From 2ecded949a0a8426f8499f521f78cb52ccf3d491 Mon Sep 17 00:00:00 2001 From: "mike@here" Date: Sun, 24 Nov 2024 20:34:29 -0800 Subject: [PATCH 1/9] terraform/aws-users.tf add user herehfla https://github.com/hackforla/devops-security/issues/89 --- terraform/aws-users.tf | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/terraform/aws-users.tf b/terraform/aws-users.tf index e44c10a..042542e 100644 --- a/terraform/aws-users.tf +++ b/terraform/aws-users.tf @@ -195,3 +195,14 @@ module "iam_user_lsousadev" { } user_groups = ["read-only-group"] } + +module "iam_user_herehfla" { +source = "./modules/aws-users" + +user_name = "herehfla" # Replace with GitHub handle +user_tags = { + "Project" = "devops-security" + "Access Level" = "1" +} +user_groups = ["read-only-group"] +} \ No newline at end of file From 6d914da41bf423969bf3bfadd1a5ef5cd656cbb7 Mon Sep 17 00:00:00 2001 From: "mike@here" Date: Sun, 24 Nov 2024 21:24:16 -0800 Subject: [PATCH 2/9] aws-users user alexe group rm ops-leads resolves error 404 on ops-leads group --- terraform/aws-users.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/aws-users.tf b/terraform/aws-users.tf index 042542e..f4a7fc6 100644 --- a/terraform/aws-users.tf +++ b/terraform/aws-users.tf @@ -149,7 +149,7 @@ module "iam_user_alexe" { "Project" = "devops-security" "Access Level" = "1" } - user_groups = ["ops-leads"] + user_groups = ["read-only-group"] } module "iam_user_rsakuma" { From 421930e0209c0aeae46923c4345fdacaceecc748 Mon Sep 17 00:00:00 2001 From: "mike@here" Date: Sun, 24 Nov 2024 21:50:45 -0800 Subject: [PATCH 3/9] README terraform-docs add user herehfla https://github.com/hackforla/devops-security/issues/77 https://github.com/hackforla/devops-security/issues/89 --- terraform/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/README.md b/terraform/README.md index 9ffad93..6a2d0a8 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -19,6 +19,7 @@ Resources created by this code repository. | [iam\_user\_chelseyb](#module\_iam\_user\_chelseyb) | ./modules/aws-users | n/a | | [iam\_user\_drakeredwind01](#module\_iam\_user\_drakeredwind01) | ./modules/aws-users | n/a | | [iam\_user\_freaky4wrld](#module\_iam\_user\_freaky4wrld) | ./modules/aws-users | n/a | +| [iam\_user\_herehfla](#module\_iam\_user\_herehfla) | ./modules/aws-users | n/a | | [iam\_user\_jbubar](#module\_iam\_user\_jbubar) | ./modules/aws-users | n/a | | [iam\_user\_lsousadev](#module\_iam\_user\_lsousadev) | ./modules/aws-users | n/a | | [iam\_user\_npang4](#module\_iam\_user\_npang4) | ./modules/aws-users | n/a | From 1aa4e8c90573e0e5cf2f49d2bf38ea3291b6b114 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 15 Jan 2025 18:17:49 -0800 Subject: [PATCH 4/9] terraform/aws-users alexe ops-leads revert --- terraform/aws-users.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/aws-users.tf b/terraform/aws-users.tf index f4a7fc6..5af6016 100644 --- a/terraform/aws-users.tf +++ b/terraform/aws-users.tf @@ -149,7 +149,7 @@ module "iam_user_alexe" { "Project" = "devops-security" "Access Level" = "1" } - user_groups = ["read-only-group"] + user_groups = ["ops-leads"] } module "iam_user_rsakuma" { @@ -205,4 +205,4 @@ user_tags = { "Access Level" = "1" } user_groups = ["read-only-group"] -} \ No newline at end of file +} From 8101ebc26b6e3d9a245bd2b030f1a5ef502a0853 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 15 Jan 2025 20:56:38 -0800 Subject: [PATCH 5/9] terraform/.terraform.lock.hcl new checksum Automatically updated on terraform init Docs at https://developer.hashicorp.com/terraform/language/files/dependency-lock --- terraform/.terraform.lock.hcl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 14cf4b0..f357de3 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -4,6 +4,7 @@ provider "registry.terraform.io/hashicorp/aws" { version = "5.34.0" hashes = [ + "h1:1Y1JgV1z99QqAK06+atyfNqreZxyGZKbm4mZO4VhhT8=", "h1:CUCoX4ax5hrP6BH4973oP+hgz8VR2GuNPQil3FYwEqQ=", "h1:Tbq6dKE+XyXmkup6+7eQj2vH+eCJipk8R3VXhebVYi4=", "zh:01bb20ae12b8c66f0cacec4f417a5d6741f018009f3a66077008e67cce127aa4", @@ -28,6 +29,7 @@ provider "registry.terraform.io/hashicorp/tls" { version = "4.0.6" hashes = [ "h1:dYSb3V94K5dDMtrBRLPzBpkMTPn+3cXZ/kIJdtFL+2M=", + "h1:n3M50qfWfRSpQV9Pwcvuse03pEizqrmYEryxKky4so4=", "zh:10de0d8af02f2e578101688fd334da3849f56ea91b0d9bd5b1f7a243417fdda8", "zh:37fc01f8b2bc9d5b055dc3e78bfd1beb7c42cfb776a4c81106e19c8911366297", "zh:4578ca03d1dd0b7f572d96bd03f744be24c726bfd282173d54b100fd221608bb", From 30ca48364242350c83608fc7e412a015424c79ee Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 7 May 2025 18:42:45 -0700 Subject: [PATCH 6/9] aws-users whitespace and readme terraform-docs add herehfla https://github.com/hackforla/devops-security/issues/77 --- terraform/README.md | 4 ++-- terraform/aws-users.tf | 14 +++++++------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/terraform/README.md b/terraform/README.md index 44cef53..b79f1d0 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -21,8 +21,8 @@ Resources created by this code repository. | [iam\_user\_chelseyb](#module\_iam\_user\_chelseyb) | ./modules/aws-users | n/a | | [iam\_user\_drakeredwind01](#module\_iam\_user\_drakeredwind01) | ./modules/aws-users | n/a | | [iam\_user\_freaky4wrld](#module\_iam\_user\_freaky4wrld) | ./modules/aws-users | n/a | -| [iam\_user\_herehfla](#module\_iam\_user\_herehfla) | ./modules/aws-users | n/a | | [iam\_user\_gmgonzal](#module\_iam\_user\_gmgonzal) | ./modules/aws-users | n/a | +| [iam\_user\_herehfla](#module\_iam\_user\_herehfla) | ./modules/aws-users | n/a | | [iam\_user\_jbubar](#module\_iam\_user\_jbubar) | ./modules/aws-users | n/a | | [iam\_user\_lsousadev](#module\_iam\_user\_lsousadev) | ./modules/aws-users | n/a | | [iam\_user\_npang4](#module\_iam\_user\_npang4) | ./modules/aws-users | n/a | @@ -56,4 +56,4 @@ Terraform directory structure To automatically update this documentation, install terraform-docs on your local machine run the following: `cd ` `terraform-docs -c .terraform.docs.yml .` - + \ No newline at end of file diff --git a/terraform/aws-users.tf b/terraform/aws-users.tf index f987d4c..69c4a8e 100644 --- a/terraform/aws-users.tf +++ b/terraform/aws-users.tf @@ -252,12 +252,12 @@ module "iam_user_raibarra" { } module "iam_user_herehfla" { -source = "./modules/aws-users" + source = "./modules/aws-users" -user_name = "herehfla" # Replace with GitHub handle -user_tags = { - "Project" = "devops-security" - "Access Level" = "1" -} -user_groups = ["read-only-group"] + user_name = "herehfla" # Replace with GitHub handle + user_tags = { + "Project" = "devops-security" + "Access Level" = "1" + } + user_groups = ["read-only-group"] } \ No newline at end of file From 8b853f46122ef50c05a1782f8be26ee4f3d2b611 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 7 May 2025 18:52:16 -0700 Subject: [PATCH 7/9] rm .terraform.lock.hcl files to match gitignore https://github.com/hackforla/devops-security/pull/92#pullrequestreview-2568742072 --- terraform/.terraform.lock.hcl | 49 ------------------- .../modules/aws-users/.terraform.lock.hcl | 24 --------- 2 files changed, 73 deletions(-) delete mode 100644 terraform/.terraform.lock.hcl delete mode 100644 terraform/modules/aws-users/.terraform.lock.hcl diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl deleted file mode 100644 index f5c650a..0000000 --- a/terraform/.terraform.lock.hcl +++ /dev/null @@ -1,49 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.34.0" - hashes = [ - "h1:1Y1JgV1z99QqAK06+atyfNqreZxyGZKbm4mZO4VhhT8=", - "h1:CUCoX4ax5hrP6BH4973oP+hgz8VR2GuNPQil3FYwEqQ=", - "h1:DASZ6KEK0O2OFeAjT7cGlnaApDSUiMGIzjQRUlHTzzw=", - "h1:Tbq6dKE+XyXmkup6+7eQj2vH+eCJipk8R3VXhebVYi4=", - "zh:01bb20ae12b8c66f0cacec4f417a5d6741f018009f3a66077008e67cce127aa4", - "zh:3b0c9bdbbf846beef2c9573fc27898ceb71b69cf9d2f4b1dd2d0c2b539eab114", - "zh:5226ecb9c21c2f6fbf1d662ac82459ffcd4ad058a9ea9c6200750a21a80ca009", - "zh:6021b905d9b3cd3d7892eb04d405c6fa20112718de1d6ef7b9f1db0b0c97721a", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:9e61b8e0ccf923979cd2dc1f1140dbcb02f92248578e10c1996f560b6306317c", - "zh:ad6bf62cdcf531f2f92f6416822918b7ba2af298e4a0065c6baf44991fda982d", - "zh:b698b041ef38837753bbe5265dddbc70b76e8b8b34c5c10876e6aab0eb5eaf63", - "zh:bb799843c534f6a3f072a99d93a3b53ff97c58a96742be15518adf8127706784", - "zh:cebee0d942c37cd3b21e9050457cceb26d0a6ea886b855dab64bb67d78f863d1", - "zh:e061fdd1cb99e7c81fb4485b41ae000c6792d38f73f9f50aed0d3d5c2ce6dcfb", - "zh:eeb4943f82734946362696928336357cd1d36164907ae5905da0316a67e275e1", - "zh:ef09b6ad475efa9300327a30cbbe4373d817261c8e41e5b7391750b16ef4547d", - "zh:f01aab3881cd90b3f56da7c2a75f83da37fd03cc615fc5600a44056a7e0f9af7", - "zh:fcd0f724ebc4b56a499eb6c0fc602de609af18a0d578befa2f7a8df155c55550", - ] -} - -provider "registry.terraform.io/hashicorp/tls" { - version = "4.0.6" - hashes = [ - "h1:/sSdjHoiykrPdyBP1JE03V/KDgLXnHZhHcSOYIdDH/A=", - "h1:N7VxdRDiNZoRS9dnXJ+QuKWKn514ahS+U6f9K3cF44s=", - "h1:dYSb3V94K5dDMtrBRLPzBpkMTPn+3cXZ/kIJdtFL+2M=", - "h1:n3M50qfWfRSpQV9Pwcvuse03pEizqrmYEryxKky4so4=", - "zh:10de0d8af02f2e578101688fd334da3849f56ea91b0d9bd5b1f7a243417fdda8", - "zh:37fc01f8b2bc9d5b055dc3e78bfd1beb7c42cfb776a4c81106e19c8911366297", - "zh:4578ca03d1dd0b7f572d96bd03f744be24c726bfd282173d54b100fd221608bb", - "zh:6c475491d1250050765a91a493ef330adc24689e8837a0f07da5a0e1269e11c1", - "zh:81bde94d53cdababa5b376bbc6947668be4c45ab655de7aa2e8e4736dfd52509", - "zh:abdce260840b7b050c4e401d4f75c7a199fafe58a8b213947a258f75ac18b3e8", - "zh:b754cebfc5184873840f16a642a7c9ef78c34dc246a8ae29e056c79939963c7a", - "zh:c928b66086078f9917aef0eec15982f2e337914c5c4dbc31dd4741403db7eb18", - "zh:cded27bee5f24de6f2ee0cfd1df46a7f88e84aaffc2ecbf3ff7094160f193d50", - "zh:d65eb3867e8f69aaf1b8bb53bd637c99c6b649ba3db16ded50fa9a01076d1a27", - "zh:ecb0c8b528c7a619fa71852bb3fb5c151d47576c5aab2bf3af4db52588722eeb", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} diff --git a/terraform/modules/aws-users/.terraform.lock.hcl b/terraform/modules/aws-users/.terraform.lock.hcl deleted file mode 100644 index 8e4078c..0000000 --- a/terraform/modules/aws-users/.terraform.lock.hcl +++ /dev/null @@ -1,24 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.35.0" - hashes = [ - "h1:KlFlsBQpmSzE+vrYnXQeYEwX/K2E/yUIf5bX4ilOS7Q=", - "zh:3a2a6f40db82d30ea8c5e3e251ca5e16b08e520570336e7e342be823df67e945", - "zh:420a23b69b412438a15b8b2e2c9aac2cf2e4976f990f117e4bf8f630692d3949", - "zh:4d8b887f6a71b38cff77ad14af9279528433e279eed702d96b81ea48e16e779c", - "zh:4edd41f8e1c7d29931608a7b01a7ae3d89d6f95ef5502cf8200f228a27917c40", - "zh:6337544e2ded5cf37b55a70aa6ce81c07fd444a2644ff3c5aad1d34680051bdc", - "zh:668faa3faaf2e0758bf319ea40d2304340f4a2dc2cd24460ddfa6ab66f71b802", - "zh:79ddc6d7c90e59fdf4a51e6ea822ba9495b1873d6a9d70daf2eeaf6fc4eb6ff3", - "zh:885822027faf1aa57787f980ead7c26e7d0e55b4040d926b65709b764f804513", - "zh:8c50a8f397b871388ff2e048f5eb280af107faa2e8926694f1ffd9f32a7a7cdf", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:a2f5d2553df5573a060641f18ee7585587047c25ba73fd80617f59b5893d22b4", - "zh:c43833ae2a152213ee92eb5be7653f9493779eddbe0ce403ea49b5f1d87fd766", - "zh:dab01527a3a55b4f0f958af6f46313d775e27f9ad9d10bedbbfea4a35a06dc5f", - "zh:ed49c65620ec42718d681a7fc00c166c295ff2795db6cede2c690b83f9fb3e65", - "zh:f0a358c0ae1087c466d0fbcc3b4da886f33f881a145c3836ec43149878b86a1a", - ] -} From 9c3d62e55158e64ad34f5a4d09ab4b228c4da015 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 14 May 2025 18:17:00 -0700 Subject: [PATCH 8/9] aws-users rename self to match github --- terraform/aws-users.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/aws-users.tf b/terraform/aws-users.tf index 69c4a8e..a382bf5 100644 --- a/terraform/aws-users.tf +++ b/terraform/aws-users.tf @@ -251,13 +251,13 @@ module "iam_user_raibarra" { user_groups = ["read-only-group"] } -module "iam_user_herehfla" { +module "iam_user_here" { source = "./modules/aws-users" - user_name = "herehfla" # Replace with GitHub handle + user_name = "here" # Replace with GitHub handle user_tags = { "Project" = "devops-security" "Access Level" = "1" } user_groups = ["read-only-group"] -} \ No newline at end of file +} From 5cffa4f0dac8643d96f4ec5b4a0c780aef01e051 Mon Sep 17 00:00:00 2001 From: mike Date: Wed, 14 May 2025 18:18:04 -0700 Subject: [PATCH 9/9] terraform/README rename self to match github --- terraform/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/README.md b/terraform/README.md index b79f1d0..399925c 100644 --- a/terraform/README.md +++ b/terraform/README.md @@ -22,7 +22,7 @@ Resources created by this code repository. | [iam\_user\_drakeredwind01](#module\_iam\_user\_drakeredwind01) | ./modules/aws-users | n/a | | [iam\_user\_freaky4wrld](#module\_iam\_user\_freaky4wrld) | ./modules/aws-users | n/a | | [iam\_user\_gmgonzal](#module\_iam\_user\_gmgonzal) | ./modules/aws-users | n/a | -| [iam\_user\_herehfla](#module\_iam\_user\_herehfla) | ./modules/aws-users | n/a | +| [iam\_user\_here](#module\_iam\_user\_here) | ./modules/aws-users | n/a | | [iam\_user\_jbubar](#module\_iam\_user\_jbubar) | ./modules/aws-users | n/a | | [iam\_user\_lsousadev](#module\_iam\_user\_lsousadev) | ./modules/aws-users | n/a | | [iam\_user\_npang4](#module\_iam\_user\_npang4) | ./modules/aws-users | n/a | @@ -56,4 +56,4 @@ Terraform directory structure To automatically update this documentation, install terraform-docs on your local machine run the following: `cd ` `terraform-docs -c .terraform.docs.yml .` - \ No newline at end of file +