{ "version": 4, "terraform_version": "0.12.26", "serial": 64, "lineage": "a5b3f3fc-da94-9f2f-5793-230f4da09eb8", "outputs": {}, "resources": [ { "module": "module.tfstate", "mode": "data", "type": "aws_caller_identity", "name": "current", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "account_id": "471284459109", "arn": "arn:aws:sts::471284459109:assumed-role/mdr_terraformer/terraform", "id": "2020-07-07 14:30:10.582353 +0000 UTC", "user_id": "AROAW3OV6EZSWAI4SXU5G:terraform" } } ] }, { "module": "module.tfstate", "mode": "data", "type": "aws_iam_policy_document", "name": "kms_key_policy_tfstate", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "id": "1506437348", "json": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-consolepolicy-3\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Action\": \"kms:*\",\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::471284459109:root\"\n }\n },\n {\n \"Sid\": \"Allow access for Key Administrators\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:Update*\",\n \"kms:UntagResource\",\n \"kms:TagResource\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:Revoke*\",\n \"kms:Put*\",\n \"kms:List*\",\n \"kms:Get*\",\n \"kms:Enable*\",\n \"kms:Disable*\",\n \"kms:Describe*\",\n \"kms:Delete*\",\n \"kms:Create*\",\n \"kms:CancelKeyDeletion\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::471284459109:user/MDRAdmin\"\n }\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey*\",\n \"kms:Encrypt\",\n \"kms:DescribeKey\",\n \"kms:Decrypt\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::471284459109:user/MDRAdmin\"\n }\n },\n {\n \"Sid\": \"Allow attachment of persistent resources\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"kms:RevokeGrant\",\n \"kms:ListGrants\",\n \"kms:CreateGrant\"\n ],\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::471284459109:user/MDRAdmin\"\n },\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\"\n }\n }\n }\n ]\n}", "override_json": null, "policy_id": "key-consolepolicy-3", "source_json": null, "statement": [ { "actions": [ "kms:*" ], "condition": [], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [ { "identifiers": [ "arn:aws:iam::471284459109:root" ], "type": "AWS" } ], "resources": [ "*" ], "sid": "Enable IAM User Permissions" }, { "actions": [ "kms:CancelKeyDeletion", "kms:Create*", "kms:Delete*", "kms:Describe*", "kms:Disable*", "kms:Enable*", "kms:Get*", "kms:List*", "kms:Put*", "kms:Revoke*", "kms:ScheduleKeyDeletion", "kms:TagResource", "kms:UntagResource", "kms:Update*" ], "condition": [], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [ { "identifiers": [ "arn:aws:iam::471284459109:user/MDRAdmin" ], "type": "AWS" } ], "resources": [ "*" ], "sid": "Allow access for Key Administrators" }, { "actions": [ "kms:Decrypt", "kms:DescribeKey", "kms:Encrypt", "kms:GenerateDataKey*", "kms:ReEncrypt*" ], "condition": [], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [ { "identifiers": [ "arn:aws:iam::471284459109:user/MDRAdmin" ], "type": "AWS" } ], "resources": [ "*" ], "sid": "Allow use of the key" }, { "actions": [ "kms:CreateGrant", "kms:ListGrants", "kms:RevokeGrant" ], "condition": [ { "test": "Bool", "values": [ "true" ], "variable": "kms:GrantIsForAWSResource" } ], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [ { "identifiers": [ "arn:aws:iam::471284459109:user/MDRAdmin" ], "type": "AWS" } ], "resources": [ "*" ], "sid": "Allow attachment of persistent resources" } ], "version": "2012-10-17" } } ] }, { "module": "module.tfstate", "mode": "data", "type": "aws_partition", "name": "current", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "dns_suffix": "amazonaws.com", "id": "2020-07-07 14:30:10.354104 +0000 UTC", "partition": "aws" } } ] }, { "module": "module.tfstate", "mode": "managed", "type": "aws_dynamodb_table", "name": "lock_table", "provider": "provider.aws", "instances": [ { "schema_version": 1, "attributes": { "arn": "arn:aws:dynamodb:us-east-1:471284459109:table/afsxdr-terraform-state", "attribute": [ { "name": "LockID", "type": "S" } ], "billing_mode": "PAY_PER_REQUEST", "global_secondary_index": [], "hash_key": "LockID", "id": "afsxdr-terraform-state", "local_secondary_index": [], "name": "afsxdr-terraform-state", "point_in_time_recovery": [ { "enabled": false } ], "range_key": null, "read_capacity": 0, "replica": [], "server_side_encryption": [ { "enabled": true, "kms_key_arn": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0" } ], "stream_arn": "", "stream_enabled": false, "stream_label": "", "stream_view_type": "", "tags": { "Name": "afsxdr-terraform-state" }, "timeouts": null, "ttl": [ { "attribute_name": "", "enabled": false } ], "write_capacity": 0 }, "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjM2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", "dependencies": [ "module.tfstate.aws_kms_key.tfstate" ] } ] }, { "module": "module.tfstate", "mode": "managed", "type": "aws_kms_alias", "name": "tfstate", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "arn": "arn:aws:kms:us-east-1:471284459109:alias/tfstate", "id": "alias/tfstate", "name": "alias/tfstate", "name_prefix": null, "target_key_arn": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0", "target_key_id": "5f348d15-d45c-434a-99ee-362970e0e5b0" }, "private": "bnVsbA==", "dependencies": [ "module.tfstate.aws_kms_key.tfstate" ] } ] }, { "module": "module.tfstate", "mode": "managed", "type": "aws_kms_key", "name": "tfstate", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "arn": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0", "customer_master_key_spec": "SYMMETRIC_DEFAULT", "deletion_window_in_days": 30, "description": "tfstate bucket default S3 SSE-KMS", "enable_key_rotation": true, "id": "5f348d15-d45c-434a-99ee-362970e0e5b0", "is_enabled": true, "key_id": "5f348d15-d45c-434a-99ee-362970e0e5b0", "key_usage": "ENCRYPT_DECRYPT", "policy": "{\"Id\":\"key-consolepolicy-3\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"},{\"Action\":[\"kms:Update*\",\"kms:UntagResource\",\"kms:TagResource\",\"kms:ScheduleKeyDeletion\",\"kms:Revoke*\",\"kms:Put*\",\"kms:List*\",\"kms:Get*\",\"kms:Enable*\",\"kms:Disable*\",\"kms:Describe*\",\"kms:Delete*\",\"kms:Create*\",\"kms:CancelKeyDeletion\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:user/MDRAdmin\"},\"Resource\":\"*\",\"Sid\":\"Allow access for Key Administrators\"},{\"Action\":[\"kms:ReEncrypt*\",\"kms:GenerateDataKey*\",\"kms:Encrypt\",\"kms:DescribeKey\",\"kms:Decrypt\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:user/MDRAdmin\"},\"Resource\":\"*\",\"Sid\":\"Allow use of the key\"},{\"Action\":[\"kms:RevokeGrant\",\"kms:ListGrants\",\"kms:CreateGrant\"],\"Condition\":{\"Bool\":{\"kms:GrantIsForAWSResource\":\"true\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:user/MDRAdmin\"},\"Resource\":\"*\",\"Sid\":\"Allow attachment of persistent resources\"}],\"Version\":\"2012-10-17\"}", "tags": {} }, "private": "bnVsbA==" } ] }, { "module": "module.tfstate", "mode": "managed", "type": "aws_s3_bucket", "name": "tfstate", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "acceleration_status": "", "acl": "private", "arn": "arn:aws:s3:::afsxdr-terraform-state", "bucket": "afsxdr-terraform-state", "bucket_domain_name": "afsxdr-terraform-state.s3.amazonaws.com", "bucket_prefix": null, "bucket_regional_domain_name": "afsxdr-terraform-state.s3.amazonaws.com", "cors_rule": [], "force_destroy": false, "grant": [], "hosted_zone_id": "Z3AQBSTGFYJSTF", "id": "afsxdr-terraform-state", "lifecycle_rule": [ { "abort_incomplete_multipart_upload_days": 7, "enabled": true, "expiration": [], "id": "tf-s3-lifecycle-20200526021436652500000001", "noncurrent_version_expiration": [ { "days": 730 } ], "noncurrent_version_transition": [ { "days": 30, "storage_class": "STANDARD_IA" } ], "prefix": "", "tags": {}, "transition": [] } ], "logging": [], "object_lock_configuration": [], "policy": null, "region": "us-east-1", "replication_configuration": [], "request_payer": "BucketOwner", "server_side_encryption_configuration": [ { "rule": [ { "apply_server_side_encryption_by_default": [ { "kms_master_key_id": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0", "sse_algorithm": "aws:kms" } ] } ] } ], "tags": {}, "versioning": [ { "enabled": true, "mfa_delete": false } ], "website": [], "website_domain": null, "website_endpoint": null }, "private": "bnVsbA==", "dependencies": [ "module.tfstate.aws_kms_key.tfstate" ] } ] }, { "module": "module.tfstate", "mode": "managed", "type": "aws_s3_bucket_public_access_block", "name": "tfstate", "provider": "provider.aws", "instances": [ { "schema_version": 0, "attributes": { "block_public_acls": true, "block_public_policy": true, "bucket": "afsxdr-terraform-state", "id": "afsxdr-terraform-state", "ignore_public_acls": true, "restrict_public_buckets": true }, "private": "bnVsbA==", "dependencies": [ "module.tfstate.aws_kms_key.tfstate", "module.tfstate.aws_s3_bucket.tfstate" ] } ] } ] }