Updates C2 Account Standards to AWS 4.0; Adds helper script for that process

bin/aws40_import_account_standards

@@ -18,5 +18,5 @@ for i in ${TO_IMPORT[@]}; do
   else
     EXTRA=""
   fi
-  terragrunt-local import $i ${BUCKET_NAME}${EXTRA}
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
 done

bin/aws40_import_account_standards_c2

@@ -0,0 +1,133 @@
+#! /bin/bash
+#
+# Simple helper script to do the appropriate imports for the account_standards_c2 module.
+
+# Variables that don't change
+ACCOUNT_ID=$(cat ../account.hcl | egrep -v '^#' | egrep aws_account_id | awk '{ print $3 }' | sed 's/"//g')
+REGION=$(cat ../../region.hcl | egrep -v '^#' | egrep aws_region | awk '{ print $3 }' | sed 's/"//g')
+ENVIRONMENT=$(cat ../../../env.hcl | egrep -v '^#' | egrep "environment =" | awk '{ print $3 }' | sed 's/"//g')
+
+echo ""
+echo ----------------------------
+echo xdr-config-test-access-logs:
+TO_IMPORT=(
+module.xdr_config_logging_bucket.aws_s3_bucket_versioning.this
+module.xdr_config_logging_bucket.aws_s3_bucket_server_side_encryption_configuration.this
+module.xdr_config_logging_bucket.aws_s3_bucket_logging.this
+module.xdr_config_logging_bucket.aws_s3_bucket_lifecycle_configuration.this[0]
+module.xdr_config_logging_bucket.aws_s3_bucket_acl.log_bucket_acl
+)
+
+BUCKET_NAME=xdr-config-${ENVIRONMENT}-access-logs
+for i in ${TO_IMPORT[@]}; do
+  if [[ $i =~ aws_s3_bucket_acl ]]; then
+    EXTRA=",private"
+  else
+    EXTRA=""
+  fi
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
+done
+
+echo ""
+echo ----------------------------
+echo xdr-cloudtrail-logs-test-access-logs:
+TO_IMPORT=(
+module.s3_logging_bucket.aws_s3_bucket_versioning.this
+module.s3_logging_bucket.aws_s3_bucket_server_side_encryption_configuration.this
+module.s3_logging_bucket.aws_s3_bucket_logging.this
+module.s3_logging_bucket.aws_s3_bucket_lifecycle_configuration.this[0]
+module.s3_logging_bucket.aws_s3_bucket_acl.log_bucket_acl
+)
+
+BUCKET_NAME=xdr-cloudtrail-logs-${ENVIRONMENT}-access-logs
+for i in ${TO_IMPORT[@]}; do
+  if [[ $i =~ aws_s3_bucket_acl ]]; then
+    EXTRA=",private"
+  else
+    EXTRA=""
+  fi
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
+done
+
+echo ""
+echo ----------------------------
+echo xdr-elb-test-access-logs:
+TO_IMPORT=(
+module.elb_logging_logging_bucket.aws_s3_bucket_versioning.this
+module.elb_logging_logging_bucket.aws_s3_bucket_server_side_encryption_configuration.this
+module.elb_logging_logging_bucket.aws_s3_bucket_logging.this
+module.elb_logging_logging_bucket.aws_s3_bucket_lifecycle_configuration.this[0]
+module.elb_logging_logging_bucket.aws_s3_bucket_acl.log_bucket_acl
+)
+
+BUCKET_NAME=xdr-elb-${ENVIRONMENT}-access-logs
+for i in ${TO_IMPORT[@]}; do
+  if [[ $i =~ aws_s3_bucket_acl ]]; then
+    EXTRA=",private"
+  else
+    EXTRA=""
+  fi
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
+done
+
+echo ""
+echo ----------------------------
+echo xdr-cloudtrail-logs-test:
+TO_IMPORT=(
+module.cloudtrail_logging_bucket.aws_s3_bucket_versioning.this
+module.cloudtrail_logging_bucket.aws_s3_bucket_server_side_encryption_configuration.kinesis_firehose_s3_bucket
+module.cloudtrail_logging_bucket.aws_s3_bucket_logging.this
+module.cloudtrail_logging_bucket.aws_s3_bucket_lifecycle_configuration.this
+module.cloudtrail_logging_bucket.aws_s3_bucket_acl.this
+)
+
+BUCKET_NAME=xdr-cloudtrail-logs-${ENVIRONMENT}
+for i in ${TO_IMPORT[@]}; do
+  if [[ $i =~ aws_s3_bucket_acl ]]; then
+    EXTRA=",private"
+  else
+    EXTRA=""
+  fi
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
+done
+
+echo ""
+echo ----------------------------
+echo xdr-config-test:
+TO_IMPORT=(
+aws_s3_bucket_versioning.xdr_config_bucket
+aws_s3_bucket_server_side_encryption_configuration.xdr_config_bucket
+aws_s3_bucket_logging.xdr_config_bucket
+aws_s3_bucket_acl.xdr_config_bucket
+)
+
+BUCKET_NAME=xdr-config-${ENVIRONMENT}
+for i in ${TO_IMPORT[@]}; do
+  if [[ $i =~ aws_s3_bucket_acl ]]; then
+    EXTRA=",private"
+  else
+    EXTRA=""
+  fi
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
+done
+
+echo ""
+echo ----------------------------
+echo xdr-elb-test:
+TO_IMPORT=(
+aws_s3_bucket_logging.elb_logging_bucket
+aws_s3_bucket_versioning.s3_version_elb_logging_bucket
+aws_s3_bucket_server_side_encryption_configuration.s3_sse_elb_logging_bucket
+aws_s3_bucket_logging.elb_logging_bucket
+aws_s3_bucket_acl.s3_acl_elb_logging_bucket
+)
+
+BUCKET_NAME=xdr-elb-${ENVIRONMENT}
+for i in ${TO_IMPORT[@]}; do
+  if [[ $i =~ aws_s3_bucket_acl ]]; then
+    EXTRA=",private"
+  else
+    EXTRA=""
+  fi
+  terragrunt import $i ${BUCKET_NAME}${EXTRA}
+done

prod/aws-us-gov/mdr-prod-c2/005-account-standards-c2/terragrunt.hcl

@@ -15,7 +15,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v3.5.16"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v4.0.4"
 }
 
 # Include all settings from the root terragrunt.hcl file

prod/aws/mdr-prod-c2/005-account-standards-c2/terragrunt.hcl

@@ -15,7 +15,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v3.5.16"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v4.0.4"
 }
 
 # Include all settings from the root terragrunt.hcl file

test/aws-us-gov/mdr-test-c2/005-account-standards-c2/terragrunt.hcl

@@ -15,7 +15,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v4.0.0"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v4.0.4"
 }
 
 # Include all settings from the root terragrunt.hcl file

test/aws/mdr-test-c2/005-account-standards-c2/terragrunt.hcl

@@ -15,7 +15,7 @@ locals {
 # working directory, into a temporary folder, and execute your Terraform commands in that folder.
 terraform {
   # Double slash is intentional and required to show root of modules
-  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v3.5.16"
+  source = "git@github.xdr.accenturefederalcyber.com:mdr-engineering/xdr-terraform-modules.git//base/account_standards_c2?ref=v4.0.4"
 }
 
 # Include all settings from the root terragrunt.hcl file