From fb0dd5562e0c66c94f84aacadeab1862f55aac5f Mon Sep 17 00:00:00 2001 From: nozaq Date: Tue, 23 Nov 2021 08:44:18 +0900 Subject: [PATCH 01/66] feat: add S3 bucket key support (#236) * feat: add S3 bucket key support * chore: go mod tidy --- README.md | 1 + bucket.tf | 1 + modules/secure-bucket/README.md | 1 + modules/secure-bucket/main.tf | 1 + modules/secure-bucket/variables.tf | 5 + test/go.mod | 9 -- test/go.sum | 182 ++++------------------------- variables.tf | 5 + 8 files changed, 38 insertions(+), 167 deletions(-) diff --git a/README.md b/README.md index c9a2a53c..200435d2 100644 --- a/README.md +++ b/README.md @@ -274,6 +274,7 @@ This module is composed of several submodules and each of which can be used inde | [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyzer"` | no | | [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | `"{}"` | no | | [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | +| [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | `false` | no | | [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `any` | n/a | yes | | [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | `90` | no | | [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | n/a | yes | diff --git a/bucket.tf b/bucket.tf index 671801b1..f5bc6e7e 100644 --- a/bucket.tf +++ b/bucket.tf @@ -32,6 +32,7 @@ module "audit_log_bucket" { source = "./modules/secure-bucket" bucket_name = var.audit_log_bucket_name + bucket_key_enabled = var.audit_log_bucket_key_enabled log_bucket_name = "${var.audit_log_bucket_name}-access-logs" lifecycle_glacier_transition_days = var.audit_log_lifecycle_glacier_transition_days force_destroy = var.audit_log_bucket_force_destroy diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index 1bf9a5bb..37595b17 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -35,6 +35,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | `false` | no | | [bucket\_name](#input\_bucket\_name) | n/a | `any` | n/a | yes | | [enabled](#input\_enabled) | A boolean that indicates this module is enabled. Resources are not created if it is set to false. | `bool` | `true` | no | | [force\_destroy](#input\_force\_destroy) | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf index f120ecf1..aa7ef1fa 100644 --- a/modules/secure-bucket/main.tf +++ b/modules/secure-bucket/main.tf @@ -86,6 +86,7 @@ resource "aws_s3_bucket" "content" { apply_server_side_encryption_by_default { sse_algorithm = "AES256" } + bucket_key_enabled = var.bucket_key_enabled } } diff --git a/modules/secure-bucket/variables.tf b/modules/secure-bucket/variables.tf index f06357e3..1ac56476 100644 --- a/modules/secure-bucket/variables.tf +++ b/modules/secure-bucket/variables.tf @@ -25,3 +25,8 @@ variable "tags" { "Terraform" = true } } + +variable "bucket_key_enabled" { + description = "Whether or not to use Amazon S3 Bucket Keys for this bucket." + default = false +} diff --git a/test/go.mod b/test/go.mod index 52f50ea9..173e9337 100644 --- a/test/go.mod +++ b/test/go.mod @@ -3,15 +3,6 @@ module github.com/nozaq/terraform-aws-secure-baseline go 1.16 require ( - github.com/apparentlymart/go-textseg/v12 v12.0.0 // indirect - github.com/coreos/go-etcd v2.0.0+incompatible // indirect - github.com/cpuguy83/go-md2man v1.0.10 // indirect github.com/google/uuid v1.3.0 github.com/gruntwork-io/terratest v0.38.1 - github.com/hashicorp/golang-lru v0.5.3 // indirect - github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2 // indirect - github.com/stretchr/testify v1.7.0 // indirect - github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8 // indirect - github.com/vdemeester/k8s-pkg-credentialprovider v0.0.0-20200107171650-7c61ffa44238 // indirect - k8s.io/code-generator v0.0.0-20191121015212-c4c8f8345c7e // indirect ) diff --git a/test/go.sum b/test/go.sum index 8e18857d..7be05d8e 100644 --- a/test/go.sum +++ b/test/go.sum @@ -7,7 +7,6 @@ cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxK cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.51.0/go.mod h1:hWtGJ6gnXH+KgDv+V0zFGDvpi07n3z8ZNj3T1RW0Gcw= cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= @@ -41,56 +40,29 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v35.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v38.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v46.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v50.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest v0.9.3/go.mod h1:GsRuLYvwzLjjjRoWEIyMUaYq8GNUx2nRB378IPt/1p0= -github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= -github.com/Azure/go-autorest/autorest v0.11.0/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.5/go.mod h1:foo3aIXRQ90zFve3r0QiDsrjGDUwWhKl0ZOQy1CT14k= github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= -github.com/Azure/go-autorest/autorest/adal v0.8.1/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= -github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/azure/auth v0.5.1/go.mod h1:ea90/jvmnAwDrSooLH4sRIehEPtG/EPUXavDh31MnA4= github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.0/go.mod h1:JljT387FplPzBA31vUcvsetLKF3pec5bdAxjVU4kI2s= github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= -github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/to v0.2.0/go.mod h1:GunWKJp1AEqgMaGLV+iocmRAJWqST1wQYhyyjXJ3SJc= -github.com/Azure/go-autorest/autorest/to v0.3.0/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA= github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.1.0/go.mod h1:Ha3z/SqBeaalWQvokg3NZAlQTalVMtOIAs1aGK7G6u8= -github.com/Azure/go-autorest/autorest/validation v0.3.0/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/k8s-cloud-provider v0.0.0-20190822182118-27a4ced34534/go.mod h1:iroGtC8B3tQiqtds1l+mgk/BBOrxbqjH+eUfFQYRc14= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -111,13 +83,11 @@ github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5 github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= -github.com/agext/levenshtein v1.2.1 h1:QmvMAjj2aEICytGiWzmxoE0x2KZvE0fvmqMOfy2tjT8= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -128,8 +98,7 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= -github.com/apparentlymart/go-textseg/v12 v12.0.0 h1:bNEQyAGak9tojivJNkoqWErVCQbjdL7GzRt3F8NvfJ0= -github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= +github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= @@ -138,10 +107,7 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go v1.16.26/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.27.1/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.38.28 h1:2ZzgEupSluR18ClxUnHwXKyuADheZpMblXRAsHqF0tI= -github.com/aws/aws-sdk-go v1.38.28/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= +github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA= github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -151,7 +117,6 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI= @@ -261,7 +226,6 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= @@ -274,10 +238,7 @@ github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+ github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man v1.0.10 h1:BSKMNlYxDvnunlTymqtgONjNnaRV1sTpcovwwjF22jk= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= @@ -288,7 +249,6 @@ github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1S github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= -github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -299,14 +259,10 @@ github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8 github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/cli v0.0.0-20200109221225-a4f60165b7a3/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= @@ -321,7 +277,6 @@ github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZ github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= @@ -334,7 +289,6 @@ github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5y github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= @@ -359,22 +313,18 @@ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= @@ -403,7 +353,6 @@ github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= -github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -428,7 +377,6 @@ github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -437,10 +385,9 @@ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-containerregistry v0.0.0-20200110202235-f4fb41bf00a3/go.mod h1:2wIuQute9+hhWqvL3vEI7YB0EKluF4WcPzI1eAliazk= github.com/google/go-containerregistry v0.6.0/go.mod h1:euCCtNbZ6tKqi1E72vwDj2xZcN5ttKpZLfa/wSo5iLw= -github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= @@ -468,10 +415,7 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/googleapis/gnostic v0.2.2/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= @@ -488,8 +432,6 @@ github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro= github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= -github.com/gruntwork-io/terratest v0.37.8 h1:XCkznySLTQfQiASqgHeqc47aT9xb3zdx4Gv6kN47bWc= -github.com/gruntwork-io/terratest v0.37.8/go.mod h1:CSHpZNJdqYQ+TUrigM100jcahRUV5X6w7K2kZJ8iylY= github.com/gruntwork-io/terratest v0.38.1 h1:vymd5+mrynqre6b1GFGPMuKVE/ta38hGKssKNmVi3Kw= github.com/gruntwork-io/terratest v0.38.1/go.mod h1:XzW8PL9pAGbLyiBdQ5OiAeWSNpZ/9ycItjYstSS2PV8= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= @@ -513,11 +455,9 @@ github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09 github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/hcl/v2 v2.8.2 h1:wmFle3D1vu0okesm8BTLVDyJ6/OL9DCLUwn0b2OptiY= -github.com/hashicorp/hcl/v2 v2.8.2/go.mod h1:bQTN5mpo+jewjJgh8jr0JUguIi7qPHUF6yIfAEN3jqY= +github.com/hashicorp/hcl/v2 v2.9.1 h1:eOy4gREY0/ZQHNItlfuEZqtcQbXIxzojlP301hDpnac= github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= @@ -529,7 +469,6 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -539,17 +478,13 @@ github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt7 github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= @@ -570,20 +505,19 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxv github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= @@ -597,10 +531,10 @@ github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOA github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= +github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2Zv40+8XitdzCgXY6e9qvXwN9W0YXg= github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= @@ -610,8 +544,8 @@ github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HK github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 h1:DpOJ2HYzCv8LZP15IdmG+YdwD2luVPHITV96TkirNBM= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= @@ -627,7 +561,6 @@ github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGq github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= @@ -637,6 +570,7 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8m github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= @@ -644,14 +578,12 @@ github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:v github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= @@ -686,7 +618,6 @@ github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= -github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= @@ -722,26 +653,20 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rubiojr/go-vhd v0.0.0-20160810183302-0bfd3b39853c/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto= -github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= @@ -763,7 +688,6 @@ github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= @@ -774,7 +698,6 @@ github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= @@ -782,7 +705,6 @@ github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -798,15 +720,14 @@ github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/vdemeester/k8s-pkg-credentialprovider v0.0.0-20200107171650-7c61ffa44238/go.mod h1:JwQJCMWpUDqjZrB5jpw0f5VbN7U95zxFy1ZDpoEarGo= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= @@ -816,7 +737,6 @@ github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1 github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= -github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -833,15 +753,14 @@ github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.2.1 h1:vGMsygfmeCl4Xb6OA5U5XVAaQZ69FvoG7X2jUtQujb8= github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.8.1 h1:SI0LqNeNxAgv2WWqWJMlG2/Ad/6aYJ7IVYYMigmfkuI= github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= -go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= @@ -865,8 +784,6 @@ golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -875,17 +792,14 @@ golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= @@ -919,7 +833,6 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -963,7 +876,6 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= @@ -973,6 +885,7 @@ golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLd golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q= golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -998,7 +911,6 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1006,8 +918,6 @@ golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1023,7 +933,6 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1033,7 +942,6 @@ golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1066,7 +974,6 @@ golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f h1:+Nyd8tzPX9R7BWHguqsrbFdRx3WQ/1ib8I44HXV5yTA= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1086,17 +993,18 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210603125802-9665404d3644 h1:CA1DEQ4NdKphKeL70tvsWNdT5oFh1lOjihRcEDROi0I= golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1105,10 +1013,8 @@ golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -1122,10 +1028,8 @@ golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1133,7 +1037,6 @@ golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191205215504-7b8c8591a921/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -1158,7 +1061,6 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201110201400-7099162a900a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -1170,12 +1072,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= -gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= -gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.6.1-0.20190607001116-5213b8090861/go.mod h1:btoxGiFvQNVUZQ8W08zLtrVS08CNpINPEfxXxgJL1Q4= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -1202,9 +1100,9 @@ google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9Ywl google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= @@ -1296,13 +1194,12 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gcfg.v1 v1.2.0/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= @@ -1312,19 +1209,18 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= @@ -1336,28 +1232,18 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI= -k8s.io/api v0.19.3/go.mod h1:VF+5FT1B74Pw3KxMdKyinLo+zynBaMBiAfGMuldcNDs= k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= -k8s.io/apimachinery v0.19.3/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apiserver v0.17.0/go.mod h1:ABM+9x/prjINN6iiffRVNCBR2Wk7uY4z+EtEGZD48cg= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k= -k8s.io/client-go v0.19.3/go.mod h1:+eEMktZM+MG0KO+PTkci8xnbCZHvj9TqR6Q1XDUIJOM= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/cloud-provider v0.17.0/go.mod h1:Ze4c3w2C0bRsjkBUoHpFi+qWe3ob1wI2/7cUn+YQIDE= -k8s.io/code-generator v0.0.0-20191121015212-c4c8f8345c7e/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= -k8s.io/component-base v0.17.0/go.mod h1:rKuRAokNMY2nn2A6LP/MiwpoaMRHpfRnrPaUJJj1Yoc= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= @@ -1365,37 +1251,17 @@ k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/csi-translation-lib v0.17.0/go.mod h1:HEF7MEz7pOLJCnxabi45IPkhSsE/KmxPQksuCrHKWls= -k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= -k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/legacy-cloud-providers v0.17.0/go.mod h1:DdzaepJ3RtRy+e5YhNtrCYwlgyK87j/5+Yfp0L9Syp8= -k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= -k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= -modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= -modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= -modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= -modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= -sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1:/ULNhyfzRopfcjskuui0cTITekDduZ7ycKN3oUT9R18= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/variables.tf b/variables.tf index ae94dbef..22ca54be 100644 --- a/variables.tf +++ b/variables.tf @@ -70,6 +70,11 @@ variable "audit_log_bucket_custom_policy_json" { default = "{}" } +variable "audit_log_bucket_key_enabled" { + description = "Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket." + default = false +} + variable "audit_log_lifecycle_glacier_transition_days" { description = "The number of days after log creation when the log file is archived into Glacier." default = 90 From 141fd66c08743f91e8948fc4b9f8e3ca2acf5194 Mon Sep 17 00:00:00 2001 From: nozaq Date: Tue, 23 Nov 2021 08:46:52 +0900 Subject: [PATCH 02/66] bump up the version --- CHANGELOG.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7574d44c..9e76e9dd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ ## [Unreleased] + +## [0.30.0] - 2021-11-23 +### Feat +- add S3 bucket key support ([#236](https://github.com/nozaq/terraform-aws-secure-baseline/issues/236)) + +### Fix +- the minimum required version of the AWS provider ([#227](https://github.com/nozaq/terraform-aws-secure-baseline/issues/227)) + + ## [0.29.2] - 2021-09-18 @@ -344,7 +353,8 @@ ## 0.0.1 - 2018-02-12 -[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.2...HEAD +[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.30.0...HEAD +[0.30.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.2...0.30.0 [0.29.2]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.1...0.29.2 [0.29.1]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.0...0.29.1 [0.29.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.28.0...0.29.0 From 1b0f314f532ccd30f24a331a283af38b6dab0bc3 Mon Sep 17 00:00:00 2001 From: Jim Geurts Date: Sat, 11 Dec 2021 03:20:32 -0600 Subject: [PATCH 03/66] feat: apply default subnet changes to existing subnets (#237) The `aws_default_subnet` resources will only be created for existing VPC default subnets. This will fix "Default subnet not found" errors when one or multiple default subnets do not exist in the VPC. Fixes: #198 --- modules/vpc-baseline/main.tf | 21 +++++++++++++++++++-- modules/vpc-baseline/versions.tf | 2 +- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index e16873b4..bd8a26dc 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -6,6 +6,23 @@ locals { data "aws_availability_zones" "all" { } +data "aws_subnets" "default" { + filter { + name = "vpc-id" + values = var.enabled ? [aws_default_vpc.default[0].id] : [] + } + + filter { + name = "default-for-az" + values = [true] + } +} + +data "aws_subnet" "default" { + for_each = toset(data.aws_subnets.default.ids) + id = each.value +} + # -------------------------------------------------------------------------------------------------- # Enable VPC Flow Logs for the default VPC. # -------------------------------------------------------------------------------------------------- @@ -45,9 +62,9 @@ resource "aws_default_vpc" "default" { } resource "aws_default_subnet" "default" { - count = var.enabled ? length(data.aws_availability_zones.all.names) : 0 + for_each = data.aws_subnet.default - availability_zone = data.aws_availability_zones.all.names[count.index] + availability_zone = each.value.availability_zone map_public_ip_on_launch = false tags = merge( diff --git a/modules/vpc-baseline/versions.tf b/modules/vpc-baseline/versions.tf index 811c8034..e95c3bb8 100644 --- a/modules/vpc-baseline/versions.tf +++ b/modules/vpc-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.55.0" } } } From 0c39831bdf971ffd955d0f3ca79a7cc4de289ce5 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 11 Dec 2021 18:28:24 +0900 Subject: [PATCH 04/66] fix: remove `aws_default_vpc` dependency (#238) --- modules/vpc-baseline/README.md | 4 +++- modules/vpc-baseline/main.tf | 5 ----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index 1128efe5..d8e663f9 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -12,7 +12,7 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 3.55.0 | ## Providers @@ -36,6 +36,8 @@ No modules. | [aws_default_vpc.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc) | resource | | [aws_flow_log.default_vpc_flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/flow_log) | resource | | [aws_availability_zones.all](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | +| [aws_subnet.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source | +| [aws_subnets.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source | ## Inputs diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index bd8a26dc..938cf923 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -7,11 +7,6 @@ data "aws_availability_zones" "all" { } data "aws_subnets" "default" { - filter { - name = "vpc-id" - values = var.enabled ? [aws_default_vpc.default[0].id] : [] - } - filter { name = "default-for-az" values = [true] From cf9b14c7a9d031f84528cc2b790951dff87e2e80 Mon Sep 17 00:00:00 2001 From: Mike Zupan Date: Sat, 11 Dec 2021 02:46:02 -0700 Subject: [PATCH 05/66] feat: optionally ignore SSO logins for MFA alarms (#234) Co-authored-by: nozaq --- main.tf | 1 + modules/alarm-baseline/main.tf | 2 +- modules/alarm-baseline/variables.tf | 5 +++++ variables.tf | 5 +++++ 4 files changed, 12 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 7cb9ef27..ae2cc5c4 100644 --- a/main.tf +++ b/main.tf @@ -98,6 +98,7 @@ module "alarm_baseline" { enabled = local.is_cloudtrail_enabled && var.cloudtrail_cloudwatch_logs_enabled unauthorized_api_calls_enabled = var.unauthorized_api_calls_enabled no_mfa_console_signin_enabled = var.no_mfa_console_signin_enabled + mfa_console_signin_allow_sso = var.mfa_console_signin_allow_sso root_usage_enabled = var.root_usage_enabled iam_changes_enabled = var.iam_changes_enabled cloudtrail_cfg_changes_enabled = var.cloudtrail_cfg_changes_enabled diff --git a/modules/alarm-baseline/main.tf b/modules/alarm-baseline/main.tf index 39d84f82..6ce37905 100644 --- a/modules/alarm-baseline/main.tf +++ b/modules/alarm-baseline/main.tf @@ -83,7 +83,7 @@ resource "aws_cloudwatch_log_metric_filter" "no_mfa_console_signin" { count = var.enabled && var.no_mfa_console_signin_enabled ? 1 : 0 name = "NoMFAConsoleSignin" - pattern = "{ ($.eventName = \"ConsoleLogin\") && ($.additionalEventData.MFAUsed != \"Yes\") }" + pattern = join(" ", ["{ ($.eventName = \"ConsoleLogin\") && ($.additionalEventData.MFAUsed != \"Yes\")", var.mfa_console_signin_allow_sso == true ? "&& ($.userIdentity.arn != \"*assumed-role/AWSReservedSSO*\") }" : "}"]) log_group_name = var.cloudtrail_log_group_name metric_transformation { diff --git a/modules/alarm-baseline/variables.tf b/modules/alarm-baseline/variables.tf index eadfadac..1631a6be 100644 --- a/modules/alarm-baseline/variables.tf +++ b/modules/alarm-baseline/variables.tf @@ -13,6 +13,11 @@ variable "no_mfa_console_signin_enabled" { default = true } +variable "mfa_console_signin_allow_sso" { + description = "The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored." + default = false +} + variable "root_usage_enabled" { description = "The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false." default = true diff --git a/variables.tf b/variables.tf index 22ca54be..90e54965 100644 --- a/variables.tf +++ b/variables.tf @@ -392,6 +392,11 @@ variable "no_mfa_console_signin_enabled" { default = true } +variable "mfa_console_signin_allow_sso" { + description = "The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored." + default = false +} + variable "root_usage_enabled" { description = "The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false." default = true From 3366cacbd64e98d2a0200551f9b004fa7c33f27b Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 11 Dec 2021 18:51:58 +0900 Subject: [PATCH 06/66] fix: use CIS recommended filter pattern (#239) --- README.md | 1 + modules/alarm-baseline/README.md | 1 + modules/alarm-baseline/main.tf | 7 +++++-- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 200435d2..f1399334 100644 --- a/README.md +++ b/README.md @@ -321,6 +321,7 @@ This module is composed of several submodules and each of which can be used inde | [master\_iam\_role\_policy\_name](#input\_master\_iam\_role\_policy\_name) | The name of the IAM Master role policy. | `string` | `"IAM-Master-Policy"` | no | | [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | `0` | no | | [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| `[]` | no | +| [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | | [minimum\_password\_length](#input\_minimum\_password\_length) | Minimum length to require for user passwords. | `number` | `14` | no | | [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [network\_gw\_changes\_enabled](#input\_network\_gw\_changes\_enabled) | The boolean flag whether the network\_gw\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index b307e705..d50b460a 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -72,6 +72,7 @@ No modules. | [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | | [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [network\_gw\_changes\_enabled](#input\_network\_gw\_changes\_enabled) | The boolean flag whether the network\_gw\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | diff --git a/modules/alarm-baseline/main.tf b/modules/alarm-baseline/main.tf index 6ce37905..2f54ae40 100644 --- a/modules/alarm-baseline/main.tf +++ b/modules/alarm-baseline/main.tf @@ -82,8 +82,11 @@ resource "aws_cloudwatch_metric_alarm" "unauthorized_api_calls" { resource "aws_cloudwatch_log_metric_filter" "no_mfa_console_signin" { count = var.enabled && var.no_mfa_console_signin_enabled ? 1 : 0 - name = "NoMFAConsoleSignin" - pattern = join(" ", ["{ ($.eventName = \"ConsoleLogin\") && ($.additionalEventData.MFAUsed != \"Yes\")", var.mfa_console_signin_allow_sso == true ? "&& ($.userIdentity.arn != \"*assumed-role/AWSReservedSSO*\") }" : "}"]) + name = "NoMFAConsoleSignin" + pattern = join(" ", [ + "{ ($.eventName = \"ConsoleLogin\") && ($.additionalEventData.MFAUsed != \"Yes\")", + var.mfa_console_signin_allow_sso ? "&& ($.userIdentity.type = \"IAMUser\") && ($.responseElements.ConsoleLogin = \"Success\") }" : "}", + ]) log_group_name = var.cloudtrail_log_group_name metric_transformation { From acd146446546d1929ad3efdaf4acda5a5a4fd9a4 Mon Sep 17 00:00:00 2001 From: nozaq Date: Fri, 7 Jan 2022 22:45:24 +0900 Subject: [PATCH 07/66] refactor: use module count instead of having ennabled variable in each submodule. (#195) * refactor: use `count` to toggle vpc-baseline * refactor: use `count` to toggle guardduty-baseline * refactor: use `count` to toggle securityhub-baseline * refactor: use `count` to toggle ebs-baseline * refactor: use `count` to toggle analyzer-baseline * refactor: use `count` to toggle config-baseline * refactor: use `count` to toggle cloudtrail-baseline * refactor: use `count` to toggle alarm-baseline * refactor: add migrations --- README.md | 4 +- analyzer_baselines.tf | 35 +- config_baselines.tf | 68 +-- ebs_baselines.tf | 50 +- guardduty_baselines.tf | 34 +- main.tf | 8 +- migrations.tf | 529 +++++++++++++++++++++ modules/alarm-baseline/README.md | 3 +- modules/alarm-baseline/main.tf | 101 ++-- modules/alarm-baseline/migrations.tf | 13 + modules/alarm-baseline/variables.tf | 5 - modules/alarm-baseline/versions.tf | 2 +- modules/analyzer-baseline/README.md | 3 +- modules/analyzer-baseline/main.tf | 2 - modules/analyzer-baseline/migrations.tf | 8 + modules/analyzer-baseline/variables.tf | 5 - modules/analyzer-baseline/versions.tf | 2 +- modules/cloudtrail-baseline/README.md | 3 +- modules/cloudtrail-baseline/main.tf | 22 +- modules/cloudtrail-baseline/migrations.tf | 13 + modules/cloudtrail-baseline/outputs.tf | 10 +- modules/cloudtrail-baseline/variables.tf | 5 - modules/cloudtrail-baseline/versions.tf | 2 +- modules/config-baseline/README.md | 3 +- modules/config-baseline/main.tf | 25 +- modules/config-baseline/migrations.tf | 28 ++ modules/config-baseline/outputs.tf | 4 +- modules/config-baseline/variables.tf | 5 - modules/config-baseline/versions.tf | 2 +- modules/ebs-baseline/README.md | 6 +- modules/ebs-baseline/main.tf | 2 - modules/ebs-baseline/migrations.tf | 8 + modules/ebs-baseline/variables.tf | 4 - modules/ebs-baseline/versions.tf | 2 +- modules/guardduty-baseline/README.md | 3 +- modules/guardduty-baseline/main.tf | 10 +- modules/guardduty-baseline/migrations.tf | 8 + modules/guardduty-baseline/outputs.tf | 2 +- modules/guardduty-baseline/variables.tf | 5 - modules/guardduty-baseline/versions.tf | 2 +- modules/securityhub-baseline/README.md | 3 +- modules/securityhub-baseline/main.tf | 11 +- modules/securityhub-baseline/migrations.tf | 9 + modules/securityhub-baseline/variables.tf | 5 - modules/securityhub-baseline/versions.tf | 2 +- modules/vpc-baseline/README.md | 3 +- modules/vpc-baseline/main.tf | 20 +- modules/vpc-baseline/migrations.tf | 23 + modules/vpc-baseline/outputs.tf | 10 +- modules/vpc-baseline/variables.tf | 5 - modules/vpc-baseline/versions.tf | 2 +- outputs.tf | 282 +++++------ securityhub_baselines.tf | 35 +- vpc_baselines.tf | 34 +- 54 files changed, 1016 insertions(+), 474 deletions(-) create mode 100644 migrations.tf create mode 100644 modules/alarm-baseline/migrations.tf create mode 100644 modules/analyzer-baseline/migrations.tf create mode 100644 modules/cloudtrail-baseline/migrations.tf create mode 100644 modules/config-baseline/migrations.tf create mode 100644 modules/ebs-baseline/migrations.tf create mode 100644 modules/guardduty-baseline/migrations.tf create mode 100644 modules/securityhub-baseline/migrations.tf create mode 100644 modules/vpc-baseline/migrations.tf diff --git a/README.md b/README.md index f1399334..5e080429 100644 --- a/README.md +++ b/README.md @@ -110,7 +110,7 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -377,7 +377,7 @@ This module is composed of several submodules and each of which can be used inde | [cloudtrail\_sns\_topic](#output\_cloudtrail\_sns\_topic) | The sns topic linked to the cloudtrail. | | [config\_configuration\_recorder](#output\_config\_configuration\_recorder) | The configuration recorder in each region. | | [config\_iam\_role](#output\_config\_iam\_role) | The IAM role used for delivering AWS Config records to CloudWatch Logs. | -| [config\_sns\_topic](#output\_config\_sns\_topic) | The SNS topic that AWS Config delivers notifications to. | +| [config\_sns\_topic](#output\_config\_sns\_topic) | The SNS topic) that AWS Config delivers notifications to. | | [default\_network\_acl](#output\_default\_network\_acl) | The default network ACL. | | [default\_route\_table](#output\_default\_route\_table) | The default route table. | | [default\_security\_group](#output\_default\_security\_group) | The ID of the default security group. | diff --git a/analyzer_baselines.tf b/analyzer_baselines.tf index 69a74954..69caab85 100644 --- a/analyzer_baselines.tf +++ b/analyzer_baselines.tf @@ -6,220 +6,221 @@ locals { # Analyzer Baseline # -------------------------------------------------------------------------------------------------- module "analyzer_baseline_ap-northeast-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ap-northeast-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-1") + analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_ap-northeast-2" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-2") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ap-northeast-2 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-2") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_ap-south-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ap-south-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ap-south-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ap-south-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_ap-northeast-3" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-3") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ap-northeast-3 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-3") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_ap-southeast-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ap-southeast-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ap-southeast-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ap-southeast-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_ap-southeast-2" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ap-southeast-2") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ap-southeast-2 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ap-southeast-2") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_ca-central-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "ca-central-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.ca-central-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "ca-central-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_eu-central-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "eu-central-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.eu-central-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "eu-central-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_eu-north-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "eu-north-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.eu-north-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "eu-north-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_eu-west-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "eu-west-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.eu-west-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "eu-west-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_eu-west-2" { + count = local.is_analyzer_enabled && contains(var.target_regions, "eu-west-2") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.eu-west-2 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "eu-west-2") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_eu-west-3" { + count = local.is_analyzer_enabled && contains(var.target_regions, "eu-west-3") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.eu-west-3 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "eu-west-3") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_sa-east-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "sa-east-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.sa-east-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "sa-east-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_us-east-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "us-east-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.us-east-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "us-east-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_us-east-2" { + count = local.is_analyzer_enabled && contains(var.target_regions, "us-east-2") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.us-east-2 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "us-east-2") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_us-west-1" { + count = local.is_analyzer_enabled && contains(var.target_regions, "us-west-1") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.us-west-1 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "us-west-1") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags } module "analyzer_baseline_us-west-2" { + count = local.is_analyzer_enabled && contains(var.target_regions, "us-west-2") ? 1 : 0 source = "./modules/analyzer-baseline" providers = { aws = aws.us-west-2 } - enabled = local.is_analyzer_enabled && contains(var.target_regions, "us-west-2") analyzer_name = var.analyzer_name is_organization = local.is_master_account tags = var.tags diff --git a/config_baselines.tf b/config_baselines.tf index 68d0de2f..de3cb477 100644 --- a/config_baselines.tf +++ b/config_baselines.tf @@ -1,22 +1,22 @@ locals { config_topics = [ - module.config_baseline_ap-northeast-1.config_sns_topic, - module.config_baseline_ap-northeast-2.config_sns_topic, - module.config_baseline_ap-northeast-3.config_sns_topic, - module.config_baseline_ap-south-1.config_sns_topic, - module.config_baseline_ap-southeast-1.config_sns_topic, - module.config_baseline_ap-southeast-2.config_sns_topic, - module.config_baseline_ca-central-1.config_sns_topic, - module.config_baseline_eu-central-1.config_sns_topic, - module.config_baseline_eu-north-1.config_sns_topic, - module.config_baseline_eu-west-1.config_sns_topic, - module.config_baseline_eu-west-2.config_sns_topic, - module.config_baseline_eu-west-3.config_sns_topic, - module.config_baseline_sa-east-1.config_sns_topic, - module.config_baseline_us-east-1.config_sns_topic, - module.config_baseline_us-east-2.config_sns_topic, - module.config_baseline_us-west-1.config_sns_topic, - module.config_baseline_us-west-2.config_sns_topic, + one(module.config_baseline_ap-northeast-1[*].config_sns_topic), + one(module.config_baseline_ap-northeast-2[*].config_sns_topic), + one(module.config_baseline_ap-northeast-3[*].config_sns_topic), + one(module.config_baseline_ap-south-1[*].config_sns_topic), + one(module.config_baseline_ap-southeast-1[*].config_sns_topic), + one(module.config_baseline_ap-southeast-2[*].config_sns_topic), + one(module.config_baseline_ca-central-1[*].config_sns_topic), + one(module.config_baseline_eu-central-1[*].config_sns_topic), + one(module.config_baseline_eu-north-1[*].config_sns_topic), + one(module.config_baseline_eu-west-1[*].config_sns_topic), + one(module.config_baseline_eu-west-2[*].config_sns_topic), + one(module.config_baseline_eu-west-3[*].config_sns_topic), + one(module.config_baseline_sa-east-1[*].config_sns_topic), + one(module.config_baseline_us-east-1[*].config_sns_topic), + one(module.config_baseline_us-east-2[*].config_sns_topic), + one(module.config_baseline_us-west-1[*].config_sns_topic), + one(module.config_baseline_us-west-2[*].config_sns_topic), ] } @@ -92,13 +92,13 @@ resource "aws_iam_role_policy_attachment" "recorder_read_policy" { # Global resource types are only recorded in the region specified by var.region. # -------------------------------------------------------------------------------------------------- module "config_baseline_ap-northeast-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ap-northeast-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -112,13 +112,13 @@ module "config_baseline_ap-northeast-1" { } module "config_baseline_ap-northeast-2" { + count = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-2") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ap-northeast-2 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-2") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -132,13 +132,13 @@ module "config_baseline_ap-northeast-2" { } module "config_baseline_ap-northeast-3" { + count = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-3") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ap-northeast-3 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-3") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -152,13 +152,13 @@ module "config_baseline_ap-northeast-3" { } module "config_baseline_ap-south-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "ap-south-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ap-south-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ap-south-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -172,13 +172,13 @@ module "config_baseline_ap-south-1" { } module "config_baseline_ap-southeast-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "ap-southeast-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ap-southeast-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ap-southeast-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -192,13 +192,13 @@ module "config_baseline_ap-southeast-1" { } module "config_baseline_ap-southeast-2" { + count = var.config_baseline_enabled && contains(var.target_regions, "ap-southeast-2") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ap-southeast-2 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ap-southeast-2") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -212,13 +212,13 @@ module "config_baseline_ap-southeast-2" { } module "config_baseline_ca-central-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "ca-central-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.ca-central-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "ca-central-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -232,13 +232,13 @@ module "config_baseline_ca-central-1" { } module "config_baseline_eu-central-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "eu-central-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.eu-central-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "eu-central-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -252,13 +252,13 @@ module "config_baseline_eu-central-1" { } module "config_baseline_eu-north-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "eu-north-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.eu-north-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "eu-north-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -272,13 +272,13 @@ module "config_baseline_eu-north-1" { } module "config_baseline_eu-west-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "eu-west-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.eu-west-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "eu-west-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -292,13 +292,13 @@ module "config_baseline_eu-west-1" { } module "config_baseline_eu-west-2" { + count = var.config_baseline_enabled && contains(var.target_regions, "eu-west-2") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.eu-west-2 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "eu-west-2") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -312,13 +312,13 @@ module "config_baseline_eu-west-2" { } module "config_baseline_eu-west-3" { + count = var.config_baseline_enabled && contains(var.target_regions, "eu-west-3") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.eu-west-3 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "eu-west-3") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -332,13 +332,13 @@ module "config_baseline_eu-west-3" { } module "config_baseline_sa-east-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "sa-east-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.sa-east-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "sa-east-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -352,13 +352,13 @@ module "config_baseline_sa-east-1" { } module "config_baseline_us-east-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "us-east-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.us-east-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "us-east-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -372,13 +372,13 @@ module "config_baseline_us-east-1" { } module "config_baseline_us-east-2" { + count = var.config_baseline_enabled && contains(var.target_regions, "us-east-2") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.us-east-2 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "us-east-2") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -392,13 +392,13 @@ module "config_baseline_us-east-2" { } module "config_baseline_us-west-1" { + count = var.config_baseline_enabled && contains(var.target_regions, "us-west-1") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.us-west-1 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "us-west-1") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix @@ -412,13 +412,13 @@ module "config_baseline_us-west-1" { } module "config_baseline_us-west-2" { + count = var.config_baseline_enabled && contains(var.target_regions, "us-west-2") ? 1 : 0 source = "./modules/config-baseline" providers = { aws = aws.us-west-2 } - enabled = var.config_baseline_enabled && contains(var.target_regions, "us-west-2") iam_role_arn = one(aws_iam_role.recorder[*].arn) s3_bucket_name = local.audit_log_bucket_id s3_key_prefix = var.config_s3_bucket_key_prefix diff --git a/ebs_baselines.tf b/ebs_baselines.tf index 2a3ec0c3..51091ab5 100644 --- a/ebs_baselines.tf +++ b/ebs_baselines.tf @@ -2,170 +2,154 @@ # SecurityHub Baseline # -------------------------------------------------------------------------------------------------- module "ebs_baseline_ap-northeast-1" { + count = contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ap-northeast-1 } - enabled = contains(var.target_regions, "ap-northeast-1") } module "ebs_baseline_ap-northeast-2" { + count = contains(var.target_regions, "ap-northeast-2") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ap-northeast-2 } - - enabled = contains(var.target_regions, "ap-northeast-2") } module "ebs_baseline_ap-northeast-3" { + count = contains(var.target_regions, "ap-northeast-3") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ap-northeast-3 } - - enabled = contains(var.target_regions, "ap-northeast-3") } module "ebs_baseline_ap-south-1" { + count = contains(var.target_regions, "ap-south-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ap-south-1 } - - enabled = contains(var.target_regions, "ap-south-1") } module "ebs_baseline_ap-southeast-1" { + count = contains(var.target_regions, "ap-southeast-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ap-southeast-1 } - - enabled = contains(var.target_regions, "ap-southeast-1") } module "ebs_baseline_ap-southeast-2" { + count = contains(var.target_regions, "ap-southeast-2") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ap-southeast-2 } - - enabled = contains(var.target_regions, "ap-southeast-2") } module "ebs_baseline_ca-central-1" { + count = contains(var.target_regions, "ca-central-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.ca-central-1 } - - enabled = contains(var.target_regions, "ca-central-1") } module "ebs_baseline_eu-central-1" { + count = contains(var.target_regions, "eu-central-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.eu-central-1 } - - enabled = contains(var.target_regions, "eu-central-1") } module "ebs_baseline_eu-north-1" { + count = contains(var.target_regions, "eu-north-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.eu-north-1 } - - enabled = contains(var.target_regions, "eu-north-1") } module "ebs_baseline_eu-west-1" { + count = contains(var.target_regions, "eu-west-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.eu-west-1 } - - enabled = contains(var.target_regions, "eu-west-1") } module "ebs_baseline_eu-west-2" { + count = contains(var.target_regions, "eu-west-2") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.eu-west-2 } - - enabled = contains(var.target_regions, "eu-west-2") } module "ebs_baseline_eu-west-3" { + count = contains(var.target_regions, "eu-west-3") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.eu-west-3 } - - enabled = contains(var.target_regions, "eu-west-3") } module "ebs_baseline_sa-east-1" { + count = contains(var.target_regions, "sa-east-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.sa-east-1 } - - enabled = contains(var.target_regions, "sa-east-1") } module "ebs_baseline_us-east-1" { + count = contains(var.target_regions, "us-east-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.us-east-1 } - - enabled = contains(var.target_regions, "us-east-1") } module "ebs_baseline_us-east-2" { + count = contains(var.target_regions, "us-east-2") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.us-east-2 } - - enabled = contains(var.target_regions, "us-east-2") } module "ebs_baseline_us-west-1" { + count = contains(var.target_regions, "us-west-1") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.us-west-1 } - - enabled = contains(var.target_regions, "us-west-1") } module "ebs_baseline_us-west-2" { + count = contains(var.target_regions, "us-west-2") ? 1 : 0 source = "./modules/ebs-baseline" providers = { aws = aws.us-west-2 } - - enabled = contains(var.target_regions, "us-west-2") } diff --git a/guardduty_baselines.tf b/guardduty_baselines.tf index 24e62d91..48d2bd89 100644 --- a/guardduty_baselines.tf +++ b/guardduty_baselines.tf @@ -9,13 +9,13 @@ locals { } module "guardduty_baseline_ap-northeast-1" { + count = contains(var.target_regions, "ap-northeast-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.ap-northeast-1 } - enabled = contains(var.target_regions, "ap-northeast-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -26,13 +26,13 @@ module "guardduty_baseline_ap-northeast-1" { } module "guardduty_baseline_ap-northeast-2" { + count = contains(var.target_regions, "ap-northeast-2") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.ap-northeast-2 } - enabled = contains(var.target_regions, "ap-northeast-2") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -43,13 +43,13 @@ module "guardduty_baseline_ap-northeast-2" { } module "guardduty_baseline_ap-northeast-3" { + count = contains(var.target_regions, "ap-northeast-3") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.ap-northeast-3 } - enabled = contains(var.target_regions, "ap-northeast-3") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -60,13 +60,13 @@ module "guardduty_baseline_ap-northeast-3" { } module "guardduty_baseline_ap-south-1" { + count = contains(var.target_regions, "ap-south-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.ap-south-1 } - enabled = contains(var.target_regions, "ap-south-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -77,13 +77,13 @@ module "guardduty_baseline_ap-south-1" { } module "guardduty_baseline_ap-southeast-1" { + count = contains(var.target_regions, "ap-southeast-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.ap-southeast-1 } - enabled = contains(var.target_regions, "ap-southeast-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -100,7 +100,7 @@ module "guardduty_baseline_ap-southeast-2" { aws = aws.ap-southeast-2 } - enabled = contains(var.target_regions, "ap-southeast-2") && var.guardduty_enabled + count = contains(var.target_regions, "ap-southeast-2") && var.guardduty_enabled ? 1 : 0 disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -111,13 +111,13 @@ module "guardduty_baseline_ap-southeast-2" { } module "guardduty_baseline_ca-central-1" { + count = contains(var.target_regions, "ca-central-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.ca-central-1 } - enabled = contains(var.target_regions, "ca-central-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -128,13 +128,13 @@ module "guardduty_baseline_ca-central-1" { } module "guardduty_baseline_eu-central-1" { + count = contains(var.target_regions, "eu-central-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.eu-central-1 } - enabled = contains(var.target_regions, "eu-central-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -145,13 +145,13 @@ module "guardduty_baseline_eu-central-1" { } module "guardduty_baseline_eu-north-1" { + count = contains(var.target_regions, "eu-north-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.eu-north-1 } - enabled = contains(var.target_regions, "eu-north-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -162,13 +162,13 @@ module "guardduty_baseline_eu-north-1" { } module "guardduty_baseline_eu-west-1" { + count = contains(var.target_regions, "eu-west-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.eu-west-1 } - enabled = contains(var.target_regions, "eu-west-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -179,13 +179,13 @@ module "guardduty_baseline_eu-west-1" { } module "guardduty_baseline_eu-west-2" { + count = contains(var.target_regions, "eu-west-2") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.eu-west-2 } - enabled = contains(var.target_regions, "eu-west-2") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -196,13 +196,13 @@ module "guardduty_baseline_eu-west-2" { } module "guardduty_baseline_eu-west-3" { + count = contains(var.target_regions, "eu-west-3") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.eu-west-3 } - enabled = contains(var.target_regions, "eu-west-3") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -213,13 +213,13 @@ module "guardduty_baseline_eu-west-3" { } module "guardduty_baseline_sa-east-1" { + count = contains(var.target_regions, "sa-east-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.sa-east-1 } - enabled = contains(var.target_regions, "sa-east-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -230,13 +230,13 @@ module "guardduty_baseline_sa-east-1" { } module "guardduty_baseline_us-east-1" { + count = contains(var.target_regions, "us-east-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.us-east-1 } - enabled = contains(var.target_regions, "us-east-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -247,13 +247,13 @@ module "guardduty_baseline_us-east-1" { } module "guardduty_baseline_us-east-2" { + count = contains(var.target_regions, "us-east-2") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.us-east-2 } - enabled = contains(var.target_regions, "us-east-2") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -264,13 +264,13 @@ module "guardduty_baseline_us-east-2" { } module "guardduty_baseline_us-west-1" { + count = contains(var.target_regions, "us-west-1") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.us-west-1 } - enabled = contains(var.target_regions, "us-west-1") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message @@ -281,13 +281,13 @@ module "guardduty_baseline_us-west-1" { } module "guardduty_baseline_us-west-2" { + count = contains(var.target_regions, "us-west-2") && var.guardduty_enabled ? 1 : 0 source = "./modules/guardduty-baseline" providers = { aws = aws.us-west-2 } - enabled = contains(var.target_regions, "us-west-2") && var.guardduty_enabled disable_email_notification = var.guardduty_disable_email_notification finding_publishing_frequency = var.guardduty_finding_publishing_frequency invitation_message = var.guardduty_invitation_message diff --git a/main.tf b/main.tf index ae2cc5c4..bf9953e0 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.15" + required_version = ">= 1.1.3" required_providers { aws = { @@ -64,9 +64,9 @@ module "iam_baseline" { # -------------------------------------------------------------------------------------------------- module "cloudtrail_baseline" { + count = local.is_cloudtrail_enabled ? 1 : 0 source = "./modules/cloudtrail-baseline" - enabled = local.is_cloudtrail_enabled aws_account_id = var.aws_account_id cloudtrail_depends_on = [aws_s3_bucket_policy.audit_log] cloudtrail_name = var.cloudtrail_name @@ -93,9 +93,9 @@ module "cloudtrail_baseline" { # -------------------------------------------------------------------------------------------------- module "alarm_baseline" { + count = local.is_cloudtrail_enabled && var.cloudtrail_cloudwatch_logs_enabled ? 1 : 0 source = "./modules/alarm-baseline" - enabled = local.is_cloudtrail_enabled && var.cloudtrail_cloudwatch_logs_enabled unauthorized_api_calls_enabled = var.unauthorized_api_calls_enabled no_mfa_console_signin_enabled = var.no_mfa_console_signin_enabled mfa_console_signin_allow_sso = var.mfa_console_signin_allow_sso @@ -113,7 +113,7 @@ module "alarm_baseline" { vpc_changes_enabled = var.vpc_changes_enabled organizations_changes_enabled = var.organizations_changes_enabled alarm_namespace = var.alarm_namespace - cloudtrail_log_group_name = local.is_cloudtrail_enabled ? module.cloudtrail_baseline.log_group : "" + cloudtrail_log_group_name = local.is_cloudtrail_enabled ? module.cloudtrail_baseline[0].log_group : "" sns_topic_name = var.alarm_sns_topic_name sns_topic_kms_master_key_id = var.alarm_sns_topic_kms_master_key_id diff --git a/migrations.tf b/migrations.tf new file mode 100644 index 00000000..53342e0b --- /dev/null +++ b/migrations.tf @@ -0,0 +1,529 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Replacing `enabled` argument in each sub-module with `count` meta-argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = module.cloudtrail_baseline + to = module.cloudtrail_baseline[0] +} + +moved { + from = module.alarm_baseline + to = module.alarm_baseline[0] +} + +# Config baseline +moved { + from = module.config_baseline_ap-northeast-1 + to = module.config_baseline_ap-northeast-1[0] +} + +moved { + from = module.config_baseline_ap-northeast-2 + to = module.config_baseline_ap-northeast-2[0] +} + +moved { + from = module.config_baseline_ap-northeast-3 + to = module.config_baseline_ap-northeast-3[0] +} + +moved { + from = module.config_baseline_ap-south-1 + to = module.config_baseline_ap-south-1[0] +} + +moved { + from = module.config_baseline_ap-southeast-1 + to = module.config_baseline_ap-southeast-1[0] +} + +moved { + from = module.config_baseline_ap-southeast-2 + to = module.config_baseline_ap-southeast-2[0] +} + +moved { + from = module.config_baseline_ca-central-1 + to = module.config_baseline_ca-central-1[0] +} + +moved { + from = module.config_baseline_eu-central-1 + to = module.config_baseline_eu-central-1[0] +} + +moved { + from = module.config_baseline_eu-north-1 + to = module.config_baseline_eu-north-1[0] +} + +moved { + from = module.config_baseline_eu-west-1 + to = module.config_baseline_eu-west-1[0] +} + +moved { + from = module.config_baseline_eu-west-2 + to = module.config_baseline_eu-west-2[0] +} + +moved { + from = module.config_baseline_eu-west-3 + to = module.config_baseline_eu-west-3[0] +} + +moved { + from = module.config_baseline_sa-east-1 + to = module.config_baseline_sa-east-1[0] +} + +moved { + from = module.config_baseline_us-east-1 + to = module.config_baseline_us-east-1[0] +} + +moved { + from = module.config_baseline_us-east-2 + to = module.config_baseline_us-east-2[0] +} + +moved { + from = module.config_baseline_us-west-1 + to = module.config_baseline_us-west-1[0] +} + +moved { + from = module.config_baseline_us-west-2 + to = module.config_baseline_us-west-2[0] +} + +# EBS baseline +moved { + from = module.ebs_baseline_ap-northeast-1 + to = module.ebs_baseline_ap-northeast-1[0] +} + +moved { + from = module.ebs_baseline_ap-northeast-2 + to = module.ebs_baseline_ap-northeast-2[0] +} + +moved { + from = module.ebs_baseline_ap-northeast-3 + to = module.ebs_baseline_ap-northeast-3[0] +} + +moved { + from = module.ebs_baseline_ap-south-1 + to = module.ebs_baseline_ap-south-1[0] +} + +moved { + from = module.ebs_baseline_ap-southeast-1 + to = module.ebs_baseline_ap-southeast-1[0] +} + +moved { + from = module.ebs_baseline_ap-southeast-2 + to = module.ebs_baseline_ap-southeast-2[0] +} + +moved { + from = module.ebs_baseline_ca-central-1 + to = module.ebs_baseline_ca-central-1[0] +} + +moved { + from = module.ebs_baseline_eu-central-1 + to = module.ebs_baseline_eu-central-1[0] +} + +moved { + from = module.ebs_baseline_eu-north-1 + to = module.ebs_baseline_eu-north-1[0] +} + +moved { + from = module.ebs_baseline_eu-west-1 + to = module.ebs_baseline_eu-west-1[0] +} + +moved { + from = module.ebs_baseline_eu-west-2 + to = module.ebs_baseline_eu-west-2[0] +} + +moved { + from = module.ebs_baseline_eu-west-3 + to = module.ebs_baseline_eu-west-3[0] +} + +moved { + from = module.ebs_baseline_sa-east-1 + to = module.ebs_baseline_sa-east-1[0] +} + +moved { + from = module.ebs_baseline_us-east-1 + to = module.ebs_baseline_us-east-1[0] +} + +moved { + from = module.ebs_baseline_us-east-2 + to = module.ebs_baseline_us-east-2[0] +} + +moved { + from = module.ebs_baseline_us-west-1 + to = module.ebs_baseline_us-west-1[0] +} + +moved { + from = module.ebs_baseline_us-west-2 + to = module.ebs_baseline_us-west-2[0] +} + +# Guardduty baseline +moved { + from = module.guardduty_baseline_ap-northeast-1 + to = module.guardduty_baseline_ap-northeast-1[0] +} + +moved { + from = module.guardduty_baseline_ap-northeast-2 + to = module.guardduty_baseline_ap-northeast-2[0] +} + +moved { + from = module.guardduty_baseline_ap-northeast-3 + to = module.guardduty_baseline_ap-northeast-3[0] +} + +moved { + from = module.guardduty_baseline_ap-south-1 + to = module.guardduty_baseline_ap-south-1[0] +} + +moved { + from = module.guardduty_baseline_ap-southeast-1 + to = module.guardduty_baseline_ap-southeast-1[0] +} + +moved { + from = module.guardduty_baseline_ap-southeast-2 + to = module.guardduty_baseline_ap-southeast-2[0] +} + +moved { + from = module.guardduty_baseline_ca-central-1 + to = module.guardduty_baseline_ca-central-1[0] +} + +moved { + from = module.guardduty_baseline_eu-central-1 + to = module.guardduty_baseline_eu-central-1[0] +} + +moved { + from = module.guardduty_baseline_eu-north-1 + to = module.guardduty_baseline_eu-north-1[0] +} + +moved { + from = module.guardduty_baseline_eu-west-1 + to = module.guardduty_baseline_eu-west-1[0] +} + +moved { + from = module.guardduty_baseline_eu-west-2 + to = module.guardduty_baseline_eu-west-2[0] +} + +moved { + from = module.guardduty_baseline_eu-west-3 + to = module.guardduty_baseline_eu-west-3[0] +} + +moved { + from = module.guardduty_baseline_sa-east-1 + to = module.guardduty_baseline_sa-east-1[0] +} + +moved { + from = module.guardduty_baseline_us-east-1 + to = module.guardduty_baseline_us-east-1[0] +} + +moved { + from = module.guardduty_baseline_us-east-2 + to = module.guardduty_baseline_us-east-2[0] +} + +moved { + from = module.guardduty_baseline_us-west-1 + to = module.guardduty_baseline_us-west-1[0] +} + +moved { + from = module.guardduty_baseline_us-west-2 + to = module.guardduty_baseline_us-west-2[0] +} + +# SecurityHub baseline +moved { + from = module.securityhub_baseline_ap-northeast-1 + to = module.securityhub_baseline_ap-northeast-1[0] +} + +moved { + from = module.securityhub_baseline_ap-northeast-2 + to = module.securityhub_baseline_ap-northeast-2[0] +} + +moved { + from = module.securityhub_baseline_ap-northeast-3 + to = module.securityhub_baseline_ap-northeast-3[0] +} + +moved { + from = module.securityhub_baseline_ap-south-1 + to = module.securityhub_baseline_ap-south-1[0] +} + +moved { + from = module.securityhub_baseline_ap-southeast-1 + to = module.securityhub_baseline_ap-southeast-1[0] +} + +moved { + from = module.securityhub_baseline_ap-southeast-2 + to = module.securityhub_baseline_ap-southeast-2[0] +} + +moved { + from = module.securityhub_baseline_ca-central-1 + to = module.securityhub_baseline_ca-central-1[0] +} + +moved { + from = module.securityhub_baseline_eu-central-1 + to = module.securityhub_baseline_eu-central-1[0] +} + +moved { + from = module.securityhub_baseline_eu-north-1 + to = module.securityhub_baseline_eu-north-1[0] +} + +moved { + from = module.securityhub_baseline_eu-west-1 + to = module.securityhub_baseline_eu-west-1[0] +} + +moved { + from = module.securityhub_baseline_eu-west-2 + to = module.securityhub_baseline_eu-west-2[0] +} + +moved { + from = module.securityhub_baseline_eu-west-3 + to = module.securityhub_baseline_eu-west-3[0] +} + +moved { + from = module.securityhub_baseline_sa-east-1 + to = module.securityhub_baseline_sa-east-1[0] +} + +moved { + from = module.securityhub_baseline_us-east-1 + to = module.securityhub_baseline_us-east-1[0] +} + +moved { + from = module.securityhub_baseline_us-east-2 + to = module.securityhub_baseline_us-east-2[0] +} + +moved { + from = module.securityhub_baseline_us-west-1 + to = module.securityhub_baseline_us-west-1[0] +} + +moved { + from = module.securityhub_baseline_us-west-2 + to = module.securityhub_baseline_us-west-2[0] +} + +# vpc baseline +moved { + from = module.vpc_baseline_ap-northeast-1 + to = module.vpc_baseline_ap-northeast-1[0] +} + +moved { + from = module.vpc_baseline_ap-northeast-2 + to = module.vpc_baseline_ap-northeast-2[0] +} + +moved { + from = module.vpc_baseline_ap-northeast-3 + to = module.vpc_baseline_ap-northeast-3[0] +} + +moved { + from = module.vpc_baseline_ap-south-1 + to = module.vpc_baseline_ap-south-1[0] +} + +moved { + from = module.vpc_baseline_ap-southeast-1 + to = module.vpc_baseline_ap-southeast-1[0] +} + +moved { + from = module.vpc_baseline_ap-southeast-2 + to = module.vpc_baseline_ap-southeast-2[0] +} + +moved { + from = module.vpc_baseline_ca-central-1 + to = module.vpc_baseline_ca-central-1[0] +} + +moved { + from = module.vpc_baseline_eu-central-1 + to = module.vpc_baseline_eu-central-1[0] +} + +moved { + from = module.vpc_baseline_eu-north-1 + to = module.vpc_baseline_eu-north-1[0] +} + +moved { + from = module.vpc_baseline_eu-west-1 + to = module.vpc_baseline_eu-west-1[0] +} + +moved { + from = module.vpc_baseline_eu-west-2 + to = module.vpc_baseline_eu-west-2[0] +} + +moved { + from = module.vpc_baseline_eu-west-3 + to = module.vpc_baseline_eu-west-3[0] +} + +moved { + from = module.vpc_baseline_sa-east-1 + to = module.vpc_baseline_sa-east-1[0] +} + +moved { + from = module.vpc_baseline_us-east-1 + to = module.vpc_baseline_us-east-1[0] +} + +moved { + from = module.vpc_baseline_us-east-2 + to = module.vpc_baseline_us-east-2[0] +} + +moved { + from = module.vpc_baseline_us-west-1 + to = module.vpc_baseline_us-west-1[0] +} + +moved { + from = module.vpc_baseline_us-west-2 + to = module.vpc_baseline_us-west-2[0] +} + +# analyzer baseline +moved { + from = module.analyzer_baseline_ap-northeast-1 + to = module.analyzer_baseline_ap-northeast-1[0] +} + +moved { + from = module.analyzer_baseline_ap-northeast-2 + to = module.analyzer_baseline_ap-northeast-2[0] +} + +moved { + from = module.analyzer_baseline_ap-northeast-3 + to = module.analyzer_baseline_ap-northeast-3[0] +} + +moved { + from = module.analyzer_baseline_ap-south-1 + to = module.analyzer_baseline_ap-south-1[0] +} + +moved { + from = module.analyzer_baseline_ap-southeast-1 + to = module.analyzer_baseline_ap-southeast-1[0] +} + +moved { + from = module.analyzer_baseline_ap-southeast-2 + to = module.analyzer_baseline_ap-southeast-2[0] +} + +moved { + from = module.analyzer_baseline_ca-central-1 + to = module.analyzer_baseline_ca-central-1[0] +} + +moved { + from = module.analyzer_baseline_eu-central-1 + to = module.analyzer_baseline_eu-central-1[0] +} + +moved { + from = module.analyzer_baseline_eu-north-1 + to = module.analyzer_baseline_eu-north-1[0] +} + +moved { + from = module.analyzer_baseline_eu-west-1 + to = module.analyzer_baseline_eu-west-1[0] +} + +moved { + from = module.analyzer_baseline_eu-west-2 + to = module.analyzer_baseline_eu-west-2[0] +} + +moved { + from = module.analyzer_baseline_eu-west-3 + to = module.analyzer_baseline_eu-west-3[0] +} + +moved { + from = module.analyzer_baseline_sa-east-1 + to = module.analyzer_baseline_sa-east-1[0] +} + +moved { + from = module.analyzer_baseline_us-east-1 + to = module.analyzer_baseline_us-east-1[0] +} + +moved { + from = module.analyzer_baseline_us-east-2 + to = module.analyzer_baseline_us-east-2[0] +} + +moved { + from = module.analyzer_baseline_us-west-1 + to = module.analyzer_baseline_us-west-1[0] +} + +moved { + from = module.analyzer_baseline_us-west-2 + to = module.analyzer_baseline_us-west-2[0] +} diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index d50b460a..81f2ac24 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -7,7 +7,7 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -70,7 +70,6 @@ No modules. | [cloudtrail\_log\_group\_name](#input\_cloudtrail\_log\_group\_name) | The name of the CloudWatch Logs group to which CloudTrail events are delivered. | `any` | n/a | yes | | [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | | [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | diff --git a/modules/alarm-baseline/main.tf b/modules/alarm-baseline/main.tf index 2f54ae40..bef948e4 100644 --- a/modules/alarm-baseline/main.tf +++ b/modules/alarm-baseline/main.tf @@ -6,8 +6,6 @@ data "aws_region" "current" {} # -------------------------------------------------------------------------------------------------- resource "aws_sns_topic" "alarms" { - count = var.enabled ? 1 : 0 - name = var.sns_topic_name kms_master_key_id = var.sns_topic_kms_master_key_id @@ -16,18 +14,15 @@ resource "aws_sns_topic" "alarms" { } resource "aws_sns_topic_policy" "alarms" { - count = var.enabled ? 1 : 0 - arn = aws_sns_topic.alarms[0].arn + arn = aws_sns_topic.alarms.arn - policy = data.aws_iam_policy_document.alarms-sns-policy[0].json + policy = data.aws_iam_policy_document.alarms-sns-policy.json } data "aws_iam_policy_document" "alarms-sns-policy" { - count = var.enabled ? 1 : 0 - statement { actions = ["sns:Publish"] - resources = [aws_sns_topic.alarms[0].arn] + resources = [aws_sns_topic.alarms.arn] principals { type = "Service" @@ -47,7 +42,7 @@ data "aws_iam_policy_document" "alarms-sns-policy" { # -------------------------------------------------------------------------------------------------- resource "aws_cloudwatch_log_metric_filter" "unauthorized_api_calls" { - count = var.enabled && var.unauthorized_api_calls_enabled ? 1 : 0 + count = var.unauthorized_api_calls_enabled ? 1 : 0 name = "UnauthorizedAPICalls" pattern = "{(($.errorCode = \"*UnauthorizedOperation\") || ($.errorCode = \"AccessDenied*\")) && (($.sourceIPAddress!=\"delivery.logs.amazonaws.com\") && ($.eventName!=\"HeadBucket\"))}" @@ -61,7 +56,7 @@ resource "aws_cloudwatch_log_metric_filter" "unauthorized_api_calls" { } resource "aws_cloudwatch_metric_alarm" "unauthorized_api_calls" { - count = var.enabled && var.unauthorized_api_calls_enabled ? 1 : 0 + count = var.unauthorized_api_calls_enabled ? 1 : 0 alarm_name = "UnauthorizedAPICalls" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -72,7 +67,7 @@ resource "aws_cloudwatch_metric_alarm" "unauthorized_api_calls" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring unauthorized API calls will help reveal application errors and may reduce time to detect malicious activity." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -80,7 +75,7 @@ resource "aws_cloudwatch_metric_alarm" "unauthorized_api_calls" { } resource "aws_cloudwatch_log_metric_filter" "no_mfa_console_signin" { - count = var.enabled && var.no_mfa_console_signin_enabled ? 1 : 0 + count = var.no_mfa_console_signin_enabled ? 1 : 0 name = "NoMFAConsoleSignin" pattern = join(" ", [ @@ -97,7 +92,7 @@ resource "aws_cloudwatch_log_metric_filter" "no_mfa_console_signin" { } resource "aws_cloudwatch_metric_alarm" "no_mfa_console_signin" { - count = var.enabled && var.no_mfa_console_signin_enabled ? 1 : 0 + count = var.no_mfa_console_signin_enabled ? 1 : 0 alarm_name = "NoMFAConsoleSignin" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -108,7 +103,7 @@ resource "aws_cloudwatch_metric_alarm" "no_mfa_console_signin" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring for single-factor console logins will increase visibility into accounts that are not protected by MFA." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -116,7 +111,7 @@ resource "aws_cloudwatch_metric_alarm" "no_mfa_console_signin" { } resource "aws_cloudwatch_log_metric_filter" "root_usage" { - count = var.enabled && var.root_usage_enabled ? 1 : 0 + count = var.root_usage_enabled ? 1 : 0 name = "RootUsage" pattern = "{ $.userIdentity.type = \"Root\" && $.userIdentity.invokedBy NOT EXISTS && $.eventType != \"AwsServiceEvent\" }" @@ -130,7 +125,7 @@ resource "aws_cloudwatch_log_metric_filter" "root_usage" { } resource "aws_cloudwatch_metric_alarm" "root_usage" { - count = var.enabled && var.root_usage_enabled ? 1 : 0 + count = var.root_usage_enabled ? 1 : 0 alarm_name = "RootUsage" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -141,7 +136,7 @@ resource "aws_cloudwatch_metric_alarm" "root_usage" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring for root account logins will provide visibility into the use of a fully privileged account and an opportunity to reduce the use of it." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -149,7 +144,7 @@ resource "aws_cloudwatch_metric_alarm" "root_usage" { } resource "aws_cloudwatch_log_metric_filter" "iam_changes" { - count = var.enabled && var.iam_changes_enabled ? 1 : 0 + count = var.iam_changes_enabled ? 1 : 0 name = "IAMChanges" pattern = "{($.eventName=DeleteGroupPolicy)||($.eventName=DeleteRolePolicy)||($.eventName=DeleteUserPolicy)||($.eventName=PutGroupPolicy)||($.eventName=PutRolePolicy)||($.eventName=PutUserPolicy)||($.eventName=CreatePolicy)||($.eventName=DeletePolicy)||($.eventName=CreatePolicyVersion)||($.eventName=DeletePolicyVersion)||($.eventName=AttachRolePolicy)||($.eventName=DetachRolePolicy)||($.eventName=AttachUserPolicy)||($.eventName=DetachUserPolicy)||($.eventName=AttachGroupPolicy)||($.eventName=DetachGroupPolicy)}" @@ -163,7 +158,7 @@ resource "aws_cloudwatch_log_metric_filter" "iam_changes" { } resource "aws_cloudwatch_metric_alarm" "iam_changes" { - count = var.enabled && var.iam_changes_enabled ? 1 : 0 + count = var.iam_changes_enabled ? 1 : 0 alarm_name = "IAMChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -174,7 +169,7 @@ resource "aws_cloudwatch_metric_alarm" "iam_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to IAM policies will help ensure authentication and authorization controls remain intact." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -182,7 +177,7 @@ resource "aws_cloudwatch_metric_alarm" "iam_changes" { } resource "aws_cloudwatch_log_metric_filter" "cloudtrail_cfg_changes" { - count = var.enabled && var.cloudtrail_cfg_changes_enabled ? 1 : 0 + count = var.cloudtrail_cfg_changes_enabled ? 1 : 0 name = "CloudTrailCfgChanges" pattern = "{ ($.eventName = CreateTrail) || ($.eventName = UpdateTrail) || ($.eventName = DeleteTrail) || ($.eventName = StartLogging) || ($.eventName = StopLogging) }" @@ -196,7 +191,7 @@ resource "aws_cloudwatch_log_metric_filter" "cloudtrail_cfg_changes" { } resource "aws_cloudwatch_metric_alarm" "cloudtrail_cfg_changes" { - count = var.enabled && var.cloudtrail_cfg_changes_enabled ? 1 : 0 + count = var.cloudtrail_cfg_changes_enabled ? 1 : 0 alarm_name = "CloudTrailCfgChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -207,7 +202,7 @@ resource "aws_cloudwatch_metric_alarm" "cloudtrail_cfg_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to CloudTrail's configuration will help ensure sustained visibility to activities performed in the AWS account." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -215,7 +210,7 @@ resource "aws_cloudwatch_metric_alarm" "cloudtrail_cfg_changes" { } resource "aws_cloudwatch_log_metric_filter" "console_signin_failures" { - count = var.enabled && var.console_signin_failures_enabled ? 1 : 0 + count = var.console_signin_failures_enabled ? 1 : 0 name = "ConsoleSigninFailures" pattern = "{ ($.eventName = ConsoleLogin) && ($.errorMessage = \"Failed authentication\") }" @@ -229,7 +224,7 @@ resource "aws_cloudwatch_log_metric_filter" "console_signin_failures" { } resource "aws_cloudwatch_metric_alarm" "console_signin_failures" { - count = var.enabled && var.console_signin_failures_enabled ? 1 : 0 + count = var.console_signin_failures_enabled ? 1 : 0 alarm_name = "ConsoleSigninFailures" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -240,7 +235,7 @@ resource "aws_cloudwatch_metric_alarm" "console_signin_failures" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring failed console logins may decrease lead time to detect an attempt to brute force a credential, which may provide an indicator, such as source IP, that can be used in other event correlation." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -248,7 +243,7 @@ resource "aws_cloudwatch_metric_alarm" "console_signin_failures" { } resource "aws_cloudwatch_log_metric_filter" "disable_or_delete_cmk" { - count = var.enabled && var.disable_or_delete_cmk_enabled ? 1 : 0 + count = var.disable_or_delete_cmk_enabled ? 1 : 0 name = "DisableOrDeleteCMK" pattern = "{ ($.eventSource = kms.amazonaws.com) && (($.eventName = DisableKey) || ($.eventName = ScheduleKeyDeletion)) }" @@ -262,7 +257,7 @@ resource "aws_cloudwatch_log_metric_filter" "disable_or_delete_cmk" { } resource "aws_cloudwatch_metric_alarm" "disable_or_delete_cmk" { - count = var.enabled && var.disable_or_delete_cmk_enabled ? 1 : 0 + count = var.disable_or_delete_cmk_enabled ? 1 : 0 alarm_name = "DisableOrDeleteCMK" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -273,7 +268,7 @@ resource "aws_cloudwatch_metric_alarm" "disable_or_delete_cmk" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring failed console logins may decrease lead time to detect an attempt to brute force a credential, which may provide an indicator, such as source IP, that can be used in other event correlation." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -281,7 +276,7 @@ resource "aws_cloudwatch_metric_alarm" "disable_or_delete_cmk" { } resource "aws_cloudwatch_log_metric_filter" "s3_bucket_policy_changes" { - count = var.enabled && var.s3_bucket_policy_changes_enabled ? 1 : 0 + count = var.s3_bucket_policy_changes_enabled ? 1 : 0 name = "S3BucketPolicyChanges" pattern = "{ ($.eventSource = s3.amazonaws.com) && (($.eventName = PutBucketAcl) || ($.eventName = PutBucketPolicy) || ($.eventName = PutBucketCors) || ($.eventName = PutBucketLifecycle) || ($.eventName = PutBucketReplication) || ($.eventName = DeleteBucketPolicy) || ($.eventName = DeleteBucketCors) || ($.eventName = DeleteBucketLifecycle) || ($.eventName = DeleteBucketReplication)) }" @@ -295,7 +290,7 @@ resource "aws_cloudwatch_log_metric_filter" "s3_bucket_policy_changes" { } resource "aws_cloudwatch_metric_alarm" "s3_bucket_policy_changes" { - count = var.enabled && var.s3_bucket_policy_changes_enabled ? 1 : 0 + count = var.s3_bucket_policy_changes_enabled ? 1 : 0 alarm_name = "S3BucketPolicyChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -306,7 +301,7 @@ resource "aws_cloudwatch_metric_alarm" "s3_bucket_policy_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to S3 bucket policies may reduce time to detect and correct permissive policies on sensitive S3 buckets." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -314,7 +309,7 @@ resource "aws_cloudwatch_metric_alarm" "s3_bucket_policy_changes" { } resource "aws_cloudwatch_log_metric_filter" "aws_config_changes" { - count = var.enabled && var.aws_config_changes_enabled ? 1 : 0 + count = var.aws_config_changes_enabled ? 1 : 0 name = "AWSConfigChanges" pattern = "{ ($.eventSource = config.amazonaws.com) && (($.eventName=StopConfigurationRecorder)||($.eventName=DeleteDeliveryChannel)||($.eventName=PutDeliveryChannel)||($.eventName=PutConfigurationRecorder)) }" @@ -328,7 +323,7 @@ resource "aws_cloudwatch_log_metric_filter" "aws_config_changes" { } resource "aws_cloudwatch_metric_alarm" "aws_config_changes" { - count = var.enabled && var.aws_config_changes_enabled ? 1 : 0 + count = var.aws_config_changes_enabled ? 1 : 0 alarm_name = "AWSConfigChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -339,7 +334,7 @@ resource "aws_cloudwatch_metric_alarm" "aws_config_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to AWS Config configuration will help ensure sustained visibility of configuration items within the AWS account." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -347,7 +342,7 @@ resource "aws_cloudwatch_metric_alarm" "aws_config_changes" { } resource "aws_cloudwatch_log_metric_filter" "security_group_changes" { - count = var.enabled && var.security_group_changes_enabled ? 1 : 0 + count = var.security_group_changes_enabled ? 1 : 0 name = "SecurityGroupChanges" pattern = "{ ($.eventName = AuthorizeSecurityGroupIngress) || ($.eventName = AuthorizeSecurityGroupEgress) || ($.eventName = RevokeSecurityGroupIngress) || ($.eventName = RevokeSecurityGroupEgress) || ($.eventName = CreateSecurityGroup) || ($.eventName = DeleteSecurityGroup)}" @@ -361,7 +356,7 @@ resource "aws_cloudwatch_log_metric_filter" "security_group_changes" { } resource "aws_cloudwatch_metric_alarm" "security_group_changes" { - count = var.enabled && var.security_group_changes_enabled ? 1 : 0 + count = var.security_group_changes_enabled ? 1 : 0 alarm_name = "SecurityGroupChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -372,7 +367,7 @@ resource "aws_cloudwatch_metric_alarm" "security_group_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to security group will help ensure that resources and services are not unintentionally exposed." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -380,7 +375,7 @@ resource "aws_cloudwatch_metric_alarm" "security_group_changes" { } resource "aws_cloudwatch_log_metric_filter" "nacl_changes" { - count = var.enabled && var.nacl_changes_enabled ? 1 : 0 + count = var.nacl_changes_enabled ? 1 : 0 name = "NACLChanges" pattern = "{ ($.eventName = CreateNetworkAcl) || ($.eventName = CreateNetworkAclEntry) || ($.eventName = DeleteNetworkAcl) || ($.eventName = DeleteNetworkAclEntry) || ($.eventName = ReplaceNetworkAclEntry) || ($.eventName = ReplaceNetworkAclAssociation) }" @@ -394,7 +389,7 @@ resource "aws_cloudwatch_log_metric_filter" "nacl_changes" { } resource "aws_cloudwatch_metric_alarm" "nacl_changes" { - count = var.enabled && var.nacl_changes_enabled ? 1 : 0 + count = var.nacl_changes_enabled ? 1 : 0 alarm_name = "NACLChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -405,7 +400,7 @@ resource "aws_cloudwatch_metric_alarm" "nacl_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to NACLs will help ensure that AWS resources and services are not unintentionally exposed." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -413,7 +408,7 @@ resource "aws_cloudwatch_metric_alarm" "nacl_changes" { } resource "aws_cloudwatch_log_metric_filter" "network_gw_changes" { - count = var.enabled && var.network_gw_changes_enabled ? 1 : 0 + count = var.network_gw_changes_enabled ? 1 : 0 name = "NetworkGWChanges" pattern = "{ ($.eventName = CreateCustomerGateway) || ($.eventName = DeleteCustomerGateway) || ($.eventName = AttachInternetGateway) || ($.eventName = CreateInternetGateway) || ($.eventName = DeleteInternetGateway) || ($.eventName = DetachInternetGateway) }" @@ -427,7 +422,7 @@ resource "aws_cloudwatch_log_metric_filter" "network_gw_changes" { } resource "aws_cloudwatch_metric_alarm" "network_gw_changes" { - count = var.enabled && var.network_gw_changes_enabled ? 1 : 0 + count = var.network_gw_changes_enabled ? 1 : 0 alarm_name = "NetworkGWChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -438,7 +433,7 @@ resource "aws_cloudwatch_metric_alarm" "network_gw_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to network gateways will help ensure that all ingress/egress traffic traverses the VPC border via a controlled path." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -446,7 +441,7 @@ resource "aws_cloudwatch_metric_alarm" "network_gw_changes" { } resource "aws_cloudwatch_log_metric_filter" "route_table_changes" { - count = var.enabled && var.route_table_changes_enabled ? 1 : 0 + count = var.route_table_changes_enabled ? 1 : 0 name = "RouteTableChanges" pattern = "{ ($.eventName = CreateRoute) || ($.eventName = CreateRouteTable) || ($.eventName = ReplaceRoute) || ($.eventName = ReplaceRouteTableAssociation) || ($.eventName = DeleteRouteTable) || ($.eventName = DeleteRoute) || ($.eventName = DisassociateRouteTable) }" @@ -460,7 +455,7 @@ resource "aws_cloudwatch_log_metric_filter" "route_table_changes" { } resource "aws_cloudwatch_metric_alarm" "route_table_changes" { - count = var.enabled && var.route_table_changes_enabled ? 1 : 0 + count = var.route_table_changes_enabled ? 1 : 0 alarm_name = "RouteTableChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -471,7 +466,7 @@ resource "aws_cloudwatch_metric_alarm" "route_table_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to route tables will help ensure that all VPC traffic flows through an expected path." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -479,7 +474,7 @@ resource "aws_cloudwatch_metric_alarm" "route_table_changes" { } resource "aws_cloudwatch_log_metric_filter" "vpc_changes" { - count = var.enabled && var.vpc_changes_enabled ? 1 : 0 + count = var.vpc_changes_enabled ? 1 : 0 name = "VPCChanges" pattern = "{ ($.eventName = CreateVpc) || ($.eventName = DeleteVpc) || ($.eventName = ModifyVpcAttribute) || ($.eventName = AcceptVpcPeeringConnection) || ($.eventName = CreateVpcPeeringConnection) || ($.eventName = DeleteVpcPeeringConnection) || ($.eventName = RejectVpcPeeringConnection) || ($.eventName = AttachClassicLinkVpc) || ($.eventName = DetachClassicLinkVpc) || ($.eventName = DisableVpcClassicLink) || ($.eventName = EnableVpcClassicLink) }" @@ -493,7 +488,7 @@ resource "aws_cloudwatch_log_metric_filter" "vpc_changes" { } resource "aws_cloudwatch_metric_alarm" "vpc_changes" { - count = var.enabled && var.vpc_changes_enabled ? 1 : 0 + count = var.vpc_changes_enabled ? 1 : 0 alarm_name = "VPCChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -504,7 +499,7 @@ resource "aws_cloudwatch_metric_alarm" "vpc_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring changes to VPC will help ensure that all VPC traffic flows through an expected path." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] @@ -512,7 +507,7 @@ resource "aws_cloudwatch_metric_alarm" "vpc_changes" { } resource "aws_cloudwatch_log_metric_filter" "organizations_changes" { - count = var.enabled && var.organizations_changes_enabled ? 1 : 0 + count = var.organizations_changes_enabled ? 1 : 0 name = "OrganizationsChanges" pattern = "{ ($.eventSource = organizations.amazonaws.com) && (($.eventName = \"AcceptHandshake\") || ($.eventName = \"AttachPolicy\") || ($.eventName = \"CreateAccount\") || ($.eventName = \"CreateOrganizationalUnit\") || ($.eventName= \"CreatePolicy\") || ($.eventName = \"DeclineHandshake\") || ($.eventName = \"DeleteOrganization\") || ($.eventName = \"DeleteOrganizationalUnit\") || ($.eventName = \"DeletePolicy\") || ($.eventName = \"DetachPolicy\") || ($.eventName = \"DisablePolicyType\") || ($.eventName = \"EnablePolicyType\") || ($.eventName = \"InviteAccountToOrganization\") || ($.eventName = \"LeaveOrganization\") || ($.eventName = \"MoveAccount\") || ($.eventName = \"RemoveAccountFromOrganization\") || ($.eventName = \"UpdatePolicy\") || ($.eventName =\"UpdateOrganizationalUnit\")) }" @@ -526,7 +521,7 @@ resource "aws_cloudwatch_log_metric_filter" "organizations_changes" { } resource "aws_cloudwatch_metric_alarm" "organizations_changes" { - count = var.enabled && var.organizations_changes_enabled ? 1 : 0 + count = var.organizations_changes_enabled ? 1 : 0 alarm_name = "OrganizationsChanges" comparison_operator = "GreaterThanOrEqualToThreshold" @@ -537,7 +532,7 @@ resource "aws_cloudwatch_metric_alarm" "organizations_changes" { statistic = "Sum" threshold = "1" alarm_description = "Monitoring AWS Organizations changes can help you prevent any unwanted, accidental or intentional modifications that may lead to unauthorized access or other security breaches." - alarm_actions = [aws_sns_topic.alarms[0].arn] + alarm_actions = [aws_sns_topic.alarms.arn] treat_missing_data = "notBreaching" insufficient_data_actions = [] diff --git a/modules/alarm-baseline/migrations.tf b/modules/alarm-baseline/migrations.tf new file mode 100644 index 00000000..60065478 --- /dev/null +++ b/modules/alarm-baseline/migrations.tf @@ -0,0 +1,13 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_sns_topic.alarms[0] + to = aws_sns_topic.alarms +} + +moved { + from = aws_sns_topic_policy.alarms[0] + to = aws_sns_topic_policy.alarms +} diff --git a/modules/alarm-baseline/variables.tf b/modules/alarm-baseline/variables.tf index 1631a6be..f35feee8 100644 --- a/modules/alarm-baseline/variables.tf +++ b/modules/alarm-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "unauthorized_api_calls_enabled" { description = "The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false." default = true diff --git a/modules/alarm-baseline/versions.tf b/modules/alarm-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/alarm-baseline/versions.tf +++ b/modules/alarm-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index ed33cc2a..3e0b99fc 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -9,7 +9,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -33,7 +33,6 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyer"` | no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [is\_organization](#input\_is\_organization) | The boolean flag whether this module is configured for the organization master account or the individual account. | `bool` | `false` | no | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | diff --git a/modules/analyzer-baseline/main.tf b/modules/analyzer-baseline/main.tf index 93b248a1..74108796 100644 --- a/modules/analyzer-baseline/main.tf +++ b/modules/analyzer-baseline/main.tf @@ -1,6 +1,4 @@ resource "aws_accessanalyzer_analyzer" "default" { - count = var.enabled ? 1 : 0 - analyzer_name = var.analyzer_name type = var.is_organization ? "ORGANIZATION" : "ACCOUNT" diff --git a/modules/analyzer-baseline/migrations.tf b/modules/analyzer-baseline/migrations.tf new file mode 100644 index 00000000..48abae80 --- /dev/null +++ b/modules/analyzer-baseline/migrations.tf @@ -0,0 +1,8 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_accessanalyzer_analyzer.default[0] + to = aws_accessanalyzer_analyzer.default +} diff --git a/modules/analyzer-baseline/variables.tf b/modules/analyzer-baseline/variables.tf index 4d9f0a18..9df076e6 100644 --- a/modules/analyzer-baseline/variables.tf +++ b/modules/analyzer-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "analyzer_name" { description = "The name for the IAM Access Analyzer resource to be created." default = "default-analyer" diff --git a/modules/analyzer-baseline/versions.tf b/modules/analyzer-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/analyzer-baseline/versions.tf +++ b/modules/analyzer-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index ac3fa736..1a64d4ee 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -7,7 +7,7 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -49,7 +49,6 @@ No modules. | [cloudwatch\_logs\_group\_name](#input\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | `"cloudtrail-multi-region"` | no | | [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | | [dynamodb\_event\_logging\_tables](#input\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | 
[
  "arn:aws:dynamodb"
]
| no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [iam\_role\_name](#input\_iam\_role\_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Role"` | no | | [iam\_role\_policy\_name](#input\_iam\_role\_policy\_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Policy"` | no | | [is\_organization\_trail](#input\_is\_organization\_trail) | Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. | `bool` | `false` | no | diff --git a/modules/cloudtrail-baseline/main.tf b/modules/cloudtrail-baseline/main.tf index f00709fc..cb02401e 100644 --- a/modules/cloudtrail-baseline/main.tf +++ b/modules/cloudtrail-baseline/main.tf @@ -2,7 +2,7 @@ # CloudWatch Logs group to accept CloudTrail event stream. # -------------------------------------------------------------------------------------------------- resource "aws_cloudwatch_log_group" "cloudtrail_events" { - count = var.cloudwatch_logs_enabled && var.enabled ? 1 : 0 + count = var.cloudwatch_logs_enabled ? 1 : 0 name = var.cloudwatch_logs_group_name retention_in_days = var.cloudwatch_logs_retention_in_days @@ -26,7 +26,7 @@ data "aws_iam_policy_document" "cloudwatch_delivery_assume_policy" { } resource "aws_iam_role" "cloudwatch_delivery" { - count = var.cloudwatch_logs_enabled && var.enabled ? 1 : 0 + count = var.cloudwatch_logs_enabled ? 1 : 0 name = var.iam_role_name assume_role_policy = data.aws_iam_policy_document.cloudwatch_delivery_assume_policy.json @@ -35,7 +35,7 @@ resource "aws_iam_role" "cloudwatch_delivery" { } data "aws_iam_policy_document" "cloudwatch_delivery_policy" { - count = var.cloudwatch_logs_enabled && var.enabled ? 1 : 0 + count = var.cloudwatch_logs_enabled ? 1 : 0 statement { sid = "AWSCloudTrailCreateLogStream2014110" @@ -51,7 +51,7 @@ data "aws_iam_policy_document" "cloudwatch_delivery_policy" { } resource "aws_iam_role_policy" "cloudwatch_delivery_policy" { - count = var.cloudwatch_logs_enabled && var.enabled ? 1 : 0 + count = var.cloudwatch_logs_enabled ? 1 : 0 name = var.iam_role_policy_name role = aws_iam_role.cloudwatch_delivery[0].id @@ -187,8 +187,6 @@ data "aws_iam_policy_document" "cloudtrail_key_policy" { } resource "aws_kms_key" "cloudtrail" { - count = var.enabled ? 1 : 0 - description = "A KMS key to encrypt CloudTrail events." deletion_window_in_days = var.key_deletion_window_in_days enable_key_rotation = "true" @@ -204,14 +202,14 @@ resource "aws_kms_key" "cloudtrail" { # -------------------------------------------------------------------------------------------------- resource "aws_sns_topic" "cloudtrail-sns-topic" { - count = var.cloudtrail_sns_topic_enabled && var.enabled ? 1 : 0 + count = var.cloudtrail_sns_topic_enabled ? 1 : 0 name = var.cloudtrail_sns_topic_name - kms_master_key_id = aws_kms_key.cloudtrail[0].id + kms_master_key_id = aws_kms_key.cloudtrail.id } data "aws_iam_policy_document" "cloudtrail-sns-policy" { - count = var.cloudtrail_sns_topic_enabled && var.enabled ? 1 : 0 + count = var.cloudtrail_sns_topic_enabled ? 1 : 0 statement { actions = ["sns:Publish"] @@ -225,7 +223,7 @@ data "aws_iam_policy_document" "cloudtrail-sns-policy" { } resource "aws_sns_topic_policy" "local-account-cloudtrail" { - count = var.cloudtrail_sns_topic_enabled && var.enabled ? 1 : 0 + count = var.cloudtrail_sns_topic_enabled ? 1 : 0 arn = aws_sns_topic.cloudtrail-sns-topic[0].arn policy = data.aws_iam_policy_document.cloudtrail-sns-policy[0].json @@ -236,8 +234,6 @@ resource "aws_sns_topic_policy" "local-account-cloudtrail" { # -------------------------------------------------------------------------------------------------- resource "aws_cloudtrail" "global" { - count = var.enabled ? 1 : 0 - name = var.cloudtrail_name cloud_watch_logs_group_arn = var.cloudwatch_logs_enabled ? "${aws_cloudwatch_log_group.cloudtrail_events[0].arn}:*" : null @@ -246,7 +242,7 @@ resource "aws_cloudtrail" "global" { include_global_service_events = true is_multi_region_trail = true is_organization_trail = var.is_organization_trail - kms_key_id = aws_kms_key.cloudtrail[0].arn + kms_key_id = aws_kms_key.cloudtrail.arn s3_bucket_name = var.s3_bucket_name s3_key_prefix = var.s3_key_prefix sns_topic_name = var.cloudtrail_sns_topic_enabled ? aws_sns_topic.cloudtrail-sns-topic[0].arn : null diff --git a/modules/cloudtrail-baseline/migrations.tf b/modules/cloudtrail-baseline/migrations.tf new file mode 100644 index 00000000..d256924d --- /dev/null +++ b/modules/cloudtrail-baseline/migrations.tf @@ -0,0 +1,13 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_kms_key.cloudtrail[0] + to = aws_kms_key.cloudtrail +} + +moved { + from = aws_cloudtrail.global[0] + to = aws_cloudtrail.global +} diff --git a/modules/cloudtrail-baseline/outputs.tf b/modules/cloudtrail-baseline/outputs.tf index 416e69fd..95d44711 100644 --- a/modules/cloudtrail-baseline/outputs.tf +++ b/modules/cloudtrail-baseline/outputs.tf @@ -1,24 +1,24 @@ output "cloudtrail" { description = "The trail for recording events in all regions." - value = var.enabled ? aws_cloudtrail.global[0] : null + value = aws_cloudtrail.global } output "cloudtrail_sns_topic" { description = "The sns topic linked to the cloudtrail." - value = var.cloudtrail_sns_topic_enabled && var.enabled ? aws_sns_topic.cloudtrail-sns-topic[0] : null + value = var.cloudtrail_sns_topic_enabled ? aws_sns_topic.cloudtrail-sns-topic[0] : null } output "kms_key" { description = "The KMS key used for encrypting CloudTrail events." - value = var.enabled ? aws_kms_key.cloudtrail[0] : null + value = aws_kms_key.cloudtrail } output "log_delivery_iam_role" { description = "The IAM role used for delivering CloudTrail events to CloudWatch Logs." - value = var.cloudwatch_logs_enabled && var.enabled ? aws_iam_role.cloudwatch_delivery[0] : null + value = var.cloudwatch_logs_enabled ? aws_iam_role.cloudwatch_delivery[0] : null } output "log_group" { description = "The CloudWatch Logs log group which stores CloudTrail events." - value = var.cloudwatch_logs_enabled && var.enabled ? aws_cloudwatch_log_group.cloudtrail_events[0].name : null + value = var.cloudwatch_logs_enabled ? aws_cloudwatch_log_group.cloudtrail_events[0].name : null } diff --git a/modules/cloudtrail-baseline/variables.tf b/modules/cloudtrail-baseline/variables.tf index 06fe6089..aa22226b 100644 --- a/modules/cloudtrail-baseline/variables.tf +++ b/modules/cloudtrail-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "aws_account_id" { description = "The AWS Account ID number of the account." } diff --git a/modules/cloudtrail-baseline/versions.tf b/modules/cloudtrail-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/cloudtrail-baseline/versions.tf +++ b/modules/cloudtrail-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index 55e73882..2ce0a6ca 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -7,7 +7,7 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -39,7 +39,6 @@ No modules. |------|-------------|------|---------|:--------:| | [delivery\_channel\_name](#input\_delivery\_channel\_name) | The name of the delivery channel. | `string` | `"default"` | no | | [delivery\_frequency](#input\_delivery\_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | `"One_Hour"` | no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [iam\_role\_arn](#input\_iam\_role\_arn) | The ARN of the IAM Role which AWS Config will use. | `any` | n/a | yes | | [include\_global\_resource\_types](#input\_include\_global\_resource\_types) | Specifies whether AWS Config includes all supported types of global resources with the resources that it records. | `bool` | `true` | no | | [recorder\_name](#input\_recorder\_name) | The name of the configuration recorder. | `string` | `"default"` | no | diff --git a/modules/config-baseline/main.tf b/modules/config-baseline/main.tf index 7ed259f0..777483f1 100644 --- a/modules/config-baseline/main.tf +++ b/modules/config-baseline/main.tf @@ -6,8 +6,6 @@ data "aws_region" "current" {} # -------------------------------------------------------------------------------------------------- resource "aws_sns_topic" "config" { - count = var.enabled ? 1 : 0 - name = var.sns_topic_name kms_master_key_id = var.sns_topic_kms_master_key_id @@ -16,18 +14,15 @@ resource "aws_sns_topic" "config" { } resource "aws_sns_topic_policy" "config" { - count = var.enabled ? 1 : 0 - arn = aws_sns_topic.config[0].arn + arn = aws_sns_topic.config.arn - policy = data.aws_iam_policy_document.config-sns-policy[0].json + policy = data.aws_iam_policy_document.config-sns-policy.json } data "aws_iam_policy_document" "config-sns-policy" { - count = var.enabled ? 1 : 0 - statement { actions = ["sns:Publish"] - resources = [aws_sns_topic.config[0].arn] + resources = [aws_sns_topic.config.arn] principals { type = "Service" @@ -43,8 +38,6 @@ data "aws_iam_policy_document" "config-sns-policy" { } resource "aws_config_configuration_recorder" "recorder" { - count = var.enabled ? 1 : 0 - name = var.recorder_name role_arn = var.iam_role_arn @@ -56,26 +49,22 @@ resource "aws_config_configuration_recorder" "recorder" { } resource "aws_config_delivery_channel" "bucket" { - count = var.enabled ? 1 : 0 - name = var.delivery_channel_name s3_bucket_name = var.s3_bucket_name s3_key_prefix = var.s3_key_prefix - sns_topic_arn = aws_sns_topic.config[0].arn + sns_topic_arn = aws_sns_topic.config.arn snapshot_delivery_properties { delivery_frequency = var.delivery_frequency } - depends_on = [aws_config_configuration_recorder.recorder[0]] + depends_on = [aws_config_configuration_recorder.recorder] } resource "aws_config_configuration_recorder_status" "recorder" { - count = var.enabled ? 1 : 0 - - name = aws_config_configuration_recorder.recorder[0].id + name = aws_config_configuration_recorder.recorder.id is_enabled = true - depends_on = [aws_config_delivery_channel.bucket[0]] + depends_on = [aws_config_delivery_channel.bucket] } diff --git a/modules/config-baseline/migrations.tf b/modules/config-baseline/migrations.tf new file mode 100644 index 00000000..5e062c52 --- /dev/null +++ b/modules/config-baseline/migrations.tf @@ -0,0 +1,28 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_sns_topic.config[0] + to = aws_sns_topic.config +} + +moved { + from = aws_sns_topic_policy.config[0] + to = aws_sns_topic_policy.config +} + +moved { + from = aws_config_configuration_recorder.recorder[0] + to = aws_config_configuration_recorder.recorder +} + +moved { + from = aws_config_configuration_recorder_status.recorder[0] + to = aws_config_configuration_recorder_status.recorder +} + +moved { + from = aws_config_delivery_channel.bucket[0] + to = aws_config_delivery_channel.bucket +} diff --git a/modules/config-baseline/outputs.tf b/modules/config-baseline/outputs.tf index 295ace30..20ee6775 100644 --- a/modules/config-baseline/outputs.tf +++ b/modules/config-baseline/outputs.tf @@ -1,9 +1,9 @@ output "configuration_recorder" { description = "The configuration recorder." - value = var.enabled ? aws_config_configuration_recorder.recorder[0] : null + value = aws_config_configuration_recorder.recorder } output "config_sns_topic" { description = "The SNS topic that AWS Config delivers notifications to." - value = var.enabled ? aws_sns_topic.config[0] : null + value = aws_sns_topic.config } diff --git a/modules/config-baseline/variables.tf b/modules/config-baseline/variables.tf index 842eba95..7be7cbf3 100644 --- a/modules/config-baseline/variables.tf +++ b/modules/config-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "iam_role_arn" { description = "The ARN of the IAM Role which AWS Config will use." } diff --git a/modules/config-baseline/versions.tf b/modules/config-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/config-baseline/versions.tf +++ b/modules/config-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index 059c6d74..4c0c2e44 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -9,7 +9,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -30,9 +30,7 @@ No modules. ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +No inputs. ## Outputs diff --git a/modules/ebs-baseline/main.tf b/modules/ebs-baseline/main.tf index 280ce04e..ce108c13 100644 --- a/modules/ebs-baseline/main.tf +++ b/modules/ebs-baseline/main.tf @@ -2,7 +2,5 @@ # Enable Default EBS Encryption # -------------------------------------------------------------------------------------------------- resource "aws_ebs_encryption_by_default" "this" { - count = var.enabled ? 1 : 0 - enabled = true } diff --git a/modules/ebs-baseline/migrations.tf b/modules/ebs-baseline/migrations.tf new file mode 100644 index 00000000..c12b94ba --- /dev/null +++ b/modules/ebs-baseline/migrations.tf @@ -0,0 +1,8 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_ebs_encryption_by_default.this[0] + to = aws_ebs_encryption_by_default.this +} diff --git a/modules/ebs-baseline/variables.tf b/modules/ebs-baseline/variables.tf index 9b77876f..e69de29b 100644 --- a/modules/ebs-baseline/variables.tf +++ b/modules/ebs-baseline/variables.tf @@ -1,4 +0,0 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} diff --git a/modules/ebs-baseline/versions.tf b/modules/ebs-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/ebs-baseline/versions.tf +++ b/modules/ebs-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index 0d10b1d8..22c41942 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -7,7 +7,7 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -33,7 +33,6 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [disable\_email\_notification](#input\_disable\_email\_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | `false` | no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [finding\_publishing\_frequency](#input\_finding\_publishing\_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | `"SIX_HOURS"` | no | | [invitation\_message](#input\_invitation\_message) | Message for invitation. | `string` | `"This is an automatic invitation message from guardduty-baseline module."` | no | | [master\_account\_id](#input\_master\_account\_id) | AWS account ID for master account. | `string` | `""` | no | diff --git a/modules/guardduty-baseline/main.tf b/modules/guardduty-baseline/main.tf index d2416510..d2b1229d 100644 --- a/modules/guardduty-baseline/main.tf +++ b/modules/guardduty-baseline/main.tf @@ -3,8 +3,6 @@ # -------------------------------------------------------------------------------------------------- resource "aws_guardduty_detector" "default" { - count = var.enabled ? 1 : 0 - enable = true finding_publishing_frequency = var.finding_publishing_frequency @@ -23,9 +21,9 @@ resource "aws_guardduty_detector" "default" { } resource "aws_guardduty_member" "members" { - count = var.enabled ? length(var.member_accounts) : 0 + count = length(var.member_accounts) - detector_id = aws_guardduty_detector.default[0].id + detector_id = aws_guardduty_detector.default.id invite = true account_id = var.member_accounts[count.index].account_id @@ -35,8 +33,8 @@ resource "aws_guardduty_member" "members" { } resource "aws_guardduty_invite_accepter" "master" { - count = var.enabled && var.master_account_id != "" ? 1 : 0 + count = var.master_account_id != "" ? 1 : 0 - detector_id = aws_guardduty_detector.default[0].id + detector_id = aws_guardduty_detector.default.id master_account_id = var.master_account_id } diff --git a/modules/guardduty-baseline/migrations.tf b/modules/guardduty-baseline/migrations.tf new file mode 100644 index 00000000..76cad35e --- /dev/null +++ b/modules/guardduty-baseline/migrations.tf @@ -0,0 +1,8 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_guardduty_detector.default[0] + to = aws_guardduty_detector.default +} diff --git a/modules/guardduty-baseline/outputs.tf b/modules/guardduty-baseline/outputs.tf index f0413467..067efd52 100644 --- a/modules/guardduty-baseline/outputs.tf +++ b/modules/guardduty-baseline/outputs.tf @@ -1,4 +1,4 @@ output "guardduty_detector" { description = "The GuardDuty detector." - value = var.enabled ? aws_guardduty_detector.default[0] : null + value = aws_guardduty_detector.default } diff --git a/modules/guardduty-baseline/variables.tf b/modules/guardduty-baseline/variables.tf index 0aa9d673..07e5177a 100644 --- a/modules/guardduty-baseline/variables.tf +++ b/modules/guardduty-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "disable_email_notification" { description = "Boolean whether an email notification is sent to the accounts." default = false diff --git a/modules/guardduty-baseline/versions.tf b/modules/guardduty-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/guardduty-baseline/versions.tf +++ b/modules/guardduty-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 0d8a0ba0..7a2790b1 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -12,7 +12,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers @@ -45,7 +45,6 @@ No modules. | [enable\_cis\_standard](#input\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | `true` | no | | [enable\_pci\_dss\_standard](#input\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | `true` | no | | [enable\_product\_arns](#input\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | `[]` | no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| `[]` | no | ## Outputs diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf index ab1a24c6..89ab92d7 100644 --- a/modules/securityhub-baseline/main.tf +++ b/modules/securityhub-baseline/main.tf @@ -3,14 +3,13 @@ data "aws_region" "current" {} # Enable SecurityHub # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_account" "main" { - count = var.enabled ? 1 : 0 } # -------------------------------------------------------------------------------------------------- # Add member accounts # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_member" "members" { - count = var.enabled ? length(var.member_accounts) : 0 + count = length(var.member_accounts) depends_on = [aws_securityhub_account.main] account_id = var.member_accounts[count.index].account_id @@ -22,7 +21,7 @@ resource "aws_securityhub_member" "members" { # Subscribe CIS benchmark # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_standards_subscription" "cis" { - count = var.enabled && var.enable_cis_standard ? 1 : 0 + count = var.enable_cis_standard ? 1 : 0 standards_arn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0" @@ -33,7 +32,7 @@ resource "aws_securityhub_standards_subscription" "cis" { # Subscribe AWS foundational security best practices standard # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_standards_subscription" "aws_foundational" { - count = var.enabled && var.enable_aws_foundational_standard ? 1 : 0 + count = var.enable_aws_foundational_standard ? 1 : 0 standards_arn = "arn:aws:securityhub:${data.aws_region.current.name}::standards/aws-foundational-security-best-practices/v/1.0.0" @@ -44,7 +43,7 @@ resource "aws_securityhub_standards_subscription" "aws_foundational" { # Subscribe PCI DSS standard # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_standards_subscription" "pci_dss" { - count = var.enabled && var.enable_pci_dss_standard ? 1 : 0 + count = var.enable_pci_dss_standard ? 1 : 0 standards_arn = "arn:aws:securityhub:${data.aws_region.current.name}::standards/pci-dss/v/3.2.1" @@ -55,7 +54,7 @@ resource "aws_securityhub_standards_subscription" "pci_dss" { # Subscribe to 3rd party products # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_product_subscription" "products" { - count = var.enabled ? length(var.enable_product_arns) : 0 + count = length(var.enable_product_arns) product_arn = replace(var.enable_product_arns[count.index], "", data.aws_region.current.name) diff --git a/modules/securityhub-baseline/migrations.tf b/modules/securityhub-baseline/migrations.tf new file mode 100644 index 00000000..bf0d1408 --- /dev/null +++ b/modules/securityhub-baseline/migrations.tf @@ -0,0 +1,9 @@ + +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_securityhub_account.main[0] + to = aws_securityhub_account.main +} diff --git a/modules/securityhub-baseline/variables.tf b/modules/securityhub-baseline/variables.tf index 0dc4fd27..dccd49fe 100644 --- a/modules/securityhub-baseline/variables.tf +++ b/modules/securityhub-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "enable_cis_standard" { description = "Boolean whether CIS standard is enabled." default = true diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index 811c8034..706c4a0d 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index d8e663f9..4823ec37 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -11,7 +11,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13 | +| [terraform](#requirement\_terraform) | >= 1.1.3 | | [aws](#requirement\_aws) | >= 3.55.0 | ## Providers @@ -44,7 +44,6 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [enable\_flow\_logs](#input\_enable\_flow\_logs) | The boolean flag whether to enable VPC Flow Logs in the default VPC | `bool` | `true` | no | -| [enabled](#input\_enabled) | The boolean flag whether this module is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [flow\_logs\_destination\_type](#input\_flow\_logs\_destination\_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | `"cloud-watch-logs"` | no | | [flow\_logs\_iam\_role\_arn](#input\_flow\_logs\_iam\_role\_arn) | The ARN of the IAM Role which will be used by VPC Flow Logs if vpc\_log\_destination\_type is cloud-watch-logs. | `string` | `""` | no | | [flow\_logs\_log\_group\_name](#input\_flow\_logs\_log\_group\_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is cloud-watch-logs. | `string` | `""` | no | diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index 938cf923..fea4edd7 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -23,7 +23,7 @@ data "aws_subnet" "default" { # -------------------------------------------------------------------------------------------------- resource "aws_cloudwatch_log_group" "default_vpc_flow_logs" { - count = var.enabled && var.enable_flow_logs && local.is_cw_logs ? 1 : 0 + count = var.enable_flow_logs && local.is_cw_logs ? 1 : 0 name = var.flow_logs_log_group_name retention_in_days = var.flow_logs_retention_in_days @@ -32,12 +32,12 @@ resource "aws_cloudwatch_log_group" "default_vpc_flow_logs" { } resource "aws_flow_log" "default_vpc_flow_logs" { - count = var.enabled && var.enable_flow_logs ? 1 : 0 + count = var.enable_flow_logs ? 1 : 0 log_destination_type = var.flow_logs_destination_type log_destination = local.is_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0].arn : local.s3_destination_arn iam_role_arn = local.is_cw_logs ? var.flow_logs_iam_role_arn : null - vpc_id = aws_default_vpc.default[0].id + vpc_id = aws_default_vpc.default.id traffic_type = "ALL" tags = var.tags @@ -48,8 +48,6 @@ resource "aws_flow_log" "default_vpc_flow_logs" { # -------------------------------------------------------------------------------------------------- resource "aws_default_vpc" "default" { - count = var.enabled ? 1 : 0 - tags = merge( var.tags, { Name = "Default VPC" } @@ -69,9 +67,7 @@ resource "aws_default_subnet" "default" { } resource "aws_default_route_table" "default" { - count = var.enabled ? 1 : 0 - - default_route_table_id = aws_default_vpc.default[0].default_route_table_id + default_route_table_id = aws_default_vpc.default.default_route_table_id tags = merge( var.tags, @@ -83,9 +79,7 @@ resource "aws_default_route_table" "default" { // https://github.com/hashicorp/terraform/issues/9824 // https://github.com/terraform-providers/terraform-provider-aws/issues/346 resource "aws_default_network_acl" "default" { - count = var.enabled ? 1 : 0 - - default_network_acl_id = aws_default_vpc.default[0].default_network_acl_id + default_network_acl_id = aws_default_vpc.default.default_network_acl_id tags = merge( var.tags, @@ -98,9 +92,7 @@ resource "aws_default_network_acl" "default" { } resource "aws_default_security_group" "default" { - count = var.enabled ? 1 : 0 - - vpc_id = aws_default_vpc.default[0].id + vpc_id = aws_default_vpc.default.id tags = merge( var.tags, diff --git a/modules/vpc-baseline/migrations.tf b/modules/vpc-baseline/migrations.tf new file mode 100644 index 00000000..363c5c26 --- /dev/null +++ b/modules/vpc-baseline/migrations.tf @@ -0,0 +1,23 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 0.31.0 +# Removing `enabled` argument. +# -------------------------------------------------------------------------------------------------- +moved { + from = aws_default_vpc.default[0] + to = aws_default_vpc.default +} + +moved { + from = aws_default_route_table.default[0] + to = aws_default_route_table.default +} + +moved { + from = aws_default_network_acl.default[0] + to = aws_default_network_acl.default +} + +moved { + from = aws_default_security_group.default[0] + to = aws_default_security_group.default +} diff --git a/modules/vpc-baseline/outputs.tf b/modules/vpc-baseline/outputs.tf index a50d0923..c6a6b069 100644 --- a/modules/vpc-baseline/outputs.tf +++ b/modules/vpc-baseline/outputs.tf @@ -1,24 +1,24 @@ output "default_vpc" { description = "The default VPC." - value = var.enabled ? aws_default_vpc.default[0] : null + value = aws_default_vpc.default } output "default_security_group" { description = "The default security group." - value = var.enabled ? aws_default_security_group.default[0] : null + value = aws_default_security_group.default } output "default_network_acl" { description = "The default network ACL." - value = var.enabled ? aws_default_network_acl.default[0] : null + value = aws_default_network_acl.default } output "default_route_table" { description = "The default route table." - value = var.enabled ? aws_default_route_table.default[0] : null + value = aws_default_route_table.default } output "vpc_flow_logs_group" { description = "The CloudWatch Logs log group which stores VPC Flow Logs." - value = var.enabled && local.is_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0] : null + value = local.is_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0] : null } diff --git a/modules/vpc-baseline/variables.tf b/modules/vpc-baseline/variables.tf index a92dcb43..79bf944c 100644 --- a/modules/vpc-baseline/variables.tf +++ b/modules/vpc-baseline/variables.tf @@ -1,8 +1,3 @@ -variable "enabled" { - description = "The boolean flag whether this module is enabled or not. No resources are created when set to false." - default = true -} - variable "enable_flow_logs" { description = "The boolean flag whether to enable VPC Flow Logs in the default VPC" default = true diff --git a/modules/vpc-baseline/versions.tf b/modules/vpc-baseline/versions.tf index e95c3bb8..0103f91a 100644 --- a/modules/vpc-baseline/versions.tf +++ b/modules/vpc-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 1.1.3" required_providers { aws = { diff --git a/outputs.tf b/outputs.tf index 7897d755..a3caaa12 100644 --- a/outputs.tf +++ b/outputs.tf @@ -13,7 +13,7 @@ output "audit_bucket" { output "alarm_sns_topic" { description = "The SNS topic to which CloudWatch Alarms will be sent." - value = module.alarm_baseline.alarm_sns_topic + value = one(module.alarm_baseline[*].alarm_sns_topic) } # -------------------------------------------------------------------------------------------------- @@ -22,27 +22,27 @@ output "alarm_sns_topic" { output "cloudtrail" { description = "The trail for recording events in all regions." - value = module.cloudtrail_baseline.cloudtrail + value = one(module.cloudtrail_baseline[*].cloudtrail) } output "cloudtrail_sns_topic" { description = "The sns topic linked to the cloudtrail." - value = module.cloudtrail_baseline.cloudtrail_sns_topic + value = one(module.cloudtrail_baseline[*].cloudtrail_sns_topic) } output "cloudtrail_kms_key" { description = "The KMS key used for encrypting CloudTrail events." - value = module.cloudtrail_baseline.kms_key + value = one(module.cloudtrail_baseline[*].kms_key) } output "cloudtrail_log_delivery_iam_role" { description = "The IAM role used for delivering CloudTrail events to CloudWatch Logs." - value = module.cloudtrail_baseline.log_delivery_iam_role + value = one(module.cloudtrail_baseline[*].log_delivery_iam_role) } output "cloudtrail_log_group" { description = "The CloudWatch Logs log group which stores CloudTrail events." - value = module.cloudtrail_baseline.log_group + value = one(module.cloudtrail_baseline[*].log_group) } # -------------------------------------------------------------------------------------------------- @@ -58,46 +58,46 @@ output "config_configuration_recorder" { description = "The configuration recorder in each region." value = { - "ap-northeast-1" = module.config_baseline_ap-northeast-1.configuration_recorder - "ap-northeast-2" = module.config_baseline_ap-northeast-2.configuration_recorder - "ap-northeast-3" = module.config_baseline_ap-northeast-3.configuration_recorder - "ap-south-1" = module.config_baseline_ap-south-1.configuration_recorder - "ap-southeast-1" = module.config_baseline_ap-southeast-1.configuration_recorder - "ap-southeast-2" = module.config_baseline_ap-southeast-2.configuration_recorder - "ca-central-1" = module.config_baseline_ca-central-1.configuration_recorder - "eu-central-1" = module.config_baseline_eu-central-1.configuration_recorder - "eu-west-1" = module.config_baseline_eu-west-1.configuration_recorder - "eu-west-2" = module.config_baseline_eu-west-2.configuration_recorder - "eu-west-3" = module.config_baseline_eu-west-3.configuration_recorder - "sa-east-1" = module.config_baseline_sa-east-1.configuration_recorder - "us-east-1" = module.config_baseline_us-east-1.configuration_recorder - "us-east-2" = module.config_baseline_us-east-2.configuration_recorder - "us-west-1" = module.config_baseline_us-west-1.configuration_recorder - "us-west-2" = module.config_baseline_us-west-2.configuration_recorder + "ap-northeast-1" = one(module.config_baseline_ap-northeast-1[*].configuration_recorder) + "ap-northeast-2" = one(module.config_baseline_ap-northeast-2[*].configuration_recorder) + "ap-northeast-3" = one(module.config_baseline_ap-northeast-3[*].configuration_recorder) + "ap-south-1" = one(module.config_baseline_ap-south-1[*].configuration_recorder) + "ap-southeast-1" = one(module.config_baseline_ap-southeast-1[*].configuration_recorder) + "ap-southeast-2" = one(module.config_baseline_ap-southeast-2[*].configuration_recorder) + "ca-central-1" = one(module.config_baseline_ca-central-1[*].configuration_recorder) + "eu-central-1" = one(module.config_baseline_eu-central-1[*].configuration_recorder) + "eu-west-1" = one(module.config_baseline_eu-west-1[*].configuration_recorder) + "eu-west-2" = one(module.config_baseline_eu-west-2[*].configuration_recorder) + "eu-west-3" = one(module.config_baseline_eu-west-3[*].configuration_recorder) + "sa-east-1" = one(module.config_baseline_sa-east-1[*].configuration_recorder) + "us-east-1" = one(module.config_baseline_us-east-1[*].configuration_recorder) + "us-east-2" = one(module.config_baseline_us-east-2[*].configuration_recorder) + "us-west-1" = one(module.config_baseline_us-west-1[*].configuration_recorder) + "us-west-2" = one(module.config_baseline_us-west-2[*].configuration_recorder) } } output "config_sns_topic" { - description = "The SNS topic that AWS Config delivers notifications to." + description = "The SNS topic) that AWS Config delivers notifications to." value = { - "ap-northeast-1" = module.config_baseline_ap-northeast-1.config_sns_topic - "ap-northeast-2" = module.config_baseline_ap-northeast-2.config_sns_topic - "ap-northeast-3" = module.config_baseline_ap-northeast-3.config_sns_topic - "ap-south-1" = module.config_baseline_ap-south-1.config_sns_topic - "ap-southeast-1" = module.config_baseline_ap-southeast-1.config_sns_topic - "ap-southeast-2" = module.config_baseline_ap-southeast-2.config_sns_topic - "ca-central-1" = module.config_baseline_ca-central-1.config_sns_topic - "eu-central-1" = module.config_baseline_eu-central-1.config_sns_topic - "eu-north-1" = module.config_baseline_eu-north-1.config_sns_topic - "eu-west-1" = module.config_baseline_eu-west-1.config_sns_topic - "eu-west-2" = module.config_baseline_eu-west-2.config_sns_topic - "eu-west-3" = module.config_baseline_eu-west-3.config_sns_topic - "sa-east-1" = module.config_baseline_sa-east-1.config_sns_topic - "us-east-1" = module.config_baseline_us-east-1.config_sns_topic - "us-east-2" = module.config_baseline_us-east-2.config_sns_topic - "us-west-1" = module.config_baseline_us-west-1.config_sns_topic - "us-west-2" = module.config_baseline_us-west-2.config_sns_topic + "ap-northeast-1" = one(module.config_baseline_ap-northeast-1[*].config_sns_topic) + "ap-northeast-2" = one(module.config_baseline_ap-northeast-2[*].config_sns_topic) + "ap-northeast-3" = one(module.config_baseline_ap-northeast-3[*].config_sns_topic) + "ap-south-1" = one(module.config_baseline_ap-south-1[*].config_sns_topic) + "ap-southeast-1" = one(module.config_baseline_ap-southeast-1[*].config_sns_topic) + "ap-southeast-2" = one(module.config_baseline_ap-southeast-2[*].config_sns_topic) + "ca-central-1" = one(module.config_baseline_ca-central-1[*].config_sns_topic) + "eu-central-1" = one(module.config_baseline_eu-central-1[*].config_sns_topic) + "eu-north-1" = one(module.config_baseline_eu-north-1[*].config_sns_topic) + "eu-west-1" = one(module.config_baseline_eu-west-1[*].config_sns_topic) + "eu-west-2" = one(module.config_baseline_eu-west-2[*].config_sns_topic) + "eu-west-3" = one(module.config_baseline_eu-west-3[*].config_sns_topic) + "sa-east-1" = one(module.config_baseline_sa-east-1[*].config_sns_topic) + "us-east-1" = one(module.config_baseline_us-east-1[*].config_sns_topic) + "us-east-2" = one(module.config_baseline_us-east-2[*].config_sns_topic) + "us-west-1" = one(module.config_baseline_us-west-1[*].config_sns_topic) + "us-west-2" = one(module.config_baseline_us-west-2[*].config_sns_topic) } } @@ -109,22 +109,22 @@ output "guardduty_detector" { description = "The GuardDuty detector in each region." value = { - "ap-northeast-1" = module.guardduty_baseline_ap-northeast-1.guardduty_detector - "ap-northeast-2" = module.guardduty_baseline_ap-northeast-2.guardduty_detector - "ap-northeast-3" = module.guardduty_baseline_ap-northeast-3.guardduty_detector - "ap-south-1" = module.guardduty_baseline_ap-south-1.guardduty_detector - "ap-southeast-1" = module.guardduty_baseline_ap-southeast-1.guardduty_detector - "ap-southeast-2" = module.guardduty_baseline_ap-southeast-2.guardduty_detector - "ca-central-1" = module.guardduty_baseline_ca-central-1.guardduty_detector - "eu-central-1" = module.guardduty_baseline_eu-central-1.guardduty_detector - "eu-north-1" = module.guardduty_baseline_eu-north-1.guardduty_detector - "eu-west-1" = module.guardduty_baseline_eu-west-1.guardduty_detector - "eu-west-2" = module.guardduty_baseline_eu-west-2.guardduty_detector - "sa-east-1" = module.guardduty_baseline_sa-east-1.guardduty_detector - "us-east-1" = module.guardduty_baseline_us-east-1.guardduty_detector - "us-east-2" = module.guardduty_baseline_us-east-2.guardduty_detector - "us-west-1" = module.guardduty_baseline_us-west-1.guardduty_detector - "us-west-2" = module.guardduty_baseline_us-west-2.guardduty_detector + "ap-northeast-1" = one(module.guardduty_baseline_ap-northeast-1[*].guardduty_detector) + "ap-northeast-2" = one(module.guardduty_baseline_ap-northeast-2[*].guardduty_detector) + "ap-northeast-3" = one(module.guardduty_baseline_ap-northeast-3[*].guardduty_detector) + "ap-south-1" = one(module.guardduty_baseline_ap-south-1[*].guardduty_detector) + "ap-southeast-1" = one(module.guardduty_baseline_ap-southeast-1[*].guardduty_detector) + "ap-southeast-2" = one(module.guardduty_baseline_ap-southeast-2[*].guardduty_detector) + "ca-central-1" = one(module.guardduty_baseline_ca-central-1[*].guardduty_detector) + "eu-central-1" = one(module.guardduty_baseline_eu-central-1[*].guardduty_detector) + "eu-north-1" = one(module.guardduty_baseline_eu-north-1[*].guardduty_detector) + "eu-west-1" = one(module.guardduty_baseline_eu-west-1[*].guardduty_detector) + "eu-west-2" = one(module.guardduty_baseline_eu-west-2[*].guardduty_detector) + "sa-east-1" = one(module.guardduty_baseline_sa-east-1[*].guardduty_detector) + "us-east-1" = one(module.guardduty_baseline_us-east-1[*].guardduty_detector) + "us-east-2" = one(module.guardduty_baseline_us-east-2[*].guardduty_detector) + "us-west-1" = one(module.guardduty_baseline_us-west-1[*].guardduty_detector) + "us-west-2" = one(module.guardduty_baseline_us-west-2[*].guardduty_detector) } } @@ -150,23 +150,23 @@ output "vpc_flow_logs_group" { description = "The CloudWatch Logs log group which stores VPC Flow Logs in each region." value = local.is_cw_logs ? { - "ap-northeast-1" = module.vpc_baseline_ap-northeast-1.vpc_flow_logs_group - "ap-northeast-2" = module.vpc_baseline_ap-northeast-2.vpc_flow_logs_group - "ap-northeast-3" = module.vpc_baseline_ap-northeast-3.vpc_flow_logs_group - "ap-south-1" = module.vpc_baseline_ap-south-1.vpc_flow_logs_group - "ap-southeast-1" = module.vpc_baseline_ap-southeast-1.vpc_flow_logs_group - "ap-southeast-2" = module.vpc_baseline_ap-southeast-2.vpc_flow_logs_group - "ca-central-1" = module.vpc_baseline_ca-central-1.vpc_flow_logs_group - "eu-central-1" = module.vpc_baseline_eu-central-1.vpc_flow_logs_group - "eu-north-1" = module.vpc_baseline_eu-north-1.vpc_flow_logs_group - "eu-west-1" = module.vpc_baseline_eu-west-1.vpc_flow_logs_group - "eu-west-2" = module.vpc_baseline_eu-west-2.vpc_flow_logs_group - "eu-west-3" = module.vpc_baseline_eu-west-3.vpc_flow_logs_group - "sa-east-1" = module.vpc_baseline_sa-east-1.vpc_flow_logs_group - "us-east-1" = module.vpc_baseline_us-east-1.vpc_flow_logs_group - "us-east-2" = module.vpc_baseline_us-east-2.vpc_flow_logs_group - "us-west-1" = module.vpc_baseline_us-west-1.vpc_flow_logs_group - "us-west-2" = module.vpc_baseline_us-west-2.vpc_flow_logs_group + "ap-northeast-1" = one(module.vpc_baseline_ap-northeast-1[*].vpc_flow_logs_group) + "ap-northeast-2" = one(module.vpc_baseline_ap-northeast-2[*].vpc_flow_logs_group) + "ap-northeast-3" = one(module.vpc_baseline_ap-northeast-3[*].vpc_flow_logs_group) + "ap-south-1" = one(module.vpc_baseline_ap-south-1[*].vpc_flow_logs_group) + "ap-southeast-1" = one(module.vpc_baseline_ap-southeast-1[*].vpc_flow_logs_group) + "ap-southeast-2" = one(module.vpc_baseline_ap-southeast-2[*].vpc_flow_logs_group) + "ca-central-1" = one(module.vpc_baseline_ca-central-1[*].vpc_flow_logs_group) + "eu-central-1" = one(module.vpc_baseline_eu-central-1[*].vpc_flow_logs_group) + "eu-north-1" = one(module.vpc_baseline_eu-north-1[*].vpc_flow_logs_group) + "eu-west-1" = one(module.vpc_baseline_eu-west-1[*].vpc_flow_logs_group) + "eu-west-2" = one(module.vpc_baseline_eu-west-2[*].vpc_flow_logs_group) + "eu-west-3" = one(module.vpc_baseline_eu-west-3[*].vpc_flow_logs_group) + "sa-east-1" = one(module.vpc_baseline_sa-east-1[*].vpc_flow_logs_group) + "us-east-1" = one(module.vpc_baseline_us-east-1[*].vpc_flow_logs_group) + "us-east-2" = one(module.vpc_baseline_us-east-2[*].vpc_flow_logs_group) + "us-west-1" = one(module.vpc_baseline_us-west-1[*].vpc_flow_logs_group) + "us-west-2" = one(module.vpc_baseline_us-west-2[*].vpc_flow_logs_group) } : null } @@ -174,23 +174,23 @@ output "default_vpc" { description = "The default VPC." value = { - "ap-northeast-1" = module.vpc_baseline_ap-northeast-1.default_vpc - "ap-northeast-2" = module.vpc_baseline_ap-northeast-2.default_vpc - "ap-northeast-3" = module.vpc_baseline_ap-northeast-3.default_vpc - "ap-south-1" = module.vpc_baseline_ap-south-1.default_vpc - "ap-southeast-1" = module.vpc_baseline_ap-southeast-1.default_vpc - "ap-southeast-2" = module.vpc_baseline_ap-southeast-2.default_vpc - "ca-central-1" = module.vpc_baseline_ca-central-1.default_vpc - "eu-central-1" = module.vpc_baseline_eu-central-1.default_vpc - "eu-north-1" = module.vpc_baseline_eu-north-1.default_vpc - "eu-west-1" = module.vpc_baseline_eu-west-1.default_vpc - "eu-west-2" = module.vpc_baseline_eu-west-2.default_vpc - "eu-west-3" = module.vpc_baseline_eu-west-3.default_vpc - "sa-east-1" = module.vpc_baseline_sa-east-1.default_vpc - "us-east-1" = module.vpc_baseline_us-east-1.default_vpc - "us-east-2" = module.vpc_baseline_us-east-2.default_vpc - "us-west-1" = module.vpc_baseline_us-west-1.default_vpc - "us-west-2" = module.vpc_baseline_us-west-2.default_vpc + "ap-northeast-1" = one(module.vpc_baseline_ap-northeast-1[*].default_vpc) + "ap-northeast-2" = one(module.vpc_baseline_ap-northeast-2[*].default_vpc) + "ap-northeast-3" = one(module.vpc_baseline_ap-northeast-3[*].default_vpc) + "ap-south-1" = one(module.vpc_baseline_ap-south-1[*].default_vpc) + "ap-southeast-1" = one(module.vpc_baseline_ap-southeast-1[*].default_vpc) + "ap-southeast-2" = one(module.vpc_baseline_ap-southeast-2[*].default_vpc) + "ca-central-1" = one(module.vpc_baseline_ca-central-1[*].default_vpc) + "eu-central-1" = one(module.vpc_baseline_eu-central-1[*].default_vpc) + "eu-north-1" = one(module.vpc_baseline_eu-north-1[*].default_vpc) + "eu-west-1" = one(module.vpc_baseline_eu-west-1[*].default_vpc) + "eu-west-2" = one(module.vpc_baseline_eu-west-2[*].default_vpc) + "eu-west-3" = one(module.vpc_baseline_eu-west-3[*].default_vpc) + "sa-east-1" = one(module.vpc_baseline_sa-east-1[*].default_vpc) + "us-east-1" = one(module.vpc_baseline_us-east-1[*].default_vpc) + "us-east-2" = one(module.vpc_baseline_us-east-2[*].default_vpc) + "us-west-1" = one(module.vpc_baseline_us-west-1[*].default_vpc) + "us-west-2" = one(module.vpc_baseline_us-west-2[*].default_vpc) } } @@ -198,23 +198,23 @@ output "default_security_group" { description = "The ID of the default security group." value = { - "ap-northeast-1" = module.vpc_baseline_ap-northeast-1.default_security_group - "ap-northeast-2" = module.vpc_baseline_ap-northeast-2.default_security_group - "ap-northeast-3" = module.vpc_baseline_ap-northeast-3.default_security_group - "ap-south-1" = module.vpc_baseline_ap-south-1.default_security_group - "ap-southeast-1" = module.vpc_baseline_ap-southeast-1.default_security_group - "ap-southeast-2" = module.vpc_baseline_ap-southeast-2.default_security_group - "ca-central-1" = module.vpc_baseline_ca-central-1.default_security_group - "eu-central-1" = module.vpc_baseline_eu-central-1.default_security_group - "eu-north-1" = module.vpc_baseline_eu-north-1.default_security_group - "eu-west-1" = module.vpc_baseline_eu-west-1.default_security_group - "eu-west-2" = module.vpc_baseline_eu-west-2.default_security_group - "eu-west-3" = module.vpc_baseline_eu-west-3.default_security_group - "sa-east-1" = module.vpc_baseline_sa-east-1.default_security_group - "us-east-1" = module.vpc_baseline_us-east-1.default_security_group - "us-east-2" = module.vpc_baseline_us-east-2.default_security_group - "us-west-1" = module.vpc_baseline_us-west-1.default_security_group - "us-west-2" = module.vpc_baseline_us-west-2.default_security_group + "ap-northeast-1" = one(module.vpc_baseline_ap-northeast-1[*].default_security_group) + "ap-northeast-2" = one(module.vpc_baseline_ap-northeast-2[*].default_security_group) + "ap-northeast-3" = one(module.vpc_baseline_ap-northeast-3[*].default_security_group) + "ap-south-1" = one(module.vpc_baseline_ap-south-1[*].default_security_group) + "ap-southeast-1" = one(module.vpc_baseline_ap-southeast-1[*].default_security_group) + "ap-southeast-2" = one(module.vpc_baseline_ap-southeast-2[*].default_security_group) + "ca-central-1" = one(module.vpc_baseline_ca-central-1[*].default_security_group) + "eu-central-1" = one(module.vpc_baseline_eu-central-1[*].default_security_group) + "eu-north-1" = one(module.vpc_baseline_eu-north-1[*].default_security_group) + "eu-west-1" = one(module.vpc_baseline_eu-west-1[*].default_security_group) + "eu-west-2" = one(module.vpc_baseline_eu-west-2[*].default_security_group) + "eu-west-3" = one(module.vpc_baseline_eu-west-3[*].default_security_group) + "sa-east-1" = one(module.vpc_baseline_sa-east-1[*].default_security_group) + "us-east-1" = one(module.vpc_baseline_us-east-1[*].default_security_group) + "us-east-2" = one(module.vpc_baseline_us-east-2[*].default_security_group) + "us-west-1" = one(module.vpc_baseline_us-west-1[*].default_security_group) + "us-west-2" = one(module.vpc_baseline_us-west-2[*].default_security_group) } } @@ -222,23 +222,23 @@ output "default_network_acl" { description = "The default network ACL." value = { - "ap-northeast-1" = module.vpc_baseline_ap-northeast-1.default_network_acl - "ap-northeast-2" = module.vpc_baseline_ap-northeast-2.default_network_acl - "ap-northeast-3" = module.vpc_baseline_ap-northeast-3.default_network_acl - "ap-south-1" = module.vpc_baseline_ap-south-1.default_network_acl - "ap-southeast-1" = module.vpc_baseline_ap-southeast-1.default_network_acl - "ap-southeast-2" = module.vpc_baseline_ap-southeast-2.default_network_acl - "ca-central-1" = module.vpc_baseline_ca-central-1.default_network_acl - "eu-central-1" = module.vpc_baseline_eu-central-1.default_network_acl - "eu-north-1" = module.vpc_baseline_eu-north-1.default_network_acl - "eu-west-1" = module.vpc_baseline_eu-west-1.default_network_acl - "eu-west-2" = module.vpc_baseline_eu-west-2.default_network_acl - "eu-west-3" = module.vpc_baseline_eu-west-3.default_network_acl - "sa-east-1" = module.vpc_baseline_sa-east-1.default_network_acl - "us-east-1" = module.vpc_baseline_us-east-1.default_network_acl - "us-east-2" = module.vpc_baseline_us-east-2.default_network_acl - "us-west-1" = module.vpc_baseline_us-west-1.default_network_acl - "us-west-2" = module.vpc_baseline_us-west-2.default_network_acl + "ap-northeast-1" = one(module.vpc_baseline_ap-northeast-1[*].default_network_acl) + "ap-northeast-2" = one(module.vpc_baseline_ap-northeast-2[*].default_network_acl) + "ap-northeast-3" = one(module.vpc_baseline_ap-northeast-3[*].default_network_acl) + "ap-south-1" = one(module.vpc_baseline_ap-south-1[*].default_network_acl) + "ap-southeast-1" = one(module.vpc_baseline_ap-southeast-1[*].default_network_acl) + "ap-southeast-2" = one(module.vpc_baseline_ap-southeast-2[*].default_network_acl) + "ca-central-1" = one(module.vpc_baseline_ca-central-1[*].default_network_acl) + "eu-central-1" = one(module.vpc_baseline_eu-central-1[*].default_network_acl) + "eu-north-1" = one(module.vpc_baseline_eu-north-1[*].default_network_acl) + "eu-west-1" = one(module.vpc_baseline_eu-west-1[*].default_network_acl) + "eu-west-2" = one(module.vpc_baseline_eu-west-2[*].default_network_acl) + "eu-west-3" = one(module.vpc_baseline_eu-west-3[*].default_network_acl) + "sa-east-1" = one(module.vpc_baseline_sa-east-1[*].default_network_acl) + "us-east-1" = one(module.vpc_baseline_us-east-1[*].default_network_acl) + "us-east-2" = one(module.vpc_baseline_us-east-2[*].default_network_acl) + "us-west-1" = one(module.vpc_baseline_us-west-1[*].default_network_acl) + "us-west-2" = one(module.vpc_baseline_us-west-2[*].default_network_acl) } } @@ -246,23 +246,23 @@ output "default_route_table" { description = "The default route table." value = { - "ap-northeast-1" = module.vpc_baseline_ap-northeast-1.default_route_table - "ap-northeast-2" = module.vpc_baseline_ap-northeast-2.default_route_table - "ap-northeast-3" = module.vpc_baseline_ap-northeast-3.default_route_table - "ap-south-1" = module.vpc_baseline_ap-south-1.default_route_table - "ap-southeast-1" = module.vpc_baseline_ap-southeast-1.default_route_table - "ap-southeast-2" = module.vpc_baseline_ap-southeast-2.default_route_table - "ca-central-1" = module.vpc_baseline_ca-central-1.default_route_table - "eu-central-1" = module.vpc_baseline_eu-central-1.default_route_table - "eu-north-1" = module.vpc_baseline_eu-north-1.default_route_table - "eu-west-1" = module.vpc_baseline_eu-west-1.default_route_table - "eu-west-2" = module.vpc_baseline_eu-west-2.default_route_table - "eu-west-3" = module.vpc_baseline_eu-west-3.default_route_table - "sa-east-1" = module.vpc_baseline_sa-east-1.default_route_table - "us-east-1" = module.vpc_baseline_us-east-1.default_route_table - "us-east-2" = module.vpc_baseline_us-east-2.default_route_table - "us-west-1" = module.vpc_baseline_us-west-1.default_route_table - "us-west-2" = module.vpc_baseline_us-west-2.default_route_table + "ap-northeast-1" = one(module.vpc_baseline_ap-northeast-1[*].default_route_table) + "ap-northeast-2" = one(module.vpc_baseline_ap-northeast-2[*].default_route_table) + "ap-northeast-3" = one(module.vpc_baseline_ap-northeast-3[*].default_route_table) + "ap-south-1" = one(module.vpc_baseline_ap-south-1[*].default_route_table) + "ap-southeast-1" = one(module.vpc_baseline_ap-southeast-1[*].default_route_table) + "ap-southeast-2" = one(module.vpc_baseline_ap-southeast-2[*].default_route_table) + "ca-central-1" = one(module.vpc_baseline_ca-central-1[*].default_route_table) + "eu-central-1" = one(module.vpc_baseline_eu-central-1[*].default_route_table) + "eu-north-1" = one(module.vpc_baseline_eu-north-1[*].default_route_table) + "eu-west-1" = one(module.vpc_baseline_eu-west-1[*].default_route_table) + "eu-west-2" = one(module.vpc_baseline_eu-west-2[*].default_route_table) + "eu-west-3" = one(module.vpc_baseline_eu-west-3[*].default_route_table) + "sa-east-1" = one(module.vpc_baseline_sa-east-1[*].default_route_table) + "us-east-1" = one(module.vpc_baseline_us-east-1[*].default_route_table) + "us-east-2" = one(module.vpc_baseline_us-east-2[*].default_route_table) + "us-west-1" = one(module.vpc_baseline_us-west-1[*].default_route_table) + "us-west-2" = one(module.vpc_baseline_us-west-2[*].default_route_table) } } diff --git a/securityhub_baselines.tf b/securityhub_baselines.tf index ba90ed9a..19c07e1a 100644 --- a/securityhub_baselines.tf +++ b/securityhub_baselines.tf @@ -6,12 +6,13 @@ locals { } module "securityhub_baseline_ap-northeast-1" { + count = contains(var.target_regions, "ap-northeast-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ap-northeast-1 } - enabled = contains(var.target_regions, "ap-northeast-1") && var.securityhub_enabled + enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -19,13 +20,13 @@ module "securityhub_baseline_ap-northeast-1" { } module "securityhub_baseline_ap-northeast-2" { + count = contains(var.target_regions, "ap-northeast-2") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ap-northeast-2 } - enabled = contains(var.target_regions, "ap-northeast-2") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -34,13 +35,13 @@ module "securityhub_baseline_ap-northeast-2" { } module "securityhub_baseline_ap-northeast-3" { + count = contains(var.target_regions, "ap-northeast-3") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ap-northeast-3 } - enabled = contains(var.target_regions, "ap-northeast-3") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -49,13 +50,13 @@ module "securityhub_baseline_ap-northeast-3" { } module "securityhub_baseline_ap-south-1" { + count = contains(var.target_regions, "ap-south-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ap-south-1 } - enabled = contains(var.target_regions, "ap-south-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -64,13 +65,13 @@ module "securityhub_baseline_ap-south-1" { } module "securityhub_baseline_ap-southeast-1" { + count = contains(var.target_regions, "ap-southeast-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ap-southeast-1 } - enabled = contains(var.target_regions, "ap-southeast-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -79,13 +80,13 @@ module "securityhub_baseline_ap-southeast-1" { } module "securityhub_baseline_ap-southeast-2" { + count = contains(var.target_regions, "ap-southeast-2") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ap-southeast-2 } - enabled = contains(var.target_regions, "ap-southeast-2") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -94,13 +95,13 @@ module "securityhub_baseline_ap-southeast-2" { } module "securityhub_baseline_ca-central-1" { + count = contains(var.target_regions, "ca-central-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.ca-central-1 } - enabled = contains(var.target_regions, "ca-central-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -109,13 +110,13 @@ module "securityhub_baseline_ca-central-1" { } module "securityhub_baseline_eu-central-1" { + count = contains(var.target_regions, "eu-central-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.eu-central-1 } - enabled = contains(var.target_regions, "eu-central-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -124,13 +125,13 @@ module "securityhub_baseline_eu-central-1" { } module "securityhub_baseline_eu-north-1" { + count = contains(var.target_regions, "eu-north-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.eu-north-1 } - enabled = contains(var.target_regions, "eu-north-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -139,13 +140,13 @@ module "securityhub_baseline_eu-north-1" { } module "securityhub_baseline_eu-west-1" { + count = contains(var.target_regions, "eu-west-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.eu-west-1 } - enabled = contains(var.target_regions, "eu-west-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -154,13 +155,13 @@ module "securityhub_baseline_eu-west-1" { } module "securityhub_baseline_eu-west-2" { + count = contains(var.target_regions, "eu-west-2") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.eu-west-2 } - enabled = contains(var.target_regions, "eu-west-2") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -169,13 +170,13 @@ module "securityhub_baseline_eu-west-2" { } module "securityhub_baseline_eu-west-3" { + count = contains(var.target_regions, "eu-west-3") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.eu-west-3 } - enabled = contains(var.target_regions, "eu-west-3") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -184,13 +185,13 @@ module "securityhub_baseline_eu-west-3" { } module "securityhub_baseline_sa-east-1" { + count = contains(var.target_regions, "sa-east-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.sa-east-1 } - enabled = contains(var.target_regions, "sa-east-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -199,13 +200,13 @@ module "securityhub_baseline_sa-east-1" { } module "securityhub_baseline_us-east-1" { + count = contains(var.target_regions, "us-east-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.us-east-1 } - enabled = contains(var.target_regions, "us-east-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -214,13 +215,13 @@ module "securityhub_baseline_us-east-1" { } module "securityhub_baseline_us-east-2" { + count = contains(var.target_regions, "us-east-2") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.us-east-2 } - enabled = contains(var.target_regions, "us-east-2") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -229,13 +230,13 @@ module "securityhub_baseline_us-east-2" { } module "securityhub_baseline_us-west-1" { + count = contains(var.target_regions, "us-west-1") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.us-west-1 } - enabled = contains(var.target_regions, "us-west-1") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -244,13 +245,13 @@ module "securityhub_baseline_us-west-1" { } module "securityhub_baseline_us-west-2" { + count = contains(var.target_regions, "us-west-2") && var.securityhub_enabled ? 1 : 0 source = "./modules/securityhub-baseline" providers = { aws = aws.us-west-2 } - enabled = contains(var.target_regions, "us-west-2") && var.securityhub_enabled enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard diff --git a/vpc_baselines.tf b/vpc_baselines.tf index 4bb08b5d..ba364029 100644 --- a/vpc_baselines.tf +++ b/vpc_baselines.tf @@ -62,13 +62,13 @@ resource "aws_iam_role_policy" "flow_logs_publish_policy" { # -------------------------------------------------------------------------------------------------- module "vpc_baseline_ap-northeast-1" { + count = local.is_enabled && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ap-northeast-1 } - enabled = local.is_enabled && contains(var.target_regions, "ap-northeast-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -82,13 +82,13 @@ module "vpc_baseline_ap-northeast-1" { } module "vpc_baseline_ap-northeast-2" { + count = local.is_enabled && contains(var.target_regions, "ap-northeast-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ap-northeast-2 } - enabled = local.is_enabled && contains(var.target_regions, "ap-northeast-2") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -102,13 +102,13 @@ module "vpc_baseline_ap-northeast-2" { } module "vpc_baseline_ap-northeast-3" { + count = local.is_enabled && contains(var.target_regions, "ap-northeast-3") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ap-northeast-3 } - enabled = local.is_enabled && contains(var.target_regions, "ap-northeast-3") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -122,13 +122,13 @@ module "vpc_baseline_ap-northeast-3" { } module "vpc_baseline_ap-south-1" { + count = local.is_enabled && contains(var.target_regions, "ap-south-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ap-south-1 } - enabled = local.is_enabled && contains(var.target_regions, "ap-south-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -142,13 +142,13 @@ module "vpc_baseline_ap-south-1" { } module "vpc_baseline_ap-southeast-1" { + count = local.is_enabled && contains(var.target_regions, "ap-southeast-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ap-southeast-1 } - enabled = local.is_enabled && contains(var.target_regions, "ap-southeast-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -162,13 +162,13 @@ module "vpc_baseline_ap-southeast-1" { } module "vpc_baseline_ap-southeast-2" { + count = local.is_enabled && contains(var.target_regions, "ap-southeast-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ap-southeast-2 } - enabled = local.is_enabled && contains(var.target_regions, "ap-southeast-2") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -182,13 +182,13 @@ module "vpc_baseline_ap-southeast-2" { } module "vpc_baseline_ca-central-1" { + count = local.is_enabled && contains(var.target_regions, "ca-central-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.ca-central-1 } - enabled = local.is_enabled && contains(var.target_regions, "ca-central-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -202,13 +202,13 @@ module "vpc_baseline_ca-central-1" { } module "vpc_baseline_eu-central-1" { + count = local.is_enabled && contains(var.target_regions, "eu-central-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.eu-central-1 } - enabled = local.is_enabled && contains(var.target_regions, "eu-central-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -222,13 +222,13 @@ module "vpc_baseline_eu-central-1" { } module "vpc_baseline_eu-north-1" { + count = local.is_enabled && contains(var.target_regions, "eu-north-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.eu-north-1 } - enabled = local.is_enabled && contains(var.target_regions, "eu-north-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -242,13 +242,13 @@ module "vpc_baseline_eu-north-1" { } module "vpc_baseline_eu-west-1" { + count = local.is_enabled && contains(var.target_regions, "eu-west-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.eu-west-1 } - enabled = local.is_enabled && contains(var.target_regions, "eu-west-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -262,13 +262,13 @@ module "vpc_baseline_eu-west-1" { } module "vpc_baseline_eu-west-2" { + count = local.is_enabled && contains(var.target_regions, "eu-west-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.eu-west-2 } - enabled = local.is_enabled && contains(var.target_regions, "eu-west-2") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -282,13 +282,13 @@ module "vpc_baseline_eu-west-2" { } module "vpc_baseline_eu-west-3" { + count = local.is_enabled && contains(var.target_regions, "eu-west-3") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.eu-west-3 } - enabled = local.is_enabled && contains(var.target_regions, "eu-west-3") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -302,13 +302,13 @@ module "vpc_baseline_eu-west-3" { } module "vpc_baseline_sa-east-1" { + count = local.is_enabled && contains(var.target_regions, "sa-east-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.sa-east-1 } - enabled = local.is_enabled && contains(var.target_regions, "sa-east-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -322,13 +322,13 @@ module "vpc_baseline_sa-east-1" { } module "vpc_baseline_us-east-1" { + count = local.is_enabled && contains(var.target_regions, "us-east-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.us-east-1 } - enabled = local.is_enabled && contains(var.target_regions, "us-east-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -342,13 +342,13 @@ module "vpc_baseline_us-east-1" { } module "vpc_baseline_us-east-2" { + count = local.is_enabled && contains(var.target_regions, "us-east-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.us-east-2 } - enabled = local.is_enabled && contains(var.target_regions, "us-east-2") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -362,13 +362,13 @@ module "vpc_baseline_us-east-2" { } module "vpc_baseline_us-west-1" { + count = local.is_enabled && contains(var.target_regions, "us-west-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.us-west-1 } - enabled = local.is_enabled && contains(var.target_regions, "us-west-1") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name @@ -382,13 +382,13 @@ module "vpc_baseline_us-west-1" { } module "vpc_baseline_us-west-2" { + count = local.is_enabled && contains(var.target_regions, "us-west-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { aws = aws.us-west-2 } - enabled = local.is_enabled && contains(var.target_regions, "us-west-2") enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name From ceabfc7c811b18ac00dffe7a1b16df0e258b6399 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 8 Jan 2022 21:20:44 +0900 Subject: [PATCH 08/66] feat: add inputs to toggle submodules (#240) --- README.md | 5 +++++ analyzer_baselines.tf | 2 +- main.tf | 6 ++++-- migrations.tf | 15 +++++++++++++++ outputs.tf | 2 +- variables.tf | 23 +++++++++++++++++++++++ 6 files changed, 49 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 5e080429..df4e0315 100644 --- a/README.md +++ b/README.md @@ -267,10 +267,12 @@ This module is composed of several submodules and each of which can be used inde | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [account\_type](#input\_account\_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | `"individual"` | no | +| [alarm\_baseline\_enabled](#input\_alarm\_baseline\_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | `true` | no | | [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | `"CISBenchmark"` | no | | [alarm\_sns\_topic\_kms\_master\_key\_id](#input\_alarm\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | | [alarm\_sns\_topic\_name](#input\_alarm\_sns\_topic\_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | `"CISAlarm"` | no | | [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | `true` | no | +| [analyzer\_baseline\_enabled](#input\_analyzer\_baseline\_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | `true` | no | | [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyzer"` | no | | [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | `"{}"` | no | | [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | @@ -279,6 +281,7 @@ This module is composed of several submodules and each of which can be used inde | [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | `90` | no | | [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | n/a | yes | | [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [cloudtrail\_baseline\_enabled](#input\_cloudtrail\_baseline\_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | `true` | no | | [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [cloudtrail\_cloudwatch\_logs\_enabled](#input\_cloudtrail\_cloudwatch\_logs\_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | `true` | no | | [cloudtrail\_cloudwatch\_logs\_group\_name](#input\_cloudtrail\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | `"cloudtrail-multi-region"` | no | @@ -313,6 +316,7 @@ This module is composed of several submodules and each of which can be used inde | [guardduty\_enabled](#input\_guardduty\_enabled) | Boolean whether the guardduty-baseline module is enabled or disabled | `bool` | `true` | no | | [guardduty\_finding\_publishing\_frequency](#input\_guardduty\_finding\_publishing\_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | `"SIX_HOURS"` | no | | [guardduty\_invitation\_message](#input\_guardduty\_invitation\_message) | Message for invitation. | `string` | `"This is an automatic invitation message from guardduty-baseline module."` | no | +| [iam\_baseline\_enabled](#input\_iam\_baseline\_enabled) | Boolean whether iam-baseline is enabled. | `bool` | `true` | no | | [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [manager\_iam\_role\_name](#input\_manager\_iam\_role\_name) | The name of the IAM Manager role. | `string` | `"IAM-Manager"` | no | | [manager\_iam\_role\_policy\_name](#input\_manager\_iam\_role\_policy\_name) | The name of the IAM Manager role policy. | `string` | `"IAM-Manager-Policy"` | no | @@ -335,6 +339,7 @@ This module is composed of several submodules and each of which can be used inde | [require\_uppercase\_characters](#input\_require\_uppercase\_characters) | Whether to require uppercase characters for user passwords. | `bool` | `false` | no | | [root\_usage\_enabled](#input\_root\_usage\_enabled) | The boolean flag whether the root\_usage alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | | [route\_table\_changes\_enabled](#input\_route\_table\_changes\_enabled) | The boolean flag whether the route\_table\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [s3\_baseline\_enabled](#input\_s3\_baseline\_enabled) | Boolean whether s3-baseline is enabled. | `bool` | `true` | no | | [s3\_block\_public\_acls](#input\_s3\_block\_public\_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | | [s3\_block\_public\_policy](#input\_s3\_block\_public\_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | | [s3\_bucket\_policy\_changes\_enabled](#input\_s3\_bucket\_policy\_changes\_enabled) | The boolean flag whether the s3\_bucket\_policy\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | diff --git a/analyzer_baselines.tf b/analyzer_baselines.tf index 69caab85..f02f68ea 100644 --- a/analyzer_baselines.tf +++ b/analyzer_baselines.tf @@ -1,5 +1,5 @@ locals { - is_analyzer_enabled = local.is_individual_account || local.is_master_account + is_analyzer_enabled = var.analyzer_baseline_enabled && (local.is_individual_account || local.is_master_account) } # -------------------------------------------------------------------------------------------------- diff --git a/main.tf b/main.tf index bf9953e0..da2dfe62 100644 --- a/main.tf +++ b/main.tf @@ -31,7 +31,7 @@ locals { is_master_account = var.account_type == "master" is_member_account = var.account_type == "member" - is_cloudtrail_enabled = local.is_individual_account || local.is_master_account + is_cloudtrail_enabled = var.cloudtrail_baseline_enabled && (local.is_individual_account || local.is_master_account) } # -------------------------------------------------------------------------------------------------- @@ -39,6 +39,7 @@ locals { # -------------------------------------------------------------------------------------------------- module "iam_baseline" { + count = var.iam_baseline_enabled ? 1 : 0 source = "./modules/iam-baseline" aws_account_id = var.aws_account_id @@ -93,7 +94,7 @@ module "cloudtrail_baseline" { # -------------------------------------------------------------------------------------------------- module "alarm_baseline" { - count = local.is_cloudtrail_enabled && var.cloudtrail_cloudwatch_logs_enabled ? 1 : 0 + count = var.alarm_baseline_enabled && local.is_cloudtrail_enabled && var.cloudtrail_cloudwatch_logs_enabled ? 1 : 0 source = "./modules/alarm-baseline" unauthorized_api_calls_enabled = var.unauthorized_api_calls_enabled @@ -125,6 +126,7 @@ module "alarm_baseline" { # -------------------------------------------------------------------------------------------------- module "s3_baseline" { + count = var.s3_baseline_enabled ? 1 : 0 source = "./modules/s3-baseline" block_public_acls = var.s3_block_public_acls diff --git a/migrations.tf b/migrations.tf index 53342e0b..a8e46321 100644 --- a/migrations.tf +++ b/migrations.tf @@ -12,6 +12,21 @@ moved { to = module.alarm_baseline[0] } +moved { + from = module.s3_baseline + to = module.s3_baseline[0] +} + +moved { + from = module.iam_baseline + to = module.iam_baseline[0] +} + +moved { + from = module.analyzer_baseline + to = module.analyzer_baseline[0] +} + # Config baseline moved { from = module.config_baseline_ap-northeast-1 diff --git a/outputs.tf b/outputs.tf index a3caaa12..b7430d1f 100644 --- a/outputs.tf +++ b/outputs.tf @@ -134,7 +134,7 @@ output "guardduty_detector" { output "support_iam_role" { description = "The IAM role used for the support user." - value = module.iam_baseline.support_iam_role + value = one(module.iam_baseline[*].support_iam_role) } # -------------------------------------------------------------------------------------------------- diff --git a/variables.tf b/variables.tf index 90e54965..7af3cd4d 100644 --- a/variables.tf +++ b/variables.tf @@ -93,6 +93,11 @@ variable "use_external_audit_log_bucket" { # -------------------------------------------------------------------------------------------------- # Variables for iam-baseline module. # -------------------------------------------------------------------------------------------------- +variable "iam_baseline_enabled" { + description = "Boolean whether iam-baseline is enabled." + default = true +} + variable "create_password_policy" { type = bool description = "Define if the password policy should be created." @@ -297,6 +302,10 @@ variable "config_global_resources_all_regions" { # -------------------------------------------------------------------------------------------------- # Variables for cloudtrail-baseline module. # -------------------------------------------------------------------------------------------------- +variable "cloudtrail_baseline_enabled" { + description = "Boolean whether cloudtrail-baseline is enabled." + default = true +} variable "cloudtrail_cloudwatch_logs_enabled" { description = "Specifies whether the trail is delivered to CloudWatch Logs." @@ -366,6 +375,10 @@ variable "cloudtrail_lambda_invocation_logging_lambdas" { # -------------------------------------------------------------------------------------------------- # Variables for alarm-baseline module. # -------------------------------------------------------------------------------------------------- +variable "alarm_baseline_enabled" { + description = "Boolean whether alarm-baseline is enabled." + default = true +} variable "alarm_namespace" { description = "The namespace in which all alarms are set up." @@ -488,6 +501,11 @@ variable "guardduty_invitation_message" { # -------------------------------------------------------------------------------------------------- # Variables for s3-baseline module. # -------------------------------------------------------------------------------------------------- +variable "s3_baseline_enabled" { + description = "Boolean whether s3-baseline is enabled." + default = true +} + variable "s3_block_public_acls" { description = "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true." default = true @@ -540,6 +558,11 @@ variable "securityhub_enable_product_arns" { # -------------------------------------------------------------------------------------------------- # Variables for analyzer-baseline module. # -------------------------------------------------------------------------------------------------- +variable "analyzer_baseline_enabled" { + description = "Boolean whether analyzer-baseline is enabled." + default = true +} + variable "analyzer_name" { description = "The name for the IAM Access Analyzer resource to be created." default = "default-analyzer" From 31eae8ffcd2e5ce9acef6696108f57b0b8382df0 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 8 Jan 2022 21:47:41 +0900 Subject: [PATCH 09/66] feat: enable finding aggregator in the main region (#241) --- modules/securityhub-baseline/README.md | 2 ++ modules/securityhub-baseline/main.tf | 9 +++++++++ modules/securityhub-baseline/variables.tf | 5 +++++ securityhub_baselines.tf | 17 +++++++++++++++++ 4 files changed, 33 insertions(+) diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 7a2790b1..7f40d107 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -30,6 +30,7 @@ No modules. | Name | Type | |------|------| | [aws_securityhub_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_account) | resource | +| [aws_securityhub_finding_aggregator.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_finding_aggregator) | resource | | [aws_securityhub_member.members](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_member) | resource | | [aws_securityhub_product_subscription.products](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_product_subscription) | resource | | [aws_securityhub_standards_subscription.aws_foundational](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_standards_subscription) | resource | @@ -41,6 +42,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [aggregate\_findings](#input\_aggregate\_findings) | Boolean whether to enable finding aggregator for every region | `bool` | `false` | no | | [enable\_aws\_foundational\_standard](#input\_enable\_aws\_foundational\_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | `true` | no | | [enable\_cis\_standard](#input\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | `true` | no | | [enable\_pci\_dss\_standard](#input\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | `true` | no | diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf index 89ab92d7..70a159dc 100644 --- a/modules/securityhub-baseline/main.tf +++ b/modules/securityhub-baseline/main.tf @@ -1,10 +1,19 @@ data "aws_region" "current" {} + # -------------------------------------------------------------------------------------------------- # Enable SecurityHub # -------------------------------------------------------------------------------------------------- resource "aws_securityhub_account" "main" { } +resource "aws_securityhub_finding_aggregator" "main" { + count = var.aggregate_findings ? 1 : 0 + + linking_mode = "ALL_REGIONS" + + depends_on = [aws_securityhub_account.main] +} + # -------------------------------------------------------------------------------------------------- # Add member accounts # -------------------------------------------------------------------------------------------------- diff --git a/modules/securityhub-baseline/variables.tf b/modules/securityhub-baseline/variables.tf index dccd49fe..770266ab 100644 --- a/modules/securityhub-baseline/variables.tf +++ b/modules/securityhub-baseline/variables.tf @@ -1,3 +1,8 @@ +variable "aggregate_findings" { + description = "Boolean whether to enable finding aggregator for every region" + default = false +} + variable "enable_cis_standard" { description = "Boolean whether CIS standard is enabled." default = true diff --git a/securityhub_baselines.tf b/securityhub_baselines.tf index 19c07e1a..cc7bdf9b 100644 --- a/securityhub_baselines.tf +++ b/securityhub_baselines.tf @@ -13,6 +13,7 @@ module "securityhub_baseline_ap-northeast-1" { aws = aws.ap-northeast-1 } + aggregate_findings = var.region == "ap-northeast-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -27,6 +28,7 @@ module "securityhub_baseline_ap-northeast-2" { aws = aws.ap-northeast-2 } + aggregate_findings = var.region == "ap-northeast-2" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -42,6 +44,7 @@ module "securityhub_baseline_ap-northeast-3" { aws = aws.ap-northeast-3 } + aggregate_findings = var.region == "ap-northeast-3" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -57,6 +60,7 @@ module "securityhub_baseline_ap-south-1" { aws = aws.ap-south-1 } + aggregate_findings = var.region == "ap-south-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -72,6 +76,7 @@ module "securityhub_baseline_ap-southeast-1" { aws = aws.ap-southeast-1 } + aggregate_findings = var.region == "ap-southeast-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -87,6 +92,7 @@ module "securityhub_baseline_ap-southeast-2" { aws = aws.ap-southeast-2 } + aggregate_findings = var.region == "ap-southeast-2" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -102,6 +108,7 @@ module "securityhub_baseline_ca-central-1" { aws = aws.ca-central-1 } + aggregate_findings = var.region == "ca-central-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -117,6 +124,7 @@ module "securityhub_baseline_eu-central-1" { aws = aws.eu-central-1 } + aggregate_findings = var.region == "eu-central-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -132,6 +140,7 @@ module "securityhub_baseline_eu-north-1" { aws = aws.eu-north-1 } + aggregate_findings = var.region == "eu-north-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -147,6 +156,7 @@ module "securityhub_baseline_eu-west-1" { aws = aws.eu-west-1 } + aggregate_findings = var.region == "eu-west-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -162,6 +172,7 @@ module "securityhub_baseline_eu-west-2" { aws = aws.eu-west-2 } + aggregate_findings = var.region == "eu-west-2" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -177,6 +188,7 @@ module "securityhub_baseline_eu-west-3" { aws = aws.eu-west-3 } + aggregate_findings = var.region == "eu-west-3" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -192,6 +204,7 @@ module "securityhub_baseline_sa-east-1" { aws = aws.sa-east-1 } + aggregate_findings = var.region == "sa-east-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -207,6 +220,7 @@ module "securityhub_baseline_us-east-1" { aws = aws.us-east-1 } + aggregate_findings = var.region == "us-east-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -222,6 +236,7 @@ module "securityhub_baseline_us-east-2" { aws = aws.us-east-2 } + aggregate_findings = var.region == "us-east-2" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -237,6 +252,7 @@ module "securityhub_baseline_us-west-1" { aws = aws.us-west-1 } + aggregate_findings = var.region == "us-west-1" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard @@ -252,6 +268,7 @@ module "securityhub_baseline_us-west-2" { aws = aws.us-west-2 } + aggregate_findings = var.region == "us-west-2" enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard From fe0451988b8f259d662542fe1d37b337fd3a1c37 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 8 Jan 2022 21:55:39 +0900 Subject: [PATCH 10/66] bump up the version --- CHANGELOG.md | 19 +- README.md | 534 ++++++++++++++++++++++++++------------------------- 2 files changed, 286 insertions(+), 267 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e76e9dd..b4ab131d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,22 @@ ## [Unreleased] + +## [0.32.0] - 2022-01-08 +### Feat +- enable finding aggregator in the main region ([#241](https://github.com/nozaq/terraform-aws-secure-baseline/issues/241)) +- add inputs to toggle submodules ([#240](https://github.com/nozaq/terraform-aws-secure-baseline/issues/240)) +- optionally ignore SSO logins for MFA alarms ([#234](https://github.com/nozaq/terraform-aws-secure-baseline/issues/234)) +- apply default subnet changes to existing subnets ([#237](https://github.com/nozaq/terraform-aws-secure-baseline/issues/237)) + +### Fix +- use CIS recommended filter pattern ([#239](https://github.com/nozaq/terraform-aws-secure-baseline/issues/239)) +- remove `aws_default_vpc` dependency ([#238](https://github.com/nozaq/terraform-aws-secure-baseline/issues/238)) + +### Refactor +- use module count instead of having ennabled variable in each submodule. ([#195](https://github.com/nozaq/terraform-aws-secure-baseline/issues/195)) + + ## [0.30.0] - 2021-11-23 ### Feat @@ -353,7 +369,8 @@ ## 0.0.1 - 2018-02-12 -[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.30.0...HEAD +[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.32.0...HEAD +[0.32.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.30.0...0.32.0 [0.30.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.2...0.30.0 [0.29.2]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.1...0.29.2 [0.29.1]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.0...0.29.1 diff --git a/README.md b/README.md index df4e0315..a7a1b8f0 100644 --- a/README.md +++ b/README.md @@ -106,291 +106,293 @@ This module is composed of several submodules and each of which can be used inde - [vpc-baseline](./modules/vpc-baseline) + ## Requirements -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| Name | Version | +| ------------------------------------------------------------------------ | --------- | +| [terraform](#requirement_terraform) | >= 1.1.3 | +| [aws](#requirement_aws) | >= 3.50.0 | ## Providers -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| Name | Version | +| ------------------------------------------------ | --------- | +| [aws](#provider_aws) | >= 3.50.0 | ## Modules -| Name | Source | Version | -|------|--------|---------| -| [alarm\_baseline](#module\_alarm\_baseline) | ./modules/alarm-baseline | n/a | -| [analyzer\_baseline\_ap-northeast-1](#module\_analyzer\_baseline\_ap-northeast-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_ap-northeast-2](#module\_analyzer\_baseline\_ap-northeast-2) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_ap-northeast-3](#module\_analyzer\_baseline\_ap-northeast-3) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_ap-south-1](#module\_analyzer\_baseline\_ap-south-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_ap-southeast-1](#module\_analyzer\_baseline\_ap-southeast-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_ap-southeast-2](#module\_analyzer\_baseline\_ap-southeast-2) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_ca-central-1](#module\_analyzer\_baseline\_ca-central-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_eu-central-1](#module\_analyzer\_baseline\_eu-central-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_eu-north-1](#module\_analyzer\_baseline\_eu-north-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_eu-west-1](#module\_analyzer\_baseline\_eu-west-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_eu-west-2](#module\_analyzer\_baseline\_eu-west-2) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_eu-west-3](#module\_analyzer\_baseline\_eu-west-3) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_sa-east-1](#module\_analyzer\_baseline\_sa-east-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_us-east-1](#module\_analyzer\_baseline\_us-east-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_us-east-2](#module\_analyzer\_baseline\_us-east-2) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_us-west-1](#module\_analyzer\_baseline\_us-west-1) | ./modules/analyzer-baseline | n/a | -| [analyzer\_baseline\_us-west-2](#module\_analyzer\_baseline\_us-west-2) | ./modules/analyzer-baseline | n/a | -| [audit\_log\_bucket](#module\_audit\_log\_bucket) | ./modules/secure-bucket | n/a | -| [cloudtrail\_baseline](#module\_cloudtrail\_baseline) | ./modules/cloudtrail-baseline | n/a | -| [config\_baseline\_ap-northeast-1](#module\_config\_baseline\_ap-northeast-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_ap-northeast-2](#module\_config\_baseline\_ap-northeast-2) | ./modules/config-baseline | n/a | -| [config\_baseline\_ap-northeast-3](#module\_config\_baseline\_ap-northeast-3) | ./modules/config-baseline | n/a | -| [config\_baseline\_ap-south-1](#module\_config\_baseline\_ap-south-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_ap-southeast-1](#module\_config\_baseline\_ap-southeast-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_ap-southeast-2](#module\_config\_baseline\_ap-southeast-2) | ./modules/config-baseline | n/a | -| [config\_baseline\_ca-central-1](#module\_config\_baseline\_ca-central-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_eu-central-1](#module\_config\_baseline\_eu-central-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_eu-north-1](#module\_config\_baseline\_eu-north-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_eu-west-1](#module\_config\_baseline\_eu-west-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_eu-west-2](#module\_config\_baseline\_eu-west-2) | ./modules/config-baseline | n/a | -| [config\_baseline\_eu-west-3](#module\_config\_baseline\_eu-west-3) | ./modules/config-baseline | n/a | -| [config\_baseline\_sa-east-1](#module\_config\_baseline\_sa-east-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_us-east-1](#module\_config\_baseline\_us-east-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_us-east-2](#module\_config\_baseline\_us-east-2) | ./modules/config-baseline | n/a | -| [config\_baseline\_us-west-1](#module\_config\_baseline\_us-west-1) | ./modules/config-baseline | n/a | -| [config\_baseline\_us-west-2](#module\_config\_baseline\_us-west-2) | ./modules/config-baseline | n/a | -| [ebs\_baseline\_ap-northeast-1](#module\_ebs\_baseline\_ap-northeast-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_ap-northeast-2](#module\_ebs\_baseline\_ap-northeast-2) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_ap-northeast-3](#module\_ebs\_baseline\_ap-northeast-3) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_ap-south-1](#module\_ebs\_baseline\_ap-south-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_ap-southeast-1](#module\_ebs\_baseline\_ap-southeast-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_ap-southeast-2](#module\_ebs\_baseline\_ap-southeast-2) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_ca-central-1](#module\_ebs\_baseline\_ca-central-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_eu-central-1](#module\_ebs\_baseline\_eu-central-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_eu-north-1](#module\_ebs\_baseline\_eu-north-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_eu-west-1](#module\_ebs\_baseline\_eu-west-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_eu-west-2](#module\_ebs\_baseline\_eu-west-2) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_eu-west-3](#module\_ebs\_baseline\_eu-west-3) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_sa-east-1](#module\_ebs\_baseline\_sa-east-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_us-east-1](#module\_ebs\_baseline\_us-east-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_us-east-2](#module\_ebs\_baseline\_us-east-2) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_us-west-1](#module\_ebs\_baseline\_us-west-1) | ./modules/ebs-baseline | n/a | -| [ebs\_baseline\_us-west-2](#module\_ebs\_baseline\_us-west-2) | ./modules/ebs-baseline | n/a | -| [guardduty\_baseline\_ap-northeast-1](#module\_guardduty\_baseline\_ap-northeast-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_ap-northeast-2](#module\_guardduty\_baseline\_ap-northeast-2) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_ap-northeast-3](#module\_guardduty\_baseline\_ap-northeast-3) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_ap-south-1](#module\_guardduty\_baseline\_ap-south-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_ap-southeast-1](#module\_guardduty\_baseline\_ap-southeast-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_ap-southeast-2](#module\_guardduty\_baseline\_ap-southeast-2) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_ca-central-1](#module\_guardduty\_baseline\_ca-central-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_eu-central-1](#module\_guardduty\_baseline\_eu-central-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_eu-north-1](#module\_guardduty\_baseline\_eu-north-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_eu-west-1](#module\_guardduty\_baseline\_eu-west-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_eu-west-2](#module\_guardduty\_baseline\_eu-west-2) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_eu-west-3](#module\_guardduty\_baseline\_eu-west-3) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_sa-east-1](#module\_guardduty\_baseline\_sa-east-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_us-east-1](#module\_guardduty\_baseline\_us-east-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_us-east-2](#module\_guardduty\_baseline\_us-east-2) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_us-west-1](#module\_guardduty\_baseline\_us-west-1) | ./modules/guardduty-baseline | n/a | -| [guardduty\_baseline\_us-west-2](#module\_guardduty\_baseline\_us-west-2) | ./modules/guardduty-baseline | n/a | -| [iam\_baseline](#module\_iam\_baseline) | ./modules/iam-baseline | n/a | -| [s3\_baseline](#module\_s3\_baseline) | ./modules/s3-baseline | n/a | -| [securityhub\_baseline\_ap-northeast-1](#module\_securityhub\_baseline\_ap-northeast-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_ap-northeast-2](#module\_securityhub\_baseline\_ap-northeast-2) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_ap-northeast-3](#module\_securityhub\_baseline\_ap-northeast-3) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_ap-south-1](#module\_securityhub\_baseline\_ap-south-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_ap-southeast-1](#module\_securityhub\_baseline\_ap-southeast-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_ap-southeast-2](#module\_securityhub\_baseline\_ap-southeast-2) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_ca-central-1](#module\_securityhub\_baseline\_ca-central-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_eu-central-1](#module\_securityhub\_baseline\_eu-central-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_eu-north-1](#module\_securityhub\_baseline\_eu-north-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_eu-west-1](#module\_securityhub\_baseline\_eu-west-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_eu-west-2](#module\_securityhub\_baseline\_eu-west-2) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_eu-west-3](#module\_securityhub\_baseline\_eu-west-3) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_sa-east-1](#module\_securityhub\_baseline\_sa-east-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_us-east-1](#module\_securityhub\_baseline\_us-east-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_us-east-2](#module\_securityhub\_baseline\_us-east-2) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_us-west-1](#module\_securityhub\_baseline\_us-west-1) | ./modules/securityhub-baseline | n/a | -| [securityhub\_baseline\_us-west-2](#module\_securityhub\_baseline\_us-west-2) | ./modules/securityhub-baseline | n/a | -| [vpc\_baseline\_ap-northeast-1](#module\_vpc\_baseline\_ap-northeast-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_ap-northeast-2](#module\_vpc\_baseline\_ap-northeast-2) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_ap-northeast-3](#module\_vpc\_baseline\_ap-northeast-3) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_ap-south-1](#module\_vpc\_baseline\_ap-south-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_ap-southeast-1](#module\_vpc\_baseline\_ap-southeast-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_ap-southeast-2](#module\_vpc\_baseline\_ap-southeast-2) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_ca-central-1](#module\_vpc\_baseline\_ca-central-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_eu-central-1](#module\_vpc\_baseline\_eu-central-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_eu-north-1](#module\_vpc\_baseline\_eu-north-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_eu-west-1](#module\_vpc\_baseline\_eu-west-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_eu-west-2](#module\_vpc\_baseline\_eu-west-2) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_eu-west-3](#module\_vpc\_baseline\_eu-west-3) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_sa-east-1](#module\_vpc\_baseline\_sa-east-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_us-east-1](#module\_vpc\_baseline\_us-east-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_us-east-2](#module\_vpc\_baseline\_us-east-2) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_us-west-1](#module\_vpc\_baseline\_us-west-1) | ./modules/vpc-baseline | n/a | -| [vpc\_baseline\_us-west-2](#module\_vpc\_baseline\_us-west-2) | ./modules/vpc-baseline | n/a | +| Name | Source | Version | +| -------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | ------- | +| [alarm_baseline](#module_alarm_baseline) | ./modules/alarm-baseline | n/a | +| [analyzer_baseline_ap-northeast-1](#module_analyzer_baseline_ap-northeast-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_ap-northeast-2](#module_analyzer_baseline_ap-northeast-2) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_ap-northeast-3](#module_analyzer_baseline_ap-northeast-3) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_ap-south-1](#module_analyzer_baseline_ap-south-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_ap-southeast-1](#module_analyzer_baseline_ap-southeast-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_ap-southeast-2](#module_analyzer_baseline_ap-southeast-2) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_ca-central-1](#module_analyzer_baseline_ca-central-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_eu-central-1](#module_analyzer_baseline_eu-central-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_eu-north-1](#module_analyzer_baseline_eu-north-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_eu-west-1](#module_analyzer_baseline_eu-west-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_eu-west-2](#module_analyzer_baseline_eu-west-2) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_eu-west-3](#module_analyzer_baseline_eu-west-3) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_sa-east-1](#module_analyzer_baseline_sa-east-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_us-east-1](#module_analyzer_baseline_us-east-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_us-east-2](#module_analyzer_baseline_us-east-2) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_us-west-1](#module_analyzer_baseline_us-west-1) | ./modules/analyzer-baseline | n/a | +| [analyzer_baseline_us-west-2](#module_analyzer_baseline_us-west-2) | ./modules/analyzer-baseline | n/a | +| [audit_log_bucket](#module_audit_log_bucket) | ./modules/secure-bucket | n/a | +| [cloudtrail_baseline](#module_cloudtrail_baseline) | ./modules/cloudtrail-baseline | n/a | +| [config_baseline_ap-northeast-1](#module_config_baseline_ap-northeast-1) | ./modules/config-baseline | n/a | +| [config_baseline_ap-northeast-2](#module_config_baseline_ap-northeast-2) | ./modules/config-baseline | n/a | +| [config_baseline_ap-northeast-3](#module_config_baseline_ap-northeast-3) | ./modules/config-baseline | n/a | +| [config_baseline_ap-south-1](#module_config_baseline_ap-south-1) | ./modules/config-baseline | n/a | +| [config_baseline_ap-southeast-1](#module_config_baseline_ap-southeast-1) | ./modules/config-baseline | n/a | +| [config_baseline_ap-southeast-2](#module_config_baseline_ap-southeast-2) | ./modules/config-baseline | n/a | +| [config_baseline_ca-central-1](#module_config_baseline_ca-central-1) | ./modules/config-baseline | n/a | +| [config_baseline_eu-central-1](#module_config_baseline_eu-central-1) | ./modules/config-baseline | n/a | +| [config_baseline_eu-north-1](#module_config_baseline_eu-north-1) | ./modules/config-baseline | n/a | +| [config_baseline_eu-west-1](#module_config_baseline_eu-west-1) | ./modules/config-baseline | n/a | +| [config_baseline_eu-west-2](#module_config_baseline_eu-west-2) | ./modules/config-baseline | n/a | +| [config_baseline_eu-west-3](#module_config_baseline_eu-west-3) | ./modules/config-baseline | n/a | +| [config_baseline_sa-east-1](#module_config_baseline_sa-east-1) | ./modules/config-baseline | n/a | +| [config_baseline_us-east-1](#module_config_baseline_us-east-1) | ./modules/config-baseline | n/a | +| [config_baseline_us-east-2](#module_config_baseline_us-east-2) | ./modules/config-baseline | n/a | +| [config_baseline_us-west-1](#module_config_baseline_us-west-1) | ./modules/config-baseline | n/a | +| [config_baseline_us-west-2](#module_config_baseline_us-west-2) | ./modules/config-baseline | n/a | +| [ebs_baseline_ap-northeast-1](#module_ebs_baseline_ap-northeast-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_ap-northeast-2](#module_ebs_baseline_ap-northeast-2) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_ap-northeast-3](#module_ebs_baseline_ap-northeast-3) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_ap-south-1](#module_ebs_baseline_ap-south-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_ap-southeast-1](#module_ebs_baseline_ap-southeast-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_ap-southeast-2](#module_ebs_baseline_ap-southeast-2) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_ca-central-1](#module_ebs_baseline_ca-central-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_eu-central-1](#module_ebs_baseline_eu-central-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_eu-north-1](#module_ebs_baseline_eu-north-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_eu-west-1](#module_ebs_baseline_eu-west-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_eu-west-2](#module_ebs_baseline_eu-west-2) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_eu-west-3](#module_ebs_baseline_eu-west-3) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_sa-east-1](#module_ebs_baseline_sa-east-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_us-east-1](#module_ebs_baseline_us-east-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_us-east-2](#module_ebs_baseline_us-east-2) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_us-west-1](#module_ebs_baseline_us-west-1) | ./modules/ebs-baseline | n/a | +| [ebs_baseline_us-west-2](#module_ebs_baseline_us-west-2) | ./modules/ebs-baseline | n/a | +| [guardduty_baseline_ap-northeast-1](#module_guardduty_baseline_ap-northeast-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_ap-northeast-2](#module_guardduty_baseline_ap-northeast-2) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_ap-northeast-3](#module_guardduty_baseline_ap-northeast-3) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_ap-south-1](#module_guardduty_baseline_ap-south-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_ap-southeast-1](#module_guardduty_baseline_ap-southeast-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_ap-southeast-2](#module_guardduty_baseline_ap-southeast-2) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_ca-central-1](#module_guardduty_baseline_ca-central-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_eu-central-1](#module_guardduty_baseline_eu-central-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_eu-north-1](#module_guardduty_baseline_eu-north-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_eu-west-1](#module_guardduty_baseline_eu-west-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_eu-west-2](#module_guardduty_baseline_eu-west-2) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_eu-west-3](#module_guardduty_baseline_eu-west-3) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_sa-east-1](#module_guardduty_baseline_sa-east-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_us-east-1](#module_guardduty_baseline_us-east-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_us-east-2](#module_guardduty_baseline_us-east-2) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_us-west-1](#module_guardduty_baseline_us-west-1) | ./modules/guardduty-baseline | n/a | +| [guardduty_baseline_us-west-2](#module_guardduty_baseline_us-west-2) | ./modules/guardduty-baseline | n/a | +| [iam_baseline](#module_iam_baseline) | ./modules/iam-baseline | n/a | +| [s3_baseline](#module_s3_baseline) | ./modules/s3-baseline | n/a | +| [securityhub_baseline_ap-northeast-1](#module_securityhub_baseline_ap-northeast-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_ap-northeast-2](#module_securityhub_baseline_ap-northeast-2) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_ap-northeast-3](#module_securityhub_baseline_ap-northeast-3) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_ap-south-1](#module_securityhub_baseline_ap-south-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_ap-southeast-1](#module_securityhub_baseline_ap-southeast-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_ap-southeast-2](#module_securityhub_baseline_ap-southeast-2) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_ca-central-1](#module_securityhub_baseline_ca-central-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_eu-central-1](#module_securityhub_baseline_eu-central-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_eu-north-1](#module_securityhub_baseline_eu-north-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_eu-west-1](#module_securityhub_baseline_eu-west-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_eu-west-2](#module_securityhub_baseline_eu-west-2) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_eu-west-3](#module_securityhub_baseline_eu-west-3) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_sa-east-1](#module_securityhub_baseline_sa-east-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_us-east-1](#module_securityhub_baseline_us-east-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_us-east-2](#module_securityhub_baseline_us-east-2) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_us-west-1](#module_securityhub_baseline_us-west-1) | ./modules/securityhub-baseline | n/a | +| [securityhub_baseline_us-west-2](#module_securityhub_baseline_us-west-2) | ./modules/securityhub-baseline | n/a | +| [vpc_baseline_ap-northeast-1](#module_vpc_baseline_ap-northeast-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_ap-northeast-2](#module_vpc_baseline_ap-northeast-2) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_ap-northeast-3](#module_vpc_baseline_ap-northeast-3) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_ap-south-1](#module_vpc_baseline_ap-south-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_ap-southeast-1](#module_vpc_baseline_ap-southeast-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_ap-southeast-2](#module_vpc_baseline_ap-southeast-2) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_ca-central-1](#module_vpc_baseline_ca-central-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_eu-central-1](#module_vpc_baseline_eu-central-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_eu-north-1](#module_vpc_baseline_eu-north-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_eu-west-1](#module_vpc_baseline_eu-west-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_eu-west-2](#module_vpc_baseline_eu-west-2) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_eu-west-3](#module_vpc_baseline_eu-west-3) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_sa-east-1](#module_vpc_baseline_sa-east-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_us-east-1](#module_vpc_baseline_us-east-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_us-east-2](#module_vpc_baseline_us-east-2) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_us-west-1](#module_vpc_baseline_us-west-1) | ./modules/vpc-baseline | n/a | +| [vpc_baseline_us-west-2](#module_vpc_baseline_us-west-2) | ./modules/vpc-baseline | n/a | ## Resources -| Name | Type | -|------|------| -| [aws_config_config_rule.iam_mfa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_config_rule.no_policies_with_full_admin_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_config_rule.unused_credentials](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_config_rule.user_no_policies](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_configuration_aggregator.organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator) | resource | -| [aws_iam_role.config_organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role.flow_logs_publisher](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role.recorder](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy.flow_logs_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | -| [aws_iam_role_policy.recorder_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | -| [aws_iam_role_policy_attachment.config_organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.recorder_read_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_s3_bucket_policy.audit_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy_document.audit_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_base](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_cloud_trail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| Name | Type | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | +| [aws_config_config_rule.iam_mfa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | +| [aws_config_config_rule.no_policies_with_full_admin_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | +| [aws_config_config_rule.unused_credentials](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | +| [aws_config_config_rule.user_no_policies](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | +| [aws_config_configuration_aggregator.organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator) | resource | +| [aws_iam_role.config_organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role.flow_logs_publisher](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role.recorder](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy.flow_logs_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | +| [aws_iam_role_policy.recorder_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | +| [aws_iam_role_policy_attachment.config_organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_iam_role_policy_attachment.recorder_read_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | +| [aws_s3_bucket_policy.audit_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_iam_policy_document.audit_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.audit_log_base](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.audit_log_cloud_trail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.audit_log_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.audit_log_flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.config_organization_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.flow_logs_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.flow_logs_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.flow_logs_publisher_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.recorder_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.recorder_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_organizations_organization.org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source | -| [aws_s3_bucket.external](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source | +| [aws_iam_policy_document.recorder_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy_document.recorder_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_organizations_organization.org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source | +| [aws_s3_bucket.external](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [account\_type](#input\_account\_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | `"individual"` | no | -| [alarm\_baseline\_enabled](#input\_alarm\_baseline\_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | `true` | no | -| [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | `"CISBenchmark"` | no | -| [alarm\_sns\_topic\_kms\_master\_key\_id](#input\_alarm\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | -| [alarm\_sns\_topic\_name](#input\_alarm\_sns\_topic\_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | `"CISAlarm"` | no | -| [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | `true` | no | -| [analyzer\_baseline\_enabled](#input\_analyzer\_baseline\_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | `true` | no | -| [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyzer"` | no | -| [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | `"{}"` | no | -| [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | -| [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | `false` | no | -| [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `any` | n/a | yes | -| [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | `90` | no | -| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | n/a | yes | -| [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [cloudtrail\_baseline\_enabled](#input\_cloudtrail\_baseline\_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | `true` | no | -| [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [cloudtrail\_cloudwatch\_logs\_enabled](#input\_cloudtrail\_cloudwatch\_logs\_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | `true` | no | -| [cloudtrail\_cloudwatch\_logs\_group\_name](#input\_cloudtrail\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | `"cloudtrail-multi-region"` | no | -| [cloudtrail\_dynamodb\_event\_logging\_tables](#input\_cloudtrail\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | 
[
  "arn:aws:dynamodb"
]
| no | -| [cloudtrail\_iam\_role\_name](#input\_cloudtrail\_iam\_role\_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Role"` | no | -| [cloudtrail\_iam\_role\_policy\_name](#input\_cloudtrail\_iam\_role\_policy\_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Policy"` | no | -| [cloudtrail\_key\_deletion\_window\_in\_days](#input\_cloudtrail\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | `10` | no | -| [cloudtrail\_lambda\_invocation\_logging\_lambdas](#input\_cloudtrail\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list` | 
[
  "arn:aws:lambda"
]
| no | -| [cloudtrail\_name](#input\_cloudtrail\_name) | The name of the trail. | `string` | `"cloudtrail-multi-region"` | no | -| [cloudtrail\_s3\_key\_prefix](#input\_cloudtrail\_s3\_key\_prefix) | The prefix used when CloudTrail delivers events to the S3 bucket. | `string` | `"cloudtrail"` | no | -| [cloudtrail\_s3\_object\_level\_logging\_buckets](#input\_cloudtrail\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list` | 
[
  "arn:aws:s3:::"
]
| no | -| [cloudtrail\_sns\_topic\_enabled](#input\_cloudtrail\_sns\_topic\_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | `true` | no | -| [cloudtrail\_sns\_topic\_name](#input\_cloudtrail\_sns\_topic\_name) | The name of the SNS topic to link to the trail. | `string` | `"cloudtrail-multi-region-sns-topic"` | no | -| [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | -| [config\_aggregator\_name](#input\_config\_aggregator\_name) | The name of the organizational AWS Config Configuration Aggregator. | `string` | `"organization-aggregator"` | no | -| [config\_aggregator\_name\_prefix](#input\_config\_aggregator\_name\_prefix) | The prefix of the name for the IAM role attached to the organizational AWS Config Configuration Aggregator. | `string` | `"config-for-organization-role"` | no | -| [config\_baseline\_enabled](#input\_config\_baseline\_enabled) | Boolean whether config-baseline is enabled. | `bool` | `true` | no | -| [config\_delivery\_frequency](#input\_config\_delivery\_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | `"One_Hour"` | no | -| [config\_global\_resources\_all\_regions](#input\_config\_global\_resources\_all\_regions) | Record global resources in all regions. If false, only default region will record global resources. | `bool` | `false` | no | -| [config\_iam\_role\_name](#input\_config\_iam\_role\_name) | The name of the IAM Role which AWS Config will use. | `string` | `"Config-Recorder"` | no | -| [config\_iam\_role\_policy\_name](#input\_config\_iam\_role\_policy\_name) | The name of the IAM Role Policy which AWS Config will use. | `string` | `"Config-Recorder-Policy"` | no | -| [config\_s3\_bucket\_key\_prefix](#input\_config\_s3\_bucket\_key\_prefix) | The prefix used when writing AWS Config snapshots into the S3 bucket. | `string` | `"config"` | no | -| [config\_sns\_topic\_kms\_master\_key\_id](#input\_config\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | -| [config\_sns\_topic\_name](#input\_config\_sns\_topic\_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | `"ConfigChanges"` | no | -| [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [create\_manager\_role](#input\_create\_manager\_role) | Define if the manager role should be created. | `bool` | `true` | no | -| [create\_master\_role](#input\_create\_master\_role) | Define if the master role should be created. | `bool` | `true` | no | -| [create\_password\_policy](#input\_create\_password\_policy) | Define if the password policy should be created. | `bool` | `true` | no | -| [create\_support\_role](#input\_create\_support\_role) | Define if the support role should be created. | `bool` | `true` | no | -| [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [guardduty\_disable\_email\_notification](#input\_guardduty\_disable\_email\_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | `false` | no | -| [guardduty\_enabled](#input\_guardduty\_enabled) | Boolean whether the guardduty-baseline module is enabled or disabled | `bool` | `true` | no | -| [guardduty\_finding\_publishing\_frequency](#input\_guardduty\_finding\_publishing\_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | `"SIX_HOURS"` | no | -| [guardduty\_invitation\_message](#input\_guardduty\_invitation\_message) | Message for invitation. | `string` | `"This is an automatic invitation message from guardduty-baseline module."` | no | -| [iam\_baseline\_enabled](#input\_iam\_baseline\_enabled) | Boolean whether iam-baseline is enabled. | `bool` | `true` | no | -| [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [manager\_iam\_role\_name](#input\_manager\_iam\_role\_name) | The name of the IAM Manager role. | `string` | `"IAM-Manager"` | no | -| [manager\_iam\_role\_policy\_name](#input\_manager\_iam\_role\_policy\_name) | The name of the IAM Manager role policy. | `string` | `"IAM-Manager-Policy"` | no | -| [master\_account\_id](#input\_master\_account\_id) | The ID of the master AWS account to which the current AWS account is associated. Required if `account_type` is `member`. | `string` | `""` | no | -| [master\_iam\_role\_name](#input\_master\_iam\_role\_name) | The name of the IAM Master role. | `string` | `"IAM-Master"` | no | -| [master\_iam\_role\_policy\_name](#input\_master\_iam\_role\_policy\_name) | The name of the IAM Master role policy. | `string` | `"IAM-Master-Policy"` | no | -| [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | `0` | no | -| [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| `[]` | no | -| [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | -| [minimum\_password\_length](#input\_minimum\_password\_length) | Minimum length to require for user passwords. | `number` | `14` | no | -| [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [network\_gw\_changes\_enabled](#input\_network\_gw\_changes\_enabled) | The boolean flag whether the network\_gw\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | `24` | no | -| [region](#input\_region) | The AWS region in which global resources are set up. | `any` | n/a | yes | -| [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | `false` | no | -| [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | `false` | no | -| [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | `false` | no | -| [require\_uppercase\_characters](#input\_require\_uppercase\_characters) | Whether to require uppercase characters for user passwords. | `bool` | `false` | no | -| [root\_usage\_enabled](#input\_root\_usage\_enabled) | The boolean flag whether the root\_usage alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [route\_table\_changes\_enabled](#input\_route\_table\_changes\_enabled) | The boolean flag whether the route\_table\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [s3\_baseline\_enabled](#input\_s3\_baseline\_enabled) | Boolean whether s3-baseline is enabled. | `bool` | `true` | no | -| [s3\_block\_public\_acls](#input\_s3\_block\_public\_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [s3\_block\_public\_policy](#input\_s3\_block\_public\_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [s3\_bucket\_policy\_changes\_enabled](#input\_s3\_bucket\_policy\_changes\_enabled) | The boolean flag whether the s3\_bucket\_policy\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [s3\_ignore\_public\_acls](#input\_s3\_ignore\_public\_acls) | Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [s3\_restrict\_public\_buckets](#input\_s3\_restrict\_public\_buckets) | Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [security\_group\_changes\_enabled](#input\_security\_group\_changes\_enabled) | The boolean flag whether the security\_group\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [securityhub\_enable\_aws\_foundational\_standard](#input\_securityhub\_enable\_aws\_foundational\_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | `true` | no | -| [securityhub\_enable\_cis\_standard](#input\_securityhub\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | `true` | no | -| [securityhub\_enable\_pci\_dss\_standard](#input\_securityhub\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | `false` | no | -| [securityhub\_enable\_product\_arns](#input\_securityhub\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | `[]` | no | -| [securityhub\_enabled](#input\_securityhub\_enabled) | Boolean whether the securityhub-baseline module is enabled or disabled | `bool` | `true` | no | -| [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | `"IAM-Support"` | no | -| [support\_iam\_role\_policy\_name](#input\_support\_iam\_role\_policy\_name) | The name of the support role policy. | `string` | `"IAM-Support-Role"` | no | -| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | n/a | yes | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | `{}` | no | -| [target\_regions](#input\_target\_regions) | A list of regions to set up with this module. | `list` | 
[
  "ap-northeast-1",
  "ap-northeast-2",
  "ap-northeast-3",
  "ap-south-1",
  "ap-southeast-1",
  "ap-southeast-2",
  "ca-central-1",
  "eu-central-1",
  "eu-north-1",
  "eu-west-1",
  "eu-west-2",
  "eu-west-3",
  "sa-east-1",
  "us-east-1",
  "us-east-2",
  "us-west-1",
  "us-west-2"
]
| no | -| [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [use\_external\_audit\_log\_bucket](#input\_use\_external\_audit\_log\_bucket) | A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false. | `bool` | `false` | no | -| [vpc\_changes\_enabled](#input\_vpc\_changes\_enabled) | The boolean flag whether the vpc\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [vpc\_enable](#input\_vpc\_enable) | Boolean whether the VPC baseline module should be enabled | `bool` | `true` | no | -| [vpc\_enable\_flow\_logs](#input\_vpc\_enable\_flow\_logs) | The boolean flag whether to enable VPC Flow Logs in default VPCs | `bool` | `true` | no | -| [vpc\_flow\_logs\_destination\_type](#input\_vpc\_flow\_logs\_destination\_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | `"cloud-watch-logs"` | no | -| [vpc\_flow\_logs\_log\_group\_name](#input\_vpc\_flow\_logs\_log\_group\_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered. | `string` | `"default-vpc-flow-logs"` | no | -| [vpc\_flow\_logs\_retention\_in\_days](#input\_vpc\_flow\_logs\_retention\_in\_days) | Number of days to retain logs if vpc\_log\_destination\_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | -| [vpc\_flow\_logs\_s3\_arn](#input\_vpc\_flow\_logs\_s3\_arn) | ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is s3. | `string` | `""` | no | -| [vpc\_flow\_logs\_s3\_key\_prefix](#input\_vpc\_flow\_logs\_s3\_key\_prefix) | The prefix used when VPC Flow Logs delivers logs to the S3 bucket. | `string` | `"flow-logs"` | no | -| [vpc\_iam\_role\_name](#input\_vpc\_iam\_role\_name) | The name of the IAM Role which VPC Flow Logs will use. | `string` | `"VPC-Flow-Logs-Publisher"` | no | -| [vpc\_iam\_role\_policy\_name](#input\_vpc\_iam\_role\_policy\_name) | The name of the IAM Role Policy which VPC Flow Logs will use. | `string` | `"VPC-Flow-Logs-Publish-Policy"` | no | +| Name | Description | Type | Default | Required | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | +| [account_type](#input_account_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | `"individual"` | no | +| [alarm_baseline_enabled](#input_alarm_baseline_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | `true` | no | +| [alarm_namespace](#input_alarm_namespace) | The namespace in which all alarms are set up. | `string` | `"CISBenchmark"` | no | +| [alarm_sns_topic_kms_master_key_id](#input_alarm_sns_topic_kms_master_key_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | +| [alarm_sns_topic_name](#input_alarm_sns_topic_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | `"CISAlarm"` | no | +| [allow_users_to_change_password](#input_allow_users_to_change_password) | Whether to allow users to change their own password. | `bool` | `true` | no | +| [analyzer_baseline_enabled](#input_analyzer_baseline_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | `true` | no | +| [analyzer_name](#input_analyzer_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyzer"` | no | +| [audit_log_bucket_custom_policy_json](#input_audit_log_bucket_custom_policy_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | `"{}"` | no | +| [audit_log_bucket_force_destroy](#input_audit_log_bucket_force_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | +| [audit_log_bucket_key_enabled](#input_audit_log_bucket_key_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | `false` | no | +| [audit_log_bucket_name](#input_audit_log_bucket_name) | The name of the S3 bucket to store various audit logs. | `any` | n/a | yes | +| [audit_log_lifecycle_glacier_transition_days](#input_audit_log_lifecycle_glacier_transition_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | `90` | no | +| [aws_account_id](#input_aws_account_id) | The AWS Account ID number of the account. | `any` | n/a | yes | +| [aws_config_changes_enabled](#input_aws_config_changes_enabled) | The boolean flag whether the aws_config_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [cloudtrail_baseline_enabled](#input_cloudtrail_baseline_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | `true` | no | +| [cloudtrail_cfg_changes_enabled](#input_cloudtrail_cfg_changes_enabled) | The boolean flag whether the cloudtrail_cfg_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [cloudtrail_cloudwatch_logs_enabled](#input_cloudtrail_cloudwatch_logs_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | `true` | no | +| [cloudtrail_cloudwatch_logs_group_name](#input_cloudtrail_cloudwatch_logs_group_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | `"cloudtrail-multi-region"` | no | +| [cloudtrail_dynamodb_event_logging_tables](#input_cloudtrail_dynamodb_event_logging_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | 
[
 "arn:aws:dynamodb"
]
| no | +| [cloudtrail_iam_role_name](#input_cloudtrail_iam_role_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Role"` | no | +| [cloudtrail_iam_role_policy_name](#input_cloudtrail_iam_role_policy_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Policy"` | no | +| [cloudtrail_key_deletion_window_in_days](#input_cloudtrail_key_deletion_window_in_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | `10` | no | +| [cloudtrail_lambda_invocation_logging_lambdas](#input_cloudtrail_lambda_invocation_logging_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list` | 
[
 "arn:aws:lambda"
]
| no | +| [cloudtrail_name](#input_cloudtrail_name) | The name of the trail. | `string` | `"cloudtrail-multi-region"` | no | +| [cloudtrail_s3_key_prefix](#input_cloudtrail_s3_key_prefix) | The prefix used when CloudTrail delivers events to the S3 bucket. | `string` | `"cloudtrail"` | no | +| [cloudtrail_s3_object_level_logging_buckets](#input_cloudtrail_s3_object_level_logging_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list` | 
[
 "arn:aws:s3:::"
]
| no | +| [cloudtrail_sns_topic_enabled](#input_cloudtrail_sns_topic_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | `true` | no | +| [cloudtrail_sns_topic_name](#input_cloudtrail_sns_topic_name) | The name of the SNS topic to link to the trail. | `string` | `"cloudtrail-multi-region-sns-topic"` | no | +| [cloudwatch_logs_retention_in_days](#input_cloudwatch_logs_retention_in_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | +| [config_aggregator_name](#input_config_aggregator_name) | The name of the organizational AWS Config Configuration Aggregator. | `string` | `"organization-aggregator"` | no | +| [config_aggregator_name_prefix](#input_config_aggregator_name_prefix) | The prefix of the name for the IAM role attached to the organizational AWS Config Configuration Aggregator. | `string` | `"config-for-organization-role"` | no | +| [config_baseline_enabled](#input_config_baseline_enabled) | Boolean whether config-baseline is enabled. | `bool` | `true` | no | +| [config_delivery_frequency](#input_config_delivery_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | `"One_Hour"` | no | +| [config_global_resources_all_regions](#input_config_global_resources_all_regions) | Record global resources in all regions. If false, only default region will record global resources. | `bool` | `false` | no | +| [config_iam_role_name](#input_config_iam_role_name) | The name of the IAM Role which AWS Config will use. | `string` | `"Config-Recorder"` | no | +| [config_iam_role_policy_name](#input_config_iam_role_policy_name) | The name of the IAM Role Policy which AWS Config will use. | `string` | `"Config-Recorder-Policy"` | no | +| [config_s3_bucket_key_prefix](#input_config_s3_bucket_key_prefix) | The prefix used when writing AWS Config snapshots into the S3 bucket. | `string` | `"config"` | no | +| [config_sns_topic_kms_master_key_id](#input_config_sns_topic_kms_master_key_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | +| [config_sns_topic_name](#input_config_sns_topic_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | `"ConfigChanges"` | no | +| [console_signin_failures_enabled](#input_console_signin_failures_enabled) | The boolean flag whether the console_signin_failures alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [create_manager_role](#input_create_manager_role) | Define if the manager role should be created. | `bool` | `true` | no | +| [create_master_role](#input_create_master_role) | Define if the master role should be created. | `bool` | `true` | no | +| [create_password_policy](#input_create_password_policy) | Define if the password policy should be created. | `bool` | `true` | no | +| [create_support_role](#input_create_support_role) | Define if the support role should be created. | `bool` | `true` | no | +| [disable_or_delete_cmk_enabled](#input_disable_or_delete_cmk_enabled) | The boolean flag whether the disable_or_delete_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [guardduty_disable_email_notification](#input_guardduty_disable_email_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | `false` | no | +| [guardduty_enabled](#input_guardduty_enabled) | Boolean whether the guardduty-baseline module is enabled or disabled | `bool` | `true` | no | +| [guardduty_finding_publishing_frequency](#input_guardduty_finding_publishing_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | `"SIX_HOURS"` | no | +| [guardduty_invitation_message](#input_guardduty_invitation_message) | Message for invitation. | `string` | `"This is an automatic invitation message from guardduty-baseline module."` | no | +| [iam_baseline_enabled](#input_iam_baseline_enabled) | Boolean whether iam-baseline is enabled. | `bool` | `true` | no | +| [iam_changes_enabled](#input_iam_changes_enabled) | The boolean flag whether the iam_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [manager_iam_role_name](#input_manager_iam_role_name) | The name of the IAM Manager role. | `string` | `"IAM-Manager"` | no | +| [manager_iam_role_policy_name](#input_manager_iam_role_policy_name) | The name of the IAM Manager role policy. | `string` | `"IAM-Manager-Policy"` | no | +| [master_account_id](#input_master_account_id) | The ID of the master AWS account to which the current AWS account is associated. Required if `account_type` is `member`. | `string` | `""` | no | +| [master_iam_role_name](#input_master_iam_role_name) | The name of the IAM Master role. | `string` | `"IAM-Master"` | no | +| [master_iam_role_policy_name](#input_master_iam_role_policy_name) | The name of the IAM Master role policy. | `string` | `"IAM-Master-Policy"` | no | +| [max_password_age](#input_max_password_age) | The number of days that an user password is valid. | `number` | `0` | no | +| [member_accounts](#input_member_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
 account_id = string
 email = string
 }))
| `[]` | no | +| [mfa_console_signin_allow_sso](#input_mfa_console_signin_allow_sso) | The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | +| [minimum_password_length](#input_minimum_password_length) | Minimum length to require for user passwords. | `number` | `14` | no | +| [nacl_changes_enabled](#input_nacl_changes_enabled) | The boolean flag whether the nacl_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [network_gw_changes_enabled](#input_network_gw_changes_enabled) | The boolean flag whether the network_gw_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [no_mfa_console_signin_enabled](#input_no_mfa_console_signin_enabled) | The boolean flag whether the no_mfa_console_signin alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [organizations_changes_enabled](#input_organizations_changes_enabled) | The boolean flag whether the organizations_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [password_reuse_prevention](#input_password_reuse_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | `24` | no | +| [region](#input_region) | The AWS region in which global resources are set up. | `any` | n/a | yes | +| [require_lowercase_characters](#input_require_lowercase_characters) | Whether to require lowercase characters for user passwords. | `bool` | `false` | no | +| [require_numbers](#input_require_numbers) | Whether to require numbers for user passwords. | `bool` | `false` | no | +| [require_symbols](#input_require_symbols) | Whether to require symbols for user passwords. | `bool` | `false` | no | +| [require_uppercase_characters](#input_require_uppercase_characters) | Whether to require uppercase characters for user passwords. | `bool` | `false` | no | +| [root_usage_enabled](#input_root_usage_enabled) | The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [route_table_changes_enabled](#input_route_table_changes_enabled) | The boolean flag whether the route_table_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [s3_baseline_enabled](#input_s3_baseline_enabled) | Boolean whether s3-baseline is enabled. | `bool` | `true` | no | +| [s3_block_public_acls](#input_s3_block_public_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | +| [s3_block_public_policy](#input_s3_block_public_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | +| [s3_bucket_policy_changes_enabled](#input_s3_bucket_policy_changes_enabled) | The boolean flag whether the s3_bucket_policy_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [s3_ignore_public_acls](#input_s3_ignore_public_acls) | Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | +| [s3_restrict_public_buckets](#input_s3_restrict_public_buckets) | Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | +| [security_group_changes_enabled](#input_security_group_changes_enabled) | The boolean flag whether the security_group_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [securityhub_enable_aws_foundational_standard](#input_securityhub_enable_aws_foundational_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | `true` | no | +| [securityhub_enable_cis_standard](#input_securityhub_enable_cis_standard) | Boolean whether CIS standard is enabled. | `bool` | `true` | no | +| [securityhub_enable_pci_dss_standard](#input_securityhub_enable_pci_dss_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | `false` | no | +| [securityhub_enable_product_arns](#input_securityhub_enable_product_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | `[]` | no | +| [securityhub_enabled](#input_securityhub_enabled) | Boolean whether the securityhub-baseline module is enabled or disabled | `bool` | `true` | no | +| [support_iam_role_name](#input_support_iam_role_name) | The name of the the support role. | `string` | `"IAM-Support"` | no | +| [support_iam_role_policy_name](#input_support_iam_role_policy_name) | The name of the support role policy. | `string` | `"IAM-Support-Role"` | no | +| [support_iam_role_principal_arns](#input_support_iam_role_principal_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | n/a | yes | +| [tags](#input_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | `{}` | no | +| [target_regions](#input_target_regions) | A list of regions to set up with this module. | `list` | 
[
 "ap-northeast-1",
 "ap-northeast-2",
 "ap-northeast-3",
 "ap-south-1",
 "ap-southeast-1",
 "ap-southeast-2",
 "ca-central-1",
 "eu-central-1",
 "eu-north-1",
 "eu-west-1",
 "eu-west-2",
 "eu-west-3",
 "sa-east-1",
 "us-east-1",
 "us-east-2",
 "us-west-1",
 "us-west-2"
]
| no | +| [unauthorized_api_calls_enabled](#input_unauthorized_api_calls_enabled) | The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [use_external_audit_log_bucket](#input_use_external_audit_log_bucket) | A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false. | `bool` | `false` | no | +| [vpc_changes_enabled](#input_vpc_changes_enabled) | The boolean flag whether the vpc_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| [vpc_enable](#input_vpc_enable) | Boolean whether the VPC baseline module should be enabled | `bool` | `true` | no | +| [vpc_enable_flow_logs](#input_vpc_enable_flow_logs) | The boolean flag whether to enable VPC Flow Logs in default VPCs | `bool` | `true` | no | +| [vpc_flow_logs_destination_type](#input_vpc_flow_logs_destination_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | `"cloud-watch-logs"` | no | +| [vpc_flow_logs_log_group_name](#input_vpc_flow_logs_log_group_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered. | `string` | `"default-vpc-flow-logs"` | no | +| [vpc_flow_logs_retention_in_days](#input_vpc_flow_logs_retention_in_days) | Number of days to retain logs if vpc_log_destination_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | +| [vpc_flow_logs_s3_arn](#input_vpc_flow_logs_s3_arn) | ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc_log_destination_type is s3. | `string` | `""` | no | +| [vpc_flow_logs_s3_key_prefix](#input_vpc_flow_logs_s3_key_prefix) | The prefix used when VPC Flow Logs delivers logs to the S3 bucket. | `string` | `"flow-logs"` | no | +| [vpc_iam_role_name](#input_vpc_iam_role_name) | The name of the IAM Role which VPC Flow Logs will use. | `string` | `"VPC-Flow-Logs-Publisher"` | no | +| [vpc_iam_role_policy_name](#input_vpc_iam_role_policy_name) | The name of the IAM Role Policy which VPC Flow Logs will use. | `string` | `"VPC-Flow-Logs-Publish-Policy"` | no | ## Outputs -| Name | Description | -|------|-------------| -| [alarm\_sns\_topic](#output\_alarm\_sns\_topic) | The SNS topic to which CloudWatch Alarms will be sent. | -| [audit\_bucket](#output\_audit\_bucket) | The S3 bucket used for storing audit logs. | -| [cloudtrail](#output\_cloudtrail) | The trail for recording events in all regions. | -| [cloudtrail\_kms\_key](#output\_cloudtrail\_kms\_key) | The KMS key used for encrypting CloudTrail events. | -| [cloudtrail\_log\_delivery\_iam\_role](#output\_cloudtrail\_log\_delivery\_iam\_role) | The IAM role used for delivering CloudTrail events to CloudWatch Logs. | -| [cloudtrail\_log\_group](#output\_cloudtrail\_log\_group) | The CloudWatch Logs log group which stores CloudTrail events. | -| [cloudtrail\_sns\_topic](#output\_cloudtrail\_sns\_topic) | The sns topic linked to the cloudtrail. | -| [config\_configuration\_recorder](#output\_config\_configuration\_recorder) | The configuration recorder in each region. | -| [config\_iam\_role](#output\_config\_iam\_role) | The IAM role used for delivering AWS Config records to CloudWatch Logs. | -| [config\_sns\_topic](#output\_config\_sns\_topic) | The SNS topic) that AWS Config delivers notifications to. | -| [default\_network\_acl](#output\_default\_network\_acl) | The default network ACL. | -| [default\_route\_table](#output\_default\_route\_table) | The default route table. | -| [default\_security\_group](#output\_default\_security\_group) | The ID of the default security group. | -| [default\_vpc](#output\_default\_vpc) | The default VPC. | -| [guardduty\_detector](#output\_guardduty\_detector) | The GuardDuty detector in each region. | -| [support\_iam\_role](#output\_support\_iam\_role) | The IAM role used for the support user. | -| [vpc\_flow\_logs\_group](#output\_vpc\_flow\_logs\_group) | The CloudWatch Logs log group which stores VPC Flow Logs in each region. | -| [vpc\_flow\_logs\_iam\_role](#output\_vpc\_flow\_logs\_iam\_role) | The IAM role used for delivering VPC Flow Logs to CloudWatch Logs. | +| Name | Description | +| ----------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | +| [alarm_sns_topic](#output_alarm_sns_topic) | The SNS topic to which CloudWatch Alarms will be sent. | +| [audit_bucket](#output_audit_bucket) | The S3 bucket used for storing audit logs. | +| [cloudtrail](#output_cloudtrail) | The trail for recording events in all regions. | +| [cloudtrail_kms_key](#output_cloudtrail_kms_key) | The KMS key used for encrypting CloudTrail events. | +| [cloudtrail_log_delivery_iam_role](#output_cloudtrail_log_delivery_iam_role) | The IAM role used for delivering CloudTrail events to CloudWatch Logs. | +| [cloudtrail_log_group](#output_cloudtrail_log_group) | The CloudWatch Logs log group which stores CloudTrail events. | +| [cloudtrail_sns_topic](#output_cloudtrail_sns_topic) | The sns topic linked to the cloudtrail. | +| [config_configuration_recorder](#output_config_configuration_recorder) | The configuration recorder in each region. | +| [config_iam_role](#output_config_iam_role) | The IAM role used for delivering AWS Config records to CloudWatch Logs. | +| [config_sns_topic](#output_config_sns_topic) | The SNS topic) that AWS Config delivers notifications to. | +| [default_network_acl](#output_default_network_acl) | The default network ACL. | +| [default_route_table](#output_default_route_table) | The default route table. | +| [default_security_group](#output_default_security_group) | The ID of the default security group. | +| [default_vpc](#output_default_vpc) | The default VPC. | +| [guardduty_detector](#output_guardduty_detector) | The GuardDuty detector in each region. | +| [support_iam_role](#output_support_iam_role) | The IAM role used for the support user. | +| [vpc_flow_logs_group](#output_vpc_flow_logs_group) | The CloudWatch Logs log group which stores VPC Flow Logs in each region. | +| [vpc_flow_logs_iam_role](#output_vpc_flow_logs_iam_role) | The IAM role used for delivering VPC Flow Logs to CloudWatch Logs. | + ## Compatibility From acf193e30816680163b8a5864d65b775bfa0366a Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 9 Jan 2022 16:04:32 +0900 Subject: [PATCH 11/66] style: follow the official style conventions (#242) * style: follow the official style conventions * docs: remove modules/resources from README --- .pre-commit-config.yaml | 2 +- .terraform-docs.yml | 15 + README.md | 407 +++++++++------------------- analyzer_baselines.tf | 51 ++-- bucket.tf | 3 +- config_baselines.tf | 78 ++++-- main.tf | 3 +- modules/alarm-baseline/main.tf | 6 +- modules/cloudtrail-baseline/main.tf | 11 +- modules/config-baseline/main.tf | 16 +- modules/guardduty-baseline/main.tf | 5 +- modules/iam-baseline/main.tf | 9 +- modules/secure-bucket/main.tf | 16 +- vpc_baselines.tf | 17 -- 14 files changed, 263 insertions(+), 376 deletions(-) create mode 100644 .terraform-docs.yml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5faa9562..a0d2152c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: git://github.com/antonbabenko/pre-commit-terraform - rev: v1.51.0 + rev: v1.62.3 hooks: - id: terraform_fmt - id: terraform_docs diff --git a/.terraform-docs.yml b/.terraform-docs.yml new file mode 100644 index 00000000..0dc5b585 --- /dev/null +++ b/.terraform-docs.yml @@ -0,0 +1,15 @@ +formatter: "markdown table" + +sections: + show: + - requirements + - providers + - inputs + - outputs + +sort: + enabled: true + by: name + +settings: + default: false diff --git a/README.md b/README.md index a7a1b8f0..e26f1c06 100644 --- a/README.md +++ b/README.md @@ -106,293 +106,148 @@ This module is composed of several submodules and each of which can be used inde - [vpc-baseline](./modules/vpc-baseline) - ## Requirements -| Name | Version | -| ------------------------------------------------------------------------ | --------- | -| [terraform](#requirement_terraform) | >= 1.1.3 | -| [aws](#requirement_aws) | >= 3.50.0 | +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [aws](#requirement\_aws) | >= 3.50.0 | ## Providers -| Name | Version | -| ------------------------------------------------ | --------- | -| [aws](#provider_aws) | >= 3.50.0 | - -## Modules - -| Name | Source | Version | -| -------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | ------- | -| [alarm_baseline](#module_alarm_baseline) | ./modules/alarm-baseline | n/a | -| [analyzer_baseline_ap-northeast-1](#module_analyzer_baseline_ap-northeast-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_ap-northeast-2](#module_analyzer_baseline_ap-northeast-2) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_ap-northeast-3](#module_analyzer_baseline_ap-northeast-3) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_ap-south-1](#module_analyzer_baseline_ap-south-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_ap-southeast-1](#module_analyzer_baseline_ap-southeast-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_ap-southeast-2](#module_analyzer_baseline_ap-southeast-2) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_ca-central-1](#module_analyzer_baseline_ca-central-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_eu-central-1](#module_analyzer_baseline_eu-central-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_eu-north-1](#module_analyzer_baseline_eu-north-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_eu-west-1](#module_analyzer_baseline_eu-west-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_eu-west-2](#module_analyzer_baseline_eu-west-2) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_eu-west-3](#module_analyzer_baseline_eu-west-3) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_sa-east-1](#module_analyzer_baseline_sa-east-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_us-east-1](#module_analyzer_baseline_us-east-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_us-east-2](#module_analyzer_baseline_us-east-2) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_us-west-1](#module_analyzer_baseline_us-west-1) | ./modules/analyzer-baseline | n/a | -| [analyzer_baseline_us-west-2](#module_analyzer_baseline_us-west-2) | ./modules/analyzer-baseline | n/a | -| [audit_log_bucket](#module_audit_log_bucket) | ./modules/secure-bucket | n/a | -| [cloudtrail_baseline](#module_cloudtrail_baseline) | ./modules/cloudtrail-baseline | n/a | -| [config_baseline_ap-northeast-1](#module_config_baseline_ap-northeast-1) | ./modules/config-baseline | n/a | -| [config_baseline_ap-northeast-2](#module_config_baseline_ap-northeast-2) | ./modules/config-baseline | n/a | -| [config_baseline_ap-northeast-3](#module_config_baseline_ap-northeast-3) | ./modules/config-baseline | n/a | -| [config_baseline_ap-south-1](#module_config_baseline_ap-south-1) | ./modules/config-baseline | n/a | -| [config_baseline_ap-southeast-1](#module_config_baseline_ap-southeast-1) | ./modules/config-baseline | n/a | -| [config_baseline_ap-southeast-2](#module_config_baseline_ap-southeast-2) | ./modules/config-baseline | n/a | -| [config_baseline_ca-central-1](#module_config_baseline_ca-central-1) | ./modules/config-baseline | n/a | -| [config_baseline_eu-central-1](#module_config_baseline_eu-central-1) | ./modules/config-baseline | n/a | -| [config_baseline_eu-north-1](#module_config_baseline_eu-north-1) | ./modules/config-baseline | n/a | -| [config_baseline_eu-west-1](#module_config_baseline_eu-west-1) | ./modules/config-baseline | n/a | -| [config_baseline_eu-west-2](#module_config_baseline_eu-west-2) | ./modules/config-baseline | n/a | -| [config_baseline_eu-west-3](#module_config_baseline_eu-west-3) | ./modules/config-baseline | n/a | -| [config_baseline_sa-east-1](#module_config_baseline_sa-east-1) | ./modules/config-baseline | n/a | -| [config_baseline_us-east-1](#module_config_baseline_us-east-1) | ./modules/config-baseline | n/a | -| [config_baseline_us-east-2](#module_config_baseline_us-east-2) | ./modules/config-baseline | n/a | -| [config_baseline_us-west-1](#module_config_baseline_us-west-1) | ./modules/config-baseline | n/a | -| [config_baseline_us-west-2](#module_config_baseline_us-west-2) | ./modules/config-baseline | n/a | -| [ebs_baseline_ap-northeast-1](#module_ebs_baseline_ap-northeast-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_ap-northeast-2](#module_ebs_baseline_ap-northeast-2) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_ap-northeast-3](#module_ebs_baseline_ap-northeast-3) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_ap-south-1](#module_ebs_baseline_ap-south-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_ap-southeast-1](#module_ebs_baseline_ap-southeast-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_ap-southeast-2](#module_ebs_baseline_ap-southeast-2) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_ca-central-1](#module_ebs_baseline_ca-central-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_eu-central-1](#module_ebs_baseline_eu-central-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_eu-north-1](#module_ebs_baseline_eu-north-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_eu-west-1](#module_ebs_baseline_eu-west-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_eu-west-2](#module_ebs_baseline_eu-west-2) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_eu-west-3](#module_ebs_baseline_eu-west-3) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_sa-east-1](#module_ebs_baseline_sa-east-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_us-east-1](#module_ebs_baseline_us-east-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_us-east-2](#module_ebs_baseline_us-east-2) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_us-west-1](#module_ebs_baseline_us-west-1) | ./modules/ebs-baseline | n/a | -| [ebs_baseline_us-west-2](#module_ebs_baseline_us-west-2) | ./modules/ebs-baseline | n/a | -| [guardduty_baseline_ap-northeast-1](#module_guardduty_baseline_ap-northeast-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_ap-northeast-2](#module_guardduty_baseline_ap-northeast-2) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_ap-northeast-3](#module_guardduty_baseline_ap-northeast-3) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_ap-south-1](#module_guardduty_baseline_ap-south-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_ap-southeast-1](#module_guardduty_baseline_ap-southeast-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_ap-southeast-2](#module_guardduty_baseline_ap-southeast-2) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_ca-central-1](#module_guardduty_baseline_ca-central-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_eu-central-1](#module_guardduty_baseline_eu-central-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_eu-north-1](#module_guardduty_baseline_eu-north-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_eu-west-1](#module_guardduty_baseline_eu-west-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_eu-west-2](#module_guardduty_baseline_eu-west-2) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_eu-west-3](#module_guardduty_baseline_eu-west-3) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_sa-east-1](#module_guardduty_baseline_sa-east-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_us-east-1](#module_guardduty_baseline_us-east-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_us-east-2](#module_guardduty_baseline_us-east-2) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_us-west-1](#module_guardduty_baseline_us-west-1) | ./modules/guardduty-baseline | n/a | -| [guardduty_baseline_us-west-2](#module_guardduty_baseline_us-west-2) | ./modules/guardduty-baseline | n/a | -| [iam_baseline](#module_iam_baseline) | ./modules/iam-baseline | n/a | -| [s3_baseline](#module_s3_baseline) | ./modules/s3-baseline | n/a | -| [securityhub_baseline_ap-northeast-1](#module_securityhub_baseline_ap-northeast-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_ap-northeast-2](#module_securityhub_baseline_ap-northeast-2) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_ap-northeast-3](#module_securityhub_baseline_ap-northeast-3) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_ap-south-1](#module_securityhub_baseline_ap-south-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_ap-southeast-1](#module_securityhub_baseline_ap-southeast-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_ap-southeast-2](#module_securityhub_baseline_ap-southeast-2) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_ca-central-1](#module_securityhub_baseline_ca-central-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_eu-central-1](#module_securityhub_baseline_eu-central-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_eu-north-1](#module_securityhub_baseline_eu-north-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_eu-west-1](#module_securityhub_baseline_eu-west-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_eu-west-2](#module_securityhub_baseline_eu-west-2) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_eu-west-3](#module_securityhub_baseline_eu-west-3) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_sa-east-1](#module_securityhub_baseline_sa-east-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_us-east-1](#module_securityhub_baseline_us-east-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_us-east-2](#module_securityhub_baseline_us-east-2) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_us-west-1](#module_securityhub_baseline_us-west-1) | ./modules/securityhub-baseline | n/a | -| [securityhub_baseline_us-west-2](#module_securityhub_baseline_us-west-2) | ./modules/securityhub-baseline | n/a | -| [vpc_baseline_ap-northeast-1](#module_vpc_baseline_ap-northeast-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_ap-northeast-2](#module_vpc_baseline_ap-northeast-2) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_ap-northeast-3](#module_vpc_baseline_ap-northeast-3) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_ap-south-1](#module_vpc_baseline_ap-south-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_ap-southeast-1](#module_vpc_baseline_ap-southeast-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_ap-southeast-2](#module_vpc_baseline_ap-southeast-2) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_ca-central-1](#module_vpc_baseline_ca-central-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_eu-central-1](#module_vpc_baseline_eu-central-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_eu-north-1](#module_vpc_baseline_eu-north-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_eu-west-1](#module_vpc_baseline_eu-west-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_eu-west-2](#module_vpc_baseline_eu-west-2) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_eu-west-3](#module_vpc_baseline_eu-west-3) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_sa-east-1](#module_vpc_baseline_sa-east-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_us-east-1](#module_vpc_baseline_us-east-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_us-east-2](#module_vpc_baseline_us-east-2) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_us-west-1](#module_vpc_baseline_us-west-1) | ./modules/vpc-baseline | n/a | -| [vpc_baseline_us-west-2](#module_vpc_baseline_us-west-2) | ./modules/vpc-baseline | n/a | - -## Resources - -| Name | Type | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | -| [aws_config_config_rule.iam_mfa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_config_rule.no_policies_with_full_admin_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_config_rule.unused_credentials](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_config_rule.user_no_policies](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_config_rule) | resource | -| [aws_config_configuration_aggregator.organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_aggregator) | resource | -| [aws_iam_role.config_organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role.flow_logs_publisher](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role.recorder](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy.flow_logs_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | -| [aws_iam_role_policy.recorder_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | -| [aws_iam_role_policy_attachment.config_organization](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_role_policy_attachment.recorder_read_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_s3_bucket_policy.audit_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy_document.audit_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_base](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_cloud_trail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.audit_log_flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.config_organization_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.flow_logs_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.flow_logs_publisher_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.recorder_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.recorder_publish_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_organizations_organization.org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source | -| [aws_s3_bucket.external](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source | +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: | -| [account_type](#input_account_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | `"individual"` | no | -| [alarm_baseline_enabled](#input_alarm_baseline_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | `true` | no | -| [alarm_namespace](#input_alarm_namespace) | The namespace in which all alarms are set up. | `string` | `"CISBenchmark"` | no | -| [alarm_sns_topic_kms_master_key_id](#input_alarm_sns_topic_kms_master_key_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | -| [alarm_sns_topic_name](#input_alarm_sns_topic_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | `"CISAlarm"` | no | -| [allow_users_to_change_password](#input_allow_users_to_change_password) | Whether to allow users to change their own password. | `bool` | `true` | no | -| [analyzer_baseline_enabled](#input_analyzer_baseline_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | `true` | no | -| [analyzer_name](#input_analyzer_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyzer"` | no | -| [audit_log_bucket_custom_policy_json](#input_audit_log_bucket_custom_policy_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | `"{}"` | no | -| [audit_log_bucket_force_destroy](#input_audit_log_bucket_force_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | -| [audit_log_bucket_key_enabled](#input_audit_log_bucket_key_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | `false` | no | -| [audit_log_bucket_name](#input_audit_log_bucket_name) | The name of the S3 bucket to store various audit logs. | `any` | n/a | yes | -| [audit_log_lifecycle_glacier_transition_days](#input_audit_log_lifecycle_glacier_transition_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | `90` | no | -| [aws_account_id](#input_aws_account_id) | The AWS Account ID number of the account. | `any` | n/a | yes | -| [aws_config_changes_enabled](#input_aws_config_changes_enabled) | The boolean flag whether the aws_config_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [cloudtrail_baseline_enabled](#input_cloudtrail_baseline_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | `true` | no | -| [cloudtrail_cfg_changes_enabled](#input_cloudtrail_cfg_changes_enabled) | The boolean flag whether the cloudtrail_cfg_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [cloudtrail_cloudwatch_logs_enabled](#input_cloudtrail_cloudwatch_logs_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | `true` | no | -| [cloudtrail_cloudwatch_logs_group_name](#input_cloudtrail_cloudwatch_logs_group_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | `"cloudtrail-multi-region"` | no | -| [cloudtrail_dynamodb_event_logging_tables](#input_cloudtrail_dynamodb_event_logging_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | 
[
 "arn:aws:dynamodb"
]
| no | -| [cloudtrail_iam_role_name](#input_cloudtrail_iam_role_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Role"` | no | -| [cloudtrail_iam_role_policy_name](#input_cloudtrail_iam_role_policy_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Policy"` | no | -| [cloudtrail_key_deletion_window_in_days](#input_cloudtrail_key_deletion_window_in_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | `10` | no | -| [cloudtrail_lambda_invocation_logging_lambdas](#input_cloudtrail_lambda_invocation_logging_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list` | 
[
 "arn:aws:lambda"
]
| no | -| [cloudtrail_name](#input_cloudtrail_name) | The name of the trail. | `string` | `"cloudtrail-multi-region"` | no | -| [cloudtrail_s3_key_prefix](#input_cloudtrail_s3_key_prefix) | The prefix used when CloudTrail delivers events to the S3 bucket. | `string` | `"cloudtrail"` | no | -| [cloudtrail_s3_object_level_logging_buckets](#input_cloudtrail_s3_object_level_logging_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list` | 
[
 "arn:aws:s3:::"
]
| no | -| [cloudtrail_sns_topic_enabled](#input_cloudtrail_sns_topic_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | `true` | no | -| [cloudtrail_sns_topic_name](#input_cloudtrail_sns_topic_name) | The name of the SNS topic to link to the trail. | `string` | `"cloudtrail-multi-region-sns-topic"` | no | -| [cloudwatch_logs_retention_in_days](#input_cloudwatch_logs_retention_in_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | -| [config_aggregator_name](#input_config_aggregator_name) | The name of the organizational AWS Config Configuration Aggregator. | `string` | `"organization-aggregator"` | no | -| [config_aggregator_name_prefix](#input_config_aggregator_name_prefix) | The prefix of the name for the IAM role attached to the organizational AWS Config Configuration Aggregator. | `string` | `"config-for-organization-role"` | no | -| [config_baseline_enabled](#input_config_baseline_enabled) | Boolean whether config-baseline is enabled. | `bool` | `true` | no | -| [config_delivery_frequency](#input_config_delivery_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | `"One_Hour"` | no | -| [config_global_resources_all_regions](#input_config_global_resources_all_regions) | Record global resources in all regions. If false, only default region will record global resources. | `bool` | `false` | no | -| [config_iam_role_name](#input_config_iam_role_name) | The name of the IAM Role which AWS Config will use. | `string` | `"Config-Recorder"` | no | -| [config_iam_role_policy_name](#input_config_iam_role_policy_name) | The name of the IAM Role Policy which AWS Config will use. | `string` | `"Config-Recorder-Policy"` | no | -| [config_s3_bucket_key_prefix](#input_config_s3_bucket_key_prefix) | The prefix used when writing AWS Config snapshots into the S3 bucket. | `string` | `"config"` | no | -| [config_sns_topic_kms_master_key_id](#input_config_sns_topic_kms_master_key_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | -| [config_sns_topic_name](#input_config_sns_topic_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | `"ConfigChanges"` | no | -| [console_signin_failures_enabled](#input_console_signin_failures_enabled) | The boolean flag whether the console_signin_failures alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [create_manager_role](#input_create_manager_role) | Define if the manager role should be created. | `bool` | `true` | no | -| [create_master_role](#input_create_master_role) | Define if the master role should be created. | `bool` | `true` | no | -| [create_password_policy](#input_create_password_policy) | Define if the password policy should be created. | `bool` | `true` | no | -| [create_support_role](#input_create_support_role) | Define if the support role should be created. | `bool` | `true` | no | -| [disable_or_delete_cmk_enabled](#input_disable_or_delete_cmk_enabled) | The boolean flag whether the disable_or_delete_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [guardduty_disable_email_notification](#input_guardduty_disable_email_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | `false` | no | -| [guardduty_enabled](#input_guardduty_enabled) | Boolean whether the guardduty-baseline module is enabled or disabled | `bool` | `true` | no | -| [guardduty_finding_publishing_frequency](#input_guardduty_finding_publishing_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | `"SIX_HOURS"` | no | -| [guardduty_invitation_message](#input_guardduty_invitation_message) | Message for invitation. | `string` | `"This is an automatic invitation message from guardduty-baseline module."` | no | -| [iam_baseline_enabled](#input_iam_baseline_enabled) | Boolean whether iam-baseline is enabled. | `bool` | `true` | no | -| [iam_changes_enabled](#input_iam_changes_enabled) | The boolean flag whether the iam_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [manager_iam_role_name](#input_manager_iam_role_name) | The name of the IAM Manager role. | `string` | `"IAM-Manager"` | no | -| [manager_iam_role_policy_name](#input_manager_iam_role_policy_name) | The name of the IAM Manager role policy. | `string` | `"IAM-Manager-Policy"` | no | -| [master_account_id](#input_master_account_id) | The ID of the master AWS account to which the current AWS account is associated. Required if `account_type` is `member`. | `string` | `""` | no | -| [master_iam_role_name](#input_master_iam_role_name) | The name of the IAM Master role. | `string` | `"IAM-Master"` | no | -| [master_iam_role_policy_name](#input_master_iam_role_policy_name) | The name of the IAM Master role policy. | `string` | `"IAM-Master-Policy"` | no | -| [max_password_age](#input_max_password_age) | The number of days that an user password is valid. | `number` | `0` | no | -| [member_accounts](#input_member_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
 account_id = string
 email = string
 }))
| `[]` | no | -| [mfa_console_signin_allow_sso](#input_mfa_console_signin_allow_sso) | The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | -| [minimum_password_length](#input_minimum_password_length) | Minimum length to require for user passwords. | `number` | `14` | no | -| [nacl_changes_enabled](#input_nacl_changes_enabled) | The boolean flag whether the nacl_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [network_gw_changes_enabled](#input_network_gw_changes_enabled) | The boolean flag whether the network_gw_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [no_mfa_console_signin_enabled](#input_no_mfa_console_signin_enabled) | The boolean flag whether the no_mfa_console_signin alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [organizations_changes_enabled](#input_organizations_changes_enabled) | The boolean flag whether the organizations_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [password_reuse_prevention](#input_password_reuse_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | `24` | no | -| [region](#input_region) | The AWS region in which global resources are set up. | `any` | n/a | yes | -| [require_lowercase_characters](#input_require_lowercase_characters) | Whether to require lowercase characters for user passwords. | `bool` | `false` | no | -| [require_numbers](#input_require_numbers) | Whether to require numbers for user passwords. | `bool` | `false` | no | -| [require_symbols](#input_require_symbols) | Whether to require symbols for user passwords. | `bool` | `false` | no | -| [require_uppercase_characters](#input_require_uppercase_characters) | Whether to require uppercase characters for user passwords. | `bool` | `false` | no | -| [root_usage_enabled](#input_root_usage_enabled) | The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [route_table_changes_enabled](#input_route_table_changes_enabled) | The boolean flag whether the route_table_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [s3_baseline_enabled](#input_s3_baseline_enabled) | Boolean whether s3-baseline is enabled. | `bool` | `true` | no | -| [s3_block_public_acls](#input_s3_block_public_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [s3_block_public_policy](#input_s3_block_public_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [s3_bucket_policy_changes_enabled](#input_s3_bucket_policy_changes_enabled) | The boolean flag whether the s3_bucket_policy_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [s3_ignore_public_acls](#input_s3_ignore_public_acls) | Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [s3_restrict_public_buckets](#input_s3_restrict_public_buckets) | Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [security_group_changes_enabled](#input_security_group_changes_enabled) | The boolean flag whether the security_group_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [securityhub_enable_aws_foundational_standard](#input_securityhub_enable_aws_foundational_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | `true` | no | -| [securityhub_enable_cis_standard](#input_securityhub_enable_cis_standard) | Boolean whether CIS standard is enabled. | `bool` | `true` | no | -| [securityhub_enable_pci_dss_standard](#input_securityhub_enable_pci_dss_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | `false` | no | -| [securityhub_enable_product_arns](#input_securityhub_enable_product_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | `[]` | no | -| [securityhub_enabled](#input_securityhub_enabled) | Boolean whether the securityhub-baseline module is enabled or disabled | `bool` | `true` | no | -| [support_iam_role_name](#input_support_iam_role_name) | The name of the the support role. | `string` | `"IAM-Support"` | no | -| [support_iam_role_policy_name](#input_support_iam_role_policy_name) | The name of the support role policy. | `string` | `"IAM-Support-Role"` | no | -| [support_iam_role_principal_arns](#input_support_iam_role_principal_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | n/a | yes | -| [tags](#input_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | `{}` | no | -| [target_regions](#input_target_regions) | A list of regions to set up with this module. | `list` | 
[
 "ap-northeast-1",
 "ap-northeast-2",
 "ap-northeast-3",
 "ap-south-1",
 "ap-southeast-1",
 "ap-southeast-2",
 "ca-central-1",
 "eu-central-1",
 "eu-north-1",
 "eu-west-1",
 "eu-west-2",
 "eu-west-3",
 "sa-east-1",
 "us-east-1",
 "us-east-2",
 "us-west-1",
 "us-west-2"
]
| no | -| [unauthorized_api_calls_enabled](#input_unauthorized_api_calls_enabled) | The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [use_external_audit_log_bucket](#input_use_external_audit_log_bucket) | A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false. | `bool` | `false` | no | -| [vpc_changes_enabled](#input_vpc_changes_enabled) | The boolean flag whether the vpc_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [vpc_enable](#input_vpc_enable) | Boolean whether the VPC baseline module should be enabled | `bool` | `true` | no | -| [vpc_enable_flow_logs](#input_vpc_enable_flow_logs) | The boolean flag whether to enable VPC Flow Logs in default VPCs | `bool` | `true` | no | -| [vpc_flow_logs_destination_type](#input_vpc_flow_logs_destination_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | `"cloud-watch-logs"` | no | -| [vpc_flow_logs_log_group_name](#input_vpc_flow_logs_log_group_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered. | `string` | `"default-vpc-flow-logs"` | no | -| [vpc_flow_logs_retention_in_days](#input_vpc_flow_logs_retention_in_days) | Number of days to retain logs if vpc_log_destination_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | -| [vpc_flow_logs_s3_arn](#input_vpc_flow_logs_s3_arn) | ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc_log_destination_type is s3. | `string` | `""` | no | -| [vpc_flow_logs_s3_key_prefix](#input_vpc_flow_logs_s3_key_prefix) | The prefix used when VPC Flow Logs delivers logs to the S3 bucket. | `string` | `"flow-logs"` | no | -| [vpc_iam_role_name](#input_vpc_iam_role_name) | The name of the IAM Role which VPC Flow Logs will use. | `string` | `"VPC-Flow-Logs-Publisher"` | no | -| [vpc_iam_role_policy_name](#input_vpc_iam_role_policy_name) | The name of the IAM Role Policy which VPC Flow Logs will use. | `string` | `"VPC-Flow-Logs-Publish-Policy"` | no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [account\_type](#input\_account\_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | no | +| [alarm\_baseline\_enabled](#input\_alarm\_baseline\_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | no | +| [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | no | +| [alarm\_sns\_topic\_kms\_master\_key\_id](#input\_alarm\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | no | +| [alarm\_sns\_topic\_name](#input\_alarm\_sns\_topic\_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | no | +| [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | no | +| [analyzer\_baseline\_enabled](#input\_analyzer\_baseline\_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | no | +| [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | no | +| [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | no | +| [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | +| [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | no | +| [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `any` | yes | +| [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | no | +| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | yes | +| [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [cloudtrail\_baseline\_enabled](#input\_cloudtrail\_baseline\_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | no | +| [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [cloudtrail\_cloudwatch\_logs\_enabled](#input\_cloudtrail\_cloudwatch\_logs\_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | no | +| [cloudtrail\_cloudwatch\_logs\_group\_name](#input\_cloudtrail\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | no | +| [cloudtrail\_dynamodb\_event\_logging\_tables](#input\_cloudtrail\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | no | +| [cloudtrail\_iam\_role\_name](#input\_cloudtrail\_iam\_role\_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | no | +| [cloudtrail\_iam\_role\_policy\_name](#input\_cloudtrail\_iam\_role\_policy\_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | no | +| [cloudtrail\_key\_deletion\_window\_in\_days](#input\_cloudtrail\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | no | +| [cloudtrail\_lambda\_invocation\_logging\_lambdas](#input\_cloudtrail\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list` | no | +| [cloudtrail\_name](#input\_cloudtrail\_name) | The name of the trail. | `string` | no | +| [cloudtrail\_s3\_key\_prefix](#input\_cloudtrail\_s3\_key\_prefix) | The prefix used when CloudTrail delivers events to the S3 bucket. | `string` | no | +| [cloudtrail\_s3\_object\_level\_logging\_buckets](#input\_cloudtrail\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list` | no | +| [cloudtrail\_sns\_topic\_enabled](#input\_cloudtrail\_sns\_topic\_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | no | +| [cloudtrail\_sns\_topic\_name](#input\_cloudtrail\_sns\_topic\_name) | The name of the SNS topic to link to the trail. | `string` | no | +| [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | no | +| [config\_aggregator\_name](#input\_config\_aggregator\_name) | The name of the organizational AWS Config Configuration Aggregator. | `string` | no | +| [config\_aggregator\_name\_prefix](#input\_config\_aggregator\_name\_prefix) | The prefix of the name for the IAM role attached to the organizational AWS Config Configuration Aggregator. | `string` | no | +| [config\_baseline\_enabled](#input\_config\_baseline\_enabled) | Boolean whether config-baseline is enabled. | `bool` | no | +| [config\_delivery\_frequency](#input\_config\_delivery\_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | no | +| [config\_global\_resources\_all\_regions](#input\_config\_global\_resources\_all\_regions) | Record global resources in all regions. If false, only default region will record global resources. | `bool` | no | +| [config\_iam\_role\_name](#input\_config\_iam\_role\_name) | The name of the IAM Role which AWS Config will use. | `string` | no | +| [config\_iam\_role\_policy\_name](#input\_config\_iam\_role\_policy\_name) | The name of the IAM Role Policy which AWS Config will use. | `string` | no | +| [config\_s3\_bucket\_key\_prefix](#input\_config\_s3\_bucket\_key\_prefix) | The prefix used when writing AWS Config snapshots into the S3 bucket. | `string` | no | +| [config\_sns\_topic\_kms\_master\_key\_id](#input\_config\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | no | +| [config\_sns\_topic\_name](#input\_config\_sns\_topic\_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | no | +| [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [create\_manager\_role](#input\_create\_manager\_role) | Define if the manager role should be created. | `bool` | no | +| [create\_master\_role](#input\_create\_master\_role) | Define if the master role should be created. | `bool` | no | +| [create\_password\_policy](#input\_create\_password\_policy) | Define if the password policy should be created. | `bool` | no | +| [create\_support\_role](#input\_create\_support\_role) | Define if the support role should be created. | `bool` | no | +| [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [guardduty\_disable\_email\_notification](#input\_guardduty\_disable\_email\_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | no | +| [guardduty\_enabled](#input\_guardduty\_enabled) | Boolean whether the guardduty-baseline module is enabled or disabled | `bool` | no | +| [guardduty\_finding\_publishing\_frequency](#input\_guardduty\_finding\_publishing\_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | no | +| [guardduty\_invitation\_message](#input\_guardduty\_invitation\_message) | Message for invitation. | `string` | no | +| [iam\_baseline\_enabled](#input\_iam\_baseline\_enabled) | Boolean whether iam-baseline is enabled. | `bool` | no | +| [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [manager\_iam\_role\_name](#input\_manager\_iam\_role\_name) | The name of the IAM Manager role. | `string` | no | +| [manager\_iam\_role\_policy\_name](#input\_manager\_iam\_role\_policy\_name) | The name of the IAM Manager role policy. | `string` | no | +| [master\_account\_id](#input\_master\_account\_id) | The ID of the master AWS account to which the current AWS account is associated. Required if `account_type` is `member`. | `string` | no | +| [master\_iam\_role\_name](#input\_master\_iam\_role\_name) | The name of the IAM Master role. | `string` | no | +| [master\_iam\_role\_policy\_name](#input\_master\_iam\_role\_policy\_name) | The name of the IAM Master role policy. | `string` | no | +| [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | no | +| [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| no | +| [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | no | +| [minimum\_password\_length](#input\_minimum\_password\_length) | Minimum length to require for user passwords. | `number` | no | +| [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [network\_gw\_changes\_enabled](#input\_network\_gw\_changes\_enabled) | The boolean flag whether the network\_gw\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | no | +| [region](#input\_region) | The AWS region in which global resources are set up. | `any` | yes | +| [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | no | +| [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | no | +| [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | +| [require\_uppercase\_characters](#input\_require\_uppercase\_characters) | Whether to require uppercase characters for user passwords. | `bool` | no | +| [root\_usage\_enabled](#input\_root\_usage\_enabled) | The boolean flag whether the root\_usage alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [route\_table\_changes\_enabled](#input\_route\_table\_changes\_enabled) | The boolean flag whether the route\_table\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [s3\_baseline\_enabled](#input\_s3\_baseline\_enabled) | Boolean whether s3-baseline is enabled. | `bool` | no | +| [s3\_block\_public\_acls](#input\_s3\_block\_public\_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | no | +| [s3\_block\_public\_policy](#input\_s3\_block\_public\_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | no | +| [s3\_bucket\_policy\_changes\_enabled](#input\_s3\_bucket\_policy\_changes\_enabled) | The boolean flag whether the s3\_bucket\_policy\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [s3\_ignore\_public\_acls](#input\_s3\_ignore\_public\_acls) | Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true. | `bool` | no | +| [s3\_restrict\_public\_buckets](#input\_s3\_restrict\_public\_buckets) | Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true. | `bool` | no | +| [security\_group\_changes\_enabled](#input\_security\_group\_changes\_enabled) | The boolean flag whether the security\_group\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [securityhub\_enable\_aws\_foundational\_standard](#input\_securityhub\_enable\_aws\_foundational\_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | no | +| [securityhub\_enable\_cis\_standard](#input\_securityhub\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | no | +| [securityhub\_enable\_pci\_dss\_standard](#input\_securityhub\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | no | +| [securityhub\_enable\_product\_arns](#input\_securityhub\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | no | +| [securityhub\_enabled](#input\_securityhub\_enabled) | Boolean whether the securityhub-baseline module is enabled or disabled | `bool` | no | +| [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | no | +| [support\_iam\_role\_policy\_name](#input\_support\_iam\_role\_policy\_name) | The name of the support role policy. | `string` | no | +| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | yes | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | no | +| [target\_regions](#input\_target\_regions) | A list of regions to set up with this module. | `list` | no | +| [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [use\_external\_audit\_log\_bucket](#input\_use\_external\_audit\_log\_bucket) | A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false. | `bool` | no | +| [vpc\_changes\_enabled](#input\_vpc\_changes\_enabled) | The boolean flag whether the vpc\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [vpc\_enable](#input\_vpc\_enable) | Boolean whether the VPC baseline module should be enabled | `bool` | no | +| [vpc\_enable\_flow\_logs](#input\_vpc\_enable\_flow\_logs) | The boolean flag whether to enable VPC Flow Logs in default VPCs | `bool` | no | +| [vpc\_flow\_logs\_destination\_type](#input\_vpc\_flow\_logs\_destination\_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | no | +| [vpc\_flow\_logs\_log\_group\_name](#input\_vpc\_flow\_logs\_log\_group\_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered. | `string` | no | +| [vpc\_flow\_logs\_retention\_in\_days](#input\_vpc\_flow\_logs\_retention\_in\_days) | Number of days to retain logs if vpc\_log\_destination\_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | no | +| [vpc\_flow\_logs\_s3\_arn](#input\_vpc\_flow\_logs\_s3\_arn) | ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is s3. | `string` | no | +| [vpc\_flow\_logs\_s3\_key\_prefix](#input\_vpc\_flow\_logs\_s3\_key\_prefix) | The prefix used when VPC Flow Logs delivers logs to the S3 bucket. | `string` | no | +| [vpc\_iam\_role\_name](#input\_vpc\_iam\_role\_name) | The name of the IAM Role which VPC Flow Logs will use. | `string` | no | +| [vpc\_iam\_role\_policy\_name](#input\_vpc\_iam\_role\_policy\_name) | The name of the IAM Role Policy which VPC Flow Logs will use. | `string` | no | ## Outputs -| Name | Description | -| ----------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | -| [alarm_sns_topic](#output_alarm_sns_topic) | The SNS topic to which CloudWatch Alarms will be sent. | -| [audit_bucket](#output_audit_bucket) | The S3 bucket used for storing audit logs. | -| [cloudtrail](#output_cloudtrail) | The trail for recording events in all regions. | -| [cloudtrail_kms_key](#output_cloudtrail_kms_key) | The KMS key used for encrypting CloudTrail events. | -| [cloudtrail_log_delivery_iam_role](#output_cloudtrail_log_delivery_iam_role) | The IAM role used for delivering CloudTrail events to CloudWatch Logs. | -| [cloudtrail_log_group](#output_cloudtrail_log_group) | The CloudWatch Logs log group which stores CloudTrail events. | -| [cloudtrail_sns_topic](#output_cloudtrail_sns_topic) | The sns topic linked to the cloudtrail. | -| [config_configuration_recorder](#output_config_configuration_recorder) | The configuration recorder in each region. | -| [config_iam_role](#output_config_iam_role) | The IAM role used for delivering AWS Config records to CloudWatch Logs. | -| [config_sns_topic](#output_config_sns_topic) | The SNS topic) that AWS Config delivers notifications to. | -| [default_network_acl](#output_default_network_acl) | The default network ACL. | -| [default_route_table](#output_default_route_table) | The default route table. | -| [default_security_group](#output_default_security_group) | The ID of the default security group. | -| [default_vpc](#output_default_vpc) | The default VPC. | -| [guardduty_detector](#output_guardduty_detector) | The GuardDuty detector in each region. | -| [support_iam_role](#output_support_iam_role) | The IAM role used for the support user. | -| [vpc_flow_logs_group](#output_vpc_flow_logs_group) | The CloudWatch Logs log group which stores VPC Flow Logs in each region. | -| [vpc_flow_logs_iam_role](#output_vpc_flow_logs_iam_role) | The IAM role used for delivering VPC Flow Logs to CloudWatch Logs. | - +| Name | Description | +|------|-------------| +| [alarm\_sns\_topic](#output\_alarm\_sns\_topic) | The SNS topic to which CloudWatch Alarms will be sent. | +| [audit\_bucket](#output\_audit\_bucket) | The S3 bucket used for storing audit logs. | +| [cloudtrail](#output\_cloudtrail) | The trail for recording events in all regions. | +| [cloudtrail\_kms\_key](#output\_cloudtrail\_kms\_key) | The KMS key used for encrypting CloudTrail events. | +| [cloudtrail\_log\_delivery\_iam\_role](#output\_cloudtrail\_log\_delivery\_iam\_role) | The IAM role used for delivering CloudTrail events to CloudWatch Logs. | +| [cloudtrail\_log\_group](#output\_cloudtrail\_log\_group) | The CloudWatch Logs log group which stores CloudTrail events. | +| [cloudtrail\_sns\_topic](#output\_cloudtrail\_sns\_topic) | The sns topic linked to the cloudtrail. | +| [config\_configuration\_recorder](#output\_config\_configuration\_recorder) | The configuration recorder in each region. | +| [config\_iam\_role](#output\_config\_iam\_role) | The IAM role used for delivering AWS Config records to CloudWatch Logs. | +| [config\_sns\_topic](#output\_config\_sns\_topic) | The SNS topic) that AWS Config delivers notifications to. | +| [default\_network\_acl](#output\_default\_network\_acl) | The default network ACL. | +| [default\_route\_table](#output\_default\_route\_table) | The default route table. | +| [default\_security\_group](#output\_default\_security\_group) | The ID of the default security group. | +| [default\_vpc](#output\_default\_vpc) | The default VPC. | +| [guardduty\_detector](#output\_guardduty\_detector) | The GuardDuty detector in each region. | +| [support\_iam\_role](#output\_support\_iam\_role) | The IAM role used for the support user. | +| [vpc\_flow\_logs\_group](#output\_vpc\_flow\_logs\_group) | The CloudWatch Logs log group which stores VPC Flow Logs in each region. | +| [vpc\_flow\_logs\_iam\_role](#output\_vpc\_flow\_logs\_iam\_role) | The IAM role used for delivering VPC Flow Logs to CloudWatch Logs. | ## Compatibility diff --git a/analyzer_baselines.tf b/analyzer_baselines.tf index f02f68ea..4e3022c1 100644 --- a/analyzer_baselines.tf +++ b/analyzer_baselines.tf @@ -15,7 +15,8 @@ module "analyzer_baseline_ap-northeast-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_ap-northeast-2" { @@ -28,7 +29,8 @@ module "analyzer_baseline_ap-northeast-2" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_ap-south-1" { @@ -41,7 +43,8 @@ module "analyzer_baseline_ap-south-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_ap-northeast-3" { @@ -54,7 +57,8 @@ module "analyzer_baseline_ap-northeast-3" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_ap-southeast-1" { @@ -67,7 +71,8 @@ module "analyzer_baseline_ap-southeast-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_ap-southeast-2" { @@ -80,7 +85,8 @@ module "analyzer_baseline_ap-southeast-2" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_ca-central-1" { @@ -93,7 +99,8 @@ module "analyzer_baseline_ca-central-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_eu-central-1" { @@ -106,7 +113,8 @@ module "analyzer_baseline_eu-central-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_eu-north-1" { @@ -119,7 +127,8 @@ module "analyzer_baseline_eu-north-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_eu-west-1" { @@ -132,7 +141,8 @@ module "analyzer_baseline_eu-west-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_eu-west-2" { @@ -145,7 +155,8 @@ module "analyzer_baseline_eu-west-2" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_eu-west-3" { @@ -158,7 +169,8 @@ module "analyzer_baseline_eu-west-3" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_sa-east-1" { @@ -171,7 +183,8 @@ module "analyzer_baseline_sa-east-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_us-east-1" { @@ -184,7 +197,8 @@ module "analyzer_baseline_us-east-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_us-east-2" { @@ -197,7 +211,8 @@ module "analyzer_baseline_us-east-2" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_us-west-1" { @@ -210,7 +225,8 @@ module "analyzer_baseline_us-west-1" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } module "analyzer_baseline_us-west-2" { @@ -223,5 +239,6 @@ module "analyzer_baseline_us-west-2" { analyzer_name = var.analyzer_name is_organization = local.is_master_account - tags = var.tags + + tags = var.tags } diff --git a/bucket.tf b/bucket.tf index f5bc6e7e..8a272647 100644 --- a/bucket.tf +++ b/bucket.tf @@ -18,7 +18,8 @@ locals { # Case 1. Use the external S3 bucket. # -------------------------------------------------------------------------------------------------- data "aws_s3_bucket" "external" { - count = local.use_external_bucket ? 1 : 0 + count = local.use_external_bucket ? 1 : 0 + bucket = var.audit_log_bucket_name } diff --git a/config_baselines.tf b/config_baselines.tf index de3cb477..d4848378 100644 --- a/config_baselines.tf +++ b/config_baselines.tf @@ -26,6 +26,7 @@ locals { # -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "recorder_assume_role_policy" { count = var.config_baseline_enabled ? 1 : 0 + statement { principals { type = "Service" @@ -36,7 +37,8 @@ data "aws_iam_policy_document" "recorder_assume_role_policy" { } resource "aws_iam_role" "recorder" { - count = var.config_baseline_enabled ? 1 : 0 + count = var.config_baseline_enabled ? 1 : 0 + name = var.config_iam_role_name assume_role_policy = data.aws_iam_policy_document.recorder_assume_role_policy[0].json @@ -46,6 +48,7 @@ resource "aws_iam_role" "recorder" { # See https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html data "aws_iam_policy_document" "recorder_publish_policy" { count = var.config_baseline_enabled ? 1 : 0 + statement { actions = ["s3:GetBucketAcl", "s3:ListBucket"] resources = [local.audit_log_bucket_arn] @@ -74,14 +77,16 @@ data "aws_iam_policy_document" "recorder_publish_policy" { } resource "aws_iam_role_policy" "recorder_publish_policy" { - count = var.config_baseline_enabled ? 1 : 0 + count = var.config_baseline_enabled ? 1 : 0 + name = var.config_iam_role_policy_name role = one(aws_iam_role.recorder[*].id) policy = data.aws_iam_policy_document.recorder_publish_policy[0].json } resource "aws_iam_role_policy_attachment" "recorder_read_policy" { - count = var.config_baseline_enabled ? 1 : 0 + count = var.config_baseline_enabled ? 1 : 0 + role = one(aws_iam_role.recorder[*].id) policy_arn = "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole" } @@ -106,7 +111,8 @@ module "config_baseline_ap-northeast-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-northeast-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -126,7 +132,8 @@ module "config_baseline_ap-northeast-2" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-northeast-2" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -146,7 +153,8 @@ module "config_baseline_ap-northeast-3" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-northeast-3" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -166,7 +174,8 @@ module "config_baseline_ap-south-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-south-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -186,7 +195,8 @@ module "config_baseline_ap-southeast-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-southeast-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -206,7 +216,8 @@ module "config_baseline_ap-southeast-2" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ap-southeast-2" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -226,7 +237,8 @@ module "config_baseline_ca-central-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "ca-central-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -246,7 +258,8 @@ module "config_baseline_eu-central-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "eu-central-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -266,7 +279,8 @@ module "config_baseline_eu-north-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "eu-north-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -286,7 +300,8 @@ module "config_baseline_eu-west-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "eu-west-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -306,7 +321,8 @@ module "config_baseline_eu-west-2" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "eu-west-2" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -326,7 +342,8 @@ module "config_baseline_eu-west-3" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "eu-west-3" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -346,7 +363,8 @@ module "config_baseline_sa-east-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "sa-east-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -366,7 +384,8 @@ module "config_baseline_us-east-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "us-east-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -386,7 +405,8 @@ module "config_baseline_us-east-2" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "us-east-2" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -406,7 +426,8 @@ module "config_baseline_us-west-1" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "us-west-1" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -426,7 +447,8 @@ module "config_baseline_us-west-2" { sns_topic_name = var.config_sns_topic_name sns_topic_kms_master_key_id = var.config_sns_topic_kms_master_key_id include_global_resource_types = var.config_global_resources_all_regions ? true : var.region == "us-west-2" - tags = var.tags + + tags = var.tags depends_on = [aws_s3_bucket_policy.audit_log] } @@ -437,7 +459,8 @@ module "config_baseline_us-west-2" { resource "aws_config_config_rule" "iam_mfa" { count = var.config_baseline_enabled ? 1 : 0 - name = "IAMAccountMFAEnabled" + + name = "IAMAccountMFAEnabled" source { owner = "AWS" @@ -470,15 +493,15 @@ resource "aws_config_config_rule" "iam_mfa" { resource "aws_config_config_rule" "unused_credentials" { count = var.config_baseline_enabled ? 1 : 0 - name = "UnusedCredentialsNotExist" + + name = "UnusedCredentialsNotExist" + input_parameters = "{\"maxCredentialUsageAge\": \"90\"}" source { owner = "AWS" source_identifier = "IAM_USER_UNUSED_CREDENTIALS_CHECK" } - input_parameters = "{\"maxCredentialUsageAge\": \"90\"}" - tags = var.tags # Ensure this rule is created after all configuration recorders. @@ -505,7 +528,8 @@ resource "aws_config_config_rule" "unused_credentials" { resource "aws_config_config_rule" "user_no_policies" { count = var.config_baseline_enabled ? 1 : 0 - name = "NoPoliciesAttachedToUser" + + name = "NoPoliciesAttachedToUser" source { owner = "AWS" @@ -544,7 +568,8 @@ resource "aws_config_config_rule" "user_no_policies" { resource "aws_config_config_rule" "no_policies_with_full_admin_access" { count = var.config_baseline_enabled ? 1 : 0 - name = "NoPoliciesWithFullAdminAccess" + + name = "NoPoliciesWithFullAdminAccess" source { owner = "AWS" @@ -587,6 +612,7 @@ resource "aws_config_config_rule" "no_policies_with_full_admin_access" { # -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "config_organization_assume_role_policy" { count = var.config_baseline_enabled ? 1 : 0 + statement { principals { type = "Service" diff --git a/main.tf b/main.tf index da2dfe62..cec96e09 100644 --- a/main.tf +++ b/main.tf @@ -86,7 +86,8 @@ module "cloudtrail_baseline" { dynamodb_event_logging_tables = var.cloudtrail_dynamodb_event_logging_tables lambda_invocation_logging_lambdas = var.cloudtrail_lambda_invocation_logging_lambdas is_organization_trail = local.is_master_account - tags = var.tags + + tags = var.tags } # -------------------------------------------------------------------------------------------------- diff --git a/modules/alarm-baseline/main.tf b/modules/alarm-baseline/main.tf index bef948e4..2d12e970 100644 --- a/modules/alarm-baseline/main.tf +++ b/modules/alarm-baseline/main.tf @@ -6,16 +6,14 @@ data "aws_region" "current" {} # -------------------------------------------------------------------------------------------------- resource "aws_sns_topic" "alarms" { - name = var.sns_topic_name - + name = var.sns_topic_name kms_master_key_id = var.sns_topic_kms_master_key_id tags = var.tags } resource "aws_sns_topic_policy" "alarms" { - arn = aws_sns_topic.alarms.arn - + arn = aws_sns_topic.alarms.arn policy = data.aws_iam_policy_document.alarms-sns-policy.json } diff --git a/modules/cloudtrail-baseline/main.tf b/modules/cloudtrail-baseline/main.tf index cb02401e..f161cb50 100644 --- a/modules/cloudtrail-baseline/main.tf +++ b/modules/cloudtrail-baseline/main.tf @@ -53,9 +53,8 @@ data "aws_iam_policy_document" "cloudwatch_delivery_policy" { resource "aws_iam_role_policy" "cloudwatch_delivery_policy" { count = var.cloudwatch_logs_enabled ? 1 : 0 - name = var.iam_role_policy_name - role = aws_iam_role.cloudwatch_delivery[0].id - + name = var.iam_role_policy_name + role = aws_iam_role.cloudwatch_delivery[0].id policy = data.aws_iam_policy_document.cloudwatch_delivery_policy[0].json } @@ -190,8 +189,7 @@ resource "aws_kms_key" "cloudtrail" { description = "A KMS key to encrypt CloudTrail events." deletion_window_in_days = var.key_deletion_window_in_days enable_key_rotation = "true" - - policy = data.aws_iam_policy_document.cloudtrail_key_policy.json + policy = data.aws_iam_policy_document.cloudtrail_key_policy.json tags = var.tags } @@ -234,8 +232,7 @@ resource "aws_sns_topic_policy" "local-account-cloudtrail" { # -------------------------------------------------------------------------------------------------- resource "aws_cloudtrail" "global" { - name = var.cloudtrail_name - + name = var.cloudtrail_name cloud_watch_logs_group_arn = var.cloudwatch_logs_enabled ? "${aws_cloudwatch_log_group.cloudtrail_events[0].arn}:*" : null cloud_watch_logs_role_arn = var.cloudwatch_logs_enabled ? aws_iam_role.cloudwatch_delivery[0].arn : null enable_log_file_validation = true diff --git a/modules/config-baseline/main.tf b/modules/config-baseline/main.tf index 777483f1..f8c92248 100644 --- a/modules/config-baseline/main.tf +++ b/modules/config-baseline/main.tf @@ -6,16 +6,14 @@ data "aws_region" "current" {} # -------------------------------------------------------------------------------------------------- resource "aws_sns_topic" "config" { - name = var.sns_topic_name - + name = var.sns_topic_name kms_master_key_id = var.sns_topic_kms_master_key_id tags = var.tags } resource "aws_sns_topic_policy" "config" { - arn = aws_sns_topic.config.arn - + arn = aws_sns_topic.config.arn policy = data.aws_iam_policy_document.config-sns-policy.json } @@ -38,8 +36,7 @@ data "aws_iam_policy_document" "config-sns-policy" { } resource "aws_config_configuration_recorder" "recorder" { - name = var.recorder_name - + name = var.recorder_name role_arn = var.iam_role_arn recording_group { @@ -49,8 +46,7 @@ resource "aws_config_configuration_recorder" "recorder" { } resource "aws_config_delivery_channel" "bucket" { - name = var.delivery_channel_name - + name = var.delivery_channel_name s3_bucket_name = var.s3_bucket_name s3_key_prefix = var.s3_key_prefix sns_topic_arn = aws_sns_topic.config.arn @@ -63,8 +59,8 @@ resource "aws_config_delivery_channel" "bucket" { } resource "aws_config_configuration_recorder_status" "recorder" { - name = aws_config_configuration_recorder.recorder.id - + name = aws_config_configuration_recorder.recorder.id is_enabled = true + depends_on = [aws_config_delivery_channel.bucket] } diff --git a/modules/guardduty-baseline/main.tf b/modules/guardduty-baseline/main.tf index d2b1229d..e478c5e1 100644 --- a/modules/guardduty-baseline/main.tf +++ b/modules/guardduty-baseline/main.tf @@ -23,9 +23,8 @@ resource "aws_guardduty_detector" "default" { resource "aws_guardduty_member" "members" { count = length(var.member_accounts) - detector_id = aws_guardduty_detector.default.id - invite = true - + detector_id = aws_guardduty_detector.default.id + invite = true account_id = var.member_accounts[count.index].account_id disable_email_notification = var.disable_email_notification email = var.member_accounts[count.index].email diff --git a/modules/iam-baseline/main.tf b/modules/iam-baseline/main.tf index 69081e86..f88b6464 100644 --- a/modules/iam-baseline/main.tf +++ b/modules/iam-baseline/main.tf @@ -3,6 +3,8 @@ # -------------------------------------------------------------------------------------------------- resource "aws_iam_account_password_policy" "default" { + count = var.create_password_policy ? 1 : 0 + minimum_password_length = var.minimum_password_length password_reuse_prevention = var.password_reuse_prevention require_lowercase_characters = var.require_lowercase_characters @@ -11,7 +13,6 @@ resource "aws_iam_account_password_policy" "default" { require_symbols = var.require_symbols allow_users_to_change_password = var.allow_users_to_change_password max_password_age = var.max_password_age - count = var.create_password_policy ? 1 : 0 } # -------------------------------------------------------------------------------------------------- @@ -28,16 +29,18 @@ data "aws_iam_policy_document" "support_assume_policy" { } resource "aws_iam_role" "support" { + count = var.create_support_role ? 1 : 0 + name = var.support_iam_role_name assume_role_policy = data.aws_iam_policy_document.support_assume_policy.json - count = var.create_support_role ? 1 : 0 tags = var.tags } resource "aws_iam_role_policy_attachment" "support_policy" { + count = var.create_support_role ? 1 : 0 + role = aws_iam_role.support[0].id policy_arn = "arn:aws:iam::aws:policy/AWSSupportAccess" - count = var.create_support_role ? 1 : 0 } diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf index aa7ef1fa..3baa4779 100644 --- a/modules/secure-bucket/main.tf +++ b/modules/secure-bucket/main.tf @@ -23,9 +23,9 @@ data "aws_iam_policy_document" "access_log_policy" { resource "aws_s3_bucket" "access_log" { count = var.enabled ? 1 : 0 - bucket = var.log_bucket_name - - acl = "log-delivery-write" + acl = "log-delivery-write" + bucket = var.log_bucket_name + force_destroy = var.force_destroy server_side_encryption_configuration { rule { @@ -34,7 +34,6 @@ resource "aws_s3_bucket" "access_log" { } } } - force_destroy = var.force_destroy lifecycle_rule { id = "auto-archive" @@ -65,8 +64,7 @@ resource "aws_s3_bucket_policy" "access_log_policy" { resource "aws_s3_bucket_public_access_block" "access_log" { count = var.enabled ? 1 : 0 - bucket = aws_s3_bucket.access_log[0].id - + bucket = aws_s3_bucket.access_log[0].id block_public_acls = true block_public_policy = true ignore_public_acls = true @@ -76,8 +74,7 @@ resource "aws_s3_bucket_public_access_block" "access_log" { resource "aws_s3_bucket" "content" { count = var.enabled ? 1 : 0 - bucket = var.bucket_name - + bucket = var.bucket_name acl = "private" force_destroy = var.force_destroy @@ -128,8 +125,7 @@ resource "aws_s3_bucket" "content" { resource "aws_s3_bucket_public_access_block" "content" { count = var.enabled ? 1 : 0 - bucket = aws_s3_bucket.content[0].id - + bucket = aws_s3_bucket.content[0].id block_public_acls = true block_public_policy = true ignore_public_acls = true diff --git a/vpc_baselines.tf b/vpc_baselines.tf index ba364029..3f4ab34b 100644 --- a/vpc_baselines.tf +++ b/vpc_baselines.tf @@ -77,7 +77,6 @@ module "vpc_baseline_ap-northeast-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -97,7 +96,6 @@ module "vpc_baseline_ap-northeast-2" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -117,7 +115,6 @@ module "vpc_baseline_ap-northeast-3" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -137,7 +134,6 @@ module "vpc_baseline_ap-south-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -157,7 +153,6 @@ module "vpc_baseline_ap-southeast-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -177,7 +172,6 @@ module "vpc_baseline_ap-southeast-2" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -197,7 +191,6 @@ module "vpc_baseline_ca-central-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -217,7 +210,6 @@ module "vpc_baseline_eu-central-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -237,7 +229,6 @@ module "vpc_baseline_eu-north-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -257,7 +248,6 @@ module "vpc_baseline_eu-west-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -277,7 +267,6 @@ module "vpc_baseline_eu-west-2" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -297,7 +286,6 @@ module "vpc_baseline_eu-west-3" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -317,7 +305,6 @@ module "vpc_baseline_sa-east-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -337,7 +324,6 @@ module "vpc_baseline_us-east-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -357,7 +343,6 @@ module "vpc_baseline_us-east-2" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -377,7 +362,6 @@ module "vpc_baseline_us-west-1" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } @@ -397,6 +381,5 @@ module "vpc_baseline_us-west-2" { flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix - tags = var.tags } From 1e088b417e0164459c464cffc82acc85a85692af Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 9 Jan 2022 21:00:31 +0900 Subject: [PATCH 12/66] refactor: re-organize locals (#243) --- bucket.tf | 6 +-- modules/vpc-baseline/main.tf | 9 ++-- modules/vpc-baseline/outputs.tf | 2 +- outputs.tf | 4 +- variables.tf | 1 - vpc_baselines.tf | 83 ++++++++++++++++----------------- 6 files changed, 50 insertions(+), 55 deletions(-) diff --git a/bucket.tf b/bucket.tf index 8a272647..265a4bbe 100644 --- a/bucket.tf +++ b/bucket.tf @@ -10,8 +10,6 @@ locals { audit_log_cloudtrail_destination = join("/", [local.audit_log_bucket_arn, trim(var.cloudtrail_s3_key_prefix, "/")]) audit_log_config_destination = join("/", [local.audit_log_bucket_arn, trim(var.config_s3_bucket_key_prefix, "/")]) audit_log_flow_logs_destination = join("/", [local.audit_log_bucket_arn, trim(var.vpc_flow_logs_s3_key_prefix, "/")]) - - flow_logs_use_s3 = var.vpc_flow_logs_destination_type == "s3" } # -------------------------------------------------------------------------------------------------- @@ -213,7 +211,7 @@ data "aws_iam_policy_document" "audit_log_config" { # https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.html#flow-logs-s3-permissions # -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "audit_log_flow_logs" { - count = !local.use_external_bucket && local.flow_logs_use_s3 ? 1 : 0 + count = !local.use_external_bucket && local.flow_logs_to_s3 ? 1 : 0 source_json = data.aws_iam_policy_document.audit_log_config[0].json @@ -250,7 +248,7 @@ data "aws_iam_policy_document" "audit_log_flow_logs" { data "aws_iam_policy_document" "audit_log" { count = local.use_external_bucket ? 0 : 1 - source_json = local.flow_logs_use_s3 ? data.aws_iam_policy_document.audit_log_flow_logs[0].json : data.aws_iam_policy_document.audit_log_config[0].json + source_json = local.flow_logs_to_s3 ? data.aws_iam_policy_document.audit_log_flow_logs[0].json : data.aws_iam_policy_document.audit_log_config[0].json override_json = var.audit_log_bucket_custom_policy_json } diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index fea4edd7..5151b696 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -1,6 +1,5 @@ locals { - is_cw_logs = var.enable_flow_logs && var.flow_logs_destination_type == "cloud-watch-logs" - s3_destination_arn = "${var.flow_logs_s3_arn}/${var.flow_logs_s3_key_prefix}" + flow_logs_to_cw_logs = var.enable_flow_logs && var.flow_logs_destination_type == "cloud-watch-logs" } data "aws_availability_zones" "all" { @@ -23,7 +22,7 @@ data "aws_subnet" "default" { # -------------------------------------------------------------------------------------------------- resource "aws_cloudwatch_log_group" "default_vpc_flow_logs" { - count = var.enable_flow_logs && local.is_cw_logs ? 1 : 0 + count = var.enable_flow_logs && local.flow_logs_to_cw_logs ? 1 : 0 name = var.flow_logs_log_group_name retention_in_days = var.flow_logs_retention_in_days @@ -35,8 +34,8 @@ resource "aws_flow_log" "default_vpc_flow_logs" { count = var.enable_flow_logs ? 1 : 0 log_destination_type = var.flow_logs_destination_type - log_destination = local.is_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0].arn : local.s3_destination_arn - iam_role_arn = local.is_cw_logs ? var.flow_logs_iam_role_arn : null + log_destination = local.flow_logs_to_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0].arn : "${var.flow_logs_s3_arn}/${var.flow_logs_s3_key_prefix}" + iam_role_arn = local.flow_logs_to_cw_logs ? var.flow_logs_iam_role_arn : null vpc_id = aws_default_vpc.default.id traffic_type = "ALL" diff --git a/modules/vpc-baseline/outputs.tf b/modules/vpc-baseline/outputs.tf index c6a6b069..b446115b 100644 --- a/modules/vpc-baseline/outputs.tf +++ b/modules/vpc-baseline/outputs.tf @@ -20,5 +20,5 @@ output "default_route_table" { output "vpc_flow_logs_group" { description = "The CloudWatch Logs log group which stores VPC Flow Logs." - value = local.is_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0] : null + value = local.flow_logs_to_cw_logs ? aws_cloudwatch_log_group.default_vpc_flow_logs[0] : null } diff --git a/outputs.tf b/outputs.tf index b7430d1f..2be54fcf 100644 --- a/outputs.tf +++ b/outputs.tf @@ -143,13 +143,13 @@ output "support_iam_role" { output "vpc_flow_logs_iam_role" { description = "The IAM role used for delivering VPC Flow Logs to CloudWatch Logs." - value = local.is_cw_logs ? aws_iam_role.flow_logs_publisher : null + value = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher : null } output "vpc_flow_logs_group" { description = "The CloudWatch Logs log group which stores VPC Flow Logs in each region." - value = local.is_cw_logs ? { + value = local.flow_logs_to_cw_logs ? { "ap-northeast-1" = one(module.vpc_baseline_ap-northeast-1[*].vpc_flow_logs_group) "ap-northeast-2" = one(module.vpc_baseline_ap-northeast-2[*].vpc_flow_logs_group) "ap-northeast-3" = one(module.vpc_baseline_ap-northeast-3[*].vpc_flow_logs_group) diff --git a/variables.tf b/variables.tf index 7af3cd4d..e1680dab 100644 --- a/variables.tf +++ b/variables.tf @@ -1,7 +1,6 @@ # -------------------------------------------------------------------------------------------------- # Variables for root module. # -------------------------------------------------------------------------------------------------- - variable "aws_account_id" { description = "The AWS Account ID number of the account." } diff --git a/vpc_baselines.tf b/vpc_baselines.tf index 3f4ab34b..e08516dd 100644 --- a/vpc_baselines.tf +++ b/vpc_baselines.tf @@ -1,8 +1,7 @@ locals { - is_enabled = var.vpc_enable - is_cw_logs = local.is_enabled && var.vpc_enable_flow_logs && (var.vpc_flow_logs_destination_type == "cloud-watch-logs") - is_s3 = local.is_enabled && var.vpc_enable_flow_logs && (var.vpc_flow_logs_destination_type == "s3") - flow_logs_s3_arn = local.is_s3 ? ( + flow_logs_to_cw_logs = var.vpc_enable && var.vpc_enable_flow_logs && (var.vpc_flow_logs_destination_type == "cloud-watch-logs") + flow_logs_to_s3 = var.vpc_enable && var.vpc_enable_flow_logs && (var.vpc_flow_logs_destination_type == "s3") + flow_logs_s3_arn = local.flow_logs_to_s3 ? ( var.vpc_flow_logs_s3_arn != "" ? var.vpc_flow_logs_s3_arn : local.audit_log_bucket_arn ) : "" } @@ -12,7 +11,7 @@ locals { # Reference: https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-logs-iam # -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "flow_logs_publisher_assume_role_policy" { - count = local.is_cw_logs ? 1 : 0 + count = local.flow_logs_to_cw_logs ? 1 : 0 statement { principals { @@ -24,7 +23,7 @@ data "aws_iam_policy_document" "flow_logs_publisher_assume_role_policy" { } resource "aws_iam_role" "flow_logs_publisher" { - count = local.is_cw_logs ? 1 : 0 + count = local.flow_logs_to_cw_logs ? 1 : 0 name = var.vpc_iam_role_name assume_role_policy = data.aws_iam_policy_document.flow_logs_publisher_assume_role_policy[0].json @@ -33,7 +32,7 @@ resource "aws_iam_role" "flow_logs_publisher" { } data "aws_iam_policy_document" "flow_logs_publish_policy" { - count = local.is_cw_logs ? 1 : 0 + count = local.flow_logs_to_cw_logs ? 1 : 0 statement { actions = [ @@ -48,7 +47,7 @@ data "aws_iam_policy_document" "flow_logs_publish_policy" { } resource "aws_iam_role_policy" "flow_logs_publish_policy" { - count = local.is_cw_logs ? 1 : 0 + count = local.flow_logs_to_cw_logs ? 1 : 0 name = var.vpc_iam_role_policy_name role = aws_iam_role.flow_logs_publisher[0].id @@ -62,7 +61,7 @@ resource "aws_iam_role_policy" "flow_logs_publish_policy" { # -------------------------------------------------------------------------------------------------- module "vpc_baseline_ap-northeast-1" { - count = local.is_enabled && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -72,7 +71,7 @@ module "vpc_baseline_ap-northeast-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -81,7 +80,7 @@ module "vpc_baseline_ap-northeast-1" { } module "vpc_baseline_ap-northeast-2" { - count = local.is_enabled && contains(var.target_regions, "ap-northeast-2") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ap-northeast-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -91,7 +90,7 @@ module "vpc_baseline_ap-northeast-2" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -100,7 +99,7 @@ module "vpc_baseline_ap-northeast-2" { } module "vpc_baseline_ap-northeast-3" { - count = local.is_enabled && contains(var.target_regions, "ap-northeast-3") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ap-northeast-3") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -110,7 +109,7 @@ module "vpc_baseline_ap-northeast-3" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -119,7 +118,7 @@ module "vpc_baseline_ap-northeast-3" { } module "vpc_baseline_ap-south-1" { - count = local.is_enabled && contains(var.target_regions, "ap-south-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ap-south-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -129,7 +128,7 @@ module "vpc_baseline_ap-south-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -138,7 +137,7 @@ module "vpc_baseline_ap-south-1" { } module "vpc_baseline_ap-southeast-1" { - count = local.is_enabled && contains(var.target_regions, "ap-southeast-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ap-southeast-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -148,7 +147,7 @@ module "vpc_baseline_ap-southeast-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -157,7 +156,7 @@ module "vpc_baseline_ap-southeast-1" { } module "vpc_baseline_ap-southeast-2" { - count = local.is_enabled && contains(var.target_regions, "ap-southeast-2") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ap-southeast-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -167,7 +166,7 @@ module "vpc_baseline_ap-southeast-2" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -176,7 +175,7 @@ module "vpc_baseline_ap-southeast-2" { } module "vpc_baseline_ca-central-1" { - count = local.is_enabled && contains(var.target_regions, "ca-central-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "ca-central-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -186,7 +185,7 @@ module "vpc_baseline_ca-central-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -195,7 +194,7 @@ module "vpc_baseline_ca-central-1" { } module "vpc_baseline_eu-central-1" { - count = local.is_enabled && contains(var.target_regions, "eu-central-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "eu-central-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -205,7 +204,7 @@ module "vpc_baseline_eu-central-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -214,7 +213,7 @@ module "vpc_baseline_eu-central-1" { } module "vpc_baseline_eu-north-1" { - count = local.is_enabled && contains(var.target_regions, "eu-north-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "eu-north-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -224,7 +223,7 @@ module "vpc_baseline_eu-north-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -233,7 +232,7 @@ module "vpc_baseline_eu-north-1" { } module "vpc_baseline_eu-west-1" { - count = local.is_enabled && contains(var.target_regions, "eu-west-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "eu-west-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -243,7 +242,7 @@ module "vpc_baseline_eu-west-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -252,7 +251,7 @@ module "vpc_baseline_eu-west-1" { } module "vpc_baseline_eu-west-2" { - count = local.is_enabled && contains(var.target_regions, "eu-west-2") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "eu-west-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -262,7 +261,7 @@ module "vpc_baseline_eu-west-2" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -271,7 +270,7 @@ module "vpc_baseline_eu-west-2" { } module "vpc_baseline_eu-west-3" { - count = local.is_enabled && contains(var.target_regions, "eu-west-3") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "eu-west-3") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -281,7 +280,7 @@ module "vpc_baseline_eu-west-3" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -290,7 +289,7 @@ module "vpc_baseline_eu-west-3" { } module "vpc_baseline_sa-east-1" { - count = local.is_enabled && contains(var.target_regions, "sa-east-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "sa-east-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -300,7 +299,7 @@ module "vpc_baseline_sa-east-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -309,7 +308,7 @@ module "vpc_baseline_sa-east-1" { } module "vpc_baseline_us-east-1" { - count = local.is_enabled && contains(var.target_regions, "us-east-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "us-east-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -319,7 +318,7 @@ module "vpc_baseline_us-east-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -328,7 +327,7 @@ module "vpc_baseline_us-east-1" { } module "vpc_baseline_us-east-2" { - count = local.is_enabled && contains(var.target_regions, "us-east-2") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "us-east-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -338,7 +337,7 @@ module "vpc_baseline_us-east-2" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -347,7 +346,7 @@ module "vpc_baseline_us-east-2" { } module "vpc_baseline_us-west-1" { - count = local.is_enabled && contains(var.target_regions, "us-west-1") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "us-west-1") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -357,7 +356,7 @@ module "vpc_baseline_us-west-1" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix @@ -366,7 +365,7 @@ module "vpc_baseline_us-west-1" { } module "vpc_baseline_us-west-2" { - count = local.is_enabled && contains(var.target_regions, "us-west-2") ? 1 : 0 + count = var.vpc_enable && contains(var.target_regions, "us-west-2") ? 1 : 0 source = "./modules/vpc-baseline" providers = { @@ -376,7 +375,7 @@ module "vpc_baseline_us-west-2" { enable_flow_logs = var.vpc_enable_flow_logs flow_logs_destination_type = var.vpc_flow_logs_destination_type flow_logs_log_group_name = var.vpc_flow_logs_log_group_name - flow_logs_iam_role_arn = local.is_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null + flow_logs_iam_role_arn = local.flow_logs_to_cw_logs ? aws_iam_role.flow_logs_publisher[0].arn : null flow_logs_retention_in_days = var.vpc_flow_logs_retention_in_days flow_logs_s3_arn = local.flow_logs_s3_arn flow_logs_s3_key_prefix = var.vpc_flow_logs_s3_key_prefix From 2b8cc0ec77b831db6598c99645b6285644c465fe Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 9 Jan 2022 21:16:34 +0900 Subject: [PATCH 13/66] style: apply consistent comment style (#244) --- analyzer_baselines.tf | 1 + bucket.tf | 11 +++-------- config_baselines.tf | 2 ++ ebs_baselines.tf | 3 ++- guardduty_baselines.tf | 1 + migrations.tf | 1 + modules/alarm-baseline/migrations.tf | 1 + modules/analyzer-baseline/migrations.tf | 1 + modules/cloudtrail-baseline/main.tf | 4 ---- modules/cloudtrail-baseline/migrations.tf | 1 + modules/config-baseline/migrations.tf | 1 + modules/ebs-baseline/main.tf | 3 --- modules/ebs-baseline/migrations.tf | 1 + modules/ebs-baseline/variables.tf | 0 modules/guardduty-baseline/main.tf | 4 ---- modules/guardduty-baseline/migrations.tf | 1 + modules/iam-baseline/main.tf | 1 + modules/s3-baseline/main.tf | 3 --- modules/securityhub-baseline/main.tf | 15 +++++---------- modules/securityhub-baseline/migrations.tf | 1 + modules/vpc-baseline/migrations.tf | 1 + modules/vpc-baseline/variables.tf | 2 ++ securityhub_baselines.tf | 1 + variables.tf | 11 +++++++++++ vpc_baselines.tf | 1 + 25 files changed, 39 insertions(+), 33 deletions(-) delete mode 100644 modules/ebs-baseline/variables.tf diff --git a/analyzer_baselines.tf b/analyzer_baselines.tf index 4e3022c1..1af69a50 100644 --- a/analyzer_baselines.tf +++ b/analyzer_baselines.tf @@ -5,6 +5,7 @@ locals { # -------------------------------------------------------------------------------------------------- # Analyzer Baseline # -------------------------------------------------------------------------------------------------- + module "analyzer_baseline_ap-northeast-1" { count = local.is_analyzer_enabled && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/analyzer-baseline" diff --git a/bucket.tf b/bucket.tf index 265a4bbe..35e55e5c 100644 --- a/bucket.tf +++ b/bucket.tf @@ -1,6 +1,7 @@ # -------------------------------------------------------------------------------------------------- # Configure the S3 bucket to store audit logs. # -------------------------------------------------------------------------------------------------- + locals { use_external_bucket = var.use_external_audit_log_bucket @@ -15,6 +16,7 @@ locals { # -------------------------------------------------------------------------------------------------- # Case 1. Use the external S3 bucket. # -------------------------------------------------------------------------------------------------- + data "aws_s3_bucket" "external" { count = local.use_external_bucket ? 1 : 0 @@ -27,6 +29,7 @@ data "aws_s3_bucket" "external" { # Create a S3 bucket to store various audit logs. # Bucket policies are derived from the default bucket policy and official AWS documents. # -------------------------------------------------------------------------------------------------- + module "audit_log_bucket" { source = "./modules/secure-bucket" @@ -46,10 +49,8 @@ data "aws_organizations_organization" "org" { count = local.is_individual_account ? 0 : 1 } -# -------------------------------------------------------------------------------------------------- # Apply policies to enforce SSL connections. # https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-ssl-requests-only.html -# -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "audit_log_base" { count = local.use_external_bucket ? 0 : 1 @@ -72,10 +73,8 @@ data "aws_iam_policy_document" "audit_log_base" { } } -# -------------------------------------------------------------------------------------------------- # Apply policies for CloudTrail log delivery based on AWS CloudTrail User Guide. # https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create-s3-bucket-policy-for-cloudtrail.html -# -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "audit_log_cloud_trail" { count = local.use_external_bucket ? 0 : 1 @@ -110,10 +109,8 @@ data "aws_iam_policy_document" "audit_log_cloud_trail" { } } -# -------------------------------------------------------------------------------------------------- # Apply policies for AWS Config log delivery based on AWS Config Developer Guide. # https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html -# -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "audit_log_config" { count = local.use_external_bucket ? 0 : 1 @@ -205,11 +202,9 @@ data "aws_iam_policy_document" "audit_log_config" { } } -# -------------------------------------------------------------------------------------------------- # Apply policies for AWS Config log delivery based on Amazon Virtual Private Cloud User Guide. # This policy is necessary only when the log destination of VPC Flow Logs is set to S3. # https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.html#flow-logs-s3-permissions -# -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "audit_log_flow_logs" { count = !local.use_external_bucket && local.flow_logs_to_s3 ? 1 : 0 diff --git a/config_baselines.tf b/config_baselines.tf index d4848378..6adf49bf 100644 --- a/config_baselines.tf +++ b/config_baselines.tf @@ -24,6 +24,7 @@ locals { # Create an IAM Role for AWS Config recorder to publish results and send notifications. # Reference: https://docs.aws.amazon.com/config/latest/developerguide/gs-cli-prereq.html#gs-cli-create-iamrole # -------------------------------------------------------------------------------------------------- + data "aws_iam_policy_document" "recorder_assume_role_policy" { count = var.config_baseline_enabled ? 1 : 0 @@ -96,6 +97,7 @@ resource "aws_iam_role_policy_attachment" "recorder_read_policy" { # Needs to be set up in each region. # Global resource types are only recorded in the region specified by var.region. # -------------------------------------------------------------------------------------------------- + module "config_baseline_ap-northeast-1" { count = var.config_baseline_enabled && contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/config-baseline" diff --git a/ebs_baselines.tf b/ebs_baselines.tf index 51091ab5..3da9c5ea 100644 --- a/ebs_baselines.tf +++ b/ebs_baselines.tf @@ -1,6 +1,7 @@ # -------------------------------------------------------------------------------------------------- -# SecurityHub Baseline +# EBS Baseline # -------------------------------------------------------------------------------------------------- + module "ebs_baseline_ap-northeast-1" { count = contains(var.target_regions, "ap-northeast-1") ? 1 : 0 source = "./modules/ebs-baseline" diff --git a/guardduty_baselines.tf b/guardduty_baselines.tf index 48d2bd89..1d88499f 100644 --- a/guardduty_baselines.tf +++ b/guardduty_baselines.tf @@ -3,6 +3,7 @@ # Needs to be set up in each region. # This is an extra configuration which is not included in CIS benchmark. # -------------------------------------------------------------------------------------------------- + locals { guardduty_master_account_id = var.master_account_id guardduty_member_accounts = var.member_accounts diff --git a/migrations.tf b/migrations.tf index a8e46321..8ba8fc14 100644 --- a/migrations.tf +++ b/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Replacing `enabled` argument in each sub-module with `count` meta-argument. # -------------------------------------------------------------------------------------------------- + moved { from = module.cloudtrail_baseline to = module.cloudtrail_baseline[0] diff --git a/modules/alarm-baseline/migrations.tf b/modules/alarm-baseline/migrations.tf index 60065478..ccbd1d1f 100644 --- a/modules/alarm-baseline/migrations.tf +++ b/modules/alarm-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_sns_topic.alarms[0] to = aws_sns_topic.alarms diff --git a/modules/analyzer-baseline/migrations.tf b/modules/analyzer-baseline/migrations.tf index 48abae80..0228cb37 100644 --- a/modules/analyzer-baseline/migrations.tf +++ b/modules/analyzer-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_accessanalyzer_analyzer.default[0] to = aws_accessanalyzer_analyzer.default diff --git a/modules/cloudtrail-baseline/main.tf b/modules/cloudtrail-baseline/main.tf index f161cb50..5b1b17bb 100644 --- a/modules/cloudtrail-baseline/main.tf +++ b/modules/cloudtrail-baseline/main.tf @@ -10,11 +10,9 @@ resource "aws_cloudwatch_log_group" "cloudtrail_events" { tags = var.tags } -# -------------------------------------------------------------------------------------------------- # IAM Role to deliver CloudTrail events to CloudWatch Logs group. # The policy was derived from the default key policy descrived in AWS CloudTrail User Guide. # https://docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html -# -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "cloudwatch_delivery_assume_policy" { statement { principals { @@ -58,11 +56,9 @@ resource "aws_iam_role_policy" "cloudwatch_delivery_policy" { policy = data.aws_iam_policy_document.cloudwatch_delivery_policy[0].json } -# -------------------------------------------------------------------------------------------------- # KMS Key to encrypt CloudTrail events. # The policy was derived from the default key policy described in AWS CloudTrail User Guide. # https://docs.aws.amazon.com/awscloudtrail/latest/userguide/default-cmk-policy.html -# -------------------------------------------------------------------------------------------------- data "aws_iam_policy_document" "cloudtrail_key_policy" { policy_id = "Key policy created by CloudTrail" diff --git a/modules/cloudtrail-baseline/migrations.tf b/modules/cloudtrail-baseline/migrations.tf index d256924d..e6143138 100644 --- a/modules/cloudtrail-baseline/migrations.tf +++ b/modules/cloudtrail-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_kms_key.cloudtrail[0] to = aws_kms_key.cloudtrail diff --git a/modules/config-baseline/migrations.tf b/modules/config-baseline/migrations.tf index 5e062c52..4719799c 100644 --- a/modules/config-baseline/migrations.tf +++ b/modules/config-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_sns_topic.config[0] to = aws_sns_topic.config diff --git a/modules/ebs-baseline/main.tf b/modules/ebs-baseline/main.tf index ce108c13..1a20ec8f 100644 --- a/modules/ebs-baseline/main.tf +++ b/modules/ebs-baseline/main.tf @@ -1,6 +1,3 @@ -# -------------------------------------------------------------------------------------------------- -# Enable Default EBS Encryption -# -------------------------------------------------------------------------------------------------- resource "aws_ebs_encryption_by_default" "this" { enabled = true } diff --git a/modules/ebs-baseline/migrations.tf b/modules/ebs-baseline/migrations.tf index c12b94ba..7e802c77 100644 --- a/modules/ebs-baseline/migrations.tf +++ b/modules/ebs-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_ebs_encryption_by_default.this[0] to = aws_ebs_encryption_by_default.this diff --git a/modules/ebs-baseline/variables.tf b/modules/ebs-baseline/variables.tf deleted file mode 100644 index e69de29b..00000000 diff --git a/modules/guardduty-baseline/main.tf b/modules/guardduty-baseline/main.tf index e478c5e1..1bb6d4df 100644 --- a/modules/guardduty-baseline/main.tf +++ b/modules/guardduty-baseline/main.tf @@ -1,7 +1,3 @@ -# -------------------------------------------------------------------------------------------------- -# Enables GuardDuty. -# -------------------------------------------------------------------------------------------------- - resource "aws_guardduty_detector" "default" { enable = true finding_publishing_frequency = var.finding_publishing_frequency diff --git a/modules/guardduty-baseline/migrations.tf b/modules/guardduty-baseline/migrations.tf index 76cad35e..1c11e822 100644 --- a/modules/guardduty-baseline/migrations.tf +++ b/modules/guardduty-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_guardduty_detector.default[0] to = aws_guardduty_detector.default diff --git a/modules/iam-baseline/main.tf b/modules/iam-baseline/main.tf index f88b6464..98bd7706 100644 --- a/modules/iam-baseline/main.tf +++ b/modules/iam-baseline/main.tf @@ -18,6 +18,7 @@ resource "aws_iam_account_password_policy" "default" { # -------------------------------------------------------------------------------------------------- # Support Role # -------------------------------------------------------------------------------------------------- + data "aws_iam_policy_document" "support_assume_policy" { statement { principals { diff --git a/modules/s3-baseline/main.tf b/modules/s3-baseline/main.tf index 503202b3..a4e2a522 100644 --- a/modules/s3-baseline/main.tf +++ b/modules/s3-baseline/main.tf @@ -1,6 +1,3 @@ -# -------------------------------------------------------------------------------------------------- -# S3 account-level Public Access Block -# -------------------------------------------------------------------------------------------------- resource "aws_s3_account_public_access_block" "this" { block_public_acls = var.block_public_acls block_public_policy = var.block_public_policy diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf index 70a159dc..390b3310 100644 --- a/modules/securityhub-baseline/main.tf +++ b/modules/securityhub-baseline/main.tf @@ -3,6 +3,7 @@ data "aws_region" "current" {} # -------------------------------------------------------------------------------------------------- # Enable SecurityHub # -------------------------------------------------------------------------------------------------- + resource "aws_securityhub_account" "main" { } @@ -17,6 +18,7 @@ resource "aws_securityhub_finding_aggregator" "main" { # -------------------------------------------------------------------------------------------------- # Add member accounts # -------------------------------------------------------------------------------------------------- + resource "aws_securityhub_member" "members" { count = length(var.member_accounts) @@ -27,8 +29,9 @@ resource "aws_securityhub_member" "members" { } # -------------------------------------------------------------------------------------------------- -# Subscribe CIS benchmark +# Subscribe standards # -------------------------------------------------------------------------------------------------- + resource "aws_securityhub_standards_subscription" "cis" { count = var.enable_cis_standard ? 1 : 0 @@ -37,9 +40,6 @@ resource "aws_securityhub_standards_subscription" "cis" { depends_on = [aws_securityhub_account.main] } -# -------------------------------------------------------------------------------------------------- -# Subscribe AWS foundational security best practices standard -# -------------------------------------------------------------------------------------------------- resource "aws_securityhub_standards_subscription" "aws_foundational" { count = var.enable_aws_foundational_standard ? 1 : 0 @@ -48,9 +48,6 @@ resource "aws_securityhub_standards_subscription" "aws_foundational" { depends_on = [aws_securityhub_account.main] } -# -------------------------------------------------------------------------------------------------- -# Subscribe PCI DSS standard -# -------------------------------------------------------------------------------------------------- resource "aws_securityhub_standards_subscription" "pci_dss" { count = var.enable_pci_dss_standard ? 1 : 0 @@ -59,9 +56,7 @@ resource "aws_securityhub_standards_subscription" "pci_dss" { depends_on = [aws_securityhub_account.main] } -# -------------------------------------------------------------------------------------------------- -# Subscribe to 3rd party products -# -------------------------------------------------------------------------------------------------- +# 3rd party products resource "aws_securityhub_product_subscription" "products" { count = length(var.enable_product_arns) diff --git a/modules/securityhub-baseline/migrations.tf b/modules/securityhub-baseline/migrations.tf index bf0d1408..9388b177 100644 --- a/modules/securityhub-baseline/migrations.tf +++ b/modules/securityhub-baseline/migrations.tf @@ -3,6 +3,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_securityhub_account.main[0] to = aws_securityhub_account.main diff --git a/modules/vpc-baseline/migrations.tf b/modules/vpc-baseline/migrations.tf index 363c5c26..343a55b6 100644 --- a/modules/vpc-baseline/migrations.tf +++ b/modules/vpc-baseline/migrations.tf @@ -2,6 +2,7 @@ # Migrations to 0.31.0 # Removing `enabled` argument. # -------------------------------------------------------------------------------------------------- + moved { from = aws_default_vpc.default[0] to = aws_default_vpc.default diff --git a/modules/vpc-baseline/variables.tf b/modules/vpc-baseline/variables.tf index 79bf944c..85f3fd11 100644 --- a/modules/vpc-baseline/variables.tf +++ b/modules/vpc-baseline/variables.tf @@ -11,6 +11,7 @@ variable "flow_logs_destination_type" { # -------------------------------------------------------------------------------------------------- # Variables for CloudWatch Logs logging. # -------------------------------------------------------------------------------------------------- + variable "flow_logs_log_group_name" { description = "The name of CloudWatch Logs group to which VPC Flow Logs are delivered if vpc_log_destination_type is cloud-watch-logs." default = "" @@ -29,6 +30,7 @@ variable "flow_logs_retention_in_days" { # -------------------------------------------------------------------------------------------------- # Variables for S3 logging. # -------------------------------------------------------------------------------------------------- + variable "flow_logs_s3_arn" { description = "The ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc_log_destination_type is s3." default = "" diff --git a/securityhub_baselines.tf b/securityhub_baselines.tf index cc7bdf9b..e0c4667b 100644 --- a/securityhub_baselines.tf +++ b/securityhub_baselines.tf @@ -1,6 +1,7 @@ # -------------------------------------------------------------------------------------------------- # SecurityHub Baseline # -------------------------------------------------------------------------------------------------- + locals { securityhub_member_accounts = var.member_accounts } diff --git a/variables.tf b/variables.tf index e1680dab..09460a6e 100644 --- a/variables.tf +++ b/variables.tf @@ -1,6 +1,7 @@ # -------------------------------------------------------------------------------------------------- # Variables for root module. # -------------------------------------------------------------------------------------------------- + variable "aws_account_id" { description = "The AWS Account ID number of the account." } @@ -60,6 +61,7 @@ variable "tags" { # -------------------------------------------------------------------------------------------------- # Variables for audit log bucket configurations. # -------------------------------------------------------------------------------------------------- + variable "audit_log_bucket_name" { description = "The name of the S3 bucket to store various audit logs." } @@ -92,6 +94,7 @@ variable "use_external_audit_log_bucket" { # -------------------------------------------------------------------------------------------------- # Variables for iam-baseline module. # -------------------------------------------------------------------------------------------------- + variable "iam_baseline_enabled" { description = "Boolean whether iam-baseline is enabled." default = true @@ -199,6 +202,7 @@ variable "allow_users_to_change_password" { # -------------------------------------------------------------------------------------------------- # Variables for vpc-baseline module. # -------------------------------------------------------------------------------------------------- + variable "vpc_enable" { description = "Boolean whether the VPC baseline module should be enabled" default = true @@ -248,6 +252,7 @@ variable "vpc_flow_logs_s3_key_prefix" { # -------------------------------------------------------------------------------------------------- # Variables for config-baseline module. # -------------------------------------------------------------------------------------------------- + variable "config_baseline_enabled" { description = "Boolean whether config-baseline is enabled." default = true @@ -301,6 +306,7 @@ variable "config_global_resources_all_regions" { # -------------------------------------------------------------------------------------------------- # Variables for cloudtrail-baseline module. # -------------------------------------------------------------------------------------------------- + variable "cloudtrail_baseline_enabled" { description = "Boolean whether cloudtrail-baseline is enabled." default = true @@ -374,6 +380,7 @@ variable "cloudtrail_lambda_invocation_logging_lambdas" { # -------------------------------------------------------------------------------------------------- # Variables for alarm-baseline module. # -------------------------------------------------------------------------------------------------- + variable "alarm_baseline_enabled" { description = "Boolean whether alarm-baseline is enabled." default = true @@ -477,6 +484,7 @@ variable "organizations_changes_enabled" { # -------------------------------------------------------------------------------------------------- # Variables for guardduty-baseline module. # -------------------------------------------------------------------------------------------------- + variable "guardduty_enabled" { description = "Boolean whether the guardduty-baseline module is enabled or disabled" default = true @@ -500,6 +508,7 @@ variable "guardduty_invitation_message" { # -------------------------------------------------------------------------------------------------- # Variables for s3-baseline module. # -------------------------------------------------------------------------------------------------- + variable "s3_baseline_enabled" { description = "Boolean whether s3-baseline is enabled." default = true @@ -528,6 +537,7 @@ variable "s3_restrict_public_buckets" { # -------------------------------------------------------------------------------------------------- # Variables for securityhub-baseline module. # -------------------------------------------------------------------------------------------------- + variable "securityhub_enabled" { description = "Boolean whether the securityhub-baseline module is enabled or disabled" default = true @@ -557,6 +567,7 @@ variable "securityhub_enable_product_arns" { # -------------------------------------------------------------------------------------------------- # Variables for analyzer-baseline module. # -------------------------------------------------------------------------------------------------- + variable "analyzer_baseline_enabled" { description = "Boolean whether analyzer-baseline is enabled." default = true diff --git a/vpc_baselines.tf b/vpc_baselines.tf index e08516dd..e050130f 100644 --- a/vpc_baselines.tf +++ b/vpc_baselines.tf @@ -10,6 +10,7 @@ locals { # Create an IAM Role for publishing VPC Flow Logs into CloudWatch Logs group. # Reference: https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-logs-iam # -------------------------------------------------------------------------------------------------- + data "aws_iam_policy_document" "flow_logs_publisher_assume_role_policy" { count = local.flow_logs_to_cw_logs ? 1 : 0 From ca731bd6e38cb61a3c219fe5b32a22ff159451bd Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 9 Jan 2022 21:39:30 +0900 Subject: [PATCH 14/66] style: replace `//` style comment (#245) --- modules/vpc-baseline/main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index 5151b696..7fcbce39 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -74,9 +74,9 @@ resource "aws_default_route_table" "default" { ) } -// Ignore "subnet_ids" changes to avoid the known issue below. -// https://github.com/hashicorp/terraform/issues/9824 -// https://github.com/terraform-providers/terraform-provider-aws/issues/346 +# Ignore "subnet_ids" changes to avoid the known issue below. +# https://github.com/hashicorp/terraform/issues/9824 +# https://github.com/terraform-providers/terraform-provider-aws/issues/346 resource "aws_default_network_acl" "default" { default_network_acl_id = aws_default_vpc.default.default_network_acl_id From d95aad58b3e356a9efab1fc3cb5f47e3fe92f08d Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 10 Jan 2022 08:11:41 +0900 Subject: [PATCH 15/66] refactor: add tflint checks (#246) * chore: add tflint in pre-commit hooks * refactor: remove unused variables * refactor: follow `terraform_standard_module_structure` rule * refactor: define type for variables * chore: add pre-commit checks to CI workflows * chore: apply terraform-doc config to submodules --- .github/workflows/main.yml | 16 ++- .pre-commit-config.yaml | 6 + .terraform-docs.yml | 1 + .tflint.hcl | 53 +++++++++ README.md | 29 ++--- examples/external-bucket/outputs.tf | 0 examples/external-bucket/variables.tf | 2 + examples/organization/master/outputs.tf | 0 examples/organization/master/variables.tf | 8 +- examples/organization/member/outputs.tf | 0 examples/organization/member/variables.tf | 6 +- examples/select-region/outputs.tf | 0 examples/select-region/variables.tf | 2 + examples/simple/outputs.tf | 0 examples/simple/variables.tf | 2 + main.tf | 4 - modules/alarm-baseline/README.md | 92 ++++----------- modules/alarm-baseline/variables.tf | 23 +++- modules/analyzer-baseline/README.md | 22 +--- modules/analyzer-baseline/outputs.tf | 0 modules/analyzer-baseline/variables.tf | 5 +- modules/cloudtrail-baseline/README.md | 64 ++++------ modules/cloudtrail-baseline/variables.tf | 21 +++- modules/config-baseline/README.md | 43 ++----- modules/config-baseline/variables.tf | 12 +- modules/ebs-baseline/README.md | 12 +- modules/ebs-baseline/outputs.tf | 0 modules/ebs-baseline/variables.tf | 0 modules/guardduty-baseline/README.md | 30 ++--- modules/guardduty-baseline/variables.tf | 7 +- modules/iam-baseline/README.md | 47 +++----- modules/iam-baseline/variables.tf | 25 ++-- modules/s3-baseline/README.md | 24 ++-- modules/s3-baseline/outputs.tf | 0 modules/s3-baseline/variables.tf | 4 + modules/secure-bucket/README.md | 35 ++---- modules/secure-bucket/variables.tf | 11 +- modules/securityhub-baseline/README.md | 35 ++---- modules/securityhub-baseline/outputs.tf | 0 modules/securityhub-baseline/variables.tf | 4 + modules/vpc-baseline/README.md | 41 ++----- modules/vpc-baseline/main.tf | 3 - modules/vpc-baseline/variables.tf | 10 +- test/fixtures/simple_local/outputs.tf | 0 test/fixtures/simple_local/variables.tf | 2 + test/fixtures/simple_registry/outputs.tf | 0 test/fixtures/simple_registry/variables.tf | 2 + variables.tf | 131 +++++++++++++++------ 48 files changed, 423 insertions(+), 411 deletions(-) create mode 100644 .tflint.hcl create mode 100644 examples/external-bucket/outputs.tf create mode 100644 examples/organization/master/outputs.tf create mode 100644 examples/organization/member/outputs.tf create mode 100644 examples/select-region/outputs.tf create mode 100644 examples/simple/outputs.tf create mode 100644 modules/analyzer-baseline/outputs.tf create mode 100644 modules/ebs-baseline/outputs.tf create mode 100644 modules/ebs-baseline/variables.tf create mode 100644 modules/s3-baseline/outputs.tf create mode 100644 modules/securityhub-baseline/outputs.tf create mode 100644 test/fixtures/simple_local/outputs.tf create mode 100644 test/fixtures/simple_registry/outputs.tf diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a27640bd..0f89bd26 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -5,16 +5,20 @@ on: - main pull_request: jobs: - check-format: - name: Check format + pre-commit-checks: + name: Pre-commit checks runs-on: ubuntu-latest steps: - - uses: hashicorp/setup-terraform@v1 - name: Checkout uses: actions/checkout@v2 - - name: "Terraform Format" - run: terraform fmt -check -recursive - + - name: Terraform min/max versions + id: minMax + uses: clowdhaus/terraform-min-max@v1.0.4 + - name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }} + uses: clowdhaus/terraform-composite-actions/pre-commit@v1.4.1 + with: + terraform-version: ${{ steps.minMax.outputs.maxVersion }} + terraform-docs-version: v0.16.0 validate-examples: name: Validate examples runs-on: ubuntu-latest diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a0d2152c..4be71ed6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -4,3 +4,9 @@ repos: hooks: - id: terraform_fmt - id: terraform_docs + args: + - --args=--config=.terraform-docs.yml + - id: terraform_tflint + exclude: "test/" + args: + - --args=--config=__GIT_WORKING_DIR__/.tflint.hcl diff --git a/.terraform-docs.yml b/.terraform-docs.yml index 0dc5b585..8918a217 100644 --- a/.terraform-docs.yml +++ b/.terraform-docs.yml @@ -13,3 +13,4 @@ sort: settings: default: false + lockfile: false diff --git a/.tflint.hcl b/.tflint.hcl new file mode 100644 index 00000000..714b6019 --- /dev/null +++ b/.tflint.hcl @@ -0,0 +1,53 @@ +config { + module = false + force = false + disabled_by_default = false +} + +rule "terraform_deprecated_interpolation" { + enabled = true +} + +rule "terraform_deprecated_index" { + enabled = true +} + +rule "terraform_unused_declarations" { + enabled = true +} + +rule "terraform_comment_syntax" { + enabled = true +} + +rule "terraform_documented_outputs" { + enabled = true +} + +rule "terraform_documented_variables" { + enabled = true +} + +rule "terraform_typed_variables" { + enabled = true +} + +rule "terraform_module_pinned_source" { + enabled = true +} + +rule "terraform_required_version" { + enabled = true +} + +rule "terraform_required_providers" { + enabled = true +} + +rule "terraform_standard_module_structure" { + enabled = true +} + +rule "terraform_workspace_remote" { + enabled = true +} diff --git a/README.md b/README.md index e26f1c06..0c96fb32 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ This module is composed of several submodules and each of which can be used inde | [account\_type](#input\_account\_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | no | | [alarm\_baseline\_enabled](#input\_alarm\_baseline\_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | no | | [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | no | -| [alarm\_sns\_topic\_kms\_master\_key\_id](#input\_alarm\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | no | +| [alarm\_sns\_topic\_kms\_master\_key\_id](#input\_alarm\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `string` | no | | [alarm\_sns\_topic\_name](#input\_alarm\_sns\_topic\_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | no | | [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | no | | [analyzer\_baseline\_enabled](#input\_analyzer\_baseline\_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | no | @@ -134,22 +134,22 @@ This module is composed of several submodules and each of which can be used inde | [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | no | | [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | | [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | no | -| [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `any` | yes | +| [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `string` | yes | | [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | no | -| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | yes | +| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `string` | yes | | [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [cloudtrail\_baseline\_enabled](#input\_cloudtrail\_baseline\_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | no | | [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [cloudtrail\_cloudwatch\_logs\_enabled](#input\_cloudtrail\_cloudwatch\_logs\_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | no | | [cloudtrail\_cloudwatch\_logs\_group\_name](#input\_cloudtrail\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | no | -| [cloudtrail\_dynamodb\_event\_logging\_tables](#input\_cloudtrail\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | no | +| [cloudtrail\_dynamodb\_event\_logging\_tables](#input\_cloudtrail\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list(string)` | no | | [cloudtrail\_iam\_role\_name](#input\_cloudtrail\_iam\_role\_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | no | | [cloudtrail\_iam\_role\_policy\_name](#input\_cloudtrail\_iam\_role\_policy\_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | no | | [cloudtrail\_key\_deletion\_window\_in\_days](#input\_cloudtrail\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | no | -| [cloudtrail\_lambda\_invocation\_logging\_lambdas](#input\_cloudtrail\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list` | no | +| [cloudtrail\_lambda\_invocation\_logging\_lambdas](#input\_cloudtrail\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list(string)` | no | | [cloudtrail\_name](#input\_cloudtrail\_name) | The name of the trail. | `string` | no | | [cloudtrail\_s3\_key\_prefix](#input\_cloudtrail\_s3\_key\_prefix) | The prefix used when CloudTrail delivers events to the S3 bucket. | `string` | no | -| [cloudtrail\_s3\_object\_level\_logging\_buckets](#input\_cloudtrail\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list` | no | +| [cloudtrail\_s3\_object\_level\_logging\_buckets](#input\_cloudtrail\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list(string)` | no | | [cloudtrail\_sns\_topic\_enabled](#input\_cloudtrail\_sns\_topic\_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | no | | [cloudtrail\_sns\_topic\_name](#input\_cloudtrail\_sns\_topic\_name) | The name of the SNS topic to link to the trail. | `string` | no | | [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | no | @@ -161,11 +161,9 @@ This module is composed of several submodules and each of which can be used inde | [config\_iam\_role\_name](#input\_config\_iam\_role\_name) | The name of the IAM Role which AWS Config will use. | `string` | no | | [config\_iam\_role\_policy\_name](#input\_config\_iam\_role\_policy\_name) | The name of the IAM Role Policy which AWS Config will use. | `string` | no | | [config\_s3\_bucket\_key\_prefix](#input\_config\_s3\_bucket\_key\_prefix) | The prefix used when writing AWS Config snapshots into the S3 bucket. | `string` | no | -| [config\_sns\_topic\_kms\_master\_key\_id](#input\_config\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | no | +| [config\_sns\_topic\_kms\_master\_key\_id](#input\_config\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `string` | no | | [config\_sns\_topic\_name](#input\_config\_sns\_topic\_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | no | | [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | no | -| [create\_manager\_role](#input\_create\_manager\_role) | Define if the manager role should be created. | `bool` | no | -| [create\_master\_role](#input\_create\_master\_role) | Define if the master role should be created. | `bool` | no | | [create\_password\_policy](#input\_create\_password\_policy) | Define if the password policy should be created. | `bool` | no | | [create\_support\_role](#input\_create\_support\_role) | Define if the support role should be created. | `bool` | no | | [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | no | @@ -175,11 +173,7 @@ This module is composed of several submodules and each of which can be used inde | [guardduty\_invitation\_message](#input\_guardduty\_invitation\_message) | Message for invitation. | `string` | no | | [iam\_baseline\_enabled](#input\_iam\_baseline\_enabled) | Boolean whether iam-baseline is enabled. | `bool` | no | | [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | -| [manager\_iam\_role\_name](#input\_manager\_iam\_role\_name) | The name of the IAM Manager role. | `string` | no | -| [manager\_iam\_role\_policy\_name](#input\_manager\_iam\_role\_policy\_name) | The name of the IAM Manager role policy. | `string` | no | | [master\_account\_id](#input\_master\_account\_id) | The ID of the master AWS account to which the current AWS account is associated. Required if `account_type` is `member`. | `string` | no | -| [master\_iam\_role\_name](#input\_master\_iam\_role\_name) | The name of the IAM Master role. | `string` | no | -| [master\_iam\_role\_policy\_name](#input\_master\_iam\_role\_policy\_name) | The name of the IAM Master role policy. | `string` | no | | [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | no | | [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| no | | [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | no | @@ -189,7 +183,7 @@ This module is composed of several submodules and each of which can be used inde | [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | no | -| [region](#input\_region) | The AWS region in which global resources are set up. | `any` | yes | +| [region](#input\_region) | The AWS region in which global resources are set up. | `string` | yes | | [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | no | | [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | no | | [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | @@ -209,10 +203,9 @@ This module is composed of several submodules and each of which can be used inde | [securityhub\_enable\_product\_arns](#input\_securityhub\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | no | | [securityhub\_enabled](#input\_securityhub\_enabled) | Boolean whether the securityhub-baseline module is enabled or disabled | `bool` | no | | [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | no | -| [support\_iam\_role\_policy\_name](#input\_support\_iam\_role\_policy\_name) | The name of the support role policy. | `string` | no | -| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | yes | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | no | -| [target\_regions](#input\_target\_regions) | A list of regions to set up with this module. | `list` | no | +| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(string)` | yes | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | +| [target\_regions](#input\_target\_regions) | A list of regions to set up with this module. | `list(string)` | no | | [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [use\_external\_audit\_log\_bucket](#input\_use\_external\_audit\_log\_bucket) | A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false. | `bool` | no | | [vpc\_changes\_enabled](#input\_vpc\_changes\_enabled) | The boolean flag whether the vpc\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | diff --git a/examples/external-bucket/outputs.tf b/examples/external-bucket/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/examples/external-bucket/variables.tf b/examples/external-bucket/variables.tf index 6a5322c5..c8c4fd3b 100644 --- a/examples/external-bucket/variables.tf +++ b/examples/external-bucket/variables.tf @@ -1,9 +1,11 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } diff --git a/examples/organization/master/outputs.tf b/examples/organization/master/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/examples/organization/master/variables.tf b/examples/organization/master/variables.tf index 4b2effb9..ab25712a 100644 --- a/examples/organization/master/variables.tf +++ b/examples/organization/master/variables.tf @@ -1,13 +1,19 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } variable "member_accounts" { description = "A list of AWS account IDs." - default = [] + type = list(object({ + account_id = string + email = string + })) + default = [] } diff --git a/examples/organization/member/outputs.tf b/examples/organization/member/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/examples/organization/member/variables.tf b/examples/organization/member/variables.tf index 9c513eb9..a84c6dad 100644 --- a/examples/organization/member/variables.tf +++ b/examples/organization/member/variables.tf @@ -1,12 +1,10 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } - -variable "master_account_id" { - description = "The ID of the master AWS account." -} diff --git a/examples/select-region/outputs.tf b/examples/select-region/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/examples/select-region/variables.tf b/examples/select-region/variables.tf index 6a5322c5..c8c4fd3b 100644 --- a/examples/select-region/variables.tf +++ b/examples/select-region/variables.tf @@ -1,9 +1,11 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } diff --git a/examples/simple/outputs.tf b/examples/simple/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/examples/simple/variables.tf b/examples/simple/variables.tf index 6a5322c5..c8c4fd3b 100644 --- a/examples/simple/variables.tf +++ b/examples/simple/variables.tf @@ -1,9 +1,11 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } diff --git a/main.tf b/main.tf index cec96e09..d019b1c8 100644 --- a/main.tf +++ b/main.tf @@ -29,8 +29,6 @@ data "aws_caller_identity" "current" {} locals { is_individual_account = var.account_type == "individual" is_master_account = var.account_type == "master" - is_member_account = var.account_type == "member" - is_cloudtrail_enabled = var.cloudtrail_baseline_enabled && (local.is_individual_account || local.is_master_account) } @@ -42,9 +40,7 @@ module "iam_baseline" { count = var.iam_baseline_enabled ? 1 : 0 source = "./modules/iam-baseline" - aws_account_id = var.aws_account_id support_iam_role_name = var.support_iam_role_name - support_iam_role_policy_name = var.support_iam_role_policy_name support_iam_role_principal_arns = var.support_iam_role_principal_arns minimum_password_length = var.minimum_password_length password_reuse_prevention = var.password_reuse_prevention diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index 81f2ac24..ba68f237 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -14,77 +14,33 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_cloudwatch_log_metric_filter.aws_config_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.cloudtrail_cfg_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.console_signin_failures](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.disable_or_delete_cmk](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.iam_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.nacl_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.network_gw_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.no_mfa_console_signin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.organizations_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.root_usage](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.route_table_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.s3_bucket_policy_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.security_group_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.unauthorized_api_calls](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_log_metric_filter.vpc_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_metric_filter) | resource | -| [aws_cloudwatch_metric_alarm.aws_config_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.cloudtrail_cfg_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.console_signin_failures](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.disable_or_delete_cmk](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.iam_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.nacl_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.network_gw_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.no_mfa_console_signin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.organizations_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.root_usage](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.route_table_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.s3_bucket_policy_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.security_group_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.unauthorized_api_calls](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_cloudwatch_metric_alarm.vpc_changes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | -| [aws_sns_topic.alarms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | -| [aws_sns_topic_policy.alarms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy_document.alarms-sns-policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | `"CISBenchmark"` | no | -| [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [cloudtrail\_log\_group\_name](#input\_cloudtrail\_log\_group\_name) | The name of the CloudWatch Logs group to which CloudTrail events are delivered. | `any` | n/a | yes | -| [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | `false` | no | -| [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [network\_gw\_changes\_enabled](#input\_network\_gw\_changes\_enabled) | The boolean flag whether the network\_gw\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [root\_usage\_enabled](#input\_root\_usage\_enabled) | The boolean flag whether the root\_usage alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [route\_table\_changes\_enabled](#input\_route\_table\_changes\_enabled) | The boolean flag whether the route\_table\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [s3\_bucket\_policy\_changes\_enabled](#input\_s3\_bucket\_policy\_changes\_enabled) | The boolean flag whether the s3\_bucket\_policy\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [security\_group\_changes\_enabled](#input\_security\_group\_changes\_enabled) | The boolean flag whether the security\_group\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [sns\_topic\_kms\_master\_key\_id](#input\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | -| [sns\_topic\_name](#input\_sns\_topic\_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | `"CISAlarm"` | no | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | -| [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | -| [vpc\_changes\_enabled](#input\_vpc\_changes\_enabled) | The boolean flag whether the vpc\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | `true` | no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | no | +| [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [cloudtrail\_log\_group\_name](#input\_cloudtrail\_log\_group\_name) | The name of the CloudWatch Logs group to which CloudTrail events are delivered. | `string` | yes | +| [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [mfa\_console\_signin\_allow\_sso](#input\_mfa\_console\_signin\_allow\_sso) | The boolean flag whether the no\_mfa\_console\_signin alarm allows SSO auth to be ignored. | `bool` | no | +| [nacl\_changes\_enabled](#input\_nacl\_changes\_enabled) | The boolean flag whether the nacl\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [network\_gw\_changes\_enabled](#input\_network\_gw\_changes\_enabled) | The boolean flag whether the network\_gw\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [root\_usage\_enabled](#input\_root\_usage\_enabled) | The boolean flag whether the root\_usage alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [route\_table\_changes\_enabled](#input\_route\_table\_changes\_enabled) | The boolean flag whether the route\_table\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [s3\_bucket\_policy\_changes\_enabled](#input\_s3\_bucket\_policy\_changes\_enabled) | The boolean flag whether the s3\_bucket\_policy\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [security\_group\_changes\_enabled](#input\_security\_group\_changes\_enabled) | The boolean flag whether the security\_group\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [sns\_topic\_kms\_master\_key\_id](#input\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `string` | no | +| [sns\_topic\_name](#input\_sns\_topic\_name) | The name of the SNS Topic which will be notified when any alarm is performed. | `string` | no | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | +| [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | no | +| [vpc\_changes\_enabled](#input\_vpc\_changes\_enabled) | The boolean flag whether the vpc\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | ## Outputs diff --git a/modules/alarm-baseline/variables.tf b/modules/alarm-baseline/variables.tf index f35feee8..c1c651b6 100644 --- a/modules/alarm-baseline/variables.tf +++ b/modules/alarm-baseline/variables.tf @@ -1,105 +1,126 @@ variable "unauthorized_api_calls_enabled" { description = "The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "no_mfa_console_signin_enabled" { description = "The boolean flag whether the no_mfa_console_signin alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "mfa_console_signin_allow_sso" { description = "The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored." + type = bool default = false } variable "root_usage_enabled" { description = "The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "iam_changes_enabled" { description = "The boolean flag whether the iam_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "cloudtrail_cfg_changes_enabled" { description = "The boolean flag whether the cloudtrail_cfg_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "console_signin_failures_enabled" { description = "The boolean flag whether the console_signin_failures alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "disable_or_delete_cmk_enabled" { description = "The boolean flag whether the disable_or_delete_cmk alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "s3_bucket_policy_changes_enabled" { description = "The boolean flag whether the s3_bucket_policy_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "aws_config_changes_enabled" { description = "The boolean flag whether the aws_config_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "security_group_changes_enabled" { description = "The boolean flag whether the security_group_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "nacl_changes_enabled" { description = "The boolean flag whether the nacl_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "network_gw_changes_enabled" { description = "The boolean flag whether the network_gw_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "route_table_changes_enabled" { description = "The boolean flag whether the route_table_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "vpc_changes_enabled" { description = "The boolean flag whether the vpc_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "organizations_changes_enabled" { description = "The boolean flag whether the organizations_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "alarm_namespace" { description = "The namespace in which all alarms are set up." + type = string default = "CISBenchmark" } variable "cloudtrail_log_group_name" { description = "The name of the CloudWatch Logs group to which CloudTrail events are delivered." + type = string } variable "sns_topic_name" { description = "The name of the SNS Topic which will be notified when any alarm is performed." + type = string default = "CISAlarm" } variable "sns_topic_kms_master_key_id" { description = "To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption" + type = string default = null } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index 3e0b99fc..4047fb3f 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -16,25 +16,15 @@ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_accessanalyzer_analyzer.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/accessanalyzer_analyzer) | resource | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | `"default-analyer"` | no | -| [is\_organization](#input\_is\_organization) | The boolean flag whether this module is configured for the organization master account or the individual account. | `bool` | `false` | no | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | no | +| [is\_organization](#input\_is\_organization) | The boolean flag whether this module is configured for the organization master account or the individual account. | `bool` | no | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/analyzer-baseline/outputs.tf b/modules/analyzer-baseline/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/modules/analyzer-baseline/variables.tf b/modules/analyzer-baseline/variables.tf index 9df076e6..a5fcf3c1 100644 --- a/modules/analyzer-baseline/variables.tf +++ b/modules/analyzer-baseline/variables.tf @@ -1,16 +1,19 @@ variable "analyzer_name" { description = "The name for the IAM Access Analyzer resource to be created." + type = string default = "default-analyer" } variable "is_organization" { description = "The boolean flag whether this module is configured for the organization master account or the individual account." + type = bool default = false } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 1a64d4ee..2077f93e 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -14,51 +14,31 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_cloudtrail.global](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail) | resource | -| [aws_cloudwatch_log_group.cloudtrail_events](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource | -| [aws_iam_role.cloudwatch_delivery](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy.cloudwatch_delivery_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | -| [aws_kms_key.cloudtrail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource | -| [aws_sns_topic.cloudtrail-sns-topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | -| [aws_sns_topic_policy.local-account-cloudtrail](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | -| [aws_iam_policy_document.cloudtrail-sns-policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.cloudtrail_key_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.cloudwatch_delivery_assume_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.cloudwatch_delivery_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | n/a | yes | -| [cloudtrail\_depends\_on](#input\_cloudtrail\_depends\_on) | External resources which should be set up before CloudTrail. | `list` | `[]` | no | -| [cloudtrail\_name](#input\_cloudtrail\_name) | The name of the trail. | `string` | `"cloudtrail-multi-region"` | no | -| [cloudtrail\_sns\_topic\_enabled](#input\_cloudtrail\_sns\_topic\_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | `true` | no | -| [cloudtrail\_sns\_topic\_name](#input\_cloudtrail\_sns\_topic\_name) | The SNS topic linked to the CloudTrail | `string` | `"cloudtrail-multi-region-sns-topic"` | no | -| [cloudwatch\_logs\_enabled](#input\_cloudwatch\_logs\_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | `true` | no | -| [cloudwatch\_logs\_group\_name](#input\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | `"cloudtrail-multi-region"` | no | -| [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | -| [dynamodb\_event\_logging\_tables](#input\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list` | 
[
  "arn:aws:dynamodb"
]
| no | -| [iam\_role\_name](#input\_iam\_role\_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Role"` | no | -| [iam\_role\_policy\_name](#input\_iam\_role\_policy\_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | `"CloudTrail-CloudWatch-Delivery-Policy"` | no | -| [is\_organization\_trail](#input\_is\_organization\_trail) | Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. | `bool` | `false` | no | -| [key\_deletion\_window\_in\_days](#input\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | `10` | no | -| [lambda\_invocation\_logging\_lambdas](#input\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list` | 
[
  "arn:aws:lambda"
]
| no | -| [region](#input\_region) | The AWS region in which CloudTrail is set up. | `any` | n/a | yes | -| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `any` | n/a | yes | -| [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | `""` | no | -| [s3\_object\_level\_logging\_buckets](#input\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list` | 
[
  "arn:aws:s3:::"
]
| no | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `string` | yes | +| [cloudtrail\_depends\_on](#input\_cloudtrail\_depends\_on) | External resources which should be set up before CloudTrail. | `list(any)` | no | +| [cloudtrail\_name](#input\_cloudtrail\_name) | The name of the trail. | `string` | no | +| [cloudtrail\_sns\_topic\_enabled](#input\_cloudtrail\_sns\_topic\_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | no | +| [cloudtrail\_sns\_topic\_name](#input\_cloudtrail\_sns\_topic\_name) | The SNS topic linked to the CloudTrail | `string` | no | +| [cloudwatch\_logs\_enabled](#input\_cloudwatch\_logs\_enabled) | Specifies whether the trail is delivered to CloudWatch Logs. | `bool` | no | +| [cloudwatch\_logs\_group\_name](#input\_cloudwatch\_logs\_group\_name) | The name of CloudWatch Logs group to which CloudTrail events are delivered. | `string` | no | +| [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | no | +| [dynamodb\_event\_logging\_tables](#input\_dynamodb\_event\_logging\_tables) | The list of DynamoDB table ARNs on which to enable event logging. | `list(string)` | no | +| [iam\_role\_name](#input\_iam\_role\_name) | The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | no | +| [iam\_role\_policy\_name](#input\_iam\_role\_policy\_name) | The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. | `string` | no | +| [is\_organization\_trail](#input\_is\_organization\_trail) | Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. | `bool` | no | +| [key\_deletion\_window\_in\_days](#input\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | no | +| [lambda\_invocation\_logging\_lambdas](#input\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list(string)` | no | +| [region](#input\_region) | The AWS region in which CloudTrail is set up. | `string` | yes | +| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `string` | yes | +| [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | no | +| [s3\_object\_level\_logging\_buckets](#input\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list(string)` | no | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/cloudtrail-baseline/variables.tf b/modules/cloudtrail-baseline/variables.tf index aa22226b..3ca6e722 100644 --- a/modules/cloudtrail-baseline/variables.tf +++ b/modules/cloudtrail-baseline/variables.tf @@ -1,89 +1,107 @@ variable "aws_account_id" { description = "The AWS Account ID number of the account." + type = string } variable "cloudtrail_name" { description = "The name of the trail." + type = string default = "cloudtrail-multi-region" } variable "cloudtrail_sns_topic_enabled" { description = "Specifies whether the trail is delivered to a SNS topic." + type = bool default = true } variable "cloudtrail_sns_topic_name" { description = "The SNS topic linked to the CloudTrail" + type = string default = "cloudtrail-multi-region-sns-topic" } variable "cloudwatch_logs_enabled" { description = "Specifies whether the trail is delivered to CloudWatch Logs." + type = bool default = true } variable "cloudwatch_logs_group_name" { description = "The name of CloudWatch Logs group to which CloudTrail events are delivered." + type = string default = "cloudtrail-multi-region" } variable "cloudwatch_logs_retention_in_days" { description = "Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely." + type = number default = 365 } variable "iam_role_name" { description = "The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group." + type = string default = "CloudTrail-CloudWatch-Delivery-Role" } variable "iam_role_policy_name" { description = "The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group." + type = string default = "CloudTrail-CloudWatch-Delivery-Policy" } variable "key_deletion_window_in_days" { description = "Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days." + type = number default = 10 } variable "region" { description = "The AWS region in which CloudTrail is set up." + type = string } variable "s3_bucket_name" { description = "The name of the S3 bucket which will store configuration snapshots." + type = string } variable "s3_key_prefix" { description = "The prefix for the specified S3 bucket." + type = string default = "" } variable "is_organization_trail" { description = "Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account." + type = bool default = false } variable "s3_object_level_logging_buckets" { description = "The list of S3 bucket ARNs on which to enable object-level logging." + type = list(string) default = ["arn:aws:s3:::"] # All S3 buckets } variable "dynamodb_event_logging_tables" { description = "The list of DynamoDB table ARNs on which to enable event logging." + type = list(string) default = ["arn:aws:dynamodb"] # All DynamoDB tables } variable "lambda_invocation_logging_lambdas" { description = "The list of lambda ARNs on which to enable invocation logging." + type = list(string) default = ["arn:aws:lambda"] # All lambdas } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } @@ -92,5 +110,6 @@ variable "tags" { # https://stackoverflow.com/questions/58275233/terraform-depends-on-with-modules variable "cloudtrail_depends_on" { description = "External resources which should be set up before CloudTrail." + type = list(any) default = [] } diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index 2ce0a6ca..5deb6e20 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -14,39 +14,22 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_config_configuration_recorder.recorder](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_recorder) | resource | -| [aws_config_configuration_recorder_status.recorder](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_configuration_recorder_status) | resource | -| [aws_config_delivery_channel.bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_delivery_channel) | resource | -| [aws_sns_topic.config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource | -| [aws_sns_topic_policy.config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy_document.config-sns-policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [delivery\_channel\_name](#input\_delivery\_channel\_name) | The name of the delivery channel. | `string` | `"default"` | no | -| [delivery\_frequency](#input\_delivery\_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | `"One_Hour"` | no | -| [iam\_role\_arn](#input\_iam\_role\_arn) | The ARN of the IAM Role which AWS Config will use. | `any` | n/a | yes | -| [include\_global\_resource\_types](#input\_include\_global\_resource\_types) | Specifies whether AWS Config includes all supported types of global resources with the resources that it records. | `bool` | `true` | no | -| [recorder\_name](#input\_recorder\_name) | The name of the configuration recorder. | `string` | `"default"` | no | -| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `any` | n/a | yes | -| [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | `""` | no | -| [sns\_topic\_kms\_master\_key\_id](#input\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `any` | `null` | no | -| [sns\_topic\_name](#input\_sns\_topic\_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | `"ConfigChanges"` | no | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [delivery\_channel\_name](#input\_delivery\_channel\_name) | The name of the delivery channel. | `string` | no | +| [delivery\_frequency](#input\_delivery\_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | no | +| [iam\_role\_arn](#input\_iam\_role\_arn) | The ARN of the IAM Role which AWS Config will use. | `string` | yes | +| [include\_global\_resource\_types](#input\_include\_global\_resource\_types) | Specifies whether AWS Config includes all supported types of global resources with the resources that it records. | `bool` | no | +| [recorder\_name](#input\_recorder\_name) | The name of the configuration recorder. | `string` | no | +| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `string` | yes | +| [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | no | +| [sns\_topic\_kms\_master\_key\_id](#input\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `string` | no | +| [sns\_topic\_name](#input\_sns\_topic\_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | no | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/config-baseline/variables.tf b/modules/config-baseline/variables.tf index 7be7cbf3..07b33a57 100644 --- a/modules/config-baseline/variables.tf +++ b/modules/config-baseline/variables.tf @@ -1,49 +1,59 @@ variable "iam_role_arn" { description = "The ARN of the IAM Role which AWS Config will use." + type = string } variable "s3_bucket_name" { description = "The name of the S3 bucket which will store configuration snapshots." + type = string } variable "s3_key_prefix" { description = "The prefix for the specified S3 bucket." + type = string default = "" } variable "sns_topic_name" { description = "The name of the SNS Topic to be used to notify configuration changes." + type = string default = "ConfigChanges" } variable "sns_topic_kms_master_key_id" { description = "To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption" + type = string default = null } variable "delivery_frequency" { description = "The frequency which AWS Config sends a snapshot into the S3 bucket." + type = string default = "One_Hour" } variable "recorder_name" { description = "The name of the configuration recorder." + type = string default = "default" } variable "delivery_channel_name" { description = "The name of the delivery channel." + type = string default = "default" } variable "include_global_resource_types" { description = "Specifies whether AWS Config includes all supported types of global resources with the resources that it records." + type = bool default = true } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index 4c0c2e44..a329bb59 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -16,17 +16,7 @@ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_ebs_encryption_by_default.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_encryption_by_default) | resource | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs diff --git a/modules/ebs-baseline/outputs.tf b/modules/ebs-baseline/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/modules/ebs-baseline/variables.tf b/modules/ebs-baseline/variables.tf new file mode 100644 index 00000000..e69de29b diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index 22c41942..2c9c3db0 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -14,30 +14,18 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_guardduty_detector.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector) | resource | -| [aws_guardduty_invite_accepter.master](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_invite_accepter) | resource | -| [aws_guardduty_member.members](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_member) | resource | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [disable\_email\_notification](#input\_disable\_email\_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | `false` | no | -| [finding\_publishing\_frequency](#input\_finding\_publishing\_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | `"SIX_HOURS"` | no | -| [invitation\_message](#input\_invitation\_message) | Message for invitation. | `string` | `"This is an automatic invitation message from guardduty-baseline module."` | no | -| [master\_account\_id](#input\_master\_account\_id) | AWS account ID for master account. | `string` | `""` | no | -| [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| `[]` | no | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [disable\_email\_notification](#input\_disable\_email\_notification) | Boolean whether an email notification is sent to the accounts. | `bool` | no | +| [finding\_publishing\_frequency](#input\_finding\_publishing\_frequency) | Specifies the frequency of notifications sent for subsequent finding occurrences. | `string` | no | +| [invitation\_message](#input\_invitation\_message) | Message for invitation. | `string` | no | +| [master\_account\_id](#input\_master\_account\_id) | AWS account ID for master account. | `string` | no | +| [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| no | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/guardduty-baseline/variables.tf b/modules/guardduty-baseline/variables.tf index 07e5177a..1ced3c55 100644 --- a/modules/guardduty-baseline/variables.tf +++ b/modules/guardduty-baseline/variables.tf @@ -1,20 +1,24 @@ variable "disable_email_notification" { description = "Boolean whether an email notification is sent to the accounts." + type = bool default = false } variable "finding_publishing_frequency" { description = "Specifies the frequency of notifications sent for subsequent finding occurrences." + type = string default = "SIX_HOURS" } variable "invitation_message" { description = "Message for invitation." + type = string default = "This is an automatic invitation message from guardduty-baseline module." } variable "master_account_id" { description = "AWS account ID for master account." + type = string default = "" } @@ -29,7 +33,8 @@ variable "member_accounts" { variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index dbf232eb..53432757 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -17,40 +17,25 @@ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_iam_account_password_policy.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy) | resource | -| [aws_iam_role.support](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy_attachment.support_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_iam_policy_document.support_assume_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | `true` | no | -| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `any` | n/a | yes | -| [create\_password\_policy](#input\_create\_password\_policy) | Define if the password policy should be created. | `bool` | `true` | no | -| [create\_support\_role](#input\_create\_support\_role) | Define if the support role should be created. | `bool` | `true` | no | -| [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | `0` | no | -| [minimum\_password\_length](#input\_minimum\_password\_length) | Minimum length to require for user passwords. | `number` | `14` | no | -| [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | `24` | no | -| [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | `false` | no | -| [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | `false` | no | -| [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | `false` | no | -| [require\_uppercase\_characters](#input\_require\_uppercase\_characters) | Whether to require uppercase characters for user passwords. | `bool` | `false` | no | -| [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | `"IAM-Support"` | no | -| [support\_iam\_role\_policy\_name](#input\_support\_iam\_role\_policy\_name) | The name of the support role policy. | `string` | `"IAM-Support-Role"` | no | -| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | n/a | yes | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | no | +| [create\_password\_policy](#input\_create\_password\_policy) | Define if the password policy should be created. | `bool` | no | +| [create\_support\_role](#input\_create\_support\_role) | Define if the support role should be created. | `bool` | no | +| [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | no | +| [minimum\_password\_length](#input\_minimum\_password\_length) | Minimum length to require for user passwords. | `number` | no | +| [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | no | +| [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | no | +| [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | no | +| [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | +| [require\_uppercase\_characters](#input\_require\_uppercase\_characters) | Whether to require uppercase characters for user passwords. | `bool` | no | +| [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | no | +| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | yes | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/iam-baseline/variables.tf b/modules/iam-baseline/variables.tf index 4e3177d1..48265c99 100644 --- a/modules/iam-baseline/variables.tf +++ b/modules/iam-baseline/variables.tf @@ -1,17 +1,9 @@ -variable "aws_account_id" { - description = "The AWS Account ID number of the account." -} - variable "support_iam_role_name" { description = "The name of the the support role." + type = string default = "IAM-Support" } -variable "support_iam_role_policy_name" { - description = "The name of the support role policy." - default = "IAM-Support-Role" -} - variable "support_iam_role_principal_arns" { type = list(any) description = "List of ARNs of the IAM principal elements by which the support role could be assumed." @@ -19,60 +11,69 @@ variable "support_iam_role_principal_arns" { variable "max_password_age" { description = "The number of days that an user password is valid." + type = number default = 0 } variable "minimum_password_length" { description = "Minimum length to require for user passwords." + type = number default = 14 } variable "password_reuse_prevention" { description = "The number of previous passwords that users are prevented from reusing." + type = number default = 24 } variable "require_lowercase_characters" { description = "Whether to require lowercase characters for user passwords." + type = bool default = false } variable "require_numbers" { description = "Whether to require numbers for user passwords." + type = bool default = false } variable "require_uppercase_characters" { description = "Whether to require uppercase characters for user passwords." + type = bool default = false } variable "require_symbols" { description = "Whether to require symbols for user passwords." + type = bool default = false } variable "allow_users_to_change_password" { description = "Whether to allow users to change their own password." + type = bool default = true } variable "create_password_policy" { - type = bool description = "Define if the password policy should be created." + type = bool default = true } variable "create_support_role" { - type = bool description = "Define if the support role should be created." + type = bool default = true } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } diff --git a/modules/s3-baseline/README.md b/modules/s3-baseline/README.md index 50e80545..f7442fcc 100644 --- a/modules/s3-baseline/README.md +++ b/modules/s3-baseline/README.md @@ -16,26 +16,16 @@ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_s3_account_public_access_block.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_account_public_access_block) | resource | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [block\_public\_acls](#input\_block\_public\_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [block\_public\_policy](#input\_block\_public\_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [ignore\_public\_acls](#input\_ignore\_public\_acls) | Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true. | `bool` | `true` | no | -| [restrict\_public\_buckets](#input\_restrict\_public\_buckets) | Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true. | `bool` | `true` | no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [block\_public\_acls](#input\_block\_public\_acls) | Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true. | `bool` | no | +| [block\_public\_policy](#input\_block\_public\_policy) | Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true. | `bool` | no | +| [ignore\_public\_acls](#input\_ignore\_public\_acls) | Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true. | `bool` | no | +| [restrict\_public\_buckets](#input\_restrict\_public\_buckets) | Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true. | `bool` | no | ## Outputs diff --git a/modules/s3-baseline/outputs.tf b/modules/s3-baseline/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/modules/s3-baseline/variables.tf b/modules/s3-baseline/variables.tf index 0cf1d32a..0d9e5c7c 100644 --- a/modules/s3-baseline/variables.tf +++ b/modules/s3-baseline/variables.tf @@ -1,19 +1,23 @@ variable "block_public_acls" { description = "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true." + type = bool default = true } variable "block_public_policy" { description = "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true." + type = bool default = true } variable "ignore_public_acls" { description = "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true." + type = bool default = true } variable "restrict_public_buckets" { description = "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true." + type = bool default = true } diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index 37595b17..e54cc3a8 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -14,34 +14,19 @@ Creates a S3 bucket with access logging enabled. | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_s3_bucket.access_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | -| [aws_s3_bucket.content](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | -| [aws_s3_bucket_policy.access_log_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | -| [aws_s3_bucket_public_access_block.access_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource | -| [aws_s3_bucket_public_access_block.content](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource | -| [aws_iam_policy_document.access_log_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | `false` | no | -| [bucket\_name](#input\_bucket\_name) | n/a | `any` | n/a | yes | -| [enabled](#input\_enabled) | A boolean that indicates this module is enabled. Resources are not created if it is set to false. | `bool` | `true` | no | -| [force\_destroy](#input\_force\_destroy) | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | `false` | no | -| [lifecycle\_glacier\_transition\_days](#input\_lifecycle\_glacier\_transition\_days) | The number of days after object creation when the object is archived into Glacier. | `number` | `90` | no | -| [log\_bucket\_name](#input\_log\_bucket\_name) | n/a | `any` | n/a | yes | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | no | +| [bucket\_name](#input\_bucket\_name) | The name of the S3 bucket to create. | `string` | yes | +| [enabled](#input\_enabled) | A boolean that indicates this module is enabled. Resources are not created if it is set to false. | `bool` | no | +| [force\_destroy](#input\_force\_destroy) | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | +| [lifecycle\_glacier\_transition\_days](#input\_lifecycle\_glacier\_transition\_days) | The number of days after object creation when the object is archived into Glacier. | `number` | no | +| [log\_bucket\_name](#input\_log\_bucket\_name) | The name of the S3 bucket to store access logs to the main bucket. | `string` | yes | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/secure-bucket/variables.tf b/modules/secure-bucket/variables.tf index 1ac56476..3812ef08 100644 --- a/modules/secure-bucket/variables.tf +++ b/modules/secure-bucket/variables.tf @@ -1,32 +1,41 @@ variable "bucket_name" { + description = "The name of the S3 bucket to create." + type = string } variable "log_bucket_name" { + description = "The name of the S3 bucket to store access logs to the main bucket." + type = string } variable "lifecycle_glacier_transition_days" { description = "The number of days after object creation when the object is archived into Glacier." + type = number default = 90 } variable "force_destroy" { description = " A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable." + type = bool default = false } variable "enabled" { description = "A boolean that indicates this module is enabled. Resources are not created if it is set to false." + type = bool default = true } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } variable "bucket_key_enabled" { description = "Whether or not to use Amazon S3 Bucket Keys for this bucket." + type = bool default = false } diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 7f40d107..e7fe42f8 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -19,35 +19,18 @@ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_securityhub_account.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_account) | resource | -| [aws_securityhub_finding_aggregator.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_finding_aggregator) | resource | -| [aws_securityhub_member.members](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_member) | resource | -| [aws_securityhub_product_subscription.products](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_product_subscription) | resource | -| [aws_securityhub_standards_subscription.aws_foundational](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_standards_subscription) | resource | -| [aws_securityhub_standards_subscription.cis](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_standards_subscription) | resource | -| [aws_securityhub_standards_subscription.pci_dss](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_standards_subscription) | resource | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws](#provider\_aws) | >= 3.50.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [aggregate\_findings](#input\_aggregate\_findings) | Boolean whether to enable finding aggregator for every region | `bool` | `false` | no | -| [enable\_aws\_foundational\_standard](#input\_enable\_aws\_foundational\_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | `true` | no | -| [enable\_cis\_standard](#input\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | `true` | no | -| [enable\_pci\_dss\_standard](#input\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | `true` | no | -| [enable\_product\_arns](#input\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | `[]` | no | -| [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| `[]` | no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [aggregate\_findings](#input\_aggregate\_findings) | Boolean whether to enable finding aggregator for every region | `bool` | no | +| [enable\_aws\_foundational\_standard](#input\_enable\_aws\_foundational\_standard) | Boolean whether AWS Foundations standard is enabled. | `bool` | no | +| [enable\_cis\_standard](#input\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | no | +| [enable\_pci\_dss\_standard](#input\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | no | +| [enable\_product\_arns](#input\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | no | +| [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| no | ## Outputs diff --git a/modules/securityhub-baseline/outputs.tf b/modules/securityhub-baseline/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/modules/securityhub-baseline/variables.tf b/modules/securityhub-baseline/variables.tf index 770266ab..fab74f00 100644 --- a/modules/securityhub-baseline/variables.tf +++ b/modules/securityhub-baseline/variables.tf @@ -1,20 +1,24 @@ variable "aggregate_findings" { description = "Boolean whether to enable finding aggregator for every region" + type = bool default = false } variable "enable_cis_standard" { description = "Boolean whether CIS standard is enabled." + type = bool default = true } variable "enable_pci_dss_standard" { description = "Boolean whether PCI DSS standard is enabled." + type = bool default = true } variable "enable_aws_foundational_standard" { description = "Boolean whether AWS Foundations standard is enabled." + type = bool default = true } diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index 4823ec37..b253967c 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -18,39 +18,20 @@ | Name | Version | |------|---------| -| [aws](#provider\_aws) | 3.60.0 | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_cloudwatch_log_group.default_vpc_flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource | -| [aws_default_network_acl.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_network_acl) | resource | -| [aws_default_route_table.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_route_table) | resource | -| [aws_default_security_group.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_security_group) | resource | -| [aws_default_subnet.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_subnet) | resource | -| [aws_default_vpc.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc) | resource | -| [aws_flow_log.default_vpc_flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/flow_log) | resource | -| [aws_availability_zones.all](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source | -| [aws_subnet.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source | -| [aws_subnets.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source | +| [aws](#provider\_aws) | >= 3.55.0 | ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [enable\_flow\_logs](#input\_enable\_flow\_logs) | The boolean flag whether to enable VPC Flow Logs in the default VPC | `bool` | `true` | no | -| [flow\_logs\_destination\_type](#input\_flow\_logs\_destination\_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | `"cloud-watch-logs"` | no | -| [flow\_logs\_iam\_role\_arn](#input\_flow\_logs\_iam\_role\_arn) | The ARN of the IAM Role which will be used by VPC Flow Logs if vpc\_log\_destination\_type is cloud-watch-logs. | `string` | `""` | no | -| [flow\_logs\_log\_group\_name](#input\_flow\_logs\_log\_group\_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is cloud-watch-logs. | `string` | `""` | no | -| [flow\_logs\_retention\_in\_days](#input\_flow\_logs\_retention\_in\_days) | Number of days to retain logs if vpc\_log\_destination\_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | `365` | no | -| [flow\_logs\_s3\_arn](#input\_flow\_logs\_s3\_arn) | The ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is s3. | `string` | `""` | no | -| [flow\_logs\_s3\_key\_prefix](#input\_flow\_logs\_s3\_key\_prefix) | The prefix used when VPC Flow Logs delivers logs to the S3 bucket. | `string` | `"flow-logs"` | no | -| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map` | 
{
  "Terraform": true
}
| no | +| Name | Description | Type | Required | +|------|-------------|------|:--------:| +| [enable\_flow\_logs](#input\_enable\_flow\_logs) | The boolean flag whether to enable VPC Flow Logs in the default VPC | `bool` | no | +| [flow\_logs\_destination\_type](#input\_flow\_logs\_destination\_type) | The type of the logging destination. Valid values: cloud-watch-logs, s3 | `string` | no | +| [flow\_logs\_iam\_role\_arn](#input\_flow\_logs\_iam\_role\_arn) | The ARN of the IAM Role which will be used by VPC Flow Logs if vpc\_log\_destination\_type is cloud-watch-logs. | `string` | no | +| [flow\_logs\_log\_group\_name](#input\_flow\_logs\_log\_group\_name) | The name of CloudWatch Logs group to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is cloud-watch-logs. | `string` | no | +| [flow\_logs\_retention\_in\_days](#input\_flow\_logs\_retention\_in\_days) | Number of days to retain logs if vpc\_log\_destination\_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. | `number` | no | +| [flow\_logs\_s3\_arn](#input\_flow\_logs\_s3\_arn) | The ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc\_log\_destination\_type is s3. | `string` | no | +| [flow\_logs\_s3\_key\_prefix](#input\_flow\_logs\_s3\_key\_prefix) | The prefix used when VPC Flow Logs delivers logs to the S3 bucket. | `string` | no | +| [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index 7fcbce39..2573cd4d 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -2,9 +2,6 @@ locals { flow_logs_to_cw_logs = var.enable_flow_logs && var.flow_logs_destination_type == "cloud-watch-logs" } -data "aws_availability_zones" "all" { -} - data "aws_subnets" "default" { filter { name = "default-for-az" diff --git a/modules/vpc-baseline/variables.tf b/modules/vpc-baseline/variables.tf index 85f3fd11..e61c99bd 100644 --- a/modules/vpc-baseline/variables.tf +++ b/modules/vpc-baseline/variables.tf @@ -1,10 +1,12 @@ variable "enable_flow_logs" { description = "The boolean flag whether to enable VPC Flow Logs in the default VPC" + type = bool default = true } variable "flow_logs_destination_type" { description = "The type of the logging destination. Valid values: cloud-watch-logs, s3" + type = string default = "cloud-watch-logs" } @@ -14,16 +16,19 @@ variable "flow_logs_destination_type" { variable "flow_logs_log_group_name" { description = "The name of CloudWatch Logs group to which VPC Flow Logs are delivered if vpc_log_destination_type is cloud-watch-logs." + type = string default = "" } variable "flow_logs_iam_role_arn" { description = "The ARN of the IAM Role which will be used by VPC Flow Logs if vpc_log_destination_type is cloud-watch-logs." + type = string default = "" } variable "flow_logs_retention_in_days" { description = "Number of days to retain logs if vpc_log_destination_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely." + type = number default = 365 } @@ -33,17 +38,20 @@ variable "flow_logs_retention_in_days" { variable "flow_logs_s3_arn" { description = "The ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc_log_destination_type is s3." + type = string default = "" } variable "flow_logs_s3_key_prefix" { description = "The prefix used when VPC Flow Logs delivers logs to the S3 bucket." + type = string default = "flow-logs" } variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { - "Terraform" = true + "Terraform" = "true" } } diff --git a/test/fixtures/simple_local/outputs.tf b/test/fixtures/simple_local/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/test/fixtures/simple_local/variables.tf b/test/fixtures/simple_local/variables.tf index 3e186522..a84c6dad 100644 --- a/test/fixtures/simple_local/variables.tf +++ b/test/fixtures/simple_local/variables.tf @@ -1,8 +1,10 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } diff --git a/test/fixtures/simple_registry/outputs.tf b/test/fixtures/simple_registry/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/test/fixtures/simple_registry/variables.tf b/test/fixtures/simple_registry/variables.tf index 3e186522..a84c6dad 100644 --- a/test/fixtures/simple_registry/variables.tf +++ b/test/fixtures/simple_registry/variables.tf @@ -1,8 +1,10 @@ variable "audit_s3_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string default = "us-east-1" } diff --git a/variables.tf b/variables.tf index 09460a6e..338f43b0 100644 --- a/variables.tf +++ b/variables.tf @@ -4,19 +4,23 @@ variable "aws_account_id" { description = "The AWS Account ID number of the account." + type = string } variable "region" { description = "The AWS region in which global resources are set up." + type = string } variable "account_type" { description = "The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise." + type = string default = "individual" } variable "master_account_id" { description = "The ID of the master AWS account to which the current AWS account is associated. Required if `account_type` is `member`." + type = string default = "" } @@ -31,6 +35,7 @@ variable "member_accounts" { variable "target_regions" { description = "A list of regions to set up with this module." + type = list(string) default = [ "ap-northeast-1", "ap-northeast-2", @@ -54,6 +59,7 @@ variable "target_regions" { variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." + type = map(string) default = { } } @@ -64,30 +70,36 @@ variable "tags" { variable "audit_log_bucket_name" { description = "The name of the S3 bucket to store various audit logs." + type = string } variable "audit_log_bucket_custom_policy_json" { description = "Override policy for the audit log bucket. Allows addition of extra policies." + type = string default = "{}" } variable "audit_log_bucket_key_enabled" { description = "Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket." + type = bool default = false } variable "audit_log_lifecycle_glacier_transition_days" { description = "The number of days after log creation when the log file is archived into Glacier." + type = number default = 90 } variable "audit_log_bucket_force_destroy" { description = "A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable." + type = bool default = false } variable "use_external_audit_log_bucket" { description = "A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false." + type = bool default = false } @@ -97,105 +109,78 @@ variable "use_external_audit_log_bucket" { variable "iam_baseline_enabled" { description = "Boolean whether iam-baseline is enabled." + type = bool default = true } variable "create_password_policy" { - type = bool description = "Define if the password policy should be created." - default = true -} - -variable "create_master_role" { type = bool - description = "Define if the master role should be created." - default = true -} - -variable "create_manager_role" { - type = bool - description = "Define if the manager role should be created." default = true } variable "create_support_role" { - type = bool description = "Define if the support role should be created." + type = bool default = true } -variable "master_iam_role_name" { - description = "The name of the IAM Master role." - default = "IAM-Master" -} - -variable "master_iam_role_policy_name" { - description = "The name of the IAM Master role policy." - default = "IAM-Master-Policy" -} - -variable "manager_iam_role_name" { - description = "The name of the IAM Manager role." - default = "IAM-Manager" -} - -variable "manager_iam_role_policy_name" { - description = "The name of the IAM Manager role policy." - default = "IAM-Manager-Policy" -} - variable "support_iam_role_name" { description = "The name of the the support role." + type = string default = "IAM-Support" } -variable "support_iam_role_policy_name" { - description = "The name of the support role policy." - default = "IAM-Support-Role" -} - variable "support_iam_role_principal_arns" { - type = list(any) + type = list(string) description = "List of ARNs of the IAM principal elements by which the support role could be assumed." } variable "max_password_age" { description = "The number of days that an user password is valid." + type = number default = 0 } variable "minimum_password_length" { description = "Minimum length to require for user passwords." + type = number default = 14 } variable "password_reuse_prevention" { description = "The number of previous passwords that users are prevented from reusing." + type = number default = 24 } variable "require_lowercase_characters" { description = "Whether to require lowercase characters for user passwords." + type = bool default = false } variable "require_numbers" { description = "Whether to require numbers for user passwords." + type = bool default = false } variable "require_uppercase_characters" { description = "Whether to require uppercase characters for user passwords." + type = bool default = false } variable "require_symbols" { description = "Whether to require symbols for user passwords." + type = bool default = false } variable "allow_users_to_change_password" { description = "Whether to allow users to change their own password." + type = bool default = true } @@ -205,46 +190,55 @@ variable "allow_users_to_change_password" { variable "vpc_enable" { description = "Boolean whether the VPC baseline module should be enabled" + type = bool default = true } variable "vpc_iam_role_name" { description = "The name of the IAM Role which VPC Flow Logs will use." + type = string default = "VPC-Flow-Logs-Publisher" } variable "vpc_iam_role_policy_name" { description = "The name of the IAM Role Policy which VPC Flow Logs will use." + type = string default = "VPC-Flow-Logs-Publish-Policy" } variable "vpc_enable_flow_logs" { description = "The boolean flag whether to enable VPC Flow Logs in default VPCs" + type = bool default = true } variable "vpc_flow_logs_destination_type" { description = "The type of the logging destination. Valid values: cloud-watch-logs, s3" + type = string default = "cloud-watch-logs" } variable "vpc_flow_logs_log_group_name" { description = "The name of CloudWatch Logs group to which VPC Flow Logs are delivered." + type = string default = "default-vpc-flow-logs" } variable "vpc_flow_logs_retention_in_days" { description = "Number of days to retain logs if vpc_log_destination_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely." + type = number default = 365 } variable "vpc_flow_logs_s3_arn" { description = "ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc_log_destination_type is s3." + type = string default = "" } variable "vpc_flow_logs_s3_key_prefix" { description = "The prefix used when VPC Flow Logs delivers logs to the S3 bucket." + type = string default = "flow-logs" } @@ -255,51 +249,61 @@ variable "vpc_flow_logs_s3_key_prefix" { variable "config_baseline_enabled" { description = "Boolean whether config-baseline is enabled." + type = bool default = true } variable "config_delivery_frequency" { description = "The frequency which AWS Config sends a snapshot into the S3 bucket." + type = string default = "One_Hour" } variable "config_iam_role_name" { description = "The name of the IAM Role which AWS Config will use." + type = string default = "Config-Recorder" } variable "config_iam_role_policy_name" { description = "The name of the IAM Role Policy which AWS Config will use." + type = string default = "Config-Recorder-Policy" } variable "config_s3_bucket_key_prefix" { description = "The prefix used when writing AWS Config snapshots into the S3 bucket." + type = string default = "config" } variable "config_sns_topic_name" { description = "The name of the SNS Topic to be used to notify configuration changes." + type = string default = "ConfigChanges" } variable "config_sns_topic_kms_master_key_id" { description = "To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption" + type = string default = null } variable "config_aggregator_name" { description = "The name of the organizational AWS Config Configuration Aggregator." + type = string default = "organization-aggregator" } variable "config_aggregator_name_prefix" { description = "The prefix of the name for the IAM role attached to the organizational AWS Config Configuration Aggregator." + type = string default = "config-for-organization-role" } variable "config_global_resources_all_regions" { description = "Record global resources in all regions. If false, only default region will record global resources." + type = bool default = false } @@ -309,71 +313,85 @@ variable "config_global_resources_all_regions" { variable "cloudtrail_baseline_enabled" { description = "Boolean whether cloudtrail-baseline is enabled." + type = bool default = true } variable "cloudtrail_cloudwatch_logs_enabled" { description = "Specifies whether the trail is delivered to CloudWatch Logs." + type = bool default = true } variable "cloudtrail_cloudwatch_logs_group_name" { description = "The name of CloudWatch Logs group to which CloudTrail events are delivered." + type = string default = "cloudtrail-multi-region" } variable "cloudwatch_logs_retention_in_days" { description = "Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely." + type = number default = 365 } variable "cloudtrail_iam_role_name" { description = "The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group." + type = string default = "CloudTrail-CloudWatch-Delivery-Role" } variable "cloudtrail_iam_role_policy_name" { description = "The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group." + type = string default = "CloudTrail-CloudWatch-Delivery-Policy" } variable "cloudtrail_key_deletion_window_in_days" { description = "Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days." + type = number default = 10 } variable "cloudtrail_name" { description = "The name of the trail." + type = string default = "cloudtrail-multi-region" } variable "cloudtrail_sns_topic_enabled" { description = "Specifies whether the trail is delivered to a SNS topic." + type = bool default = true } variable "cloudtrail_sns_topic_name" { description = "The name of the SNS topic to link to the trail." + type = string default = "cloudtrail-multi-region-sns-topic" } variable "cloudtrail_s3_key_prefix" { description = "The prefix used when CloudTrail delivers events to the S3 bucket." + type = string default = "cloudtrail" } variable "cloudtrail_s3_object_level_logging_buckets" { description = "The list of S3 bucket ARNs on which to enable object-level logging." + type = list(string) default = ["arn:aws:s3:::"] # All S3 buckets } variable "cloudtrail_dynamodb_event_logging_tables" { description = "The list of DynamoDB table ARNs on which to enable event logging." + type = list(string) default = ["arn:aws:dynamodb"] # All DynamoDB tables } variable "cloudtrail_lambda_invocation_logging_lambdas" { description = "The list of lambda ARNs on which to enable invocation logging." + type = list(string) default = ["arn:aws:lambda"] # All lambdas } @@ -383,101 +401,121 @@ variable "cloudtrail_lambda_invocation_logging_lambdas" { variable "alarm_baseline_enabled" { description = "Boolean whether alarm-baseline is enabled." + type = bool default = true } variable "alarm_namespace" { description = "The namespace in which all alarms are set up." + type = string default = "CISBenchmark" } variable "alarm_sns_topic_name" { description = "The name of the SNS Topic which will be notified when any alarm is performed." + type = string default = "CISAlarm" } variable "alarm_sns_topic_kms_master_key_id" { description = "To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption" + type = string default = null } variable "unauthorized_api_calls_enabled" { description = "The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "no_mfa_console_signin_enabled" { description = "The boolean flag whether the no_mfa_console_signin alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "mfa_console_signin_allow_sso" { description = "The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored." + type = bool default = false } variable "root_usage_enabled" { description = "The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "iam_changes_enabled" { description = "The boolean flag whether the iam_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "cloudtrail_cfg_changes_enabled" { description = "The boolean flag whether the cloudtrail_cfg_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "console_signin_failures_enabled" { description = "The boolean flag whether the console_signin_failures alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "disable_or_delete_cmk_enabled" { description = "The boolean flag whether the disable_or_delete_cmk alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "s3_bucket_policy_changes_enabled" { description = "The boolean flag whether the s3_bucket_policy_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "aws_config_changes_enabled" { description = "The boolean flag whether the aws_config_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "security_group_changes_enabled" { description = "The boolean flag whether the security_group_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "nacl_changes_enabled" { description = "The boolean flag whether the nacl_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "network_gw_changes_enabled" { description = "The boolean flag whether the network_gw_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "route_table_changes_enabled" { description = "The boolean flag whether the route_table_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "vpc_changes_enabled" { description = "The boolean flag whether the vpc_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } variable "organizations_changes_enabled" { description = "The boolean flag whether the organizations_changes alarm is enabled or not. No resources are created when set to false." + type = bool default = true } @@ -487,21 +525,25 @@ variable "organizations_changes_enabled" { variable "guardduty_enabled" { description = "Boolean whether the guardduty-baseline module is enabled or disabled" + type = bool default = true } variable "guardduty_disable_email_notification" { description = "Boolean whether an email notification is sent to the accounts." + type = bool default = false } variable "guardduty_finding_publishing_frequency" { description = "Specifies the frequency of notifications sent for subsequent finding occurrences." + type = string default = "SIX_HOURS" } variable "guardduty_invitation_message" { description = "Message for invitation." + type = string default = "This is an automatic invitation message from guardduty-baseline module." } @@ -511,26 +553,31 @@ variable "guardduty_invitation_message" { variable "s3_baseline_enabled" { description = "Boolean whether s3-baseline is enabled." + type = bool default = true } variable "s3_block_public_acls" { description = "Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to true." + type = bool default = true } variable "s3_block_public_policy" { description = "Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to true." + type = bool default = true } variable "s3_ignore_public_acls" { description = "Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to true." + type = bool default = true } variable "s3_restrict_public_buckets" { description = "Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to true." + type = bool default = true } @@ -540,21 +587,25 @@ variable "s3_restrict_public_buckets" { variable "securityhub_enabled" { description = "Boolean whether the securityhub-baseline module is enabled or disabled" + type = bool default = true } variable "securityhub_enable_cis_standard" { description = "Boolean whether CIS standard is enabled." + type = bool default = true } variable "securityhub_enable_pci_dss_standard" { description = "Boolean whether PCI DSS standard is enabled." + type = bool default = false } variable "securityhub_enable_aws_foundational_standard" { description = "Boolean whether AWS Foundations standard is enabled." + type = bool default = true } @@ -570,10 +621,12 @@ variable "securityhub_enable_product_arns" { variable "analyzer_baseline_enabled" { description = "Boolean whether analyzer-baseline is enabled." + type = bool default = true } variable "analyzer_name" { description = "The name for the IAM Access Analyzer resource to be created." + type = string default = "default-analyzer" } From 3c743e6801fc3a2be0f56b5998299a7eafc125ee Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 10 Jan 2022 08:40:34 +0900 Subject: [PATCH 16/66] bump up the version --- CHANGELOG.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b4ab131d..f68c141b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,10 +2,22 @@ ## [Unreleased] + +## [0.33.0] - 2022-01-10 +### Refactor +- add tflint checks ([#246](https://github.com/nozaq/terraform-aws-secure-baseline/issues/246)) +- re-organize locals ([#243](https://github.com/nozaq/terraform-aws-secure-baseline/issues/243)) + + ## [0.32.0] - 2022-01-08 ### Feat - enable finding aggregator in the main region ([#241](https://github.com/nozaq/terraform-aws-secure-baseline/issues/241)) + + + +## [0.31.0] - 2022-01-08 +### Feat - add inputs to toggle submodules ([#240](https://github.com/nozaq/terraform-aws-secure-baseline/issues/240)) - optionally ignore SSO logins for MFA alarms ([#234](https://github.com/nozaq/terraform-aws-secure-baseline/issues/234)) - apply default subnet changes to existing subnets ([#237](https://github.com/nozaq/terraform-aws-secure-baseline/issues/237)) @@ -369,8 +381,10 @@ ## 0.0.1 - 2018-02-12 -[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.32.0...HEAD -[0.32.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.30.0...0.32.0 +[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.33.0...HEAD +[0.33.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.32.0...0.33.0 +[0.32.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.31.0...0.32.0 +[0.31.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.30.0...0.31.0 [0.30.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.2...0.30.0 [0.29.2]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.1...0.29.2 [0.29.1]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.29.0...0.29.1 From 2d283841e3d78c9c3695afff443167839ebf6534 Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 10 Jan 2022 13:20:35 +0900 Subject: [PATCH 17/66] docs: sort inputs by required (#247) --- .terraform-docs.yml | 2 +- README.md | 8 ++++---- modules/alarm-baseline/README.md | 2 +- modules/cloudtrail-baseline/README.md | 4 ++-- modules/config-baseline/README.md | 4 ++-- modules/iam-baseline/README.md | 2 +- modules/secure-bucket/README.md | 4 ++-- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.terraform-docs.yml b/.terraform-docs.yml index 8918a217..8369b4a3 100644 --- a/.terraform-docs.yml +++ b/.terraform-docs.yml @@ -9,7 +9,7 @@ sections: sort: enabled: true - by: name + by: required settings: default: false diff --git a/README.md b/README.md index 0c96fb32..099dd6a5 100644 --- a/README.md +++ b/README.md @@ -123,6 +123,10 @@ This module is composed of several submodules and each of which can be used inde | Name | Description | Type | Required | |------|-------------|------|:--------:| +| [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `string` | yes | +| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `string` | yes | +| [region](#input\_region) | The AWS region in which global resources are set up. | `string` | yes | +| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(string)` | yes | | [account\_type](#input\_account\_type) | The type of the AWS account. The possible values are `individual`, `master` and `member` . Specify `master` and `member` to set up centalized logging for multiple accounts in AWS Organization. Use individual` otherwise.` | `string` | no | | [alarm\_baseline\_enabled](#input\_alarm\_baseline\_enabled) | Boolean whether alarm-baseline is enabled. | `bool` | no | | [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | no | @@ -134,9 +138,7 @@ This module is composed of several submodules and each of which can be used inde | [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | no | | [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | | [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | no | -| [audit\_log\_bucket\_name](#input\_audit\_log\_bucket\_name) | The name of the S3 bucket to store various audit logs. | `string` | yes | | [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | no | -| [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `string` | yes | | [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [cloudtrail\_baseline\_enabled](#input\_cloudtrail\_baseline\_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | no | | [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | @@ -183,7 +185,6 @@ This module is composed of several submodules and each of which can be used inde | [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | no | -| [region](#input\_region) | The AWS region in which global resources are set up. | `string` | yes | | [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | no | | [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | no | | [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | @@ -203,7 +204,6 @@ This module is composed of several submodules and each of which can be used inde | [securityhub\_enable\_product\_arns](#input\_securityhub\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | no | | [securityhub\_enabled](#input\_securityhub\_enabled) | Boolean whether the securityhub-baseline module is enabled or disabled | `bool` | no | | [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | no | -| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(string)` | yes | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | | [target\_regions](#input\_target\_regions) | A list of regions to set up with this module. | `list(string)` | no | | [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | no | diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index ba68f237..db364f3f 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -20,10 +20,10 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Description | Type | Required | |------|-------------|------|:--------:| +| [cloudtrail\_log\_group\_name](#input\_cloudtrail\_log\_group\_name) | The name of the CloudWatch Logs group to which CloudTrail events are delivered. | `string` | yes | | [alarm\_namespace](#input\_alarm\_namespace) | The namespace in which all alarms are set up. | `string` | no | | [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | -| [cloudtrail\_log\_group\_name](#input\_cloudtrail\_log\_group\_name) | The name of the CloudWatch Logs group to which CloudTrail events are delivered. | `string` | yes | | [console\_signin\_failures\_enabled](#input\_console\_signin\_failures\_enabled) | The boolean flag whether the console\_signin\_failures alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [disable\_or\_delete\_cmk\_enabled](#input\_disable\_or\_delete\_cmk\_enabled) | The boolean flag whether the disable\_or\_delete\_cmk alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [iam\_changes\_enabled](#input\_iam\_changes\_enabled) | The boolean flag whether the iam\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 2077f93e..11a747f1 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -21,6 +21,8 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Description | Type | Required | |------|-------------|------|:--------:| | [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID number of the account. | `string` | yes | +| [region](#input\_region) | The AWS region in which CloudTrail is set up. | `string` | yes | +| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `string` | yes | | [cloudtrail\_depends\_on](#input\_cloudtrail\_depends\_on) | External resources which should be set up before CloudTrail. | `list(any)` | no | | [cloudtrail\_name](#input\_cloudtrail\_name) | The name of the trail. | `string` | no | | [cloudtrail\_sns\_topic\_enabled](#input\_cloudtrail\_sns\_topic\_enabled) | Specifies whether the trail is delivered to a SNS topic. | `bool` | no | @@ -34,8 +36,6 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | [is\_organization\_trail](#input\_is\_organization\_trail) | Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. | `bool` | no | | [key\_deletion\_window\_in\_days](#input\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | no | | [lambda\_invocation\_logging\_lambdas](#input\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list(string)` | no | -| [region](#input\_region) | The AWS region in which CloudTrail is set up. | `string` | yes | -| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `string` | yes | | [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | no | | [s3\_object\_level\_logging\_buckets](#input\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list(string)` | no | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index 5deb6e20..ad984807 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -20,12 +20,12 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Description | Type | Required | |------|-------------|------|:--------:| +| [iam\_role\_arn](#input\_iam\_role\_arn) | The ARN of the IAM Role which AWS Config will use. | `string` | yes | +| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `string` | yes | | [delivery\_channel\_name](#input\_delivery\_channel\_name) | The name of the delivery channel. | `string` | no | | [delivery\_frequency](#input\_delivery\_frequency) | The frequency which AWS Config sends a snapshot into the S3 bucket. | `string` | no | -| [iam\_role\_arn](#input\_iam\_role\_arn) | The ARN of the IAM Role which AWS Config will use. | `string` | yes | | [include\_global\_resource\_types](#input\_include\_global\_resource\_types) | Specifies whether AWS Config includes all supported types of global resources with the resources that it records. | `bool` | no | | [recorder\_name](#input\_recorder\_name) | The name of the configuration recorder. | `string` | no | -| [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name of the S3 bucket which will store configuration snapshots. | `string` | yes | | [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | no | | [sns\_topic\_kms\_master\_key\_id](#input\_sns\_topic\_kms\_master\_key\_id) | To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption | `string` | no | | [sns\_topic\_name](#input\_sns\_topic\_name) | The name of the SNS Topic to be used to notify configuration changes. | `string` | no | diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index 53432757..54f49f7d 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -23,6 +23,7 @@ | Name | Description | Type | Required | |------|-------------|------|:--------:| +| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | yes | | [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | no | | [create\_password\_policy](#input\_create\_password\_policy) | Define if the password policy should be created. | `bool` | no | | [create\_support\_role](#input\_create\_support\_role) | Define if the support role should be created. | `bool` | no | @@ -34,7 +35,6 @@ | [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | | [require\_uppercase\_characters](#input\_require\_uppercase\_characters) | Whether to require uppercase characters for user passwords. | `bool` | no | | [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | no | -| [support\_iam\_role\_principal\_arns](#input\_support\_iam\_role\_principal\_arns) | List of ARNs of the IAM principal elements by which the support role could be assumed. | `list(any)` | yes | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index e54cc3a8..657121ab 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -20,12 +20,12 @@ Creates a S3 bucket with access logging enabled. | Name | Description | Type | Required | |------|-------------|------|:--------:| -| [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | no | | [bucket\_name](#input\_bucket\_name) | The name of the S3 bucket to create. | `string` | yes | +| [log\_bucket\_name](#input\_log\_bucket\_name) | The name of the S3 bucket to store access logs to the main bucket. | `string` | yes | +| [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | no | | [enabled](#input\_enabled) | A boolean that indicates this module is enabled. Resources are not created if it is set to false. | `bool` | no | | [force\_destroy](#input\_force\_destroy) | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | | [lifecycle\_glacier\_transition\_days](#input\_lifecycle\_glacier\_transition\_days) | The number of days after object creation when the object is archived into Glacier. | `number` | no | -| [log\_bucket\_name](#input\_log\_bucket\_name) | The name of the S3 bucket to store access logs to the main bucket. | `string` | yes | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs From 6742a371027d368afb4967e17a646fe4244a6ea9 Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 10 Jan 2022 20:55:32 +0900 Subject: [PATCH 18/66] fix: upgrade minimum provider requirements (#248) --- README.md | 4 ++-- examples/external-bucket/main.tf | 4 ++-- examples/organization/master/main.tf | 4 ++-- examples/organization/member/main.tf | 4 ++-- examples/select-region/main.tf | 4 ++-- examples/simple/main.tf | 4 ++-- main.tf | 2 +- modules/securityhub-baseline/README.md | 4 ++-- modules/securityhub-baseline/versions.tf | 2 +- 9 files changed, 16 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 099dd6a5..3691cb1b 100644 --- a/README.md +++ b/README.md @@ -111,13 +111,13 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.3 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 3.66.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 3.66.0 | ## Inputs diff --git a/examples/external-bucket/main.tf b/examples/external-bucket/main.tf index 0643a6a0..100ef14a 100644 --- a/examples/external-bucket/main.tf +++ b/examples/external-bucket/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 0.15" + required_version = ">= 1.1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" } } } diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index 6994b45b..127e62bc 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 0.15" + required_version = ">= 1.1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" } } } diff --git a/examples/organization/member/main.tf b/examples/organization/member/main.tf index 12b25e9f..dd13795c 100644 --- a/examples/organization/member/main.tf +++ b/examples/organization/member/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 0.15" + required_version = ">= 1.1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" } } } diff --git a/examples/select-region/main.tf b/examples/select-region/main.tf index f6e2a8a4..6c0b4a82 100644 --- a/examples/select-region/main.tf +++ b/examples/select-region/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 0.15" + required_version = ">= 1.1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" } } } diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 0706ad27..6af4b7ec 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 0.15" + required_version = ">= 1.1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" } } } diff --git a/main.tf b/main.tf index d019b1c8..db56d60c 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" # A provider alias should be passed for each AWS region. # Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index e7fe42f8..60dec3d9 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -13,13 +13,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.3 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 3.66.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 3.66.0 | ## Inputs diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index 706c4a0d..9516fbe0 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 3.66.0" } } } From bab4564790b8f8b162421c6116ca793cf9f38b91 Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 10 Jan 2022 20:57:46 +0900 Subject: [PATCH 19/66] style: update editorconfig (#249) --- .editorconfig | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.editorconfig b/.editorconfig index 20edaa21..ce0ebcb6 100644 --- a/.editorconfig +++ b/.editorconfig @@ -1,11 +1,14 @@ root = true [*] +charset = utf-8 +end_of_line = lf indent_style = space indent_size = 2 -charset = utf-8 -trim_trailing_whitespace = true insert_final_newline = true +max_line_length = 80 +trim_trailing_whitespace = true [*.md] -trim_trailing_whitespace = false \ No newline at end of file +max_line_length = 0 +trim_trailing_whitespace = false From 3933087e131a7d3825faa1b6c9459161e7e62c1e Mon Sep 17 00:00:00 2001 From: Curtis Hawkins <33757295+CurtisSSE@users.noreply.github.com> Date: Fri, 14 Jan 2022 13:48:51 +0000 Subject: [PATCH 20/66] docs: the additional space ' ' after source on line 5 causes terraform fmt to fail Co-authored-by: Curtis This is a formatting issue and a slight editing error. (#250) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3691cb1b..13d62fda 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ data "aws_caller_identity" "current" {} data "aws_region" "current" {} module "secure_baseline" { - source = "nozaq/secure-baseline/aws" + source = "nozaq/secure-baseline/aws" audit_log_bucket_name = "YOUR_BUCKET_NAME" aws_account_id = data.aws_caller_identity.current.account_id From 6bc61ca0b61b372ab2e7ba2f3dd4fa177ad62086 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 15 Jan 2022 20:46:47 +0900 Subject: [PATCH 21/66] feat: enforce strong password policy by default (#252) To conform to IAM.7 in AWS Foundational Security Best Practices. --- modules/iam-baseline/variables.tf | 8 ++++---- variables.tf | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/iam-baseline/variables.tf b/modules/iam-baseline/variables.tf index 48265c99..f68a945a 100644 --- a/modules/iam-baseline/variables.tf +++ b/modules/iam-baseline/variables.tf @@ -30,25 +30,25 @@ variable "password_reuse_prevention" { variable "require_lowercase_characters" { description = "Whether to require lowercase characters for user passwords." type = bool - default = false + default = true } variable "require_numbers" { description = "Whether to require numbers for user passwords." type = bool - default = false + default = true } variable "require_uppercase_characters" { description = "Whether to require uppercase characters for user passwords." type = bool - default = false + default = true } variable "require_symbols" { description = "Whether to require symbols for user passwords." type = bool - default = false + default = true } variable "allow_users_to_change_password" { diff --git a/variables.tf b/variables.tf index 338f43b0..afdf167c 100644 --- a/variables.tf +++ b/variables.tf @@ -157,25 +157,25 @@ variable "password_reuse_prevention" { variable "require_lowercase_characters" { description = "Whether to require lowercase characters for user passwords." type = bool - default = false + default = true } variable "require_numbers" { description = "Whether to require numbers for user passwords." type = bool - default = false + default = true } variable "require_uppercase_characters" { description = "Whether to require uppercase characters for user passwords." type = bool - default = false + default = true } variable "require_symbols" { description = "Whether to require symbols for user passwords." type = bool - default = false + default = true } variable "allow_users_to_change_password" { From 4d3cbd46466267d34722f08e01e589c1d14d0d65 Mon Sep 17 00:00:00 2001 From: nozaq Date: Fri, 21 Jan 2022 06:02:51 +0900 Subject: [PATCH 22/66] fix: set the minimum terraform version to 1.1.4 (#255) to avoid the issue in terraform 1.1.3 https://github.com/hashicorp/terraform/issues/30326 --- README.md | 2 +- examples/external-bucket/main.tf | 2 +- examples/organization/master/main.tf | 2 +- examples/organization/member/main.tf | 2 +- examples/select-region/main.tf | 2 +- examples/simple/main.tf | 2 +- main.tf | 2 +- modules/alarm-baseline/README.md | 2 +- modules/alarm-baseline/versions.tf | 2 +- modules/analyzer-baseline/README.md | 2 +- modules/analyzer-baseline/versions.tf | 2 +- modules/cloudtrail-baseline/README.md | 2 +- modules/cloudtrail-baseline/versions.tf | 2 +- modules/config-baseline/README.md | 2 +- modules/config-baseline/versions.tf | 2 +- modules/ebs-baseline/README.md | 2 +- modules/ebs-baseline/versions.tf | 2 +- modules/guardduty-baseline/README.md | 2 +- modules/guardduty-baseline/versions.tf | 2 +- modules/securityhub-baseline/README.md | 2 +- modules/securityhub-baseline/versions.tf | 2 +- modules/vpc-baseline/README.md | 2 +- modules/vpc-baseline/versions.tf | 2 +- 23 files changed, 23 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 13d62fda..41a51e8a 100644 --- a/README.md +++ b/README.md @@ -110,7 +110,7 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.66.0 | ## Providers diff --git a/examples/external-bucket/main.tf b/examples/external-bucket/main.tf index 100ef14a..fbd621d6 100644 --- a/examples/external-bucket/main.tf +++ b/examples/external-bucket/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index 127e62bc..cad99dfe 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/examples/organization/member/main.tf b/examples/organization/member/main.tf index dd13795c..eb43576f 100644 --- a/examples/organization/member/main.tf +++ b/examples/organization/member/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/examples/select-region/main.tf b/examples/select-region/main.tf index 6c0b4a82..79cd7a40 100644 --- a/examples/select-region/main.tf +++ b/examples/select-region/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 6af4b7ec..824467c1 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/main.tf b/main.tf index db56d60c..89ed0da0 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index db364f3f..a13c123f 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -7,7 +7,7 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers diff --git a/modules/alarm-baseline/versions.tf b/modules/alarm-baseline/versions.tf index 706c4a0d..90a4df94 100644 --- a/modules/alarm-baseline/versions.tf +++ b/modules/alarm-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index 4047fb3f..bdda9403 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -9,7 +9,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers diff --git a/modules/analyzer-baseline/versions.tf b/modules/analyzer-baseline/versions.tf index 706c4a0d..90a4df94 100644 --- a/modules/analyzer-baseline/versions.tf +++ b/modules/analyzer-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 11a747f1..29f57e5e 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -7,7 +7,7 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers diff --git a/modules/cloudtrail-baseline/versions.tf b/modules/cloudtrail-baseline/versions.tf index 706c4a0d..90a4df94 100644 --- a/modules/cloudtrail-baseline/versions.tf +++ b/modules/cloudtrail-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index ad984807..f99c37f7 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -7,7 +7,7 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers diff --git a/modules/config-baseline/versions.tf b/modules/config-baseline/versions.tf index 706c4a0d..90a4df94 100644 --- a/modules/config-baseline/versions.tf +++ b/modules/config-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index a329bb59..564f9eb5 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -9,7 +9,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers diff --git a/modules/ebs-baseline/versions.tf b/modules/ebs-baseline/versions.tf index 706c4a0d..90a4df94 100644 --- a/modules/ebs-baseline/versions.tf +++ b/modules/ebs-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index 2c9c3db0..4fb6e747 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -7,7 +7,7 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.50.0 | ## Providers diff --git a/modules/guardduty-baseline/versions.tf b/modules/guardduty-baseline/versions.tf index 706c4a0d..90a4df94 100644 --- a/modules/guardduty-baseline/versions.tf +++ b/modules/guardduty-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 60dec3d9..5c50bd71 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -12,7 +12,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.66.0 | ## Providers diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index 9516fbe0..c4572b62 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index b253967c..8567ee6b 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -11,7 +11,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 1.1.3 | +| [terraform](#requirement\_terraform) | >= 1.1.4 | | [aws](#requirement\_aws) | >= 3.55.0 | ## Providers diff --git a/modules/vpc-baseline/versions.tf b/modules/vpc-baseline/versions.tf index 0103f91a..27d75b7a 100644 --- a/modules/vpc-baseline/versions.tf +++ b/modules/vpc-baseline/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.1.3" + required_version = ">= 1.1.4" required_providers { aws = { From aa478e13498493d413423454100d42d374f44bcc Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 22 Jan 2022 19:14:19 +0900 Subject: [PATCH 23/66] feat: automatically accepts invite from the master (#256) --- examples/organization/master/main.tf | 2 ++ modules/securityhub-baseline/README.md | 1 + modules/securityhub-baseline/main.tf | 8 ++++++++ modules/securityhub-baseline/variables.tf | 6 ++++++ securityhub_baselines.tf | 20 +++++++++++++++++++- 5 files changed, 36 insertions(+), 1 deletion(-) diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index cad99dfe..daac076a 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -65,5 +65,7 @@ module "secure_baseline" { aws.us-west-1 = aws.us-west-1 aws.us-west-2 = aws.us-west-2 } + + depends_on = [aws_organizations_organization.org] } diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 5c50bd71..9a6c11ea 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -30,6 +30,7 @@ | [enable\_cis\_standard](#input\_enable\_cis\_standard) | Boolean whether CIS standard is enabled. | `bool` | no | | [enable\_pci\_dss\_standard](#input\_enable\_pci\_dss\_standard) | Boolean whether PCI DSS standard is enabled. | `bool` | no | | [enable\_product\_arns](#input\_enable\_product\_arns) | List of Security Hub product ARNs, `` will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. | `list(string)` | no | +| [master\_account\_id](#input\_master\_account\_id) | AWS account ID for master account. | `string` | no | | [member\_accounts](#input\_member\_accounts) | A list of IDs and emails of AWS accounts which associated as member accounts. | 
list(object({
    account_id = string
    email      = string
  }))
| no | ## Outputs diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf index 390b3310..74860f44 100644 --- a/modules/securityhub-baseline/main.tf +++ b/modules/securityhub-baseline/main.tf @@ -28,6 +28,14 @@ resource "aws_securityhub_member" "members" { invite = true } +resource "aws_securityhub_invite_accepter" "invitee" { + count = var.master_account_id != "" ? 1 : 0 + + master_id = var.master_account_id + + depends_on = [aws_securityhub_account.main] +} + # -------------------------------------------------------------------------------------------------- # Subscribe standards # -------------------------------------------------------------------------------------------------- diff --git a/modules/securityhub-baseline/variables.tf b/modules/securityhub-baseline/variables.tf index fab74f00..05e8153c 100644 --- a/modules/securityhub-baseline/variables.tf +++ b/modules/securityhub-baseline/variables.tf @@ -28,6 +28,12 @@ variable "enable_product_arns" { default = [] } +variable "master_account_id" { + description = "AWS account ID for master account." + type = string + default = "" +} + variable "member_accounts" { description = "A list of IDs and emails of AWS accounts which associated as member accounts." type = list(object({ diff --git a/securityhub_baselines.tf b/securityhub_baselines.tf index e0c4667b..a8324d6e 100644 --- a/securityhub_baselines.tf +++ b/securityhub_baselines.tf @@ -3,7 +3,8 @@ # -------------------------------------------------------------------------------------------------- locals { - securityhub_member_accounts = var.member_accounts + securityhub_master_account_id = var.master_account_id + securityhub_member_accounts = var.member_accounts } module "securityhub_baseline_ap-northeast-1" { @@ -18,6 +19,7 @@ module "securityhub_baseline_ap-northeast-1" { enable_cis_standard = var.securityhub_enable_cis_standard enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -34,6 +36,7 @@ module "securityhub_baseline_ap-northeast-2" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -50,6 +53,7 @@ module "securityhub_baseline_ap-northeast-3" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -66,6 +70,7 @@ module "securityhub_baseline_ap-south-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -82,6 +87,7 @@ module "securityhub_baseline_ap-southeast-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -98,6 +104,7 @@ module "securityhub_baseline_ap-southeast-2" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -114,6 +121,7 @@ module "securityhub_baseline_ca-central-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -130,6 +138,7 @@ module "securityhub_baseline_eu-central-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -146,6 +155,7 @@ module "securityhub_baseline_eu-north-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -162,6 +172,7 @@ module "securityhub_baseline_eu-west-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -178,6 +189,7 @@ module "securityhub_baseline_eu-west-2" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -194,6 +206,7 @@ module "securityhub_baseline_eu-west-3" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -210,6 +223,7 @@ module "securityhub_baseline_sa-east-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -226,6 +240,7 @@ module "securityhub_baseline_us-east-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -242,6 +257,7 @@ module "securityhub_baseline_us-east-2" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -258,6 +274,7 @@ module "securityhub_baseline_us-west-1" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } @@ -274,5 +291,6 @@ module "securityhub_baseline_us-west-2" { enable_pci_dss_standard = var.securityhub_enable_pci_dss_standard enable_aws_foundational_standard = var.securityhub_enable_aws_foundational_standard enable_product_arns = var.securityhub_enable_product_arns + master_account_id = local.securityhub_master_account_id member_accounts = local.securityhub_member_accounts } From 85864f5c1e59fcd7f38bd4b0482691402cdcd956 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 22 Jan 2022 19:21:51 +0900 Subject: [PATCH 24/66] fix: no findings aggregator for member accounts (#257) member accounts automatically derive the aggregator setting from the master account. fixes: #254 --- modules/securityhub-baseline/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf index 74860f44..c929047b 100644 --- a/modules/securityhub-baseline/main.tf +++ b/modules/securityhub-baseline/main.tf @@ -8,7 +8,7 @@ resource "aws_securityhub_account" "main" { } resource "aws_securityhub_finding_aggregator" "main" { - count = var.aggregate_findings ? 1 : 0 + count = var.aggregate_findings && var.master_account_id == "" ? 1 : 0 linking_mode = "ALL_REGIONS" From 427c9e143680477005c007bb23656e13f7e71353 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 22 Jan 2022 19:23:11 +0900 Subject: [PATCH 25/66] docs: update CHANGELOG --- CHANGELOG.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f68c141b..d5a91ddc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,18 @@ ## [Unreleased] + +## [0.34.0] - 2022-01-22 +### Feat +- automatically accepts invite from the master ([#256](https://github.com/nozaq/terraform-aws-secure-baseline/issues/256)) +- enforce strong password policy by default ([#252](https://github.com/nozaq/terraform-aws-secure-baseline/issues/252)) + +### Fix +- no findings aggregator for member accounts ([#257](https://github.com/nozaq/terraform-aws-secure-baseline/issues/257)) +- set the minimum terraform version to 1.1.4 ([#255](https://github.com/nozaq/terraform-aws-secure-baseline/issues/255)) +- upgrade minimum provider requirements ([#248](https://github.com/nozaq/terraform-aws-secure-baseline/issues/248)) + + ## [0.33.0] - 2022-01-10 ### Refactor @@ -381,7 +393,8 @@ ## 0.0.1 - 2018-02-12 -[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.33.0...HEAD +[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.34.0...HEAD +[0.34.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.33.0...0.34.0 [0.33.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.32.0...0.33.0 [0.32.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.31.0...0.32.0 [0.31.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.30.0...0.31.0 From eb83ce3e172d99683b05883ec50728152ba9a461 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 23 Jan 2022 20:20:17 +0900 Subject: [PATCH 26/66] chore: update issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 36 +++++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 24 +++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..0f731c13 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,36 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: bug +assignees: '' + +--- + +## Describe the bug + + + +## Versions + + + +- Terraform: +- Provider: +- Module: + +## Reproduction + + + +## Expected behavior + + + +## Actual behavior + + + +## Additional context + + diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..951e0c85 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,24 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: enhancement +assignees: '' + +--- + +## Is your feature request related to a problem? Please describe. + + + +## Describe the solution you'd like + + + +## Describe alternatives you've considered + + + +## Additional context + + From 0b636bba145a3c47e91220ce62a807a40320e771 Mon Sep 17 00:00:00 2001 From: Jamie Dick Date: Sat, 12 Feb 2022 06:29:28 -0500 Subject: [PATCH 27/66] feat: allow use of organization trail to be toggled via variable (#259) * trigger org cloudtrail with explicit var rather than local * tfdocs * changing var for backwards compatability * check for master account Co-authored-by: Jamie Dick --- README.md | 1 + main.tf | 3 ++- variables.tf | 6 ++++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 41a51e8a..738328f5 100644 --- a/README.md +++ b/README.md @@ -206,6 +206,7 @@ This module is composed of several submodules and each of which can be used inde | [support\_iam\_role\_name](#input\_support\_iam\_role\_name) | The name of the the support role. | `string` | no | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | | [target\_regions](#input\_target\_regions) | A list of regions to set up with this module. | `list(string)` | no | +| [turn\_off\_organization\_trail](#input\_turn\_off\_organization\_trail) | Specifies whether the disable the organization trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. | `bool` | no | | [unauthorized\_api\_calls\_enabled](#input\_unauthorized\_api\_calls\_enabled) | The boolean flag whether the unauthorized\_api\_calls alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [use\_external\_audit\_log\_bucket](#input\_use\_external\_audit\_log\_bucket) | A boolean that indicates whether the specific audit log bucket already exists. Create a new S3 bucket if it is set to false. | `bool` | no | | [vpc\_changes\_enabled](#input\_vpc\_changes\_enabled) | The boolean flag whether the vpc\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | diff --git a/main.tf b/main.tf index 89ed0da0..6135ebee 100644 --- a/main.tf +++ b/main.tf @@ -30,6 +30,7 @@ locals { is_individual_account = var.account_type == "individual" is_master_account = var.account_type == "master" is_cloudtrail_enabled = var.cloudtrail_baseline_enabled && (local.is_individual_account || local.is_master_account) + is_organization_trail = local.is_master_account && var.turn_off_organization_trail ? false : true } # -------------------------------------------------------------------------------------------------- @@ -81,7 +82,7 @@ module "cloudtrail_baseline" { s3_object_level_logging_buckets = var.cloudtrail_s3_object_level_logging_buckets dynamodb_event_logging_tables = var.cloudtrail_dynamodb_event_logging_tables lambda_invocation_logging_lambdas = var.cloudtrail_lambda_invocation_logging_lambdas - is_organization_trail = local.is_master_account + is_organization_trail = local.is_organization_trail tags = var.tags } diff --git a/variables.tf b/variables.tf index afdf167c..e1e30e88 100644 --- a/variables.tf +++ b/variables.tf @@ -317,6 +317,12 @@ variable "cloudtrail_baseline_enabled" { default = true } +variable "turn_off_organization_trail" { + description = "Specifies whether the disable the organization trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account." + type = bool + default = false +} + variable "cloudtrail_cloudwatch_logs_enabled" { description = "Specifies whether the trail is delivered to CloudWatch Logs." type = bool From 150a5374457667b7acd543f2ee653fdb616ad742 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 21:09:09 +0900 Subject: [PATCH 28/66] feat: add new S3 bucket configuration resources (#261) BREAKING CHANGE: resources regarding S3 bucket configurations need manual import after upgrade. See `docs/upgrade-1.0.md` for guidance. --- README.md | 4 +- docs/upgrade-1.0.md | 65 +++++++++++++ examples/external-bucket/bucket.tf | 6 +- examples/external-bucket/main.tf | 2 +- examples/organization/master/main.tf | 2 +- examples/organization/member/main.tf | 2 +- examples/select-region/main.tf | 2 +- examples/simple/main.tf | 2 +- main.tf | 2 +- modules/alarm-baseline/README.md | 4 +- modules/alarm-baseline/versions.tf | 2 +- modules/analyzer-baseline/README.md | 4 +- modules/analyzer-baseline/versions.tf | 2 +- modules/cloudtrail-baseline/README.md | 4 +- modules/cloudtrail-baseline/versions.tf | 2 +- modules/config-baseline/README.md | 4 +- modules/config-baseline/versions.tf | 2 +- modules/ebs-baseline/README.md | 4 +- modules/ebs-baseline/versions.tf | 2 +- modules/guardduty-baseline/README.md | 4 +- modules/guardduty-baseline/versions.tf | 2 +- modules/iam-baseline/README.md | 4 +- modules/iam-baseline/versions.tf | 2 +- modules/s3-baseline/README.md | 4 +- modules/s3-baseline/versions.tf | 2 +- modules/secure-bucket/README.md | 4 +- modules/secure-bucket/main.tf | 116 ++++++++++++++++------- modules/secure-bucket/versions.tf | 2 +- modules/securityhub-baseline/README.md | 4 +- modules/securityhub-baseline/versions.tf | 2 +- test/fixtures/simple_local/main.tf | 2 +- test/fixtures/simple_registry/main.tf | 2 +- 32 files changed, 190 insertions(+), 77 deletions(-) create mode 100644 docs/upgrade-1.0.md diff --git a/README.md b/README.md index 738328f5..04e4abc6 100644 --- a/README.md +++ b/README.md @@ -111,13 +111,13 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.66.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.66.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/docs/upgrade-1.0.md b/docs/upgrade-1.0.md new file mode 100644 index 00000000..387c4bde --- /dev/null +++ b/docs/upgrade-1.0.md @@ -0,0 +1,65 @@ +# Version 1.0 Upgrade Guide + +This document outlines a way to upgrade this module from v0.x to v1.0 or later. +The following guidance only applies if `var.use_external_audit_log_bucket` is set to `false`, which is a default behavior. + +Following the changes introduced in AWS provider v4.0, several configurations for S3 buckets were extracted from `aws_s3_bucket` resource to newly added resources. +It is recommended to import these resources before running `terraform apply` to prevent data loss. + +See [the upgrade guide for AWS provider] for more detail. + +## Audit log bucket migrations + +Following configurations from `module.audit_log_bucket.aws_s3_bucket.content[0]` were extracted to separated resources. + +- `module.audit_log_bucket.aws_s3_bucket_acl.content[0]` +- `module.audit_log_bucket.aws_s3_bucket_lifecycle_configuration.content[0]` +- `module.audit_log_bucket.aws_s3_bucket_logging.content[0]` +- `module.audit_log_bucket.aws_s3_bucket_server_side_encryption_configuration.content[0]` +- `module.audit_log_bucket.aws_s3_bucket_versioning.content[0]` + +To import the current configuration into these resources, use `terraform import` command as follows. + +```sh +$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_acl.content[0]" "$AUDIT_LOG_BUCKET" + +$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_lifecycle_configuration.content[0]" "$AUDIT_LOG_BUCKET" + +$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_logging.content[0]" "$AUDIT_LOG_BUCKET" + +$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_server_side_encryption_configuration.content[0]" "$AUDIT_LOG_BUCKET" + +$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_versioning.content[0]" "$AUDIT_LOG_BUCKET" +``` + +### Notes + +- `$MODULE_PATH` should be replaced the actual path of this module in your project, e.g. `module.secure_baseline`. +- `$AUDIT_LOG_BUCKET` should be replaced with the state bucket name. The actual value in your state file as `module.audit_log_bucket.aws_s3_bucket.content[0].id`. + +## Access logging bucket migrations + +Following configurations from `module.audit_log_bucket.aws_s3_bucket.access_log[0]` were extracted to separated resources. + +- `module.audit_log_bucket.aws_s3_bucket_acl.access_log[0]` +- `module.audit_log_bucket.aws_s3_bucket_lifecycle_configuration.access_log[0]` +- `module.audit_log_bucket.aws_s3_bucket_server_side_encryption_configuration.access_log[0]` + +These resources can be imported by `terraform import` command as well. + +```sh +$ terraform import "$MODULE_PATH.aws_s3_bucket_acl.access_log[0]" "$ACCESS_LOG_BUCKET" + +$ terraform import "$MODULE_PATH.aws_s3_bucket_lifecycle_configuration.access_log[0]" "$ACCESS_LOG_BUCKET" + +$ terraform import "$MODULE_PATH.aws_s3_bucket_server_side_encryption_configuration.access_log[0]" "$ACCESS_LOG_BUCKET" + +``` + +### Notes + +- `$MODULE_PATH` should be replaced the actual path of this module in your project, e.g. `module.secure_baseline`. +- `$ACCESS_LOG_BUCKET` should be replaced with the state bucket name. The actual value in your state file as `module.audit_log_bucket.aws_s3_bucket.access_log[0].id`. + +[aws provider]: https://github.com/hashicorp/terraform-provider-aws +[the upgrade guide for aws provider]: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-4-upgrade diff --git a/examples/external-bucket/bucket.tf b/examples/external-bucket/bucket.tf index c79b5322..3221f456 100644 --- a/examples/external-bucket/bucket.tf +++ b/examples/external-bucket/bucket.tf @@ -1,9 +1,13 @@ resource "aws_s3_bucket" "logs" { bucket = var.audit_s3_bucket_name - acl = "private" force_destroy = true } +resource "aws_s3_bucket_acl" "logs" { + bucket = aws_s3_bucket.logs.id + acl = "private" +} + data "aws_iam_policy_document" "logs_bucket_policy" { statement { sid = "AWSCloudTrailAclCheckForConfig" diff --git a/examples/external-bucket/main.tf b/examples/external-bucket/main.tf index fbd621d6..77c7b8d8 100644 --- a/examples/external-bucket/main.tf +++ b/examples/external-bucket/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" } } } diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index daac076a..f59bd24b 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" } } } diff --git a/examples/organization/member/main.tf b/examples/organization/member/main.tf index eb43576f..a51f3501 100644 --- a/examples/organization/member/main.tf +++ b/examples/organization/member/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" } } } diff --git a/examples/select-region/main.tf b/examples/select-region/main.tf index 79cd7a40..71a90a29 100644 --- a/examples/select-region/main.tf +++ b/examples/select-region/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" } } } diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 824467c1..4576cdb5 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" } } } diff --git a/main.tf b/main.tf index 6135ebee..fa52d770 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" # A provider alias should be passed for each AWS region. # Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index a13c123f..6559700f 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -8,13 +8,13 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/alarm-baseline/versions.tf b/modules/alarm-baseline/versions.tf index 90a4df94..bc9bd39a 100644 --- a/modules/alarm-baseline/versions.tf +++ b/modules/alarm-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index bdda9403..92dc87ee 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/analyzer-baseline/versions.tf b/modules/analyzer-baseline/versions.tf index 90a4df94..bc9bd39a 100644 --- a/modules/analyzer-baseline/versions.tf +++ b/modules/analyzer-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 29f57e5e..33e34d71 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -8,13 +8,13 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/cloudtrail-baseline/versions.tf b/modules/cloudtrail-baseline/versions.tf index 90a4df94..bc9bd39a 100644 --- a/modules/cloudtrail-baseline/versions.tf +++ b/modules/cloudtrail-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index f99c37f7..d930ed28 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -8,13 +8,13 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/config-baseline/versions.tf b/modules/config-baseline/versions.tf index 90a4df94..bc9bd39a 100644 --- a/modules/config-baseline/versions.tf +++ b/modules/config-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index 564f9eb5..40c73c50 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/ebs-baseline/versions.tf b/modules/ebs-baseline/versions.tf index 90a4df94..bc9bd39a 100644 --- a/modules/ebs-baseline/versions.tf +++ b/modules/ebs-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index 4fb6e747..fe6889a8 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -8,13 +8,13 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/guardduty-baseline/versions.tf b/modules/guardduty-baseline/versions.tf index 90a4df94..bc9bd39a 100644 --- a/modules/guardduty-baseline/versions.tf +++ b/modules/guardduty-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index 54f49f7d..f75f590a 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -11,13 +11,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/iam-baseline/versions.tf b/modules/iam-baseline/versions.tf index 811c8034..f0b89053 100644 --- a/modules/iam-baseline/versions.tf +++ b/modules/iam-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/s3-baseline/README.md b/modules/s3-baseline/README.md index f7442fcc..01328858 100644 --- a/modules/s3-baseline/README.md +++ b/modules/s3-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/s3-baseline/versions.tf b/modules/s3-baseline/versions.tf index 811c8034..f0b89053 100644 --- a/modules/s3-baseline/versions.tf +++ b/modules/s3-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index 657121ab..845cf0a8 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -8,13 +8,13 @@ Creates a S3 bucket with access logging enabled. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 3.50.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.50.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf index 3baa4779..0b3608bb 100644 --- a/modules/secure-bucket/main.tf +++ b/modules/secure-bucket/main.tf @@ -23,21 +23,39 @@ data "aws_iam_policy_document" "access_log_policy" { resource "aws_s3_bucket" "access_log" { count = var.enabled ? 1 : 0 - acl = "log-delivery-write" bucket = var.log_bucket_name force_destroy = var.force_destroy - server_side_encryption_configuration { - rule { - apply_server_side_encryption_by_default { - sse_algorithm = "AES256" - } + tags = var.tags +} + +resource "aws_s3_bucket_acl" "access_log" { + count = var.enabled ? 1 : 0 + + bucket = aws_s3_bucket.access_log[0].id + acl = "log-delivery-write" +} + +resource "aws_s3_bucket_server_side_encryption_configuration" "access_log" { + count = var.enabled ? 1 : 0 + + bucket = aws_s3_bucket.access_log[0].id + + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" } } +} + +resource "aws_s3_bucket_lifecycle_configuration" "access_log" { + count = var.enabled ? 1 : 0 - lifecycle_rule { - id = "auto-archive" - enabled = true + bucket = aws_s3_bucket.access_log[0].id + + rule { + id = "auto-archive" + status = "Enabled" prefix = "/" @@ -46,8 +64,6 @@ resource "aws_s3_bucket" "access_log" { storage_class = "GLACIER" } } - - tags = var.tags } resource "aws_s3_bucket_policy" "access_log_policy" { @@ -75,32 +91,52 @@ resource "aws_s3_bucket" "content" { count = var.enabled ? 1 : 0 bucket = var.bucket_name - acl = "private" force_destroy = var.force_destroy - server_side_encryption_configuration { - rule { - apply_server_side_encryption_by_default { - sse_algorithm = "AES256" - } - bucket_key_enabled = var.bucket_key_enabled + tags = var.tags + + depends_on = [ + aws_s3_bucket_public_access_block.access_log + ] +} + +resource "aws_s3_bucket_acl" "content" { + count = var.enabled ? 1 : 0 + + bucket = aws_s3_bucket.content[0].id + acl = "private" +} + +resource "aws_s3_bucket_server_side_encryption_configuration" "content" { + count = var.enabled ? 1 : 0 + + bucket = aws_s3_bucket.content[0].id + + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" } + bucket_key_enabled = var.bucket_key_enabled } +} - logging { - target_bucket = aws_s3_bucket.access_log[0].id - } +resource "aws_s3_bucket_logging" "content" { + count = var.enabled ? 1 : 0 - versioning { - enabled = true - # Temporarily disabled due to Terraform issue. - # https://github.com/terraform-providers/terraform-provider-aws/issues/629 - # mfa_delete = true - } + bucket = aws_s3_bucket.content[0].id + + target_bucket = aws_s3_bucket.access_log[0].id + target_prefix = "" +} + +resource "aws_s3_bucket_lifecycle_configuration" "content" { + count = var.enabled ? 1 : 0 + + bucket = aws_s3_bucket.content[0].id - lifecycle_rule { - id = "auto-archive" - enabled = true + rule { + id = "auto-archive" + status = "Enabled" prefix = "/" @@ -110,16 +146,23 @@ resource "aws_s3_bucket" "content" { } noncurrent_version_transition { - days = var.lifecycle_glacier_transition_days - storage_class = "GLACIER" + noncurrent_days = var.lifecycle_glacier_transition_days + storage_class = "GLACIER" } } +} - tags = var.tags +resource "aws_s3_bucket_versioning" "content" { + count = var.enabled ? 1 : 0 - depends_on = [ - aws_s3_bucket_public_access_block.access_log - ] + bucket = aws_s3_bucket.content[0].id + + versioning_configuration { + status = "Enabled" + # Temporarily disabled due to Terraform issue. + # https://github.com/terraform-providers/terraform-provider-aws/issues/629 + # mfa_delete = true + } } resource "aws_s3_bucket_public_access_block" "content" { @@ -131,3 +174,4 @@ resource "aws_s3_bucket_public_access_block" "content" { ignore_public_acls = true restrict_public_buckets = true } + diff --git a/modules/secure-bucket/versions.tf b/modules/secure-bucket/versions.tf index 811c8034..f0b89053 100644 --- a/modules/secure-bucket/versions.tf +++ b/modules/secure-bucket/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 9a6c11ea..d3f95300 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -13,13 +13,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.66.0 | +| [aws](#requirement\_aws) | >= 4.0.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.66.0 | +| [aws](#provider\_aws) | >= 4.0.0 | ## Inputs diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index c4572b62..bc9bd39a 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.66.0" + version = ">= 4.0.0" } } } diff --git a/test/fixtures/simple_local/main.tf b/test/fixtures/simple_local/main.tf index c0515dbb..83e2e5d1 100644 --- a/test/fixtures/simple_local/main.tf +++ b/test/fixtures/simple_local/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } diff --git a/test/fixtures/simple_registry/main.tf b/test/fixtures/simple_registry/main.tf index aae57124..5ab49291 100644 --- a/test/fixtures/simple_registry/main.tf +++ b/test/fixtures/simple_registry/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.50.0" + version = ">= 4.0.0" } } } From 8fda7c7717a641f8d3d7561a534570824949f00d Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 21:57:28 +0900 Subject: [PATCH 29/66] fix: use count instead of `var.enabled` (#262) --- bucket.tf | 24 ++++++------ docs/upgrade-1.0.md | 40 ++++++++++---------- migrations.tf | 10 +++++ modules/secure-bucket/README.md | 1 - modules/secure-bucket/main.tf | 58 ++++++++--------------------- modules/secure-bucket/migrations.tf | 30 +++++++++++++++ modules/secure-bucket/outputs.tf | 4 +- modules/secure-bucket/variables.tf | 6 --- outputs.tf | 2 +- 9 files changed, 90 insertions(+), 85 deletions(-) create mode 100644 modules/secure-bucket/migrations.tf diff --git a/bucket.tf b/bucket.tf index 35e55e5c..37958ee9 100644 --- a/bucket.tf +++ b/bucket.tf @@ -5,8 +5,8 @@ locals { use_external_bucket = var.use_external_audit_log_bucket - audit_log_bucket_id = local.use_external_bucket ? data.aws_s3_bucket.external[0].id : module.audit_log_bucket.this_bucket.id - audit_log_bucket_arn = local.use_external_bucket ? data.aws_s3_bucket.external[0].arn : module.audit_log_bucket.this_bucket.arn + audit_log_bucket_id = local.use_external_bucket ? data.aws_s3_bucket.external[0].id : module.audit_log_bucket[0].this_bucket.id + audit_log_bucket_arn = local.use_external_bucket ? data.aws_s3_bucket.external[0].arn : module.audit_log_bucket[0].this_bucket.arn audit_log_cloudtrail_destination = join("/", [local.audit_log_bucket_arn, trim(var.cloudtrail_s3_key_prefix, "/")]) audit_log_config_destination = join("/", [local.audit_log_bucket_arn, trim(var.config_s3_bucket_key_prefix, "/")]) @@ -31,6 +31,7 @@ data "aws_s3_bucket" "external" { # -------------------------------------------------------------------------------------------------- module "audit_log_bucket" { + count = local.use_external_bucket ? 0 : 1 source = "./modules/secure-bucket" bucket_name = var.audit_log_bucket_name @@ -38,7 +39,6 @@ module "audit_log_bucket" { log_bucket_name = "${var.audit_log_bucket_name}-access-logs" lifecycle_glacier_transition_days = var.audit_log_lifecycle_glacier_transition_days force_destroy = var.audit_log_bucket_force_destroy - enabled = !local.use_external_bucket tags = var.tags @@ -58,8 +58,8 @@ data "aws_iam_policy_document" "audit_log_base" { actions = ["s3:*"] effect = "Deny" resources = [ - module.audit_log_bucket.this_bucket.arn, - "${module.audit_log_bucket.this_bucket.arn}/*" + module.audit_log_bucket[0].this_bucket.arn, + "${module.audit_log_bucket[0].this_bucket.arn}/*" ] condition { test = "Bool" @@ -87,7 +87,7 @@ data "aws_iam_policy_document" "audit_log_cloud_trail" { type = "Service" identifiers = ["cloudtrail.amazonaws.com"] } - resources = [module.audit_log_bucket.this_bucket.arn] + resources = [module.audit_log_bucket[0].this_bucket.arn] } statement { @@ -123,7 +123,7 @@ data "aws_iam_policy_document" "audit_log_config" { type = "Service" identifiers = ["config.amazonaws.com"] } - resources = [module.audit_log_bucket.this_bucket.arn] + resources = [module.audit_log_bucket[0].this_bucket.arn] } statement { @@ -133,7 +133,7 @@ data "aws_iam_policy_document" "audit_log_config" { type = "Service" identifiers = ["config.amazonaws.com"] } - resources = [module.audit_log_bucket.this_bucket.arn] + resources = [module.audit_log_bucket[0].this_bucket.arn] } statement { @@ -164,7 +164,7 @@ data "aws_iam_policy_document" "audit_log_config" { identifiers = [for account in statement.value : "arn:aws:iam::${account.account_id}:root"] } actions = ["s3:GetBucketAcl"] - resources = [module.audit_log_bucket.this_bucket.arn] + resources = [module.audit_log_bucket[0].this_bucket.arn] } } @@ -178,7 +178,7 @@ data "aws_iam_policy_document" "audit_log_config" { identifiers = [for account in statement.value : "arn:aws:iam::${account.account_id}:root"] } actions = ["s3:ListBucket", "s3:GetBucketLocation"] - resources = [module.audit_log_bucket.this_bucket.arn] + resources = [module.audit_log_bucket[0].this_bucket.arn] } } @@ -217,7 +217,7 @@ data "aws_iam_policy_document" "audit_log_flow_logs" { type = "Service" identifiers = ["delivery.logs.amazonaws.com"] } - resources = [module.audit_log_bucket.this_bucket.arn] + resources = [module.audit_log_bucket[0].this_bucket.arn] } statement { @@ -250,6 +250,6 @@ data "aws_iam_policy_document" "audit_log" { resource "aws_s3_bucket_policy" "audit_log" { count = local.use_external_bucket ? 0 : 1 - bucket = module.audit_log_bucket.this_bucket.id + bucket = module.audit_log_bucket[0].this_bucket.id policy = data.aws_iam_policy_document.audit_log[0].json } diff --git a/docs/upgrade-1.0.md b/docs/upgrade-1.0.md index 387c4bde..acf8981b 100644 --- a/docs/upgrade-1.0.md +++ b/docs/upgrade-1.0.md @@ -10,56 +10,56 @@ See [the upgrade guide for AWS provider] for more detail. ## Audit log bucket migrations -Following configurations from `module.audit_log_bucket.aws_s3_bucket.content[0]` were extracted to separated resources. +Following configurations from `module.audit_log_bucket[0].aws_s3_bucket.content` were extracted to separated resources. -- `module.audit_log_bucket.aws_s3_bucket_acl.content[0]` -- `module.audit_log_bucket.aws_s3_bucket_lifecycle_configuration.content[0]` -- `module.audit_log_bucket.aws_s3_bucket_logging.content[0]` -- `module.audit_log_bucket.aws_s3_bucket_server_side_encryption_configuration.content[0]` -- `module.audit_log_bucket.aws_s3_bucket_versioning.content[0]` +- `module.audit_log_bucket[0].aws_s3_bucket_acl.content` +- `module.audit_log_bucket[0].aws_s3_bucket_lifecycle_configuration.content` +- `module.audit_log_bucket[0].aws_s3_bucket_logging.content` +- `module.audit_log_bucket[0].aws_s3_bucket_server_side_encryption_configuration.content` +- `module.audit_log_bucket[0].aws_s3_bucket_versioning.content` To import the current configuration into these resources, use `terraform import` command as follows. ```sh -$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_acl.content[0]" "$AUDIT_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_acl.content" "$AUDIT_LOG_BUCKET" -$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_lifecycle_configuration.content[0]" "$AUDIT_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_lifecycle_configuration.content" "$AUDIT_LOG_BUCKET" -$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_logging.content[0]" "$AUDIT_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_logging.content" "$AUDIT_LOG_BUCKET" -$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_server_side_encryption_configuration.content[0]" "$AUDIT_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_server_side_encryption_configuration.content" "$AUDIT_LOG_BUCKET" -$ terraform import "$MODULE_PATH.module.audit_log_bucket.aws_s3_bucket_versioning.content[0]" "$AUDIT_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_versioning.content" "$AUDIT_LOG_BUCKET" ``` ### Notes - `$MODULE_PATH` should be replaced the actual path of this module in your project, e.g. `module.secure_baseline`. -- `$AUDIT_LOG_BUCKET` should be replaced with the state bucket name. The actual value in your state file as `module.audit_log_bucket.aws_s3_bucket.content[0].id`. +- `$AUDIT_LOG_BUCKET` should be replaced with the state bucket name. The actual value in your state file as `module.audit_log_bucket.aws_s3_bucket[0].content.id`. ## Access logging bucket migrations -Following configurations from `module.audit_log_bucket.aws_s3_bucket.access_log[0]` were extracted to separated resources. +Following configurations from `module.audit_log_bucket[0].aws_s3_bucket.access_log` were extracted to separated resources. -- `module.audit_log_bucket.aws_s3_bucket_acl.access_log[0]` -- `module.audit_log_bucket.aws_s3_bucket_lifecycle_configuration.access_log[0]` -- `module.audit_log_bucket.aws_s3_bucket_server_side_encryption_configuration.access_log[0]` +- `module.audit_log_bucket[0].aws_s3_bucket_acl.access_log` +- `module.audit_log_bucket[0].aws_s3_bucket_lifecycle_configuration.access_log` +- `module.audit_log_bucket[0].aws_s3_bucket_server_side_encryption_configuration.access_log` These resources can be imported by `terraform import` command as well. ```sh -$ terraform import "$MODULE_PATH.aws_s3_bucket_acl.access_log[0]" "$ACCESS_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_acl.access_log" "$ACCESS_LOG_BUCKET" -$ terraform import "$MODULE_PATH.aws_s3_bucket_lifecycle_configuration.access_log[0]" "$ACCESS_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_lifecycle_configuration.access_log" "$ACCESS_LOG_BUCKET" -$ terraform import "$MODULE_PATH.aws_s3_bucket_server_side_encryption_configuration.access_log[0]" "$ACCESS_LOG_BUCKET" +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_server_side_encryption_configuration.access_log" "$ACCESS_LOG_BUCKET" ``` ### Notes - `$MODULE_PATH` should be replaced the actual path of this module in your project, e.g. `module.secure_baseline`. -- `$ACCESS_LOG_BUCKET` should be replaced with the state bucket name. The actual value in your state file as `module.audit_log_bucket.aws_s3_bucket.access_log[0].id`. +- `$ACCESS_LOG_BUCKET` should be replaced with the state bucket name. The actual value in your state file as `module.audit_log_bucket[0].aws_s3_bucket.access_log.id`. [aws provider]: https://github.com/hashicorp/terraform-provider-aws [the upgrade guide for aws provider]: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-4-upgrade diff --git a/migrations.tf b/migrations.tf index 8ba8fc14..b011346b 100644 --- a/migrations.tf +++ b/migrations.tf @@ -1,3 +1,13 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 1.0.0 +# Replacing `enabled` argument in secure-bucket module with `count` meta-argument +# -------------------------------------------------------------------------------------------------- + +moved { + from = module.audit_log_bucket + to = module.audit_log_bucket[0] +} + # -------------------------------------------------------------------------------------------------- # Migrations to 0.31.0 # Replacing `enabled` argument in each sub-module with `count` meta-argument. diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index 845cf0a8..d60efa8f 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -23,7 +23,6 @@ Creates a S3 bucket with access logging enabled. | [bucket\_name](#input\_bucket\_name) | The name of the S3 bucket to create. | `string` | yes | | [log\_bucket\_name](#input\_log\_bucket\_name) | The name of the S3 bucket to store access logs to the main bucket. | `string` | yes | | [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | no | -| [enabled](#input\_enabled) | A boolean that indicates this module is enabled. Resources are not created if it is set to false. | `bool` | no | | [force\_destroy](#input\_force\_destroy) | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | | [lifecycle\_glacier\_transition\_days](#input\_lifecycle\_glacier\_transition\_days) | The number of days after object creation when the object is archived into Glacier. | `number` | no | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf index 0b3608bb..553f0b59 100644 --- a/modules/secure-bucket/main.tf +++ b/modules/secure-bucket/main.tf @@ -1,12 +1,10 @@ data "aws_iam_policy_document" "access_log_policy" { - count = var.enabled ? 1 : 0 - statement { actions = ["s3:*"] effect = "Deny" resources = [ - aws_s3_bucket.access_log[0].arn, - "${aws_s3_bucket.access_log[0].arn}/*" + aws_s3_bucket.access_log.arn, + "${aws_s3_bucket.access_log.arn}/*" ] condition { test = "Bool" @@ -21,8 +19,6 @@ data "aws_iam_policy_document" "access_log_policy" { } resource "aws_s3_bucket" "access_log" { - count = var.enabled ? 1 : 0 - bucket = var.log_bucket_name force_destroy = var.force_destroy @@ -30,16 +26,12 @@ resource "aws_s3_bucket" "access_log" { } resource "aws_s3_bucket_acl" "access_log" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.access_log[0].id + bucket = aws_s3_bucket.access_log.id acl = "log-delivery-write" } resource "aws_s3_bucket_server_side_encryption_configuration" "access_log" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.access_log[0].id + bucket = aws_s3_bucket.access_log.id rule { apply_server_side_encryption_by_default { @@ -49,9 +41,7 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "access_log" { } resource "aws_s3_bucket_lifecycle_configuration" "access_log" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.access_log[0].id + bucket = aws_s3_bucket.access_log.id rule { id = "auto-archive" @@ -67,10 +57,8 @@ resource "aws_s3_bucket_lifecycle_configuration" "access_log" { } resource "aws_s3_bucket_policy" "access_log_policy" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.access_log[0].id - policy = data.aws_iam_policy_document.access_log_policy[0].json + bucket = aws_s3_bucket.access_log.id + policy = data.aws_iam_policy_document.access_log_policy.json depends_on = [ aws_s3_bucket_public_access_block.access_log, @@ -78,9 +66,7 @@ resource "aws_s3_bucket_policy" "access_log_policy" { } resource "aws_s3_bucket_public_access_block" "access_log" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.access_log[0].id + bucket = aws_s3_bucket.access_log.id block_public_acls = true block_public_policy = true ignore_public_acls = true @@ -88,8 +74,6 @@ resource "aws_s3_bucket_public_access_block" "access_log" { } resource "aws_s3_bucket" "content" { - count = var.enabled ? 1 : 0 - bucket = var.bucket_name force_destroy = var.force_destroy @@ -101,16 +85,12 @@ resource "aws_s3_bucket" "content" { } resource "aws_s3_bucket_acl" "content" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.content[0].id + bucket = aws_s3_bucket.content.id acl = "private" } resource "aws_s3_bucket_server_side_encryption_configuration" "content" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.content[0].id + bucket = aws_s3_bucket.content.id rule { apply_server_side_encryption_by_default { @@ -121,18 +101,14 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "content" { } resource "aws_s3_bucket_logging" "content" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.content[0].id + bucket = aws_s3_bucket.content.id - target_bucket = aws_s3_bucket.access_log[0].id + target_bucket = aws_s3_bucket.access_log.id target_prefix = "" } resource "aws_s3_bucket_lifecycle_configuration" "content" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.content[0].id + bucket = aws_s3_bucket.content.id rule { id = "auto-archive" @@ -153,9 +129,7 @@ resource "aws_s3_bucket_lifecycle_configuration" "content" { } resource "aws_s3_bucket_versioning" "content" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.content[0].id + bucket = aws_s3_bucket.content.id versioning_configuration { status = "Enabled" @@ -166,9 +140,7 @@ resource "aws_s3_bucket_versioning" "content" { } resource "aws_s3_bucket_public_access_block" "content" { - count = var.enabled ? 1 : 0 - - bucket = aws_s3_bucket.content[0].id + bucket = aws_s3_bucket.content.id block_public_acls = true block_public_policy = true ignore_public_acls = true diff --git a/modules/secure-bucket/migrations.tf b/modules/secure-bucket/migrations.tf new file mode 100644 index 00000000..6cf058aa --- /dev/null +++ b/modules/secure-bucket/migrations.tf @@ -0,0 +1,30 @@ +# -------------------------------------------------------------------------------------------------- +# Migrations to 1.0.0 +# Replacing `enabled` argument in secure-bucket module with `count` meta-argument +# -------------------------------------------------------------------------------------------------- + +moved { + from = aws_s3_bucket.access_log[0] + to = aws_s3_bucket.access_log +} + +moved { + from = aws_s3_bucket_policy.access_log_policy[0] + to = aws_s3_bucket_policy.access_log_policy +} + +moved { + from = aws_s3_bucket_public_access_block.access_log[0] + to = aws_s3_bucket_public_access_block.access_log +} + +moved { + from = aws_s3_bucket.content[0] + to = aws_s3_bucket.content +} + +moved { + from = aws_s3_bucket_public_access_block.content[0] + to = aws_s3_bucket_public_access_block.content +} + diff --git a/modules/secure-bucket/outputs.tf b/modules/secure-bucket/outputs.tf index 5aa51670..0d9f5924 100644 --- a/modules/secure-bucket/outputs.tf +++ b/modules/secure-bucket/outputs.tf @@ -1,9 +1,9 @@ output "this_bucket" { description = "This S3 bucket." - value = var.enabled ? aws_s3_bucket.content[0] : null + value = aws_s3_bucket.content } output "log_bucket" { description = "The S3 bucket used for storing access logs of this bucket." - value = var.enabled ? aws_s3_bucket.access_log[0] : null + value = aws_s3_bucket.access_log } diff --git a/modules/secure-bucket/variables.tf b/modules/secure-bucket/variables.tf index 3812ef08..532df17b 100644 --- a/modules/secure-bucket/variables.tf +++ b/modules/secure-bucket/variables.tf @@ -20,12 +20,6 @@ variable "force_destroy" { default = false } -variable "enabled" { - description = "A boolean that indicates this module is enabled. Resources are not created if it is set to false." - type = bool - default = true -} - variable "tags" { description = "Specifies object tags key and value. This applies to all resources created by this module." type = map(string) diff --git a/outputs.tf b/outputs.tf index 2be54fcf..beae8b0b 100644 --- a/outputs.tf +++ b/outputs.tf @@ -4,7 +4,7 @@ output "audit_bucket" { description = "The S3 bucket used for storing audit logs." - value = module.audit_log_bucket.this_bucket + value = one(module.audit_log_bucket[*].this_bucket) } # -------------------------------------------------------------------------------------------------- From 0b9bfe1412e46d54011a939b0f7b143e4ec814d9 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 22:10:32 +0900 Subject: [PATCH 30/66] refactor: replace deprecated arguments (#263) --- bucket.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/bucket.tf b/bucket.tf index 37958ee9..2c6f30ef 100644 --- a/bucket.tf +++ b/bucket.tf @@ -78,7 +78,7 @@ data "aws_iam_policy_document" "audit_log_base" { data "aws_iam_policy_document" "audit_log_cloud_trail" { count = local.use_external_bucket ? 0 : 1 - source_json = data.aws_iam_policy_document.audit_log_base[0].json + source_policy_documents = [data.aws_iam_policy_document.audit_log_base[0].json] statement { sid = "AWSCloudTrailAclCheck20150319" @@ -114,7 +114,7 @@ data "aws_iam_policy_document" "audit_log_cloud_trail" { data "aws_iam_policy_document" "audit_log_config" { count = local.use_external_bucket ? 0 : 1 - source_json = data.aws_iam_policy_document.audit_log_cloud_trail[0].json + source_policy_documents = [data.aws_iam_policy_document.audit_log_cloud_trail[0].json] statement { sid = "AWSConfigBucketPermissionsCheck" @@ -208,7 +208,7 @@ data "aws_iam_policy_document" "audit_log_config" { data "aws_iam_policy_document" "audit_log_flow_logs" { count = !local.use_external_bucket && local.flow_logs_to_s3 ? 1 : 0 - source_json = data.aws_iam_policy_document.audit_log_config[0].json + source_policy_documents = [data.aws_iam_policy_document.audit_log_config[0].json] statement { sid = "AWSLogDeliveryAclCheck" @@ -243,8 +243,8 @@ data "aws_iam_policy_document" "audit_log_flow_logs" { data "aws_iam_policy_document" "audit_log" { count = local.use_external_bucket ? 0 : 1 - source_json = local.flow_logs_to_s3 ? data.aws_iam_policy_document.audit_log_flow_logs[0].json : data.aws_iam_policy_document.audit_log_config[0].json - override_json = var.audit_log_bucket_custom_policy_json + source_policy_documents = [local.flow_logs_to_s3 ? data.aws_iam_policy_document.audit_log_flow_logs[0].json : data.aws_iam_policy_document.audit_log_config[0].json] + override_policy_documents = [var.audit_log_bucket_custom_policy_json] } resource "aws_s3_bucket_policy" "audit_log" { From f5d6b3d0b62433119626d843311deb8201724d1a Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 22:16:57 +0900 Subject: [PATCH 31/66] refactor: explicitly define a format for FlowLogs (#264) --- modules/vpc-baseline/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index 2573cd4d..ccefd204 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -36,6 +36,10 @@ resource "aws_flow_log" "default_vpc_flow_logs" { vpc_id = aws_default_vpc.default.id traffic_type = "ALL" + destination_options { + file_format = "plain-text" + } + tags = var.tags } From 5f63932e29067ed44947de815cf76e1338c7956e Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 22:22:19 +0900 Subject: [PATCH 32/66] fix: the condition to use the organization trail (#265) --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index fa52d770..0ae21546 100644 --- a/main.tf +++ b/main.tf @@ -30,7 +30,7 @@ locals { is_individual_account = var.account_type == "individual" is_master_account = var.account_type == "master" is_cloudtrail_enabled = var.cloudtrail_baseline_enabled && (local.is_individual_account || local.is_master_account) - is_organization_trail = local.is_master_account && var.turn_off_organization_trail ? false : true + is_organization_trail = local.is_master_account && !var.turn_off_organization_trail } # -------------------------------------------------------------------------------------------------- From 900dd6f1650abf19cbd6e2f06327acd2732338d5 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 22:49:38 +0900 Subject: [PATCH 33/66] chore: upgrade go dependencies (#266) --- test/go.mod | 63 ++++- test/go.sum | 721 ++++------------------------------------------------ 2 files changed, 107 insertions(+), 677 deletions(-) diff --git a/test/go.mod b/test/go.mod index 173e9337..100f271a 100644 --- a/test/go.mod +++ b/test/go.mod @@ -1,8 +1,67 @@ module github.com/nozaq/terraform-aws-secure-baseline -go 1.16 +go 1.17 require ( github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.38.1 + github.com/gruntwork-io/terratest v0.40.1 +) + +require ( + cloud.google.com/go v0.83.0 // indirect + cloud.google.com/go/storage v1.10.0 // indirect + github.com/agext/levenshtein v1.2.3 // indirect + github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect + github.com/aws/aws-sdk-go v1.40.56 // indirect + github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect + github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 // indirect + github.com/go-sql-driver/mysql v1.4.1 // indirect + github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect + github.com/golang/protobuf v1.5.2 // indirect + github.com/golang/snappy v0.0.3 // indirect + github.com/googleapis/gax-go/v2 v2.0.5 // indirect + github.com/gruntwork-io/go-commons v0.8.0 // indirect + github.com/hashicorp/errwrap v1.0.0 // indirect + github.com/hashicorp/go-cleanhttp v0.5.2 // indirect + github.com/hashicorp/go-getter v1.5.9 // indirect + github.com/hashicorp/go-multierror v1.1.0 // indirect + github.com/hashicorp/go-safetemp v1.0.0 // indirect + github.com/hashicorp/go-version v1.3.0 // indirect + github.com/hashicorp/hcl/v2 v2.9.1 // indirect + github.com/hashicorp/terraform-json v0.13.0 // indirect + github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/jstemmer/go-junit-report v0.9.1 // indirect + github.com/klauspost/compress v1.13.0 // indirect + github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/mitchellh/go-testing-interface v1.0.0 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pquerna/otp v1.2.0 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/stretchr/testify v1.7.0 // indirect + github.com/tmccombs/hcl2json v0.3.3 // indirect + github.com/ulikunitz/xz v0.5.8 // indirect + github.com/urfave/cli v1.22.2 // indirect + github.com/zclconf/go-cty v1.9.1 // indirect + go.opencensus.io v0.23.0 // indirect + golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a // indirect + golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect + golang.org/x/mod v0.4.2 // indirect + golang.org/x/net v0.0.0-20210614182718-04defd469f4e // indirect + golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c // indirect + golang.org/x/sys v0.0.0-20210603125802-9665404d3644 // indirect + golang.org/x/text v0.3.6 // indirect + golang.org/x/tools v0.1.2 // indirect + golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect + google.golang.org/api v0.47.0 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect + google.golang.org/grpc v1.38.0 // indirect + google.golang.org/protobuf v1.26.0 // indirect + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect ) diff --git a/test/go.sum b/test/go.sum index 7be05d8e..48ffe994 100644 --- a/test/go.sum +++ b/test/go.sum @@ -1,4 +1,3 @@ -bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= @@ -19,6 +18,7 @@ cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmW cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= +cloud.google.com/go v0.83.0 h1:bAMqZidYkmIsUqe6PtkEPT7Q+vfizScn+jfNA6jwK9c= cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= @@ -28,7 +28,6 @@ cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4g cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -37,251 +36,42 @@ cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiy cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0 h1:STgFzyU5/8miMl0//zKh2aQeTyeaUH3WN9bSUiJ09bA= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v50.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= -github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= -github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= -github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= -github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= -github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= -github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= +github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA= github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= +github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= -github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= -github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= -github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= -github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= -github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= -github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= -github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= -github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= -github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= -github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= -github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= -github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= -github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= -github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= -github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= -github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= -github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= -github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= -github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= -github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= -github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= -github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= -github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= -github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/stargz-snapshotter/estargz v0.7.0/go.mod h1:83VWDqHnurTKliEB0YvWMiCfLDwv4Cjj1X9Vk98GJZw= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= -github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= -github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= -github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= -github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= -github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= -github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= -github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= -github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= -github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= -github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= -github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= -github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= -github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -289,61 +79,23 @@ github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5y github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 h1:skJKxRtNmevLqnayafdLe2AsenqRupVmzZSqrvb5caU= github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= -github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= -github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= -github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= @@ -370,7 +122,9 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -387,12 +141,11 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-containerregistry v0.6.0/go.mod h1:euCCtNbZ6tKqi1E72vwDj2xZcN5ttKpZLfa/wSo5iLw= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.2.1 h1:d8MncMlErDFTwQGBK1xhv026j9kqhvw1Qv9IbWT1VLQ= github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= @@ -407,305 +160,98 @@ github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro= github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= -github.com/gruntwork-io/terratest v0.38.1 h1:vymd5+mrynqre6b1GFGPMuKVE/ta38hGKssKNmVi3Kw= -github.com/gruntwork-io/terratest v0.38.1/go.mod h1:XzW8PL9pAGbLyiBdQ5OiAeWSNpZ/9ycItjYstSS2PV8= -github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/gruntwork-io/terratest v0.40.1 h1:xh9wniVkV0FujoEy56zWRylhmJEeu1gnKZGYf8+br9E= +github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= +github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= +github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-getter v1.5.9 h1:b7ahZW50iQiUek/at3CvZhPK1/jiV6CtKcsJiR6E4R0= +github.com/hashicorp/go-getter v1.5.9/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI= github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= -github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= +github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= +github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw= github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.9.1 h1:eOy4gREY0/ZQHNItlfuEZqtcQbXIxzojlP301hDpnac= github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= -github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/hashicorp/terraform-json v0.12.0 h1:8czPgEEWWPROStjkWPUnTQDXmpmZPlkQAwYYLETaTvw= -github.com/hashicorp/terraform-json v0.12.0/go.mod h1:pmbq9o4EuL43db5+0ogX10Yofv1nozM+wskr/bGFJpI= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= +github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1 h1:6QPYqodiu3GuPL+7mfx+NwDdp2eTkp9IfEUpgAwUN0o= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.13.0 h1:2T7tUoQrQT+fQWdaY5rjWztFGAFwbGD04iPJg90ZiOs= github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2Zv40+8XitdzCgXY6e9qvXwN9W0YXg= github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= -github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= -github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= -github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= -github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= -github.com/oracle/oci-go-sdk v7.1.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok= github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= -github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= -github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= -github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= -github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= -github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -713,89 +259,40 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= +github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= -github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= -github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= -github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= -github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= -github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= -github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.8.1 h1:SI0LqNeNxAgv2WWqWJMlG2/Ad/6aYJ7IVYYMigmfkuI= github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= +github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -821,6 +318,7 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRu golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= @@ -832,33 +330,21 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -873,18 +359,15 @@ golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q= golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -898,7 +381,7 @@ golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c h1:pkQiBZBvdos9qq4wBAHqlzuZHEXo07pqV06ef90u1WI= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -911,13 +394,7 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -926,37 +403,17 @@ golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -965,31 +422,18 @@ golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1006,38 +450,29 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -1055,7 +490,6 @@ golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= @@ -1064,15 +498,15 @@ golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.2 h1:kRBLX7v7Af8W7Gdbbc908OJcdgtK8bOz9Uaj8/F1ACA= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -1094,7 +528,7 @@ google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34q google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= +google.golang.org/api v0.47.0 h1:sQLWZQvP6jPGIP4JGPkJu4zHswrv81iobiyszr3b/0I= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -1104,13 +538,11 @@ google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= @@ -1119,7 +551,6 @@ google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvx google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= @@ -1130,7 +561,6 @@ google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= @@ -1139,7 +569,6 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -1149,15 +578,12 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= +google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c h1:wtujag7C+4D6KMoulW9YauvK2lgdvCMS260jsqqBXr0= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= @@ -1167,7 +593,6 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= @@ -1175,6 +600,7 @@ google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= @@ -1188,43 +614,19 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1232,37 +634,6 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= -k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= -k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= -k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= -k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= -k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= -k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= -k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= From 91d437818d45acfebf506fe331b6d16883f12b1d Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 12 Feb 2022 23:43:52 +0900 Subject: [PATCH 34/66] refactor: remove `destination_options` (#267) --- modules/vpc-baseline/main.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/modules/vpc-baseline/main.tf b/modules/vpc-baseline/main.tf index ccefd204..2573cd4d 100644 --- a/modules/vpc-baseline/main.tf +++ b/modules/vpc-baseline/main.tf @@ -36,10 +36,6 @@ resource "aws_flow_log" "default_vpc_flow_logs" { vpc_id = aws_default_vpc.default.id traffic_type = "ALL" - destination_options { - file_format = "plain-text" - } - tags = var.tags } From 01b9ad8e36b96a8d6fb2e390af277e899b21a730 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 13 Feb 2022 00:21:42 +0900 Subject: [PATCH 35/66] docs: update CHANGELOG --- CHANGELOG.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d5a91ddc..89f89b68 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,19 @@ ## [Unreleased] +### Feat +- add new S3 bucket configuration resources ([#261](https://github.com/nozaq/terraform-aws-secure-baseline/issues/261)) +- allow use of organization trail to be toggled via variable ([#259](https://github.com/nozaq/terraform-aws-secure-baseline/issues/259)) + +### Fix +- the condition to use the organization trail ([#265](https://github.com/nozaq/terraform-aws-secure-baseline/issues/265)) +- use count instead of `var.enabled` ([#262](https://github.com/nozaq/terraform-aws-secure-baseline/issues/262)) + +### Refactor +- remove `destination_options` ([#267](https://github.com/nozaq/terraform-aws-secure-baseline/issues/267)) +- explicitly define a format for FlowLogs ([#264](https://github.com/nozaq/terraform-aws-secure-baseline/issues/264)) +- replace deprecated arguments ([#263](https://github.com/nozaq/terraform-aws-secure-baseline/issues/263)) + ## [0.34.0] - 2022-01-22 From 05dd88c22a363125c8ce89235ac44866f5911cb3 Mon Sep 17 00:00:00 2001 From: nozaq Date: Wed, 16 Feb 2022 19:19:37 +0900 Subject: [PATCH 36/66] fix: require AWS provider v4.1.0 (#268) Updated the provider requiremenet to avoid the issue in AWS provider v4.0.0 that the validation fails for some AWS regions. --- README.md | 4 ++-- examples/external-bucket/main.tf | 2 +- examples/organization/master/main.tf | 2 +- examples/organization/member/main.tf | 2 +- examples/select-region/main.tf | 2 +- examples/simple/main.tf | 2 +- main.tf | 2 +- modules/alarm-baseline/README.md | 4 ++-- modules/alarm-baseline/versions.tf | 2 +- modules/analyzer-baseline/README.md | 4 ++-- modules/analyzer-baseline/versions.tf | 2 +- modules/cloudtrail-baseline/README.md | 4 ++-- modules/cloudtrail-baseline/versions.tf | 2 +- modules/config-baseline/README.md | 4 ++-- modules/config-baseline/versions.tf | 2 +- modules/ebs-baseline/README.md | 4 ++-- modules/ebs-baseline/versions.tf | 2 +- modules/guardduty-baseline/README.md | 4 ++-- modules/guardduty-baseline/versions.tf | 2 +- modules/iam-baseline/README.md | 4 ++-- modules/iam-baseline/versions.tf | 2 +- modules/s3-baseline/README.md | 4 ++-- modules/s3-baseline/versions.tf | 2 +- modules/secure-bucket/README.md | 4 ++-- modules/secure-bucket/versions.tf | 2 +- modules/securityhub-baseline/README.md | 4 ++-- modules/securityhub-baseline/versions.tf | 2 +- modules/vpc-baseline/README.md | 4 ++-- modules/vpc-baseline/versions.tf | 2 +- test/fixtures/simple_local/main.tf | 2 +- test/fixtures/simple_registry/main.tf | 2 +- 31 files changed, 43 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index 04e4abc6..7a5106f4 100644 --- a/README.md +++ b/README.md @@ -111,13 +111,13 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/examples/external-bucket/main.tf b/examples/external-bucket/main.tf index 77c7b8d8..9929877b 100644 --- a/examples/external-bucket/main.tf +++ b/examples/external-bucket/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index f59bd24b..7154c50c 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/examples/organization/member/main.tf b/examples/organization/member/main.tf index a51f3501..ccecef4d 100644 --- a/examples/organization/member/main.tf +++ b/examples/organization/member/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/examples/select-region/main.tf b/examples/select-region/main.tf index 71a90a29..d2fd98e2 100644 --- a/examples/select-region/main.tf +++ b/examples/select-region/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 4576cdb5..2b9edef9 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/main.tf b/main.tf index 0ae21546..9ae4ef53 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" # A provider alias should be passed for each AWS region. # Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index 6559700f..f10d5321 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -8,13 +8,13 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/alarm-baseline/versions.tf b/modules/alarm-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/alarm-baseline/versions.tf +++ b/modules/alarm-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index 92dc87ee..07188aa4 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/analyzer-baseline/versions.tf b/modules/analyzer-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/analyzer-baseline/versions.tf +++ b/modules/analyzer-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 33e34d71..54122345 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -8,13 +8,13 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/cloudtrail-baseline/versions.tf b/modules/cloudtrail-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/cloudtrail-baseline/versions.tf +++ b/modules/cloudtrail-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index d930ed28..ce072b47 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -8,13 +8,13 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/config-baseline/versions.tf b/modules/config-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/config-baseline/versions.tf +++ b/modules/config-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index 40c73c50..c8c77bf9 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/ebs-baseline/versions.tf b/modules/ebs-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/ebs-baseline/versions.tf +++ b/modules/ebs-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index fe6889a8..33914905 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -8,13 +8,13 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/guardduty-baseline/versions.tf b/modules/guardduty-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/guardduty-baseline/versions.tf +++ b/modules/guardduty-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index f75f590a..7f40dffa 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -11,13 +11,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/iam-baseline/versions.tf b/modules/iam-baseline/versions.tf index f0b89053..2ce32aed 100644 --- a/modules/iam-baseline/versions.tf +++ b/modules/iam-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/s3-baseline/README.md b/modules/s3-baseline/README.md index 01328858..8ecafd71 100644 --- a/modules/s3-baseline/README.md +++ b/modules/s3-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/s3-baseline/versions.tf b/modules/s3-baseline/versions.tf index f0b89053..2ce32aed 100644 --- a/modules/s3-baseline/versions.tf +++ b/modules/s3-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index d60efa8f..8da7c8e4 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -8,13 +8,13 @@ Creates a S3 bucket with access logging enabled. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/secure-bucket/versions.tf b/modules/secure-bucket/versions.tf index f0b89053..2ce32aed 100644 --- a/modules/secure-bucket/versions.tf +++ b/modules/secure-bucket/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index d3f95300..39aa3ee9 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -13,13 +13,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.0.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.0.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index bc9bd39a..90efe1ac 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index 8567ee6b..f8ff9c34 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -12,13 +12,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 3.55.0 | +| [aws](#requirement\_aws) | >= 4.1.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.55.0 | +| [aws](#provider\_aws) | >= 4.1.0 | ## Inputs diff --git a/modules/vpc-baseline/versions.tf b/modules/vpc-baseline/versions.tf index 27d75b7a..90efe1ac 100644 --- a/modules/vpc-baseline/versions.tf +++ b/modules/vpc-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.55.0" + version = ">= 4.1.0" } } } diff --git a/test/fixtures/simple_local/main.tf b/test/fixtures/simple_local/main.tf index 83e2e5d1..ebd000fc 100644 --- a/test/fixtures/simple_local/main.tf +++ b/test/fixtures/simple_local/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } diff --git a/test/fixtures/simple_registry/main.tf b/test/fixtures/simple_registry/main.tf index 5ab49291..3479d658 100644 --- a/test/fixtures/simple_registry/main.tf +++ b/test/fixtures/simple_registry/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0.0" + version = ">= 4.1.0" } } } From ab6f5ace5f3d21b89acc41233ac71d5a37d9c67f Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 19 Feb 2022 09:07:59 +0900 Subject: [PATCH 37/66] chore: upgrade terratest (#269) --- test/go.mod | 2 +- test/go.sum | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/test/go.mod b/test/go.mod index 100f271a..46c06f02 100644 --- a/test/go.mod +++ b/test/go.mod @@ -4,7 +4,7 @@ go 1.17 require ( github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.40.1 + github.com/gruntwork-io/terratest v0.40.3 ) require ( diff --git a/test/go.sum b/test/go.sum index 48ffe994..0f463f9a 100644 --- a/test/go.sum +++ b/test/go.sum @@ -72,6 +72,7 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docker/docker v20.10.7+incompatible h1:Z6O9Nhsjv+ayUEeI1IojKbYcsGdgYSNqxe1s2MYzUhQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -168,8 +169,8 @@ github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro= github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= -github.com/gruntwork-io/terratest v0.40.1 h1:xh9wniVkV0FujoEy56zWRylhmJEeu1gnKZGYf8+br9E= -github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= +github.com/gruntwork-io/terratest v0.40.3 h1:M62wBn/5r/8tbMV7WBe+9j91yFgk9f5Vbrx8dj7P1/Q= +github.com/gruntwork-io/terratest v0.40.3/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= From 3c304136cf332eebf40c0eb0ee0ba819a72dea41 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 19 Feb 2022 13:06:13 +0900 Subject: [PATCH 38/66] fix: require AWS provider v4.2.0 (#270) Updated the provider requiremenet to avoid the issue in AWS provider v4.1.0 that the validation fails for some AWS regions. --- README.md | 4 ++-- examples/external-bucket/main.tf | 2 +- examples/organization/master/main.tf | 2 +- examples/organization/member/main.tf | 2 +- examples/select-region/main.tf | 2 +- examples/simple/main.tf | 2 +- main.tf | 2 +- modules/alarm-baseline/README.md | 4 ++-- modules/alarm-baseline/versions.tf | 2 +- modules/analyzer-baseline/README.md | 4 ++-- modules/analyzer-baseline/versions.tf | 2 +- modules/cloudtrail-baseline/README.md | 4 ++-- modules/cloudtrail-baseline/versions.tf | 2 +- modules/config-baseline/README.md | 4 ++-- modules/config-baseline/versions.tf | 2 +- modules/ebs-baseline/README.md | 4 ++-- modules/ebs-baseline/versions.tf | 2 +- modules/guardduty-baseline/README.md | 4 ++-- modules/guardduty-baseline/versions.tf | 2 +- modules/iam-baseline/README.md | 4 ++-- modules/iam-baseline/versions.tf | 2 +- modules/s3-baseline/README.md | 4 ++-- modules/s3-baseline/versions.tf | 2 +- modules/secure-bucket/README.md | 4 ++-- modules/secure-bucket/versions.tf | 2 +- modules/securityhub-baseline/README.md | 4 ++-- modules/securityhub-baseline/versions.tf | 2 +- modules/vpc-baseline/README.md | 4 ++-- modules/vpc-baseline/versions.tf | 2 +- test/fixtures/simple_local/main.tf | 2 +- test/fixtures/simple_registry/main.tf | 2 +- 31 files changed, 43 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index 7a5106f4..ab19ed8c 100644 --- a/README.md +++ b/README.md @@ -111,13 +111,13 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/examples/external-bucket/main.tf b/examples/external-bucket/main.tf index 9929877b..824f4532 100644 --- a/examples/external-bucket/main.tf +++ b/examples/external-bucket/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index 7154c50c..f54918d9 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/examples/organization/member/main.tf b/examples/organization/member/main.tf index ccecef4d..e5758323 100644 --- a/examples/organization/member/main.tf +++ b/examples/organization/member/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/examples/select-region/main.tf b/examples/select-region/main.tf index d2fd98e2..3a954140 100644 --- a/examples/select-region/main.tf +++ b/examples/select-region/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 2b9edef9..fed9ce88 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/main.tf b/main.tf index 9ae4ef53..68049797 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" # A provider alias should be passed for each AWS region. # Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index f10d5321..b3cdb570 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -8,13 +8,13 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/alarm-baseline/versions.tf b/modules/alarm-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/alarm-baseline/versions.tf +++ b/modules/alarm-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index 07188aa4..6f0e0b71 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/analyzer-baseline/versions.tf b/modules/analyzer-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/analyzer-baseline/versions.tf +++ b/modules/analyzer-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 54122345..a2c0e5bb 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -8,13 +8,13 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/cloudtrail-baseline/versions.tf b/modules/cloudtrail-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/cloudtrail-baseline/versions.tf +++ b/modules/cloudtrail-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index ce072b47..d29ad5bb 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -8,13 +8,13 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/config-baseline/versions.tf b/modules/config-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/config-baseline/versions.tf +++ b/modules/config-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index c8c77bf9..2b2e621e 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/ebs-baseline/versions.tf b/modules/ebs-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/ebs-baseline/versions.tf +++ b/modules/ebs-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index 33914905..d47d7f1a 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -8,13 +8,13 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/guardduty-baseline/versions.tf b/modules/guardduty-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/guardduty-baseline/versions.tf +++ b/modules/guardduty-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index 7f40dffa..518cf5ed 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -11,13 +11,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/iam-baseline/versions.tf b/modules/iam-baseline/versions.tf index 2ce32aed..99a69b4e 100644 --- a/modules/iam-baseline/versions.tf +++ b/modules/iam-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/s3-baseline/README.md b/modules/s3-baseline/README.md index 8ecafd71..af14e6ce 100644 --- a/modules/s3-baseline/README.md +++ b/modules/s3-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/s3-baseline/versions.tf b/modules/s3-baseline/versions.tf index 2ce32aed..99a69b4e 100644 --- a/modules/s3-baseline/versions.tf +++ b/modules/s3-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index 8da7c8e4..dbb6673b 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -8,13 +8,13 @@ Creates a S3 bucket with access logging enabled. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/secure-bucket/versions.tf b/modules/secure-bucket/versions.tf index 2ce32aed..99a69b4e 100644 --- a/modules/secure-bucket/versions.tf +++ b/modules/secure-bucket/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index 39aa3ee9..f80d7905 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -13,13 +13,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index f8ff9c34..bc48c04d 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -12,13 +12,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.1.0 | +| [aws](#requirement\_aws) | >= 4.2.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.1.0 | +| [aws](#provider\_aws) | >= 4.2.0 | ## Inputs diff --git a/modules/vpc-baseline/versions.tf b/modules/vpc-baseline/versions.tf index 90efe1ac..c63c8264 100644 --- a/modules/vpc-baseline/versions.tf +++ b/modules/vpc-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/test/fixtures/simple_local/main.tf b/test/fixtures/simple_local/main.tf index ebd000fc..e1929b06 100644 --- a/test/fixtures/simple_local/main.tf +++ b/test/fixtures/simple_local/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } diff --git a/test/fixtures/simple_registry/main.tf b/test/fixtures/simple_registry/main.tf index 3479d658..6cb57e75 100644 --- a/test/fixtures/simple_registry/main.tf +++ b/test/fixtures/simple_registry/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.1.0" + version = ">= 4.2.0" } } } From 4575e2cc5c3406d2da1658a26e6391b36ed234ed Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 19 Feb 2022 13:07:40 +0900 Subject: [PATCH 39/66] docs: update CHANGELOG --- CHANGELOG.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 89f89b68..d63fc085 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,16 @@ ## [Unreleased] + + +## [1.0.0] - 2022-02-19 ### Feat - add new S3 bucket configuration resources ([#261](https://github.com/nozaq/terraform-aws-secure-baseline/issues/261)) - allow use of organization trail to be toggled via variable ([#259](https://github.com/nozaq/terraform-aws-secure-baseline/issues/259)) ### Fix +- require AWS provider v4.2.0 ([#270](https://github.com/nozaq/terraform-aws-secure-baseline/issues/270)) +- require AWS provider v4.1.0 ([#268](https://github.com/nozaq/terraform-aws-secure-baseline/issues/268)) - the condition to use the organization trail ([#265](https://github.com/nozaq/terraform-aws-secure-baseline/issues/265)) - use count instead of `var.enabled` ([#262](https://github.com/nozaq/terraform-aws-secure-baseline/issues/262)) @@ -14,6 +19,11 @@ - explicitly define a format for FlowLogs ([#264](https://github.com/nozaq/terraform-aws-secure-baseline/issues/264)) - replace deprecated arguments ([#263](https://github.com/nozaq/terraform-aws-secure-baseline/issues/263)) +### BREAKING CHANGE + +resources regarding S3 bucket configurations need manual import +after upgrade. See `docs/upgrade-1.0.md` for guidance. + ## [0.34.0] - 2022-01-22 @@ -406,7 +416,8 @@ ## 0.0.1 - 2018-02-12 -[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.34.0...HEAD +[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/1.0.0...HEAD +[1.0.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.34.0...1.0.0 [0.34.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.33.0...0.34.0 [0.33.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.32.0...0.33.0 [0.32.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.31.0...0.32.0 From be4f2919f6aa808409893dee957b13bffcecf868 Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 21 Feb 2022 00:02:27 +0900 Subject: [PATCH 40/66] docs: update badges (#271) --- .github/workflows/main.yml | 2 +- README.md | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0f89bd26..c2a7a4ce 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,4 +1,4 @@ -name: Terraform +name: CI on: push: branches: diff --git a/README.md b/README.md index ab19ed8c..097c7f82 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ # terraform-aws-secure-baseline -[![Github Actions](https://github.com/nozaq/terraform-aws-secure-baseline/workflows/Terraform/badge.svg)](https://github.com/nozaq/terraform-aws-secure-baseline/actions?workflow=Terraform) +[![Github Actions](https://github.com/nozaq/terraform-aws-secure-baseline/actions/workflows/main.yml/badge.svg)](https://github.com/nozaq/terraform-aws-secure-baseline/actions/workflows/main.yml) +[![Releases](https://img.shields.io/github/v/release/nozaq/terraform-aws-secure-baseline)](https://github.com/nozaq/terraform-aws-secure-baseline/releases/tag/latest) [Terraform Module Registry](https://registry.terraform.io/modules/nozaq/secure-baseline/aws) From 3dc1be81133caa40e6d762dc0639c7ab85c5b62d Mon Sep 17 00:00:00 2001 From: nozaq Date: Fri, 25 Feb 2022 12:22:09 +0900 Subject: [PATCH 41/66] docs: add a compatibility notice --- README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 097c7f82..39186e33 100644 --- a/README.md +++ b/README.md @@ -106,6 +106,12 @@ This module is composed of several submodules and each of which can be used inde - [securityhub-baseline](./modules/securityhub-baseline) - [vpc-baseline](./modules/vpc-baseline) +## Compatibility + +- Starting from v1.0, this module requires [Terraform Provider for AWS](https://github.com/terraform-providers/terraform-provider-aws) v4.0 or later. [Version 1.0 Upgrade Guide](./docs/upgrade-1.0.md) described the recommended procedure after the upgrade. +- Starting from v0.20, this module requires [Terraform Provider for AWS](https://github.com/terraform-providers/terraform-provider-aws) v3.0 or later. Please use v0.19 if you need to use v2.x or earlier. +- Starting from v0.10, this module requires Terraform v0.12 or later. Please use v0.9 if you need to use Terraform v0.11 or ealier. + ## Requirements @@ -245,11 +251,6 @@ This module is composed of several submodules and each of which can be used inde | [vpc\_flow\_logs\_iam\_role](#output\_vpc\_flow\_logs\_iam\_role) | The IAM role used for delivering VPC Flow Logs to CloudWatch Logs. | -## Compatibility - -- Starting from v0.20, this module requires [Terraform Provider for AWS](https://github.com/terraform-providers/terraform-provider-aws) v3.0 or later. Please use v0.19 if you need to use v2.x or earlier. -- Starting from v0.10, this module requires Terraform v0.12 or later. Please use v0.9 if you need to use Terraform v0.11 or ealier. - [cis amazon web services foundations v1.4.0]: https://www.cisecurity.org/benchmark/amazon_web_services/ [aws foundational security best practices v1.0.0]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html [providers within modules - terraform docs]: https://www.terraform.io/docs/modules/usage.html#providers-within-modules From 8612941317db8c5f3eb82fd8c5218b8ef5a5d41f Mon Sep 17 00:00:00 2001 From: nozaq Date: Fri, 25 Feb 2022 21:54:28 +0900 Subject: [PATCH 42/66] fix: mark `var.member_accounts` required (#272) --- examples/organization/README.md | 2 +- examples/organization/master/variables.tf | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/examples/organization/README.md b/examples/organization/README.md index 832c16f5..a1054752 100644 --- a/examples/organization/README.md +++ b/examples/organization/README.md @@ -7,7 +7,7 @@ When it sets to `master`, this module configure the account to be ready to gathe ## Master Account -In the master account configuration, you need to set `account_type` to `master` and specify member account information in `member accounts`. +In the master account configuration, you need to set `account_type` to `master` and specify member account information in `member_accounts`. The following shows a sample usage. diff --git a/examples/organization/master/variables.tf b/examples/organization/master/variables.tf index ab25712a..91abcd10 100644 --- a/examples/organization/master/variables.tf +++ b/examples/organization/master/variables.tf @@ -3,17 +3,17 @@ variable "audit_s3_bucket_name" { type = string } -variable "region" { - description = "The AWS region in which global resources are set up." - type = string - default = "us-east-1" -} - variable "member_accounts" { description = "A list of AWS account IDs." type = list(object({ account_id = string email = string })) - default = [] } + +variable "region" { + description = "The AWS region in which global resources are set up." + type = string + default = "us-east-1" +} + From 0122d6fcd00ecd1114a2d5e7853027ebb0322d71 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 26 Feb 2022 01:21:50 +0900 Subject: [PATCH 43/66] fix: avoid for_each key error (#273) --- examples/organization/master/main.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index f54918d9..c722237b 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -65,7 +65,5 @@ module "secure_baseline" { aws.us-west-1 = aws.us-west-1 aws.us-west-2 = aws.us-west-2 } - - depends_on = [aws_organizations_organization.org] } From e8c7ddf6429fff18d636fdca55637646d55d5546 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 5 Mar 2022 15:00:53 +0900 Subject: [PATCH 44/66] docs: update the release badge link (#275) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 39186e33..139a2386 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # terraform-aws-secure-baseline [![Github Actions](https://github.com/nozaq/terraform-aws-secure-baseline/actions/workflows/main.yml/badge.svg)](https://github.com/nozaq/terraform-aws-secure-baseline/actions/workflows/main.yml) -[![Releases](https://img.shields.io/github/v/release/nozaq/terraform-aws-secure-baseline)](https://github.com/nozaq/terraform-aws-secure-baseline/releases/tag/latest) +[![Releases](https://img.shields.io/github/v/release/nozaq/terraform-aws-secure-baseline)](https://github.com/nozaq/terraform-aws-secure-baseline/releases/latest) [Terraform Module Registry](https://registry.terraform.io/modules/nozaq/secure-baseline/aws) From 897545dc409b7ff399401387a8b34d1312772b93 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 6 Mar 2022 11:32:07 +0900 Subject: [PATCH 45/66] chore: enable release-please action (#276) --- .github/workflows/release-please.yml | 12 ++++++++++++ CHANGELOG.md | 4 ---- 2 files changed, 12 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/release-please.yml diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml new file mode 100644 index 00000000..e1e02b2b --- /dev/null +++ b/.github/workflows/release-please.yml @@ -0,0 +1,12 @@ +on: + push: + branches: + - main +name: release-please +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - uses: google-github-actions/release-please-action@v3 + with: + release-type: terraform-module diff --git a/CHANGELOG.md b/CHANGELOG.md index d63fc085..6f19304a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,3 @@ - -## [Unreleased] - - ## [1.0.0] - 2022-02-19 ### Feat From 9b830494dfaf0fe15ba9740f17e5686d7f27f4e4 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sun, 6 Mar 2022 11:36:34 +0900 Subject: [PATCH 46/66] docs: minor style fix --- CHANGELOG.md | 1 - 1 file changed, 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f19304a..b6e02e92 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,3 @@ - ## [1.0.0] - 2022-02-19 ### Feat - add new S3 bucket configuration resources ([#261](https://github.com/nozaq/terraform-aws-secure-baseline/issues/261)) From 2e439b9ac19f4d9803cdf1585477a84d8aa1769f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 6 Mar 2022 11:39:29 +0900 Subject: [PATCH 47/66] chore(main): release 1.0.1 (#277) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: nozaq --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b6e02e92..ed6d6e31 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +### [1.0.1](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.0.0...v1.0.1) (2022-03-06) + + +### Bug Fixes + +* avoid for_each key error ([#273](https://github.com/nozaq/terraform-aws-secure-baseline/issues/273)) ([0122d6f](https://github.com/nozaq/terraform-aws-secure-baseline/commit/0122d6fcd00ecd1114a2d5e7853027ebb0322d71)) +* mark `var.member_accounts` required ([#272](https://github.com/nozaq/terraform-aws-secure-baseline/issues/272)) ([8612941](https://github.com/nozaq/terraform-aws-secure-baseline/commit/8612941317db8c5f3eb82fd8c5218b8ef5a5d41f)) + ## [1.0.0] - 2022-02-19 ### Feat - add new S3 bucket configuration resources ([#261](https://github.com/nozaq/terraform-aws-secure-baseline/issues/261)) From ffcbb69315b86f75b3b2673afee089ddd64a9fd2 Mon Sep 17 00:00:00 2001 From: nozaq Date: Wed, 16 Mar 2022 07:14:45 +0900 Subject: [PATCH 48/66] chore: use https protocol (#278) --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4be71ed6..fdb20e0b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,5 +1,5 @@ repos: - - repo: git://github.com/antonbabenko/pre-commit-terraform + - repo: https://github.com/antonbabenko/pre-commit-terraform rev: v1.62.3 hooks: - id: terraform_fmt From 83b27507fd7f8277cccc8031a4e972fc230db816 Mon Sep 17 00:00:00 2001 From: nozaq Date: Wed, 16 Mar 2022 23:44:25 +0900 Subject: [PATCH 49/66] docs: use "keep a changelog" format (#279) --- CHANGELOG.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ed6d6e31..490d2c45 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,13 @@ -### [1.0.1](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.0.0...v1.0.1) (2022-03-06) +# Changelog +All notable changes to this project will be documented in this file. +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.0.1](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.0.0...v1.0.1) (2022-03-06) ### Bug Fixes - -* avoid for_each key error ([#273](https://github.com/nozaq/terraform-aws-secure-baseline/issues/273)) ([0122d6f](https://github.com/nozaq/terraform-aws-secure-baseline/commit/0122d6fcd00ecd1114a2d5e7853027ebb0322d71)) -* mark `var.member_accounts` required ([#272](https://github.com/nozaq/terraform-aws-secure-baseline/issues/272)) ([8612941](https://github.com/nozaq/terraform-aws-secure-baseline/commit/8612941317db8c5f3eb82fd8c5218b8ef5a5d41f)) +- avoid for_each key error ([#273](https://github.com/nozaq/terraform-aws-secure-baseline/issues/273)) ([0122d6f](https://github.com/nozaq/terraform-aws-secure-baseline/commit/0122d6fcd00ecd1114a2d5e7853027ebb0322d71)) +- mark `var.member_accounts` required ([#272](https://github.com/nozaq/terraform-aws-secure-baseline/issues/272)) ([8612941](https://github.com/nozaq/terraform-aws-secure-baseline/commit/8612941317db8c5f3eb82fd8c5218b8ef5a5d41f)) ## [1.0.0] - 2022-02-19 ### Feat @@ -419,7 +422,6 @@ after upgrade. See `docs/upgrade-1.0.md` for guidance. ## 0.0.1 - 2018-02-12 -[Unreleased]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/1.0.0...HEAD [1.0.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.34.0...1.0.0 [0.34.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.33.0...0.34.0 [0.33.0]: https://github.com/nozaq/terraform-aws-secure-baseline/compare/0.32.0...0.33.0 From 704124794d278d227d465b48aefba832c4d4061e Mon Sep 17 00:00:00 2001 From: nozaq Date: Thu, 31 Mar 2022 21:28:14 +0900 Subject: [PATCH 50/66] chore: update dependencies (#281) --- test/go.mod | 82 ++--- test/go.sum | 887 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 930 insertions(+), 39 deletions(-) diff --git a/test/go.mod b/test/go.mod index 46c06f02..b710d075 100644 --- a/test/go.mod +++ b/test/go.mod @@ -4,64 +4,68 @@ go 1.17 require ( github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.40.3 + github.com/gruntwork-io/terratest v0.40.6 ) require ( - cloud.google.com/go v0.83.0 // indirect - cloud.google.com/go/storage v1.10.0 // indirect + cloud.google.com/go v0.100.2 // indirect + cloud.google.com/go/compute v1.5.0 // indirect + cloud.google.com/go/iam v0.3.0 // indirect + cloud.google.com/go/storage v1.21.0 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect - github.com/aws/aws-sdk-go v1.40.56 // indirect + github.com/aws/aws-sdk-go v1.43.29 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect - github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect + github.com/boombuler/barcode v1.0.1 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 // indirect - github.com/go-sql-driver/mysql v1.4.1 // indirect - github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect + github.com/go-errors/errors v1.4.2 // indirect + github.com/go-sql-driver/mysql v1.6.0 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/golang/snappy v0.0.3 // indirect - github.com/googleapis/gax-go/v2 v2.0.5 // indirect - github.com/gruntwork-io/go-commons v0.8.0 // indirect - github.com/hashicorp/errwrap v1.0.0 // indirect + github.com/golang/snappy v0.0.4 // indirect + github.com/google/go-cmp v0.5.7 // indirect + github.com/googleapis/gax-go/v2 v2.2.0 // indirect + github.com/gruntwork-io/go-commons v0.11.0 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-getter v1.5.9 // indirect - github.com/hashicorp/go-multierror v1.1.0 // indirect + github.com/hashicorp/go-getter v1.5.11 // indirect + github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect - github.com/hashicorp/go-version v1.3.0 // indirect - github.com/hashicorp/hcl/v2 v2.9.1 // indirect + github.com/hashicorp/go-version v1.4.0 // indirect + github.com/hashicorp/hcl/v2 v2.11.1 // indirect github.com/hashicorp/terraform-json v0.13.0 // indirect - github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a // indirect + github.com/jinzhu/copier v0.3.5 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/jstemmer/go-junit-report v0.9.1 // indirect - github.com/klauspost/compress v1.13.0 // indirect - github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect + github.com/jstemmer/go-junit-report v1.0.0 // indirect + github.com/klauspost/compress v1.15.1 // indirect + github.com/mattn/go-zglob v0.0.3 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect - github.com/mitchellh/go-testing-interface v1.0.0 // indirect + github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/pquerna/otp v1.2.0 // indirect + github.com/pquerna/otp v1.3.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/stretchr/testify v1.7.0 // indirect - github.com/tmccombs/hcl2json v0.3.3 // indirect - github.com/ulikunitz/xz v0.5.8 // indirect - github.com/urfave/cli v1.22.2 // indirect - github.com/zclconf/go-cty v1.9.1 // indirect + github.com/stretchr/testify v1.7.1 // indirect + github.com/tmccombs/hcl2json v0.3.4 // indirect + github.com/ulikunitz/xz v0.5.10 // indirect + github.com/urfave/cli v1.22.5 // indirect + github.com/urfave/cli/v2 v2.4.0 // indirect + github.com/zclconf/go-cty v1.10.0 // indirect go.opencensus.io v0.23.0 // indirect - golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a // indirect + golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 // indirect golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect - golang.org/x/mod v0.4.2 // indirect - golang.org/x/net v0.0.0-20210614182718-04defd469f4e // indirect - golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c // indirect - golang.org/x/sys v0.0.0-20210603125802-9665404d3644 // indirect - golang.org/x/text v0.3.6 // indirect - golang.org/x/tools v0.1.2 // indirect + golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect + golang.org/x/net v0.0.0-20220325170049-de3da57026de // indirect + golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a // indirect + golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f // indirect + golang.org/x/text v0.3.7 // indirect + golang.org/x/tools v0.1.10 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect - google.golang.org/api v0.47.0 // indirect + google.golang.org/api v0.74.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect - google.golang.org/grpc v1.38.0 // indirect - google.golang.org/protobuf v1.26.0 // indirect + google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7 // indirect + google.golang.org/grpc v1.45.0 // indirect + google.golang.org/protobuf v1.28.0 // indirect gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect ) diff --git a/test/go.sum b/test/go.sum index 0f463f9a..1fd21d75 100644 --- a/test/go.sum +++ b/test/go.sum @@ -1,3 +1,4 @@ +bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= @@ -20,14 +21,33 @@ cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= cloud.google.com/go v0.83.0 h1:bAMqZidYkmIsUqe6PtkEPT7Q+vfizScn+jfNA6jwK9c= cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= +cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= +cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= +cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= +cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= +cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= +cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= +cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= +cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U= +cloud.google.com/go v0.100.2 h1:t9Iw5QH5v4XtlEQaCtUY7x6sCABps8sW0acw7e2WQ6Y= +cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= +cloud.google.com/go/compute v1.2.0/go.mod h1:xlogom/6gr8RJGBe7nT2eGsQYAFUbbv8dbC29qE3Xmw= +cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= +cloud.google.com/go/compute v1.5.0 h1:b1zWmYuuHz7gO9kDcM/EpHGr06UgsYNRpNJzI2kFiLM= +cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= +cloud.google.com/go/iam v0.1.1/go.mod h1:CKqrcnI/suGpybEHxZ7BMehL0oA4LpdyJdUlTl9jVMw= +cloud.google.com/go/iam v0.3.0 h1:exkAomrVUuzx9kWFI1wm3KI0uoDeUFPB4kKGzx6x+Gc= +cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -38,66 +58,363 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0 h1:STgFzyU5/8miMl0//zKh2aQeTyeaUH3WN9bSUiJ09bA= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.21.0 h1:HwnT2u2D309SFDHQII6m18HlrCi3jAXhUMTLOWXYH14= +cloud.google.com/go/storage v1.21.0/go.mod h1:XmRlxkgPjlBONznT2dDUU/5XlpU2OjMnKuqnZI01LAA= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v50.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= +github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= +github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= +github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= +github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= +github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= +github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= +github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= +github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4= +github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= +github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= +github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= +github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= +github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= +github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= +github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= +github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= +github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= +github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= +github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= +github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= +github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= +github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= +github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= +github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= +github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= +github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= +github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= +github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= +github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA= github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= +github.com/aws/aws-sdk-go v1.43.29 h1:P6tBpMLwVLS/QwPkaBxfDIF3SmPouoacIk+/7NKnDxY= +github.com/aws/aws-sdk-go v1.43.29/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go-v2 v1.3.2/go.mod h1:7OaACgj2SX3XGWnrIjGlJM22h6yD6MEWKvm7levnnM8= +github.com/aws/aws-sdk-go-v2 v1.7.0/go.mod h1:tb9wi5s61kTDA5qCkcDbt3KRVV74GGslQkl/DRdX/P4= +github.com/aws/aws-sdk-go-v2 v1.13.0/go.mod h1:L6+ZpqHaLbAaxsqV0L4cvxZY7QupWJB4fhkf8LXvC7w= +github.com/aws/aws-sdk-go-v2/config v1.1.6/go.mod h1:Kx90DDOgkMpRfSkzGbF13AVXHHfBNct1liO+95KxXsU= +github.com/aws/aws-sdk-go-v2/credentials v1.1.6/go.mod h1:q1wQ5jHdFNhc4wnNcOEpnovs4keJA5Ds+qESCnfEsgU= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.0.6/go.mod h1:0+fWMitrmIpENiY8/1DyhdYPUCAPvd9UNz9mtCsEoLQ= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.4/go.mod h1:XHgQ7Hz2WY2GAn//UXHofLfPXWh+s62MbMOijrg12Lw= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.2.0/go.mod h1:BsCSJHx5DnDXIrOcqB8KN1/B+hXLG/bi4Y6Vjcx/x9E= +github.com/aws/aws-sdk-go-v2/internal/ini v1.1.0/go.mod h1:qGQ/9IfkZonRNSNLE99/yBJ7EPA/h8jlWEqtJCcaj+Q= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.29.0/go.mod h1:HoTu0hnXGafTpKIZQ60jw0ybhhCH1QYf20oL7GEJFdg= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.2.0/go.mod h1:2Kc2Pybp1Hr2ZCCOz78mWnNSZYEKKBQgNcizVGk9sko= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.0.6/go.mod h1:L0KWr0ASo83PRZu9NaZaDsw3koS6PspKv137DMDZjHo= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.2.0/go.mod h1:a7XLWNKuVgOxjssEF019IiHPv35k8KHBaWv/wJAfi2A= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0/go.mod h1:K/qPe6AP2TGYv4l6n7c88zh9jWBDf6nHhvg1fx/EWfU= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.5.0/go.mod h1:541bxEA+Z8quwit9ZT7uxv/l9xRz85/HS41l9OxOQdY= +github.com/aws/aws-sdk-go-v2/service/s3 v1.11.0/go.mod h1:zJe8mEFDS2F04nO0pKVBPfArAv2ycC6wt3ILvrV4SQw= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.2.2/go.mod h1:RaGPWwyy/DaKCyqzdELQgLS8TVO5uNDZEiFoc6yusKk= +github.com/aws/aws-sdk-go-v2/service/sso v1.1.5/go.mod h1:bpGz0tidC4y39sZkQSkpO/J0tzWCMXHbw6FZ0j1GkWM= +github.com/aws/aws-sdk-go-v2/service/sts v1.3.0/go.mod h1:ssRzzJ2RZOVuKj2Vx1YE7ypfil/BIlgmQnCSW4DistU= +github.com/aws/smithy-go v1.3.1/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= +github.com/aws/smithy-go v1.5.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= +github.com/aws/smithy-go v1.10.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= +github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= +github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= +github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= +github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= +github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= +github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= +github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= +github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= +github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= +github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= +github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= +github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= +github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= +github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= +github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= +github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= +github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= +github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= +github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= +github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= +github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= +github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= +github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= +github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= +github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= +github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= +github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= +github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= +github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= +github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= +github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= +github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= +github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= +github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= +github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= +github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= +github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= +github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= +github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= +github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= +github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= +github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= +github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= +github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= +github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= +github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= +github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= +github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= +github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= +github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= +github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= +github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= +github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= +github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= +github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= +github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= +github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= +github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= +github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= +github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= +github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/stargz-snapshotter/estargz v0.7.0/go.mod h1:83VWDqHnurTKliEB0YvWMiCfLDwv4Cjj1X9Vk98GJZw= +github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= +github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= +github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= +github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= +github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= +github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= +github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= +github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= +github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= +github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= +github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= +github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= +github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= +github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= +github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= +github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= +github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= +github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= +github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= +github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= +github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= +github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= +github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= +github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= +github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= +github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= +github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU= +github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= +github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= +github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= +github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= +github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= +github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= +github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= +github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= +github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= +github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v20.10.7+incompatible h1:Z6O9Nhsjv+ayUEeI1IojKbYcsGdgYSNqxe1s2MYzUhQ= +github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= +github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= +github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= +github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= +github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= +github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= +github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= +github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= +github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= +github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= +github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 h1:skJKxRtNmevLqnayafdLe2AsenqRupVmzZSqrvb5caU= github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= +github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= +github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= +github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= +github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= +github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= +github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= +github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= +github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= +github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= @@ -106,6 +423,7 @@ github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -127,6 +445,8 @@ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= +github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -142,6 +462,11 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o= +github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= +github.com/google/go-containerregistry v0.6.0/go.mod h1:euCCtNbZ6tKqi1E72vwDj2xZcN5ttKpZLfa/wSo5iLw= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -160,99 +485,356 @@ github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= +github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= +github.com/googleapis/gax-go/v2 v2.2.0 h1:s7jOdKSaksJVOxE0Y/S32otcfiP+UQ0cL8/GTKaONwE= +github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= +github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= +github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro= github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= +github.com/gruntwork-io/go-commons v0.11.0 h1:7Yiu1ZvubQlePfu+T2iCpVYJAdkjQKr9mzCBW3Pmaxg= +github.com/gruntwork-io/go-commons v0.11.0/go.mod h1:nbZDI8IL8BCY45QXJcWKSh0MYaz9kcgqQ40/L3JRi54= +github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= github.com/gruntwork-io/terratest v0.40.3 h1:M62wBn/5r/8tbMV7WBe+9j91yFgk9f5Vbrx8dj7P1/Q= github.com/gruntwork-io/terratest v0.40.3/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= +github.com/gruntwork-io/terratest v0.40.6 h1:kBYzD9gcQoruAoV9vmVLk8kjuZAUI5U72h9IAogL/iI= +github.com/gruntwork-io/terratest v0.40.6/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= +github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= +github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= +github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-getter v1.5.9 h1:b7ahZW50iQiUek/at3CvZhPK1/jiV6CtKcsJiR6E4R0= github.com/hashicorp/go-getter v1.5.9/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= +github.com/hashicorp/go-getter v1.5.11 h1:wioTuNmaBU3IE9vdFtFMcmZWj0QzLc6DYaP6sNe5onY= +github.com/hashicorp/go-getter v1.5.11/go.mod h1:9i48BP6wpWweI/0/+FBjqLrp9S8XtwUGjiu0QkWHEaY= +github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= +github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= +github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= +github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI= github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= +github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= +github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= +github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= +github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw= github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.4.0 h1:aAQzgqIrRKRa7w75CKpbBxYsmUoPjzVm1W59ca1L0J4= +github.com/hashicorp/go-version v1.4.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.9.1 h1:eOy4gREY0/ZQHNItlfuEZqtcQbXIxzojlP301hDpnac= github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= +github.com/hashicorp/hcl/v2 v2.11.1 h1:yTyWcXcm9XB0TEkyU/JCRU6rYy4K+mgLtzn2wlrJbcc= +github.com/hashicorp/hcl/v2 v2.11.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= +github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= +github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= +github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= +github.com/jinzhu/copier v0.3.5 h1:GlvfUwHk62RokgqVNvYsku0TATCF7bAHVwEXoBh3iJg= +github.com/jinzhu/copier v0.3.5/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1 h1:6QPYqodiu3GuPL+7mfx+NwDdp2eTkp9IfEUpgAwUN0o= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/jstemmer/go-junit-report v1.0.0 h1:8X1gzZpR+nVQLAht+L/foqOeX2l9DTZoaIPbEQHxsds= +github.com/jstemmer/go-junit-report v1.0.0/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/compress v1.13.0 h1:2T7tUoQrQT+fQWdaY5rjWztFGAFwbGD04iPJg90ZiOs= github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.15.1 h1:y9FcTHGyrebwfP0ZZqFiaxTaiDnUrGkJkI+f583BL1A= +github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= +github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= +github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2Zv40+8XitdzCgXY6e9qvXwN9W0YXg= github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= +github.com/mattn/go-zglob v0.0.3 h1:6Ry4EYsScDyt5di4OI6xw1bYhOqfE5S33Z1OPy+d+To= +github.com/mattn/go-zglob v0.0.3/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= +github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= +github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= +github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= +github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= +github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= +github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= +github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= +github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= +github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= +github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= +github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= +github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= +github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= +github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= +github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= +github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= +github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= +github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= +github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= +github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= +github.com/oracle/oci-go-sdk v7.1.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= +github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= +github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= +github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok= github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= +github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= +github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs= +github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= +github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= +github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= +github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= +github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= +github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= +github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= +github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= +github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= +github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= +github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= +github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= +github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= +github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= +github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= +github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= +github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= +github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= +github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= +github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= +github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= +github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= +github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= +github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= +github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -260,26 +842,74 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= +github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= +github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= +github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= +github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= +github.com/tmccombs/hcl2json v0.3.4 h1:pYzRaHVTJu6TfFumACORClRtsK431eeuv7WjNNLjT90= +github.com/tmccombs/hcl2json v0.3.4/go.mod h1:l3Aq9eUyhC+0v26BH08BZHeyWEtOYcFtbu2i5Ryywig= +github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= +github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= +github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= +github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU= +github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= +github.com/urfave/cli/v2 v2.4.0 h1:m2pxjjDFgDxSPtO8WSdbndj17Wu2y8vOT86wE/tjr+I= +github.com/urfave/cli/v2 v2.4.0/go.mod h1:NX9W0zmTvedE5oDoOMs2RTC8RvdK98NTYZE5LbaEYPg= +github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= +github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= +github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= +github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= +github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= +github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= +github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= +github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= +github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= +github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0= +github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= +go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= +go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= +go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= +go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= +go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= +go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -288,14 +918,34 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= +golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 h1:S25/rfnfsMVgORT4/J61MJ7rdyseOZOyvLIrZEZ7s6s= +golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -333,19 +983,33 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -360,17 +1024,24 @@ golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q= golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220325170049-de3da57026de h1:pZB1TWnKi+o4bENlbzAgLrEbY4RMYmUIRobMcSmfeYc= +golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -382,8 +1053,16 @@ golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c h1:pkQiBZBvdos9qq4wBAHqlzuZHEXo07pqV06ef90u1WI= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a h1:qfl7ob3DIEs3Ml9oLuPwY2N04gymzAW04WsUQHIClgM= +golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -395,7 +1074,13 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -404,17 +1089,38 @@ golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -423,25 +1129,57 @@ golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603125802-9665404d3644 h1:CA1DEQ4NdKphKeL70tvsWNdT5oFh1lOjihRcEDROi0I= golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f h1:rlezHXNlxYWvBCzNses9Dlc7nGFaNMJeqLolcmQSSZY= +golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210317153231-de623e64d2a6/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -451,29 +1189,40 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -491,6 +1240,7 @@ golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= @@ -499,15 +1249,22 @@ golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.2 h1:kRBLX7v7Af8W7Gdbbc908OJcdgtK8bOz9Uaj8/F1ACA= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.10 h1:QjFRCZxdOhBJ/UNgnBZLbNV13DlbnK0quyivTnXJM20= +golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -529,8 +1286,26 @@ google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34q google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= google.golang.org/api v0.47.0 h1:sQLWZQvP6jPGIP4JGPkJu4zHswrv81iobiyszr3b/0I= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= +google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= +google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= +google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= +google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= +google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= +google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= +google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= +google.golang.org/api v0.64.0/go.mod h1:931CdxA8Rm4t6zqTFGSsgwbAEZ2+GMYurbndwSimebM= +google.golang.org/api v0.66.0/go.mod h1:I1dmXYpX7HGwz/ejRxwQp2qj5bFAz93HiCU1C1oYd9M= +google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= +google.golang.org/api v0.69.0/go.mod h1:boanBiw+h5c3s+tBPgEzLDRHfFLWV0qXxRHz3ws7C80= +google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= +google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8= +google.golang.org/api v0.74.0 h1:ExR2D+5TYIrMphWgs5JCgwRhEDlPDXXrLwHHMgPHTXE= +google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -539,11 +1314,13 @@ google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= @@ -552,6 +1329,7 @@ google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvx google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= @@ -562,6 +1340,7 @@ google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= @@ -570,6 +1349,7 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -581,10 +1361,47 @@ google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaE google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c h1:wtujag7C+4D6KMoulW9YauvK2lgdvCMS260jsqqBXr0= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= +google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= +google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211223182754-3ac035c7e7cb/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220111164026-67b88f271998/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220114231437-d2e6a121cae0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220201184016-50beb8ab5c44/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220211171837-173942840c17/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220216160803-4663080d8bc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= +google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7 h1:HOL66YCI20JvN2hVk6o2YIp9i/3RvzVUz82PqNr7fXw= +google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= +google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= @@ -594,6 +1411,7 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= @@ -603,6 +1421,13 @@ google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQ google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.45.0 h1:NEpgUqV3Z+ZjkqMsxMg11IaDrXY4RY6CQukSGK0uI1M= +google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -617,17 +1442,48 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= +google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U= +gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= +gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= +gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -635,6 +1491,37 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= +k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= +k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= +k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= +k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= +k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= +k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= +k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= +k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= +k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= +k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= +k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= +k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= +k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= +k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= +k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= +k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= +k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= +k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= +k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= +k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= +k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= From c695553976a4341ef96c6762fc7ebf690a7b91fd Mon Sep 17 00:00:00 2001 From: Umair Date: Sat, 16 Apr 2022 02:08:30 -0500 Subject: [PATCH 51/66] docs: fix a typo in compliance.md (#283) --- compliance.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compliance.md b/compliance.md index 7e8fe8bd..82070dcf 100644 --- a/compliance.md +++ b/compliance.md @@ -27,7 +27,7 @@ Implementation status for each item is categorized as follows. | 1.4 | Ensure no root account access key exists | N/A | | | 1.5 | Ensure MFA is enabled for the "root" account | N/A | | | 1.6 | Ensure hardware MFA is enabled for the "root" account | N/A | | -| 1.7 | Eliminate use of the root user for administrative and daily taks | N/A | | +| 1.7 | Eliminate use of the root user for administrative and daily tasks | N/A | | | 1.8 | Ensure IAM password policy requires minimum length of 14 or greater | OK | | | 1.9 | Ensure IAM password policy prevents password reuse | OK | | | 1.10 | Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | N/A | | From 2b471bd321f3f7503690076d9321aeca38401796 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 16 Apr 2022 22:28:32 +0900 Subject: [PATCH 52/66] feat: use S3 lifecycle rule V2 (#285) --- modules/secure-bucket/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf index 553f0b59..e3804222 100644 --- a/modules/secure-bucket/main.tf +++ b/modules/secure-bucket/main.tf @@ -47,7 +47,7 @@ resource "aws_s3_bucket_lifecycle_configuration" "access_log" { id = "auto-archive" status = "Enabled" - prefix = "/" + filter {} transition { days = var.lifecycle_glacier_transition_days @@ -114,7 +114,7 @@ resource "aws_s3_bucket_lifecycle_configuration" "content" { id = "auto-archive" status = "Enabled" - prefix = "/" + filter {} transition { days = var.lifecycle_glacier_transition_days From 271d99ef6206fab0886f6961674340e986b5bc0c Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 16 Apr 2022 22:53:30 +0900 Subject: [PATCH 53/66] fix: upgrade the AWS provider to v4.3 (#287) --- README.md | 4 ++-- examples/external-bucket/main.tf | 2 +- examples/organization/master/main.tf | 2 +- examples/organization/member/main.tf | 2 +- examples/select-region/main.tf | 2 +- examples/simple/main.tf | 2 +- main.tf | 2 +- modules/alarm-baseline/README.md | 4 ++-- modules/alarm-baseline/versions.tf | 2 +- modules/analyzer-baseline/README.md | 4 ++-- modules/analyzer-baseline/versions.tf | 2 +- modules/cloudtrail-baseline/README.md | 4 ++-- modules/cloudtrail-baseline/versions.tf | 2 +- modules/config-baseline/README.md | 4 ++-- modules/config-baseline/versions.tf | 2 +- modules/ebs-baseline/README.md | 4 ++-- modules/ebs-baseline/versions.tf | 2 +- modules/guardduty-baseline/README.md | 4 ++-- modules/guardduty-baseline/versions.tf | 2 +- modules/iam-baseline/README.md | 4 ++-- modules/iam-baseline/versions.tf | 2 +- modules/s3-baseline/README.md | 4 ++-- modules/s3-baseline/versions.tf | 2 +- modules/secure-bucket/README.md | 4 ++-- modules/secure-bucket/versions.tf | 2 +- modules/securityhub-baseline/README.md | 4 ++-- modules/securityhub-baseline/versions.tf | 2 +- modules/vpc-baseline/README.md | 4 ++-- modules/vpc-baseline/versions.tf | 2 +- test/fixtures/simple_local/main.tf | 2 +- test/fixtures/simple_registry/main.tf | 2 +- 31 files changed, 43 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index 139a2386..246d7674 100644 --- a/README.md +++ b/README.md @@ -118,13 +118,13 @@ This module is composed of several submodules and each of which can be used inde | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/examples/external-bucket/main.tf b/examples/external-bucket/main.tf index 824f4532..8ab31369 100644 --- a/examples/external-bucket/main.tf +++ b/examples/external-bucket/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/examples/organization/master/main.tf b/examples/organization/master/main.tf index c722237b..f74dfcf4 100644 --- a/examples/organization/master/main.tf +++ b/examples/organization/master/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/examples/organization/member/main.tf b/examples/organization/member/main.tf index e5758323..8c20c3d9 100644 --- a/examples/organization/member/main.tf +++ b/examples/organization/member/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/examples/select-region/main.tf b/examples/select-region/main.tf index 3a954140..391872ec 100644 --- a/examples/select-region/main.tf +++ b/examples/select-region/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/examples/simple/main.tf b/examples/simple/main.tf index fed9ce88..5e672c8e 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/main.tf b/main.tf index 68049797..468656bd 100644 --- a/main.tf +++ b/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" # A provider alias should be passed for each AWS region. # Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html diff --git a/modules/alarm-baseline/README.md b/modules/alarm-baseline/README.md index b3cdb570..bf0e5cdd 100644 --- a/modules/alarm-baseline/README.md +++ b/modules/alarm-baseline/README.md @@ -8,13 +8,13 @@ Set up CloudWatch alarms to notify you when critical changes happen in your AWS | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/alarm-baseline/versions.tf b/modules/alarm-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/alarm-baseline/versions.tf +++ b/modules/alarm-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/analyzer-baseline/README.md b/modules/analyzer-baseline/README.md index 6f0e0b71..c54533ff 100644 --- a/modules/analyzer-baseline/README.md +++ b/modules/analyzer-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/analyzer-baseline/versions.tf b/modules/analyzer-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/analyzer-baseline/versions.tf +++ b/modules/analyzer-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index a2c0e5bb..1ac6a3e4 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -8,13 +8,13 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/cloudtrail-baseline/versions.tf b/modules/cloudtrail-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/cloudtrail-baseline/versions.tf +++ b/modules/cloudtrail-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/config-baseline/README.md b/modules/config-baseline/README.md index d29ad5bb..caf34f2d 100644 --- a/modules/config-baseline/README.md +++ b/modules/config-baseline/README.md @@ -8,13 +8,13 @@ Enable AWS Config in all regions to automatically take configuration snapshots. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/config-baseline/versions.tf b/modules/config-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/config-baseline/versions.tf +++ b/modules/config-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/ebs-baseline/README.md b/modules/ebs-baseline/README.md index 2b2e621e..407a21cd 100644 --- a/modules/ebs-baseline/README.md +++ b/modules/ebs-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/ebs-baseline/versions.tf b/modules/ebs-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/ebs-baseline/versions.tf +++ b/modules/ebs-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/guardduty-baseline/README.md b/modules/guardduty-baseline/README.md index d47d7f1a..602bff00 100644 --- a/modules/guardduty-baseline/README.md +++ b/modules/guardduty-baseline/README.md @@ -8,13 +8,13 @@ Enable GuardDuty in all regions. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/guardduty-baseline/versions.tf b/modules/guardduty-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/guardduty-baseline/versions.tf +++ b/modules/guardduty-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index 518cf5ed..fff67987 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -11,13 +11,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/iam-baseline/versions.tf b/modules/iam-baseline/versions.tf index 99a69b4e..610707a1 100644 --- a/modules/iam-baseline/versions.tf +++ b/modules/iam-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/s3-baseline/README.md b/modules/s3-baseline/README.md index af14e6ce..018d3a68 100644 --- a/modules/s3-baseline/README.md +++ b/modules/s3-baseline/README.md @@ -10,13 +10,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/s3-baseline/versions.tf b/modules/s3-baseline/versions.tf index 99a69b4e..610707a1 100644 --- a/modules/s3-baseline/versions.tf +++ b/modules/s3-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index dbb6673b..8216eb78 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -8,13 +8,13 @@ Creates a S3 bucket with access logging enabled. | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.13 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/secure-bucket/versions.tf b/modules/secure-bucket/versions.tf index 99a69b4e..610707a1 100644 --- a/modules/secure-bucket/versions.tf +++ b/modules/secure-bucket/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/securityhub-baseline/README.md b/modules/securityhub-baseline/README.md index f80d7905..f67a9d80 100644 --- a/modules/securityhub-baseline/README.md +++ b/modules/securityhub-baseline/README.md @@ -13,13 +13,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/securityhub-baseline/versions.tf b/modules/securityhub-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/securityhub-baseline/versions.tf +++ b/modules/securityhub-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/modules/vpc-baseline/README.md b/modules/vpc-baseline/README.md index bc48c04d..189df87e 100644 --- a/modules/vpc-baseline/README.md +++ b/modules/vpc-baseline/README.md @@ -12,13 +12,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.4 | -| [aws](#requirement\_aws) | >= 4.2.0 | +| [aws](#requirement\_aws) | >= 4.3 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.2.0 | +| [aws](#provider\_aws) | >= 4.3 | ## Inputs diff --git a/modules/vpc-baseline/versions.tf b/modules/vpc-baseline/versions.tf index c63c8264..e30c400a 100644 --- a/modules/vpc-baseline/versions.tf +++ b/modules/vpc-baseline/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/test/fixtures/simple_local/main.tf b/test/fixtures/simple_local/main.tf index e1929b06..41c470e7 100644 --- a/test/fixtures/simple_local/main.tf +++ b/test/fixtures/simple_local/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } diff --git a/test/fixtures/simple_registry/main.tf b/test/fixtures/simple_registry/main.tf index 6cb57e75..ce46cb2b 100644 --- a/test/fixtures/simple_registry/main.tf +++ b/test/fixtures/simple_registry/main.tf @@ -8,7 +8,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.2.0" + version = ">= 4.3" } } } From e7d422ddf940028631e72661c815d890a4807d68 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 17 Apr 2022 09:39:15 +0900 Subject: [PATCH 54/66] chore(main): release 1.1.0 (#286) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 490d2c45..9460c665 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.1.0](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.0.1...v1.1.0) (2022-04-16) + + +### Features + +* use S3 lifecycle rule V2 ([#285](https://github.com/nozaq/terraform-aws-secure-baseline/issues/285)) ([2b471bd](https://github.com/nozaq/terraform-aws-secure-baseline/commit/2b471bd321f3f7503690076d9321aeca38401796)) + + +### Bug Fixes + +* upgrade the AWS provider to v4.3 ([#287](https://github.com/nozaq/terraform-aws-secure-baseline/issues/287)) ([271d99e](https://github.com/nozaq/terraform-aws-secure-baseline/commit/271d99ef6206fab0886f6961674340e986b5bc0c)) + ## [1.0.1](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.0.0...v1.0.1) (2022-03-06) ### Bug Fixes - avoid for_each key error ([#273](https://github.com/nozaq/terraform-aws-secure-baseline/issues/273)) ([0122d6f](https://github.com/nozaq/terraform-aws-secure-baseline/commit/0122d6fcd00ecd1114a2d5e7853027ebb0322d71)) From 8f693c5b5c250ada6d5a444f62c673fc41622d0e Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 14 May 2022 10:44:48 +0900 Subject: [PATCH 55/66] docs: add the missing import guidance (#289) fixes: #280 --- docs/upgrade-1.0.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/upgrade-1.0.md b/docs/upgrade-1.0.md index acf8981b..9b834c4f 100644 --- a/docs/upgrade-1.0.md +++ b/docs/upgrade-1.0.md @@ -41,6 +41,7 @@ $ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_versio Following configurations from `module.audit_log_bucket[0].aws_s3_bucket.access_log` were extracted to separated resources. +- `module.audit_log_bucket[0].aws_s3_bucket.access_log` - `module.audit_log_bucket[0].aws_s3_bucket_acl.access_log` - `module.audit_log_bucket[0].aws_s3_bucket_lifecycle_configuration.access_log` - `module.audit_log_bucket[0].aws_s3_bucket_server_side_encryption_configuration.access_log` @@ -48,6 +49,7 @@ Following configurations from `module.audit_log_bucket[0].aws_s3_bucket.access_l These resources can be imported by `terraform import` command as well. ```sh +$ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket.access_log" "$ACCESS_LOG_BUCKET" $ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_acl.access_log" "$ACCESS_LOG_BUCKET" $ terraform import "$MODULE_PATH.module.audit_log_bucket[0].aws_s3_bucket_lifecycle_configuration.access_log" "$ACCESS_LOG_BUCKET" From a94ba14f1ed694e65a04c3800175973d2d00607b Mon Sep 17 00:00:00 2001 From: nozaq Date: Thu, 2 Jun 2022 09:28:06 +0900 Subject: [PATCH 56/66] build: upgrade dependencies (#290) --- test/go.mod | 10 ++------- test/go.sum | 61 +++-------------------------------------------------- 2 files changed, 5 insertions(+), 66 deletions(-) diff --git a/test/go.mod b/test/go.mod index b710d075..d49686d5 100644 --- a/test/go.mod +++ b/test/go.mod @@ -1,10 +1,10 @@ module github.com/nozaq/terraform-aws-secure-baseline -go 1.17 +go 1.18 require ( github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.40.6 + github.com/gruntwork-io/terratest v0.40.13 ) require ( @@ -23,7 +23,6 @@ require ( github.com/go-sql-driver/mysql v1.6.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/golang/snappy v0.0.4 // indirect github.com/google/go-cmp v0.5.7 // indirect github.com/googleapis/gax-go/v2 v2.2.0 // indirect github.com/gruntwork-io/go-commons v0.11.0 // indirect @@ -37,7 +36,6 @@ require ( github.com/hashicorp/terraform-json v0.13.0 // indirect github.com/jinzhu/copier v0.3.5 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/jstemmer/go-junit-report v1.0.0 // indirect github.com/klauspost/compress v1.15.1 // indirect github.com/mattn/go-zglob v0.0.3 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect @@ -49,18 +47,14 @@ require ( github.com/stretchr/testify v1.7.1 // indirect github.com/tmccombs/hcl2json v0.3.4 // indirect github.com/ulikunitz/xz v0.5.10 // indirect - github.com/urfave/cli v1.22.5 // indirect github.com/urfave/cli/v2 v2.4.0 // indirect github.com/zclconf/go-cty v1.10.0 // indirect go.opencensus.io v0.23.0 // indirect golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 // indirect - golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect - golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect golang.org/x/net v0.0.0-20220325170049-de3da57026de // indirect golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a // indirect golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f // indirect golang.org/x/text v0.3.7 // indirect - golang.org/x/tools v0.1.10 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/api v0.74.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/test/go.sum b/test/go.sum index 1fd21d75..39731047 100644 --- a/test/go.sum +++ b/test/go.sum @@ -19,7 +19,6 @@ cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmW cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0 h1:bAMqZidYkmIsUqe6PtkEPT7Q+vfizScn+jfNA6jwK9c= cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= @@ -56,7 +55,6 @@ cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiy cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0 h1:STgFzyU5/8miMl0//zKh2aQeTyeaUH3WN9bSUiJ09bA= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.21.0 h1:HwnT2u2D309SFDHQII6m18HlrCi3jAXhUMTLOWXYH14= cloud.google.com/go/storage v1.21.0/go.mod h1:XmRlxkgPjlBONznT2dDUU/5XlpU2OjMnKuqnZI01LAA= @@ -118,7 +116,6 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= -github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= @@ -130,7 +127,6 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:l github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= -github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA= github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= github.com/aws/aws-sdk-go v1.43.29 h1:P6tBpMLwVLS/QwPkaBxfDIF3SmPouoacIk+/7NKnDxY= github.com/aws/aws-sdk-go v1.43.29/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= @@ -168,7 +164,6 @@ github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqO github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= @@ -297,7 +292,6 @@ github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU= github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= @@ -322,7 +316,6 @@ github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHv github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v20.10.7+incompatible h1:Z6O9Nhsjv+ayUEeI1IojKbYcsGdgYSNqxe1s2MYzUhQ= github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= @@ -363,7 +356,6 @@ github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYis github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 h1:skJKxRtNmevLqnayafdLe2AsenqRupVmzZSqrvb5caU= github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= @@ -384,7 +376,6 @@ github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL9 github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= @@ -411,7 +402,6 @@ github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4er github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -443,10 +433,7 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= -github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -460,7 +447,6 @@ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= @@ -495,7 +481,6 @@ github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= @@ -516,26 +501,21 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgf github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro= github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= github.com/gruntwork-io/go-commons v0.11.0 h1:7Yiu1ZvubQlePfu+T2iCpVYJAdkjQKr9mzCBW3Pmaxg= github.com/gruntwork-io/go-commons v0.11.0/go.mod h1:nbZDI8IL8BCY45QXJcWKSh0MYaz9kcgqQ40/L3JRi54= github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= -github.com/gruntwork-io/terratest v0.40.3 h1:M62wBn/5r/8tbMV7WBe+9j91yFgk9f5Vbrx8dj7P1/Q= -github.com/gruntwork-io/terratest v0.40.3/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= -github.com/gruntwork-io/terratest v0.40.6 h1:kBYzD9gcQoruAoV9vmVLk8kjuZAUI5U72h9IAogL/iI= -github.com/gruntwork-io/terratest v0.40.6/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= +github.com/gruntwork-io/terratest v0.40.13 h1:RTJnPTO2kalzkjrNb7nKoKGWfWYnHsf5UzPG3USZBWI= +github.com/gruntwork-io/terratest v0.40.13/go.mod h1:xlVN8UHxN93Z5nt61I0gTU/FESm2C78rYS+/3xcDDdI= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-getter v1.5.9 h1:b7ahZW50iQiUek/at3CvZhPK1/jiV6CtKcsJiR6E4R0= github.com/hashicorp/go-getter v1.5.9/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= github.com/hashicorp/go-getter v1.5.11 h1:wioTuNmaBU3IE9vdFtFMcmZWj0QzLc6DYaP6sNe5onY= github.com/hashicorp/go-getter v1.5.11/go.mod h1:9i48BP6wpWweI/0/+FBjqLrp9S8XtwUGjiu0QkWHEaY= @@ -543,7 +523,6 @@ github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjh github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI= github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= @@ -555,16 +534,13 @@ github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdv github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw= github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.4.0 h1:aAQzgqIrRKRa7w75CKpbBxYsmUoPjzVm1W59ca1L0J4= github.com/hashicorp/go-version v1.4.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/hcl/v2 v2.9.1 h1:eOy4gREY0/ZQHNItlfuEZqtcQbXIxzojlP301hDpnac= github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= github.com/hashicorp/hcl/v2 v2.11.1 h1:yTyWcXcm9XB0TEkyU/JCRU6rYy4K+mgLtzn2wlrJbcc= github.com/hashicorp/hcl/v2 v2.11.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= @@ -583,7 +559,6 @@ github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jinzhu/copier v0.3.5 h1:GlvfUwHk62RokgqVNvYsku0TATCF7bAHVwEXoBh3iJg= github.com/jinzhu/copier v0.3.5/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg= @@ -599,10 +574,7 @@ github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/u github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1 h1:6QPYqodiu3GuPL+7mfx+NwDdp2eTkp9IfEUpgAwUN0o= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jstemmer/go-junit-report v1.0.0 h1:8X1gzZpR+nVQLAht+L/foqOeX2l9DTZoaIPbEQHxsds= -github.com/jstemmer/go-junit-report v1.0.0/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= @@ -613,7 +585,6 @@ github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.0 h1:2T7tUoQrQT+fQWdaY5rjWztFGAFwbGD04iPJg90ZiOs= github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/compress v1.15.1 h1:y9FcTHGyrebwfP0ZZqFiaxTaiDnUrGkJkI+f583BL1A= github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= @@ -652,7 +623,6 @@ github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzp github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= -github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2Zv40+8XitdzCgXY6e9qvXwN9W0YXg= github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= github.com/mattn/go-zglob v0.0.3 h1:6Ry4EYsScDyt5di4OI6xw1bYhOqfE5S33Z1OPy+d+To= github.com/mattn/go-zglob v0.0.3/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= @@ -667,7 +637,6 @@ github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HK github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= @@ -697,6 +666,7 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8m github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= @@ -748,7 +718,6 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok= github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs= @@ -840,7 +809,6 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -851,22 +819,17 @@ github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= github.com/tmccombs/hcl2json v0.3.4 h1:pYzRaHVTJu6TfFumACORClRtsK431eeuv7WjNNLjT90= github.com/tmccombs/hcl2json v0.3.4/go.mod h1:l3Aq9eUyhC+0v26BH08BZHeyWEtOYcFtbu2i5Ryywig= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU= -github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= github.com/urfave/cli/v2 v2.4.0 h1:m2pxjjDFgDxSPtO8WSdbndj17Wu2y8vOT86wE/tjr+I= github.com/urfave/cli/v2 v2.4.0/go.mod h1:NX9W0zmTvedE5oDoOMs2RTC8RvdK98NTYZE5LbaEYPg= @@ -897,7 +860,6 @@ github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.9.1 h1:viqrgQwFl5UpSxc046qblj78wZXVDFnSOufaOTER+cc= github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0= github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= @@ -942,7 +904,6 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 h1:S25/rfnfsMVgORT4/J61MJ7rdyseOZOyvLIrZEZ7s6s= golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -969,7 +930,6 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRu golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= @@ -981,9 +941,7 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1036,7 +994,6 @@ golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLd golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q= golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= @@ -1054,7 +1011,6 @@ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c h1:pkQiBZBvdos9qq4wBAHqlzuZHEXo07pqV06ef90u1WI= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= @@ -1157,7 +1113,6 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603125802-9665404d3644 h1:CA1DEQ4NdKphKeL70tvsWNdT5oFh1lOjihRcEDROi0I= golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1175,7 +1130,6 @@ golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f h1:rlezHXNlxYWvBCzNses9Dlc7nGFaNMJeqLolcmQSSZY= golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210317153231-de623e64d2a6/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= @@ -1187,7 +1141,6 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= @@ -1252,13 +1205,10 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.2 h1:kRBLX7v7Af8W7Gdbbc908OJcdgtK8bOz9Uaj8/F1ACA= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.10 h1:QjFRCZxdOhBJ/UNgnBZLbNV13DlbnK0quyivTnXJM20= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1287,7 +1237,6 @@ google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjR google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= -google.golang.org/api v0.47.0 h1:sQLWZQvP6jPGIP4JGPkJu4zHswrv81iobiyszr3b/0I= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= @@ -1359,7 +1308,6 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c h1:wtujag7C+4D6KMoulW9YauvK2lgdvCMS260jsqqBXr0= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= @@ -1419,7 +1367,6 @@ google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= @@ -1440,7 +1387,6 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= @@ -1449,7 +1395,6 @@ gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From f0cdf3e6294a97ef455cf5e313aba14bfba38467 Mon Sep 17 00:00:00 2001 From: nozaq Date: Mon, 6 Jun 2022 01:25:21 +0900 Subject: [PATCH 57/66] feat: make glacier transition rules optional (#293) BREAKING CHANGE: this change disables glacier transition rules by default since transitioning small objects is officially not recommended. it can be enabled by setting `var.audit_log_lifecycle_glacier_transition_days` to a positive number. https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html --- README.md | 2 +- modules/secure-bucket/README.md | 2 +- modules/secure-bucket/main.tf | 4 ++++ modules/secure-bucket/variables.tf | 4 ++-- variables.tf | 4 ++-- 5 files changed, 10 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 246d7674..0107c0a5 100644 --- a/README.md +++ b/README.md @@ -145,7 +145,7 @@ This module is composed of several submodules and each of which can be used inde | [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | no | | [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | | [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | no | -| [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. | `number` | no | +| [audit\_log\_lifecycle\_glacier\_transition\_days](#input\_audit\_log\_lifecycle\_glacier\_transition\_days) | The number of days after log creation when the log file is archived into Glacier. Setting to zero disables the transition. | `number` | no | | [aws\_config\_changes\_enabled](#input\_aws\_config\_changes\_enabled) | The boolean flag whether the aws\_config\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [cloudtrail\_baseline\_enabled](#input\_cloudtrail\_baseline\_enabled) | Boolean whether cloudtrail-baseline is enabled. | `bool` | no | | [cloudtrail\_cfg\_changes\_enabled](#input\_cloudtrail\_cfg\_changes\_enabled) | The boolean flag whether the cloudtrail\_cfg\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | diff --git a/modules/secure-bucket/README.md b/modules/secure-bucket/README.md index 8216eb78..139fbcde 100644 --- a/modules/secure-bucket/README.md +++ b/modules/secure-bucket/README.md @@ -24,7 +24,7 @@ Creates a S3 bucket with access logging enabled. | [log\_bucket\_name](#input\_log\_bucket\_name) | The name of the S3 bucket to store access logs to the main bucket. | `string` | yes | | [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for this bucket. | `bool` | no | | [force\_destroy](#input\_force\_destroy) | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | -| [lifecycle\_glacier\_transition\_days](#input\_lifecycle\_glacier\_transition\_days) | The number of days after object creation when the object is archived into Glacier. | `number` | no | +| [lifecycle\_glacier\_transition\_days](#input\_lifecycle\_glacier\_transition\_days) | The number of days after object creation when the object is archived into Glacier. Setting to zero disables the transition. | `number` | no | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | ## Outputs diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf index e3804222..44c9425d 100644 --- a/modules/secure-bucket/main.tf +++ b/modules/secure-bucket/main.tf @@ -41,6 +41,8 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "access_log" { } resource "aws_s3_bucket_lifecycle_configuration" "access_log" { + count = var.lifecycle_glacier_transition_days > 0 ? 1 : 0 + bucket = aws_s3_bucket.access_log.id rule { @@ -108,6 +110,8 @@ resource "aws_s3_bucket_logging" "content" { } resource "aws_s3_bucket_lifecycle_configuration" "content" { + count = var.lifecycle_glacier_transition_days > 0 ? 1 : 0 + bucket = aws_s3_bucket.content.id rule { diff --git a/modules/secure-bucket/variables.tf b/modules/secure-bucket/variables.tf index 532df17b..7f84faa2 100644 --- a/modules/secure-bucket/variables.tf +++ b/modules/secure-bucket/variables.tf @@ -9,9 +9,9 @@ variable "log_bucket_name" { } variable "lifecycle_glacier_transition_days" { - description = "The number of days after object creation when the object is archived into Glacier." + description = "The number of days after object creation when the object is archived into Glacier. Setting to zero disables the transition." type = number - default = 90 + default = 0 } variable "force_destroy" { diff --git a/variables.tf b/variables.tf index e1e30e88..67737f57 100644 --- a/variables.tf +++ b/variables.tf @@ -86,9 +86,9 @@ variable "audit_log_bucket_key_enabled" { } variable "audit_log_lifecycle_glacier_transition_days" { - description = "The number of days after log creation when the log file is archived into Glacier." + description = "The number of days after log creation when the log file is archived into Glacier. Setting to zero disables the transition." type = number - default = 90 + default = 0 } variable "audit_log_bucket_force_destroy" { From 219f0032626a793b1c7ca304793d924b829b2c18 Mon Sep 17 00:00:00 2001 From: Sergiy Kulanov Date: Sun, 5 Jun 2022 19:40:59 +0300 Subject: [PATCH 58/66] feat: add permissions boundaries for IAM entities support (#288) It might be a case when iam roles can be created with predefined boundaries. This PR introduce such capabilities by providing permissions_boundary_arn option Currently single permissions_boundary_arn will be applied to all iam_roles provisioned by this module Signed-off-by: Sergiy Kulanov Co-authored-by: nozaq --- README.md | 1 + config_baselines.tf | 4 ++++ main.tf | 2 ++ modules/cloudtrail-baseline/README.md | 1 + modules/cloudtrail-baseline/main.tf | 2 ++ modules/cloudtrail-baseline/variables.tf | 6 ++++++ modules/iam-baseline/README.md | 1 + modules/iam-baseline/main.tf | 2 ++ modules/iam-baseline/variables.tf | 6 ++++++ variables.tf | 6 ++++++ vpc_baselines.tf | 2 ++ 11 files changed, 33 insertions(+) diff --git a/README.md b/README.md index 0107c0a5..fc3389cf 100644 --- a/README.md +++ b/README.md @@ -192,6 +192,7 @@ This module is composed of several submodules and each of which can be used inde | [no\_mfa\_console\_signin\_enabled](#input\_no\_mfa\_console\_signin\_enabled) | The boolean flag whether the no\_mfa\_console\_signin alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [organizations\_changes\_enabled](#input\_organizations\_changes\_enabled) | The boolean flag whether the organizations\_changes alarm is enabled or not. No resources are created when set to false. | `bool` | no | | [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | no | +| [permissions\_boundary\_arn](#input\_permissions\_boundary\_arn) | The permissions boundary ARN for all IAM Roles, provisioned by this module | `string` | no | | [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | no | | [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | no | | [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | diff --git a/config_baselines.tf b/config_baselines.tf index 6adf49bf..8e7278ea 100644 --- a/config_baselines.tf +++ b/config_baselines.tf @@ -43,6 +43,8 @@ resource "aws_iam_role" "recorder" { name = var.config_iam_role_name assume_role_policy = data.aws_iam_policy_document.recorder_assume_role_policy[0].json + permissions_boundary = var.permissions_boundary_arn + tags = var.tags } @@ -630,6 +632,8 @@ resource "aws_iam_role" "config_organization" { name_prefix = var.config_aggregator_name_prefix assume_role_policy = data.aws_iam_policy_document.config_organization_assume_role_policy[0].json + permissions_boundary = var.permissions_boundary_arn + tags = var.tags } diff --git a/main.tf b/main.tf index 468656bd..1b807f35 100644 --- a/main.tf +++ b/main.tf @@ -43,6 +43,7 @@ module "iam_baseline" { support_iam_role_name = var.support_iam_role_name support_iam_role_principal_arns = var.support_iam_role_principal_arns + permissions_boundary_arn = var.permissions_boundary_arn minimum_password_length = var.minimum_password_length password_reuse_prevention = var.password_reuse_prevention require_lowercase_characters = var.require_lowercase_characters @@ -75,6 +76,7 @@ module "cloudtrail_baseline" { cloudwatch_logs_retention_in_days = var.cloudwatch_logs_retention_in_days iam_role_name = var.cloudtrail_iam_role_name iam_role_policy_name = var.cloudtrail_iam_role_policy_name + permissions_boundary_arn = var.permissions_boundary_arn key_deletion_window_in_days = var.cloudtrail_key_deletion_window_in_days region = var.region s3_bucket_name = local.audit_log_bucket_id diff --git a/modules/cloudtrail-baseline/README.md b/modules/cloudtrail-baseline/README.md index 1ac6a3e4..c2e4d27a 100644 --- a/modules/cloudtrail-baseline/README.md +++ b/modules/cloudtrail-baseline/README.md @@ -36,6 +36,7 @@ Enable CloudTrail in all regions and deliver events to CloudWatch Logs. CloudTra | [is\_organization\_trail](#input\_is\_organization\_trail) | Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. | `bool` | no | | [key\_deletion\_window\_in\_days](#input\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. | `number` | no | | [lambda\_invocation\_logging\_lambdas](#input\_lambda\_invocation\_logging\_lambdas) | The list of lambda ARNs on which to enable invocation logging. | `list(string)` | no | +| [permissions\_boundary\_arn](#input\_permissions\_boundary\_arn) | The permissions boundary ARN for all IAM Roles, provisioned by this module | `string` | no | | [s3\_key\_prefix](#input\_s3\_key\_prefix) | The prefix for the specified S3 bucket. | `string` | no | | [s3\_object\_level\_logging\_buckets](#input\_s3\_object\_level\_logging\_buckets) | The list of S3 bucket ARNs on which to enable object-level logging. | `list(string)` | no | | [tags](#input\_tags) | Specifies object tags key and value. This applies to all resources created by this module. | `map(string)` | no | diff --git a/modules/cloudtrail-baseline/main.tf b/modules/cloudtrail-baseline/main.tf index 5b1b17bb..67c83d72 100644 --- a/modules/cloudtrail-baseline/main.tf +++ b/modules/cloudtrail-baseline/main.tf @@ -29,6 +29,8 @@ resource "aws_iam_role" "cloudwatch_delivery" { name = var.iam_role_name assume_role_policy = data.aws_iam_policy_document.cloudwatch_delivery_assume_policy.json + permissions_boundary = var.permissions_boundary_arn + tags = var.tags } diff --git a/modules/cloudtrail-baseline/variables.tf b/modules/cloudtrail-baseline/variables.tf index 3ca6e722..062143af 100644 --- a/modules/cloudtrail-baseline/variables.tf +++ b/modules/cloudtrail-baseline/variables.tf @@ -51,6 +51,12 @@ variable "iam_role_policy_name" { default = "CloudTrail-CloudWatch-Delivery-Policy" } +variable "permissions_boundary_arn" { + description = "The permissions boundary ARN for all IAM Roles, provisioned by this module" + type = string + default = "" +} + variable "key_deletion_window_in_days" { description = "Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days." type = number diff --git a/modules/iam-baseline/README.md b/modules/iam-baseline/README.md index fff67987..a484a7b2 100644 --- a/modules/iam-baseline/README.md +++ b/modules/iam-baseline/README.md @@ -30,6 +30,7 @@ | [max\_password\_age](#input\_max\_password\_age) | The number of days that an user password is valid. | `number` | no | | [minimum\_password\_length](#input\_minimum\_password\_length) | Minimum length to require for user passwords. | `number` | no | | [password\_reuse\_prevention](#input\_password\_reuse\_prevention) | The number of previous passwords that users are prevented from reusing. | `number` | no | +| [permissions\_boundary\_arn](#input\_permissions\_boundary\_arn) | The permissions boundary ARN for all IAM Roles, provisioned by this module | `string` | no | | [require\_lowercase\_characters](#input\_require\_lowercase\_characters) | Whether to require lowercase characters for user passwords. | `bool` | no | | [require\_numbers](#input\_require\_numbers) | Whether to require numbers for user passwords. | `bool` | no | | [require\_symbols](#input\_require\_symbols) | Whether to require symbols for user passwords. | `bool` | no | diff --git a/modules/iam-baseline/main.tf b/modules/iam-baseline/main.tf index 98bd7706..e1bace2b 100644 --- a/modules/iam-baseline/main.tf +++ b/modules/iam-baseline/main.tf @@ -35,6 +35,8 @@ resource "aws_iam_role" "support" { name = var.support_iam_role_name assume_role_policy = data.aws_iam_policy_document.support_assume_policy.json + permissions_boundary = var.permissions_boundary_arn + tags = var.tags } diff --git a/modules/iam-baseline/variables.tf b/modules/iam-baseline/variables.tf index f68a945a..4f79fae5 100644 --- a/modules/iam-baseline/variables.tf +++ b/modules/iam-baseline/variables.tf @@ -4,6 +4,12 @@ variable "support_iam_role_name" { default = "IAM-Support" } +variable "permissions_boundary_arn" { + description = "The permissions boundary ARN for all IAM Roles, provisioned by this module" + type = string + default = "" +} + variable "support_iam_role_principal_arns" { type = list(any) description = "List of ARNs of the IAM principal elements by which the support role could be assumed." diff --git a/variables.tf b/variables.tf index 67737f57..4e7df2c7 100644 --- a/variables.tf +++ b/variables.tf @@ -33,6 +33,12 @@ variable "member_accounts" { default = [] } +variable "permissions_boundary_arn" { + description = "The permissions boundary ARN for all IAM Roles, provisioned by this module" + type = string + default = "" +} + variable "target_regions" { description = "A list of regions to set up with this module." type = list(string) diff --git a/vpc_baselines.tf b/vpc_baselines.tf index e050130f..fd2ed472 100644 --- a/vpc_baselines.tf +++ b/vpc_baselines.tf @@ -29,6 +29,8 @@ resource "aws_iam_role" "flow_logs_publisher" { name = var.vpc_iam_role_name assume_role_policy = data.aws_iam_policy_document.flow_logs_publisher_assume_role_policy[0].json + permissions_boundary = var.permissions_boundary_arn + tags = var.tags } From d804dc688bb2a043abaece39d293dae11ad3118c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 6 Jun 2022 01:44:51 +0900 Subject: [PATCH 59/66] chore(main): release 2.0.0 (#294) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9460c665..7b91cbe1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [2.0.0](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.1.0...v2.0.0) (2022-06-05) + + +### âš  BREAKING CHANGES + +* this change disables glacier transition rules by default since transitioning small objects is officially not recommended. it can be enabled by setting `var.audit_log_lifecycle_glacier_transition_days` to a positive number. + +### Features + +* add permissions boundaries for IAM entities support ([#288](https://github.com/nozaq/terraform-aws-secure-baseline/issues/288)) ([219f003](https://github.com/nozaq/terraform-aws-secure-baseline/commit/219f0032626a793b1c7ca304793d924b829b2c18)) +* make glacier transition rules optional ([#293](https://github.com/nozaq/terraform-aws-secure-baseline/issues/293)) ([f0cdf3e](https://github.com/nozaq/terraform-aws-secure-baseline/commit/f0cdf3e6294a97ef455cf5e313aba14bfba38467)) + ## [1.1.0](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.0.1...v1.1.0) (2022-04-16) From 7c372cd3dedb7a52dcfd6972183c02b564b05716 Mon Sep 17 00:00:00 2001 From: nozaq Date: Thu, 9 Jun 2022 01:56:34 +0900 Subject: [PATCH 60/66] build: upgrade terratest (#295) --- test/go.mod | 6 +++--- test/go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/test/go.mod b/test/go.mod index d49686d5..5ba0614e 100644 --- a/test/go.mod +++ b/test/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.40.13 + github.com/gruntwork-io/terratest v0.40.15 ) require ( @@ -28,7 +28,7 @@ require ( github.com/gruntwork-io/go-commons v0.11.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-getter v1.5.11 // indirect + github.com/hashicorp/go-getter v1.6.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-version v1.4.0 // indirect @@ -53,7 +53,7 @@ require ( golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 // indirect golang.org/x/net v0.0.0-20220325170049-de3da57026de // indirect golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a // indirect - golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f // indirect + golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e // indirect golang.org/x/text v0.3.7 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/api v0.74.0 // indirect diff --git a/test/go.sum b/test/go.sum index 39731047..5cc31d8a 100644 --- a/test/go.sum +++ b/test/go.sum @@ -505,8 +505,8 @@ github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwi github.com/gruntwork-io/go-commons v0.11.0 h1:7Yiu1ZvubQlePfu+T2iCpVYJAdkjQKr9mzCBW3Pmaxg= github.com/gruntwork-io/go-commons v0.11.0/go.mod h1:nbZDI8IL8BCY45QXJcWKSh0MYaz9kcgqQ40/L3JRi54= github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= -github.com/gruntwork-io/terratest v0.40.13 h1:RTJnPTO2kalzkjrNb7nKoKGWfWYnHsf5UzPG3USZBWI= -github.com/gruntwork-io/terratest v0.40.13/go.mod h1:xlVN8UHxN93Z5nt61I0gTU/FESm2C78rYS+/3xcDDdI= +github.com/gruntwork-io/terratest v0.40.15 h1:SGx8VjpAL2kkQBx0mnU9bcY6+ePzTWmMVZnwTTl8350= +github.com/gruntwork-io/terratest v0.40.15/go.mod h1:enUpxNMsQfiJTTJMGqiznxohqJ4cYPU+nzI3bQNw1WM= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -517,8 +517,8 @@ github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtng github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-getter v1.5.9/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= -github.com/hashicorp/go-getter v1.5.11 h1:wioTuNmaBU3IE9vdFtFMcmZWj0QzLc6DYaP6sNe5onY= -github.com/hashicorp/go-getter v1.5.11/go.mod h1:9i48BP6wpWweI/0/+FBjqLrp9S8XtwUGjiu0QkWHEaY= +github.com/hashicorp/go-getter v1.6.1 h1:NASsgP4q6tL94WH6nJxKWj8As2H/2kop/bB1d8JMyRY= +github.com/hashicorp/go-getter v1.6.1/go.mod h1:IZCrswsZPeWv9IkVnLElzRU/gz/QPi6pZHn4tv6vbwA= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= @@ -1128,8 +1128,8 @@ golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f h1:rlezHXNlxYWvBCzNses9Dlc7nGFaNMJeqLolcmQSSZY= -golang.org/x/sys v0.0.0-20220330033206-e17cdc41300f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e h1:w36l2Uw3dRan1K3TyXriXvY+6T56GNmlKGcqiQUJDfM= +golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210317153231-de623e64d2a6/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= From 99f049352ac847acff9416f0ec61c43d72939add Mon Sep 17 00:00:00 2001 From: nozaq Date: Fri, 17 Jun 2022 20:26:46 +0900 Subject: [PATCH 61/66] build: upgrade dependencies (#296) --- test/go.mod | 2 +- test/go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/test/go.mod b/test/go.mod index 5ba0614e..0c9efddb 100644 --- a/test/go.mod +++ b/test/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.40.15 + github.com/gruntwork-io/terratest v0.40.17 ) require ( diff --git a/test/go.sum b/test/go.sum index 5cc31d8a..a566945e 100644 --- a/test/go.sum +++ b/test/go.sum @@ -505,8 +505,8 @@ github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwi github.com/gruntwork-io/go-commons v0.11.0 h1:7Yiu1ZvubQlePfu+T2iCpVYJAdkjQKr9mzCBW3Pmaxg= github.com/gruntwork-io/go-commons v0.11.0/go.mod h1:nbZDI8IL8BCY45QXJcWKSh0MYaz9kcgqQ40/L3JRi54= github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= -github.com/gruntwork-io/terratest v0.40.15 h1:SGx8VjpAL2kkQBx0mnU9bcY6+ePzTWmMVZnwTTl8350= -github.com/gruntwork-io/terratest v0.40.15/go.mod h1:enUpxNMsQfiJTTJMGqiznxohqJ4cYPU+nzI3bQNw1WM= +github.com/gruntwork-io/terratest v0.40.17 h1:veSr7MUtk5GRDg5/pZ9qLUvrylr7yuRw0fY9UaSHbuI= +github.com/gruntwork-io/terratest v0.40.17/go.mod h1:enUpxNMsQfiJTTJMGqiznxohqJ4cYPU+nzI3bQNw1WM= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= From 07dc101179fa2d1649cd987e3d8f3d269db546b8 Mon Sep 17 00:00:00 2001 From: K3ndu <37668739+K3ndu@users.noreply.github.com> Date: Sun, 2 Oct 2022 03:20:59 +0300 Subject: [PATCH 62/66] feat: make audit log bucket access logs bucket name customizable (#303) * Make audit log bucket access logs bucket name customizable * docs: run terraform-docs Co-authored-by: Kendi Paet Co-authored-by: nozaq --- README.md | 1 + bucket.tf | 2 +- variables.tf | 6 ++++++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index fc3389cf..55b5c742 100644 --- a/README.md +++ b/README.md @@ -142,6 +142,7 @@ This module is composed of several submodules and each of which can be used inde | [allow\_users\_to\_change\_password](#input\_allow\_users\_to\_change\_password) | Whether to allow users to change their own password. | `bool` | no | | [analyzer\_baseline\_enabled](#input\_analyzer\_baseline\_enabled) | Boolean whether analyzer-baseline is enabled. | `bool` | no | | [analyzer\_name](#input\_analyzer\_name) | The name for the IAM Access Analyzer resource to be created. | `string` | no | +| [audit\_log\_bucket\_access\_logs\_name](#input\_audit\_log\_bucket\_access\_logs\_name) | The name of the S3 bucket to store various audit logs. | `string` | no | | [audit\_log\_bucket\_custom\_policy\_json](#input\_audit\_log\_bucket\_custom\_policy\_json) | Override policy for the audit log bucket. Allows addition of extra policies. | `string` | no | | [audit\_log\_bucket\_force\_destroy](#input\_audit\_log\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the audit log bucket so that the bucket can be destroyed without error. These objects are not recoverable. | `bool` | no | | [audit\_log\_bucket\_key\_enabled](#input\_audit\_log\_bucket\_key\_enabled) | Whether or not to use Amazon S3 Bucket Keys for encrypting the audit log bucket. | `bool` | no | diff --git a/bucket.tf b/bucket.tf index 2c6f30ef..5d92b3d9 100644 --- a/bucket.tf +++ b/bucket.tf @@ -36,7 +36,7 @@ module "audit_log_bucket" { bucket_name = var.audit_log_bucket_name bucket_key_enabled = var.audit_log_bucket_key_enabled - log_bucket_name = "${var.audit_log_bucket_name}-access-logs" + log_bucket_name = var.audit_log_bucket_access_logs_name != "" ? var.audit_log_bucket_access_logs_name : "${var.audit_log_bucket_name}-access-logs" lifecycle_glacier_transition_days = var.audit_log_lifecycle_glacier_transition_days force_destroy = var.audit_log_bucket_force_destroy diff --git a/variables.tf b/variables.tf index 4e7df2c7..a942f3c9 100644 --- a/variables.tf +++ b/variables.tf @@ -79,6 +79,12 @@ variable "audit_log_bucket_name" { type = string } +variable "audit_log_bucket_access_logs_name" { + description = "The name of the S3 bucket to store various audit logs." + type = string + default = "" +} + variable "audit_log_bucket_custom_policy_json" { description = "Override policy for the audit log bucket. Allows addition of extra policies." type = string From bb724cd7783ae3e645cbbb4468b367fc5095cb53 Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 3 Dec 2022 09:56:19 +0900 Subject: [PATCH 63/66] feat: enable CIS benchmark v1.4.0 standard (#308) --- modules/securityhub-baseline/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf index c929047b..bb87b7e6 100644 --- a/modules/securityhub-baseline/main.tf +++ b/modules/securityhub-baseline/main.tf @@ -43,7 +43,7 @@ resource "aws_securityhub_invite_accepter" "invitee" { resource "aws_securityhub_standards_subscription" "cis" { count = var.enable_cis_standard ? 1 : 0 - standards_arn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0" + standards_arn = "arn:aws:securityhub:${data.aws_region.current.name}::standards/cis-aws-foundations-benchmark/v/1.4.0" depends_on = [aws_securityhub_account.main] } From 7c4a1e5b876495753695786490350741c5fc188b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 3 Dec 2022 09:59:39 +0900 Subject: [PATCH 64/66] chore(main): release 2.1.0 (#304) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7b91cbe1..1ea69b0d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [2.1.0](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v2.0.0...v2.1.0) (2022-12-03) + + +### Features + +* enable CIS benchmark v1.4.0 standard ([#308](https://github.com/nozaq/terraform-aws-secure-baseline/issues/308)) ([bb724cd](https://github.com/nozaq/terraform-aws-secure-baseline/commit/bb724cd7783ae3e645cbbb4468b367fc5095cb53)) +* make audit log bucket access logs bucket name customizable ([#303](https://github.com/nozaq/terraform-aws-secure-baseline/issues/303)) ([07dc101](https://github.com/nozaq/terraform-aws-secure-baseline/commit/07dc101179fa2d1649cd987e3d8f3d269db546b8)) + ## [2.0.0](https://github.com/nozaq/terraform-aws-secure-baseline/compare/v1.1.0...v2.0.0) (2022-06-05) From d4b50deab84aa63b5baf00ff970a592f855879ea Mon Sep 17 00:00:00 2001 From: nozaq Date: Sat, 14 Jan 2023 15:41:03 +0900 Subject: [PATCH 65/66] chore: add devcontainer configuration (#312) --- .devcontainer/Dockerfile | 5 +++++ .devcontainer/devcontainer.json | 21 +++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 .devcontainer/Dockerfile create mode 100644 .devcontainer/devcontainer.json diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile new file mode 100644 index 00000000..2d0cf44c --- /dev/null +++ b/.devcontainer/Dockerfile @@ -0,0 +1,5 @@ +FROM mcr.microsoft.com/devcontainers/base:bullseye + +RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ + && apt-get -y install --no-install-recommends python3-pip \ + && pip install --no-input pre-commit diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 00000000..ecc88695 --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,21 @@ +{ + "name": "Terraform", + "build": { + "dockerfile": "./Dockerfile", + "context": "." + }, + "features": { + "ghcr.io/devcontainers/features/terraform:1": { + "version": "latest", + "installTerraformDocs": true + } + }, + "customizations": { + "vscode": { + "extensions": [ + "EditorConfig.EditorConfig" + ] + } + }, + "postCreateCommand": "pre-commit install" +} From 6b2d679cf480093ec279450d7d0a90affe3ddc43 Mon Sep 17 00:00:00 2001 From: nozaq Date: Wed, 22 Feb 2023 09:05:35 +0900 Subject: [PATCH 66/66] chore: remove stale tests (#315) --- test/fixtures/simple_local/main.tf | 61 - test/fixtures/simple_local/outputs.tf | 0 test/fixtures/simple_local/regions.tf | 90 -- test/fixtures/simple_local/variables.tf | 10 - test/fixtures/simple_registry/main.tf | 61 - test/fixtures/simple_registry/outputs.tf | 0 test/fixtures/simple_registry/regions.tf | 90 -- test/fixtures/simple_registry/variables.tf | 10 - test/go.mod | 65 - test/go.sum | 1472 -------------------- test/simple_test.go | 56 - 11 files changed, 1915 deletions(-) delete mode 100644 test/fixtures/simple_local/main.tf delete mode 100644 test/fixtures/simple_local/outputs.tf delete mode 100644 test/fixtures/simple_local/regions.tf delete mode 100644 test/fixtures/simple_local/variables.tf delete mode 100644 test/fixtures/simple_registry/main.tf delete mode 100644 test/fixtures/simple_registry/outputs.tf delete mode 100644 test/fixtures/simple_registry/regions.tf delete mode 100644 test/fixtures/simple_registry/variables.tf delete mode 100644 test/go.mod delete mode 100644 test/go.sum delete mode 100644 test/simple_test.go diff --git a/test/fixtures/simple_local/main.tf b/test/fixtures/simple_local/main.tf deleted file mode 100644 index 41c470e7..00000000 --- a/test/fixtures/simple_local/main.tf +++ /dev/null @@ -1,61 +0,0 @@ -terraform { - required_version = ">= 0.15" - - backend "local" { - path = "../terraform.tfstate" - } - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.3" - } - } -} - -provider "aws" { - region = var.region -} - -data "aws_caller_identity" "current" { -} - -resource "aws_iam_user" "admin" { - name = "admin" -} - -module "secure_baseline" { - source = "../../../" - - audit_log_bucket_name = var.audit_s3_bucket_name - aws_account_id = data.aws_caller_identity.current.account_id - region = var.region - support_iam_role_principal_arns = [aws_iam_user.admin.arn] - - # Setting it to true means all audit logs are automatically deleted - # when you run `terraform destroy`. - # Note that it might be inappropriate for highly secured environment. - audit_log_bucket_force_destroy = true - - providers = { - aws = aws - aws.ap-northeast-1 = aws.ap-northeast-1 - aws.ap-northeast-2 = aws.ap-northeast-2 - aws.ap-northeast-3 = aws.ap-northeast-3 - aws.ap-south-1 = aws.ap-south-1 - aws.ap-southeast-1 = aws.ap-southeast-1 - aws.ap-southeast-2 = aws.ap-southeast-2 - aws.ca-central-1 = aws.ca-central-1 - aws.eu-central-1 = aws.eu-central-1 - aws.eu-north-1 = aws.eu-north-1 - aws.eu-west-1 = aws.eu-west-1 - aws.eu-west-2 = aws.eu-west-2 - aws.eu-west-3 = aws.eu-west-3 - aws.sa-east-1 = aws.sa-east-1 - aws.us-east-1 = aws.us-east-1 - aws.us-east-2 = aws.us-east-2 - aws.us-west-1 = aws.us-west-1 - aws.us-west-2 = aws.us-west-2 - } -} - diff --git a/test/fixtures/simple_local/outputs.tf b/test/fixtures/simple_local/outputs.tf deleted file mode 100644 index e69de29b..00000000 diff --git a/test/fixtures/simple_local/regions.tf b/test/fixtures/simple_local/regions.tf deleted file mode 100644 index 6937e512..00000000 --- a/test/fixtures/simple_local/regions.tf +++ /dev/null @@ -1,90 +0,0 @@ -# -------------------------------------------------------------------------------------------------- -# A list of providers for all AWS regions. -# Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html -# -------------------------------------------------------------------------------------------------- - -provider "aws" { - region = "ap-northeast-1" - alias = "ap-northeast-1" -} - -provider "aws" { - region = "ap-northeast-2" - alias = "ap-northeast-2" -} - -provider "aws" { - region = "ap-northeast-3" - alias = "ap-northeast-3" -} - -provider "aws" { - region = "ap-south-1" - alias = "ap-south-1" -} - -provider "aws" { - region = "ap-southeast-1" - alias = "ap-southeast-1" -} - -provider "aws" { - region = "ap-southeast-2" - alias = "ap-southeast-2" -} - -provider "aws" { - region = "ca-central-1" - alias = "ca-central-1" -} - -provider "aws" { - region = "eu-central-1" - alias = "eu-central-1" -} - -provider "aws" { - region = "eu-north-1" - alias = "eu-north-1" -} - -provider "aws" { - region = "eu-west-1" - alias = "eu-west-1" -} - -provider "aws" { - region = "eu-west-2" - alias = "eu-west-2" -} - -provider "aws" { - region = "eu-west-3" - alias = "eu-west-3" -} - -provider "aws" { - region = "sa-east-1" - alias = "sa-east-1" -} - -provider "aws" { - region = "us-east-1" - alias = "us-east-1" -} - -provider "aws" { - region = "us-east-2" - alias = "us-east-2" -} - -provider "aws" { - region = "us-west-1" - alias = "us-west-1" -} - -provider "aws" { - region = "us-west-2" - alias = "us-west-2" -} - diff --git a/test/fixtures/simple_local/variables.tf b/test/fixtures/simple_local/variables.tf deleted file mode 100644 index a84c6dad..00000000 --- a/test/fixtures/simple_local/variables.tf +++ /dev/null @@ -1,10 +0,0 @@ -variable "audit_s3_bucket_name" { - description = "The name of the S3 bucket to store various audit logs." - type = string -} - -variable "region" { - description = "The AWS region in which global resources are set up." - type = string - default = "us-east-1" -} diff --git a/test/fixtures/simple_registry/main.tf b/test/fixtures/simple_registry/main.tf deleted file mode 100644 index ce46cb2b..00000000 --- a/test/fixtures/simple_registry/main.tf +++ /dev/null @@ -1,61 +0,0 @@ -terraform { - required_version = ">= 0.15" - - backend "local" { - path = "../terraform.tfstate" - } - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.3" - } - } -} - -provider "aws" { - region = var.region -} - -data "aws_caller_identity" "current" { -} - -resource "aws_iam_user" "admin" { - name = "admin" -} - -module "secure_baseline" { - source = "nozaq/secure-baseline/aws" - - audit_log_bucket_name = var.audit_s3_bucket_name - aws_account_id = data.aws_caller_identity.current.account_id - region = var.region - support_iam_role_principal_arns = [aws_iam_user.admin.arn] - - # Setting it to true means all audit logs are automatically deleted - # when you run `terraform destroy`. - # Note that it might be inappropriate for highly secured environment. - audit_log_bucket_force_destroy = true - - providers = { - aws = aws - aws.ap-northeast-1 = aws.ap-northeast-1 - aws.ap-northeast-2 = aws.ap-northeast-2 - aws.ap-northeast-3 = aws.ap-northeast-3 - aws.ap-south-1 = aws.ap-south-1 - aws.ap-southeast-1 = aws.ap-southeast-1 - aws.ap-southeast-2 = aws.ap-southeast-2 - aws.ca-central-1 = aws.ca-central-1 - aws.eu-central-1 = aws.eu-central-1 - aws.eu-north-1 = aws.eu-north-1 - aws.eu-west-1 = aws.eu-west-1 - aws.eu-west-2 = aws.eu-west-2 - aws.eu-west-3 = aws.eu-west-3 - aws.sa-east-1 = aws.sa-east-1 - aws.us-east-1 = aws.us-east-1 - aws.us-east-2 = aws.us-east-2 - aws.us-west-1 = aws.us-west-1 - aws.us-west-2 = aws.us-west-2 - } -} - diff --git a/test/fixtures/simple_registry/outputs.tf b/test/fixtures/simple_registry/outputs.tf deleted file mode 100644 index e69de29b..00000000 diff --git a/test/fixtures/simple_registry/regions.tf b/test/fixtures/simple_registry/regions.tf deleted file mode 100644 index 6937e512..00000000 --- a/test/fixtures/simple_registry/regions.tf +++ /dev/null @@ -1,90 +0,0 @@ -# -------------------------------------------------------------------------------------------------- -# A list of providers for all AWS regions. -# Reference: https://docs.aws.amazon.com/general/latest/gr/rande.html -# -------------------------------------------------------------------------------------------------- - -provider "aws" { - region = "ap-northeast-1" - alias = "ap-northeast-1" -} - -provider "aws" { - region = "ap-northeast-2" - alias = "ap-northeast-2" -} - -provider "aws" { - region = "ap-northeast-3" - alias = "ap-northeast-3" -} - -provider "aws" { - region = "ap-south-1" - alias = "ap-south-1" -} - -provider "aws" { - region = "ap-southeast-1" - alias = "ap-southeast-1" -} - -provider "aws" { - region = "ap-southeast-2" - alias = "ap-southeast-2" -} - -provider "aws" { - region = "ca-central-1" - alias = "ca-central-1" -} - -provider "aws" { - region = "eu-central-1" - alias = "eu-central-1" -} - -provider "aws" { - region = "eu-north-1" - alias = "eu-north-1" -} - -provider "aws" { - region = "eu-west-1" - alias = "eu-west-1" -} - -provider "aws" { - region = "eu-west-2" - alias = "eu-west-2" -} - -provider "aws" { - region = "eu-west-3" - alias = "eu-west-3" -} - -provider "aws" { - region = "sa-east-1" - alias = "sa-east-1" -} - -provider "aws" { - region = "us-east-1" - alias = "us-east-1" -} - -provider "aws" { - region = "us-east-2" - alias = "us-east-2" -} - -provider "aws" { - region = "us-west-1" - alias = "us-west-1" -} - -provider "aws" { - region = "us-west-2" - alias = "us-west-2" -} - diff --git a/test/fixtures/simple_registry/variables.tf b/test/fixtures/simple_registry/variables.tf deleted file mode 100644 index a84c6dad..00000000 --- a/test/fixtures/simple_registry/variables.tf +++ /dev/null @@ -1,10 +0,0 @@ -variable "audit_s3_bucket_name" { - description = "The name of the S3 bucket to store various audit logs." - type = string -} - -variable "region" { - description = "The AWS region in which global resources are set up." - type = string - default = "us-east-1" -} diff --git a/test/go.mod b/test/go.mod deleted file mode 100644 index 0c9efddb..00000000 --- a/test/go.mod +++ /dev/null @@ -1,65 +0,0 @@ -module github.com/nozaq/terraform-aws-secure-baseline - -go 1.18 - -require ( - github.com/google/uuid v1.3.0 - github.com/gruntwork-io/terratest v0.40.17 -) - -require ( - cloud.google.com/go v0.100.2 // indirect - cloud.google.com/go/compute v1.5.0 // indirect - cloud.google.com/go/iam v0.3.0 // indirect - cloud.google.com/go/storage v1.21.0 // indirect - github.com/agext/levenshtein v1.2.3 // indirect - github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect - github.com/aws/aws-sdk-go v1.43.29 // indirect - github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect - github.com/boombuler/barcode v1.0.1 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/go-errors/errors v1.4.2 // indirect - github.com/go-sql-driver/mysql v1.6.0 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.2 // indirect - github.com/google/go-cmp v0.5.7 // indirect - github.com/googleapis/gax-go/v2 v2.2.0 // indirect - github.com/gruntwork-io/go-commons v0.11.0 // indirect - github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-getter v1.6.1 // indirect - github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-safetemp v1.0.0 // indirect - github.com/hashicorp/go-version v1.4.0 // indirect - github.com/hashicorp/hcl/v2 v2.11.1 // indirect - github.com/hashicorp/terraform-json v0.13.0 // indirect - github.com/jinzhu/copier v0.3.5 // indirect - github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/klauspost/compress v1.15.1 // indirect - github.com/mattn/go-zglob v0.0.3 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect - github.com/mitchellh/go-testing-interface v1.14.1 // indirect - github.com/mitchellh/go-wordwrap v1.0.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/pquerna/otp v1.3.0 // indirect - github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/stretchr/testify v1.7.1 // indirect - github.com/tmccombs/hcl2json v0.3.4 // indirect - github.com/ulikunitz/xz v0.5.10 // indirect - github.com/urfave/cli/v2 v2.4.0 // indirect - github.com/zclconf/go-cty v1.10.0 // indirect - go.opencensus.io v0.23.0 // indirect - golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 // indirect - golang.org/x/net v0.0.0-20220325170049-de3da57026de // indirect - golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a // indirect - golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e // indirect - golang.org/x/text v0.3.7 // indirect - golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect - google.golang.org/api v0.74.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7 // indirect - google.golang.org/grpc v1.45.0 // indirect - google.golang.org/protobuf v1.28.0 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect -) diff --git a/test/go.sum b/test/go.sum deleted file mode 100644 index a566945e..00000000 --- a/test/go.sum +++ /dev/null @@ -1,1472 +0,0 @@ -bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= -cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= -cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= -cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= -cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= -cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= -cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= -cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= -cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= -cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= -cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= -cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= -cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= -cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= -cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U= -cloud.google.com/go v0.100.2 h1:t9Iw5QH5v4XtlEQaCtUY7x6sCABps8sW0acw7e2WQ6Y= -cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= -cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= -cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= -cloud.google.com/go/compute v1.2.0/go.mod h1:xlogom/6gr8RJGBe7nT2eGsQYAFUbbv8dbC29qE3Xmw= -cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= -cloud.google.com/go/compute v1.5.0 h1:b1zWmYuuHz7gO9kDcM/EpHGr06UgsYNRpNJzI2kFiLM= -cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/iam v0.1.1/go.mod h1:CKqrcnI/suGpybEHxZ7BMehL0oA4LpdyJdUlTl9jVMw= -cloud.google.com/go/iam v0.3.0 h1:exkAomrVUuzx9kWFI1wm3KI0uoDeUFPB4kKGzx6x+Gc= -cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= -cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -cloud.google.com/go/storage v1.21.0 h1:HwnT2u2D309SFDHQII6m18HlrCi3jAXhUMTLOWXYH14= -cloud.google.com/go/storage v1.21.0/go.mod h1:XmRlxkgPjlBONznT2dDUU/5XlpU2OjMnKuqnZI01LAA= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v50.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= -github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= -github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/azure/auth v0.5.8/go.mod h1:kxyKZTSfKh8OVFWPAgOgQ/frrJgeYQJPyR5fLFmXko4= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= -github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= -github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= -github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= -github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= -github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= -github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= -github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= -github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= -github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= -github.com/aws/aws-sdk-go v1.43.29 h1:P6tBpMLwVLS/QwPkaBxfDIF3SmPouoacIk+/7NKnDxY= -github.com/aws/aws-sdk-go v1.43.29/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= -github.com/aws/aws-sdk-go-v2 v1.3.2/go.mod h1:7OaACgj2SX3XGWnrIjGlJM22h6yD6MEWKvm7levnnM8= -github.com/aws/aws-sdk-go-v2 v1.7.0/go.mod h1:tb9wi5s61kTDA5qCkcDbt3KRVV74GGslQkl/DRdX/P4= -github.com/aws/aws-sdk-go-v2 v1.13.0/go.mod h1:L6+ZpqHaLbAaxsqV0L4cvxZY7QupWJB4fhkf8LXvC7w= -github.com/aws/aws-sdk-go-v2/config v1.1.6/go.mod h1:Kx90DDOgkMpRfSkzGbF13AVXHHfBNct1liO+95KxXsU= -github.com/aws/aws-sdk-go-v2/credentials v1.1.6/go.mod h1:q1wQ5jHdFNhc4wnNcOEpnovs4keJA5Ds+qESCnfEsgU= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.0.6/go.mod h1:0+fWMitrmIpENiY8/1DyhdYPUCAPvd9UNz9mtCsEoLQ= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.4/go.mod h1:XHgQ7Hz2WY2GAn//UXHofLfPXWh+s62MbMOijrg12Lw= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.2.0/go.mod h1:BsCSJHx5DnDXIrOcqB8KN1/B+hXLG/bi4Y6Vjcx/x9E= -github.com/aws/aws-sdk-go-v2/internal/ini v1.1.0/go.mod h1:qGQ/9IfkZonRNSNLE99/yBJ7EPA/h8jlWEqtJCcaj+Q= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.29.0/go.mod h1:HoTu0hnXGafTpKIZQ60jw0ybhhCH1QYf20oL7GEJFdg= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.2.0/go.mod h1:2Kc2Pybp1Hr2ZCCOz78mWnNSZYEKKBQgNcizVGk9sko= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.0.6/go.mod h1:L0KWr0ASo83PRZu9NaZaDsw3koS6PspKv137DMDZjHo= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.2.0/go.mod h1:a7XLWNKuVgOxjssEF019IiHPv35k8KHBaWv/wJAfi2A= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.7.0/go.mod h1:K/qPe6AP2TGYv4l6n7c88zh9jWBDf6nHhvg1fx/EWfU= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.5.0/go.mod h1:541bxEA+Z8quwit9ZT7uxv/l9xRz85/HS41l9OxOQdY= -github.com/aws/aws-sdk-go-v2/service/s3 v1.11.0/go.mod h1:zJe8mEFDS2F04nO0pKVBPfArAv2ycC6wt3ILvrV4SQw= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.2.2/go.mod h1:RaGPWwyy/DaKCyqzdELQgLS8TVO5uNDZEiFoc6yusKk= -github.com/aws/aws-sdk-go-v2/service/sso v1.1.5/go.mod h1:bpGz0tidC4y39sZkQSkpO/J0tzWCMXHbw6FZ0j1GkWM= -github.com/aws/aws-sdk-go-v2/service/sts v1.3.0/go.mod h1:ssRzzJ2RZOVuKj2Vx1YE7ypfil/BIlgmQnCSW4DistU= -github.com/aws/smithy-go v1.3.1/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/aws/smithy-go v1.5.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/aws/smithy-go v1.10.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= -github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= -github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= -github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= -github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= -github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= -github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= -github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= -github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= -github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= -github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= -github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= -github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= -github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= -github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= -github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= -github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= -github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= -github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= -github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= -github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= -github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= -github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= -github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= -github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= -github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= -github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= -github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/stargz-snapshotter/estargz v0.7.0/go.mod h1:83VWDqHnurTKliEB0YvWMiCfLDwv4Cjj1X9Vk98GJZw= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= -github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= -github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= -github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= -github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= -github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= -github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= -github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= -github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= -github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= -github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= -github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= -github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= -github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= -github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= -github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= -github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= -github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= -github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= -github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= -github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= -github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= -github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= -github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= -github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o= -github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= -github.com/google/go-containerregistry v0.6.0/go.mod h1:euCCtNbZ6tKqi1E72vwDj2xZcN5ttKpZLfa/wSo5iLw= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.2.1 h1:d8MncMlErDFTwQGBK1xhv026j9kqhvw1Qv9IbWT1VLQ= -github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= -github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= -github.com/googleapis/gax-go/v2 v2.2.0 h1:s7jOdKSaksJVOxE0Y/S32otcfiP+UQ0cL8/GTKaONwE= -github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= -github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78= -github.com/gruntwork-io/go-commons v0.11.0 h1:7Yiu1ZvubQlePfu+T2iCpVYJAdkjQKr9mzCBW3Pmaxg= -github.com/gruntwork-io/go-commons v0.11.0/go.mod h1:nbZDI8IL8BCY45QXJcWKSh0MYaz9kcgqQ40/L3JRi54= -github.com/gruntwork-io/terratest v0.40.1/go.mod h1:CjHsEgP1Pe987X5N8K5qEqCuLtu1bqERGIAF8bTj1s0= -github.com/gruntwork-io/terratest v0.40.17 h1:veSr7MUtk5GRDg5/pZ9qLUvrylr7yuRw0fY9UaSHbuI= -github.com/gruntwork-io/terratest v0.40.17/go.mod h1:enUpxNMsQfiJTTJMGqiznxohqJ4cYPU+nzI3bQNw1WM= -github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= -github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= -github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-getter v1.5.9/go.mod h1:BrrV/1clo8cCYu6mxvboYg+KutTiFnXjMEgDD8+i7ZI= -github.com/hashicorp/go-getter v1.6.1 h1:NASsgP4q6tL94WH6nJxKWj8As2H/2kop/bB1d8JMyRY= -github.com/hashicorp/go-getter v1.6.1/go.mod h1:IZCrswsZPeWv9IkVnLElzRU/gz/QPi6pZHn4tv6vbwA= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= -github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= -github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= -github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= -github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.4.0 h1:aAQzgqIrRKRa7w75CKpbBxYsmUoPjzVm1W59ca1L0J4= -github.com/hashicorp/go-version v1.4.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= -github.com/hashicorp/hcl/v2 v2.11.1 h1:yTyWcXcm9XB0TEkyU/JCRU6rYy4K+mgLtzn2wlrJbcc= -github.com/hashicorp/hcl/v2 v2.11.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= -github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/hashicorp/terraform-json v0.13.0 h1:Li9L+lKD1FO5RVFRM1mMMIBDoUHslOniyEi5CM+FWGY= -github.com/hashicorp/terraform-json v0.13.0/go.mod h1:y5OdLBCT+rxbwnpxZs9kGL7R9ExU76+cpdY8zHwoazk= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= -github.com/jinzhu/copier v0.3.5 h1:GlvfUwHk62RokgqVNvYsku0TATCF7bAHVwEXoBh3iJg= -github.com/jinzhu/copier v0.3.5/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= -github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= -github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= -github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.15.1 h1:y9FcTHGyrebwfP0ZZqFiaxTaiDnUrGkJkI+f583BL1A= -github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= -github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= -github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= -github.com/mattn/go-zglob v0.0.3 h1:6Ry4EYsScDyt5di4OI6xw1bYhOqfE5S33Z1OPy+d+To= -github.com/mattn/go-zglob v0.0.3/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= -github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= -github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= -github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= -github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= -github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= -github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= -github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= -github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= -github.com/oracle/oci-go-sdk v7.1.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= -github.com/pquerna/otp v1.2.1-0.20191009055518-468c2dd2b58d/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= -github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs= -github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= -github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= -github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= -github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= -github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= -github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= -github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= -github.com/tmccombs/hcl2json v0.3.4 h1:pYzRaHVTJu6TfFumACORClRtsK431eeuv7WjNNLjT90= -github.com/tmccombs/hcl2json v0.3.4/go.mod h1:l3Aq9eUyhC+0v26BH08BZHeyWEtOYcFtbu2i5Ryywig= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= -github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= -github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= -github.com/urfave/cli/v2 v2.4.0 h1:m2pxjjDFgDxSPtO8WSdbndj17Wu2y8vOT86wE/tjr+I= -github.com/urfave/cli/v2 v2.4.0/go.mod h1:NX9W0zmTvedE5oDoOMs2RTC8RvdK98NTYZE5LbaEYPg= -github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= -github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= -github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= -github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= -github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= -github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= -github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= -github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= -github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.8.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.9.1/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0= -github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= -go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= -golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 h1:S25/rfnfsMVgORT4/J61MJ7rdyseOZOyvLIrZEZ7s6s= -golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220325170049-de3da57026de h1:pZB1TWnKi+o4bENlbzAgLrEbY4RMYmUIRobMcSmfeYc= -golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a h1:qfl7ob3DIEs3Ml9oLuPwY2N04gymzAW04WsUQHIClgM= -golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e h1:w36l2Uw3dRan1K3TyXriXvY+6T56GNmlKGcqiQUJDfM= -golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210317153231-de623e64d2a6/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= -golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= -golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= -google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= -google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= -google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= -google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= -google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= -google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= -google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= -google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= -google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= -google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= -google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= -google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= -google.golang.org/api v0.64.0/go.mod h1:931CdxA8Rm4t6zqTFGSsgwbAEZ2+GMYurbndwSimebM= -google.golang.org/api v0.66.0/go.mod h1:I1dmXYpX7HGwz/ejRxwQp2qj5bFAz93HiCU1C1oYd9M= -google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= -google.golang.org/api v0.69.0/go.mod h1:boanBiw+h5c3s+tBPgEzLDRHfFLWV0qXxRHz3ws7C80= -google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= -google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8= -google.golang.org/api v0.74.0 h1:ExR2D+5TYIrMphWgs5JCgwRhEDlPDXXrLwHHMgPHTXE= -google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= -google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= -google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= -google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211223182754-3ac035c7e7cb/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220111164026-67b88f271998/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220114231437-d2e6a121cae0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220201184016-50beb8ab5c44/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220211171837-173942840c17/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220216160803-4663080d8bc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= -google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7 h1:HOL66YCI20JvN2hVk6o2YIp9i/3RvzVUz82PqNr7fXw= -google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= -google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.45.0 h1:NEpgUqV3Z+ZjkqMsxMg11IaDrXY4RY6CQukSGK0uI1M= -google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= -google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U= -gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= -k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= -k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= -k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= -k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= -k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= -k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= -k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/test/simple_test.go b/test/simple_test.go deleted file mode 100644 index 716b6266..00000000 --- a/test/simple_test.go +++ /dev/null @@ -1,56 +0,0 @@ -package test - -import ( - "testing" - - "github.com/google/uuid" - "github.com/gruntwork-io/terratest/modules/aws" - "github.com/gruntwork-io/terratest/modules/terraform" -) - -func TestSimpleExampleApply(t *testing.T) { - bucketName := uuid.NewString() - awsRegion := aws.GetRandomStableRegion(t, nil, nil) - - registryTerraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ - TerraformDir: "../examples/simple", - Vars: map[string]interface{}{ - "audit_s3_bucket_name": bucketName, - "region": awsRegion, - }, - NoColor: true, - }) - defer terraform.Destroy(t, registryTerraformOptions) - - terraform.InitAndApply(t, registryTerraformOptions) -} - -func TestDiffFromMaster(t *testing.T) { - bucketName := uuid.NewString() - awsRegion := aws.GetRandomStableRegion(t, nil, nil) - - registryTerraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ - TerraformDir: "./fixtures/simple_registry", - Vars: map[string]interface{}{ - "audit_s3_bucket_name": bucketName, - "region": awsRegion, - }, - NoColor: true, - }) - defer terraform.Destroy(t, registryTerraformOptions) - - terraform.InitAndApply(t, registryTerraformOptions) - - localTerraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ - TerraformDir: "./fixtures/simple_local", - Vars: map[string]interface{}{ - "audit_s3_bucket_name": bucketName, - "region": awsRegion, - }, - NoColor: true, - MigrateState: true, - }) - planResult := terraform.InitAndPlan(t, localTerraformOptions) - - t.Log(planResult) -}