Automatic commit before release [release=1.3.5] | [skip actions]

imperva · Jan 26, 2023 · 9f7f947 · 9f7f947
1 parent 97d4140
commit 9f7f947
Show file tree

Hide file tree

Showing 9 changed files with 50 additions and 50 deletions.
diff --git a/README.md b/README.md
@@ -281,7 +281,7 @@ The first thing to do in this deployment mode is to [download Terraform ](https:
 
 **NOTE:** Update the values for the required parameters to complete the installation: example_name, aws_access_key_id, aws_secret_access_key and region
 
-1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the <a href="https://github.com/imperva/dsfkit/tree/1.3.5">DSFKit GitHub Repository</a>, e.g., if you choose the "basic_deployment" example, you should download <a href="https://github.com/imperva/dsfkit/tree/1.3.4/examples/poc/basic_deployment/basic_deployment.zip">basic_deployment.zip</a>.
+1. Download the zip file of the example you've chosen (See the [Choosing the Example/Recipe that Fits Your Use Case](#choosing-the-examplerecipe-that-fits-your-use-case) section) from the <a href="https://github.com/imperva/dsfkit/tree/1.3.5">DSFKit GitHub Repository</a>, e.g., if you choose the "basic_deployment" example, you should download <a href="https://github.com/imperva/dsfkit/tree/1.3.5/examples/poc/basic_deployment/basic_deployment.zip">basic_deployment.zip</a>.
 
 2. Unzip the zip file in CLI or using your operating system's UI.
    For example, in CLI:
@@ -614,7 +614,7 @@ Complete the following instructions to automate the creation of an installer mac
 
 DSFKit provides a number of out-of-the-box examples which are already configured to deploy common DSF environments.
 
-These examples can be found in the <a href="https://github.com/imperva/dsfkit/tree/1.3.5">DSFKit GitHub Repository</a> under the <a href="https://github.com/imperva/dsfkit/tree/1.3.4/examples">examples</a> directory.
+These examples can be found in the <a href="https://github.com/imperva/dsfkit/tree/1.3.5">DSFKit GitHub Repository</a> under the <a href="https://github.com/imperva/dsfkit/tree/1.3.5/examples">examples</a> directory.
 Some examples are intended for Lab or POC and others for actual DSF deployments by Professional Services and customers.
 
 For more details about each example, click on the example name.

diff --git a/examples/installation/multi_account_deployment/multi_account_deployment.zip b/examples/installation/multi_account_deployment/multi_account_deployment.zip
diff --git a/examples/poc/basic_deployment/basic_deployment.zip b/examples/poc/basic_deployment/basic_deployment.zip
diff --git a/examples/poc/basic_deployment/variables.tf b/examples/poc/basic_deployment/variables.tf
@@ -100,7 +100,7 @@ variable "db_types_to_onboard" {
   description = "DB types to onboard, available types are - 'RDS MySQL', 'RDS MsSQL' with data"
   validation {
     condition = alltrue([
-    for db_type in var.db_types_to_onboard : contains(["RDS MySQL", "RDS MsSQL"], db_type)
+      for db_type in var.db_types_to_onboard : contains(["RDS MySQL", "RDS MsSQL"], db_type)
     ])
     error_message = "Valid values should contain at least one of the following: 'RDS MySQL', 'RDS MsSQL'."
   }

diff --git a/examples/poc/hadr_deployment/hadr_deployment.zip b/examples/poc/hadr_deployment/hadr_deployment.zip
diff --git a/examples/poc/hadr_deployment/variables.tf b/examples/poc/hadr_deployment/variables.tf
@@ -100,7 +100,7 @@ variable "db_types_to_onboard" {
   description = "DB types to onboard, available types are - 'RDS MySQL', 'RDS MsSQL' with data"
   validation {
     condition = alltrue([
-    for db_type in var.db_types_to_onboard : contains(["RDS MySQL", "RDS MsSQL"], db_type)
+      for db_type in var.db_types_to_onboard : contains(["RDS MySQL", "RDS MsSQL"], db_type)
     ])
     error_message = "Valid values should contain at least one of the following: 'RDS MySQL', 'RDS MsSQL'."
   }

diff --git a/installer_machine/variables.tf b/installer_machine/variables.tf
@@ -28,8 +28,8 @@ variable "example_name" {
 }
 
 variable "example_type" {
-  type    = string
-  default = "poc"
+  type        = string
+  default     = "poc"
   description = "poc or installation, according to where your example is located in the DSFKit GitHub repository under the 'examples' directory"
 }
 

diff --git a/modules/aws/poc-db-onboarder/iam_role.tf b/modules/aws/poc-db-onboarder/iam_role.tf
@@ -3,9 +3,9 @@ locals {
     Version = "2012-10-17"
     Statement = [
       {
-        "Sid": "VisualEditor0",
-        "Effect": "Allow",
-        "Action": [
+        "Sid" : "VisualEditor0",
+        "Effect" : "Allow",
+        "Action" : [
           "logs:Describe*",
           "logs:List*",
           "rds:DescribeDBInstances",
@@ -20,7 +20,7 @@ locals {
           "rds:DescribeDBClusters",
           "rds:DescribeOptionGroups"
         ],
-        "Resource": "*"
+        "Resource" : "*"
       }
     ]
   })
@@ -29,31 +29,31 @@ locals {
     Version = "2012-10-17"
     Statement = [
       {
-        "Sid": "VisualEditor0",
-        "Effect": "Allow",
-        "Action": [
+        "Sid" : "VisualEditor0",
+        "Effect" : "Allow",
+        "Action" : [
           "rds:DescribeDBInstances",
           "rds:DescribeDBClusters",
           "rds:DescribeOptionGroups"
         ],
-        "Resource": "*"
+        "Resource" : "*"
       },
       {
-        "Sid": "VisualEditor1",
-        "Effect": "Allow",
-        "Action": [
+        "Sid" : "VisualEditor1",
+        "Effect" : "Allow",
+        "Action" : [
           "s3:ListAllMyBuckets"
         ],
-        "Resource": "*"
+        "Resource" : "*"
       },
       {
-        "Sid": "VisualEditor2",
-        "Effect": "Allow",
-        "Action": [
+        "Sid" : "VisualEditor2",
+        "Effect" : "Allow",
+        "Action" : [
           "s3:ListBucket",
           "s3:GetObject"
         ],
-        "Resource": "arn:aws:s3:::${var.database_details.db_identifier}-*" # bucket name starts with db_identifier prefix
+        "Resource" : "arn:aws:s3:::${var.database_details.db_identifier}-*" # bucket name starts with db_identifier prefix
       }
     ]
   })

diff --git a/modules/aws/rds-mssql-db/main.tf b/modules/aws/rds-mssql-db/main.tf
@@ -13,14 +13,14 @@ resource "random_id" "salt" {
 data "aws_region" "current" {}
 
 locals {
-  db_username                  = var.username
-  db_password                  = length(var.password) > 0 ? var.password : random_password.db_password.result
-  db_identifier                = length(var.identifier) > 0 ? var.identifier : "edsf-db-demo-${random_pet.db_id.id}"
-  db_name                      = length(var.name) > 0 ? var.name : replace("edsf-db-demo-${random_pet.db_id.id}", "-", "_")
-  mssql_connect_db_name        = "rdsadmin"
-  lambda_salt                  = random_id.salt.hex
-  lambda_package               = "${path.module}/installation_resources/mssqlLambdaPackage.zip"
-  db_audit_bucket_name         = "${local.db_identifier}-audit-bucket"
+  db_username           = var.username
+  db_password           = length(var.password) > 0 ? var.password : random_password.db_password.result
+  db_identifier         = length(var.identifier) > 0 ? var.identifier : "edsf-db-demo-${random_pet.db_id.id}"
+  db_name               = length(var.name) > 0 ? var.name : replace("edsf-db-demo-${random_pet.db_id.id}", "-", "_")
+  mssql_connect_db_name = "rdsadmin"
+  lambda_salt           = random_id.salt.hex
+  lambda_package        = "${path.module}/installation_resources/mssqlLambdaPackage.zip"
+  db_audit_bucket_name  = "${local.db_identifier}-audit-bucket"
 }
 
 resource "aws_db_subnet_group" "rds_db_sg" {
@@ -129,12 +129,12 @@ data "aws_iam_role" "lambda_mssql_assignee_role" {
 }
 
 resource "aws_lambda_function" "lambda_mssql_infra" {
-  function_name     = join("-", ["dsf-mssql-infra", local.lambda_salt])
-  filename          = local.lambda_package
-  role              = data.aws_iam_role.lambda_mssql_assignee_role.arn
-  handler           = "createDBsAndEnableAudit.lambda_handler"
-  runtime           = "python3.9"
-  timeout           = 900
+  function_name = join("-", ["dsf-mssql-infra", local.lambda_salt])
+  filename      = local.lambda_package
+  role          = data.aws_iam_role.lambda_mssql_assignee_role.arn
+  handler       = "createDBsAndEnableAudit.lambda_handler"
+  runtime       = "python3.9"
+  timeout       = 900
 
   vpc_config {
     security_group_ids = [aws_security_group.rds_mssql_access.id]
@@ -147,7 +147,7 @@ resource "aws_lambda_function" "lambda_mssql_infra" {
       DB_PORT = aws_db_instance.rds_db.port
       DB_NAME = local.mssql_connect_db_name
       DB_USER = aws_db_instance.rds_db.username
-      DB_PWD  =  nonsensitive(aws_db_instance.rds_db.password)
+      DB_PWD  = nonsensitive(aws_db_instance.rds_db.password)
     }
   }
 
@@ -185,10 +185,10 @@ data "aws_route_tables" "vpc_route_tables" {
 }
 
 resource "aws_vpc_endpoint" "s3_vpc_endpoint" {
-  service_name = "com.amazonaws.${data.aws_region.current.name}.s3"
-  vpc_id       = data.aws_subnet.subnet.vpc_id
+  service_name      = "com.amazonaws.${data.aws_region.current.name}.s3"
+  vpc_id            = data.aws_subnet.subnet.vpc_id
   vpc_endpoint_type = "Gateway"
-  route_table_ids = data.aws_route_tables.vpc_route_tables.ids
+  route_table_ids   = data.aws_route_tables.vpc_route_tables.ids
 }
 
 resource "aws_s3_object" "mssql_lambda_objects" {
@@ -254,11 +254,11 @@ resource "aws_cloudwatch_event_target" "trafficEachMinuteTarget" {
 }
 
 resource "aws_lambda_permission" "allow_cloudwatchTraffic" {
-  statement_id = "AllowTrafficExecutionFromCloudWatch"
-  action = "lambda:InvokeFunction"
+  statement_id  = "AllowTrafficExecutionFromCloudWatch"
+  action        = "lambda:InvokeFunction"
   function_name = aws_lambda_function.lambda_mssql_scheduled.function_name
-  principal = "events.amazonaws.com"
-  source_arn = aws_cloudwatch_event_rule.trafficEachMinute.arn
+  principal     = "events.amazonaws.com"
+  source_arn    = aws_cloudwatch_event_rule.trafficEachMinute.arn
 }
 
 # add scheduled events each 10 minutes for the suspicious activity queries
@@ -269,15 +269,15 @@ resource "aws_cloudwatch_event_rule" "suspiciousActivityEach10Minutes" {
 }
 
 resource "aws_cloudwatch_event_target" "suspiciousActivityEach10MinutesTarget" {
-  arn  = aws_lambda_function.lambda_mssql_scheduled.arn
-  rule = aws_cloudwatch_event_rule.suspiciousActivityEach10Minutes.name
+  arn   = aws_lambda_function.lambda_mssql_scheduled.arn
+  rule  = aws_cloudwatch_event_rule.suspiciousActivityEach10Minutes.name
   input = "{\"S3_FILE_PREFIX\":\"mssql_suspicious_activity\",\"SHOULD_RUN_FAILED_LOGINS\":\"true\",\"DBS_FAILED_LOGINS\":\"financedb;HealthCaredb;Insurancedb;telecomdb\",\"DB_USER2\":\"finance:Teller;health:public_health_nurse;insurance:Broker;telecom:Technician\"}"
 }
 
 resource "aws_lambda_permission" "allow_cloudwatchSuspicious" {
-  statement_id = "AllowSuspiciousExecutionFromCloudWatch"
-  action = "lambda:InvokeFunction"
+  statement_id  = "AllowSuspiciousExecutionFromCloudWatch"
+  action        = "lambda:InvokeFunction"
   function_name = aws_lambda_function.lambda_mssql_scheduled.function_name
-  principal = "events.amazonaws.com"
-  source_arn = aws_cloudwatch_event_rule.suspiciousActivityEach10Minutes.arn
+  principal     = "events.amazonaws.com"
+  source_arn    = aws_cloudwatch_event_rule.suspiciousActivityEach10Minutes.arn
 }