-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add docdb, neptune, mariadb, mysql, oracle, redshift (#6)
* Add docdb, neptune, mariadb, mysql, oracle, redshiftmodules * update 1.0.2 release date --------- Co-authored-by: mattJsonar <[email protected]> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
- Loading branch information
1 parent
0b19323
commit acde11d
Showing
160 changed files
with
8,408 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,40 +8,56 @@ jobs: | |
outputs: | ||
directories: ${{ steps.dirs.outputs.matrix }} | ||
steps: | ||
# Checkout the repository to the GitHub Actions runner | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.pull_request.head.ref }} | ||
|
||
# Find all subdirectories within "modules/" and "examples/" | ||
- name: Get root directories | ||
id: dirs | ||
run: echo "matrix=$(ls -d {modules,examples}/* | jq -R -s -c 'split("\n")[:-1]')" >> $GITHUB_OUTPUT | ||
|
||
validateConfigs: | ||
name: Validate terraform pull PR | ||
needs: collectInputs | ||
|
||
validatePR: | ||
name: Validate PR | ||
runs-on: ubuntu-latest | ||
needs: collectInputs | ||
strategy: | ||
matrix: | ||
directory: ${{ fromJson(needs.collectInputs.outputs.directories) }} | ||
steps: | ||
# Checkout the repository to the GitHub Actions runner | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.pull_request.head.ref }} | ||
- name: Validate configs | ||
uses: dflook/terraform-validate@v1 | ||
with: | ||
path: ${{ matrix.directory }} | ||
|
||
# Install the latest version of Terraform | ||
- name: Setup Terraform | ||
uses: hashicorp/setup-terraform@v2 | ||
|
||
# Initialize terraform and validate submodules | ||
- name: Terraform validate | ||
working-directory: ${{ matrix.directory }} | ||
run: | | ||
if [[ -d ".terraform" ]]; then echo "removing exisiting .terraform directory"; rm -rf .terraform; fi | ||
terraform workspace new ${{ github.run_id }} | ||
terraform init | ||
terraform validate | ||
updateDocumentation: | ||
name: Update READMEs | ||
needs: validateConfigs | ||
needs: validatePR | ||
runs-on: ubuntu-latest | ||
steps: | ||
# Checkout the repository to the GitHub Actions runner | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.pull_request.head.ref }} | ||
|
||
# Update READMEs using terraform-docs | ||
- name: Render terraform docs inside the README.md and push changes back to PR branch | ||
uses: terraform-docs/[email protected] | ||
with: | ||
|
@@ -59,18 +75,25 @@ jobs: | |
permissions: | ||
contents: write | ||
steps: | ||
# Checkout the repository to the GitHub Actions runner | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.pull_request.head.ref }} | ||
|
||
# Format Terraform modules | ||
- name: Terraform fmt modules | ||
uses: dflook/terraform-fmt@v1 | ||
with: | ||
path: modules/ | ||
|
||
# Format Terraform examples | ||
- name: Terraform fmt examples | ||
uses: dflook/terraform-fmt@v1 | ||
with: | ||
path: examples/ | ||
|
||
# Push changes to PR | ||
- name: Commit changes to PR | ||
uses: stefanzweifel/git-auto-commit-action@v5 | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# Onboard Amazon DocumentDB example | ||
This example includes additional prerequisites that will need to be completed to fully utilize the module. More details can be found in the [onboarding documentation](https://docs.imperva.com/bundle/onboarding-databases-to-sonar-reference-guide/page/Amazon-DocumentDB-Onboarding-Steps_48366944.html). | ||
|
||
This example creates both 'aws' and 'dsfhub' resources. More information regarding authentication to each can be found in the relevant provider documentation: | ||
- [aws](https://registry.terraform.io/providers/hashicorp/aws/latest/docs) | ||
- [dsfhub](https://registry.terraform.io/providers/imperva/dsfhub/latest/docs) | ||
|
||
## Prerequisites | ||
### Account Asset Permissions | ||
An AWS account asset will need to be onboarded to your DSF hub prior to using this module. The account asset will need to be granted permissions to be able to read from the newly created CloudWatch log group. | ||
|
||
<!-- BEGIN_TF_DOCS --> | ||
## Requirements | ||
|
||
No requirements. | ||
|
||
## Providers | ||
|
||
No providers. | ||
|
||
## Modules | ||
|
||
| Name | Source | Version | | ||
|------|--------|---------| | ||
| <a name="module_aws-default-account-asset"></a> [aws-default-account-asset](#module\_aws-default-account-asset) | imperva/agentless-onboarding/dsfhub//modules/dsfhub-aws-cloud-account | n/a | | ||
| <a name="module_aws-docdb-cluster-1"></a> [aws-docdb-cluster-1](#module\_aws-docdb-cluster-1) | ../../modules/onboard-aws-docdb-cluster | n/a | | ||
|
||
## Resources | ||
|
||
No resources. | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_dsfhub_host"></a> [dsfhub\_host](#input\_dsfhub\_host) | n/a | `any` | n/a | yes | | ||
| <a name="input_dsfhub_token"></a> [dsfhub\_token](#input\_dsfhub\_token) | n/a | `any` | n/a | yes | | ||
|
||
## Outputs | ||
|
||
No outputs. | ||
<!-- END_TF_DOCS --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
locals { | ||
aws_region = "us-east-1" | ||
|
||
admin_email = "[email protected]" | ||
apply_immediately = true | ||
gateway_id = "a1b2c3d4-e5f6-g8h9-wxyz-123456790" | ||
} | ||
|
||
################################################################################ | ||
# Providers | ||
################################################################################ | ||
terraform { | ||
required_providers { | ||
dsfhub = { | ||
source = "imperva/dsfhub" | ||
} | ||
} | ||
} | ||
|
||
provider "aws" { | ||
region = local.aws_region | ||
} | ||
|
||
variable "dsfhub_host" {} # TF_VAR_dsfhub_host env variable | ||
variable "dsfhub_token" {} # TF_VAR_dsfhub_token env variable | ||
|
||
provider "dsfhub" { | ||
dsfhub_host = var.dsfhub_host | ||
dsfhub_token = var.dsfhub_token | ||
} | ||
|
||
################################################################################ | ||
# Prerequisites | ||
# 1. AWS cloud account | ||
################################################################################ | ||
module "aws-default-account-asset" { | ||
source = "imperva/agentless-onboarding/dsfhub//modules/dsfhub-aws-cloud-account" | ||
|
||
admin_email = local.admin_email | ||
asset_display_name = "aws-account-asset" | ||
asset_id = "arn:aws:iam::1234567890" | ||
auth_mechanism = "default" | ||
gateway_id = local.gateway_id | ||
region = local.aws_region | ||
} | ||
|
||
################################################################################ | ||
# Amazon DocumentDB Cluster 5.0.0 | ||
################################################################################ | ||
|
||
module "aws-docdb-cluster-1" { | ||
source = "../../modules/onboard-aws-docdb-cluster" | ||
|
||
aws_log_group_admin_email = local.admin_email | ||
aws_log_group_audit_pull_enabled = true | ||
aws_log_group_gateway_id = local.gateway_id | ||
aws_log_group_region = local.aws_region | ||
|
||
aws_docdb_cluster_admin_email = local.admin_email | ||
aws_docdb_cluster_gateway_id = local.gateway_id | ||
aws_docdb_cluster_parent_asset_id = module.aws-default-account-asset.this.asset_id | ||
aws_docdb_cluster_region = local.aws_region | ||
|
||
cluster_apply_immediately = local.apply_immediately | ||
cluster_identifier = "example-tf-docdb" | ||
cluster_db_subnet_group_name = "default" | ||
cluster_enabled_cloudwatch_logs_exports = ["audit"] | ||
cluster_engine_version = "5.0.0" | ||
cluster_master_password = "abcd1234" | ||
cluster_master_username = "docdbadmin" | ||
cluster_skip_final_snapshot = true | ||
cluster_vpc_security_group_ids = ["sg-0123456789abcdefg"] | ||
|
||
instance_apply_immediately = local.apply_immediately | ||
instance_count = 1 | ||
instance_instance_class = "db.t3.medium" | ||
|
||
parameter_group_family = "docdb5.0" | ||
parameter_group_name = "docdb-pg-test4" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# Onboard Amazon Neptune with Slow Query example | ||
This example includes additional prerequisites that will need to be completed to fully utilize the module. More details can be found in the [onboarding documentation](https://docs.imperva.com/bundle/onboarding-databases-to-sonar-reference-guide/page/Amazon-Neptune-Onboarding-Steps_48367003.html). | ||
|
||
This example creates both 'aws' and 'dsfhub' resources. More information regarding authentication to each can be found in the relevant provider documentation: | ||
- [aws](https://registry.terraform.io/providers/hashicorp/aws/latest/docs) | ||
- [dsfhub](https://registry.terraform.io/providers/imperva/dsfhub/latest/docs) | ||
|
||
## Prerequisites | ||
### Account Asset Permissions | ||
An AWS account asset will need to be onboarded to your DSF hub prior to using this module. The account asset will need to be granted permissions to be able to read from the newly created CloudWatch log group. | ||
|
||
<!-- BEGIN_TF_DOCS --> | ||
## Requirements | ||
|
||
No requirements. | ||
|
||
## Providers | ||
|
||
No providers. | ||
|
||
## Modules | ||
|
||
| Name | Source | Version | | ||
|------|--------|---------| | ||
| <a name="module_aws-default-account-asset"></a> [aws-default-account-asset](#module\_aws-default-account-asset) | imperva/agentless-onboarding/dsfhub//modules/dsfhub-aws-cloud-account | n/a | | ||
| <a name="module_aws-neptune-slowquery-1"></a> [aws-neptune-slowquery-1](#module\_aws-neptune-slowquery-1) | ../../modules/onboard-aws-neptune-slow-query | n/a | | ||
|
||
## Resources | ||
|
||
No resources. | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_dsfhub_host"></a> [dsfhub\_host](#input\_dsfhub\_host) | n/a | `any` | n/a | yes | | ||
| <a name="input_dsfhub_token"></a> [dsfhub\_token](#input\_dsfhub\_token) | n/a | `any` | n/a | yes | | ||
|
||
## Outputs | ||
|
||
No outputs. | ||
<!-- END_TF_DOCS --> |
Oops, something went wrong.