| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398 | {  "version": 4,  "terraform_version": "0.12.26",  "serial": 64,  "lineage": "a5b3f3fc-da94-9f2f-5793-230f4da09eb8",  "outputs": {},  "resources": [    {      "module": "module.tfstate",      "mode": "data",      "type": "aws_caller_identity",      "name": "current",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "account_id": "471284459109",            "arn": "arn:aws:sts::471284459109:assumed-role/mdr_terraformer/terraform",            "id": "2020-07-07 14:30:10.582353 +0000 UTC",            "user_id": "AROAW3OV6EZSWAI4SXU5G:terraform"          }        }      ]    },    {      "module": "module.tfstate",      "mode": "data",      "type": "aws_iam_policy_document",      "name": "kms_key_policy_tfstate",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "id": "1506437348",            "json": "{\n  \"Version\": \"2012-10-17\",\n  \"Id\": \"key-consolepolicy-3\",\n  \"Statement\": [\n    {\n      \"Sid\": \"Enable IAM User Permissions\",\n      \"Effect\": \"Allow\",\n      \"Action\": \"kms:*\",\n      \"Resource\": \"*\",\n      \"Principal\": {\n        \"AWS\": \"arn:aws:iam::471284459109:root\"\n      }\n    },\n    {\n      \"Sid\": \"Allow access for Key Administrators\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"kms:Update*\",\n        \"kms:UntagResource\",\n        \"kms:TagResource\",\n        \"kms:ScheduleKeyDeletion\",\n        \"kms:Revoke*\",\n        \"kms:Put*\",\n        \"kms:List*\",\n        \"kms:Get*\",\n        \"kms:Enable*\",\n        \"kms:Disable*\",\n        \"kms:Describe*\",\n        \"kms:Delete*\",\n        \"kms:Create*\",\n        \"kms:CancelKeyDeletion\"\n      ],\n      \"Resource\": \"*\",\n      \"Principal\": {\n        \"AWS\": \"arn:aws:iam::471284459109:user/MDRAdmin\"\n      }\n    },\n    {\n      \"Sid\": \"Allow use of the key\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"kms:ReEncrypt*\",\n        \"kms:GenerateDataKey*\",\n        \"kms:Encrypt\",\n        \"kms:DescribeKey\",\n        \"kms:Decrypt\"\n      ],\n      \"Resource\": \"*\",\n      \"Principal\": {\n        \"AWS\": \"arn:aws:iam::471284459109:user/MDRAdmin\"\n      }\n    },\n    {\n      \"Sid\": \"Allow attachment of persistent resources\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"kms:RevokeGrant\",\n        \"kms:ListGrants\",\n        \"kms:CreateGrant\"\n      ],\n      \"Resource\": \"*\",\n      \"Principal\": {\n        \"AWS\": \"arn:aws:iam::471284459109:user/MDRAdmin\"\n      },\n      \"Condition\": {\n        \"Bool\": {\n          \"kms:GrantIsForAWSResource\": \"true\"\n        }\n      }\n    }\n  ]\n}",            "override_json": null,            "policy_id": "key-consolepolicy-3",            "source_json": null,            "statement": [              {                "actions": [                  "kms:*"                ],                "condition": [],                "effect": "Allow",                "not_actions": [],                "not_principals": [],                "not_resources": [],                "principals": [                  {                    "identifiers": [                      "arn:aws:iam::471284459109:root"                    ],                    "type": "AWS"                  }                ],                "resources": [                  "*"                ],                "sid": "Enable IAM User Permissions"              },              {                "actions": [                  "kms:CancelKeyDeletion",                  "kms:Create*",                  "kms:Delete*",                  "kms:Describe*",                  "kms:Disable*",                  "kms:Enable*",                  "kms:Get*",                  "kms:List*",                  "kms:Put*",                  "kms:Revoke*",                  "kms:ScheduleKeyDeletion",                  "kms:TagResource",                  "kms:UntagResource",                  "kms:Update*"                ],                "condition": [],                "effect": "Allow",                "not_actions": [],                "not_principals": [],                "not_resources": [],                "principals": [                  {                    "identifiers": [                      "arn:aws:iam::471284459109:user/MDRAdmin"                    ],                    "type": "AWS"                  }                ],                "resources": [                  "*"                ],                "sid": "Allow access for Key Administrators"              },              {                "actions": [                  "kms:Decrypt",                  "kms:DescribeKey",                  "kms:Encrypt",                  "kms:GenerateDataKey*",                  "kms:ReEncrypt*"                ],                "condition": [],                "effect": "Allow",                "not_actions": [],                "not_principals": [],                "not_resources": [],                "principals": [                  {                    "identifiers": [                      "arn:aws:iam::471284459109:user/MDRAdmin"                    ],                    "type": "AWS"                  }                ],                "resources": [                  "*"                ],                "sid": "Allow use of the key"              },              {                "actions": [                  "kms:CreateGrant",                  "kms:ListGrants",                  "kms:RevokeGrant"                ],                "condition": [                  {                    "test": "Bool",                    "values": [                      "true"                    ],                    "variable": "kms:GrantIsForAWSResource"                  }                ],                "effect": "Allow",                "not_actions": [],                "not_principals": [],                "not_resources": [],                "principals": [                  {                    "identifiers": [                      "arn:aws:iam::471284459109:user/MDRAdmin"                    ],                    "type": "AWS"                  }                ],                "resources": [                  "*"                ],                "sid": "Allow attachment of persistent resources"              }            ],            "version": "2012-10-17"          }        }      ]    },    {      "module": "module.tfstate",      "mode": "data",      "type": "aws_partition",      "name": "current",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "dns_suffix": "amazonaws.com",            "id": "2020-07-07 14:30:10.354104 +0000 UTC",            "partition": "aws"          }        }      ]    },    {      "module": "module.tfstate",      "mode": "managed",      "type": "aws_dynamodb_table",      "name": "lock_table",      "provider": "provider.aws",      "instances": [        {          "schema_version": 1,          "attributes": {            "arn": "arn:aws:dynamodb:us-east-1:471284459109:table/afsxdr-terraform-state",            "attribute": [              {                "name": "LockID",                "type": "S"              }            ],            "billing_mode": "PAY_PER_REQUEST",            "global_secondary_index": [],            "hash_key": "LockID",            "id": "afsxdr-terraform-state",            "local_secondary_index": [],            "name": "afsxdr-terraform-state",            "point_in_time_recovery": [              {                "enabled": false              }            ],            "range_key": null,            "read_capacity": 0,            "replica": [],            "server_side_encryption": [              {                "enabled": true,                "kms_key_arn": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0"              }            ],            "stream_arn": "",            "stream_enabled": false,            "stream_label": "",            "stream_view_type": "",            "tags": {              "Name": "afsxdr-terraform-state"            },            "timeouts": null,            "ttl": [              {                "attribute_name": "",                "enabled": false              }            ],            "write_capacity": 0          },          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjM2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",          "dependencies": [            "module.tfstate.aws_kms_key.tfstate"          ]        }      ]    },    {      "module": "module.tfstate",      "mode": "managed",      "type": "aws_kms_alias",      "name": "tfstate",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "arn": "arn:aws:kms:us-east-1:471284459109:alias/tfstate",            "id": "alias/tfstate",            "name": "alias/tfstate",            "name_prefix": null,            "target_key_arn": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0",            "target_key_id": "5f348d15-d45c-434a-99ee-362970e0e5b0"          },          "private": "bnVsbA==",          "dependencies": [            "module.tfstate.aws_kms_key.tfstate"          ]        }      ]    },    {      "module": "module.tfstate",      "mode": "managed",      "type": "aws_kms_key",      "name": "tfstate",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "arn": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0",            "customer_master_key_spec": "SYMMETRIC_DEFAULT",            "deletion_window_in_days": 30,            "description": "tfstate bucket default S3 SSE-KMS",            "enable_key_rotation": true,            "id": "5f348d15-d45c-434a-99ee-362970e0e5b0",            "is_enabled": true,            "key_id": "5f348d15-d45c-434a-99ee-362970e0e5b0",            "key_usage": "ENCRYPT_DECRYPT",            "policy": "{\"Id\":\"key-consolepolicy-3\",\"Statement\":[{\"Action\":\"kms:*\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:root\"},\"Resource\":\"*\",\"Sid\":\"Enable IAM User Permissions\"},{\"Action\":[\"kms:Update*\",\"kms:UntagResource\",\"kms:TagResource\",\"kms:ScheduleKeyDeletion\",\"kms:Revoke*\",\"kms:Put*\",\"kms:List*\",\"kms:Get*\",\"kms:Enable*\",\"kms:Disable*\",\"kms:Describe*\",\"kms:Delete*\",\"kms:Create*\",\"kms:CancelKeyDeletion\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:user/MDRAdmin\"},\"Resource\":\"*\",\"Sid\":\"Allow access for Key Administrators\"},{\"Action\":[\"kms:ReEncrypt*\",\"kms:GenerateDataKey*\",\"kms:Encrypt\",\"kms:DescribeKey\",\"kms:Decrypt\"],\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:user/MDRAdmin\"},\"Resource\":\"*\",\"Sid\":\"Allow use of the key\"},{\"Action\":[\"kms:RevokeGrant\",\"kms:ListGrants\",\"kms:CreateGrant\"],\"Condition\":{\"Bool\":{\"kms:GrantIsForAWSResource\":\"true\"}},\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::471284459109:user/MDRAdmin\"},\"Resource\":\"*\",\"Sid\":\"Allow attachment of persistent resources\"}],\"Version\":\"2012-10-17\"}",            "tags": {}          },          "private": "bnVsbA=="        }      ]    },    {      "module": "module.tfstate",      "mode": "managed",      "type": "aws_s3_bucket",      "name": "tfstate",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "acceleration_status": "",            "acl": "private",            "arn": "arn:aws:s3:::afsxdr-terraform-state",            "bucket": "afsxdr-terraform-state",            "bucket_domain_name": "afsxdr-terraform-state.s3.amazonaws.com",            "bucket_prefix": null,            "bucket_regional_domain_name": "afsxdr-terraform-state.s3.amazonaws.com",            "cors_rule": [],            "force_destroy": false,            "grant": [],            "hosted_zone_id": "Z3AQBSTGFYJSTF",            "id": "afsxdr-terraform-state",            "lifecycle_rule": [              {                "abort_incomplete_multipart_upload_days": 7,                "enabled": true,                "expiration": [],                "id": "tf-s3-lifecycle-20200526021436652500000001",                "noncurrent_version_expiration": [                  {                    "days": 730                  }                ],                "noncurrent_version_transition": [                  {                    "days": 30,                    "storage_class": "STANDARD_IA"                  }                ],                "prefix": "",                "tags": {},                "transition": []              }            ],            "logging": [],            "object_lock_configuration": [],            "policy": null,            "region": "us-east-1",            "replication_configuration": [],            "request_payer": "BucketOwner",            "server_side_encryption_configuration": [              {                "rule": [                  {                    "apply_server_side_encryption_by_default": [                      {                        "kms_master_key_id": "arn:aws:kms:us-east-1:471284459109:key/5f348d15-d45c-434a-99ee-362970e0e5b0",                        "sse_algorithm": "aws:kms"                      }                    ]                  }                ]              }            ],            "tags": {},            "versioning": [              {                "enabled": true,                "mfa_delete": false              }            ],            "website": [],            "website_domain": null,            "website_endpoint": null          },          "private": "bnVsbA==",          "dependencies": [            "module.tfstate.aws_kms_key.tfstate"          ]        }      ]    },    {      "module": "module.tfstate",      "mode": "managed",      "type": "aws_s3_bucket_public_access_block",      "name": "tfstate",      "provider": "provider.aws",      "instances": [        {          "schema_version": 0,          "attributes": {            "block_public_acls": true,            "block_public_policy": true,            "bucket": "afsxdr-terraform-state",            "id": "afsxdr-terraform-state",            "ignore_public_acls": true,            "restrict_public_buckets": true          },          "private": "bnVsbA==",          "dependencies": [            "module.tfstate.aws_kms_key.tfstate",            "module.tfstate.aws_s3_bucket.tfstate"          ]        }      ]    }  ]}
 |