9`a z77v9r6H?B|gF8eG`ko@cQ%cDkR?GGcj$CAOrm`~!j`lsQpa#NcSK6Xw(aOf$XU$7q zWs$42C>Yp+RQ0n5&&uL8bI;z5)H96M*l#uIe^jJ`DE2R(em8D4;sXG5fB7gBg!zS} zh3T!0{=b@Ir_?na*IUuNk8AiYAT*g6o02mnH>ajcf0^u?Crt_cWW|#e0T&k&kVe)5 zB<4H4Y+SC7%rDAY}0zKwlb zs1#GT`wV&2ZS__Z5nA|Ba@VvJ)Q%tJ)(rh4y@6St2%`XP`HT_UT7(bO6D$FTQ)2Np z?o7^FCEz8u2-Yy}Vs2NS1=1hEvbxhrL9A{UN-;3rIIURZ_)fE&Dy^Y4QR`~d5?dS} zK}_MS8w@KLbrC=QC-jm+G3s-WMRO4s3u((j+98U3(2->~zYbHJBONKbF`rp>?E0f3 z#U+nwj8Xc6Q;B;exDT;k(gE3?1bJ1IR}H~RWEyL;PCY72zmxhhefoiXvRo((D0>se4oYLfn&>V z*DU7)ab==66W9alf-zDjY{z}&<0oePGOd2R#Q||LDYBijdI-g2mVz&z%OnJK>l+cN zYnutph$EG7F#T-4f%7*ylTlO$AQAWCCS zcpqHh+maobf&!8gx{qE5f}|Zcv(V_ z!Xt;u>e;PeNwcApH6K)LyiKMlXKuaci5LnV+wAQf&b}ID<2lpuP!#eOhAoxS?&P-2SI8gDlm!VJ{PGiK!_YN4rV4P*|<_V-P|)mO$(=*FOO+ZLUi0`3TrX zU=x|Na#O092Hmc?rh$f4-WGpV!@cLJfr0ebQZy@%ZBL`u>Y-;cCvU9v`FGMDrIOEe zZ}aD!P{YX2?DG_f&6?LD2mQm8un9ET+sL9ff|p{b!mBqVk? z9j0V~qwKSThJl4vePUYRySNQ{ko^A1aL?2GT2j{iLTM- zJPoLaTfbBh@CL|Enp}3nwqf|Gj+0u%_2{Cr4`h7HMb|IeKr~ZYu2-C(W;)R0D4L0- z!`7WpbXFq7cZ}`6_+R}3i~V74XFGR8EN>gSXg%d;e`=v7H}gY3l|tPZc#M)-$M$ux zj8#$>lgHvL%=huL*X4Gn=%&gbuy@imK$hlqvwFUl=k{`(Mr;~1U9d07lf37VKv)sa$($RhrM+={{UPd6ZdSo3GB9tlXHmb6Ohqu9w${$~T8-Ukmv~cC43! z+-)-MHAb-vfC<2}ZY;0`jpXyFK0cY2hYLRXQ(J8|cDWMYGF=3~%))3pbQV8DM|2oT zuCwKDyqb`H=R^>l+6F;UXElt+p@82nf|ox()`A*I$Onb1g|avdQ+ZQKvo|YfYlcFX z5~S>_Qa91n7!_rV6qA^4_f?4mx)WTxNbUZMA~xFr?yDe+t}~l-sK~CXm=%W>?2Ys=1;tz1d1x`CpIFTe{o8MD zLa#O*0>Ry5cPVr+UJ>-jQZ3h*_z|Dk?pU*e}aQB2ZVf(&M8u>I!OQ$N{g-yI0hx@D_W4umwxNVk07DEUgshet?e~%|n`MyLZI=)uB6&nr+_GX(NKj;HtG)e#Edc(j{L~z& z`G>7NgYhh-gtRxEGw8dg0r@%dIJ!3na7C@XKx#e^^jo3&T;}Gi#S1i#!!ZTc8}Z#1 zTqB^pY6cd>^_X_sj_URl27#KiQ(%L}XcM-0BN16N+otza3YfJarWtP%f!FUIa&`Zr zWVW34I%_N*Q8fDMjeScPJ#G53J%0t>Qyt&2xOz(L{iwzja`j6mX1r5ERFuc(8_%HH zuanaDZTO?`rquLMUv>a!pCoq?BCMt93v+=k;fhZ;mS#RTt09o!7QlXJoON2H`553Z z<%+^vCWucb&0^9#FSXQWQ5J#I#OXPZhP3grTQMQ&`-&TKU@N>wa0rurBmASsbyD+9 zH1-r+i}W=`Rq!j*5%Wh-MrPo_@bj8c+V<8afIMEn?)5#`BXzkw%{T&xK0a57c zIh@EetQf6xlwmqAH3D+Lr+p z^fl8UtjYgZwlMxvzTXp3SRLY3H9rWe%gV);^OvN5dg*>M|Ft{& z56nM}EB|Dwg8f}||7~OWyBPnp5d4$J^E)H{H&4^({}>AXj`wGi@;`Z!uz$zj_M`Dgy%pF}9?za##SY{K6K z`sZH#pIB6yzr+4x=l*w*{;A*pL^`tk9r6z~|GPNPd+*mP?mnx}d}HGMC!ffS zj4^Zmats*>U=S#Pe;psHY%2ft@V_s_0N4Nq_D0(FrdGxlhT6LN`qqwC4%!BWHWt>d zmWIC{>9tw4*}f|(Kmq_;-BcU?>vVL11^@&(0R{j7@%r74%zgV(a+*;VxPFy|)cqKKv#f+qNb z#2*cV=P*72vX5OeyGj}2!d6MPUKnF*`@E1SRx~{!UL&KjvRRRsy^qlUvZgr)hQ~-; z%S#CFbPD34bclF}LZ0Celwar}xgd?0=DrUzVfUHiD1Y==ipbsT&1Nru6JN=2#Swy3 zG7^BQ1WqmAO+&7ZCEQ8Q)}iBB)xr8^%F!T}l0+b^Nsb^jzjpY#W)d>|v4FpQo03(9 zj_KP2%27xnOpV-SEbNs1I7ICTEeH=bvSe_!T<$|_qO$7JFLZI-4yl>2s>0k<&{$F? z?PGdZ@dR#AT4yp6^cuk`RWV9wugCfP0aIOAK`LvZ$RDOtVq_`ysg)dxTW=w z(aMO!Svy1torY=V!mFzC3QUp9$0J2!%l>-y#wE&4pN0qqlO;3((0H3UU5a+;@v*OGB1hC(B|N7EI4=W~y-I-B79gE9j@M z{q=E4XA3Oz!pm4cWf15$QHf0Rxpw}UVTZc^TQ<$bInq7lNDL7qN*uuue2Hw~}pCcEQ^oPrZ zXC?20%BV4IF#5|jigE9fC^I<@!T#6c&g|5^tYLsyh7ygrE(V%~5 zj-(y8mP}2N-uy=u5E-+{BCH$?_YM+;|Ibd5(B2>{#_%kAA{6p(jua?)Epv8_0^nyt zn9R|Ula|30D1mkQDOUS0o^s}nyEgLl#O7Oomc%IXSLxVjX&GiMxlUuFpjX~B>!K_- z;7;2oYu4LOKRdy-7ngNY4#ESRR}rNF*D82ASMqe4KTZ`eai8O| z(+=M`zmCa|e`XMYNqhAwZOS&%IQMz=YUVv1E1^DaC&PSr6&W2kU!AJ1bg@5x-#mZ} zWKgV|Eyh@nf`+;`oixb812dRFFXsWNleU1fW}1FFPA$~EV{wQ{Ia*w=GZoq7odZOP zdUk(;|0#UktyzJ-KmY(qkN^Obe<^$hcDnyT^a>PbB3J1U+>fZr?+X&(wluZX6geIQ z5Ngw1zBhm4ti_R2*ywW3*d|5@vT^3ZH<+?;GA8q509B5BS4SkIHrB9rysfn1bfNM5>_4^zjM$c^q zKkxMgy7YF@BCIw~%_nt_tTXZK7AfTUz8@9yYTh`BJ1h)}TH-C9G6z_1>@$L`jN323 z37uPOm44AgCtU^r{@rm?A>Mpdpb1=! zGA@tr7$RI@c*EcBJ52Nhv+U+XGabO1Y2qY&pCh zJm6fbBD4~x)~-1sm@QuiRTC*foM3S8_ac5lPeKe~O0B>RIW~84oYxuLR%gMXNf09o;{!lV1Jb*r$SE0U9nh}s9>7DRM56-+jt50r zrxSCDaK(^aX;iaE&xj4tdRHMeY3#xfp$_pts~-SY4*=>Rv-(tS}v4f6nrp zNJ9D2-*0{qxc`e;u50<9X1Vg3)fyd)$CR?mrUW$cr6H&i%JAcI6a)}oO|n86HAZea zbl~S3`3uro&78r6z>FxD2(b_@e#UifW=P%4r{x@Y~4; z_*dpA+>wAF8@(Y*3Tk;I90GJ-&dh5Z25Kct4S`sYGF1Am?__v!Vn%{F_@Q+k*shKYU~x12s_s*PPl3|ALu)Z%#^Jp#9ku910HF@#?yD$r1D{QJ*?L5ha9_#P2g z=2U#pjwXhsPbnf^;q$CF)S1Fz40u3xhHxoSLw(=u4tOO6V8+z-3ItRx4zG*uOAJNG zRd#|M(GxB(QWyXuB?5jJ67)%i{`8K(`4xGXX6#*GJ-c8ifJOvE=0v@QtTlqd1V>hl zXJaT)?95i3F5w2JXq3J_5r#^TGW49kBn?cDe;JMg)fu=%3UVvC=Z%P z&V)%xTnW0@0wWZq=yKuFwdw1W3et9@xkx2K+utOg8hN$<#L014T>To^j#~D!yFtjr zkY8L%fulfDy)F@DRji81k=^9-7ve-P} z&TL$0-$iq|YG$*kVu!pvG;1+Cy^nnuolZ#i?u|cSm zJluIhK?7}39S~NyQQ8K&fs=_^I{J!vKl630rlgPLm^^X`=s8c!`dPlyCQd~X)I~@) z3ry0;d2#z9m+`?Z@xxN^fg+)+F!osA+N@ni?Mx51CFb_r zll4dAE{He41+3LEdOaY=Tbl8G6g9dr$F zSGtTY-SeiTS3n@e?8)anRX(eoG#&Cxe7+sw=~iSLl`V2CKblXk#e+0d!jYc@W$8!D zR}erawLnCN)_3Nay3x1ezh4!5{iz0Mn<;E_ztsQ?8vuanFW-5Vx~5kDK@Jv_M}Erz zLdP4GN&)COVd5S>Zy118)JHHI!nZi3<v|(MYLcK6!!OEhRDVVE#U@dh@;xPULX6LS!EgT0w zpmdoOd_Le%5+TS(5z|ft=&SRtf!+!(U_8R=N8Xm7Co9KHn4mLIkv|bH32#J5*#N_u z^aNd=;K^a#)I@yu49?wSE;r6Uds;y0er!Z#9K^b7(r(OtufC~wXRR7P0FN4o8>#CR z*u&?r!6elRW`7`tLlWQi-$H~Qnndx1MoMTd717b(Po#e^E`1QyizTf|5K45@(6e1cTH?oj0)@eMU?WJq4;D zW7LP-4KZbhaW>e)WZzr-~L=Fnnj11^O3YErgzX@0;3|nOBW;Kya{dkCxnE4 zlY)*FM%)@5;(5g;dH3|4wL-Vyy|X0XmUEZrncMOQf|L2Vt4e7Q&GB$&>{QZTzXQNbxg801wuVR}_(N)w>*Tn=jq z$NZofWM#slm-pI;IcRZ)N^>|4Qe!NdorGvZ6Rc(534?FgwRG&%bcA3R;Jv3o5+4>s zkkI+yE5=5)Hd8)OW8k!iTqmI@ew(i_*OnkwQojY6rcfFky>@Bo)(y1O2sUL0RYiS+ z&73D^nxV~p`LODy%bA$P*>`@>qv=$KiN}Y$qEi!c-PFZWv;noc{9isibS0T$0SjYa zGd^=uL;g@c3$JOGmh@UPar$aep_(EXbBuX3L^8PFP}Z)MHcGm7iqw}2?dj6vKP%)A zXC#VmrM4*z3H72y1>MU9BihW0)Dk)G7a)(W0wa!cQVK4nEZB8c{{i}^ZcKZB*e4?Z0N85+ z0MPxVZaC@Mnd<6U82-mH0k*mQ+Tcx_=Rm+oydFP4Ar5CF>8L_ToZ8;#gNjvJ$$=j4 zwy2iB@)dw={odE+Mn@l3wy3(^zT|?jvS`oWWp!W)O ztfbI&l*wQ$sBz`KbT2n)OQ_t5onZ~SZ0}A+T=ju(kYu4Q1oYf7kW?eeh%fuNlp+#n zxi(SuR3(h1Kx3#}A)4%|TX+y<0vKBbu9ym2BtN{e&5bp`hX4KRzV;DJFtoqiwSpmA zQK&>W4gb6X&i4`HAI``hT>E1%eK2@sO;5VkSCmKXbqY?@c`4V{yT1ae{8KZP=o)zo z#%B^iNwR>k-P$KYs{o%RMH3Lznf#f{YCWtbd=!Z;iw&4C9Q5f|(4Yro<(m8gi%2e? zop#3+u}C{*MmmL!r>8$zth*; z68Mw@Fgf;T-Yp=y0qQj_Pw`TAIr)B@#;ajP=XPQJG3dM(wi!Khh5YJaH{%w@c{_R& zaD?C_ibHksLT~TR6GO4(RabOEBF$mX>Etiy@2#j5A$A_zBHavMezf$~@pay1D|{s_ z{PhEy`{i|4&p=%S+{^XtVY~T&o$C{MJGloB#$=}H^*gO0@r5_l!8rTv4HNOWZS#)* zfV4Z_i5Oos;5ik`0q9b&a<$M~lDng%->U!;673StC8P6>=#W(Rx9)N}@#vHpqnJ$O;V_&`$TYPH?_DJT zSORLwN|o#IIopNl`A}b{M98nOTmIfWftiqRu^AyUAg0~*so9!<))#$+%zI0+ZHcoF z3cjETaQ^7bZ>cUWoV;*a)6` zauBWBYA}t`@FZvOzepHuBz_1L6%s;JEmMG*^5+R8a_9%b+WPH3JR^Yl`thE@V&nKm ziYJTSU?!U}oqIzkeamyAZ-H?R>u$+tIs%b+BdKOP_G5Cfamg;U59JDI(+L}Xs*f~q zF^Giv79AJY17^`u>Y}+!y36~%VUsM z9Xb~vO_!j){Q24YL+T3XhmL@SzJP_YO9l4wD|s~d&y=1~fsoh{x%2x1{yN5>2{&AO z<#DC^;x{e;-LD2AFSts_`L5dIsU9d_Pl)|v>iil%MI*gTaZ881sgulETArAGELays{j z8Bu!EQ*xNwz;pgE%tZ#k##K8ud)fEFai+;>`dpKigtM5?%p8r^ zqlMSWLUYT zf-nL0&3$UZEZ~Q>+Kx7++d+J8aJ%;u1%A)W| zoQt88o^P=HjSHR+6$^wL-^cxVzET=sDuZ*}jyW)_+06SAC~La_9Taaj{MPcl`i{|1 z=@Nf)-Hb>g1PsoSr-(&O8zYZc zaN6+>ly9s9OO=|A7ISL6u_99}?t4QTJVyaZC}6bBSpO+cC_f>x^pFMELM6WLZIA1_ zSK2c#l1@DrIf(&pIS9V09fPdY034GXw7rCN6aW{vF4yb;%!!}fd^JudY;Qa|1Cf8l zXzWx-k_E5qdzMixNcQuJ3Yh`D3tCBmA^0hg$Q8RT4K@x({EC_Lw*9SACDz#J3RFFG zTIndk|NO_R;RyqFNDGm;fMOKS>%2G-`O-2QK?9C^<{fHYFaCkcb}{hK8TEktib_0_ z_cRM2UO^qK5EKixK>%#xR(43ljk<~c*m{P!0dNpn#ri%u1kX`I zY>_V+Ryq*XBn05HN)qsn#T@EG1heP#EL=bdkzagZ$f*D`-B#1GE9Ov)pt9~}tO%PP zfQ95~${^Ys0no||Vl_-wF{tFQ&k0D)BM~Jq3vrXtFX2E43q2gQJpoCD>F@Ehi{6rf z>^6D{mK1nQ;Qrv0d$i>dNUGWZ>)0Uj<7WA+5TtyXIJJG%Oo ztQfWmYXD=S>ve9|4rKSN%5S$_h_n)}SdPvEyQQ`!ah0Tgcd@{XK8>1zShpCN#G?ad z5g@4JbeUu}%gHJ;Nu=g0R|3=g78b~v+*pU0L?E8VVNhN|cpPBXIvqul6>{dM9TJsi zZf@97m#Ab0h+_U(*(J6EG4-X2x+HvPStqqmq$^eFAu{PYX7w_Xu@9;TO9wygfUBbk zKS;K7k4Vl8m+{b?sIUMj*p$i~yN%jF={lU)q~cZB&50% z9LnNm;`*!i3~@NK@(oKQD3LWxf{B|{RsL|wVL&=7*K{^m7n-v6F7%DctatW&!8m|Q z?=O)*6{l^q6d0;rW)V(;RP3cSq{0Yfn7N%3delhz=(9|Z#&z-Lc}0)ZEW72Ke?gswuE3rI&(s+-D+q)60@!u2{K5I*Ar%i3sJ4()!^ z+4MEEpN5=+3fs_%EurrySRTmJD-`X3c=myo(1hu_&l3PV_qba7wTSA(V&#!=aNDeg zDQmE3-dxFrIY)PXRN>+x9D0;PCPX@C!K;wMcM2}=_+T}-?r+a)Bgp14AcoA`Mj7KN zTwLe7pv%`PP@EdI;iM>bu1=;SykF6h_x*?&+eK(RIFGz@F-SwEPuX~ z>9T&cG1t0H8jZGCebPSEV?|9UKK@u6&wb^s3#_lHZdz>RQyF0GITF%8=KO&lm1 zhtem=IVfuAGLkFdmyS^0++8jE&1avp)L5(y^3-qPdDFtSn-4DEaR-X6j-aj_~_=wrv#8D1di||Nn0nQ4OrnUCX^YhAE|FUE@+=nSkdqGFKC$3 zV@sxz{JcPIiE&y+NwaMgRX?3Qgz&pyOlrIU?p~GflA^g1HFQtW3HE2zwv~y0*9*E) zoPz9E>i1rSGiBQxs`3z8B1I~ZbGxr+#Z1}@4jscLNSPAnW!0U2cHMpSN*ZBub^z1Q zk`F=U<+2dFdb1v+&1Tp}N!0OWW^j2h8*tgGH!M|WU)QwweHy%KR}qoJTZ#M3SjvM1 z-r|llijC10gts?S5m@uCY=o_`IPzeH={V_@Hx>)yB_EgMrGNmUD@|*#_x0vnGQ_MG zE%sUXZx4{LAv@bvH3^BpHXFuQzh3p`SJHu<;aL*0XGviiYp4cq1wV4MW)G~9dTyX#Ao=h**ggd=Ce7)wY2g*%S)-OfBjNW z$#mMNrEJt+v#?AYdWlg1r|sCYbP=ySslDd{E4J_;N8Lc8Y|bf@l;(Sv)*G*s^Yj_W zrYY-(dfWNNs^(VWi_Y?*e|zOc2jwb{S#f;E7|)$BhvLUB#-@7}5(HznoDSuXSe!|` z7gi{my1-0fQJFGXmYq6a)z9@yO;CQ5y)>wKyQ(X+^Zw-kK3eQwQQ)~bh4zf*oCg(_8g6JfN~azi{mUB0C->r0HFTM3W&Y6m9E`?D4kxYOIYu*Aaoun7hgK*0!P-Z z;HrUKKhA1Tm+2zZ3$0n)15vDs?jH^DI;u61+Lw#O<=K;0Fyd+{-6Q(E^4FY1xQ%~GS zjEl91GRU}$YhMp1aX_UfobwO01BSnlzdnJ>KYye`lFy8`=n8#Ky{3ksY`}^gM3iWJ zvC=p#R7KB9tP6ERa)_9Ox3Ep3|4axmlTky^r?e{r?uI}vb!a!V zDq2C&Hz0mlB(c2o0QmwQnTU8uN=#Qm`_yubk)IfK9+8b|VBcw}_gf=lqbY+7V(qTd9^DH||t5;#nQICm+Zk&|2wcE|z z=}WG3=F;sy1fsuD)~viRLZAJ%2euAJoLzl6aXlojDoI&z#LEEPGES(bNFA)HX^3zt zI}B%oHoXAr6>4D=q->!AGs*!wX5^b>*h~JE8S6F3tEKa*C;TFXTu&Jsxo5l9J4;D~ z7+kNu)TfdorEX951&hqv>^ccJ1+Ef7!`>n!_3U$$Ywj)V~B!rS0$+>DK(D+9BAqqGMCP@)1@E2@X z-&BfLo0mdIjSqytO{&ZF-VmjtGt>D{P(u{$V2Ib}f)5fWr3kv31qw74Ge6PkKsYR* z=Xr5!Fgkmy89Z-v1ovBXK2~BMf?-@0yy~i11HL2-l7mHT;N;3eNP!K0EJ6_xM#5nG zAiIMWh2!2?qTHM&c<4>12MKXy)%lh8vm&6a{@@K<$QHp(ns+}<_7Kusgcn!OI&6Rj zs&!;&^_9aOA-+rZ-m|d5J{HhvjW%cq)ROth>TYJqM|r-8%y-tw?fJD~2QI2@P1}W^ z;C9R+*>{f^1ta?Bb5r^a(Zb93aEX#e2$yuuOgh?Bw|>5@Bq!PrN;E&{*+O4O)QCL6%g;dP2Ye+gmF+5SLj6!aBhHt!y7C#HwSw1(Zkf2m zczJhYO<&SNGbyYYfh97zd=OCvM<7;alLFhW1QNAze(Ya*|GCt|Qt2$vnlZ2?B z_qjTFr639lV{@8QGA-G28q!fd1BBJwQ;1d>*=hH?_r!cu9~d0ui+u(#Tz+hHR5Ll! zUod&|-_E;p`)x5CvlPEcMSiZY&Q~SA5#%W`FF=125mS^7Dqg-kJ@s=;;PK%F8$@Sc z)d;=9y9!&v63T^bl(W?fs(496{`kOR)(yTH48@U(-CgG+U^5=Rv4Q7M3@n*j+5(}_ zH=HFDT`7=Z3j74r-~5gQSp@jWlndKc>@9;Hx#J%7#X~!lXBakHJ;K8kW~vnSP^#}4 zG+_PI-%pN(wo7H9(%2)0oH6eJCwu}jn7dD#V+vku3YSb<^+n z9xnY~u0pH~9h|N0%zqn3|HD$GAZ82-hyaE6$#Y=9ga6_Utz|Aj>>JIztKfK-G3;b6 z(D!3$_Fr7$$q2-gvO_g@q+-!aHFIzkN!KU6=Rop72d0v5**3 zL8T1b*aMUxA4#&?#pFyO)vP~YNrgA2%G~0cWqsW-9o4heO3~_|2Y%^WP6v-zpY#KxBvh&e>oI#LVSW!LbR3! z|0mn(gsQszS~IHWQ5Ek6xH=<4Lt?tb#>8atqtTve!i3-n3(ikrFfmbnDI^Vm_*{qA zEjKvYcG3J@1C9(MyhR|mN!YEH?d$mUN$oiHDP;8le_a>zHH-(DP82&KNK)g?T~TK;y7D#OH5g&SWf= z{9dyQVDw`yW_DzmA$;M@E8899L~C{+<^5v~QwoKT?$k>uQtF!HHLixuF~xA0RTX^7bjc}+5-*Pi6bF1eMX z3{vMDid@UVya;^~hLC#gr=?XztS%A0&e8+Qqn32dF1d%p#RV(uOhv1}{xxd(7_k?VENwra2x6 z%i}#6K_5`&3=!L5+V0DrzP`mSQR~Kpp^GZ<)qNVWt%C(_~cyCCJuG4W$WPml-hy>1-7)_wepG**Y3F81X^l zirPQU(co>*NYM;363pb;2Jo-}=m}&h4eurfj<`r2GM^vy?Udr_&*DUyOBaMGu~nXd zQHXhF+!-T@JG7!6>VCmTZ(V~AzTpIp!IV%$*aif~>u6a69C{{KEn8uZ!@KIHZsn zT{~sWDOTh^P5b5RZxg9XnVRpp!v+FJHoCh9Gp~kOxzDx;_;u6y%o?eU@vzFxZIR>r zHWEjsw~4oRlr+qo!k{)hPfIyCOtq?$zw3G#b%2gk+*aPYO~$bxARx2E-F&xzXC_|N z#azPOt%;5;;a8zvlG%q_z)Oxt0U|Qr<0Q5Q5F~|&fu2f8G%S}&H8qZUZG1}TU`fo3 zl~7;zoS4(hOEFEQuo)u;$*wD+zdP-8cwxS%@(T(I@;(r47c~*qLX^pRK@AY~Zy=FU zY)BSWquDW4*Hg2|+2pIJyLUU))03hvMz#30=3CyY1SjX^7jvC~{ ztxvKrSRF(=RW_S`%OKoD+i^9*T4cf5Claptyz}=hK&lB1=PM2n6D_DwWcB#sLCbbX z8Vg~LSN|H>Gqu<^V_-(YB$;G6AhHaMn0(LV#pi4U&F+f(LEi^BjuEZ zq|sP&vpsxlHQAj>+R4)JZ0$645XIS@EN&mA+1>1?VHm!)^K>6WV*5_CQhH|-;pPr3NLj|6EDJ?eYJDdq`887^xr=d0N+6!Nx!rBZZ)>w1b z-;9VoIN(Jlwt$gUS@dJE$l&%0;AGE_G$4oKazS9LA$(LyC7>FNk?1%Em3yaI5-O9bP{c7YeE=#2&a8(3 zfszr1>wiIh6{$B|TNfzr6R&mD@kp;{dZ5wJ+SVzc!$jNKwluL@Sw-5`1%g_9K&!L) zZV#eg=B^T5cy;$#X}WK|8SksYg`9JHh4(GnnScr>F??W?;$XMNpB&j3vKwSYso13V z)dj+lf30!9tlQB+BDtOaK>NVfVq#OEX!Mid2}&B?*@B4u?MLdVy~by!JN^``fU~uA zWgyPL+Kc=70fe-&b0-bB_XBWG3lJQElTv4vOy`yfuz`XbsPYv=;{j^;$5VH$e0SXs zz^O=efK?u;?z`WQZlDU+p0VEO9za^y=rXX-U8LKFS>8!X-h~Xgrmdnv7Umg0Q_O0E zN1qW_ZG%bQmI#Y5IB(jlgj=#wCpL-JTG;O2KV-wXsdvP&Y{QbtW{*8z1WZ1$BC5jm zD56v=m&=f!f-qAs2-DD2P|&TI$Dvx-Ye)v>$JWCgA2}pL<>9e!lWmRPTzw7@pjH|V z0AcSjJLEd(vZth-P0*m8dCstg*QFOGa$aSbSfv^zwvUmMUh7zhRoG`GPBu7ftkQ3K0DcQ3r^|{W230G`kR`( zY)diZMJ-oi6citX?UiIA;;G78=$#d5XS*TZ6`7u;v|@O&;>( z5?>RGgCh9jLsUu*_qxlLOw)<)w2F%o5Iv#DZ(11o?2&BRxkNMe}3_Dyz2TPtFB|de2v#N#B?@dxhe*J0in)C%oH)tp{kW zn1TUzKBC^Tp}0MThNmQM=U=BX*nlZqk4F;8wCX;U1Y)U+YQ!0b=kd9RSlPQMnl7cj z&KQYB5Q)5cXWJA)OPRcE&0U6bQ^mC}teg=2IIMDpSoz-mE!H6}BI4KAJ9odz<8g88 z7TjTILvm`cHyZ#*j|5i%0*txwD^s2}{<2pmhI%d+i$0*hCV=h0D9fa9;}L+}gflWv zi2yE*6thv|tmI;gSxFdH1BY8*3gY_fPT81*_ZxQ5zO~RU-T`##jnG1u^SJuENc1U~ z2Ju^xvH(5fA=76-TDt%K;LEB(%GTxv0BJ10&D%%dujHlH6vHqWwr##TB%|!8?^Y6) z^eDI*CppP-uHY@ueVXqYkKR-TjAUr4*o+*RzJ{jtxL>3lDmK44o$0T?(J zw$Da&k!RN)r2n1{a4_=4_5Holp8S1&|I6j2lcAlxskPOAGCV0p^g#8}AqZZ*gc2Bs z6r#2-e}?)q&GI^)4KDiSZ*As74URF;S#SQpscS*nx<&(N8`@uSOj@zMb`SwxVVN#f z`W0jkMdlctODs~j;taV3;_Vtx|7w6g-M>iS_6zx!b;yth|9;cgm%V~w#z#xY8qRQP z&Nb@$Y_8lZxCr6^)SoM9p&?iXli%HB2K;+-myMmZlc~Y){{Dw=ii!wMC~rCxkhgTb zkOtq!Od;IoT%TuxkQ#)mNBtX88)?bqTnWp>A{QpVP{X6r| z=*mBt%AkMOyZbgS|2yQL`u$I&BlF)O|4{S4gZ` 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -137,7 +137,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -177,7 +177,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -220,7 +220,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -266,7 +266,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/aws/installation/sonar_multi_account_deployment/main.tf b/examples/aws/installation/sonar_multi_account_deployment/main.tf index bcd36cd8d..ba23b69a5 100644 --- a/examples/aws/installation/sonar_multi_account_deployment/main.tf +++ b/examples/aws/installation/sonar_multi_account_deployment/main.tf @@ -1,6 +1,6 @@ module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = var.sonar_version } @@ -25,7 +25,7 @@ locals { module "key_pair_hub_main" { count = local.should_create_hub_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-hub-main" private_key_filename = "ssh_keys/dsf_ssh_key-hub-main-${terraform.workspace}" tags = local.tags @@ -37,7 +37,7 @@ module "key_pair_hub_main" { module "key_pair_hub_dr" { count = local.should_create_hub_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-hub-dr" private_key_filename = "ssh_keys/dsf_ssh_key-hub-dr-${terraform.workspace}" tags = local.tags @@ -49,7 +49,7 @@ module "key_pair_hub_dr" { module "key_pair_gw_main" { count = local.should_create_gw_main_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-main-${terraform.workspace}" tags = local.tags @@ -61,7 +61,7 @@ module "key_pair_gw_main" { module "key_pair_gw_dr" { count = local.should_create_gw_dr_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-gw-dr" private_key_filename = "ssh_keys/dsf_ssh_key-gw-dr-${terraform.workspace}" tags = local.tags @@ -106,7 +106,7 @@ locals { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub_main @@ -144,7 +144,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub_dr @@ -186,7 +186,7 @@ module "hub_dr" { module "agentless_gw_main" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "main"]) subnet_id = var.subnet_gw_main security_group_ids = var.security_group_ids_gw_main @@ -225,7 +225,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index, "DR"]) subnet_id = var.subnet_gw_dr security_group_ids = var.security_group_ids_gw_dr @@ -266,7 +266,7 @@ module "agentless_gw_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -290,7 +290,7 @@ module "hub_hadr" { module "agentless_gw_hadr" { count = var.gw_count source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.agentless_gw_main[count.index].private_ip dsf_main_private_ip = module.agentless_gw_main[count.index].private_ip @@ -324,7 +324,7 @@ locals { module "federation" { count = length(local.hub_gws_combinations) source = "imperva/dsf-federation/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag gw_info = { gw_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip gw_federation_ip_address = local.hub_gws_combinations[count.index][1].instance.private_ip diff --git a/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_7.zip b/examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_8.zip similarity index 54% rename from examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_7.zip rename to examples/aws/installation/sonar_multi_account_deployment/sonar_multi_account_deployment_1_7_8.zip index 34db505ec67b52e58e88af84fb4a2e4f928e1225..20fd968013c90135c170305251a08db9b7c536ac 100644 GIT binary patch delta 2700 zcmZ9OX*ksV8pmZUL-t+M*o7%$#E3*R#@HH5wi%3FwlQN5@jsGm*_xORDUv0ojE7K` z5Go~-B@vaeOtOYNmK-|Qb{ap9&`o8;gm~@!%Seb*^xLNk!4lbJq$*Zkq zXUoL`3R(yD|iQ|?O5P@M2K<* zq$Z-RMs)WJI!I9f5cDwgGfxI3f?Z4G%mk9u-N^d{`Z4M5P&zKw^V-oCuW|8n~YS`@gwFaV!U_y6%p-X~`Dxhjk=Dnq}h z^C`e+q~&4bM1JJY{gghY(dUnnE~WI|ePwy~Y;QW?23MG02}#k1MQN=4RGc-Q)mM{_ ztSu*J&nt`J2-Y6o)*W7@G8x=naE39IgQTe9rlPp0A?r57hK}=Z47ZIg8(P9R==XBl zERf9w5Tr}8ncalG{9nlfT+zbhOLU(cAh_??iyNi=k0xnM>yd!y_v1b;+>Sc(S6{i- z98EZtnv8RSH7^OXV$RX->2{>b%wrVRbwHMli5k?a)UHuCs=Aj8iHp`)`6 zIekyP=zc@Xf+W*G4wqBJ#p4;=aNHMpsAND5TjFuw$>b1_-{ttOr?NSq_LqRGp&ulR zf6|m`j|HcZOfLWZQ2wWC)(}CEEphlMWVqx}OJfUb9G+PGxu1x|EV^e{NqXP5@{c~sxfX6?{c$lAKksgty*bd2vw{tz^xvnrNIDYZ;1Lr=nd=A8` z4*#(H-NzO2YCPMG(bOmJ6MBXarQe5`;#y-SJJG5aeREH`w0~-^=eMj@A20n7eLZ*S zv3ee_x?}%)Y?CWGze>n9HQwIv%hl5)I5!O090;UFnMf+OX~ck zkah`zPMPF3(XjB(wCD~9L2A8KL9_al_sQ{UInZF@VAs2iwz+0DC%kI&yKH};lYXXb z&8Hxas-u|ZBU?dpw0728D7cloiGOc^U1V(*JJ0w2Rv*msiIKrbMrX3S*~hADPDIju zW780X{lDgT%jRmu03ns^M*{g4MJN08dSA;cZkQ}CRh%&5>aV%-Ik4CE6t?!0o+lv# zLJLXE8>nwPCztnxLsM%guQF}|s=Vp#2Y#dVxs|0L@p`yl$tIWTryUxkw~_1rVkOH%e|#LDHJA6uuFWM*C-LIBf2k;;zqn;Un$9o6dy zw5ytLd_t`Yp6Wr!x@oO$evkY4M!q!XwcbW-FqRChq+BW#vj~H=ttAtHdkhrs#69AB z+-W25)Av#E0|Gt@>Q|-WNYfs5FgxD_5AClQs!bFQo1aW97Pa${Vs>bT*))P5%35H= zH%!s#TRuChK+)I0GPwN($+im)Ek28^+bcF_(X%|DX?wPa0(6_RPk*-;&l;O>7qbHP zck$h78WE-Wu#Q&vVfsj4(mFhu)l6KQ(+FuVC=aU>;zPNZv4+XV_)inn9E;ZamF)Zz zh(?`5V@eJS6T21z#1|QF!?hfnUEXt6HhAz4k$201q`?qsRaNPz{~eoA;@dXl_(h1- z9I^E2G)bdeZK+H-Wih7yTQ-Z;gYFZibSh>*xZucE9rE&mAUk^2IY*!g8FL`x|$#ZvP!+9f$(gqb@NGyDuRgkIfdb=SfG zGB)3OafY)fKwfT0hadHCvYiWZ~B^333H}Xv*G%O&h&_kjW zTzuQX*H0n86(ozgZ$0OB%^(MxJLB8KE0atqMAh~w#mK~)0q|wls*VKEcI5HxV`iH$ z_PEf?k2ix#`*#haGMlcrmE2+Ig6{xp{pglrDcl@#_v}Cu*!I_Zh~zwFJ~;MzZj1rN z4Iw~pz;=P4KY_wV;m6^bcUYQtm3_b#}!) zdUJKT6Ni(uR}2N6$>$z#dy)2qcJ5MEn`2Q@n;9%aceTad?d0Ti=-qhLU8@l8R&YVl zN7w3QTy~>ILepC^&5=4`7sA29Yp6u;Za=KpTRrjyYWt<`IzcyVEDfW8>sPA0HV z92I5FrP@i7|GIw|AFt1#SCpEKe|-Sb-%Ni4M@CH?t*xT)Jvg+EiTJl47Apu)&CH5$&n=ayBx-Ig!T{S zHDsEKHR*Zo+XUrg03TQ}Z#(*NEyuh#LVN9;`C5fBsl;j)#~utVU)kNVD$JvI4EA&j zrA5Au3NY0TfHCp7(4yfRQWoN6rkV9zj6~I&_Qw7spTc8?j+i12!X>d&!2zbzR4L=k z4eA}^ui+b|Dn;waM494!NJtjNwJ&Py`=Ulc$V2y+v9c)P zgPOJ%6Mx75SF{aTJ%N8H+W(0C1730{(LZ}007m6dLI)}yNG;`2d-ivr-GRJQe*gTz LX8#4C3QGS0C<*H6 delta 2700 zcmZ9OXFMBv7su@yu_;Ar)hKGTMy#Sr?Ujnydxlbp)@bBXm1^zSm)flmI|NmucGIHN zc&JT{)@ZC6t%u&veV*(7Uz`{J^F6=wIq$xmdYyUzGeb%$da|?Eu9gH)U{sQ^yh}$$ zY12~WZqt%v!b@@b4O8G!lJO5h1Oy@A(g=^=fc0;nnt-IBZC3+9$0VvfF=~`D97-~N z&ffR_rv8e-peTV1yt9CK41$`TqjwMUit;*YAW%+gfQvSU)Mmw@pz+Y_?Srs){53G4 zQ7gu!pa&f6dB{Aws+vJOVLM?vfqjQ*$y!I}3Fw2jsCa2j9GkrxAHnG1ir@kq_HBM? zUP#8OD$-&JN|GsfCy~)EsS64}A(EvRf8Kdm!qOsZ!# zPRIq4ZXk0U+m^&qw!%~`q<2IYgY0h`-k5zaGPgAE5wj7#i}p`nq3+FfOwplu2Mt{p zpD`QzATkL^$pVEdkVhYq30*$C4*LS!E&dwg7t%}TaG!qeIRPEkOoT?X4x+@ic)NLd zsk>DrEsr&wJz-`^G}Mv82;W{7uXtt-g0hN_{CxBGIg;->zL|VNYb`YWxG@<0E020< zHnEF_u3AUHVn@#YTh^7SiW#6`PKDJ{e#xU;Y(m4P8cLgxcM_Mrt14H$h(g+ziB#BH zhbs@>8nVA-`@2d;LIsMu2pH2FY}MY-~@8ksPiM8|s> ziC?X#4AWIf)PuNtQFK80HW+M-HLvbI2V=QcFIu$Cyp)3=wtY5v$~8Kz%qD0SJAy5m zQrX|m^RhXHf9*vw6xCT#Y0cGbbO&L}HY+Os$c0Rb2iI2DDQPepeia~~4as(*L!>yF z_myqu6sd4I31%OYP-&0~*RLKT;6k8V%vQ9k)5zF|4E4U?sQpY62`>51dP_8!{Ym)z?9XPZ*UfS{;a&vWkt;0|;B|9bn&B!qxiAg(8pqVm-70 zX*+oKO{>Gb$(~Umz-t@EcIr0PjVMMPGFZQtR^XU$T)+7mNa0EmHYk{;d7p|EBN2J^@roB(L@#z-8y-@}27^aYwSyL{1I zzpBKi9u?$qadlrxXC5*?3%BN>sAUAnYI+K~P9^hkjTf0~&jY&j3k?m!y7wq1FWkwA zex1e=iQ&&pr6iHQV^wQnS(sEq8h+RE4+kMt|FKFm^KGeiZmaKs-TugiWu~$7XhDv$g6CQ~9+gzWCH@kLvI3 z`9V;kR>OV@rr34G!HMX>!g z;nF9rAK;YE{Wq$+dSoSc-P5j&6NT4eOyZD}JU92BMhYP+44w|&uA~&Ne%?p7)!C|b zd^Foh&h8l;7%ld@2+zixT(xF%+%J zE!IdS@ajok^Bo7RDhpE*kZJ%Gx+*kdo`BoUI^p+mpprOQjf>su+iSR~OH|L(m*u8~ z+KDYh#2;x4s?a@-iiguef{D6lbSzi&wv^+?U)PRr`zOuNl>;@&Sv7i78H<9G?Fz;3FDCO_O{50%xVL}M%$ddIIX-Uu0e0&=E z>DuFR=9)Ks1$WR@nx!{J10aHGy-v8n4kr=L9$=`Wq-^H>?Z$z&G?ch9wNq5T*?Q&p z4_xn5rj~;z2!bPSN+?tQ5uL{lb)S2Zygcsvg{d^aR<{zUvT=(mL2EzGUlJ6?GQE|k zZfPc;m;-Za%?LmRGjn0+4_mrzCB6)6DqJEV8^WA~^d@FcvM;M0^%vBtID;x9{p0D$ ziNsO>$a;vnT$4W#Y6%wc|Nfbr|EI1;dRDVP)5MrQ`V;R#j~}It;;b0-Ip5pYiar0ZkO}lTwYayxzF>H5un`#nzzF zloEoo;j$J-r^YqKkq4!I>xb`(%~i8Q^NT|*3keqDJGjUOrn?6xNO3b`==_?8dra4Q z;Iz$9f0jWLWYlh@yy(Jkm-oz z_bMqE*y4S)Z;c&P8QTv6-d*p%sVuwcwGoTH~o-yk}O#aq2|0r&ffy4^X(I zB=f*I(A(L?*Zp4xRND$bGMq{h<|enoMI{*v9j)8OI?{e_|FEdq817PMz~G_z4uAL2QEBbZ4SQeI{xcSz+MW zCsI(G{k*1~wyl4+|F3921l3vop=jp<+=R3_|9$8GBF;8U3Td;QJMrAOsj&8`{hhn+ S+;o@lS^W9S{sMqk#QqE28tz{J diff --git a/examples/aws/installation/sonar_single_account_deployment/main.tf b/examples/aws/installation/sonar_single_account_deployment/main.tf index e02655ce1..4274dd9cd 100644 --- a/examples/aws/installation/sonar_single_account_deployment/main.tf +++ b/examples/aws/installation/sonar_single_account_deployment/main.tf @@ -5,7 +5,7 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = var.sonar_version } @@ -33,7 +33,7 @@ locals { module "key_pair_hub" { count = local.should_create_hub_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-hub" private_key_filename = "ssh_keys/dsf_ssh_key-hub-${terraform.workspace}" tags = local.tags @@ -42,7 +42,7 @@ module "key_pair_hub" { module "key_pair_gw" { count = local.should_create_gw_key_pair ? 1 : 0 source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-gw" private_key_filename = "ssh_keys/dsf_ssh_key-gw-${terraform.workspace}" tags = local.tags @@ -72,7 +72,7 @@ data "aws_subnet" "subnet_gw" { ############################## module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) subnet_id = var.subnet_hub_main security_group_ids = var.security_group_ids_hub @@ -103,7 +103,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) subnet_id = var.subnet_hub_dr security_group_ids = var.security_group_ids_hub @@ -138,7 +138,7 @@ module "hub_dr" { module "agentless_gw" { count = var.gw_count source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) subnet_id = var.subnet_gw security_group_ids = var.security_group_ids_gw @@ -172,7 +172,7 @@ module "agentless_gw" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = module.globals.tarball_location.version dsf_main_ip = module.hub_main.private_ip dsf_main_private_ip = module.hub_main.private_ip @@ -199,7 +199,7 @@ locals { module "federation" { count = length(local.hub_gw_combinations) source = "imperva/dsf-federation/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag hub_info = { hub_ip_address = local.hub_gw_combinations[count.index][0].private_ip diff --git a/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_7.zip b/examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_8.zip similarity index 60% rename from examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_7.zip rename to examples/aws/installation/sonar_single_account_deployment/sonar_single_account_deployment_1_7_8.zip index 794d239cc2635e16d1200dd1b9db3823d9d8c15b..06de73617af4a66fe6f17871813f01b6a9629a85 100644 GIT binary patch delta 2309 zcmZ9OXH*kd6NWEuvDD7D^z2AVs7`iYQ1i29aJADS}9` z07{hwf*_q$kO;yeMUl3YV006|b3Ci}ocVL-eP`~R`{S8S!!1L8j1>nbFMxFz&SZY1 z019#LEDwMqXrs<2XoGAAWoKR!kYXqVF+40dJSNkSPe4WJ|DazDbw1&j`2cL3%NzgzCyCkhvx^mR9x2rJ(Xnm{ zQpacURt91P^51mn?&-Q%IGNYfFt<42DIfIiH?qux#J~}GUw(S z4U;))c;RECachS=UxYi-0+&Q7Ga!;Jft_;PPS(3FsgEYWt%VkZ!Y$oki=#5^;%A~!wNjT z?)TD+f&HFR7vkdv9oe-_o4j=9t~%~y^r_5aym#yVQf`XdYf{*47q~`zwjj{${yt2K za8m6~h@$->Qm7{~x1P01_-R^5+|44U=AN{Vm-%L09<^crNRhykE(-+c&BjDk)lj@mh zB)8a|@X}-|F+`i3gIItRd_#5g-M~bKj-lj;x~?Yc1vg4@Xkv)Mo1*q6EBEie5te?Ypl!r3F^ksdQC;d7ZJ3Uw9W)Z)fCJgW!JS{Ab$EgJx;f&d?c5O&!gl zmf^-YpRq~`j~LN@?R)_1WUsC_@#~ij04$Cq@jLZy{GpQ_!uCJ#Vb~bdeAx@nEn-!j)82ns36{$NfF^s04)8+Gd=X6*PlM z`r{`0BnFrFvX+hekg*%cfNq_$bhRz?9`ADqT~9C0ulGApFAr?6kyX+DZe{tjN;qnp zz|b|Yr7Sx(EQ!#Q04Hq1WDp`dN6~lJ1TLlNSisM$?(HuXP$TunLsEG3k)Zv^NG+Km zU(yFl-pR^i9(9qNixuO<;BaVk%yCL#vRw=;WJSVP>K>u5LG^8}l6fQ>ULEWtbuss2 z_(+#t?4q#j%bsyM*27xM))g8 z4DzKrSa9k@G@q03&StSy>T>1Mi8<5f8Kn1SDT+~yzr=-A1@dM)>#X-$ckx#hB-I8^ zuRV3<6XN21Fd|KVq{VILh7__*CXTs+8&9yACQ~0y8W}m~E8&Mk7-{WlpKL)-lfhNG zHFU`kStqE{h)!7RNax7&;QlG^4KMeid>#YL{`KLSBfZZLHC7#eFZqNsMWr>roDp&O zpO7`{(TT#mXS6#gpN5NDAp@tB;`B)FNaCUR#63OA@)MoHS5$~de(J8z=Hwk}xq86X ze(@Tuyk5|MqRS8z?85mK$|A8SlZf0*5>qblA|+6WOP(SAo?Zl>->BPI!@I=G1T!TY zjD(;N_GV~P8#9eS@Be_g@dJ1k$dYtJk>bokJ|Ut0#Gv2mP()ybEKNPkl!wKAAdCAH zcPUBMrKF@O=vV49(}6$IJU@v~$&)k?`VZ%SN~Bp5e&%-%GM9^UDgeMyfH-T(0I)Hm zEZ&}%QZK0p{(ZuqcGd&pq+skfz$~4}FEjoW{piu`QQmTeS#y9HTEFyYhO)e(zYYI? Ox786Dt}+U4FJ%fj#4-6jga%oY&|QN1E;U{IVu}k zo|Iw}njfW#TJ*ifM${R7y-I6=cBT2TbwS&J+v#>CJ~?Je>Un2apyMOcnSD&?-E zakh}^NL-gAyG3g7GpOFD;Sez`9u)o!{TRa?3Q_3Ql?%b!;bFOX2Gl4E$Q{{4gY_{_c^jz#nOBvd~MZTF>V!^7VaG> zG@H5hS?LO)(lV~L@b+NYL2TW)Q2=SXK70(JfbVO7nR<0efV)E>s^^2F=;5FA6}X4fhd_nF^nXp$wQYXROB9d z@gx!HNcpZ3>MYVlr(?VxgK`d&ho4Q;QRrmy(p=*teWFqRewfUi6 znZ)91Qy)i*x01gh=tRL9i@w#UiJ!>s2q^)$lPp;|j9DB%;E{ zCwA}E;wfYXE3BpjtLoiMFKF|N+X7X@gq{d2aV#%Q#k-paWxz0H!ZD5c$Y0|ZPFqXO zvBVArMl2aD7Su%EjF(aa!q$$Ubg8y?x{9C&@{&!6muDTkmx!w4^#t-4J1&mfiH9VL=K4Wq}#ovQqtErc@nfZ7M^QjkPe-vL2yRdPfYgh5MxVR>rw$bOI zZ>W<;#NNz^t6@X$c7aaCsr|r1dzDVdG0q8IUJzAyi-&#Gv}3k!f5^019bv(y=pVDz_s>>3PX#H9jYpTl((yxaB7Kq_e#x z)1T+~h`CRNQOv5WoOo1(xP)|dpcIte>R%8+PfYd1O9M9tbH41Aa3;BklgL}_uLxh; zlQdpG#UVsn7Q|H*Vyiy|H0JsL~#GvWx{% zO$YK1nS%k!M3)p5N}naA!dK~FGcJo-Kb=W}8~^k=Bf85aiz!Tb4vOlAmE6h2^-fhJ zZ^(fj_f@SDHZnd#eo6O{qlErcPk*Muij=!FzouXjR3$4}Remy_fIBAi|zpDaI=!w%LM_N${Uj#z%s=+G`XaW5COgw zHPQXjp$|>S`+3E}7@^zCC|MA;kCHc>nq2Q4O0o5xdw?3qV1E#BE_bUJTF^MhzscBW zJaDM4Cj1Xk3(nRU9bhc5+5G8ThyJO)vDW*QIQm9B@+o5h@LQX&<1G;|O$J>Zd{WGL z>=DSzp%fx+ZMIz+IBAb`WtAo`-f$GDQIaDK0cuY~Y7@_ldq01?ZD6dsTQ}|F z&Y79j1IW)OlH2jl{&M(j21qV80C?z_8$7Z4Qd^w$S`=7ePu z9)@$&Yr}ZLG8b-I&WNX-+M~QSu8to;B;7c$T~J>&sXY8tEvj#I`t{Ui?~CfZ5YO8U zAE&yudmf)H%9zh{)l>blr@BXsT&H1qw`Gi val } usc_access_token = module.hub_main[0].access_tokens.usc.token diff --git a/examples/aws/poc/dsf_deployment/dam.tf b/examples/aws/poc/dsf_deployment/dam.tf index 32c46db70..d63fb27c3 100644 --- a/examples/aws/poc/dsf_deployment/dam.tf +++ b/examples/aws/poc/dsf_deployment/dam.tf @@ -8,7 +8,7 @@ locals { module "mx" { source = "imperva/dsf-mx/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) @@ -67,7 +67,7 @@ module "agent_gw" { module "agent_gw_cluster_setup" { source = "imperva/dsf-agent-gw-cluster-setup/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.create_agent_gw_cluster cluster_name = join("-", [local.deployment_name_salted, "agent", "gw", "cluster"]) diff --git a/examples/aws/poc/dsf_deployment/dra.tf b/examples/aws/poc/dsf_deployment/dra.tf index 4ad67bf59..632ce1509 100644 --- a/examples/aws/poc/dsf_deployment/dra.tf +++ b/examples/aws/poc/dsf_deployment/dra.tf @@ -6,7 +6,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -30,7 +30,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip b/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_7.zip deleted file mode 100644 index f8fef7945e288d137ab52356e7e2d414d735ef94..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12904 zcma)ib9`M}yY-G5voUt#G`7{)wr$(CZQDs>H)w39v8~2VzMl8$^xoU=p0$5#ueJYJ z&)9R#F(1t#D**-$1NiIc;bK$$*Ui6wp#g9Kh7QI$hDNrQHf~l%){Z*#I;=XZv`UK5 z05J7$Uyc4com^o7AmB$}006kpuLos+nM3_`h5DB{`e(13EN}pT5f1?P^e1yRPL8%t zjt(@A#{V*`_P-lGQ`?AGVMFrX=;9Bgw8~pUtwtn4I^WDiJ>S!g_E1I7Q(YF+(y%9C zU;4W1(-r3<-n9FJr)e={pF}m?M!4XSsi4+K@2WQ!Z5}bTjw|UP5;_24_y-L42EHS) zS zbn^7~VdTeXr6AOdIySBpn0_Dy*@zJol6O zsr(sZ30n5WPs-aIT?|-?;Wn5A-z_6PgoG>(o&>k3tX-`Z-dlF(-OADo| z`$UrygV8{qGXe>UwO*KP{j8Ai^ZdAoM>L4d%iW}NAh7pblc1RgOUk&Pq!Rt;&_ z4;C|!2h%emw4W2x4mK2$9n%;VTEv;S3FWnDclI&H-1@l<_=3ZKUlL1pDP&&2D^S{O zF%oT2;RH&s{vM!>$5M0k9$)3^?ZzGEv0$T8^l8F-pyF!&HCEs1=}P#7izUPr@F3Qn z(*QezfU=skr=4-M%E>UCukt0;qQdMBwf)J7uk3X+yBK}J?$A{)O0NWUf%1o+UQ9jm z&%SL;KAF$ac=pzQm6G78KQ_*Je2&xji`GZF#A((mzuZ|n(UC4@++qXs2{f&EydG{& z+@0Q8aO0I<9nY+D^N+(8rt;-XRys3`J6#$T1L`;fS2q?|z4SR(?96c#C^f#z=if~+ z`UwZ~W#8((x*ecv6x)ezeYC+=w*NSKxkfWFbgd_gzbF#z6$X=Ycj)Fq2O>MWoz4V#)4&ycw+-LnRT>1?P=b_p5?2@9PKdhd){DI4BLnMi0AM98!Q z`W-YzQp#NlL|4-v{nn4*CQ^ASWb*t&z|YGzv_aaV6D|nag=IHoP|IlWyv0qW8zf?G zob1CBx2Cz}@WBKtp<`>Rcx^9wOpCoxaRk|L#Uo|vgD9c+iI`No}4kEuxr88R#&rM%a0@I%zCzj{oQklxgv4haW_bat5uv0G~qed{J!zTQ5PWu#XnO^C)zu#5~c6+nClEf?dx=Zbj4f=*%`BH_*%JzpE-yE<3$*xVFFG)22!v5VJXMRO~W+X7CzjK zA@pMC3K{u+^z}N^rsC`R8e$olZ*J8(H{wu0FB~@^j(jdo;{Ul1nY}3~NS4@fI*)Q^ z*SkHPj9MqNhWyJLGHVX+9;GtpJT}|)Xo%HxL(+8o$-cM5eB#RUsYvqemt-=-^)R7D zcj!p*QKvOu-q5Jt6z04IJaYk|{XkA%ku%FaZgiP`g$W)yBG6b0#1G)0u=*n1-=Hna z3}OsyDoe@tt}fC#*{v?Fn8PTgGR5<9>CY7d;JFysVLpDT;-C&3@n9!T*mXSHRi_pP z_7)8j-_X^_?Pjt!xS41QS;$Lv3kJb#C@?l`WyXKi|yyTVlD+7Vl zD!nYBncKU_;T%|kY>gE&w7uH-L)GXDpK{TZ28r=W`>cXmrq}wfm&{Hw^#9!xmet8PuO1IQNcbga@IVM-k`s; zw6%#cz6S&VX#N$tN&duAJ(It}zJraEy@AnxM(98AHA-RnFTQ%-s~`bC6n@!uJo&}f zmB0AfpO4pAM-nQpX>iyT6CclH^&|@tOnv0qL1bpYX$JMC1Td%V-HsKs>5K)F2JsFM zyO&xI(?idS@_d0j-=f7WvJs7$9?Cr<=7D~PIIDKADxWSlMKTW_xU%1Vfj`X;a` z*$BjYDp;jBW;O2;8nBsq=QuXU^3!m+h41OVa1`JwD}b>-4T;iU!G zD#If*f?UuFJZkLZjgb>@;|#JZvz2d)wFNxF1x!vEicyF|@y$TXovyy;azIO6Y@2J< zvAWAY)Qv(@?R7|Ii7T6{dBRHA1a&DsE1P(Xr+p?rCxhdsWUI+g*20JL84zMCekE zm;8Z&Oxm5DGi_U!Rm!8kSb@~>ObLD)4`_;K`jrle zx{rxqg78J)q`?b8YmOkIKHk%a4HsLg)n*(UCUAcDLMSWGq?CMBO zSi4WGY#IJ?9Ry11n)Y%93%Spmpt1eAC5U;Wu2)fNoQXDXN0d6z$*5)N8+ZnWNjwTE z>laGP$r9`aU8sUghY(0^UXqRBAWk3sNh@+V1r%z61AmR|OJ)X3bnMe;;%jACeQ%#E zPf1cE5^M-Db!+(?@Jj5202kF{=2WyUMB&x^S&^_{BWI zix&Dt0;&i5KQTPRPoW@Sx%AdVl5m8JC4Kkg^CZ$H=@Rt8F}cVNCsKXI_jB#o&INci zH26EeC(mo9(<_#mFQftAf2KKn6IjR0CFyfA3MM@CypV(v)Qbd2`?ko>V}oma_s3Q< z5L)YQ)a^+A=1>dIvhH$%+^~4`gZH8%c*B8!CdN#ihJ)wejw0~Oc~`++a(W+FvEBos zSvAqQQ9au*o+u|QZ?!ejD*uYyt6z_}g8rbe z0dWiW5xZn~sws}LgrmU+uk<=IHLYr$?}GDla34CGOzUt;`~aEP_)EMAK~TM1LkzF? z>g*Hbc)N9?J$qg9frN51t1P9h&qt`Edl;$B2L&z_y)j*wN!F=|`gam!olKPKI>g|y=ZoDX;{*gN(< zhUwpd;V4ehw8UYYma%X)@#f_k5bMazSH~xEN+2FPFgY*q8w2fks*7pG&ciS|y5iIi z@&(`8$BL;nT=x+a%^N;5RXmdo^mynOHs(uY(cG*IdUP$wmNZ##8@_ltu=wT9R)JVO zVODvh%$RkEx_BK1b^X53eWR2}TYd!s^;jvqS|^GhO#G4(18Ct>3JK(JeKF4~bxVU-q)BiKj@;kKHpSA=Kg7!~JoOIyvRW9w4r-JmcRtdhyFUuUL z(VM9`g#!#JSS(A;UV?U#bU4 z@7U>DLY3?vPOKOg)d+bV@0ka(#9%J$2*f}fu-iE}3rle`bdt-LI7+-@M(-8W{EM#| z-M}gP3D8^N(23OdQ2SdJaTujaN<3OqLK=miM{OSkj8$7N|RI=}AH$ zjMJR(F!5%b3-1SJJmOXcQWrw#00AwU9JLrE*-%^HmGt0Lp!AUHAYp+0w&U;j1pD%Z zwcm?^CP^|v1K6bx^O_{}X*C^D$Jr%b`&OUrUpJq60+c3J_Tp$+KoAqmhCr+PKPSu< znkQ1xhPrm>bE`~LwVjr*>*4p(VbF{E>4;{LK$7iKZCU4qz;}fP?rlVFl_sm%bm9O*Z==)BRpm)R@fMb-SrX>Q=|uYZW1~CphqL7aKK@7! zI>EXgRve9JHej?=662(dNPZ5L$o8uMP71_*$>;;z#G68Cd_`@5)7W{;?K6Gk8lZsB z4l%7ujH_g%#X6l7q?al6vW2ww>%==oW4wRWIR}pY(Pw=ePn_!w1;haL{tai_J!H}7 z47)w0mjyzihH`I3jy0hiWUfF)+8ci+03K<>j$O`E3;fuV*Yf$iV^=b!WAh9$k@1{+~_VEB4`s_^s~MWZ_b$0xMnc0O!(1ck(9!_Tyd(6IEkE>S5N z^~$WHps5KQ$FSE$_!6lnYBL(wSVi{aQ$VXKz&>N)pn;Nk2YVnP0i$!`CGebk&Ps9@ zy4*vo+^{J*c4Ph8aSIF8!n`k?BYP$F)Jukx)8dZILbsypt-H;%v_Y+HVl0lVhB`ph z^%?;zDhSs4JMnfj>qeFAtFzfhDy`ZiB6V=7F#pRuREKGDp)GK z@;5WSxY1RO!rHs)(3Y|oscJn;8l)n|4TnRH0rK!0Qji!H&>(0;t!mq7CVK`baAliS z0#kwz&By&L`P=@C*?Zx#5oi1oJ;yjU7e4D!tlx4!y1lm zw18dvovp^Evyq`(0hG*4DJZ7w0T;0SI9t*L(|T$_`O}R^3h*Q(R__K zGWJh&pMU&9*&mRilo%CPt!i++uR~dysoOLUF@>KqhqD+(1?B~6X{hKVe@{Lu+B4EH zPC#3t;OXLFI+H8+aVUSn_YPtzl}???=dQfBnI6%TtKIsPDbgMAc}aGwNZaykn1q@Z z8^Ju`v*qU$9Cv3SkdPn>#K2(mvRoWArHLLR=nVQWNvVpE2!{_Gc9p3Yt!)fPQxs3! zRZJg>JNvKta&vj#zU(%brCcoUwY*GJzP@>ws;Y$Nu1UCnANV2S4i%!-v&Ql$Mi&ot z>NyDjF5L1_VT`pf_Mrf7BCRME*`XyM>7WoQYN3zhA%F~oO(1$oDky(k2}mF)DsXa( zGHCF2F$7AUFmmm!uo$;hKeS4jINH)j4vx0{>kNiOU-TA=w0EI~!%MKbI!Pz>YDvq$ z!4{!f)Ab4719C>(pdoWda7J6pd=MW-wzH^sg1N_nkV)4XDTh(QT!T*%pCua+=R}?T z>~lMN!xBQ^l&dVIPPYjMg5T5%H4bd?97Udh_2=`(jw06+5%R~o?&pyeDAB*Iz8&UQcy zic+l$yu)fQ)D?W~6f_Vh3w9#b_r39gKD!*8-s$-@X%FDMiLH&;kj-62M2}S3_yZ1@ zO*Vb{toqQ^_Q%G@ieG%Umz}_*mC;Fgavwe`AyjKBfzZ#+PN-yLp(yU8^H+OvO(7-z zkW=ob2uAzS{25olLMLYY-%>Mx{G2(0EMv9Cya-)C?nBMPQ7sDKbATyf!Qf5S{; zMaaXFFGI-xsw^zg|drJ9rH_s&B(hpI|;+&yv@zf z@ALB-_qLg^BJF^6T=||Tb}BYM$HNs40DwfXLNJ(pehW0g3Qm0rwO#dW+I3+ z3@q;<#vwIB4NKjgT4nZ&>Ii`yqr zq-SP#Dv8VN3lbb|i+kdNKDdikqNzO`=5LDFR#9E|ovbfivGpJ3E8F<$uWGLDt!AWO z`s!;?MJ+{nXtU%%s8BmKew=GWIEJPnfSOg4(K0iQ2(9s(YwT2%kC`!*mY>{vg%T)yzge1{cJN38f9^e? z-74SmYA;_;ekH*@IJTd7DI;KrQXK=07NdT@R5XiW)oaRxDh(-GUMk8rHdhkbdY->r z(zU&5;T!DylELL1vVQP-1U|95n`3h^^DeuGv?cjf_5GB}5-MAxNkBXsencQOOPYZ# zM#WJhQ6e&GdLisl3S=A)#+vwE>fz$V<5#1pY;w3U_q>>{mYrO&EhoCfn9(Y(4TRR3 zJH?ClZKTz5?7a1(93kFn$mcIroFN{kLcuGYLqBCMgqk8%Z!n~)M4h&(lZ)EUm;6qm z5j0sjY}agUavB=j@+3yIWUZ6Rd3WS#bG|LF z`%}j5U}LRk|9=#4XX-1~J1j_ElPX`2o%O(?>&!l(Lv5Z(bmi6r^Gy+2)#uS58F5-~ z`dq*{6$p;hC0P1eFCZ>8vN2*$?BPZmCJ9TLU3m(K_FSPUgj2LA4lxk~jtyt;<<yxBd;_S0ks}rAtX%BVu09=B+ z+WSyx=|Y))rYtV3Xk7T{N-dQr%F^#F{}^0OpD?^V%3vueIm~(mVYp}ptk*|*DZY4n z;7*OZ=0GIHzU@lV;Bw)*Zn=G|Zw-dg7=T>eeQcEGz}Chff|jNzgXOfB!#1I!AcdWP zL9Yuac5fCJ^m7&{sP$*!nFuw(J6}QW@vQioK>VDKm%leh9zM{{ZkJh0GU+}~zhr0Q z=FrwkZXoQ>QSWyIo^^gDs>=k5WkR@7&sn|LjPD3p3>Nz%LeroupwH`p`2{;xCrm#G zVB?SnJ`1{R2Ig86H?cB&A9vde2DqUdWIJ-WluR<$X9en$^?Sven~$>J?}-4RwI?#IHJhBj*g=F#uX&y_~8f0ny48O)DRN`k3 z$Q9BDwO3mDDL5%xRZaiE!)z}5-dbx}x$HKGMl{3JQj#Gf@zcgnt^dn&b28%(bsI$G z((){pF#ZoX>uaIIxQ4IfvC=L4$ z$5ZHY)?f7j*M5Xd%!T!IE|rxR^-$k990#uNi5c(l9gtf)1J~Z3JTg}}c0as&lXrC{ zZdMz$V92e)vY#`=TNKgxVAd1wMMGAhX46NCssSJ)QY(uaWX7U17sVyK52_mMiTYj= z(yDf&GLLyVsBt#ApWUb_3>>lsjgVRdfUX1#&jW+*`j+@hOvqJL_b^VT=7^MTt4-P& z!3}zSD^)Crtl~~MY1hp%Wok7IxeOex%)E>zO%w}OFBErH>XyC}pDfo10AH-QpkfKg zaBj-MCzGYC=uUK)Zr8}mq+z2GzDC`g?f-%%6pj?5+w|Tg-6T;`r{f6 zz-GHR4b2)=r^qePsSFzi6d*Nd<6fYsDI=~)d^nQGiI(CYXFW!c7C@TE$%=H&Iz$lH zRzNJm`Xm{>y?aFcAzxds15%u$MRr_B;P7#OX9hD?n_1)*)DHSReV8B=}FyfcOJSqv5n zq~*2hE)G3?`sBm6Oi=`~9Bze$3bX@hTO`<1#?7-56Io6O!?*F$Y-1J7Kq8$D+{sS# zlA=Y$h^rDLbF!PlKJpeWY8m`n`$W>Ip}h$%+GGst!%++-#;)M!oAoALU5G#JEDVi^yN*6Z?PE`y)6_WxY4l7rouHs zcVE@p86Vo-kuO0#t-x;TCb#i|4GM$__`AAW?}jRPPWC-g-7NK+M;8~wC`ic`>H7$k zv6{ugN%U(4^!v9G7NIJL!NIMst9!*f?2YyaLQxK=;2|*RR-85J?i2GX=YW*f*vD84 z=_y@P=UsmE<3`{L>A-Er7Z$D#II^ADt=}x9x)> zraKv3_f~J;HOm??~J|z>giky(pX;lgM6Bdb7Ca ztnwrkS_h%Zb}S#0gsxGDVtXU%K2D7qesjT-|Sb1uBZTlU@p z7J!+9ef0>e1`qfs(E2iuWRGx46`&vo_9BB%JwwM=<011I0wdmlI)3f~%1$p7b z6x{48&PUmG``Irw1R0uivq$>Tii&f-6t1${Fbu=U;oQBz%*|EDMXX7IVScph>2n%| zWMHEc-^6;po_o&s5Hq{}hef^-*?`zsX!6xGZ}a{$%B9Zui;Y-)y0q%x9FN%pm0|4ZIqS(K-L4UP79sc1~=)AI&%}08q&I1+I(W0byDN2N- zSalj)K2Y~cict$0mg4ri?aN}p&+l1jYi#Y0pv1Ds?22Uv>My-**fd)8^J2 z&_by&6K}D*l+{vjy>OVIMv|A>{JzRN1VpIq+>W6#Ucl7&`_ZXPvgO><+e*_LYr*vz zq8dVglz}7IXKn1Vrn!=oQgnX?Rm?>aR3rg;zGBa~qoFwYnQwFDc&QNQST(I}QTiR_Ql9)U2^;9Yfn za5$-=1flu$>akYoU)bX)fw!+Ds>#fj=C)FD@Mw=%F~Fk+oLwSWSs@htupS!ccF0^7=c+DfwpuYWH6#b(%Mf2NLELHLwKC_(@v}5dsz1p zf6FQ?&JQv>mkuHo#|Q&9<>BS{c|{=0{pP8L>9p0OWoE9tv;;=qvb7-?f@zB$x68!WV1p>ybt?+!qIetEfYg)!!F`ug*BY zv=o^*?4Q$3`4)^HHofIVG$&btG!(4uG2(qfjBs*I&+ar}v%$l=x=8=@`*J7&SPdKe z+6W4V0|0=3S`P9;e1cL!G**WHKP6zN%7)Dj3!L}8P7eVsbSy{9`klNkBHyg`MV{6) zcnC-cK^!$ZvbjXIH}UA(Q(XKRo0vxmUT|k2ypT5`uRJlM@6rpTOYzq$|)ATWZu}$xs) z&fFZB!sASf^I^cWWx04NmYJqz0jnEjdp$qCtx*Ox_DuRgT^f6v!joCRSMRJ-X| z0Id!^^?@1wjk=paI8O}CEAp;)op?9|HMY8Iz!CTphkjFitI`@^DxeLZI7We|5c3=%Ex9XwR0u$VC7zR{^A5p93smqG_qmz zhzKL7z&E5szaY9`v}MK8GMLu8VD>U47(~#B(6msQb)1}8v99%K*weYC45T9fPoQLv zP5J7*yD+b$lnA)6`?R~HT&AXN?LF(Td82qB;U0+z+6&C#H&c>i3ZM}Lr4`w3uoGcj zbk!adx(0-EQmM~2%_$2CFT1jZa?@%vZKyWYZAfrR!`2>0;(<|zLtq87XKx+3! ze~06_cTP%lZ*)qGluTP_TInON{VZ+ar?NDIkfITZNtsZru5oMzCvCBN{zO?!fhmylL^JfSLHNErpyjs#vB2a&hz8_q!cGuuX-GYJH&YEa25HpsLBgOR}5 zTB4p+6P3vi(}Y$QynkJHJ60n+Q}C7brcw@%D`VQs6X^~=f%$B1YZ7Z_oLfff_8MWWdN;icj zl@@Q6nHT)4!cH5o&9aaV_^A{(;PSXoWhY%n5A#91Hf?(?qtB@mn-ksng>paZ8_b#o zj{5n3>w`EN`vd)dNslLfo%nxpUCu`K4rVsi|EXpAL#n70)dSN@ha`CM7*1dkR*cs1 z<1IXpY37U5$-qKD;l_F)%)lrEoy|HAUVSUd#!qxW`{3@9Q_7OvPe&23C6=jjW%m#V z7&52Wd}5K}B^T%oa9_8eh9^V(slEjQ5BHDmHerKa{JYKX?+%JeS+A{OD|kccc|Xx! zX7c5qAVrY-VPqvhK!IR?Qf6cR8slFF65x#Quj?Ol+7SPy)BYbC?Y~U_Nu~X7rhn-H z0EK=se=_}d&Gs*lzuw~i0rI;j^6wx*5P$gp{~?k5XQTLC&-QnK6UaXR{7-e;KZE*R z8ufQ5*k2R&zs`l>zYC@Q8Nlz7jK2fi{8D56uK@ok(D-Kvzi;#Z9RU>S4+y_+`u~FY z2ebZrZ}RUj4LE;*`L9mpKO4#KHR9hPVhH~L@!u-Oe>Rlg3x&VqToL~P=YKC7{@Jj8 zPsIKX2lDw3aDPk7{u##a9`o-Q9aMk7_|1R*>BT|(>P7c4*dKMSq2 A4gdfE diff --git a/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_8.zip b/examples/aws/poc/dsf_deployment/dsf_deployment_1_7_8.zip new file mode 100644 index 0000000000000000000000000000000000000000..fb1eb1a78b37ff1b64ab5bd0b69b82c62796354a GIT binary patch literal 12905 zcma)?Wmp_*v#tjVE+M!K4#C|Wg1fuB!{F{7+}#Oo!QI{6-GU}aa5!08&RO}+&i+=< z)zdvcy6&0j>Z*FH9(gGUNI1Y>+lvN=`hT4K*Bd$j4`A$Qs%LCsZ*AvpV`A&1$Ee4y z$3d^63=4p;{ZV7`*Y4~F4*-Mw1_1y-`u@65{+BtlUq_h#Fvs}heUk+V05IbN00e(B zXXor>@9gAA=VbaHhHZWs{cHah!{-`Xk!u_%K3iQvLDV*R8)#L?WGENgxo8&$y3wBM z72{(84=e?>CI(l%x#$bXsdYR_N1tH> zp+=VBc((|hNG*D%F^ZUozS+n@TE*jt+R?GI&nhHR`;fjfy#?d1b1V{P&TH8bD<3Zj zXlOm3Ldx1Qj>n*EgMyiaRcnd@a>t4rbf0mPMzDB$4iNinQ$pY$qJVl;*5F!k?xY!@ zP|@H`WfgfJHO~~!nLqEtf_$}<+W;S22`E~J9> z=Rl8>)$nS<<$FO#f7)OYblLXcjPwys;tw?pW$uL0^6`-qY=C6qMUrO2y29tAhQ|GRy& zn=F$xnRf**MEE!pv3a0Q50=N&4E+=d#WwgH7>TM*URvujF!Lh7Rpa55;VLf4zuF5$ zv7VA}A3*}On6*kiDOyTOvdnUIH54Kb-=vx`v25V^CYO0d!wA!1ZfMfj6iRn+46ZFP z3H?!oQzI>mp^ktqCkC^gGG`PT9DB1c+4e~(;rqo&5ubQ4hqs5>SF(V#)n1gkQZPj1 zz(fwN>{|_#eSdhYAU-Uw$glx!EC={7Xih9scvvwP(ni#mqW!st7)#ryR^T(P(A}3< ziXS4D1^mJ#O;)4PR^`s%M4NAcy7+9>S8wr^Za(h3;hu|jYDEN-K7-{~3oo&THjh`L zr#x(-Zh(7CX<*1tj;GIe?Dg3tFPO{i#dv`dn1vqIpftuq7pQpPO~ zFrP@FFJ7|4tk=@&nd(FWT zSBYAyPci@JG_${Gh+y`u!HfG5hE}nI_|6AA997VVu^$_Blf%~r@`Oub(ca;3IX{ox zT^YcHa-!{Y{j3^iI+Dpi3B(G=n zMu^QXsO6yOLEX@qQUq^_AC0xXI^P=YLtJOp20(YaY9a2gw|ZDKS9TRrnWxL@ z7XmiG*AD}!VW`AfXB-Bq(_ik2xe}>0W7qPtagR866bHtOG0DOOo;^h{9zbELraDfe zwm3y0o`vHFPxVC10w@4atDWirJ_g9;L=k262a42FQG-|_T+|}X)QK>}m=ycVi5NoJ z)9#UUQ3;_N9@+J7E}i*+70-2_=h#Y(17)M_UV5O5`$nRuRMqJdzKYV>g&MzVInr=l z(70ypF%G@If<;=D<#(}KmHT$0`C<{9(&5kcV&6-$qMC=Em0mfGE>quwi6=orfcrz$ zQs^&1HqO@$<*}_8BB6A8Yem!hE^R@e>szsP%$UPDp za46W?U;a9fkMCS(5~iqKaNLy=AJ1a*QywgY_M2NfiN&d=32Zhspd-Z~E!Oy`U70r; z%qLLh&UtghC%H1x>lylDhaNAfdIVvnOn?33+lN>9be&s8mB6_fVwjL|a=g*XVTlou zEn<6egAmvk1shgp+>R~MeR7f}OY)v&5|3SJ*r!UL5?{D`@Ju{PKe5ONlzA4PgGtL_tSnzRGApz~lmj5+3ate?WPPwmoneu|p_)zmFcl#tB`Hi~-gZif^hQdRV;t-jt*7Ry=pDLHnPQ`kkXV_Foq zRV*6WeY|I)NVu{T$18mq*S%r#QjO%{fU{ej)ZKJEWawq{FlNeMarf5ozg~eoagi~>fZ0{6h@BLOLPo{hsGEKPsz<5 z^>rKB6!mF?h^!>K=Ba=8kGeX-r^H{r(Si8CMKJ@Le-p(jRmXmL1xou9HRNqPpfR2W z3Vp3w_?6IBlY{N%Kl4WCo^L zJSsW60JZhh7o2*1n1W2lP-tF$vaOL|ZePPG8%hKvR9d2=0IlpFtW4GzIA_tM*Q)S_ zKE7FA(&Q#&I8YLrwu(8B6*vijuIkCGspwtr@7bu?**_h&>-Y<5SeV(TybJ^9_Oz@uZ;b(?EeX^;x-j-E2&a)Vbz)41-lj7DW#AV1Y~o zrM(fVm-;0`YbGal=9E!?VVH!iA zSnCEOTK%nh+-SXz3~{a7FBeJ7tLJKcH{B7tj)b&(d;n323 z-w9^5#n#769pbrTT`+vKHwc@98w(yG0+S9yLk2o2bwK@VfUF8wNY3;K?3G`%9a*yc`WK%+LW(DR1 z1i%Z6m%u|EcF7hzjj?O8@{Q%VQH5|#F%y}ei!4>t=2Jqk2xUjrtQbTE%ftugl=G*9J-+7f%y-w`mCLRn8LZ#So= zoY;Tf5b-P}zZ+{U2)})BEIJo|E!h0|(kkvOC-el)MI!^|QTjPv>C3ke?6HY~_;rVd z-e=eYY`6|zlb!9jBZ~a}beCtp`m(PT(;hO6^0EEc)of2dO7`04QIE{Njc7sFJw7W= zuAS#kj8FcEWoDS`!|*?qGw|1P;GxUGnoky{+p=2A%S`r$XX z#48;Yh~IQf=aOl89HFULHPO-+UOwz?^D@qA&J@XFKA!J&=vkF0tu+9dd^$NZ1g5_& z`muR`UhI(i#-dx;#&^@J_xpoh<@4y?@+%Q&{#vNv{V5UH7+Bc;nE8^i=_yY;MA1RdN_0=A;TfQslaNH%AX61d9%1jZ+^Hp%XX#x z(H5tE^Fj(gxNsSQ@5z-T`vcFNUzy*E7R(L^iHBHXrHpbTYSNrN5M$l@ngkw7k{Qr@ z-sim=mpFG?q*zY_B=d1uE8IxaMUTJX=&2*ln}hGHc9z(7te6;5MEF~0Kz`m{TFkSD z9D4r9n%pv8GtzlRg4(mHl*RAqu?rvrej;zFORp*dbwZ{{Db*djtV2!LlJq-aDXm6~ zPuNT~V>*O6z9d~=4op;b#-{|(J9cQQY^jz%?t23Fj2sADM|^kW%F0$d z<=-Px5#Oh0m(enb`q0@{&3GZL=!Oh00hc`TsZ~R`tes_l{-(5E~cmM#F4getflRLN=fGi9Qt^aLJu%PK_wmJ%K8dYX@=kY+%R<7Q^6G10NIS3M~_9 z=)>IF4SCfjD_hULa2gQyGGH=_`|F8kkwH@&((Ksgg(7x^1?}-BcYBNohs`m38nkpK zBCqH$hDFF!CMWh&74gR~Zgn;wQH+&}d!+j=UtCL6)f|b1Ek^7V9w?k6X-}`*H1w7Y zpu%)h+*L^%$&>^ZSO=_hsxJVe(a}B)+^h(0TkK=Jtv4^9GUiXtQlPIan`C>W^mf-kQlb%!c@Y$_p-B(6^61 zRGt@!N$Sgdl({xUa^CX-QXT9-9%zAH7#E7M!}0v7DM_-;4h85`O?Mc;{`T_hHLC zCCZE&lVi6wubp0gio0DS zK|}?^+xC&}Mze2~NEPo+1Ybt7mP(L;mm4GVWofB3KA!4jY3Xn@vHd!;o2-PV!7qEY z5R4mJ*D9?2Sryh?8Y5F>fJKK=#JuHr%r!_EaYGIk!v-Dy;+AI$<{f`L@ETPHFn z3e|o%%u>7^$e6nmEgf|s{9@n~$KlG%bspGS8CPvcVE{C;(WB=zgH0GYeZAkn)sGf- zX!~iewe4bJtWW?WH(LUZC4a;NY&*%8Hp8-=UQ{Kx5sTr%zG65O`ibq;JCRHd7i|w^ z&Ed7}Fh1-#8gC&^(9EratBZd)Ye_kMC0C?P^IOnP~k< z#%?~%ITff_mqq2wHqbD1WfOQrpzq&$QsfJIXiPz9+C>y#JBRLP!j*A& zs{ge7i*h(9LoGEXsa{#{c2|eGGF!K88ETF=Z;4wqS^K~qHB=iYpDUnT`&gZSTvzr+;P^jG@$Q0`i{J0{&Q>1HsK0-!IkAq~H z@X`8X3a*EX2v}$^6>?ArMrkfCy2@ma32X*qxU@`pXr$viE{BTL%a&HAZ_`wdyp=5P ziaQ3b`g3#nUj_E-EmAI551OARD_&kb&DGT+ayO)0A&>l#@rDc0zOu*iDMuF%cNjPe z11{b3(cnyVFb`n>?qV&dR@q@+z|z5?)HK2#C_@1mNZUY+lvHq`xG!Kq;Ap_99qQnr z+oez#MdHsJuZ6{UErwy0s-)4@z6uERZ8fu)QvK08sIoqVT8_^lnwn%CwCi7*2ak4$ zH5#u^@$cVf#0?pMW!=FfSH*vBZk%Obu z>wM|jDpwT59bi``3 z>o;UKgslRdn4TyL`0cJbL&&OPkn`o1M=A_o4i8qMntqV_<}+}KvX$m=Xxf9qxGs!Sa{5F_DtuPat;tywF6VWAmYy%# zxo{8Zy@8a;!WkkgBa4!9Lx%af#^?78I~^*OH>hNIDuYE?xbefV`@;wRY~+m0qEm6B ze6EBHf*`DfJZs-NIFnMNd6zHrno6hn88eF_-*-(B#HRIjaQn#(eGqbR5Lam{+-n`7 zza1J=;k51O?D_jn%rZ#el0&Rccgdn<1rCL~NlP-jyL-|UhCD*&=f%?n+2ODd#To~d z^^oF{TcCxf?oO|>`bYJLP({xThvYzBpy=r{%4e;k5)6l1wC83EiQyRPpqoEOK)vrM z6*eSc)gg?nlAU)__`rnnQD1?Nq1S#N3oi^dv&dUM?-^+!{DXv+2D{Um=vll?_L^#F z_ssy_k7NbO zJ&w9^Fqm`&GBizv@uN+ZH+GZ3&7_W6{xvJ^hPa51`}H!2J1*mbMbDA+&`wu(0&$cl zRu3AfAK8~=xV%<(qy_y5mn|gI2e_=A$~ZPrU3VSq&t0)!-z`+M3Vyw+zPhuSm3{92 zT8$=dEzU=ur2s~Q)}gh0p%v*AmWBjwQAI(|$}%dlA!MnwS6)iNaGG>MKBit6NhVbH z__fGiH>4jY)gZ7wa!wyJVdvN(dM#s07;lj6@mAM&5&os!V-Xr>* zvK{ZXvd!cdGQ6V`(ByL|5mS`@H{Dn##2|*8uu2m z@mY%da&K1<;YyuK#Ooz!s`Vsb>_)h8Xp-hK?9ezxZG|PaV~XAln{ z2-U_m^a&SgG7>80S+DkFa!Jw*L+(;9;f2%@;~ys2Y~;oJ)DPfwrz|lVjIcg4u3axU zx~6w?=8RxwGBZAD>sWg@bALAZ)LmH7W2Bt0UteDU#-c@moGdF=L=7K$$_o zuLvr2Xp!X$wB^mH3*r!%^?yaWI}g+ER9TjY_ntwT0iB?U>}_OnOfJWpb)2N0H8-_$ zZmcIVk_cw4bUOvey1J7x;P`)Lj=NmJUpm!7X@!^r6F(EFs+||y<$LCRCL!eiFaQU( zc_;*13{^k(4sr~H|8eB0HF~K94OUGoy+%Fu!c6v6!h{LdmS`Z7$xYjsig&Pvxj=wb zDR`UtD`G6%xUBT2v5)d2;ZJE=rRMtrW@J6wl=X;^-uQB2X40p^=}#B)B@0Z1bgHWq z7OZfOP>P9>0TM-mV&tv*5~Su1Fu$)>4HI{MSAgP94$TY1y6@C5P7 z#neP4WO2gDl##?VrNrK7;TNzL9Yry_;>_fZ%@McCy5pc0F%xZVsgHr5(Y0br9vc^7 zJ3y65vl80%5d#go&qHB>X&*v9mEI6?@WKfAv&>Mg2a{#iNvC(tsc@V-x7(I30(MPj z=Bkj`XlSKmmrfTIHQ0Q#YoxztDhwK>anLQ0x1xG`(;VbYBtFVF#K^0vpT3CetA->Z zdfy%hu=|vawMHUj4*0>t`?;X_dsNTC=>f|WE$fgtec@W>(+r2WTDH-TI6svIf!+y5 z_CxNM)$N35=V|H~efPGU&wX_?T2XJfj;0nZw6K?B&q?0i0{% zZG#$&z}DXOexNw1Et}h-p%E~6ZB7lgQi_i-=GHr38yh!>>tx)vs+uX25rj0svdAzhL*cx5n^7{y1{q~tNeimL-4VK8dQSmdPQb5tj z7uKX@1GG&%VPiV7%TfHQYawXj^xe|ObkRnoV(nh#Y^{D7kj1~;Dh%*jbweQ(mSsCu zfz77P(ll7?GCyfkQq01@!`H|Cwl=YYzJGb@qm4)YWToC&8>!vJ*{x^9lL(6`hl$Xn z`)2)mcYU?)J?{j|>^c9qe#UR7?LGZHlVN=SqULg7|H*e(7#TN;2LlJl!3)Vb`Wchw z@+9`lm^OVug+W#P$U8A2^A3(pvbqXjYYM__3Lkz(P`ceber5<^89NvDIoAw+VtX-A zl9?|RZ(w9j3*l2ouN!irlYL%#WXSaO#843B9{YO>^QYK_q%FPpVQq>h5EAIpFNQ$5J(I0eM}giR2<=sapXnI_PN%ug@nzN zu(9uKTb$k=UV`sw#(u+cYe}=?z>eOr)@n6b7&FfDQQP2Hcb7Fc4J~twnkb$ ztQ}@IG-S#7;msL`C(GwqT%krinYB%bv2518CO4Jq0yq3zuE0A{#Q-DL*~yvhNh>Q= zU5araM>H>cED^3`@2;6GaB}cbCO2*@%Uzd-etkNH-rUp&@$OrPO%D&9h3p===Tmq83#vlqAzy+?PS;C=Ol*yc^S!$t8(Vkk!^b)`p4FSDt}!vw zgY3SSYtNwtRXE)t*zmvpvPb0KQ(I0#`wsN4QEI}kQ7ZADQk$)bldB!b%EH#{-{iL} zm9gjy2DFVMYHgNC)pQ1lB3sdjM7n!66Zek@V+Zjr3+KnBvKLiet?sxhy~ss2 z!DzCb%EqN(tCgZSUP;=Kd*$s9NSl%|zNq`Od`B1(-weaSi-C{15MALfeQSmYL`%o0 z*{nHB_z=ShWCxOs#iZeD5n(&ftT3ATfl~+LSX7rd1{l>gg1fsAH^se5p2J2Tc(Sej zp!n%^8?DElfgy|vNftGtel9Z^=(5|)_+2am1W(as6ZaD_&hDOH(0U>YT@&go#wq6_ z0TFn(O3g0&VlU?%Q+f`rC^*u$krIhOp2DOn;Y}w@M)ZkRd}zh_3G|JMvT$-5VQwAw zgZw6FPN147Lz`jln_;xF^1L6FoBS>u)5!Y>-d7Z1)Wkdu)$ey zax>q+Bd0Ia!eQWkNpMs?Fg6yJay`w*a^ReLr6c}wE7p)9ttzC)qFZFmQ!Azi9!U<1 zYBkI7Lw!DK`)JIYBuKtrV$0DE`u(l}Cl&`GEK-}1oOpoj=7oe&AT7^h@%WbTTSoh8 z(?HsqH!i+|wC6K;acPh#qGw3;GnT^5#-#$r*9Mx>y$ctT2v`EIeh0@&i|pDjL`(nD z{>A}+6sY*+V&bp>0Og-t>_6t9zuKLS|8N$%pekecff1$SNKJibR&t~m9U4V(ESN-G zAV$T+{d{E5X-Su7GZE&Xi}@?=rEMnwR{0Z>%8C2+?dIpKSu2(Nd%pL*`%Jc$0xdU! zW#HO0U<&JD@r)Y2#E}%G-h27Y=xV!_>gBO{mFbEir&&B74x^fVQ>`fyMl*^b84=%^ zH1t#-)XPM7!s0-hWUQ8j)TqJ-j=7)TuJ1cuf~o`jYvkpc)twma1sM-*5PGF4hjG9a zVe$64Jd--IBQOKXz&{fUz`_ZBQbDPq&iQI_nO}!Q-%2ir$^T()>hhvLbYkPn-JF!= zL;7kIkR$&2nw&i5?FrMpo=py9il+3dIATZu=VC*}cvIzQtR4aL7`GOI!+>N?~+ z$J89IeZE*wR3BopM5k}P87Sfur?7VwmpGC_cEqv#Irc1}o9O%T4+f^H*+Bi)tc>lIz3 zs(QC|(H}z7bFXh9W$xgO;$n-^+XI>Tk&sBs{acJseK15WyY*S!T_f2R{c#ptU9IUE z7EjdB6nx*ydSq~vu(omJ5 z*cs}O$&?7DL*3pD6hjuAJI>J2DtN=-N_!s~kViAQ76(D9sY6qIbuETmpK*k1E->>v zykL+IESNBFdhLvAO0b5lFE~G7#w9?GbaqS6?l9u8!^gk6Oegp~;(h_xj2Qiz1VtbK z0Kh*z4vHdzpJYVnY>fXm#a@Tnmfap3g3p~^4-q|VELZd9PepxX!8zT_Je?WHP_R&< zI9ks4mQvY1q+_p-aq;II5}qmeAsvN?B0j|YiloebE6+gFe7f6C)KUNYNEK(w_-cOd z7t)QusqWfag1#unhK@98;|AGt(TMmp<&zQ3)~G4+HCU=04chT!nPytuBB^s1UM?)r z36`aWaA4Z1LOc!IY-5wK&5bI^z+Z4@jERFYlW|C&4rEuj*2g>cd0ea;x%2XSbZ&%g zj6tiY24zLC+;}+t+8X0{am;%PBh_veSCEu?jHbkwDCN`lC+*T1ZMuct!KH==n zdPPa}4`v8KUsWzCg=_g4!da>UhYTJWmKG+riJLPg(X|;3e>T68f$|N&7bM+dSGIoV zA<8c;BL*qzG2q^`SCCXzF9cuv7g~D!L zs=6&RlUSMdKE)8>*x{8%Es8#WD|&A%i#g-U=#QU}G<1V{RhCd#r7kGwAdlJe zqY}|YAhd-MU!;;BT24v5J%OLjQS3GQhC2v!Zr^}=E`@|$1ulKX0i9N0G#WHlOVYD$ zrZ)ACay(0>N`GPM`^mct!#cx!nv+F^rY{k<4)TTl?FFXla){T9YLQhzGZ0Oy<@#Y5 zQj18%CbEW~+^$qYG&yEr_r2`%h^#`VKpmca7f}Z5INp8RxpiuU$kr7>k*;3ZD=sDxAY8cHdJcZf zW}jx4d04(d9i<(*hDyiP84$@dE09~`tMqsVtKarvT`xYJ^4?eWhDPH39+zFRsbpI{ z__j~CCSvcnnh7aehBHK15O!;>GN@wZq7As)=%>)7(&MkQ z@Lj;jocrkkW@@qs8%dCL& z>EL2u;nrp$+~61!gWV<{{?``Nt?w9swxRtM=adzP?@nS6D{Rwcsve<^a1_q5`J`gS zE3U9xkbdsL^^eAc)BTG?o*o}O?81ko@+jp#aVW|2qCbs15a>LhXOiQvavvKgqQJ)ATPv0HDxc?oX!w zF53PD`5y$^{|fnC75R6F2-F|G|9@*F{~6$SLEGN}r_g@@{QvT{e}?*98})Y-{I47K zKi&)D|58f*Gr;efjK2eJe#x=^N5KD8X#6w6?_>VI6ChCjK=^&=|IaYL_a^_2X~6vh z=Kpmn{~6-i{DJXX{QMII>Q^@!06_TlYW-D8rqTZO>Hh$KLj3Fi literal 0 HcmV?d00001 diff --git a/examples/aws/poc/dsf_deployment/main.tf b/examples/aws/poc/dsf_deployment/main.tf index 1a7cb3311..35df6bf31 100644 --- a/examples/aws/poc/dsf_deployment/main.tf +++ b/examples/aws/poc/dsf_deployment/main.tf @@ -8,7 +8,7 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = var.sonar_version dra_version = var.dra_version @@ -16,7 +16,7 @@ module "globals" { module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" diff --git a/examples/aws/poc/dsf_deployment/sonar.tf b/examples/aws/poc/dsf_deployment/sonar.tf index 549860991..e481cda38 100644 --- a/examples/aws/poc/dsf_deployment/sonar.tf +++ b/examples/aws/poc/dsf_deployment/sonar.tf @@ -10,7 +10,7 @@ locals { module "hub_main" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_sonar ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "main"]) @@ -53,7 +53,7 @@ module "hub_main" { module "hub_dr" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_sonar && var.hub_hadr ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "hub", "DR"]) @@ -86,7 +86,7 @@ module "hub_dr" { module "hub_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = length(module.hub_dr) > 0 ? 1 : 0 sonar_version = module.globals.tarball_location.version @@ -104,7 +104,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "main"]) @@ -135,7 +135,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -169,7 +169,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = length(module.agentless_gw_dr) sonar_version = module.globals.tarball_location.version @@ -213,7 +213,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/examples/aws/poc/sonar_basic_deployment/main.tf b/examples/aws/poc/sonar_basic_deployment/main.tf index 0809c8d65..5c06e97f3 100644 --- a/examples/aws/poc/sonar_basic_deployment/main.tf +++ b/examples/aws/poc/sonar_basic_deployment/main.tf @@ -8,14 +8,14 @@ provider "aws" { module "globals" { source = "imperva/dsf-globals/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag sonar_version = var.sonar_version } module "key_pair" { source = "imperva/dsf-globals/aws//modules/key_pair" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag key_name_prefix = "imperva-dsf-" private_key_filename = "ssh_keys/dsf_ssh_key-${terraform.workspace}" @@ -79,7 +79,7 @@ data "aws_subnet" "gw" { module "hub" { source = "imperva/dsf-hub/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag friendly_name = join("-", [local.deployment_name_salted, "hub"]) instance_type = var.hub_instance_type @@ -106,7 +106,7 @@ module "hub" { module "agentless_gw" { source = "imperva/dsf-agentless-gw/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.gw_count friendly_name = join("-", [local.deployment_name_salted, "gw", count.index]) @@ -136,7 +136,7 @@ module "agentless_gw" { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag for_each = { for idx, val in module.agentless_gw : idx => val } hub_info = { @@ -164,7 +164,7 @@ module "federation" { module "rds_mysql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mysql-db" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = contains(var.db_types_to_onboard, "RDS MySQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -174,7 +174,7 @@ module "rds_mysql" { module "rds_mssql" { source = "imperva/dsf-poc-db-onboarder/aws//modules/rds-mssql-db" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = contains(var.db_types_to_onboard, "RDS MsSQL") ? 1 : 0 rds_subnet_ids = local.db_subnet_ids @@ -189,7 +189,7 @@ module "rds_mssql" { module "db_onboarding" { source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } usc_access_token = module.hub.access_tokens.usc.token diff --git a/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_7.zip b/examples/aws/poc/sonar_basic_deployment/sonar_basic_deployment_1_7_7.zip deleted file mode 100644 index 20ca99dc8a9f0ac0287d9b6aa49de4ddd7654908..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6063 zcma)A2UJr_yA2>MR3%8Sf*?pox`>nj5_<1a1ql%8y|*AmI)o-5NDERz6ObmoD?LDh zD7`7t1o7eh-+N2fd-r&hcT3fk0+F07!!Jw|b&UP*ymO_@|mf`~Xdc*)clQ-3NKf9+72>|EH1|9%#CHOLc z)@4}Gw<;QCWoS5FU^r-wVghy7mw#{WM+S{mjly%1#|<~wgx z&&n=#Qhu+1C|$k)^zB{7yXY07CscPHiOtN_v4-A>*csgb5? zNcB(#@%dnx5i5WqPOiz))p0^16Uty}Y10<=W`1D#?1ZEOL!9Wj=(oV*`nK#vmbmuY z;`dUQ%J=4_&eT<8vjyK|`KZ$p)9zA)TOKgoDid5}Y_$r#aPX|42e&V~+-c)Ii_yQs za^}VZ(GG?W+ug}v?;Dso7U!hf4O}a5XziCGd8tit-oi}k(ZN)rxjd~uNg=84${j2y zmT5*RS-=@;O`F0Y+-bwU%At)r$jUupA2!UodhI!}On51%n1-$m9#L_tdmzG0Q4xB| zsHQ!AydNyZb0eG|gVLg)<7v0$U3(y%3)zR^ghIbZ$LAyvT z2_C1$c|nlDEQg_iM9ngV&e}zdldV(t*9>! zFH8!m;z|}{z2_gDbI^4-OG5miM;JPP>kl`p!fsFUdmSZmKs9K+^;8&!@b56#tFGj5 zS64U2%%X@cFi*nkg$tXy50PW~CidcX})kIgm(mN7K$M76hzn3}wafEyX%>O3vdk#b8sLKC5ad&fL9H1RK* z_mjEI$%{GAZYGXzt|z_?^z-D^i{>&g*~S85PwKfP2U$lm{mn#t1m=T`+k$G%oEi-L zvUk&h1gVEkMVRqS$moKqRLk59N}AwrV3;`fkd%huFdB`(b)1pLf?Xpn3njDEt9iK}WN;SJ^-<>dTmYri z%JkDf*LSuGnd`*(b;F0}M_(g2wBptCV!FDEfVoNNZDngKWG-SUuspyk>MVQgtM}}^ zz+oe&PCIR}oq&%c&$*a}_U+u8rHAp^LTBto%kJu};0Z0Q?+``aRPqpKnv{4DVT)VB z)~Sx+FS%wlDFD9fCV$%@Kqh+_6?!+M5Wi82J#%f?Bpve}SoH9=)X*dM{BEtY&M*7e z>nKOzDBbk61=`0`cp3J9$AsMCeVsfdDs>W!?EtI2vy%CN7b#5_sjJD0!)vc3WbD31 zhj$B&xm58_<U-Irt8?b2msU|-hWkFHZ?joZzn>P08Ql$#z`&eo)7Qx+&bd8G}ocPgb zTomXg)P@sQiJeh77COOm)7FE`GS?DyGx2uYpr9A>*Uvu_Jw<7dA7Bq+Y?Eu&9{bCy znJvA4>n{8W@+`hcBA_2ls6UfI4}Dp*;~EDTe_MrB)_+RyMz4V@Z6m-~o@$zQ(agEA z9;9Bmt|16R_{sQ)zjjTf#xIP+`{#t3!pU=T~14*L6*~7iPColoT!ubpzm@Q5&q})PgNLr3 zfrWfG5oXR`)=vd)W~>hg;zKttWXdFiRI|@`%w6(sKFJXQLpj!Fzu`Hk#Gd4RwmGO% z*#Y|r6fG0GS%9mN3akv>q=@^pEjSo|l3GI7_X(}qPQV5!2f-DJg3ge==a8YL3tFJ* zgwBb}}7h&DX@-`Hk;YbK<#*d)*XU^8(QTSG~9?lb|1aN4}9Y>;SEFpwOQ| z`tp0kwL86U!oU?qO3oGMguknt|J)H?(xu8xUT)rQ{YmA#tlS)}tf6*)+N(_&nO{mB zC~)jm)BBKKX6T$ocF+}-P?Yh^L#L!ErQ`7{xO@|0hH#L|V8YC5`<_Lz8+6Vkxt_M+ zge_ggJkNi3Cg~A`L~Kw}kxsz9p1TPJx5ZDy9x#WPr!sb7glH=wbFe#ciN4*)DL}3N~7S7qxA*waq2_7IC~E zh;x$qAlrH`mXM;6@`5>$DOsIJtdr+!pHcdn5NSoN9)gIXf*^BMIi#1M! zNQV)3mikMfW>K5w{>+1zlaRE2pS55)Z`7SsJiZsg7B^}X7G$0liOKlDqI1J#T|8gH zkZBq~7t-u~#85pUk#SE!$Fr^&|LO6*vP?+x&5tu%ow>s)diw8No>o-GUY%ih!UT=_ zibSiyn1x z>O%{qDEgXaZQPn`1^MlC^dG9TLBg{#R?{l@+4yFXKcP(YbY94IAk~9&;%BBxcivPl za1VmMFu8W+ByzLF$y=H-o4o;ucGYijSd;1)e?>Piyv3%d`UtBkl{6}G()2dSu9VL=l7A|GkH zwO4GlxVQ0V!AYo8T$tDHhodjsU(I1{bcDtCtcV~Q)WLW9tSwx5$B*&K>-`hI z602{9(<4N?C1laZv!=94V?xHN-=YtbJ1bh0P@NA$@@YjpNfFZ8K3oltOXOXTa#*zn zua}Lhq;xyfLHHRQL@=$!c@g(hQz0v<-~`++y->99j7B=R<1W+;LwpqQ*ybfm^R443 zVV!;cVVd-l8g zp+ok=62ZP$fku=#F4bt|kd?TYAr*!ci2;bOV{peZJ~*$R`?1&R+x9&N2N$|I`3?vn z!2@oX#{e8yIi|8wz>b$9OI_gA-uzH$aDJ{-&j1Gxuc*TJd;6+A8zcu{ahvkKecm(EUbS+|B7%Wx|-&bxedm|*2~rOSZrJ2>QkNYy=P%8 zE)guseDD#bK(Ez}$lek8&J2@&wN6)i9KNK7PJte->S}$8;{_#$b4({?cp|~>BePcn z!dBK$qP?!`cBobFh`AVlH-4_t_>5!pKBLk)TTRrlpr>oP)c9UUidX?D=VUxT+H%c# zT`fsVH&#l%`aU5JQ{_46qJi5XwsmVz_!IHeMj)ah==O(-9LL812F@dQKR~^mYhshx zRq#lb>DJ_xx@}ApiY>WF9idglN!JMZXzA#bC76Hh#>M;*J8p$i4v{|MP+xkg90Acr zLuLKjl&mLlMb--#X6$)h0k;LNtI{vWI>tfYDld|Ai2;lDq}%gl0^Rn9$M&*k8M`&y z$jQ%IGB@_v?O?E`tbV7BgM88{aKiUjc;Y7(q1`2_6GCu(c=C;&P4O-NjV$k%3O;qT z7Z>Phnm(G*%k%sNd5|F!_xj(1mN0m%=4TC!Esl0Bi@F9-AbH16J% zFxE`slU*s5yOCM@4rQ=--?2gQs=3!=wID{b-MkWstLKyzcND7=1|mh^lASf@X|Pj* z08~nd1ZiSB&hMJni4b{)xpXHI@d1FFf6_c1rTdENO8m~Y|Kxte>zQk!1^*H}UWx*p zEr1P6c`wKFaP@gY1_uFZ9*u2|X-4T;jh1aVOYL{bpncL!veP*|2@g$9RC*l zH4|+-<;hsm)z^F4Rst>_3uM(HQA;U<$}7> z)De}}NV^&l+0^QpBkjb>+vT(vPOl`6_fsrSWTz5})+txlxUe{7)-WShx&dUQ?&b-i zp*q(|_sI=(!YS>n971tI>DG1|LqDpvONvA)Uul9rG%LW2^F$$coW~E0o!y7^#>(BdYDQ=0yIVMBvMes0husRu%I}UoIzKpDmkjOhbsS@- zQL>3rH2l&c*g;g~z$3{WXY}Mb85O_ZvScxW{-)klomFMo>3n9YKvitv$0$6Y+|?K4 zM$8LTy@+>@e^5R|Mw=H=Gfm1pt9$O}Q-hS}h_>l0Eeh!whxkMnlWi{ZijWy-KCh91 znP}gTrx8-is6sZIOSMg!lRV*uI_1GzBRy}`UPIR$6Myh$fmm>s`7+@IX`tqYKU{fx zcVCuwO63kSYWv}bf&m}g675ins^UqfRJZFuOLOz$$@FDXY?IKW=JoN{y>keiugW52$6mrS43{RUii*|d?f+s$fdO&pB6ReXtz_JQws_=3OA*3 zc3u`Xc(8@$t?N#nKS8A>$4x0 ze3po@{-z7W=_CUJjjF;6lo^S{Im`Lfp5(_U%eNYQlT_!l`1PfP8yn9xK8pWdKFtqH zUWZ&-eZ!ZX`%mTLW#{JZ=<4#P9ix7HC$LM9QgQDzmhBO|1gCBGA~r(wot)=Z36c99qdwtA?Uudq1^wfP(56GfO=Kh2qq8o9@jZgHclRXV9M`qfaB!LN z{>~Sry=3~cQ37`E{~Z6|lH&izCH+4R=}(Bi^GN>#fpZ!BMX2GQAbxdBFTs8~rhfqY z-OTzGjN#J3{YO6kYi<2ITE8DCenrB${Jj5&^!xGR-x2$LE&mnnkn#_3zpU*4j@s{u j|0|a0=poMv&2hXo(hrAiB|_ zw-8dvD%-);{~3wf1^`YoGJ%{onhqtAT?{4EVGBFqJU*>*0TIOaMlJ zx4WCIm$jX(w=>k*-oXRr9_Z@e=3^~nEp9C#U}!)Dz;XLl?Ce0X0RSUH0D$XvVcmUwJbZn;`F$M!0=V7;|FixZAUz%PoL-2s z7xRNR=EKU~;<&A@JgJ=I7WILQiVZ$70i*ruS2RV5Fxf=9QpT5l);C%=xkD zL^>}o0o@xCg-i>{eiX+?SNuz?j+lY??pNpJH6!@A!J&tal*GhCJpH}4AWfF-PsLyT zMCPDMxt%-SY@@_j2o+fQiV`9qD;&~70AxB{By;U)P9vm|(4XQ}w?#{C-Ammc zs+Fd0K=`Nv`2rT1kt={=4zBU?wGjeBGs@80(&jC!&HTibQ=^iK3<)AvA{Qa2^=;Yn z;Dq*j;tvoDmHRVNms)DF*@Ew01ZaVXKzkIC)<;ZtD+K2mTW!OyoqVh4Roa)_MB8{T z;|xW?mtH)YdZF+^2hmK{-u}r`aSpn@ko7{R);=kcmwFUeEzG1o9ZY39OJ5AfDI^Wu zxkClTvMfj?3pv8=Kxyp4olw>_c0KHYJKRH#5rcQuZWR#8M3w_fY3bVFQB`-l`=czB zlwjwK8hT$&4??AQ*dqBcXk7|Ao_2fQ^@q~Ang|F`kk2!bMHp$EaaLGe>a;@};V6dI2lh)(Z+&lek9ITDkME<;rE; z9CXlB?dd+1hRDiydS^oEIG*F0F`3h!C#c87`4N(hpjs+m?$Y4Qhk`jfPE*zHUhKVUwYZ^aKrtk`bt#v{pRlcyxil4 zvmP&vThDaf2v%fXFrFi!ceZ%K z9gK(_3HgnAUUE(r)x{w9og;M)&?ug*)HM4?l?my)fhrSH>)QG--fI7yBEfCL=go3$ zVKbhtX7$FK$(uSvfyxgZn`=D^Z&i1~9kL<*dG^SYGo~?TG|j?lIN0e!)b)6kg@s7! zT9-zik0c@$_R+cY+)U=y>E;AVmnqN0xi%7qdwH^Gl{-=by5~8x*yeQUaD374g_<_o zbbV`l(P?mReK>&BN!0$VnX`1j^u;pgMOO&q6PEUjFiFpd1rYfzki?^kVm)!%c{|=G zxS)s?V?k}2$#EV%SK#G1oaU|-6!>k;weG#lQu2ELuIsn?U03=mg5XCl`DpxCbEVxk zuPsUUj1DRdV)-%~z7^P(e#NuckGyp#W7=6O4%)_YD57ZYnd2oiipm=pE*{OiJJ zr}Oy(k0JZQ1~iUl6Z(E2n(+z9wf#w?7!?ccW3nxcc+jl<@}iyMdjqd9%1H*<1kvS; zRX97&FsE#qqry=ufbY~-MJrd`t%5sf_<{pc(~41p>g{h^reiD?N)2<3VljpU{s z!P`>urtDImCo-TVuL#{9Yd@lS&fG`}Ii46Dp5{Gd$h1(j`5F^O%Gs|WoQEyH8TUgb z|5ezL5z|*JuZW~jwb%L^fSRl-vzc1j>NeWyj&ThoKcAC}O%v?8g6mTXr&qYjBS*#T0Yee0sGCsQ1C4ntKyTf|w9hP3yEhYC*wR$l8p1iloMN?RqaI z?tyV^8PX|ch4kt)5naq1svMHQv9GDErnn-Qn77c}fZLvWDgl1+N4Os5Mx%bWa{xfS zI=<>boTykJD=|efkB^Gm8!$Y&-p?iIwBoRzZqHqI3}gHA zyATwGm#I9BK1vaf%=5X|ojLS%PmneW*D6!;<%w=0#ruHbMm8W4I6Cj6yTVPCN|Y6Y zD<0C4^)O1W9dz7BR9o=v8%%f%{{#?EGp7Kz$%8yGeWt^k5K+5vFMlY6TydA+V|S$a zNLfEf+ceJ`T5d>Tfy63jDwty=sLEm;TK2fYj%wS_cHv6XUcPvQ)bNAkw=W+cM#1Fd zy)rG$Zw-R2M(z(gRhQ@$;Kh&*@GRknC5d!}SWqa@Npxpy;BmLA^kBZ?^NQ_~(6~T+ zy_NB?LYhc)!eMbys-56ZoZ*6Rq1qt#2VG1{m9=)gW^M{msUqVO`-voq7?Y)KONsMX zZOH+0=BAk)of3F8ho4c=rKfG)18rOKrqepTKZs2adfD!MmXaKd)L~0i@5!s$CF1i8 z)S({kM?mDol9mrx+`$Hx)-E-F3{1<(Z z+9K)B4(F|Ji}M@r^o)RU%=m(F&tD$O4d}?p%5nv@OX7d<)XyX)_t zrokr4f)~u+sH^p1TMeyS-pGy!m3I>E;8LD4yfS#2j6X$XZ6o?DUx=P5C!*bD&wZ30 zpx~_nzI}13!bUbc#puL5JBLuTKc6(oJ1QkybU3>|c&(S{B4HOS7@Dbi`KoPaj$Sd2xLIeC6PJ7?Y-ac9wwu z{xvfzL4&vASrXRJ>cK(6Z~+5qD?W%mv_hPbsXJykG3EIXtw-&-js@&mhj#dT?%qVp zHx8187i2g)eA2p7=lJiiwDy}Xh`R`4>Y1?_lEmvOK+ihe@TsDRii2M+^G>!;9K##3 zoV@D$i`Uz;EQ+|gfi)GEM#?(YEyEc+Y|*Xcb9{ED29ev>lrrN z5@NXe0_i#%$ircz5GQ=w9sH;Je0|KVTGEFqsJl~J1)T{GqVRFvMGEr;UqZQI=Q!yN z5bn7x8(s6y@%4*AxZ91bYqE!ILqkTft6psE`Qr;P-;ND9Ak+@tIpj_|M8T2|$vL5Z zI1aibrbpS`u16h$e^t5Q=@Xok8zT7-zwD$Htm*L4{A7L$xyS* z3*MVdd8|nyHXx})C*WPr-GqkQ<0UU1F^5?q7`re+psMJc#odHt)AU&n>08SE#|gd= zNYY%TdObHvH`PcdGbWt0+r(LrxV>Cx>Taxow__kalEH8jkquhl`RJKwnx)f>YpD(= zXqgumwB_Fcf=beBE5m-o;9Lrlyz{jwK z^+7xVMI+@kb23w^7NJ-t&-Y%FjCCQ>syYKCAw?B_)|zTq4}OO|z9C&VN%Z&{F%G3kv?x2`Q>?;4$wpGzhP>1f%*CQKJ!C6nuXsMr@*$_VK&;eMg@ zQm9!3+T53Q6n7Su-WRYQD(848euCUzsu zK0tn~Cm=NaP}uQDS6uLyk=}|d&1TNk$?eYE!88NI&u-7FUd2;QGI%n&rB~y`A`7sp| z^kc(ImMany} zZ6B050gMXK%wG2*^GI14JXy)gbV zM7UQ*7JE8n4pJT#GF88bJx=YcYEeda+JxnUAiktXX}tih2A47g_miAEx&t&7BWh{g zPH!~%8Jr-PR@1yFc?3dp1)-9Jeb@t=6`s`2Q0cf2v%nCYJavJ-1UKJ3jS<%G6C#t% zGBZaOTM0a>fJd6Zg_PR#INs!(I*MSwtse3>9`Y4}xA058O?znHYP@W)aewy|%-r+H zT!dAacT5QZFa9q3=&7zhqH~2$J5(Z+2xtwibj+W$i(wM@RuR|;G}(9DI|%>iI4BVs zxG2zw7RRRk^y;InxR^0Dh7^SXh;Lx9hclO5H?D$M>kRFC3sgdjyq*O13!zl{y)Z5S zERRaet5*UJyc93A1YYmYd@K*m&z1Vn&(6auqWI&%f%=C{k|PyyXl3sK?>fgp5t@WP zlKts=m!@-Y#e}8=ks=b&it69dzb06Tt)cyD3B{P%`?;H+itQ*;J=c%i|04qI76n%2 zgAXx<_^oY5_Y5g?W}5YBbh23Gs2)(&$whDJ(mlW;(0DfrNSwO;J6KSXoDl z^tf+0px6APrsIOW__@jxGf!s^7?n3zYGY0XecdypM)o_>#0p6{#uNExt=C;QG*WaQ z#Y-vF$P-{Oy}ANkH*h<}w{8yze?rF)#?KSig7 zNsuPDWBsamok++Zm>YK@84m#9{GI0ME6XcsDf7G9|C2e9Xke)`EBKe-@lq7(Zv&v< z${zNDNUa$H1}A~rJlZ?#Ul^sQv|D!I;JP1@&-$x#MLM#|jtjkZgZCv*bAns&*3I;A zRLA2<*IF~)qME!q+Q%w0WXxntbBIqH)H_F)y;^*#8{V)}8Op=%HrZzo<^sFYwUDoF zk#;pAvu|r<4Yd=g?o@&>9DXV6V-sLc*@>j$4a&83u0^a0I}ejPbp5F4M_XsehML?b zk389Clg>d?a!937<-0p=41MUjE-4bJeC1L8@Z_gt*277~_p$SV7#n4smi*+!q7ZDZ z98bmE5uPBG#i;|2o_INV+veHqd~Yk~Eb#ooRm9z=FY>!%Pp*zGHzdQmdz^<^X_cWd zO2&sRf*pj_PCSy_2_~KeWYqjYOOmBXdQJl>{WVqDFZs;WA?k}ot1&pla#SVcCd_lx zJ;={4KPhccv6jWRna1V*cvBD*P>WJvkA-%Y7l(Zq(F}+!CEHr!g^(HP6x7OinCY=8 z&9NrP{_VNj$k>Px9cc(Y|->4jTWmySO{c+n7BTUwTmXDpE}HVKXE(2Tt8nMUe=ca48sJeqvB z;bgL!oTeBnNF;nTO!{p?F}eLl(Pt;}l_X+kF5Qj9^q6U9hu!*|I$)$pq&cmt>yq#q zI)!}Udv+7cl}@EBk3CrY%jUx?IaP5y4;jjK-WiRpL{)_W^0nztS6XxN12MC)4Ue-w zQ&{xona#_^ur<)d$$QF>@qfC0onm!l*EZ-=JlAP8hk3OHySr6dSh+}0JkM08;n$~K z*Z3e_@yN=BIFOA)ZSKl#)`KhPY>NEq(v|eN-DQfs*#~mccDJZ+TY^_S_kj(M0~UxD zgU#oNGD!Lb8r6m8C^M6Za+dOM`;woct>0_&jZPG86$EvoJ;6 z^HEsPeIY4t+6wL-Kos@^O1v}saYqvWZE+0D#mND&u$0rS&Q!wPAMQ-<+GC7mlP~nT zfm8`O75G#pH__7LeYY&z;q1?!LR(G^oTx^w$Cq73Bm4O2pC3rT*=ck&u&|kN{*x~X zx*6%8g%YqU|7ZIfmlW?`F6qA+nEyijCy(@B2&|jnCE>=uL;T$_y@CBdZt1_nel@fH z4r91+aQ|^U|7UIeccfnr6n`gS-F)7EB>j54`0sGPuH}En9aH`W_qUb(zhnKH_ val } usc_access_token = module.hub_main.access_tokens.usc.token diff --git a/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_7.zip b/examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_8.zip similarity index 52% rename from examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_7.zip rename to examples/aws/poc/sonar_hadr_deployment/sonar_hadr_deployment_1_7_8.zip index 1c00aa57c95d7b4e6252e90028b2b388948b7bee..9371f1070fafb8ffa26963916b483cff40d92438 100644 GIT binary patch delta 2156 zcmZ9NdpHyNAIE32%q7%j=2j$|`%GkJ6-7#%BhfLnP#bfZJEdAfLa5o9%I#O~*C>`t z&Mc`VDGZh4Qo=OEB0^aX=l49nU-~@H=lML(_x=97pYP|dSC)B}xt#M6kfaP?y~G5j zoS{Az?dB>C00qt7C$D$pIaz>&khgIKg99?Az@fF)!Q#h+8v?t-;a|Q=pXAoL( z!8J9S3OmaMal6Xki(BN__%nYFhqxhKkvl5V3+H}+kjHTDuXCKrVNqDO3~tuXkq9aA ztgli_Y*i|ccYUZRtcjv0a<=N4X-F&Olr%BusjFLAM%K*(Ty zlQak3X=h`=suJ{lt&5m>C6kQw$h;NAIpLY%ZR%pU-e16_p)W8B$J!|3Gpg*0b-71a z-r-2^-gEuJE9Uzb@?r+mu4m=GsS1-XOb*hFTl|#!#Pw>{=*`DoqimyKk3-*F9j;80 zEK+E_=0f|p7B`mNa#0llF3}S}Pslm)WYKq`|YPlBZMeXx*%yFj^ zNh+_9#|MEMF(eAse z+-SPq#rUyL4Rg1m9xRTI9NW5K-WI+iYY! zmVCISsIYwHrR;=aEwMVN*Bdrkq!Mw#Ki3%{q<)RWho%LkbsN?MjD6Q>bm8nXvrLNS zOOaVr3tJqG09=nsmn~4nC$SerQ5C{Le*rm>+f<= z3iQ=v(}kBf=ZP_!t>y1sKW#R_XcksPR@=j1nB3R#NwGpm>JMC~86e?IUnE@qk{W;` zw`?583Ao=;)5-U_TXHJ!tM7>CS!3bXq?zW}P%pgHmJa~)VAxXva}JF%qgIx^65mNk zgGzBQT{6NNZ-dk_-^+dgJM;4wnj=(=>Ef)ekq5SS97a-Rkx5F>wE2a{z>YIOCuaHp zl}K{x?IJ#F4j0@yAUYzpC1mZWRdWc6p9lANO?Q^k3UgGXt|3UR>=mX`1gUb$d?#0R zNn>J(t2e&@Z;+Ab6e^%&Y)}zRi*6|M5Z?p&1q(|3FHNkkw|W6kp6sLZGIR8T54{4V z>CvlkmBn-Qe*ji~6RqkDFP;QCn-q)Y{kB79J_{D2KhnMj)UgYyMIoV!MQXcuyglDD zt`gag+GFoa74PmC6{1eSAxEbWfz^dA$0X(x;s8x$&B-Zz*mhZlv%BL#Uc;i*%aHK4~0Oh=L>mb*g~X-}?@ z^vv3=ZXRe;Ct{)*u*y{E^1MKPtlP0Ksnao)@WqvmGbr(VC`Wp0O?T`_xpuyhI!S82 z&CY()aol<`Rv*SBwrx(T+3{{E`TartFu4n+JWtdv#CKotqrH&${i}CxSQ7FW#}W?D zF5^<(Sy76~r~LT2FQ<%T_E(t+Y0q;XX$wE~_k=!uN~ou8(G0kdw%Ueb7U{F>8a>i^ zQy%RbNs~6@?D)XT%k>Ro zi0Z@wgFeqo(C_W5MPhsT(4jp(f0tn0eS7UqEJR5o!;#|&bX|N2yX(;QKKB5vzRTf% zElFef$9{}q;#b_*++0FHru%jf2uq?F zq{eE!q2GQjtN!FIe`H0!c3HR1RFCcS*wRZUGq5)=YIQJ&<1hYN;|n8qFid;`E7}y> zGfx|Y1TP}#Yzs|WCF2Sjf5EzI0)wp>ug1J)ss>|-E~7(5NOC^nt~aa26@4G(A1_ma zGkyMWKY1!umJygSX|C{i*e|FU=Rn!Vj+3gjIHr-euuV}^I`H(BKs1hA)(MVD*xOcK zdcY^TAcIJxiP1lU59{7i71E4m?UU0{!J?zQ!~DEY2a4I2P?< zXJhMRXG|siL`k+ROb4`O9g`2eiW_6ru=;YXQOr;c#9AylEZi?R=$BMhl=6SpLzNIX z>2*?r*GbJXQqfp{Jd40VHv)N0rv5AcAI1|1GsT}^{6EKffTIdd>DPlc7#dY@TQ}UY TLDf;kt#N+C$N#H`tD^n^a3JKG delta 2156 zcmZ9NdpOhm8^^~sWwsx&G0RX+CAM;!_Be!L6(tgqV`Qu3Y|;2iiN>QeXA+7B*Fqa| z=vh{%9G)zr) z!xr*7DA-1we6R-^;%Ydng+3P7rOg|uajJ469oo8k+>c_XQPvPzFtk&TuZ#CE2pfOI zR+iP9k)I2}ykMkb+xCvf^IeC_VoP5|Y&sCP|BS{8as|me04bCo0B;pp=mA=ns*0;$ zOg&~wAg0oO-JBgzj1-{pb_p$kp`E&0T@v9I3p>K)GZWLZeWbq5#=%T{OO=VAnF3o) zcf*$c8?D=qTZAs$!<0!}+Gh}s&MqfBcCK@^Cn)gF#P$c&koqEe{Ojk1xdcP)1pNxz z7*(mKr}Cbcg(* z((uDa%7U_61mWp6i2l`4zM^Fg%H?|cdAFDI_-I_CqcBGG5-YKYH8}S1-@XmL@Y5U6UbC$p{e+rqR-Z0jY74K zJ5ykH-`Ti5pXl~X_GKN)S#B0ve*o)~_jJM{b0Z6&OkNOty04X+dAdq1G=UMrX_o#Y z(HCn1)qt66Hj&SrN;ydPKG+J$wfag|%f^u^=5;BUY@B^XRKWD+BSb{LOpTsQ zTPgt97sMaKRz-_7We3CbKg#5z6`l;XKGT9R(EZ14J9b4w9DpKo4CwxjcSN~$cM%}p z3v?BmVN=f#;UvX)$PI6{WISK@n@aQ<675a9`Sy}?Y2itQ1lTBx{3TDRuxUszvAo~z z;YIK;ngWd$)}y)v9G*#1Ip$AGe@0d#O_E@KOyE)6Ch#=SyIr$IzM&j&4t4)(N-7L%#t0aFLkt zah}9Gy(lI0$MskRmDdlJaFFwm0haISayUS_)NgW>5wZXij08{4kftSS%nx0oi~ z`S#+ZYOodYw;SaVm%yf?ug?Par|~lL@h!>Yl`-X~8k-#neKSZuvpr095}j(E#vQR` zBMZl|J!L_ewfT1(8Hc(q(j}4WBB{D3J3@53SaCJhS91pHj>xc2Xac&Eoeq|-%wmlE z9}AsNglyAX+=XI1tR0gfd2I-zcZO-9c3!Y77_DQfW_;r$`)NRI%YdQoVpjiyt@m$y zreC#xk2M)Es%xOQOe`uxH+f(dtb+Qj6{2Hjrp*IKSueQjFE?5~Tp43Nbj^9R*~hRu z(A`LC7MfD$8HN9{zQFs+bp59uRW@rtiD|1<=4+@bYfjPE2YNf zqPp4@{B7JaWWIRv;ow8zKw}zgvJb`Nk_DC(_m2A zxYI3E^X)TCK)6w%9F{l8or>3-T0j@Oe|VNJBL99nA6Gp;>&i4b03WK~9Z;j<2{W}# zal@*P9VuhSbfq|&IV~2Z`p=mV+^{+g*SvV=o)=YT_Q%Vo(FCER6JlBv^XnDDF1u?% z?t)F6I|q7eYq`rRKZ4KP^ImOuJDzC`*HI-qJCZIe-UdFT2+aP WKkf39T?a#4<@`?{|JNOb(fbG0Ezu|d diff --git a/examples/aws/sonar_upgrade/main.tf b/examples/aws/sonar_upgrade/main.tf index 81bba9dd2..26fba1829 100644 --- a/examples/aws/sonar_upgrade/main.tf +++ b/examples/aws/sonar_upgrade/main.tf @@ -1,6 +1,6 @@ module "sonar_upgrader" { source = "imperva/dsf-sonar-upgrader/aws" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag # Fill the details of the Agentless Gateways and DSF Hubs that you want to upgrade agentless_gws = [ diff --git a/examples/aws/sonar_upgrade/sonar_upgrade_1_7_7.zip b/examples/aws/sonar_upgrade/sonar_upgrade_1_7_7.zip deleted file mode 100644 index 156f0b12e6fded2d8a3a779f40b7eaa3dd3554cc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2348 zcmWIWW@h1H0D*%x77<_uln`N%VJObeODu{nEl4j)Oi7J5j5m)r*AEThWMGckw;>gT zODnh;7+GF2Gcd5!1N8*}O%nmq9AMKr!Zum`0`jte(sDRV%P%b{C@m@0D@g;J8;RZA zrIRjZwHOGv-v2D>7%$RQe<7c9b6SaRvfHFi*J*#hzk1YExZUK!@d=jC{SH0V2o{NT z==bArHuzhv@x?dOmf7{n{Hhdb&e;d}_H+inKe#Ag$l>nPM|V@4)7O2Rq*{4Su9ETo z;u(^)5;vYk1Su6J3S8b)e8X#MpKn+tTuYXR@i7`lHmC*B?GiuV>w(8d_Q5ATW=|`tm`Ci|MsTIW0wB zF}bwuXuU3W=7UCnQQ;D28TSv~T%GZ&)|WDO>qf8H)wn_HTda@31c_O1_pNx%|5hn* z?K^wa5LG?Z=h(2<-gqTlo9``kM_d@~Z3XfA2KdE?lp?{oKA&%bbemyr~U<2fz; zUC3>(TbiaCdYREmcA@dr$q660Y%|k^D<;N24QJ9ju%bca zz+y*N4#%sK%K8u7q?s2wY8Yzda>SVKsatiCt=Z+n)R}vugf*fMO}{PuL+pKrq1J(0 zt}mwY3drQR76h0ErQQ|p{&6nZAY~%oMXg*`{(fegD;8W#d~%xYm3HUFe>&L+bx28S ziar-$oPM}A z-s9OCss)wDSbqF#*1xwjWwKe%aS)CWZ%Dds$Z~qSjD|*h@&xOD8i|*K9)4AN zxBSJX2Tl=I$_vyx6;d37(Z*sGX z(&GqoyUzPMz-{`gx~AGQ62CmBmOuXR-&)`Wqw~SiOOcTq*LKVCA314uQyw)*y{+~A zb{?2XU4h9;0Y{Q5ODxJvOv*_mluc9n4f75g@VJ)Ge{|S8N+GoU%-yay1$K^%>6>P* zn51xV>s+Ps^-0Ga8ueH{der^<@9VjuuqR5>^vRu*t)YJ7p4t?JHyE*^-(wd^Y$u6<}uO2h<-#p9I)cURG`(ySa z>AK&-<~3iPC^XwQ_S2>e_U8hg)fo{7lttD|=~$ehU-$6!V%r>#2c7#CJ+>_~+&J~+ z*E!A0zZlKD8FMy+EjYxd{O;B6bnoWiHI+3#!|$$&M-8Y=iDe&-0Rt)w7*Mh}0xHPW z(Z$zQFE<5WA=%q!=zrKiptbyemvii_qxWtqZJpA(R5bWVL9X7n&KrF-&!_yW7HV|Z zaNy6r?|Zj5-hIg^_gd26>xC*Wt4SO(0WZ7EE9TW4oY!#Az)yMRyLHwZ*6mqTf0OO1 z=exO&U#w+Wwo&}_&B|*5=kvwqpU%Dr~NY z7yHC{0yWzsTksiJTVt~TwGbfA8>o2(*%ldA?6x4~AbcJ{#4~EjL$<<_4Z9U6=@6Gc TSb>@u7}$W&mx+PlB$x*Po*`er diff --git a/examples/aws/sonar_upgrade/sonar_upgrade_1_7_8.zip b/examples/aws/sonar_upgrade/sonar_upgrade_1_7_8.zip new file mode 100644 index 0000000000000000000000000000000000000000..2a8fea3aad35841874fc6aa9836300cae12eaced GIT binary patch literal 2348 zcmWIWW@h1H0D-@e77<_uln`N%VJObeODu{nEl4j)Oi7J5j5m+B&<_paWMIzwxFHpU zODnh;7+GF2Gcd5!1N8*}O%nmq9AMKr!Zum`0`jte(sDRV%P%b{C@m@0D@g;Jn+r4( zgwf1hI_Y9oi-Caa{m-I~@giOI7xFnbrKT3^x{o%v(de%Lvp_LU50`qvRFCTQcm|lC7 z(^B*mlS|u<*6U(tK4=6O6)tg>asS}W)fvBPeJOLdZuFX6jT^MS#rg4lmYUpJ~E7^s{S0^WY;Ihq37p|BX|MWVO-hmYj zA_o>bx^g&Pl~mS$;3mzy&{4xsBbOt_bWh!?i)_sIUFuTaQ+};#nu42;ZME>0_!ss>cAIjkv1ID>e-Rgt z-gHT~zU05Iy0A}V#;wZl*?aYWteJbwifZ+hsH~;*%#>|IH?h2p#AbFFU zU6dY2nA>&U*8y(RU)43$o{{+FIko)phyT_BFBqKvzzj$N$PE_ z@3-^7OzH|uRth+hR9RwCW@1uKDxqwe+HaV5*nr2ieEy@u-cbsn?PuQ zbHyZui(BU^m9I}a?$D^m^3kL2-+y1v6@@)fnx;?goNS#I(zO0#Fr$_GF=?mbXJPZ- zv7BfRHr^tB&FI9eBjwV5ccz}M|8eN^-rvpn=a<$LMU* zA4%8!7B;W>>O`U0zOkP+Ww1XN@T|^=IG`-DW=hB64E?%?uNT|qcs%Ibx9G8Lnc>E% zFTc)dUjD^s=FOP18EnBJKIM0>cBgwc2d}BD`5At9RXl1yZAvWra10nwVZeZr#Su_J zu8uCgu6nsC_zJV$K12V*1_G_+|GS)HXC1wFQ)%mz)}^AsM+$QFzIEQ{t9d@3kO_F%WnM9_=HR@Bdj@{WGvBSV-mq@ZqWYU` zS3Td&ef(lA%d(B)r*BqX3pk%w#=Rv)c&cQq{$cIaQ*WBzKgxe8uISIvwV|0kng1MHX zYypP1jvyxXij5Ugv7uEy5R-9LYY>xxX@X%%qaO~Fkt;c%9at(jbURQBdSp8m0IkC2 zdU&x val } resource_group = local.resource_group diff --git a/examples/azure/poc/dsf_deployment/dam.tf b/examples/azure/poc/dsf_deployment/dam.tf index 9bede5e5b..f323aeb10 100644 --- a/examples/azure/poc/dsf_deployment/dam.tf +++ b/examples/azure/poc/dsf_deployment/dam.tf @@ -6,7 +6,7 @@ locals { module "mx" { source = "imperva/dsf-mx/azurerm" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_dam ? 1 : 0 friendly_name = join("-", [local.deployment_name_salted, "mx"]) @@ -41,7 +41,7 @@ module "mx" { module "agent_gw" { source = "imperva/dsf-agent-gw/azurerm" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.agent_gw_count friendly_name = join("-", [local.deployment_name_salted, "agent", "gw", count.index]) diff --git a/examples/azure/poc/dsf_deployment/dra.tf b/examples/azure/poc/dsf_deployment/dra.tf index 6e2806c32..9d95e56ad 100644 --- a/examples/azure/poc/dsf_deployment/dra.tf +++ b/examples/azure/poc/dsf_deployment/dra.tf @@ -12,7 +12,7 @@ locals { module "dra_admin" { source = "imperva/dsf-dra-admin/azurerm" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.enable_dra ? 1 : 0 name = join("-", [local.deployment_name_salted, "dra", "admin"]) @@ -50,7 +50,7 @@ module "dra_admin" { module "dra_analytics" { source = "imperva/dsf-dra-analytics/azurerm" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.dra_analytics_count name = join("-", [local.deployment_name_salted, "dra", "analytics", count.index]) diff --git a/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_7.zip b/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_7.zip deleted file mode 100644 index f3e223d0a291247c644d09a437ca180cc83dff73..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 14080 zcma)jV|ZjsyLN0&Y}>YN+t$RkZD+!XZF^!*>||owPQL8JJ?DGpoW1($Ufn;?@02yz4r0083q`A7Lramb%{h<_6YOkj@x1q1+K5DfqT?@!`vot^BQog8VM zO#e-=#=jPPrY;jn#D>uMq6U#@;%cy{JB*7OD1nav)Vlk{0UeB>nR#~QD1|d&1()fu zySO05q*ScVGgBJE_=U7ox3s|HE;ps~$RluHdBb3|P4rxg6b7}x#POC{$XqHtJD0`M zSR{Qw9K>n{UDPaeSz0uLbD+8ZM_JVs@G5)+Gg3NMSL0~ZvBs1&A6KKV875ARpO)Jz zVR~O3Fi+dNpYR6r1>I@Xg+#)ZA}KwQr|$^#W#H@WF_jfWr@4E zhVdVqP#c(y3HRSu^KE$7X)8eX=Oj*ifQh^%Rw6kda+Mh>YtO|8M&pEG{6fcrEhxey z;p<2&0Yf)_RJN+z0%QJEdB9rxLd$QO#$R&623t*kAq#gqh#g$XB5-W(2kt4x;e>%* zpm?ihhJDV#6Ur-5Xg=z^7}sfJhk+x-Q?H}k0Swmje()7uk>b~v$^>gE5FSmwP>$R9 z{EO@m_DBpob}zrZaZy#B>TjH{X*zIl?BhyIQC@xk5Nk+^L4Lzop~}f5bAFgk*gz~L z*SocW=~GDdv{yl8?$YWBuIbcf;qJ!$v?=BvkI3^IV&L{qaFcl=asmy+9tzm) zazz*}+rd`|Ltzz`ThdXDlYxX*FZ$@bBd^U@t!bA+a9uWgGok2)J$WK)h{pR`Wc|s2 z3hzuz9g@SODN22^!FkBHnI+7okrpSX(^{-o!RqwgO+6B{i+y}grt0XUTg%oUfg{p` za=M%@ukOr^uE`C{DPA3Sr$v!7VJkPUnf&IVSV&)c-QzF^1#I6Frvsc-Kfa(8yCDT9 zHsSTY9b{%knCq`FSk*%#qb^8O64GA{Dvdd0axKn836QbL@c>0|^^Q4zetGOpcq9!S zvMOk!_M|43N|!2)zfHobFsa@&$Rr&p4ztzO7xZ7-#9?D`se!JvsTB|SQhyQCV4s9x z8W1#R1j(03GQ$QZ<8hFgsr?!V#-ez_m!Y6gr=;(6|7PuuhD7@_?B0y*cDHaN&fWnQ zlJR`2ewjsf7sD=ofE0{8ke)l3O zPLXMp7^yl1Ed;eJK81QX<_Mcu3;H_*KD-YB=$nX*8IP2Py~K$rjhldbmZ1hOr4EDV zH*YpJK3`);#nL*&IPjajGfH?EHL3!=DzIBnIu?{Qb~0!ZXyOxg;w7`f9PB>04>7OO z9&}4f)gPGFEsbLVlO1>gA9QisKTs*`sS)^e&@V~x(56$ zt0{=HQ6CAu?`Ad_?N02^U6Q*Y-an${(Pn1k$)1d6zQEDuQIPDY@ zJ1lusJjWq#7R-l~LZ@&ITauioIzBlYX1f6prhpgPfdHm{>P-UrTK>c;=C0lblB$3l zms)Wf5o2Sgn9%mi^WbxWovQdW&M9;B2DzCpZV1VZ1eI0V;u9;$7<7r_;1P8!jE~VU z>e;+BPWdWIu^5`6A?U6ZDx6*GxzjZbqUvVWP2PKaJtvRiR4|n+8wPdjF6UF{7rz3^ zFo|i2R6K)1U|I7`QEj6Z#?fJ#VSYV81D;P_C?x6wuWbd(Ps-1jsprp$=U>|B+&rN0 z>BdSEMqh)8og3kQK^$n(0N=@teTzZM9qtujZ8`)gV{tmbTqPX^Jm8HAZ%xf_^52Qk zdSpFz31G5V_BgEBfx02_)}Fc!5*eD`4%zd`EN{L9v0aLnW!is-7Lo#~P5tf-!BVef znY_y7Ws_9O&3H)u%&H%(7UhI#7?C6}6s#734w)`G>JVjRPA?AX)A6L(oPx51Ci@WO zyn+O;P+S8cID*CMDM*byD97}JmIn5YutMd#7%L^3>FobT_-81?E(NC*S~Q2OcnN&cja z24;VS6ppse4n`*b<^BJlmeI-vk*oADZ@=^m7{PeVXIJmH^lQ#SgACWyB|06y8gU#s z@4UYhuv^Tm!>N)FEF|7$XKSBWnJB#eg2rO7@-Tt-K^AV{xMBrmYztDnMJB^T3>eRb*ob6U3QP8Vw)r_wPkM=)jsm@OULE9Zj5A`1e(!6>{26253_C2{ z5cn}7L1eP^t@kjG!`2IgfZQO3VNk*j#mSz%)x62f47>EGY<`YHWVqqexXdrg>IInP z$oE}8$rBZurmBLM$k@sGomy=4#9VQ+pMCXSAym1`(_V0IBk3L;T{{WXqX-lHDfTs) z4r8En-T-2YQl+4@SVjV1$v^97^HtgD2I|+|gcjnhx zQ>BZEbq|Pfdp${a$t1L+sdBNgZEdx9+G0vt)gh38sr0qTA!-Ivn0f|8l=ZE;6%7fi z&>d4w;?6Q2Jms!8|IGJG*9AloD%kh1KJ#MRBIHRh8ChU8l_Bn6u+CYYR%I(|Ha?=H zLu0h)6#LK%yDqAoRqDr*;=K$3dMa0lkr3eSKLXE--~p$Q zPj3JW`@eYu1MC088?38N$ga^Nblo7UdH`Cm@e2T{1mLsY{JOnTjXEU%yndfuM|F(?E;c4*)9vXa)UU&K@fjrD{DgVBl%bcyw3 zKeM^`qZdNdpla!IuFkE6L2*V=^Q&l)t=$tGamPu9um%GsUE<2I@%jm2$@H9YwRIcm zF$9erUft~$)YVP@sIyEQVD7Ni2AnP|v$UhKr+vHWSjmjci3V1SpG0A=t{^BJdnN52 zSwbsffWk`yhV2E0&MVkl(Ue9e5b@)jl=YAISl#y=@=-UDt#@ZNilqRBY;0PMxW>mh z4~D}xV>m2k3bKpql?`4kor)i8*+LQK&iXc03(nSNOF2xja`9lX}5O=x!Obp%P0 zBm%xO=@O5@BH7hi`8y3DTBr!JB{X{PC85aN5a012suXrMTF=pZ@;rRRV1euA#YHt{ z!Ir6_>2yid0CGEWi}JXrn)Y^jiw+$jp4r~yG8U4jUyhO6eG_Df(2q^hdZ=4RljCci$i(lv^{1{fWiHJv51A)lK^JfR z&}R)AVgYdXm*8qlRvtFH0$pF&qH}Iv&Os;*YTE42wa(Qw@d%mN$>U43ccXA?R-!m= z*}>M`!g)dk8qsmy-uxd1-DMo~o3F&OBSQzzD&GNdxxubAY);d|@1P$8a2WRh^D>)J zZ_MpwU8NV44A2(+UF|yPHDd#zyfabjQE584$u#X6R$8Lp-nw0v@xFcQ$%=e98#q%* zVqp*1K@m^sYeqdH_KQg)9X_}-7iv%V86wybp%mx~{JU=vvdSH2{`4(SU;v+<56s z>ioKxz&Trp`}DAn+GY?ex@&k*(GBqosDtNBuhATdRI70ojz3e;j1oQhVW%VRztt{t zlZy_1K(e6(z6d?ybD{vDZhj!R!qAZO+%!4JrqB>`uwGMevt)V<(lV2v`kGxkG0QZW zi(5?P4X13-fODGzYAg;3$5qPsoSRqL4TsMugVb}k@Yq{xxfx8U?wjk@9h_(-R%1q! zl{8v+L7lX!6=JfW39)FVqga<&wdc-KGdp0|b~LvOY6k;*adj0E{~_}1IvMhWK6uRb z`%Vm%PokrN{w#Jd0{{^GX(zfEI9M1Me*NzV=MVLbbxmu>Rn{->*?P4qHiYh?c{B%w z5~kNZ7Au2}_CscS4s1pT>v$Fgl2|P+SK>3FQ>E( z#^L(2enNC6j`M+&@Bm&_9m4&kaflrOzaWFC!8m~P{FH%iyx*uG@V6vQ!-rJh7Yk3) zgx)mO?02F4KBIId4J7f|r<<)#CLz-i+F`V35nC%u(T&b)*Z-L#WWJeIjwHET_>T?dnCm3CS;gr3aKJ=n!@B~ zdGzb=k(J)K;0`$3Ha7i&K9SMo9Ug>H?sdjQdJ`Vj@EsHwzziYZr1>RY0|UHk88k5V zWUFa0Vh@|kjr+f3s4GzfrpQ|)Ts2W2>{^M~{*v|yXkJ$4dNYpc1=Xf_#30eAZ43aE z#JDC_?+a=o@s&WL@Mw&>grrJ?5x7ED?-|Id)|N9Zq09Emr&)QV?%>mr{keI%fu$nJ z()2Z}=4JJH8$|XMp-<-mw^lz3s=C#Fm6;VVk2>?ZfTXvj^Mfuu0jT7R6I}9$Tus9( z<8p)1f4V5Y8dH1EpI~U~iKu#8&zn)O`$(*ER_B%@B-DD3hRHieX5HE;&gkh@5yRMa2fF;XrJ| z@`Q>Mk@PHZj&!T_3pK+)X^C(!nV^yhB-fLX1%OM)dRm)y3u-y#k_NHAA2|8 zE5uhpJ0^{k8zO)fAE294r#pg^GCcHut>l}Dlf6U%aS*ZmB3y$kYUe)R?s7Z1b*Ewr zq1M@$?+dr6))@#w8-|_#9>>K`J&E&DVK?5>b#&E zbei-p-0aL8pd0Rp)jV@U<7sWgY(s)1%Rm$p;A8E1^+5Xn!3)me(Oq>J(k1|wgs!osj6ideK8mqxU8G!t`J*t3K3kqAHSH zG;ORJkXP|GrlH{u+Jx6ye@3itLQ#c;Gp>KT~W_3Kq#HcF66bhlft;915FK5&mH zYGrvDJs+@ioRCEU3+%wWQp?Dm%t24V<3KrKW3bY~bQ<_xiHtH0`VqImKDJ3k_f>U! z<=EN2A2W7vBwOLM59nRWQ_DEWrYl7C{IbH(@rs_DCz}B+T zVT|@d$l!Z3#os_NLJ_DGH-VVs1ZAhO6dsDEMK9}`?1#nJbf`eR6o%?bzZ}jNDwe1g zQ9G3qt~p}z7xQ0Orzn!2tWZL%xYx7!Y)9d78JT&_QGhUvgG1)roCsX-1(s8N+_<@U zIXdrQd--@Nb-ZB-LbjF?zW1=g?-E+#eZLyJ79vWz;2P-0USb#O|KS=C0j3ncQ|C0` z4ze>HiDn8Uz=>m#1t*y^Um0;2&H~vCSNiLl89kCXPQBAKuJ{>w%84f^^*5u9JqGG~ zLE*ZyVFcaOwHsXLL`$}ub#?h}15&zf#9Tu4057%TM-1h@L)h3*JnVL(pwD`xsG=f^=b5g4(_n zm`sWkXtu;^-+VN6iZ7Kiiwt|<&}#9vQQRBcC!T_LF~T5htRzR(tfE1Rmw9@~zX&U% zN}y*mt11(Xe8Jv`)4@&()lH;C^uX2b=|@^T>)3=0xPs9ct=NyT-f~O3U7)TWvP~mbQ|@hvz;z;?o!z9xp(u5Vl$kp7O>i&niSmteNMD8 z(7B}~Gka>J2)|bgT(RM=6+5Bl#JW;2!~BN0^T|g*Xi4KRA;&7_6Pe5M?P+@T^l*=H zX*fppOuTskV%^i$9R^8(cEj6sOnv-6iZT@an(a6Z#$8Kf6DT=3iufxr?Zuniw{GD| zYTC2DFmyJPcs0z;gA!|yd~cYS9|}&RlLoTf16z>3;`cvk#wyH2wFT*vE%4659K1d{U^!!+#kXLc$E9JaEO6V;0HLy=h z!7c9$g_rV#6j73G!9iiZJE@lsdOl|82H(f~V{pBApHBS!Jg4)kN#=@8Z5I^UOHr4; zz;taZgOvI(gG!1XXDJDsR1rJHH$UA9r>2rEgBS7SF?rJ6?(#`cylqD~YIF<4ieqh-De~xJ!Ole9+*M@h!)7bDQN(>wNXqZs&HP zNzqG+{L+4=@7+4c8iwAJ=V#I~?^jj6S`#lrT$D6MmE|*B8*+FiNlWdHd072?tV7gd zZ4dtM(tUi~L1gBn=_EV>LqmMsVBA9~&>8hItmUbo&yr4g)oa#z5cEigFM$Y&k~(sD z$L?AiKM@osclP$qb8^~;h&XNXK~!*(i5@&s%6FU0=(73TO&zozEcchEX|?WX5x_n~ z$d^`;KAKw8g0eDK9|N-Aebgo#L*(8TPH7j_igV9%Bx9{17h>|)X*^b{qMPD4Stqbu z8CFwLSf7w=3|%;#TQ6;0DemfRD8rYI>s;&_J9Y1y_m|h#-?z@N$TRbYyqTZ#e{8h; z@?seVNk1E9{O}+X$SSfBmaWB}q{Pj&Nz7<-q*7hS;YSfHw%n^UP}0$7@hDD)HS_BE zPDO|JA-JUKQ}~su%lcfp8!C#5f24$GntHZ7tT4V8#Rwg%G=MX=Z9LfW_-rssWJ_bX5&ZJjB-55- zA-lw9C{O1^d%g)YLoO>gOq66%vLuU!tM^kv?_<2$fGFDEfG6(ZYavR9AznKeO&L;Gz1XB?%<*nW7)hju zU*t|qCb-G;hRMFK7f>2JQ9mkdyk0xj;2*f3hpi3S-!&_fE2hZe2J`wbKg2l=<>7)7 zv8Z&yiHWu1K|I~C{)D6vcbvVS@!+NNHnTn98cEq9wP2MY zvRf@L4Aj9lh5492IxhQ8B!FV&FM*tOj*^M?NQ59UIPbqM?BNJ2%yxRBYo83l@4P7) zsZ2P3c71d02oQ=>pBYGm63a1bxBV45NaXpJc+@&s4U42DYTJxbqc{9TE52Kiz^unv z9t-D+S~dr1Sh0_vCDIX>CW@j5a}t%B#bv5e@IK>Zl_?w5my*3hn(qIEve3y=u4i)Acqa2DdIp$R+WQk2dJvgp; zB-CTj97mvXfu`5lbIZ14$rK^GBqrp55W?f>4r3@JAo6+8?p)zeZ^l85FcS=V)=vEL z0HvDenhCtLtd6q_Mfi70M^FY)4Rk~NgCnBUHj#q67~X5M7XKb??bOdaf{JZ{S!vsk z(ZF8gnik6=-Lxk77fT+dLmMK(D8`uUJcR;mKOq{p&4Q)7o4-AjqU<4JMF4l67~CCM zGAAg5v}lq^?;Md1=YsCg3#ye$8?(iS$IhJ0hiDSCOVjvB9^rsK4Psrs7Rn%PFhxfb zWgMEfD#~jKSU(x5>?+CODX%H;u{GzWO!hIg!?9BTmlD|r03Uv!a3u~P+VjztGH4XH zBMS`3tbq!0J=0bvL)bgTL@fLV|Rp<$As%}ty7O*Sp zMi_!@FR)55Fjg8<(OJ)Fm%}gCSo#&w&MX($WhOunYVu+LIwfZ?QZ2?;jS{X*SogC~jbCwBu}$7i7USULHK~ zg#bP<_Tz-Ctr84(!Z;QOoDY~*KoT)#Vr5T4r=T0)CL*|Vde{`tsRD%W_54{1Yv_vKr0NrajF;n z!Xk}4P?%ujIjA8(bT??6r^DA_Vc87KqBIM1M?Zf;g4XY^RHABzE5S^?!0LnQnZbw{ zY3wZLBK&ik=2Wc1Vn3-e;qvQuWthl&8Keo>OZHL@_Q}P$#nm0E)mXy)cKC_s)o2QD zQ5v-N=raa&WG=eksK?oF3r2>M3^rX4&4A_SN_{p&n-@wRSjfH`o68p32lQnomuw>0 zHp2~^I8k`8S04m(cbn_R-*0|gIIW!ptecQ8!rKbkOe`3r6MIrbh!=qO{K!30a@5?9 za0&g<#kq(H4D0GFEL)1>E0~O~SBXR2M0R243aH6d%K)%qt8T-E@*Vr?dGsD%M;DU&b<&^~4Y!XWFj{sRlp#Xn`I#z9@^+~2l9mt+Ao zycsHr2SEI%Seph!Myc#|&0%fmc$2~&v?n9-K$^#5Da!V)nZWYH4hlcK7w-ll%Y$?B zUl{vR^s_hS=(;Rr@X;F-3SZd^rYHK9$pab(yrLU%7<98}F-&6tqUSJml18juPF(9?g}g z%AL*EHfd678IK-UYgGjSrHvL@PYCvk9&8FT;I+-oP(G5zx+r(dTGwLv2}6+bFgE!w=lF*L6-%T9lpj3;$c4Me4xiT;g0vV=I%Hyh;P!^jl#q~`0Lm;4C?;69 zYknm#9Juhai;*{AOO8thdA$W)4oHN(k9Qm_139llmZ*aiQc*>eIa7S+iM!Rpa{UQMzBUVP`yC zuZ_H?g42C4SY4ht*8|Y{&-t?!1B5q`6YDmOB(&w-0geNR*-dTBhIfYs4PcHFY_PGy zsRp+r;+Mpx1@aNDL#+gIBGo7fd{hy(;K!whD?zK3{M}`3r(GX^5&^Ud=r5^klQ;+{ zoPG?UvX?Wf1#Y8~8W)O)zN9=}<)GgFGFmgbkxOEDv@MMj8F+c$NT?nOY|H@RptV?h ze_BuZhM-x0T*+*VQLJoOM83S??ek!~SD^`vBT*DgudAtOpz{ExBcE!U9x1s<`*Wt$ zYo?K85R8nTpw~RO!d}!QadOsgOvTUV;AG0PDZe?KC^nf_Ew4WUMRCIL!2Th)zj+w! z8^fq$<2O)(gBy2{8hJY?e2Rf(u*;;WBA8&uNAtC_ltn44=R-OP99bP~Cp~=|V zWJu-576Ih7V&qJi71mpmacEc=!ROm1_fp>yT)bhb3=>qp_FJ%PHFb8LS5sv?&z+K_ACDXXCF$W2qa zqTElhW(zvWNThfz@^Equm#Hsc$mA>3OD$1@=kj>Qzs#Ap@idGl58LJA3upi_9JPOw zSV{0Pq5 z`woWiP3I%P4zkmAAMn3xp(rQT5X)zq#S|0(fZ|VD_-`%z&)T-*KW^jq{H2VYFH|5G zGeF^q*-$X%55TJiOAO>78hJQ0O}pWWbrpx*u?;)@kZU#^1KT@0J4A(pR`cK8CW7b- zqlVz*Re8l#0wZDZBgm%di`a99pYa>zXd}#OQT6(DgMq9wFi|R9uW`~R4Q~=UO*Bqq zEcth7wyQ}mp!4Mf0>4YPT5~~oHZrQya8;)kX?v)7puhwrKPLhOxin(3+s!*7kdh_v zfD~LyU(0i&#2zr#_xjSi+{DgASk_lJNcS^zprrnpN8DpC^ zIeI?H?&oK)kVx~zp32oODJx=Cp-Y(3Hh(>^f|?lfAGqUr4#o#~;m1c|0Fzt~bqiT(nj%SGh=_DJ)H ze9V*GZj%I$!yZ`YYskv8H}V7Oko4}snStkAEeGy#{ssE?eTisznE&*-CtDB!0C4}b zFBL@ugk?l%t&RUTs_KNgwe2b^!h4mTy(1Jc*wo09zB+jKN#)=We(|KhNIW!=UR`yOi1PQvSIW!vQtCL*>UEMiMZ;*3J z@FhIOV3!_u9jq4$vQ-O}?ke_c0|yq2GD2S)kHQ3E#8Q%sW9rt*hnK)#fxSR&)Z{^U z0wjWFn`m3PO~B~YHsbzpayUB;l6FiJ7Ns6pXrvB`mqd=_9bJ<>Zng>b0Z$Atu_7W| z2UqR?dA!eNm7`Ki|J|gJu*!Rqi&HStKA8b1BIb%#{Fc!*bpdLOv2{k?qKX+^Ln?rp zT|77e%9m7sN|aCnnSs;0YADq$-`gW^9e;D;l#z;UB|PA3i=W6_AQ`>8{v_#Zns zrj>!*Qfj1|Lu(Ds5G~qu>rGHS!J9D1x`EMDOMgtF&$5kUo@XTFeJKi2xY=Ip;I4go z{`8_}ITK^3;Ccju*AM!-nk^gqg@rYHdlfc{@P>mD@1bi>NJnB0rdT!Pc@+_^VHjTD zSd1(-b-PmZ>#en?_xlQ0^&g%YH@GAN!jp!n)R4oGxnt35;)u2n zK-jkYA$+<|$mAsBPd~##oTjpM87&A#l;24(-VT@@yHyyO9GNJ(JTu}V%)rAMfSd|! z7~$Mc|5b+pd|)C3t&XyS&=RBqLs>w0$b744R4AzzQBL$89D}mX6aX}G9__Y^J`=03 zn*3`J&C;8Nx1dpnT#=nMv?8kOqgBK!AXAr-*;uS~peL_ati_36#(ljymcu*=Sczv=6MNNKdetV`Nl>p9w6DxH~X)6o`qHu4I33`+~rw5GHK{X0G zOS97%q50r9%w>K>e-TztYZN6BCha<8W>!q6pdZPFIz@Gy4w|H`U5(HMpj&~JQYr15;OnW~d&Djw7cPhy;bWP2F7{Ga zTRyBdri9zU`+APy{0oNXfF8eWU(hOl`43-x!{0aOnRR?lpJ~-DviEe}%vv4!;V$GN z{`PJO)hH{4>fHA;@8Y6)N{C+5KL^sJn4vwFV-K>N5t#1eV!WkqlTAx&)h4O+#3rk} zY^l_|q8%Fv92~t0W64f&vH=Ikj3WToa9ZykZti(6U#{vW-$Ul+mCZL@pJM|<>+*-e zDbL%|pJ@h;Yz?kCp1}Cg&#WakrEI^|jLv)AXuU0eNgb5enCj!p*?<{?pQH_lyfJX|IM@3giMD$% zuspD1Cif=qYwmsKOnKuVyvNGupo|w)0>)5N!RTPl)?TP3_VGW`jS1q;F7MC$XzYK> zkz7n194%~Z{)?vghh#(LXAfKeJq+09OZN68u6{t~PR%HtE{uLb-+Kz?U*{~e_5 zlUDjK$N!)F?teCm-&v}E2M~k!1Hk{!S^Z~Fzw;6Q4mJGw!2b1I{)3(P&j5aBMg1Kh z|C12^F9H6GBlXV^erLP<9f9UE6#JJ5zjI$cVgA8W|Gk+1cbG=(KfwHVY5$+ih6=l4YI?>JE8f57?IY1=;D1M0?`%# diff --git a/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_8.zip b/examples/azure/poc/dsf_deployment/dsf_deployment_1_7_8.zip new file mode 100644 index 0000000000000000000000000000000000000000..533f61c7f446bd87da03372d3a90d4a3818d735c GIT binary patch literal 14082 zcma)@WmsG5wy1G;cPI|UwYWRQwYa-G1a~X$THM{8;_mM5?i9JKbFQrJyLWzVQv0lL7^U0s8Cls{Tdozux@s7jz&zAVUXZ9YZ5qOB**UBWp(;MjdvYFZ9Yv z&_JNpS5-!T9Zs&WK)_%}pg=%i-XC9-`w)lrafbRYaiE_}iBQ0Rfci0kfC&F2&c?~n z*2&R<&e8b41Y3Ow{pkDyePYozf%bSnz2FnHgX~czVkFA(=1_vAh21j*O8vbHWU&}>`E)1F? zP4be&UG#Bn{|e)17bnaHPJQfs_DZfb?;2eh*#4}l+kU*ja#n$3 zQy)kVF%Cy;ygY?lRTI2(4xV6MiG0&xr-kTt16yo-DV|y_r8ZEA?zaO=LfS^`U6#{$)GlG>8 z$Yy`O8{Zl7V?dYxoN=ntYf2i6Sc4-ep1AEZ&`OQ_1eAi0@VHZuxWZLmj zv1ZA`9Rw6qfA8GDN9~Giyp^HuJ=%dx<3TEWgwGUGA+R+Rp08dx)HTpCZZ`uagEZDM z1vaWQdfkttZaR*rC4K%nH1I0hv;171^@0z$Dvjp43ZE5yhwIRwr&^&apNA%RdxUgX ztXy~WW=3wy5GMDyS2H@!wqwJ#?>=*w4w#J|ea5>&p$6W>jd^1i_9JyPSVF6jUp=By zu+-3{oh1;|pvxXp)F>clr330ma8&*(IRy@pC?y3#KXXD@gg7LFZE{elr$iQni;=g4 zt9>+L)J+AyU8(@bWz+uxr7x_^dP_d6e$p4)3}A@NIRb3HXiPchLu#|znFvMJ?a7f? zLDk<^qv=lgm3gM)XptSpPg3hr^v^-RPA}p#3^h4Ao>t?&2v(-UhETjFjqz% z-I_NC2po|gl+tH)06Nn*Iwm&ECwaBp92Z2+ge_bF)47cUQPAFY+Q%XG@_61SjtBTF zK70X*wgd8x?80k3J7_FSaMzY_xRnD#!_KIa64I7><%S$zf0&(#enP{eBm@>A&^hKD zM|tdweIySau*hqn@t`4(xsAsyGpgLwOD7*H46)JH74%)*#Aj!9u7WMMt`_%0 zslE7KXBUrc>=!U=0L>RiHqDOk)%_qnUGv2sf>q&!FHK&)Mp4)C{?*D26P0c}sA zPjWdcrUqLGYkADV|C%wKR1R9iH|RJ-`8D0PU@T2U&q3Ef#D& zfmN)58T8%odr{HUHeOH*8L8mS#yHLgF)Oak3xbB-TOIH(DuXw3+7mRNuNZYrG31qt zFOTWAG3>g&HT!{Ep6Wh2$;r~&WKceRb%qcbl+XH;)1vn5^ETxU&X_ zU}x_K45c|DJM7|R5*EuUY}Q&=gF54W-6o^U4jm|4Z?C9SFx*W9`T%#oSl(`&d{LZ0 zmy^`a%Ev2rLlm=k_AmB?pfMqo4P%^Gh@Ph|ZBQZ@bT!o?6msQ1xE2=K`bUAWlf=Ub$!brS9&i-Ky0cJ_;Z_n-VBmr9vmlKn?kSnB#T0#fu@kZ0QKe0TvAJY zSyzW`i%Ho`rfUdipa_!WdesuD{uYB*DzLMeSrO(`KA(fydsAI%k<$jN&1dJRmuz#f z1wMc>AjmfOaK9XqBZ-XLTXX1wS7S)X{OvRAh6k(sEt)2##&`7C$+z6?PVbwP8&+<{Ye}3O#bpI9BiEI4UGPi`Hxi63twS?dtKMjV}jr@omsipGpITX4$xm!lW2Fa zG~hUL+Ijnx_r+{_4PJ$^Z$9oeGgI@#!btvQ9qNZHlNM;UB_O^8JgJvmk3;)A#gew+ znMcbT9YG%=W06|Uk$Y+El}ty>o3hft*og6r+nNRvxBwk_hC>}zTF!+5ydNie0W1=v z)8yjmo!P|TYY2Cdj%UCkdH^92v6I0|@U_EJKGFpkGLST}A9x^9tT}XYioG6e#n%HX zmFv{Ko}kIEESq)hl7*c5%=@pm{Z`?g)u?mvu-(rV1G&1%!bYfv_$S12-2qSRr7K1d z`F1#&QHZl7f*7Ay4u3^^?EZW}_REY=?1ds5P@EsxnJ*d1%ePC8&k*Iy#X#-5PDyK1 z(JsfX!F(M8PM9xUwbYV$z$DBn88F~rAQy@mPY*VE0#g;N&3(dqj$^%Z^&B8mkN=eF zOS7ZPv6l#|{S5TIB1r*Oldazmjyl6c9R=Dl7F#!B?fA;~YYsL2ZNB^ytm)9!@?l84 zj)$1RiV92AcdzgV*T>r!KpLsbM47X-_0Jx=he|Wb@*%-^EG76IUJ+CHg5)!3>JkK- zofHC8<@TadZV%~^^n+mM4bCVKb9ZnhxR}(F`udx-fbd)KL^6$)WY(C={yI-%F^#pN z_1OH?%4V8HpEWFA33t_R@4NVol@Izl*IqradshdJu z?a2Mbb&oC7^qoLwVx0OjE<8;so4Rz*N^Nr1K35FZ99s>L0Vhc>;0>;#$}$^HwfupU#y!5!%Qwr#=y&LdH}h;4 zcg^L<3-lgE+8KPGY3yl#)_ewgC@S;&CcwS2H3f-|Ca-;^V>LPKA+1<*q@%hh6WOnA z(F!rNP}K#^yq;sDM~Yd$9T+>_IER%P2hd%XHJv4V;*#_HM8>w@pc4)PAs4@d8;=3g zj!B$e2nRI=iClFwrJI;&Pq?q|({70YSuG2LS`8&6h$Q*zO2*Y9pr>5CXKMK_1{S`< z=Vl)Mhms)n^~`uciHYTL9X_nG4(Vo2wyU2f@JujI9hUjyfOM07sKZW8A$J%t42nD! zsrRqF5%@?Xx;nGEg4jSJ7(B^kYEqKZb2@1pn+3UvI$JXG?`uHceY=`+l+rvS+m_Ss zA`W8GyY4q7ikgBjZBDH*jj(w%aa^yBam5@d@T=0JTiHM_Wa8ZS$^lo>cX)V#*v39?5ewQH$#<>E&0=kHhj_Wk7#(GAupnKg(}j5& zO@)ZG*H)h_7B1CdP?HJM+Jw;NzY{p+j;D0^T9;gJdbGze<(E6xZ*_X{-ahg+I0|>J z*=AE|ZIe^hjf_{xUxU|CFHQmM*vlfoTPcRSoZ!fYwym6w^Md=kYVU{04zhmO78nSi z56kk07}ZM8%=$m*c7~Ew)G`Cy+j!-rJv(#(i7iDPCMnAqz2%2P+&mwDK3!n1z!vm) z5x(+sYP#C&b(+oVbikQ_tJcm8Nm&21mQAKh4`|a;0vUvcKTqAaZYFNgsvq7s$2%b) zKGbLRQ}gV81R$PpR}9!iw@&Q9cQV@I^%-n^O5JT%o0)R;ASb$7NL3xc<0<} z^@Ou+OWQK^xt9Ph57KE|sgxJJqds)b5)HhiRg#Sx5YFO}es%41Dvbc))kMWI6bE!~ z^l8>jEi5)jcD@M&OBrAVZ z?Pr@va6`EJa(Bxi7dYi?`$|J3Bx$=SkuZgb{`J)fXv!=Vs-m$U^Sd%Ay;AoxY~L^1 zbWJWl9*d(qr9@AYAFJz3G_~`BhgnV%L-s9+2XkFAnBhkSigB1-j4Urf^wXUl zY@-7VDxLpgWrF46>1km<(j6>7K%f4!6rJ_#&Ghsw|D%hu_RY#+g$?B`Q>R+ln%GS= zhxQ;}!uYz|Y`NdTZop*Ep55T!3lg+MQ!JQNbZo-x`>Qi>>^3Z^Vnvz-v5CHvCe1zk zuT#1@!%*EBA0c`phdKWVL?A##n{aP&G;*8YI&=UH1P5r2j}pj@=j&%EqAf||&;ez{ zh5VCbp*MGta0u$J!Yq7~+$J=z(=SU0X^`xQ1T-VKj4L3(5qFr=oYe0|)(|a{RpW|B#fbk3 z@xt*PK!Y?qo?Y^lLmEQc7N!fF@YId5Nr;DvBz{Ah25*ch1A8_bhUG*;R@iP4G{mws zL3kxhk=)9Pd-Daoh>`b~kT|UlNq*92+kuW!NG4;N)#yanbrcG|M@2qwK!baxk}ANW z%};oi!@AB6FZU#Xw8!7Jw(b@53Xd#pb0>~)t1%?e8FRNnY@@;kWeiG@=9hT!_w%e~ zRL9I&3U8>_tgaQ>5}wlrxLHYM?pTwGgpcm-g~&TvFnCHT?b)T$Ab%n@qjB z-Vaz3`{G$A;Rl$a5-Q*LJP!<%OSLR9TS%B~D;Fq#z3RJIZ(k!5Mur5KW`CFE|(s_t|f8*dj z_N*h4kEwulh#xA|M*=TAz%r#tb$}#ieCV|-=bMg}xkLxE7coZ>u0j*Fb(?E-zMa^* zQ?`LpZLiPuMp#g7kAgUc6|hT6Nj3?+s)%5GVbMslzzTxxU1C8Z@ceEUMx0Tg6h)f; zGeAtKG22_2j>2D#yrqI4)@^rq#-aQevCxLjJ|AbmH$7-dWP5e&uqEDfLF>Sn%g8)w zPS6!LS$dryGd&CBhC6H}$5h{NN)tI#|5LoVKe`dfl)53g#X-K?7VAMwm~1{M#XqEQ;v*OyVfXEK!>W9hJ#nTR?%Ut2(3teyY&K@VQBA# z@QAKjl9Sf`4o}YsUEnwW1(a863C)8g;3;qvBr9YDURs!5od^)e^tDbm>^9KLCcfal zqGqoYFVp)S|C1+A5uelXk9#edUx&zQhvov+8IDqIPMVW;s2ZEAf>xnffIcK+HT+9Z zD;en!COaWC$i3;p6maZdq|XYQAk4CYGE=zn4+T@Amo*J`gJSGjpTPn012x4chjaM~ zMJfd}j>W{Q4mkXU{1;Y<3X~_y)KJTAwd`Ko5rkX@CV*KgFvd|x=&YL)feSwW($DWV zuC4$Fr#(D?7eKM?6;}|txtRE^n+sY{uM=WY%1H*kLFubR$CXdWs1HsyKeF;}n7T8D-*$2RKcN!NwjV z&Ap&-&DkK5cGBt%fm570d)AtoT!Lo#18_Uyp=V1$T!9b5u&@^X6H|m#sEgm#^zP%h@)?uygRJZr7*{@id$XTmw8M7a zv>6qwL}GFif=jNmcWJb$!A33xq4b6yu=7PZkwx-VGzun0U~Wv$1?Qp*Cy$eai|hx0S+h6)6%uaIt;rN{(S08T$$;Z*WE@);038)ZBJy#WVy+ zP7R>Ozyfu7O7xLw2C!{1eqrr^_P%c(c&QX~^g&B;-~UyfrZ-r%-% zi%?Y6nt{UD-bew9!71aZWf}BBaP6~q$aR_zoeb2r z;SN#-M4%f(@3)o;=e5a94I)@~M0qaD$2V%Q@p`$}c`Ohu)*tj2UC@!I4KK6F(uqdw zB@-kv4GMCfQ^D}|QK&toPid+MGyi0~22p5!mDNO9_?VV?3wGNPQTIYf(<0p_jxF?qGHki<7^0^t?Ydo0mFHO;D+|eOH zyo*pSuAsg*G^qw;q^~^sWxjc-jyVL$zRsW0EvOd$IM0%dvVxxfp1VftzFZO65Y5Rp zhU>z(l9l@|@eX z(Xh&T)Gn`;xp?rhOIS#(xhxPy(gp8bD_3D3Ui*zB;ud0!MFwXM(sPv5riSW-sgLY$(W8X<}h6*a_~ z)*A`g$KHnl9%8Qfh7t|9&Jb40-I_9KV~MF^`KF!IgJ|Y=_rj1G_L!oY=N&!r^jeZQ z)MG#urRbJ~MvG<06n9k}Mua@Xc(r`v*WP@Me+8=rC>erzX=B$Wk63l2k(t#+J)xwa zkng@0-qjdq#!c*^PFgD@Q~@vml{Q|_jB3$0+%CfBJ5A3T)M!*v6j6eNe5oGdEe7&Y zele*f+QGTGt1baAPqa$q(1Re4-do;#tQg5d=2w72K%~D2CIU zv8Nw$Anh4Lxbz;*5#L%mj0gk(_d>r=WUURjE=nB)VB|HMd6@BJC3Vy`-enk$*u}A= z6(BdA%}saHAu$KNA3HiJPsU`2)pwDG$vnV}!@eMgknS9JSrfN6L*(Gz8&x(*f@E{r z=8I6r96LYVTqgk`a2azzicu3d6m0b_VL*l79!bQnP*<`^+G6)jDAfd@J~R@0=L?Se zon*6dZmXyBQbgwm`I=)KaDT&6^kdDWRWm=$)<`(7ZRipVlkzXPAe@vZCSKbpnJ5R3 z3$lp5B)LK22P%j#gD3WEoo`WLDKg5WE|O!}=0KHO6E{KR zp2R@Egf4b~C>F1OoW8T`JCOS!VjItb5*AE!xinyefC@sn3O!UT6&1)np%-e5#lSg0 zQX8&Zao;pTkeuFfe5!yVpu7*GA5p{5%RfFNM&}eReuD40J7Ejz-`qq;wqvDgU1nC$ z3vBdryJlC5?UrRs7q;C(n042Ygeaal@uEaA2PZ^?4q>%y?)nmB2Q4psl0*&MO*jhg zSeDueMn5@%awMQwti`dc{rdy$e2Jsk^xIv3aoSrXCFZGRN}PyDSob$#L$OBc2rU>z zS1V;A`sXt0M|t=VS?Tl!smUeJQHa?U$F4N)IrZJy!VogKjC0@@A25_cdoaz_1UqF+ z>dWaFCKS$ab@`4_`y*og$p~K$Azn~USjfu~IC3D_9x(On2u+e1UN22XQm67uw4fQB zy4C@v0PB0)0xYcgnrvLIJI1Y;hZVLiHQW>Pbq=KwFr|B@(+TGo;>H@LDz#|{GnEqQ$+D`ai~u}!Al?qib1-l zb_^8=9VATipSw}PukqJjuG6xpw7bBr?_N8>LLiU7;WafO(K0NI?|>t%5{YYtV00{X z;yhR+Q-(>At=&h|`iUM#4hgqz*ijcnS4 zaj!+2IdNj~;cUMP6`gdq4)GuOZX7kOfVYmwRS>QRtfrRtut?l1pv8zI`uPgY6zBD!$;=DFc@n8rE(4EwYsd_8;9h=<6fHQEmUP??M+2ICww=#uRY zSz-fU)Nu`10vUS3MMwh0Uc<)sfE+LOb2phxtnSf&aX4~ieBUhMRH9G&LMx~_`1Sc~ zzP5L&lV~-Z2%?mMRO*)2()z)p`y~ro(Y^N@`Tj;uZoj!OjTGu zu?M3d+HUU7VjaL-DnEm1uH=)Qcox&+;8}~SnnK$Xc6q>7ufpi1d)Q zOGh~G>lL!yEn;SiyWxW<;94k0) vR!7{*C8|_YDD6<*sLBSXHUf=YL6-*1a&eXnZ87Tt5z?KUqdw zdmCpnL!99hF9V0;*mz%JZGcK84zNYY{;snBt~{@WW`lR`qO0_Zce;5ZPSF1h8P z2#~_h&IX>qOi2`M zD(S2o3a(E9zp}>iFt+aV^+hh73?L>$%AcE*+)11uF1SUYY?vYLkf%ie%IcOg!F{Y) z64nnSi)>jx22YdpxlUM^LAsAeSA`GjsObc_--RR zE-VT`dQH=G#R{whrZE=*nDGf+F!ShO$_BM5UdW7@48e*~-P8zeluY<(cb97e&&j}4 zFKjmFC(boL%-(bUj0Hd8O|-b0O#=x{IX9qVKhiJ8HYJ0*1O0k%$FbIUxS^l>x5Hu< z#ij&uk*un>pa>&0v4UB`%Y~k%`Einb@ zTkUZ)5U=4da`~9 z3WiTVO#{p9M2+GmW_(7JeY_4%COsN*8$(H=5_nZ}dc)8a#`F*D9s+wC2O&}zhaKuu zz&{<_xPev4*}@P}^({eM#!nW&1v)Hk&j2R}>w?NqQ7{EIf+UFa_jFd(4TKJMx7fc5 zR{f;xZ#A~oN9%D8eXXbqJI!%)&ahajo*^0_0kX=->@v0R0HSIGjQ7G)u(y0Amm66C zlGFGuYs4bI)|`NU%MOG#xvwZ58S?!Hyhww<%iSYISSl~5>4uy3uW%erg~l72>j$HaMx0f%@j*z*;LWGA9n3B@@fv;w8hIxy;Q3< z;1f(F3fCeJC)Wt+x&r#l-a(DDusjx)qxq3%;qQP)#MaMW5j4dKbbbACqw_ajB1@of+*3Oq~- z&qx$Fpm>EFwc}#84w(c&M=6FEc{AV4f;{FqO*Q!0t$!woJG<1nPLmcMs&lb#uaDSp zJ_KqnGgb4B_`4QL7KwZRRcA2<2Lht{lNSD04gVvz?eLH5_}zagWBb8pu#0Js(6~%C zIMWBv6}?49N-*^teAonC}hCyu`Dot+(${ACN}Tvv4{Js50R+H4xn z=n@c23x2ey9AjxOj+i-l^DIp?S$&d@5PuksW%4=dZx_3`ELnZ`ZdWa8EbDnV!t+FL zCAAd{&uA=ACGkrIfwpoM{(B{N?nYq=E`h4u{A#6qRQ#s%Cz+rN_>g)`#2ozm)DxtL zPXjNCiYiuGYG?M-cIlRV9$NLP=uzS<`6fSJ00Z`9>W zMTZYvsJw9(3ZHOsHl1(MqmYvoW!7Kw0ix=v?kcUDSB{Y7O8r&8;+n^h8jFj{3j(C9 zaZi0MV?wx^gX1ifSK+V86x?vnfDO$;k0OSidWs?FNb$s>wv6qJ!QjLt&(ak`8tnNY z@CT^kPB?bogfEn$hf?kIFYDOeW%39z8faOCi(lA^ieQ$3%zP@OBQcrHp2Ts_5P;R; zFGOS%Wul{mKpXBpX{ToBbFg%EDbIJ)lp(_NTZp&O(qg;8wgo|4nr=64IuzZwp0~*J z)@{NKpNB3v$D4pkWv9)qE$lruX?SvOs$S6lzAlmV4|AVB)?^bh5D>wi)}?}ofbdrl zIxEBfsi$;I&B|tl4e6~y$IbzU6vDFEY&x4E8qs=<4K%SVyjGW=aWGz3U6V|njH=ao z>b-+YA=aqXdL{?!zE5JXb;n_%ol}e^SB>H#;OfqPYJ-wff-m;zJ6`c| z$H7{@AbX`y@vcIzCa8bjFca*x;V_&(b`&+)D2{fuTxb#E6~r%?jj9|d51=^kOe0MT z*D*Mq>Ux4MNBgtW0BMJ0VNsf)`Ffgw7)i8n-r-f5<3{U1FUUAQBMTDZHAt1-@#B4V zi!9}8hHRsJ;tJ0RE>6L4y97p%uQa6*U&I4rVZ6z8 zCq;=R&=@&AD+V%Mj(gyBx?j^U*HHh1>BBRMzxjw6N(*+=920v`r@00~O7ka(XyOG<}_X z7R#p++4_gsUd?J)p!+1+GgTiV^VoM5r>h99tEGYt z&O&WsIY@UQSdsA#6!hMiv2f;?X1kVv?zYbPAN7&3{aRfjWOb z5o?VA(he)xX~@ZE+gBtw<2%1Xc1e&Z8}AK0f>uK zS$_c$8;^P1@gmKseh8eLsKMP<+U#Y?wcG@59P^jA@_}x_p%OSIZ1ssj_*n&jK*-5m zbqx4tDMVe0FokdYR{VC%1Im7!ekT@c=F%3}@+6_2?qdw-IgSt5EB&fe^yVg~(?WBB zuQ*Hm3cez2;8y60BFvgKXe?|vjsaZ>`C0`voc7TU2S=>SsN2? z2kz@Qg!0epp98zE+x)^TU-uonN+H@e<(YAKPMvPnEU@!%+RRuP>T(lu7Jq#+hpCs5 z!f@&t&$+m0oD^dC=9>j=RLI!+gJTc6lnIpnUSXf70W&csyCp zfxXTp%L9}s@|msZrkH)*l*L4#+y47C>3TsLy5;+En4JC28J{yA;>7C=^Lw@TGZr6G zZRg|SFM#H+%gCIUjpp0ZUrGIP>XSWuSsQR8h!b>v;Wv7&?&mt$;h4JzeM@~iCbF+` z-lm>sPSiK{!h38?_DX~iMG%ZtWlZ*_?5+74V((kH{@;gVNOXR|JwO>7AL%#uot8Z zEEt6r5Huo)0=l91!y|m&v0$zQqV^Ic=qtX5j|bTg+P*}Bkn~>E`;e(VM%TnArDVGO z3uzOa834so5vm8fa%h6r!kbg7d@vo5Id%FJ)Y5C|Y{kPZue>%MX z8Q}Le)xQJ8q5c5)|C?6-8S3|j#J{74KK`(Oe=q;LJ@KCbes7EVJ0S0)CH~(6{%@1i zKO_9!?ecd5{f8^|ZwbHmzWg)H@5%hXV;b@Pfcbx^{eOn|JuC8e#1zRN5WnR}{u$-> zG{)a4L8O16{7X{fpK*Q<)c($aqx=Ks--m7g4EMYL{dZg*^&fD5^Tz)f 0 ? 1 : 0 sonar_version = var.sonar_version @@ -108,7 +108,7 @@ module "hub_hadr" { module "agentless_gw_main" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = local.agentless_gw_count friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index]) @@ -141,7 +141,7 @@ module "agentless_gw_main" { module "agentless_gw_dr" { source = "imperva/dsf-agentless-gw/azurerm" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = var.agentless_gw_hadr ? local.agentless_gw_count : 0 friendly_name = join("-", [local.deployment_name_salted, "agentless", "gw", count.index, "DR"]) @@ -177,7 +177,7 @@ module "agentless_gw_dr" { module "agentless_gw_hadr" { source = "imperva/dsf-hadr/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag count = length(module.agentless_gw_dr) sonar_version = var.sonar_version @@ -221,7 +221,7 @@ locals { module "federation" { source = "imperva/dsf-federation/null" - version = "1.7.7" # latest release tag + version = "1.7.8" # latest release tag for_each = local.hub_gw_combinations hub_info = { diff --git a/modules/aws/agent-gw/README.md b/modules/aws/agent-gw/README.md index 750fdf3a8..67e430eb6 100644 --- a/modules/aws/agent-gw/README.md +++ b/modules/aws/agent-gw/README.md @@ -83,4 +83,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/aws/agentless-gw/README.md b/modules/aws/agentless-gw/README.md index c76e66ad4..2b6861fc7 100644 --- a/modules/aws/agentless-gw/README.md +++ b/modules/aws/agentless-gw/README.md @@ -194,4 +194,4 @@ module "dsf_agentless_gw" { For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.13-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). diff --git a/modules/aws/db-with-agent/README.md b/modules/aws/db-with-agent/README.md index 28b7d12b0..449fec0d4 100644 --- a/modules/aws/db-with-agent/README.md +++ b/modules/aws/db-with-agent/README.md @@ -69,4 +69,4 @@ module "db_with_agent" { ## Additional Information For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/aws/dra-admin/README.md b/modules/aws/dra-admin/README.md index d53975c0e..8bf3a889d 100644 --- a/modules/aws/dra-admin/README.md +++ b/modules/aws/dra-admin/README.md @@ -72,4 +72,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/aws/dra-analytics/README.md b/modules/aws/dra-analytics/README.md index aed07c441..4993b14bc 100644 --- a/modules/aws/dra-analytics/README.md +++ b/modules/aws/dra-analytics/README.md @@ -78,4 +78,4 @@ module "dsf_dra_analytics" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/aws/hub/README.md b/modules/aws/hub/README.md index 74e796ffc..9ba4e49a9 100644 --- a/modules/aws/hub/README.md +++ b/modules/aws/hub/README.md @@ -147,4 +147,4 @@ module "dsf_hub" { For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.13-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). diff --git a/modules/aws/mx/README.md b/modules/aws/mx/README.md index 34c02b697..2c1deb952 100644 --- a/modules/aws/mx/README.md +++ b/modules/aws/mx/README.md @@ -83,4 +83,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/aws/rds-mssql-db/README.md b/modules/aws/rds-mssql-db/README.md index 8df5793c4..a55beed32 100644 --- a/modules/aws/rds-mssql-db/README.md +++ b/modules/aws/rds-mssql-db/README.md @@ -80,4 +80,4 @@ module "dsf_rds_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/agent-gw/README.md b/modules/azurerm/agent-gw/README.md index 864e52867..482ac3671 100644 --- a/modules/azurerm/agent-gw/README.md +++ b/modules/azurerm/agent-gw/README.md @@ -84,4 +84,4 @@ API access to the DSF Management server is required to provision this module. Pl For more information about the DSF Agent Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/agentless-gw/README.md b/modules/azurerm/agentless-gw/README.md index dac69830d..40db3a070 100644 --- a/modules/azurerm/agentless-gw/README.md +++ b/modules/azurerm/agentless-gw/README.md @@ -100,4 +100,4 @@ SSH access is required to provision this module. To SSH into the Agentless Gatew For more information about the Agentless Gateway and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/db-with-agent/README.md b/modules/azurerm/db-with-agent/README.md index a49528286..ad56803a8 100644 --- a/modules/azurerm/db-with-agent/README.md +++ b/modules/azurerm/db-with-agent/README.md @@ -81,4 +81,4 @@ module "db_with_agent" { ## Additional Information For more information about the DAM Agent and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-database-activity-monitoring-user-guide/page/378.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). diff --git a/modules/azurerm/dra-admin/README.md b/modules/azurerm/dra-admin/README.md index 120d955a3..b1b1e9248 100644 --- a/modules/azurerm/dra-admin/README.md +++ b/modules/azurerm/dra-admin/README.md @@ -83,4 +83,4 @@ module "dsf_dra_admin" { For more information about the DSF DRA Admin and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/README.md b/modules/azurerm/dra-analytics/README.md index d9becb399..83b53c835 100644 --- a/modules/azurerm/dra-analytics/README.md +++ b/modules/azurerm/dra-analytics/README.md @@ -91,4 +91,4 @@ module "dsf_dra_analytics" { For more information about the DSF DRA Analytics and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/z-kb-articles-km/page/4e487f3c.html). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/hub/README.md b/modules/azurerm/hub/README.md index 7fe359183..b90bb05c7 100644 --- a/modules/azurerm/hub/README.md +++ b/modules/azurerm/hub/README.md @@ -98,4 +98,4 @@ SSH access is required to provision this module. To SSH into the DSF Hub instanc For more information about the DSF Hub and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v4.12-sonar-user-guide/page/80401.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/mssql-db/README.md b/modules/azurerm/mssql-db/README.md index 49ec84df0..57526784f 100644 --- a/modules/azurerm/mssql-db/README.md +++ b/modules/azurerm/mssql-db/README.md @@ -54,4 +54,4 @@ module "dsf_mssql" { ## Additional Information -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/azurerm/mx/README.md b/modules/azurerm/mx/README.md index 29c5e1834..dca01fa1d 100644 --- a/modules/azurerm/mx/README.md +++ b/modules/azurerm/mx/README.md @@ -84,4 +84,4 @@ API access is required to provision this module. Please make sure to pass the re For more information about the DSF MX and its features, refer to the official documentation [here](https://docs.imperva.com/bundle/v14.11-dam-management-server-manager-user-guide/page/10068.htm). -For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.7). \ No newline at end of file +For additional information about DSF deployment using terraform, refer to the main repo README [here](https://github.com/imperva/dsfkit/tree/1.7.8). \ No newline at end of file diff --git a/modules/sonar_python_upgrader_1_7_7.zip b/modules/sonar_python_upgrader_1_7_8.zip similarity index 75% rename from modules/sonar_python_upgrader_1_7_7.zip rename to modules/sonar_python_upgrader_1_7_8.zip index 78ae84042770f56b5a04c9ab60ec1f1c52464319..ec768ba263809eb909f7b6f3a229ba7638306778 100644 GIT binary patch delta 1805 zcmaJ=Uq};i9KX$JZT`tk=bzlvayZ=19T~!Ll9?nWTJ&c_O%OF#PIq(L-OY^BUMhmZ zP1oPzQ6n3ezy&}hkN*b{(S%ZzTe$#!|t}B z=u%If$wI-mKd?|l7qd*jZ>IA2)M_x2lC1&zVHMpQSQw@4EF(p4#z)42Dr-_<@mZ|5 zw3D!e>+w)j6tdVg#=QZ#(LftmdC62EFHambD=EQjGL?L6_+bQGFsXP;0S3OBp63HF zYXM-{ats4Xk;w2jiZkH`o!R-q4HHUM3YxXBhhXx9Qa?Z&2;%rA0wvq5^9H~^*+8~q z^Jz6Smo*rzdjo8L6?O1UDxs*sa};%IA?8$Qb9T2zTd_Ya0e!oRt|7ya#85bA6v)l| z<;hrsQE@7us20`jv&*5mrCjZ3A}8EX&5&DbJbB-}f`Fzz0ERtvWFq!T?b+CV^t$-R zV0TY7;iBmkdclMB)@xaZychGJhnGG8mSS~eK5`x-0d$+89i%;eBoy&QXVCiKCws?q zBJ+YC@R*O=iAVBskK16}S4?{83YNLjb>{4aE+0RZ-abB+eBIl22=eS)g`J8AV^Sy{ z({*ts)!t zIC7JVQE+?}tGjI$e2jCp zjFVH8nLBh+0A)m|(3H5x7Xo*L92iNM9x$g2H~X{*4fl0d1oy!}i>~GL5CQ6z>a@gI q@<@XCd#OGvo}YktM0`AwxEf%S?(CExK&D6hzIHvu*Bj&dez7r6MS7 z9FQJ;s3)bA`50qHK@UMsK@UC{5hQ^T^`b9!zW@Hm|Jeqehx73LF5l(YwMevivsI?8n4gt_zN?w3Bf}8*K(JsG$W8zG z=|q!Saw?*z_N?2dW?FXp-Q0yHa>5GLj9BHyQxB{w2xuJyVAR$?CStCZpUve%uZw>y zcDL0ME}CAk9Xwq2Mmg(<{h|hXc;x_KDcV5hBWhRypgSx>llDSmfv_Voi`EA}*;}>; znHTkg$3o0ZJW`kYtt$0~WHP{1IoT`c&YZn)&JmhWY+vflK<6RIvwIbGD&~(0ftWw! z5A$&cf16h%5_>#0Acj3mg_Gs|@q(2jYm6TyOZv}#I=oQxu(v}V$f7rimLfatK7l69 z$Se39J;eJ#d5GfA!Ct7V!v|j731$EHeU%2l7RLcwPgsdv>d$x@t$Jz_u&v2z@>msO zdB6a3qXV2Cj#UT8Dix3gB*VD?XC$wJ2)-P`j{sLo2xJ736DCHcQE5X{oRmI$q84>7 zwv91XM`Tc$RKUzFkS!bP6%cm(iy$`GBD-NpA_$VTV4EDr{CyPXLQG!#Q3&|ECVOED zV;G=$bF%`%SxR|YTn*P(ljh}59Jf*2Ww$6KxCnm~Bumlbd6I8Yu7>n*aCZewcw(Smh}9_d(&~JOai*M; zla#qTbTSUgaJ))Z;vQedxg+GjNWy~wbJB40Pm9oSU-x)$ANIB@T0R&eKz%}koES?U o3lM)NH0H&135a(ma$1yja2Cba6E>NT{r6FPYqC<2`o>J Date: Wed, 24 Jan 2024 16:18:07 +0200 Subject: [PATCH 23/32] Fix readme [skip actions] (#365) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 937d3f321..b626b1c87 100644 --- a/README.md +++ b/README.md @@ -412,7 +412,7 @@ The following table lists the _latest_ eDSF Kit releases, their release date and 1.7.5 - 1. Added a new Agentless source for AWS - RDS PostreSQL. + 1. Added a new agentless source for AWS - RDS PostreSQL.
    2. Updated Azure IAM required permissions.
    3. Improvements and bug fixes. @@ -424,7 +424,7 @@ The following table lists the _latest_ eDSF Kit releases, their release date and 1. Added support for DRA in Azure. -
    2. Added a new Agentless source for Azure - MsSQL. +
    2. Added a new agentless source for Azure - MSSQL.
    3. Improvements and bug fixes. From a4c5c77ca14073bf59c7553ae9cfe5fb477667c0 Mon Sep 17 00:00:00 2001 From: Linda Nasredin Date: Wed, 24 Jan 2024 17:50:27 +0200 Subject: [PATCH 24/32] EDSF-532 Support Terraform version 1.7.0 (#364) --- .github/workflows/dsf_poc_cli.yml | 2 +- .github/workflows/dsf_poc_cli_azure.yml | 2 +- .github/workflows/dsf_single_account_cli.yml | 2 +- .github/workflows/nightly_sonar_poc_basic_cli.yml | 2 +- .github/workflows/plan_cli.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/sonar_multi_account_cli.yml | 2 +- .github/workflows/sonar_poc_cli.yml | 2 +- .github/workflows/sonar_upgrade.yml | 2 +- README.md | 6 +++--- .../installation/dsf_single_account_deployment/versions.tf | 2 +- .../installation/sonar_multi_account_deployment/versions.tf | 2 +- .../sonar_single_account_deployment/versions.tf | 2 +- examples/aws/poc/dsf_deployment/versions.tf | 2 +- examples/aws/poc/sonar_basic_deployment/versions.tf | 2 +- examples/aws/poc/sonar_hadr_deployment/versions.tf | 2 +- examples/aws/sonar_upgrade/versions.tf | 2 +- examples/azure/poc/dsf_deployment/versions.tf | 2 +- modules/aws/agent-gw/versions.tf | 2 +- modules/aws/agentless-gw/versions.tf | 2 +- modules/aws/core/globals/versions.tf | 2 +- modules/aws/core/key_pair/versions.tf | 2 +- modules/aws/dam-base-instance/versions.tf | 2 +- modules/aws/db-with-agent/versions.tf | 2 +- modules/aws/dra-admin/versions.tf | 2 +- modules/aws/dra-analytics/versions.tf | 2 +- modules/aws/hub/versions.tf | 2 +- modules/aws/mx/versions.tf | 2 +- modules/aws/poc-db-onboarder/versions.tf | 2 +- modules/aws/rds-mssql-db/versions.tf | 4 ++-- modules/aws/rds-mysql-db/versions.tf | 2 +- modules/aws/rds-postgres-db/versions.tf | 2 +- modules/aws/sonar-base-instance/versions.tf | 2 +- modules/aws/sonar-upgrader/versions.tf | 2 +- modules/aws/statistics/versions.tf | 2 +- modules/azurerm/agent-gw/versions.tf | 2 +- modules/azurerm/agentless-gw/versions.tf | 2 +- modules/azurerm/core/globals/versions.tf | 2 +- modules/azurerm/dam-base-instance/versions.tf | 2 +- modules/azurerm/db-with-agent/versions.tf | 2 +- modules/azurerm/dra-admin/versions.tf | 2 +- modules/azurerm/dra-analytics/versions.tf | 2 +- modules/azurerm/hub/versions.tf | 2 +- modules/azurerm/mssql-db/versions.tf | 2 +- modules/azurerm/mx/versions.tf | 2 +- modules/azurerm/poc-db-onboarder/versions.tf | 2 +- modules/azurerm/sonar-base-instance/versions.tf | 2 +- modules/azurerm/statistics/versions.tf | 2 +- modules/null/agent-gw-cluster-setup/versions.tf | 2 +- modules/null/federation/versions.tf | 2 +- modules/null/hadr/versions.tf | 2 +- modules/null/poc-db-onboarder/versions.tf | 2 +- modules/null/statistics/versions.tf | 2 +- 53 files changed, 56 insertions(+), 56 deletions(-) diff --git a/.github/workflows/dsf_poc_cli.yml b/.github/workflows/dsf_poc_cli.yml index 9f98bed7f..8afa52a9d 100644 --- a/.github/workflows/dsf_poc_cli.yml +++ b/.github/workflows/dsf_poc_cli.yml @@ -155,7 +155,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index c23ca2e1d..9f31f9378 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -180,7 +180,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/.github/workflows/dsf_single_account_cli.yml b/.github/workflows/dsf_single_account_cli.yml index 716709a7d..c13ea1f24 100644 --- a/.github/workflows/dsf_single_account_cli.yml +++ b/.github/workflows/dsf_single_account_cli.yml @@ -178,7 +178,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/.github/workflows/nightly_sonar_poc_basic_cli.yml b/.github/workflows/nightly_sonar_poc_basic_cli.yml index 49ceedba5..22cdde4af 100644 --- a/.github/workflows/nightly_sonar_poc_basic_cli.yml +++ b/.github/workflows/nightly_sonar_poc_basic_cli.yml @@ -89,7 +89,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/.github/workflows/plan_cli.yml b/.github/workflows/plan_cli.yml index adebc91b9..582f06f0b 100644 --- a/.github/workflows/plan_cli.yml +++ b/.github/workflows/plan_cli.yml @@ -136,7 +136,7 @@ jobs: - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Create License File env: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5da28381b..32afb9d12 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -72,7 +72,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Format version for zip file name run: | diff --git a/.github/workflows/sonar_multi_account_cli.yml b/.github/workflows/sonar_multi_account_cli.yml index 5bddbe1c4..5eef224d6 100644 --- a/.github/workflows/sonar_multi_account_cli.yml +++ b/.github/workflows/sonar_multi_account_cli.yml @@ -121,7 +121,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/.github/workflows/sonar_poc_cli.yml b/.github/workflows/sonar_poc_cli.yml index 97d73a411..41438276d 100644 --- a/.github/workflows/sonar_poc_cli.yml +++ b/.github/workflows/sonar_poc_cli.yml @@ -127,7 +127,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/.github/workflows/sonar_upgrade.yml b/.github/workflows/sonar_upgrade.yml index e92a961d2..3b2b875f5 100644 --- a/.github/workflows/sonar_upgrade.yml +++ b/.github/workflows/sonar_upgrade.yml @@ -137,7 +137,7 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - terraform_version: ~1.6.0 + terraform_version: ~1.7.0 - name: Setup jq uses: sergeysova/jq-action@v2 diff --git a/README.md b/README.md index b626b1c87..d130d689b 100644 --- a/README.md +++ b/README.md @@ -139,7 +139,7 @@ This guide references the following information and links, some of which are ava Download Terraform -Latest Supported Terraform Version: 1.5.x. Using a higher version may result in unexpected behavior or errors. +Latest Supported Terraform Version: 1.7.x. Using a higher version may result in unexpected behavior or errors. @@ -458,7 +458,7 @@ Before using eDSF Kit to deploy DSF, it is necessary to satisfy a set of prerequ 1. Only if you chose the [CLI Deployment Mode](#cli-deployment-mode), install [Git](https://git-scm.com). 2. Only if you chose the [CLI Deployment Mode](#cli-deployment-mode), install [Terraform](https://www.terraform.io). It is recommended on MacOS systems to use the "Package Manager" option during installation. -3. Latest Supported Terraform Version: 1.6.x. Using a higher version may result in unexpected behavior or errors. +3. Latest Supported Terraform Version: 1.7.x. Using a higher version may result in unexpected behavior or errors. 4. [jq](https://jqlang.github.io/jq/) - Command-line JSON processor. 5. [curl](https://curl.se/) - Command-line tool for transferring data. @@ -1071,7 +1071,7 @@ Before using eDSF Kit to upgrade DSF Hubs and Agentless Gateways, it is necessar 2. Only if you chose the [CLI Upgrade Mode](#cli-upgrade-mode), install [Git](https://git-scm.com). 3. Only if you chose the [CLI Upgrade Mode](#cli-upgrade-mode), install [Terraform](https://www.terraform.io). It is recommended on MacOS systems to use the "Package Manager" option during installation. 4. Only if you chose the [CLI Upgrade Mode](#cli-upgrade-mode), install [Python 3](https://www.python.org). -5. Latest Supported Terraform Version: 1.6.x. Using a higher version may result in unexpected behavior or errors. +5. Latest Supported Terraform Version: 1.7.x. Using a higher version may result in unexpected behavior or errors. 6. The upgrade requires permission and network access (SSH) from your computer or the installer machine (depending on your choice of upgrade mode) to the deployed environment on AWS. ### Additional Prerequisites diff --git a/examples/aws/installation/dsf_single_account_deployment/versions.tf b/examples/aws/installation/dsf_single_account_deployment/versions.tf index 23724e137..8ed85317d 100644 --- a/examples/aws/installation/dsf_single_account_deployment/versions.tf +++ b/examples/aws/installation/dsf_single_account_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/examples/aws/installation/sonar_multi_account_deployment/versions.tf b/examples/aws/installation/sonar_multi_account_deployment/versions.tf index 87c868ff4..581f7504f 100644 --- a/examples/aws/installation/sonar_multi_account_deployment/versions.tf +++ b/examples/aws/installation/sonar_multi_account_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/examples/aws/installation/sonar_single_account_deployment/versions.tf b/examples/aws/installation/sonar_single_account_deployment/versions.tf index 87c868ff4..581f7504f 100644 --- a/examples/aws/installation/sonar_single_account_deployment/versions.tf +++ b/examples/aws/installation/sonar_single_account_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/examples/aws/poc/dsf_deployment/versions.tf b/examples/aws/poc/dsf_deployment/versions.tf index 23724e137..8ed85317d 100644 --- a/examples/aws/poc/dsf_deployment/versions.tf +++ b/examples/aws/poc/dsf_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/examples/aws/poc/sonar_basic_deployment/versions.tf b/examples/aws/poc/sonar_basic_deployment/versions.tf index 87c868ff4..581f7504f 100644 --- a/examples/aws/poc/sonar_basic_deployment/versions.tf +++ b/examples/aws/poc/sonar_basic_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/examples/aws/poc/sonar_hadr_deployment/versions.tf b/examples/aws/poc/sonar_hadr_deployment/versions.tf index 87c868ff4..581f7504f 100644 --- a/examples/aws/poc/sonar_hadr_deployment/versions.tf +++ b/examples/aws/poc/sonar_hadr_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/examples/aws/sonar_upgrade/versions.tf b/examples/aws/sonar_upgrade/versions.tf index 3ec2b2811..36219a637 100644 --- a/examples/aws/sonar_upgrade/versions.tf +++ b/examples/aws/sonar_upgrade/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } diff --git a/examples/azure/poc/dsf_deployment/versions.tf b/examples/azure/poc/dsf_deployment/versions.tf index c1f2dc8e9..45ecd887f 100644 --- a/examples/azure/poc/dsf_deployment/versions.tf +++ b/examples/azure/poc/dsf_deployment/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/aws/agent-gw/versions.tf b/modules/aws/agent-gw/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/agent-gw/versions.tf +++ b/modules/aws/agent-gw/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/agentless-gw/versions.tf b/modules/aws/agentless-gw/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/agentless-gw/versions.tf +++ b/modules/aws/agentless-gw/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/core/globals/versions.tf b/modules/aws/core/globals/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/core/globals/versions.tf +++ b/modules/aws/core/globals/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/core/key_pair/versions.tf b/modules/aws/core/key_pair/versions.tf index 23724e137..8ed85317d 100644 --- a/modules/aws/core/key_pair/versions.tf +++ b/modules/aws/core/key_pair/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/dam-base-instance/versions.tf b/modules/aws/dam-base-instance/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/dam-base-instance/versions.tf +++ b/modules/aws/dam-base-instance/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/db-with-agent/versions.tf b/modules/aws/db-with-agent/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/db-with-agent/versions.tf +++ b/modules/aws/db-with-agent/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/dra-admin/versions.tf b/modules/aws/dra-admin/versions.tf index 66fd2a10c..869137a90 100644 --- a/modules/aws/dra-admin/versions.tf +++ b/modules/aws/dra-admin/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/dra-analytics/versions.tf b/modules/aws/dra-analytics/versions.tf index 66fd2a10c..869137a90 100644 --- a/modules/aws/dra-analytics/versions.tf +++ b/modules/aws/dra-analytics/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/hub/versions.tf b/modules/aws/hub/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/hub/versions.tf +++ b/modules/aws/hub/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/mx/versions.tf b/modules/aws/mx/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/mx/versions.tf +++ b/modules/aws/mx/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/poc-db-onboarder/versions.tf b/modules/aws/poc-db-onboarder/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/poc-db-onboarder/versions.tf +++ b/modules/aws/poc-db-onboarder/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/rds-mssql-db/versions.tf b/modules/aws/rds-mssql-db/versions.tf index 2c034a2cb..dfaba2d42 100644 --- a/modules/aws/rds-mssql-db/versions.tf +++ b/modules/aws/rds-mssql-db/versions.tf @@ -1,9 +1,9 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { - source = "hashicorp/aws" + source = "hashicorp/aws" version = ">= 4.23.0" configuration_aliases = [aws.poc_scripts_s3_region] } diff --git a/modules/aws/rds-mysql-db/versions.tf b/modules/aws/rds-mysql-db/versions.tf index 07a5d3bb7..272db1955 100644 --- a/modules/aws/rds-mysql-db/versions.tf +++ b/modules/aws/rds-mysql-db/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/rds-postgres-db/versions.tf b/modules/aws/rds-postgres-db/versions.tf index 07a5d3bb7..272db1955 100644 --- a/modules/aws/rds-postgres-db/versions.tf +++ b/modules/aws/rds-postgres-db/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/sonar-base-instance/versions.tf b/modules/aws/sonar-base-instance/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/sonar-base-instance/versions.tf +++ b/modules/aws/sonar-base-instance/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/aws/sonar-upgrader/versions.tf b/modules/aws/sonar-upgrader/versions.tf index 3ec2b2811..36219a637 100644 --- a/modules/aws/sonar-upgrader/versions.tf +++ b/modules/aws/sonar-upgrader/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } diff --git a/modules/aws/statistics/versions.tf b/modules/aws/statistics/versions.tf index f205f46c6..272db1955 100644 --- a/modules/aws/statistics/versions.tf +++ b/modules/aws/statistics/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/azurerm/agent-gw/versions.tf b/modules/azurerm/agent-gw/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/agent-gw/versions.tf +++ b/modules/azurerm/agent-gw/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/agentless-gw/versions.tf b/modules/azurerm/agentless-gw/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/agentless-gw/versions.tf +++ b/modules/azurerm/agentless-gw/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/core/globals/versions.tf b/modules/azurerm/core/globals/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/core/globals/versions.tf +++ b/modules/azurerm/core/globals/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/dam-base-instance/versions.tf b/modules/azurerm/dam-base-instance/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/dam-base-instance/versions.tf +++ b/modules/azurerm/dam-base-instance/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/db-with-agent/versions.tf b/modules/azurerm/db-with-agent/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/db-with-agent/versions.tf +++ b/modules/azurerm/db-with-agent/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/dra-admin/versions.tf b/modules/azurerm/dra-admin/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/dra-admin/versions.tf +++ b/modules/azurerm/dra-admin/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/dra-analytics/versions.tf b/modules/azurerm/dra-analytics/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/dra-analytics/versions.tf +++ b/modules/azurerm/dra-analytics/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/hub/versions.tf b/modules/azurerm/hub/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/hub/versions.tf +++ b/modules/azurerm/hub/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/mssql-db/versions.tf b/modules/azurerm/mssql-db/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/mssql-db/versions.tf +++ b/modules/azurerm/mssql-db/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/mx/versions.tf b/modules/azurerm/mx/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/mx/versions.tf +++ b/modules/azurerm/mx/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/poc-db-onboarder/versions.tf b/modules/azurerm/poc-db-onboarder/versions.tf index f205f46c6..272db1955 100644 --- a/modules/azurerm/poc-db-onboarder/versions.tf +++ b/modules/azurerm/poc-db-onboarder/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { aws = { diff --git a/modules/azurerm/sonar-base-instance/versions.tf b/modules/azurerm/sonar-base-instance/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/sonar-base-instance/versions.tf +++ b/modules/azurerm/sonar-base-instance/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/azurerm/statistics/versions.tf b/modules/azurerm/statistics/versions.tf index 2236d91ec..b13422df7 100644 --- a/modules/azurerm/statistics/versions.tf +++ b/modules/azurerm/statistics/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" required_providers { azurerm = { diff --git a/modules/null/agent-gw-cluster-setup/versions.tf b/modules/null/agent-gw-cluster-setup/versions.tf index 3ec2b2811..36219a637 100644 --- a/modules/null/agent-gw-cluster-setup/versions.tf +++ b/modules/null/agent-gw-cluster-setup/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } diff --git a/modules/null/federation/versions.tf b/modules/null/federation/versions.tf index 3ec2b2811..36219a637 100644 --- a/modules/null/federation/versions.tf +++ b/modules/null/federation/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } diff --git a/modules/null/hadr/versions.tf b/modules/null/hadr/versions.tf index 3ec2b2811..36219a637 100644 --- a/modules/null/hadr/versions.tf +++ b/modules/null/hadr/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } diff --git a/modules/null/poc-db-onboarder/versions.tf b/modules/null/poc-db-onboarder/versions.tf index 3ec2b2811..36219a637 100644 --- a/modules/null/poc-db-onboarder/versions.tf +++ b/modules/null/poc-db-onboarder/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } diff --git a/modules/null/statistics/versions.tf b/modules/null/statistics/versions.tf index 3ec2b2811..36219a637 100644 --- a/modules/null/statistics/versions.tf +++ b/modules/null/statistics/versions.tf @@ -1,3 +1,3 @@ terraform { - required_version = ">= 1.3.1, < 1.7.0" + required_version = ">= 1.3.1, < 1.8.0" } From 1826f6bf6e6fcd473be62f02a68ce46561d8f8ee Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Wed, 24 Jan 2024 17:52:33 +0200 Subject: [PATCH 25/32] Added future version history entry --- README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d130d689b..56783ec2a 100644 --- a/README.md +++ b/README.md @@ -417,7 +417,7 @@ The following table lists the _latest_ eDSF Kit releases, their release date and
    3. Improvements and bug fixes. - + 24 Jan 2024 1.7.8 @@ -428,6 +428,15 @@ The following table lists the _latest_ eDSF Kit releases, their release date and
    3. Improvements and bug fixes. + + Coming soon + + + + + 1. Added support for Terraform version 1.7.x. + + # Getting Ready to Deploy From a5a89a5dcf617b6b2237b63e1af8b0727959c2d0 Mon Sep 17 00:00:00 2001 From: Eytan Naim Date: Wed, 24 Jan 2024 21:52:27 +0200 Subject: [PATCH 26/32] wip --- .../poc/dsf_deployment/agentless_sources.tf | 4 +- modules/aws/poc-db-onboarder/main.tf | 107 ++++++------------ modules/azurerm/poc-db-onboarder/main.tf | 14 ++- modules/null/poc-db-onboarder/main.tf | 25 ++-- modules/null/poc-db-onboarder/variables.tf | 23 +++- 5 files changed, 85 insertions(+), 88 deletions(-) diff --git a/examples/aws/poc/dsf_deployment/agentless_sources.tf b/examples/aws/poc/dsf_deployment/agentless_sources.tf index 7621aef39..62a501182 100644 --- a/examples/aws/poc/dsf_deployment/agentless_sources.tf +++ b/examples/aws/poc/dsf_deployment/agentless_sources.tf @@ -38,9 +38,7 @@ module "rds_mssql" { } module "db_onboarding" { - source = "imperva/dsf-poc-db-onboarder/aws" - version = "1.7.7" # latest release tag - for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql) : idx => val } + for_each = { for idx, val in concat(module.rds_mysql, module.rds_mssql, module.rds_postgres) : idx => val } usc_access_token = module.hub_main[0].access_tokens.usc.token hub_info = { diff --git a/modules/aws/poc-db-onboarder/main.tf b/modules/aws/poc-db-onboarder/main.tf index 294616b60..de4458f72 100644 --- a/modules/aws/poc-db-onboarder/main.tf +++ b/modules/aws/poc-db-onboarder/main.tf @@ -35,82 +35,47 @@ data "aws_caller_identity" "current" {} data "aws_region" "current" {} -locals { - cloud_account_data = { - data = { - applianceId = 1, - applianceType = "DSF_HUB", - id = "arn:aws:iam::${data.aws_caller_identity.current.account_id}", - serverType = "AWS", - auditState = "NO", - gatewayId = var.assignee_gw - assetData = { - admin_email = "admin@email.com", - "Server Port" = 443, - asset_display_name = "Auto Onboarded AWS Account", - auth_mechanism = "default", - arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}", - region = data.aws_region.current.name, - } - } - } - database_asset_data = { - data : { - applianceType : "DSF_HUB", - applianceId : 1, - serverType : local.server_type_by_engine_map[var.database_details.db_engine], - gatewayId : var.assignee_gw, - parentAssetId : local.cloud_account_data.data.id, - assetData : { - "Server Port" : var.database_details.db_port, - database_name : var.database_details.db_name, - "Service Name" : var.database_details.db_name, - db_engine : var.database_details.db_engine, - auth_mechanism : "password", - username : var.database_details.db_username, - password : var.database_details.db_password, - region : data.aws_region.current.name, - asset_source : "AWS", - "Server Host Name" : var.database_details.db_address, - admin_email = "admin@email.com", - arn : var.database_details.db_arn, - asset_display_name : var.database_details.db_identifier, - isMonitored : var.enable_audit - } - } - } -} -resource "null_resource" "onboard_db_to_dsf" { - connection { - type = "ssh" - user = var.hub_info.hub_ssh_user - private_key = file(var.hub_info.hub_private_ssh_key_path) - host = var.hub_info.hub_ip_address +module "onboard_db_to_dsf" { + source = "../../../modules/null/poc-db-onboarder" + + assignee_gw = var.assignee_gw - bastion_host = local.bastion_host - bastion_private_key = local.bastion_private_key - bastion_user = local.bastion_user + usc_access_token = var.usc_access_token + enable_audit = var.enable_audit - script_path = local.script_path + database_data = { + id = { + name = "arn" + value = var.database_details.db_arn + } + name = var.database_details.db_identifier + hostname = var.database_details.db_address + port = var.database_details.db_port + server_type = local.server_type_by_engine_map[var.database_details.db_engine] } - provisioner "remote-exec" { - inline = [ - templatefile("${path.module}/onboard.tftpl", { - cloud_account_data = jsonencode(local.cloud_account_data), - database_asset_data = jsonencode(local.database_asset_data) - db_arn = var.database_details.db_arn - account_arn = local.cloud_account_data.data.id - usc_access_token = var.usc_access_token - enable_audit = var.enable_audit - }) - ] + cloud_account_data = { + id = { + name = "arn" + value = "arn:aws:iam::${data.aws_caller_identity.current.account_id}" + } + name = data.aws_caller_identity.current.account_id + type = "AWS" + connections_data = [] } - triggers = { - db_arn = var.database_details.db_arn + + cloud_account_additional_data = { + auth_mechanism = "default" + region = data.aws_region.current.name } - depends_on = [ - aws_iam_role_policy_attachment.policy_attach - ] + database_additional_data = { + region = data.aws_region.current.name + } + + hub_info = var.hub_info + hub_proxy_info = var.hub_proxy_info + terraform_script_path_folder = var.terraform_script_path_folder + + depends_on = [aws_iam_role_policy_attachment.policy_attach] } diff --git a/modules/azurerm/poc-db-onboarder/main.tf b/modules/azurerm/poc-db-onboarder/main.tf index 69fbb9637..271001535 100644 --- a/modules/azurerm/poc-db-onboarder/main.tf +++ b/modules/azurerm/poc-db-onboarder/main.tf @@ -26,7 +26,10 @@ module "onboard_db_to_dsf" { enable_audit = var.enable_audit database_data = { - id = var.database_details.db_server_id + id = { + name = "asset_id" + value = var.database_details.db_server_id + } name = var.database_details.db_identifier location = var.resource_group.location hostname = var.database_details.db_address @@ -35,7 +38,10 @@ module "onboard_db_to_dsf" { } cloud_account_data = { - id = data.azurerm_subscription.current.id + id = { + name = "asset_id" + value = data.azurerm_subscription.current.id + } name = data.azurerm_subscription.current.display_name type = "AZURE" connections_data = [ @@ -49,6 +55,10 @@ module "onboard_db_to_dsf" { ] } + database_additional_data = { + location = var.resource_group.location + } + hub_info = var.hub_info hub_proxy_info = var.hub_proxy_info terraform_script_path_folder = var.terraform_script_path_folder diff --git a/modules/null/poc-db-onboarder/main.tf b/modules/null/poc-db-onboarder/main.tf index a092bac9c..b71930572 100644 --- a/modules/null/poc-db-onboarder/main.tf +++ b/modules/null/poc-db-onboarder/main.tf @@ -15,14 +15,15 @@ locals { applianceType = local.applianceType, serverType = var.cloud_account_data.type, gatewayId = var.assignee_gw - id = var.cloud_account_data.id, - assetData = { + id = var.cloud_account_data.id.value, + assetData = merge({ admin_email = local.admin_email, asset_display_name = "Auto Onboarded Account: (${var.cloud_account_data.name})", - asset_id = var.cloud_account_data.id, + (var.cloud_account_data.id.name) = var.cloud_account_data.id.value, "Server Host Name" = "${var.cloud_account_data.type}.com", connections = var.cloud_account_data.connections_data - } + }, + var.cloud_account_additional_data) } } @@ -33,17 +34,18 @@ locals { gatewayId : var.assignee_gw, parentAssetId : local.cloud_account_data.data.id, serverType : var.database_data.server_type, - id = var.database_data.id, - assetData : { + id = var.database_data.id.value, + assetData : merge({ admin_email = local.admin_email, asset_display_name : var.database_data.name, - asset_id = var.database_data.id, - location : var.database_data.location, + (var.database_data.id.name) = var.database_data.id.value, "Server Host Name" : var.database_data.hostname, "Server Port" : var.database_data.port, "Server IP" : var.database_data.hostname, isMonitored : var.enable_audit - } + }, + var.database_additional_data + ) } } } @@ -74,4 +76,9 @@ resource "null_resource" "onboard_db_to_dsf" { }) ] } + + triggers = { + db_id = var.database_data.id.name +# always_run = "${timestamp()}" + } } diff --git a/modules/null/poc-db-onboarder/variables.tf b/modules/null/poc-db-onboarder/variables.tf index 43d5a2415..b9cd509c7 100644 --- a/modules/null/poc-db-onboarder/variables.tf +++ b/modules/null/poc-db-onboarder/variables.tf @@ -41,7 +41,10 @@ variable "usc_access_token" { variable "cloud_account_data" { type = object({ - id = string + id = object({ + name = string + value = string + }) name = string type = string connections_data = list(any) @@ -49,17 +52,31 @@ variable "cloud_account_data" { description = "Cloud account data" } +variable "cloud_account_additional_data" { + type = any + description = "Cloud account additinal data" + default = {} +} + variable "database_data" { type = object({ server_type = string - id = string + id = object({ + name = string + value = string + }) name = string - location = string hostname = string port = number }) } +variable "database_additional_data" { + type = any + description = "Database additinal data" + default = {} +} + variable "terraform_script_path_folder" { type = string description = "Terraform script path folder to create terraform temporary script files on a private DSF node. Use '.' to represent the instance home directory" From 69f91391e7752039b7d70113bf894dba35b816b0 Mon Sep 17 00:00:00 2001 From: Eytan Naim Date: Thu, 25 Jan 2024 07:40:26 +0200 Subject: [PATCH 27/32] wip --- .github/workflows/deploy_module.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy_module.yml b/.github/workflows/deploy_module.yml index b838fa208..350f5d3d8 100644 --- a/.github/workflows/deploy_module.yml +++ b/.github/workflows/deploy_module.yml @@ -43,6 +43,7 @@ jobs: - source_module: "aws/poc-db-onboarder" destination_repo: "terraform-aws-dsf-poc-db-onboarder" public_submodule: "aws/rds-mysql-db aws/rds-mssql-db aws/rds-postgres-db" + hidden_submodules: "null/poc-db-onboarder" begin_tag: 1.0.0 - source_module: "aws/sonar-upgrader" From 8e4af2e8c1cc1d22f2954f108cfe9d2b9631a9c9 Mon Sep 17 00:00:00 2001 From: Eytan Naim Date: Thu, 25 Jan 2024 14:18:25 +0200 Subject: [PATCH 28/32] Example | Azure | Add agentless sources to README [skip actions] --- examples/aws/poc/dsf_deployment/README.md | 1 - examples/azure/poc/dsf_deployment/README.md | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/aws/poc/dsf_deployment/README.md b/examples/aws/poc/dsf_deployment/README.md index b4dc28f78..a1c4252e5 100644 --- a/examples/aws/poc/dsf_deployment/README.md +++ b/examples/aws/poc/dsf_deployment/README.md @@ -61,7 +61,6 @@ This configuration will enable the Sonar module, including the DSF Hub, while di Feel free to customize your deployment by setting the appropriate variables based on your requirements. - ## Variables Several variables in the `variables.tf` file are important for configuring the deployment. The following variables dictate the deployment content and should be paid more attention to: diff --git a/examples/azure/poc/dsf_deployment/README.md b/examples/azure/poc/dsf_deployment/README.md index c15aca270..54d7374d8 100644 --- a/examples/azure/poc/dsf_deployment/README.md +++ b/examples/azure/poc/dsf_deployment/README.md @@ -79,6 +79,7 @@ Several variables in the `variables.tf` file are important for configuring the d - `agentless_gw_hadr`: Enable Agentless Gateway High Availability Disaster Recovery (HADR) ### Audit Sources for Simulation Purposes +- `simulation_db_types_for_agentless`: Types of databases to provision and onboard to an Agentless Gateway - `simulation_db_types_for_agent`: Types of databases to provision for Agent Gateways ## Mandatory Variables From ed2c62bcb42e4981922fa2f874b0a8dc86d9b6c9 Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Thu, 25 Jan 2024 15:52:02 +0200 Subject: [PATCH 29/32] DRA | Fix automation - clean step (#366) --- .github/workflows/dsf_poc_cli_azure.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dsf_poc_cli_azure.yml b/.github/workflows/dsf_poc_cli_azure.yml index 9f31f9378..73cddc16f 100644 --- a/.github/workflows/dsf_poc_cli_azure.yml +++ b/.github/workflows/dsf_poc_cli_azure.yml @@ -215,7 +215,7 @@ jobs: mv $EXAMPLE_DIR/outputs.tf{_,} mv $EXAMPLE_DIR/sonar.tf{_,} mv $EXAMPLE_DIR/dam.tf{_,} - mv $EXAMPLE_DIR/dra.tf{,_} + mv $EXAMPLE_DIR/dra.tf{_,} mv $EXAMPLE_DIR/agent_sources.tf{_,} mv $EXAMPLE_DIR/agentless_sources.tf{_,} mv $EXAMPLE_DIR/networking.tf{_,} From dbd09592750142576138db7a6bed5abcde9d05f4 Mon Sep 17 00:00:00 2001 From: "linda.nasredin" Date: Thu, 25 Jan 2024 16:35:08 +0200 Subject: [PATCH 30/32] Added description to outputs [skip actions] --- modules/aws/core/globals/outputs.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/aws/core/globals/outputs.tf b/modules/aws/core/globals/outputs.tf index ab82ec67c..8bda1ad02 100644 --- a/modules/aws/core/globals/outputs.tf +++ b/modules/aws/core/globals/outputs.tf @@ -54,10 +54,12 @@ output "dra_version" { } output "sonar_supported_versions" { + description = "Sonar versions which are supported by at least one module" value = local.sonar_supported_versions } output "sonar_fully_supported_versions" { + description = "Sonar versions which are supported in by all modules" value = local.sonar_fully_supported_versions } From 71db0cd3bf0e494ba287684dbab2cd0f2a935701 Mon Sep 17 00:00:00 2001 From: Christopher Papke Date: Thu, 25 Jan 2024 08:35:46 -0800 Subject: [PATCH 31/32] Update main.tf --- modules/aws/core/globals/main.tf | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/modules/aws/core/globals/main.tf b/modules/aws/core/globals/main.tf index b05d0f978..059ccf2f4 100644 --- a/modules/aws/core/globals/main.tf +++ b/modules/aws/core/globals/main.tf @@ -1,8 +1,5 @@ locals { sonar_tarball_s3_key_map = { - "4.14" = "jsonar-4.14.0.10.0.tar.gz" - "4.14.0.10" = "jsonar-4.14.0.10.0.tar.gz" - "4.13" = "jsonar-4.13.0.20.0.tar.gz" "4.13.0.20" = "jsonar-4.13.0.20.0.tar.gz" "4.13.0.10" = "jsonar-4.13.0.10.0.tar.gz" @@ -80,4 +77,4 @@ resource "random_password" "pass" { min_special = 1 min_upper = 1 override_special = "*+#%^:/~.,[]_" -} \ No newline at end of file +} From 9caa79b2fc72e5ba0bdaaa9ab0234e0e85fbe5dd Mon Sep 17 00:00:00 2001 From: hadar-timan <55065300+hadar-timan@users.noreply.github.com> Date: Tue, 30 Jan 2024 13:29:53 +0200 Subject: [PATCH 32/32] DRA | Add Admin success indication to statistics (#368) --- modules/aws/dra-admin/main.tf | 44 +++++++++---------- .../readiness.tftpl} | 0 modules/aws/dra-analytics/main.tf | 4 +- .../dra-analytics/readiness.tftpl} | 0 modules/azurerm/dra-admin/main.tf | 44 +++++++++---------- modules/azurerm/dra-admin/readiness.tftpl | 8 ++++ modules/azurerm/dra-analytics/main.tf | 4 +- modules/azurerm/dra-analytics/readiness.tftpl | 8 ++++ 8 files changed, 64 insertions(+), 48 deletions(-) rename modules/aws/{dra-analytics/waiter.tftpl => dra-admin/readiness.tftpl} (100%) mode change 100755 => 100644 rename modules/{azurerm/dra-analytics/waiter.tftpl => aws/dra-analytics/readiness.tftpl} (100%) mode change 100644 => 100755 create mode 100644 modules/azurerm/dra-admin/readiness.tftpl create mode 100644 modules/azurerm/dra-analytics/readiness.tftpl diff --git a/modules/aws/dra-admin/main.tf b/modules/aws/dra-admin/main.tf index 3c1e4d4a0..08b292bd7 100644 --- a/modules/aws/dra-admin/main.tf +++ b/modules/aws/dra-admin/main.tf @@ -13,9 +13,9 @@ locals { admin_ssh_password_secret_arn = aws_secretsmanager_secret.admin_ssh_password.arn }) - # readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { - # admin_server_public_ip = try(local.public_ip, local.private_ip) - # }) + readiness_script = templatefile("${path.module}/readiness.tftpl", { + admin_server_public_ip = try(local.public_ip, local.private_ip) + }) } resource "aws_eip" "dsf_instance_eip" { @@ -71,22 +71,22 @@ module "statistics" { artifact = "ami://${sha256(data.aws_ami.selected-ami.image_id)}@${var.dra_version}" } -#resource "null_resource" "readiness" { -# provisioner "local-exec" { -# command = local.readiness_script -# interpreter = ["/bin/bash", "-c"] -# } -# depends_on = [ -# aws_instance.dsf_base_instance, -# module.statistics -# ] -#} -# -#module "statistics_success" { -# source = "../../../modules/aws/statistics" -# count = var.send_usage_statistics ? 1 : 0 -# -# id = module.statistics[0].id -# status = "success" -# depends_on = [null_resource.readiness] -#} \ No newline at end of file +resource "null_resource" "readiness" { + provisioner "local-exec" { + command = local.readiness_script + interpreter = ["/bin/bash", "-c"] + } + depends_on = [ + aws_instance.dsf_base_instance, + module.statistics + ] +} + +module "statistics_success" { + source = "../../../modules/aws/statistics" + count = var.send_usage_statistics ? 1 : 0 + + id = module.statistics[0].id + status = "success" + depends_on = [null_resource.readiness] +} diff --git a/modules/aws/dra-analytics/waiter.tftpl b/modules/aws/dra-admin/readiness.tftpl old mode 100755 new mode 100644 similarity index 100% rename from modules/aws/dra-analytics/waiter.tftpl rename to modules/aws/dra-admin/readiness.tftpl diff --git a/modules/aws/dra-analytics/main.tf b/modules/aws/dra-analytics/main.tf index cc2bec04a..107a3eb69 100644 --- a/modules/aws/dra-analytics/main.tf +++ b/modules/aws/dra-analytics/main.tf @@ -19,8 +19,8 @@ locals { admin_server_private_ip = var.admin_server_private_ip }) - readiness_script = templatefile("${path.module}/waiter.tftpl", { - admin_server_public_ip = var.admin_server_public_ip + readiness_script = templatefile("${path.module}/readiness.tftpl", { + admin_server_public_ip = try(var.admin_server_public_ip, var.admin_server_private_ip) }) } diff --git a/modules/azurerm/dra-analytics/waiter.tftpl b/modules/aws/dra-analytics/readiness.tftpl old mode 100644 new mode 100755 similarity index 100% rename from modules/azurerm/dra-analytics/waiter.tftpl rename to modules/aws/dra-analytics/readiness.tftpl diff --git a/modules/azurerm/dra-admin/main.tf b/modules/azurerm/dra-admin/main.tf index a397f7f7a..ca05f0c3e 100644 --- a/modules/azurerm/dra-admin/main.tf +++ b/modules/azurerm/dra-admin/main.tf @@ -10,9 +10,9 @@ locals { admin_ssh_password_secret_name = azurerm_key_vault_secret.ssh_password.name }) - # readiness_script = templatefile("${path.module}/../dra-analytics/waiter.tftpl", { - # admin_server_public_ip = try(local.public_ip, local.private_ip) - # }) + readiness_script = templatefile("${path.module}/readiness.tftpl", { + admin_server_public_ip = try(local.public_ip, local.private_ip) + }) } resource "azurerm_network_interface" "nic" { @@ -111,22 +111,22 @@ module "statistics" { location = var.resource_group.location } -#resource "null_resource" "readiness" { -# provisioner "local-exec" { -# command = local.readiness_script -# interpreter = ["/bin/bash", "-c"] -# } -# depends_on = [ -# azurerm_linux_virtual_machine.vm, -# module.statistics -# ] -#} -# -#module "statistics_success" { -# source = "../../../modules/azurerm/statistics" -# count = var.send_usage_statistics ? 1 : 0 -# -# id = module.statistics[0].id -# status = "success" -# depends_on = [null_resource.readiness] -#} \ No newline at end of file +resource "null_resource" "readiness" { + provisioner "local-exec" { + command = local.readiness_script + interpreter = ["/bin/bash", "-c"] + } + depends_on = [ + azurerm_linux_virtual_machine.vm, + module.statistics + ] +} + +module "statistics_success" { + source = "../../../modules/azurerm/statistics" + count = var.send_usage_statistics ? 1 : 0 + + id = module.statistics[0].id + status = "success" + depends_on = [null_resource.readiness] +} diff --git a/modules/azurerm/dra-admin/readiness.tftpl b/modules/azurerm/dra-admin/readiness.tftpl new file mode 100644 index 000000000..339221dc0 --- /dev/null +++ b/modules/azurerm/dra-admin/readiness.tftpl @@ -0,0 +1,8 @@ + while true; do + response=$(curl -k -s -o /dev/null -w "%%{http_code}" --request GET 'https://${admin_server_public_ip}:8443/mvc/login') + if [ $response -eq 200 ]; then + exit 0 + else + sleep 60 + fi + done \ No newline at end of file diff --git a/modules/azurerm/dra-analytics/main.tf b/modules/azurerm/dra-analytics/main.tf index 5a74a8241..5e6ef0cd5 100644 --- a/modules/azurerm/dra-analytics/main.tf +++ b/modules/azurerm/dra-analytics/main.tf @@ -16,8 +16,8 @@ locals { admin_server_private_ip = var.admin_server_private_ip }) - readiness_script = templatefile("${path.module}/waiter.tftpl", { - admin_server_public_ip = var.admin_server_public_ip + readiness_script = templatefile("${path.module}/readiness.tftpl", { + admin_server_public_ip = try(var.admin_server_public_ip, var.admin_server_private_ip) }) } diff --git a/modules/azurerm/dra-analytics/readiness.tftpl b/modules/azurerm/dra-analytics/readiness.tftpl new file mode 100644 index 000000000..339221dc0 --- /dev/null +++ b/modules/azurerm/dra-analytics/readiness.tftpl @@ -0,0 +1,8 @@ + while true; do + response=$(curl -k -s -o /dev/null -w "%%{http_code}" --request GET 'https://${admin_server_public_ip}:8443/mvc/login') + if [ $response -eq 200 ]; then + exit 0 + else + sleep 60 + fi + done \ No newline at end of file