Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(terraform): add support for AWS provider block #50

Merged
merged 3 commits into from
Nov 23, 2023
Merged

feat(terraform): add support for AWS provider block #50

merged 3 commits into from
Nov 23, 2023

Conversation

nikpivkin
Copy link
Collaborator

@nikpivkin nikpivkin commented Nov 13, 2023
edited
Loading

@nikpivkin
Copy link
Collaborator Author

@simar7 Since the json schema is built on the state structure field names, the provider blocks will be defined as a service named providers. Will this confuse users when defining Rego policies?

@simar7
Copy link
Member

simar7 commented Nov 15, 2023

@simar7 Since the json schema is built on the state structure field names, the provider blocks will be defined as a service named providers. Will this confuse users when defining Rego policies?

Hmm, what if we define it at the aws.AWS{} level rather than a struct within a struct (what you have in this PR)?

Another option could be calling it meta. It implies that it's not an actual service as naming it "providers" is a little awkward.

@nikpivkin
Copy link
Collaborator Author

nikpivkin commented Nov 15, 2023
edited
Loading

@simar7 You mean add terraform providers here?

@simar7
Copy link
Member

simar7 commented Nov 16, 2023

I think naming it to meta sounds like a better alternate to me.

@nikpivkin
Copy link
Collaborator Author

nikpivkin commented Nov 16, 2023
edited
Loading

@simar7 How about naming this field as meta.tfproviders (tfproviders inside the meta structure)? so that users realise they are dealing with a terraform provider

@simar7
Copy link
Member

simar7 commented Nov 17, 2023

@simar7 How about naming this field as meta.tfproviders (tfproviders inside the meta structure)? so that users realise they are dealing with a terraform provider

Could you give an example? My assumption was that each cloud can have a meta field, so the policies would look something like the following:

foo = input.aws.meta.bar[_] or foo = input.gcp.meta.bar[_].

@nikpivkin
Copy link
Collaborator Author

nikpivkin commented Nov 17, 2023
edited
Loading

@simar7 That's what I meant: arg = input.aws.meta.tfproviders.arg[_]

@simar7
Copy link
Member

simar7 commented Nov 17, 2023

@simar7 That's what I meant: arg = input.aws.meta.tfproviders.arg[_]

But cloud args aren't related to Terraform. For instance tags is a property of AWS Cloud not something specific to Terraform right? So in short, adding .tfproviders seems unnecessary. WDYT?

@nikpivkin
Copy link
Collaborator Author

@simar7 You're right, the tags are not specific to terraform. But I have added support for AWS provider attributes that are specified in the provider configuration block.

@simar7
Copy link
Member

simar7 commented Nov 17, 2023

@simar7 You're right, the tags are not specific to terraform. But I have added support for AWS provider attributes that are specified in the provider configuration block.

cool, that makes sense then!

@nikpivkin nikpivkin mentioned this pull request Nov 20, 2023
Merged
@nikpivkin nikpivkin marked this pull request as ready for review November 23, 2023 11:34
@simar7 simar7 merged commit dafbd42 into aquasecurity:main Nov 23, 2023
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simar7 simar7 simar7 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(misconf): Support aws cloud attributes
2 participants
@nikpivkin @simar7