-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds initial version of Terraform asset inventory query pack
Signed-off-by: Scott Ford <[email protected]>
- Loading branch information
1 parent
44eb67a
commit 212ccb0
Showing
1 changed file
with
58 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| # Copyright (c) Mondoo, Inc. | ||
| # SPDX-License-Identifier: BUSL-1.1 | ||
|
|
||
| packs: | ||
| - uid: mondoo-asset-inventory-terraform | ||
| name: Terraform Asset Inventory Pack | ||
| version: 1.0.0 | ||
| license: BUSL-1.1 | ||
| authors: | ||
| - name: Mondoo, Inc | ||
| email: [email protected] | ||
| tags: | ||
| mondoo.com/platform: terraform, | ||
| mondoo.com/category: inventory | ||
| docs: | ||
| desc: | | ||
| The Terraform Asset Inventory Pack retrieves information about Terraform HCL, Terraform Plan, and Terraform State for asset inventory. | ||
| groups: | ||
| - title: Terraform State Asset inventory for AWS | ||
| filters: asset.platform == "terraform-state" && terraform.state.resources.any( type == /^aws_/ ) | ||
| queries: | ||
| - uid: mondoo-asset-inventory-terraform-state-version | ||
| - uid: mondoo-asset-inventory-terraform-state-aws-resources | ||
| - title: Terraform State Asset inventory for Google Cloud | ||
| filters: asset.platform == "terraform-state" && terraform.state.resources.any( type == /^google_/ ) | ||
| queries: | ||
| - uid: mondoo-asset-inventory-terraform-state-version | ||
| - uid: mondoo-asset-inventory-terraform-state-gcp-resources | ||
| - title: Terraform State Asset inventory for Microsoft Azure | ||
| filters: asset.platform == "terraform-state" && terraform.state.resources.any( type == /^azurerm_/ ) | ||
| queries: | ||
| - uid: mondoo-asset-inventory-terraform-state-version | ||
| - uid: mondoo-asset-inventory-terraform-state-azure-resources | ||
| queries: | ||
| - uid: mondoo-asset-inventory-terraform-state-version | ||
| title: Terraform State Terraform Version | ||
| docs: | ||
| desc: | | ||
| This query gathers the version of Terraform that was used to execute a Terraform run. | ||
| mql: terraform.state.terraformVersion | ||
| - uid: mondoo-asset-inventory-terraform-state-aws-resources | ||
| title: AWS Terraform State resources | ||
| docs: | ||
| desc: | | ||
| This query gathers the resources stored in Terraform state files that manage any AWS resources. The data is only gather if any of the resources match 'aws_' such as 'aws_s3_bucket'. | ||
| mql: terraform.state.resources { type providerName values['arn'] values['owner_id'] } | ||
| - uid: mondoo-asset-inventory-terraform-state-gcp-resources | ||
| title: Google Cloud Terraform State resources | ||
| docs: | ||
| desc: | | ||
| This query gathers the resources stored in Terraform state files that manage any Google Cloud resources. The data is only gather if any of the resources match 'google_' such as 'google_compute_instance'. | ||
| mql: terraform.state.resources { type providerName values['project'] values['id'] } | ||
| - uid: mondoo-asset-inventory-terraform-state-azure-resources | ||
| title: Microsoft Azure Terraform State resources | ||
| docs: | ||
| desc: | | ||
| This query gathers the resources stored in Terraform state files that manage any Microsoft Azure resources. The data is only gather if any of the resources match 'azurerm_' such as 'azurerm_resource_group'. | ||
| mql: terraform.state.resources { type providerName values['id'] } |