drudgesentinel/CIS-v1.4.0-sentinel-policies
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

nuke + pave thank you industry standard version control

Browse source
This commit is contained in:
worm 2023-11-14 09:25:34 -08:00
commit 750ffed0ab
15 changed files with 1141 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
terraform_v1.4.0/.terraform*

7
README.md Normal file
View file

@ -0,0 +1,7 @@
This repository is intended to provide example sentinel policies that meet the requirements of the Center for Internet Security (CIS) Foundations Benchmarks. Initial work will include support for v1.4.0.
AWS outlines the requirements here:
https://docs.aws.amazon.com/securityhub/latest/userguide/cis-aws-foundations-benchmark.html
The CIS guidelines for AWS available here:
https://www.cisecurity.org/benchmark/amazon_web_services

33
terraform_v1.4.0/CloudTrail/main.tf Normal file
View file

@ -0,0 +1,33 @@
terraform {
cloud {
organization = "sean-env"
workspaces {
name = "cis-sentinel-resources"
}
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~>5.0"
}
}
}
provider "aws" {
region = "us-west-2"
}
resource "aws_cloudtrail" "example" {
name = "example"
s3_bucket_name = "stm-cloudtrail-sentinel"
include_global_service_events = false
}
resource "aws_cloudtrail" "example-multi-region" {
name = "example-multi-region"
s3_bucket_name = "stm-cloudtrail-sentinel"
include_global_service_events = true
is_multi_region_trail = true
}

25
v1.4.0/CloudTrail.1.sentinel Normal file
View file

@ -0,0 +1,25 @@
#CloudTrail should be enabled and configured with at least one multi-Region trail that includes read and write management events
# TODO: Address the ideal way to determine when this policy is appropriate to run
# TODO: check how the reading and writing of management events works and write configuration to include it:
#https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail.html#include_management_events
import "tfplan/v2" as tfplan
param actions default [
["no-op"],
["create"],
["update"],
]
aws_cloudtrails = filter tfplan.resource_changes as _, rc {
rc.type is "aws_cloudtrail" and
rc.mode is "managed" and
rc.change.actions in actions
}
multiregion_trails_exist = any aws_cloudtrails as ct {
aws_cloudtrails[ct].change.after.is_multi_region_trail is true
}
main = rule {
multiregion_trails_exist
}

86
v1.4.0/mocks/cloudtrail-multiregion-mock-tfconfig-v2.sentinel Normal file
View file

@ -0,0 +1,86 @@
import "strings"
providers = {
"aws": {
"alias": "",
"config": {
"region": {
"constant_value": "us-west-2",
},
},
"full_name": "registry.terraform.io/hashicorp/aws",
"module_address": "",
"name": "aws",
"provider_config_key": "aws",
"version_constraint": "~> 5.0",
},
}
resources = {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"config": {
"include_global_service_events": {
"constant_value": false,
},
"name": {
"constant_value": "example",
},
"s3_bucket_name": {
"constant_value": "stm-cloudtrail-sentinel",
},
},
"count": {},
"depends_on": [],
"for_each": {},
"mode": "managed",
"module_address": "",
"name": "example",
"provider_config_key": "aws",
"provisioners": [],
"type": "aws_cloudtrail",
},
"aws_cloudtrail.example-multi-region": {
"address": "aws_cloudtrail.example-multi-region",
"config": {
"include_global_service_events": {
"constant_value": true,
},
"is_multi_region_trail": {
"constant_value": true,
},
"name": {
"constant_value": "example-multi-region",
},
"s3_bucket_name": {
"constant_value": "stm-cloudtrail-sentinel",
},
},
"count": {},
"depends_on": [],
"for_each": {},
"mode": "managed",
"module_address": "",
"name": "example-multi-region",
"provider_config_key": "aws",
"provisioners": [],
"type": "aws_cloudtrail",
},
}
provisioners = {}
variables = {}
outputs = {}
module_calls = {}
strip_index = func(addr) {
s = strings.split(addr, ".")
for s as i, v {
s[i] = strings.split(v, "[")[0]
}
return strings.join(s, ".")
}

487
v1.4.0/mocks/cloudtrail-multiregion-mock-tfplan-v2.sentinel Normal file
View file

@ -0,0 +1,487 @@
terraform_version = "1.6.3"
planned_values = {
"outputs": {},
"resources": {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"depends_on": [],
"deposed_key": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"tainted": false,
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
},
"aws_cloudtrail.example-multi-region": {
"address": "aws_cloudtrail.example-multi-region",
"depends_on": [],
"deposed_key": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example-multi-region",
"provider_name": "registry.terraform.io/hashicorp/aws",
"tainted": false,
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": true,
"insight_selector": [],
"is_multi_region_trail": true,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example-multi-region",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
},
},
}
variables = {}
resource_changes = {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"change": {
"actions": [
"no-op",
],
"after": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
"after_unknown": {},
"before": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
},
"deposed": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"type": "aws_cloudtrail",
},
"aws_cloudtrail.example-multi-region": {
"address": "aws_cloudtrail.example-multi-region",
"change": {
"actions": [
"create",
],
"after": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": true,
"insight_selector": [],
"is_multi_region_trail": true,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example-multi-region",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
"after_unknown": {
"advanced_event_selector": [],
"arn": true,
"event_selector": [],
"home_region": true,
"id": true,
"insight_selector": [],
"tags_all": true,
},
"before": null,
},
"deposed": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example-multi-region",
"provider_name": "registry.terraform.io/hashicorp/aws",
"type": "aws_cloudtrail",
},
}
output_changes = {}
raw = {
"configuration": {
"provider_config": {
"aws": {
"expressions": {
"region": {
"constant_value": "us-west-2",
},
},
"full_name": "registry.terraform.io/hashicorp/aws",
"name": "aws",
"version_constraint": "~> 5.0",
},
},
"root_module": {
"resources": [
{
"address": "aws_cloudtrail.example",
"expressions": {
"include_global_service_events": {
"constant_value": false,
},
"name": {
"constant_value": "example",
},
"s3_bucket_name": {
"constant_value": "stm-cloudtrail-sentinel",
},
},
"mode": "managed",
"name": "example",
"provider_config_key": "aws",
"schema_version": 0,
"type": "aws_cloudtrail",
},
{
"address": "aws_cloudtrail.example-multi-region",
"expressions": {
"include_global_service_events": {
"constant_value": true,
},
"is_multi_region_trail": {
"constant_value": true,
},
"name": {
"constant_value": "example-multi-region",
},
"s3_bucket_name": {
"constant_value": "stm-cloudtrail-sentinel",
},
},
"mode": "managed",
"name": "example-multi-region",
"provider_config_key": "aws",
"schema_version": 0,
"type": "aws_cloudtrail",
},
],
},
},
"format_version": "1.2",
"planned_values": {
"root_module": {
"resources": [
{
"address": "aws_cloudtrail.example",
"mode": "managed",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"schema_version": 0,
"sensitive_values": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags": {},
"tags_all": {},
},
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
},
{
"address": "aws_cloudtrail.example-multi-region",
"mode": "managed",
"name": "example-multi-region",
"provider_name": "registry.terraform.io/hashicorp/aws",
"schema_version": 0,
"sensitive_values": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags_all": {},
},
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": true,
"insight_selector": [],
"is_multi_region_trail": true,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example-multi-region",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
},
],
},
},
"prior_state": {
"format_version": "1.0",
"terraform_version": "1.6.3",
"values": {
"root_module": {
"resources": [
{
"address": "aws_cloudtrail.example",
"mode": "managed",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"schema_version": 0,
"sensitive_values": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags": {},
"tags_all": {},
},
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
},
],
},
},
},
"resource_changes": [
{
"address": "aws_cloudtrail.example",
"change": {
"actions": [
"no-op",
],
"after": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
"after_sensitive": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags": {},
"tags_all": {},
},
"after_unknown": {},
"before": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
"before_sensitive": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags": {},
"tags_all": {},
},
},
"mode": "managed",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"type": "aws_cloudtrail",
},
{
"address": "aws_cloudtrail.example-multi-region",
"change": {
"actions": [
"create",
],
"after": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": true,
"insight_selector": [],
"is_multi_region_trail": true,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example-multi-region",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
"after_sensitive": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags_all": {},
},
"after_unknown": {
"advanced_event_selector": [],
"arn": true,
"event_selector": [],
"home_region": true,
"id": true,
"insight_selector": [],
"tags_all": true,
},
"before": null,
"before_sensitive": false,
},
"mode": "managed",
"name": "example-multi-region",
"provider_name": "registry.terraform.io/hashicorp/aws",
"type": "aws_cloudtrail",
},
],
"terraform_version": "1.6.3",
}

50
v1.4.0/mocks/cloudtrail-multiregion-mock-tfrun.sentinel Normal file
View file

@ -0,0 +1,50 @@
id = "run-kMeuEdk8igq5Dghy"
created_at = "2023-11-07T00:15:32.205Z"
created_by = "seanmeininger"
message = "Triggered via CLI"
commit_sha = undefined
speculative = false
is_destroy = false
refresh = true
refresh_only = false
replace_addrs = null
target_addrs = null
project = {
"id": "prj-reb8RoikfSwzy97u",
"name": "Default Project",
}
variables = {
"AWS_ACCESS_KEY_ID": {
"category": "env",
"sensitive": false,
},
"AWS_SECRET_ACCESS_KEY": {
"category": "env",
"sensitive": true,
},
"AWS_SESSION_EXPIRATION": {
"category": "env",
"sensitive": false,
},
"AWS_SESSION_TOKEN": {
"category": "env",
"sensitive": true,
},
}
organization = {
"name": "sean-env",
}
workspace = {
"auto_apply": false,
"created_at": "2023-11-06T23:57:08.689Z",
"description": "Work description",
"execution_mode": "default",
"id": "ws-SiAU345Ch3vMXGXA",
"name": "cis-sentinel-resources",
"tags": [],
"vcs_repo": null,
"working_directory": "",
}

40
v1.4.0/mocks/cloudtrail-multiregion-mock-tfstate-v2.sentinel Normal file
View file

@ -0,0 +1,40 @@
terraform_version = "1.6.3"
outputs = {}
resources = {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"depends_on": [],
"deposed_key": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"tainted": false,
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"arn": "arn:aws:cloudtrail:us-west-2:323533494701:trail/example",
"cloud_watch_logs_group_arn": "",
"cloud_watch_logs_role_arn": "",
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"home_region": "us-west-2",
"id": "example",
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": "",
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": "",
"sns_topic_name": "",
"tags": {},
"tags_all": {},
},
},
}

60
v1.4.0/mocks/cloudtrail-singleregion-mock-tfconfig-v2.sentinel Normal file
View file

@ -0,0 +1,60 @@
import "strings"
providers = {
"aws": {
"alias": "",
"config": {
"region": {
"constant_value": "us-west-2",
},
},
"full_name": "registry.terraform.io/hashicorp/aws",
"module_address": "",
"name": "aws",
"provider_config_key": "aws",
"version_constraint": "~> 5.0",
},
}
resources = {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"config": {
"include_global_service_events": {
"constant_value": false,
},
"name": {
"constant_value": "example",
},
"s3_bucket_name": {
"constant_value": "stm-cloudtrail-sentinel",
},
},
"count": {},
"depends_on": [],
"for_each": {},
"mode": "managed",
"module_address": "",
"name": "example",
"provider_config_key": "aws",
"provisioners": [],
"type": "aws_cloudtrail",
},
}
provisioners = {}
variables = {}
outputs = {}
module_calls = {}
strip_index = func(addr) {
s = strings.split(addr, ".")
for s as i, v {
s[i] = strings.split(v, "[")[0]
}
return strings.join(s, ".")
}

216
v1.4.0/mocks/cloudtrail-singleregion-mock-tfplan-v2.sentinel Normal file
View file

@ -0,0 +1,216 @@
terraform_version = "1.6.3"
planned_values = {
"outputs": {},
"resources": {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"depends_on": [],
"deposed_key": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"tainted": false,
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
},
},
}
variables = {}
resource_changes = {
"aws_cloudtrail.example": {
"address": "aws_cloudtrail.example",
"change": {
"actions": [
"create",
],
"after": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
"after_unknown": {
"advanced_event_selector": [],
"arn": true,
"event_selector": [],
"home_region": true,
"id": true,
"insight_selector": [],
"tags_all": true,
},
"before": null,
},
"deposed": "",
"index": null,
"mode": "managed",
"module_address": "",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"type": "aws_cloudtrail",
},
}
output_changes = {}
raw = {
"configuration": {
"provider_config": {
"aws": {
"expressions": {
"region": {
"constant_value": "us-west-2",
},
},
"full_name": "registry.terraform.io/hashicorp/aws",
"name": "aws",
"version_constraint": "~> 5.0",
},
},
"root_module": {
"resources": [
{
"address": "aws_cloudtrail.example",
"expressions": {
"include_global_service_events": {
"constant_value": false,
},
"name": {
"constant_value": "example",
},
"s3_bucket_name": {
"constant_value": "stm-cloudtrail-sentinel",
},
},
"mode": "managed",
"name": "example",
"provider_config_key": "aws",
"schema_version": 0,
"type": "aws_cloudtrail",
},
],
},
},
"format_version": "1.2",
"planned_values": {
"root_module": {
"resources": [
{
"address": "aws_cloudtrail.example",
"mode": "managed",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"schema_version": 0,
"sensitive_values": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags_all": {},
},
"type": "aws_cloudtrail",
"values": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
},
],
},
},
"resource_changes": [
{
"address": "aws_cloudtrail.example",
"change": {
"actions": [
"create",
],
"after": {
"advanced_event_selector": [],
"cloud_watch_logs_group_arn": null,
"cloud_watch_logs_role_arn": null,
"enable_log_file_validation": false,
"enable_logging": true,
"event_selector": [],
"include_global_service_events": false,
"insight_selector": [],
"is_multi_region_trail": false,
"is_organization_trail": false,
"kms_key_id": null,
"name": "example",
"s3_bucket_name": "stm-cloudtrail-sentinel",
"s3_key_prefix": null,
"sns_topic_name": null,
"tags": null,
},
"after_sensitive": {
"advanced_event_selector": [],
"event_selector": [],
"insight_selector": [],
"tags_all": {},
},
"after_unknown": {
"advanced_event_selector": [],
"arn": true,
"event_selector": [],
"home_region": true,
"id": true,
"insight_selector": [],
"tags_all": true,
},
"before": null,
"before_sensitive": false,
},
"mode": "managed",
"name": "example",
"provider_name": "registry.terraform.io/hashicorp/aws",
"type": "aws_cloudtrail",
},
],
"terraform_version": "1.6.3",
}

50
v1.4.0/mocks/cloudtrail-singleregion-mock-tfrun.sentinel Normal file
View file

@ -0,0 +1,50 @@
id = "run-DZ9jn295kgBTAiWU"
created_at = "2023-11-07T00:08:21.839Z"
created_by = "seanmeininger"
message = "Triggered via CLI"
commit_sha = undefined
speculative = false
is_destroy = false
refresh = true
refresh_only = false
replace_addrs = null
target_addrs = null
project = {
"id": "prj-reb8RoikfSwzy97u",
"name": "Default Project",
}
variables = {
"AWS_ACCESS_KEY_ID": {
"category": "env",
"sensitive": false,
},
"AWS_SECRET_ACCESS_KEY": {
"category": "env",
"sensitive": true,
},
"AWS_SESSION_EXPIRATION": {
"category": "env",
"sensitive": false,
},
"AWS_SESSION_TOKEN": {
"category": "env",
"sensitive": true,
},
}
organization = {
"name": "sean-env",
}
workspace = {
"auto_apply": false,
"created_at": "2023-11-06T23:57:08.689Z",
"description": "Work description",
"execution_mode": "default",
"id": "ws-SiAU345Ch3vMXGXA",
"name": "cis-sentinel-resources",
"tags": [],
"vcs_repo": null,
"working_directory": "",
}

5
v1.4.0/mocks/cloudtrail-singleregion-mock-tfstate-v2.sentinel Normal file
View file

@ -0,0 +1,5 @@
terraform_version = undefined
outputs = {}
resources = {}

59
v1.4.0/mocks/sentinel.hcl Normal file
View file

@ -0,0 +1,59 @@
mock "tfconfig" {
module {
source = "mock-tfconfig.sentinel"
}
}
mock "tfconfig/v1" {
module {
source = "mock-tfconfig.sentinel"
}
}
mock "tfconfig/v2" {
module {
source = "mock-tfconfig-v2.sentinel"
}
}
mock "tfplan" {
module {
source = "mock-tfplan.sentinel"
}
}
mock "tfplan/v1" {
module {
source = "mock-tfplan.sentinel"
}
}
mock "tfplan/v2" {
module {
source = "mock-tfplan-v2.sentinel"
}
}
mock "tfstate" {
module {
source = "mock-tfstate.sentinel"
}
}
mock "tfstate/v1" {
module {
source = "mock-tfstate.sentinel"
}
}
mock "tfstate/v2" {
module {
source = "mock-tfstate-v2.sentinel"
}
}
mock "tfrun" {
module {
source = "mock-tfrun.sentinel"
}
}

11
v1.4.0/test/CloudTrail.1/fail.hcl Normal file
View file

@ -0,0 +1,11 @@
mock "tfplan/v2" {
module {
source = "../../mocks/cloudtrail-singleregion-mock-tfplan-v2.sentinel"
}
}
test {
rules = {
main = false
}
}

11
v1.4.0/test/CloudTrail.1/pass.hcl Normal file
View file

@ -0,0 +1,11 @@
mock "tfplan/v2" {
module {
source = "../../mocks/cloudtrail-multiregion-mock-tfplan-v2.sentinel"
}
}
test {
rules = {
main = true
}
}