fix: requirements.txt to reduce vulnerabilities #198
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
💰 Infracost reportMonthly estimate generatedThis comment will be updated when code changes. |
💰 Infracost reportMonthly estimate generatedThis comment will be updated when code changes. |
Plan Result
Change Result (Click me) # aws_api_gateway_deployment.test will be created
+ resource "aws_api_gateway_deployment" "test" {
+ created_date = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ invoke_url = (known after apply)
+ rest_api_id = (known after apply)
+ stage_name = "mtchoun-mouh-snyk-fix-werkzeug-dev"
}
# aws_api_gateway_integration.integration will be created
+ resource "aws_api_gateway_integration" "integration" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ http_method = "POST"
+ id = (known after apply)
+ integration_http_method = "POST"
+ passthrough_behavior = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "AWS_PROXY"
+ uri = (known after apply)
}
# aws_api_gateway_method.method will be created
+ resource "aws_api_gateway_method" "method" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# aws_api_gateway_method_response.method_response_200 will be created
+ resource "aws_api_gateway_method_response" "method_response_200" {
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = false
+ "method.response.header.Access-Control-Allow-Origin" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# aws_api_gateway_resource.resource will be created
+ resource "aws_api_gateway_resource" "resource" {
+ id = (known after apply)
+ parent_id = (known after apply)
+ path = (known after apply)
+ path_part = "register"
+ rest_api_id = (known after apply)
}
# aws_api_gateway_rest_api.api will be created
+ resource "aws_api_gateway_rest_api" "api" {
+ api_key_source = (known after apply)
+ arn = (known after apply)
+ binary_media_types = (known after apply)
+ created_date = (known after apply)
+ description = "Allow to register user for sending notifications later"
+ disable_execute_api_endpoint = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ minimum_compression_size = -1
+ name = "mtchoun-mouh-snyk-fix-werkzeug-user registration"
+ policy = (known after apply)
+ root_resource_id = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ endpoint_configuration {
+ types = [
+ "REGIONAL",
]
+ vpc_endpoint_ids = (known after apply)
}
}
# aws_cloudwatch_event_rule.scheduler will be created
+ resource "aws_cloudwatch_event_rule" "scheduler" {
+ arn = (known after apply)
+ description = "extract image - verify passport is out - send notifications"
+ event_bus_name = "default"
+ id = (known after apply)
+ is_enabled = true
+ name = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ name_prefix = (known after apply)
+ schedule_expression = "cron(0 8 ? * MON-FRI *)"
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
}
# aws_cloudwatch_event_target.target will be created
+ resource "aws_cloudwatch_event_target" "target" {
+ arn = (known after apply)
+ event_bus_name = "default"
+ id = (known after apply)
+ rule = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ target_id = "lambda"
}
# aws_dynamodb_table.Link_table will be created
+ resource "aws_dynamodb_table" "Link_table" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "link"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "link"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Register will be created
+ resource "aws_dynamodb_table" "Register" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "Name"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "Name"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Users will be created
+ resource "aws_dynamodb_table" "Users" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "UserName"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Users"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "UserName"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_lambda_function.lambda will be created
+ resource "aws_lambda_function" "lambda" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ handler = "lambda.register_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ layers = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "aG/693OgtesclFbtQG3JpowPoOxVEki6ETbi5wlrhnw="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 10
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_function.scan will be created
+ resource "aws_lambda_function" "scan" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ handler = "lambda.scan_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "aG/693OgtesclFbtQG3JpowPoOxVEki6ETbi5wlrhnw="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 900
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_layer_version.test_lambda_layer will be created
+ resource "aws_lambda_layer_version" "test_lambda_layer" {
+ arn = (known after apply)
+ compatible_runtimes = [
+ "python3.7",
+ "python3.8",
]
+ created_date = (known after apply)
+ filename = "make_lamda_layer/python.zip"
+ id = (known after apply)
+ layer_arn = (known after apply)
+ layer_name = "test_lambda_layer"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = (known after apply)
+ source_code_size = (known after apply)
+ version = (known after apply)
}
# aws_lambda_permission.allow_cloudwatch_to_call_check_foo will be created
+ resource "aws_lambda_permission" "allow_cloudwatch_to_call_check_foo" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ id = (known after apply)
+ principal = "events.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromCloudWatch"
}
# aws_lambda_permission.apigw_lambda will be created
+ resource "aws_lambda_permission" "apigw_lambda" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ id = (known after apply)
+ principal = "apigateway.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromAPIGateway"
}
# aws_s3_bucket.images will be created
+ resource "aws_s3_bucket" "images" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ versioning (known after apply)
}
# aws_s3_bucket.website will be created
+ resource "aws_s3_bucket" "website" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ cors_rule {
+ allowed_headers = [
+ "*",
]
+ allowed_methods = [
+ "PUT",
+ "POST",
+ "GET",
]
+ allowed_origins = [
+ "*",
]
}
+ versioning (known after apply)
+ website {
+ error_document = "error.html"
+ index_document = "index.html"
}
}
# aws_s3_bucket_object.example_file will be created
+ resource "aws_s3_bucket_object" "example_file" {
+ acl = "private"
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "index.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/index.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# aws_s3_bucket_policy.website will be created
+ resource "aws_s3_bucket_policy" "website" {
+ bucket = (known after apply)
+ id = (known after apply)
+ policy = (known after apply)
}
# aws_s3_bucket_public_access_block.website will be created
+ resource "aws_s3_bucket_public_access_block" "website" {
+ block_public_acls = false
+ block_public_policy = false
+ bucket = (known after apply)
+ id = (known after apply)
+ ignore_public_acls = false
+ restrict_public_buckets = false
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
# module.cors.aws_api_gateway_integration._ will be created
+ resource "aws_api_gateway_integration" "_" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ content_handling = "CONVERT_TO_TEXT"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ passthrough_behavior = (known after apply)
+ request_templates = {
+ "application/json" = jsonencode(
{
+ statusCode = 200
}
)
}
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "MOCK"
}
# module.cors.aws_api_gateway_integration_response._ will be created
+ resource "aws_api_gateway_integration_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = "'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key'"
+ "method.response.header.Access-Control-Allow-Methods" = "'OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE'"
+ "method.response.header.Access-Control-Allow-Origin" = "'*'"
+ "method.response.header.Access-Control-Max-Age" = "'7200'"
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# module.cors.aws_api_gateway_method._ will be created
+ resource "aws_api_gateway_method" "_" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# module.cors.aws_api_gateway_method_response._ will be created
+ resource "aws_api_gateway_method_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_models = {
+ "application/json" = "Empty"
}
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = true
+ "method.response.header.Access-Control-Allow-Origin" = true
+ "method.response.header.Access-Control-Max-Age" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
Plan: 26 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ stage_url = (known after apply)
+ website_url = (known after apply) |
✅ Apply SucceededDetails (Click me)Running apply in the remote backend. Output will stream here. Pressing Ctrl-C
will cancel the remote apply if it's still pending. If the apply started it
will stop streaming the logs, but will not stop the apply running remotely.
Preparing the remote apply...
To view this run in a browser, visit:
https://app.terraform.io/app/tfc-mongulu-cm/mtchoun-mouh-snyk-fix-werkzeug/runs/run-cc7v9P3PxtjmVhn9
Waiting for the plan to start...
Terraform v1.9.6
on linux_amd64
Initializing plugins and modules...
data.archive_file.lambda_zip: Reading...
data.archive_file.lambda_zip: Read complete after 0s [id=a302387976ce74579a87a903dcc6149f70895053]
data.aws_caller_identity.current: Reading...
data.aws_iam_role.role: Reading...
data.aws_caller_identity.current: Read complete after 0s [id=053932140667]
data.aws_iam_role.role: Read complete after 0s [id=website-deployer]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_api_gateway_deployment.test will be created
+ resource "aws_api_gateway_deployment" "test" {
+ created_date = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ invoke_url = (known after apply)
+ rest_api_id = (known after apply)
+ stage_name = "mtchoun-mouh-snyk-fix-werkzeug-dev"
}
# aws_api_gateway_integration.integration will be created
+ resource "aws_api_gateway_integration" "integration" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ http_method = "POST"
+ id = (known after apply)
+ integration_http_method = "POST"
+ passthrough_behavior = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "AWS_PROXY"
+ uri = (known after apply)
}
# aws_api_gateway_method.method will be created
+ resource "aws_api_gateway_method" "method" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# aws_api_gateway_method_response.method_response_200 will be created
+ resource "aws_api_gateway_method_response" "method_response_200" {
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = false
+ "method.response.header.Access-Control-Allow-Origin" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# aws_api_gateway_resource.resource will be created
+ resource "aws_api_gateway_resource" "resource" {
+ id = (known after apply)
+ parent_id = (known after apply)
+ path = (known after apply)
+ path_part = "register"
+ rest_api_id = (known after apply)
}
# aws_api_gateway_rest_api.api will be created
+ resource "aws_api_gateway_rest_api" "api" {
+ api_key_source = (known after apply)
+ arn = (known after apply)
+ binary_media_types = (known after apply)
+ created_date = (known after apply)
+ description = "Allow to register user for sending notifications later"
+ disable_execute_api_endpoint = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ minimum_compression_size = -1
+ name = "mtchoun-mouh-snyk-fix-werkzeug-user registration"
+ policy = (known after apply)
+ root_resource_id = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ endpoint_configuration {
+ types = [
+ "REGIONAL",
]
+ vpc_endpoint_ids = (known after apply)
}
}
# aws_cloudwatch_event_rule.scheduler will be created
+ resource "aws_cloudwatch_event_rule" "scheduler" {
+ arn = (known after apply)
+ description = "extract image - verify passport is out - send notifications"
+ event_bus_name = "default"
+ id = (known after apply)
+ is_enabled = true
+ name = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ name_prefix = (known after apply)
+ schedule_expression = "cron(0 8 ? * MON-FRI *)"
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
}
# aws_cloudwatch_event_target.target will be created
+ resource "aws_cloudwatch_event_target" "target" {
+ arn = (known after apply)
+ event_bus_name = "default"
+ id = (known after apply)
+ rule = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ target_id = "lambda"
}
# aws_dynamodb_table.Link_table will be created
+ resource "aws_dynamodb_table" "Link_table" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "link"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "link"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Register will be created
+ resource "aws_dynamodb_table" "Register" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "Name"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "Name"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Users will be created
+ resource "aws_dynamodb_table" "Users" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "UserName"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Users"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "UserName"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_lambda_function.lambda will be created
+ resource "aws_lambda_function" "lambda" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ handler = "lambda.register_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ layers = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "aG/693OgtesclFbtQG3JpowPoOxVEki6ETbi5wlrhnw="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 10
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_function.scan will be created
+ resource "aws_lambda_function" "scan" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ handler = "lambda.scan_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "aG/693OgtesclFbtQG3JpowPoOxVEki6ETbi5wlrhnw="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 900
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_layer_version.test_lambda_layer will be created
+ resource "aws_lambda_layer_version" "test_lambda_layer" {
+ arn = (known after apply)
+ compatible_runtimes = [
+ "python3.7",
+ "python3.8",
]
+ created_date = (known after apply)
+ filename = "make_lamda_layer/python.zip"
+ id = (known after apply)
+ layer_arn = (known after apply)
+ layer_name = "test_lambda_layer"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = (known after apply)
+ source_code_size = (known after apply)
+ version = (known after apply)
}
# aws_lambda_permission.allow_cloudwatch_to_call_check_foo will be created
+ resource "aws_lambda_permission" "allow_cloudwatch_to_call_check_foo" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ id = (known after apply)
+ principal = "events.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromCloudWatch"
}
# aws_lambda_permission.apigw_lambda will be created
+ resource "aws_lambda_permission" "apigw_lambda" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ id = (known after apply)
+ principal = "apigateway.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromAPIGateway"
}
# aws_s3_bucket.images will be created
+ resource "aws_s3_bucket" "images" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ versioning (known after apply)
}
# aws_s3_bucket.website will be created
+ resource "aws_s3_bucket" "website" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ cors_rule {
+ allowed_headers = [
+ "*",
]
+ allowed_methods = [
+ "PUT",
+ "POST",
+ "GET",
]
+ allowed_origins = [
+ "*",
]
}
+ versioning (known after apply)
+ website {
+ error_document = "error.html"
+ index_document = "index.html"
}
}
# aws_s3_bucket_object.example_file will be created
+ resource "aws_s3_bucket_object" "example_file" {
+ acl = "private"
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "index.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/index.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# aws_s3_bucket_policy.website will be created
+ resource "aws_s3_bucket_policy" "website" {
+ bucket = (known after apply)
+ id = (known after apply)
+ policy = (known after apply)
}
# aws_s3_bucket_public_access_block.website will be created
+ resource "aws_s3_bucket_public_access_block" "website" {
+ block_public_acls = false
+ block_public_policy = false
+ bucket = (known after apply)
+ id = (known after apply)
+ ignore_public_acls = false
+ restrict_public_buckets = false
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
# module.cors.aws_api_gateway_integration._ will be created
+ resource "aws_api_gateway_integration" "_" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ content_handling = "CONVERT_TO_TEXT"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ passthrough_behavior = (known after apply)
+ request_templates = {
+ "application/json" = jsonencode(
{
+ statusCode = 200
}
)
}
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "MOCK"
}
# module.cors.aws_api_gateway_integration_response._ will be created
+ resource "aws_api_gateway_integration_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = "'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key'"
+ "method.response.header.Access-Control-Allow-Methods" = "'OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE'"
+ "method.response.header.Access-Control-Allow-Origin" = "'*'"
+ "method.response.header.Access-Control-Max-Age" = "'7200'"
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# module.cors.aws_api_gateway_method._ will be created
+ resource "aws_api_gateway_method" "_" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# module.cors.aws_api_gateway_method_response._ will be created
+ resource "aws_api_gateway_method_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_models = {
+ "application/json" = "Empty"
}
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = true
+ "method.response.header.Access-Control-Allow-Origin" = true
+ "method.response.header.Access-Control-Max-Age" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
Plan: 26 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ stage_url = (known after apply)
+ website_url = (known after apply)
------------------------------------------------------------------------
Cost estimation:
Resources: 3 of 5 estimated
$1.6848/mo +$1.6848
------------------------------------------------------------------------
aws_lambda_layer_version.test_lambda_layer: Creating...
aws_cloudwatch_event_rule.scheduler: Creating...
aws_api_gateway_rest_api.api: Creating...
aws_dynamodb_table.Register: Creating...
aws_dynamodb_table.Users: Creating...
aws_dynamodb_table.Link_table: Creating...
aws_s3_bucket.images: Creating...
aws_lambda_function.scan: Creating...
aws_s3_bucket.website: Creating...
aws_cloudwatch_event_rule.scheduler: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan]
aws_api_gateway_rest_api.api: Creation complete after 1s [id=qyz3uxbg3f]
aws_api_gateway_resource.resource: Creating...
aws_api_gateway_resource.resource: Creation complete after 1s [id=m808a2]
aws_api_gateway_method.method: Creating...
module.cors.aws_api_gateway_method._: Creating...
aws_api_gateway_method.method: Creation complete after 0s [id=agm-qyz3uxbg3f-m808a2-POST]
aws_api_gateway_method_response.method_response_200: Creating...
module.cors.aws_api_gateway_method._: Creation complete after 0s [id=agm-qyz3uxbg3f-m808a2-OPTIONS]
module.cors.aws_api_gateway_method_response._: Creating...
module.cors.aws_api_gateway_integration._: Creating...
aws_api_gateway_method_response.method_response_200: Creation complete after 0s [id=agmr-qyz3uxbg3f-m808a2-POST-200]
module.cors.aws_api_gateway_method_response._: Creation complete after 1s [id=agmr-qyz3uxbg3f-m808a2-OPTIONS-200]
module.cors.aws_api_gateway_integration._: Creation complete after 1s [id=agi-qyz3uxbg3f-m808a2-OPTIONS]
module.cors.aws_api_gateway_integration_response._: Creating...
module.cors.aws_api_gateway_integration_response._: Creation complete after 0s [id=agir-qyz3uxbg3f-m808a2-OPTIONS-200]
aws_dynamodb_table.Register: Creation complete after 6s [id=mtchoun-mouh-snyk-fix-werkzeug-Register]
aws_s3_bucket.images: Creation complete after 6s [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
aws_lambda_function.scan: Creation complete after 7s [id=mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam]
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Creating...
aws_cloudwatch_event_target.target: Creating...
aws_s3_bucket.website: Creation complete after 7s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_s3_bucket_public_access_block.website: Creating...
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Creation complete after 0s [id=AllowExecutionFromCloudWatch]
aws_cloudwatch_event_target.target: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan-lambda]
aws_lambda_layer_version.test_lambda_layer: Creation complete after 8s [id=arn:aws:lambda:eu-central-1:053932140667:layer:test_lambda_layer:9]
aws_lambda_function.lambda: Creating...
aws_s3_bucket_public_access_block.website: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_s3_bucket_policy.website: Creating...
aws_s3_bucket_policy.website: Creation complete after 0s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_dynamodb_table.Link_table: Creation complete after 9s [id=mtchoun-mouh-snyk-fix-werkzeug-Link_table]
aws_dynamodb_table.Users: Still creating... [10s elapsed]
aws_dynamodb_table.Users: Creation complete after 10s [id=mtchoun-mouh-snyk-fix-werkzeug-Users]
aws_lambda_function.lambda: Creation complete after 8s [id=mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam]
aws_lambda_permission.apigw_lambda: Creating...
aws_api_gateway_integration.integration: Creating...
aws_api_gateway_integration.integration: Creation complete after 1s [id=agi-qyz3uxbg3f-m808a2-POST]
aws_api_gateway_deployment.test: Creating...
aws_lambda_permission.apigw_lambda: Creation complete after 1s [id=AllowExecutionFromAPIGateway]
aws_api_gateway_deployment.test: Creation complete after 1s [id=3ljwzn]
local_file.index_page: Creating...
local_file.index_page: Creation complete after 0s [id=504f2bacdec0b4fcb16af56cd7185e92f24a1c5e]
aws_s3_bucket_object.example_file: Creating...
aws_s3_bucket_object.example_file: Creation complete after 1s [id=index.html]
Apply complete! Resources: 26 added, 0 changed, 0 destroyed.
Outputs:
register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
stage_url = "https://qyz3uxbg3f.execute-api.eu-central-1.amazonaws.com/mtchoun-mouh-snyk-fix-werkzeug-dev"
website_url = "http://mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm.s3-website.eu-central-1.amazonaws.com"
|
Plan Result
Change Result (Click me) # aws_s3_bucket.images will be updated in-place
~ resource "aws_s3_bucket" "images" {
id = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
tags = {
"Name" = "images"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (11 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (1 unchanged block hidden)
}
# aws_s3_bucket.website will be updated in-place
~ resource "aws_s3_bucket" "website" {
id = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
tags = {
"Name" = "Website"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (13 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (3 unchanged blocks hidden)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
Plan: 1 to add, 2 to change, 0 to destroy.
|
✅ Apply SucceededDetails (Click me)Running apply in the remote backend. Output will stream here. Pressing Ctrl-C
will cancel the remote apply if it's still pending. If the apply started it
will stop streaming the logs, but will not stop the apply running remotely.
Preparing the remote apply...
To view this run in a browser, visit:
https://app.terraform.io/app/tfc-mongulu-cm/mtchoun-mouh-snyk-fix-werkzeug/runs/run-QcM4WHVx2v8AvdBt
Waiting for the plan to start...
Terraform v1.9.6
on linux_amd64
Initializing plugins and modules...
data.archive_file.lambda_zip: Reading...
data.archive_file.lambda_zip: Read complete after 0s [id=a302387976ce74579a87a903dcc6149f70895053]
data.aws_iam_role.role: Reading...
aws_cloudwatch_event_rule.scheduler: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan]
data.aws_caller_identity.current: Reading...
aws_dynamodb_table.Users: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-Users]
aws_api_gateway_rest_api.api: Refreshing state... [id=qyz3uxbg3f]
aws_lambda_layer_version.test_lambda_layer: Refreshing state... [id=arn:aws:lambda:eu-central-1:053932140667:layer:test_lambda_layer:9]
aws_dynamodb_table.Register: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-Register]
aws_s3_bucket.website: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_dynamodb_table.Link_table: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-Link_table]
aws_s3_bucket.images: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
data.aws_caller_identity.current: Read complete after 0s [id=053932140667]
data.aws_iam_role.role: Read complete after 0s [id=website-deployer]
aws_lambda_function.scan: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam]
aws_lambda_function.lambda: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam]
aws_api_gateway_resource.resource: Refreshing state... [id=m808a2]
aws_api_gateway_method.method: Refreshing state... [id=agm-qyz3uxbg3f-m808a2-POST]
module.cors.aws_api_gateway_method._: Refreshing state... [id=agm-qyz3uxbg3f-m808a2-OPTIONS]
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Refreshing state... [id=AllowExecutionFromCloudWatch]
aws_cloudwatch_event_target.target: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan-lambda]
module.cors.aws_api_gateway_method_response._: Refreshing state... [id=agmr-qyz3uxbg3f-m808a2-OPTIONS-200]
module.cors.aws_api_gateway_integration._: Refreshing state... [id=agi-qyz3uxbg3f-m808a2-OPTIONS]
aws_lambda_permission.apigw_lambda: Refreshing state... [id=AllowExecutionFromAPIGateway]
aws_api_gateway_method_response.method_response_200: Refreshing state... [id=agmr-qyz3uxbg3f-m808a2-POST-200]
aws_api_gateway_integration.integration: Refreshing state... [id=agi-qyz3uxbg3f-m808a2-POST]
aws_api_gateway_deployment.test: Refreshing state... [id=3ljwzn]
module.cors.aws_api_gateway_integration_response._: Refreshing state... [id=agir-qyz3uxbg3f-m808a2-OPTIONS-200]
local_file.index_page: Refreshing state... [id=504f2bacdec0b4fcb16af56cd7185e92f24a1c5e]
aws_s3_bucket_public_access_block.website: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_s3_bucket_object.example_file: Refreshing state... [id=index.html]
aws_s3_bucket_policy.website: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
Terraform will perform the following actions:
# aws_s3_bucket.images will be updated in-place
~ resource "aws_s3_bucket" "images" {
id = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
tags = {
"Name" = "images"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (11 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (1 unchanged block hidden)
}
# aws_s3_bucket.website will be updated in-place
~ resource "aws_s3_bucket" "website" {
id = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
tags = {
"Name" = "Website"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (13 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (3 unchanged blocks hidden)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
Plan: 1 to add, 2 to change, 0 to destroy.
------------------------------------------------------------------------
Cost estimation:
Resources: 3 of 5 estimated
$1.6848/mo +$0.0
------------------------------------------------------------------------
aws_s3_bucket.images: Modifying... [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
aws_s3_bucket.website: Modifying... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
local_file.index_page: Creating...
local_file.index_page: Creation complete after 0s [id=504f2bacdec0b4fcb16af56cd7185e92f24a1c5e]
aws_s3_bucket.images: Modifications complete after 5s [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
aws_s3_bucket.website: Modifications complete after 5s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
Apply complete! Resources: 1 added, 2 changed, 0 destroyed.
Outputs:
register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
stage_url = "https://qyz3uxbg3f.execute-api.eu-central-1.amazonaws.com/mtchoun-mouh-snyk-fix-werkzeug-dev"
website_url = "http://mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm.s3-website.eu-central-1.amazonaws.com"
|
Plan Result
Change Result (Click me) # aws_s3_bucket.images will be updated in-place
~ resource "aws_s3_bucket" "images" {
id = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
tags = {
"Name" = "images"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (11 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (1 unchanged block hidden)
}
# aws_s3_bucket.website will be updated in-place
~ resource "aws_s3_bucket" "website" {
id = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
tags = {
"Name" = "Website"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (13 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (3 unchanged blocks hidden)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
Plan: 1 to add, 2 to change, 0 to destroy.
|
✅ Apply SucceededDetails (Click me)Running apply in the remote backend. Output will stream here. Pressing Ctrl-C
will cancel the remote apply if it's still pending. If the apply started it
will stop streaming the logs, but will not stop the apply running remotely.
Preparing the remote apply...
To view this run in a browser, visit:
https://app.terraform.io/app/tfc-mongulu-cm/mtchoun-mouh-snyk-fix-werkzeug/runs/run-V2K3trQE7t9m64Qz
Waiting for the plan to start...
Terraform v1.9.6
on linux_amd64
Initializing plugins and modules...
data.archive_file.lambda_zip: Reading...
data.archive_file.lambda_zip: Read complete after 0s [id=a302387976ce74579a87a903dcc6149f70895053]
data.aws_iam_role.role: Reading...
aws_cloudwatch_event_rule.scheduler: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan]
aws_dynamodb_table.Link_table: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-Link_table]
aws_api_gateway_rest_api.api: Refreshing state... [id=qyz3uxbg3f]
aws_s3_bucket.images: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
data.aws_caller_identity.current: Reading...
aws_lambda_layer_version.test_lambda_layer: Refreshing state... [id=arn:aws:lambda:eu-central-1:053932140667:layer:test_lambda_layer:9]
aws_s3_bucket.website: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_dynamodb_table.Users: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-Users]
aws_dynamodb_table.Register: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-Register]
data.aws_caller_identity.current: Read complete after 0s [id=053932140667]
data.aws_iam_role.role: Read complete after 0s [id=website-deployer]
aws_lambda_function.scan: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam]
aws_lambda_function.lambda: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam]
aws_api_gateway_resource.resource: Refreshing state... [id=m808a2]
aws_api_gateway_method.method: Refreshing state... [id=agm-qyz3uxbg3f-m808a2-POST]
module.cors.aws_api_gateway_method._: Refreshing state... [id=agm-qyz3uxbg3f-m808a2-OPTIONS]
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Refreshing state... [id=AllowExecutionFromCloudWatch]
aws_cloudwatch_event_target.target: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan-lambda]
module.cors.aws_api_gateway_method_response._: Refreshing state... [id=agmr-qyz3uxbg3f-m808a2-OPTIONS-200]
module.cors.aws_api_gateway_integration._: Refreshing state... [id=agi-qyz3uxbg3f-m808a2-OPTIONS]
aws_api_gateway_method_response.method_response_200: Refreshing state... [id=agmr-qyz3uxbg3f-m808a2-POST-200]
aws_lambda_permission.apigw_lambda: Refreshing state... [id=AllowExecutionFromAPIGateway]
aws_api_gateway_integration.integration: Refreshing state... [id=agi-qyz3uxbg3f-m808a2-POST]
module.cors.aws_api_gateway_integration_response._: Refreshing state... [id=agir-qyz3uxbg3f-m808a2-OPTIONS-200]
aws_api_gateway_deployment.test: Refreshing state... [id=3ljwzn]
local_file.index_page: Refreshing state... [id=504f2bacdec0b4fcb16af56cd7185e92f24a1c5e]
aws_s3_bucket_public_access_block.website: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_s3_bucket_object.example_file: Refreshing state... [id=index.html]
aws_s3_bucket_policy.website: Refreshing state... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
Terraform will perform the following actions:
# aws_s3_bucket.images will be updated in-place
~ resource "aws_s3_bucket" "images" {
id = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
tags = {
"Name" = "images"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (11 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (1 unchanged block hidden)
}
# aws_s3_bucket.website will be updated in-place
~ resource "aws_s3_bucket" "website" {
id = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
tags = {
"Name" = "Website"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (13 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
# (1 unchanged attribute hidden)
}
}
}
# (3 unchanged blocks hidden)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
Plan: 1 to add, 2 to change, 0 to destroy.
------------------------------------------------------------------------
Cost estimation:
Resources: 3 of 5 estimated
$1.6848/mo +$0.0
------------------------------------------------------------------------
aws_s3_bucket.images: Modifying... [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
aws_s3_bucket.website: Modifying... [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
local_file.index_page: Creating...
local_file.index_page: Creation complete after 0s [id=504f2bacdec0b4fcb16af56cd7185e92f24a1c5e]
aws_s3_bucket.images: Modifications complete after 5s [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
aws_s3_bucket.website: Modifications complete after 5s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
Apply complete! Resources: 1 added, 2 changed, 0 destroyed.
Outputs:
register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
stage_url = "https://qyz3uxbg3f.execute-api.eu-central-1.amazonaws.com/mtchoun-mouh-snyk-fix-werkzeug-dev"
website_url = "http://mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm.s3-website.eu-central-1.amazonaws.com"
|
Plan Result
|
Plan Result
Change Result (Click me) # aws_api_gateway_deployment.test will be created
+ resource "aws_api_gateway_deployment" "test" {
+ created_date = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ invoke_url = (known after apply)
+ rest_api_id = (known after apply)
+ stage_name = "mtchoun-mouh-snyk-fix-werkzeug-dev"
}
# aws_api_gateway_integration.integration will be created
+ resource "aws_api_gateway_integration" "integration" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ http_method = "POST"
+ id = (known after apply)
+ integration_http_method = "POST"
+ passthrough_behavior = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "AWS_PROXY"
+ uri = (known after apply)
}
# aws_api_gateway_method.method will be created
+ resource "aws_api_gateway_method" "method" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# aws_api_gateway_method_response.method_response_200 will be created
+ resource "aws_api_gateway_method_response" "method_response_200" {
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = false
+ "method.response.header.Access-Control-Allow-Origin" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# aws_api_gateway_resource.resource will be created
+ resource "aws_api_gateway_resource" "resource" {
+ id = (known after apply)
+ parent_id = (known after apply)
+ path = (known after apply)
+ path_part = "register"
+ rest_api_id = (known after apply)
}
# aws_api_gateway_rest_api.api will be created
+ resource "aws_api_gateway_rest_api" "api" {
+ api_key_source = (known after apply)
+ arn = (known after apply)
+ binary_media_types = (known after apply)
+ created_date = (known after apply)
+ description = "Allow to register user for sending notifications later"
+ disable_execute_api_endpoint = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ minimum_compression_size = -1
+ name = "mtchoun-mouh-snyk-fix-werkzeug-user registration"
+ policy = (known after apply)
+ root_resource_id = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ endpoint_configuration {
+ types = [
+ "REGIONAL",
]
+ vpc_endpoint_ids = (known after apply)
}
}
# aws_cloudwatch_event_rule.scheduler will be created
+ resource "aws_cloudwatch_event_rule" "scheduler" {
+ arn = (known after apply)
+ description = "extract image - verify passport is out - send notifications"
+ event_bus_name = "default"
+ id = (known after apply)
+ is_enabled = true
+ name = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ name_prefix = (known after apply)
+ schedule_expression = "cron(0 8 ? * MON-FRI *)"
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
}
# aws_cloudwatch_event_target.target will be created
+ resource "aws_cloudwatch_event_target" "target" {
+ arn = (known after apply)
+ event_bus_name = "default"
+ id = (known after apply)
+ rule = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ target_id = "lambda"
}
# aws_dynamodb_table.Link_table will be created
+ resource "aws_dynamodb_table" "Link_table" {
+ arn = (known after apply)
+ billing_mode = "PAY_PER_REQUEST"
+ hash_key = "link"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ read_capacity = 3
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "link"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Register will be created
+ resource "aws_dynamodb_table" "Register" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "Name"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "Name"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Users will be created
+ resource "aws_dynamodb_table" "Users" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "UserName"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Users"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "UserName"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_lambda_function.lambda will be created
+ resource "aws_lambda_function" "lambda" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ handler = "lambda.register_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ layers = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "otjxhkmYsItml++V4smRv3rYS0aVLmDqtbuWboPiD7U="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 10
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_function.scan will be created
+ resource "aws_lambda_function" "scan" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ handler = "lambda.scan_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ layers = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "otjxhkmYsItml++V4smRv3rYS0aVLmDqtbuWboPiD7U="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 900
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_layer_version.test_lambda_layer will be created
+ resource "aws_lambda_layer_version" "test_lambda_layer" {
+ arn = (known after apply)
+ compatible_runtimes = [
+ "python3.8",
]
+ created_date = (known after apply)
+ filename = "make_lamda_layer/python.zip"
+ id = (known after apply)
+ layer_arn = (known after apply)
+ layer_name = "test_lambda_layer"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = (known after apply)
+ source_code_size = (known after apply)
+ version = (known after apply)
}
# aws_lambda_permission.allow_cloudwatch_to_call_check_foo will be created
+ resource "aws_lambda_permission" "allow_cloudwatch_to_call_check_foo" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ id = (known after apply)
+ principal = "events.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromCloudWatch"
}
# aws_lambda_permission.apigw_lambda will be created
+ resource "aws_lambda_permission" "apigw_lambda" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ id = (known after apply)
+ principal = "apigateway.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromAPIGateway"
}
# aws_s3_bucket.images will be created
+ resource "aws_s3_bucket" "images" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ versioning (known after apply)
}
# aws_s3_bucket.website will be created
+ resource "aws_s3_bucket" "website" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ cors_rule {
+ allowed_headers = [
+ "*",
]
+ allowed_methods = [
+ "PUT",
+ "POST",
+ "GET",
]
+ allowed_origins = [
+ "*",
]
}
+ versioning (known after apply)
+ website {
+ error_document = "error.html"
+ index_document = "index.html"
}
}
# aws_s3_bucket_object.demo_page will be created
+ resource "aws_s3_bucket_object" "demo_page" {
+ acl = "private"
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "demo.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/demo.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# aws_s3_bucket_object.index_page will be created
+ resource "aws_s3_bucket_object" "index_page" {
+ acl = "private"
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "index.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/index.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# aws_s3_bucket_policy.website will be created
+ resource "aws_s3_bucket_policy" "website" {
+ bucket = (known after apply)
+ id = (known after apply)
+ policy = (known after apply)
}
# aws_s3_bucket_public_access_block.website will be created
+ resource "aws_s3_bucket_public_access_block" "website" {
+ block_public_acls = false
+ block_public_policy = false
+ bucket = (known after apply)
+ id = (known after apply)
+ ignore_public_acls = false
+ restrict_public_buckets = false
}
# local_file.demo_page will be created
+ resource "local_file" "demo_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/demo.html"
+ id = (known after apply)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
# module.cors.aws_api_gateway_integration._ will be created
+ resource "aws_api_gateway_integration" "_" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ content_handling = "CONVERT_TO_TEXT"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ passthrough_behavior = (known after apply)
+ request_templates = {
+ "application/json" = jsonencode(
{
+ statusCode = 200
}
)
}
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "MOCK"
}
# module.cors.aws_api_gateway_integration_response._ will be created
+ resource "aws_api_gateway_integration_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = "'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key'"
+ "method.response.header.Access-Control-Allow-Methods" = "'OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE'"
+ "method.response.header.Access-Control-Allow-Origin" = "'*'"
+ "method.response.header.Access-Control-Max-Age" = "'7200'"
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# module.cors.aws_api_gateway_method._ will be created
+ resource "aws_api_gateway_method" "_" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# module.cors.aws_api_gateway_method_response._ will be created
+ resource "aws_api_gateway_method_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_models = {
+ "application/json" = "Empty"
}
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = true
+ "method.response.header.Access-Control-Allow-Origin" = true
+ "method.response.header.Access-Control-Max-Age" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
Plan: 28 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ stage_url = (known after apply)
+ website_url = (known after apply) |
✅ Apply SucceededDetails (Click me)Running apply in the remote backend. Output will stream here. Pressing Ctrl-C
will cancel the remote apply if it's still pending. If the apply started it
will stop streaming the logs, but will not stop the apply running remotely.
Preparing the remote apply...
To view this run in a browser, visit:
https://app.terraform.io/app/tfc-mongulu-cm/mtchoun-mouh-snyk-fix-werkzeug/runs/run-W7TGdWiqpxfXFSkD
Waiting for the plan to start...
Terraform v1.10.1
on linux_amd64
Initializing plugins and modules...
data.archive_file.lambda_zip: Reading...
data.archive_file.lambda_zip: Read complete after 0s [id=623051e615259cbdddcff0797d5709f4a4b82142]
data.aws_iam_role.role: Reading...
data.aws_caller_identity.current: Reading...
data.aws_caller_identity.current: Read complete after 0s [id=053932140667]
data.aws_iam_role.role: Read complete after 0s [id=website-deployer]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_api_gateway_deployment.test will be created
+ resource "aws_api_gateway_deployment" "test" {
+ created_date = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ invoke_url = (known after apply)
+ rest_api_id = (known after apply)
+ stage_name = "mtchoun-mouh-snyk-fix-werkzeug-dev"
}
# aws_api_gateway_integration.integration will be created
+ resource "aws_api_gateway_integration" "integration" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ http_method = "POST"
+ id = (known after apply)
+ integration_http_method = "POST"
+ passthrough_behavior = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "AWS_PROXY"
+ uri = (known after apply)
}
# aws_api_gateway_method.method will be created
+ resource "aws_api_gateway_method" "method" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# aws_api_gateway_method_response.method_response_200 will be created
+ resource "aws_api_gateway_method_response" "method_response_200" {
+ http_method = "POST"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = false
+ "method.response.header.Access-Control-Allow-Origin" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# aws_api_gateway_resource.resource will be created
+ resource "aws_api_gateway_resource" "resource" {
+ id = (known after apply)
+ parent_id = (known after apply)
+ path = (known after apply)
+ path_part = "register"
+ rest_api_id = (known after apply)
}
# aws_api_gateway_rest_api.api will be created
+ resource "aws_api_gateway_rest_api" "api" {
+ api_key_source = (known after apply)
+ arn = (known after apply)
+ binary_media_types = (known after apply)
+ created_date = (known after apply)
+ description = "Allow to register user for sending notifications later"
+ disable_execute_api_endpoint = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ minimum_compression_size = -1
+ name = "mtchoun-mouh-snyk-fix-werkzeug-user registration"
+ policy = (known after apply)
+ root_resource_id = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ endpoint_configuration {
+ types = [
+ "REGIONAL",
]
+ vpc_endpoint_ids = (known after apply)
}
}
# aws_cloudwatch_event_rule.scheduler will be created
+ resource "aws_cloudwatch_event_rule" "scheduler" {
+ arn = (known after apply)
+ description = "extract image - verify passport is out - send notifications"
+ event_bus_name = "default"
+ id = (known after apply)
+ is_enabled = true
+ name = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ name_prefix = (known after apply)
+ schedule_expression = "cron(0 8 ? * MON-FRI *)"
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
}
# aws_cloudwatch_event_target.target will be created
+ resource "aws_cloudwatch_event_target" "target" {
+ arn = (known after apply)
+ event_bus_name = "default"
+ id = (known after apply)
+ rule = "mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan"
+ target_id = "lambda"
}
# aws_dynamodb_table.Link_table will be created
+ resource "aws_dynamodb_table" "Link_table" {
+ arn = (known after apply)
+ billing_mode = "PAY_PER_REQUEST"
+ hash_key = "link"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ read_capacity = 3
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "link"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Register will be created
+ resource "aws_dynamodb_table" "Register" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "Name"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "Name"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_dynamodb_table.Users will be created
+ resource "aws_dynamodb_table" "Users" {
+ arn = (known after apply)
+ billing_mode = "PROVISIONED"
+ hash_key = "UserName"
+ id = (known after apply)
+ name = "mtchoun-mouh-snyk-fix-werkzeug-Users"
+ read_capacity = 1
+ stream_arn = (known after apply)
+ stream_label = (known after apply)
+ stream_view_type = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ write_capacity = 1
+ attribute {
+ name = "UserName"
+ type = "S"
}
+ point_in_time_recovery {
+ enabled = false
}
+ server_side_encryption (known after apply)
}
# aws_lambda_function.lambda will be created
+ resource "aws_lambda_function" "lambda" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ handler = "lambda.register_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ layers = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "otjxhkmYsItml++V4smRv3rYS0aVLmDqtbuWboPiD7U="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 10
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_function.scan will be created
+ resource "aws_lambda_function" "scan" {
+ arn = (known after apply)
+ filename = "api/lambda.zip"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ handler = "lambda.scan_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ layers = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = "arn:aws:iam::053932140667:role/website-deployer"
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "otjxhkmYsItml++V4smRv3rYS0aVLmDqtbuWboPiD7U="
+ source_code_size = (known after apply)
+ tags = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ timeout = 900
+ version = (known after apply)
+ environment {
+ variables = {
+ "API_KEY" = (sensitive value)
+ "BUCKET_NAME" = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ "ENV" = "mtchoun-mouh-snyk-fix-werkzeug"
+ "LINKS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Link_table"
+ "MAINTAINER_MAIL" = (sensitive value)
+ "REGION" = "eu-central-1"
+ "REGISTERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ "SENTRY_DNS" = (sensitive value)
+ "USERS_TABLE" = "mtchoun-mouh-snyk-fix-werkzeug-Users"
}
}
+ tracing_config (known after apply)
}
# aws_lambda_layer_version.test_lambda_layer will be created
+ resource "aws_lambda_layer_version" "test_lambda_layer" {
+ arn = (known after apply)
+ compatible_runtimes = [
+ "python3.8",
]
+ created_date = (known after apply)
+ filename = "make_lamda_layer/python.zip"
+ id = (known after apply)
+ layer_arn = (known after apply)
+ layer_name = "test_lambda_layer"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = (known after apply)
+ source_code_size = (known after apply)
+ version = (known after apply)
}
# aws_lambda_permission.allow_cloudwatch_to_call_check_foo will be created
+ resource "aws_lambda_permission" "allow_cloudwatch_to_call_check_foo" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam"
+ id = (known after apply)
+ principal = "events.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromCloudWatch"
}
# aws_lambda_permission.apigw_lambda will be created
+ resource "aws_lambda_permission" "apigw_lambda" {
+ action = "lambda:InvokeFunction"
+ function_name = "mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam"
+ id = (known after apply)
+ principal = "apigateway.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = "AllowExecutionFromAPIGateway"
}
# aws_s3_bucket.images will be created
+ resource "aws_s3_bucket" "images" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-djansang"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "images"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ versioning (known after apply)
}
# aws_s3_bucket.website will be created
+ resource "aws_s3_bucket" "website" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = "mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ tags_all = {
+ "Name" = "Website"
+ "environment" = "mtchoun-mouh-master"
+ "project" = "mtchoun-mouh"
}
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ cors_rule {
+ allowed_headers = [
+ "*",
]
+ allowed_methods = [
+ "PUT",
+ "POST",
+ "GET",
]
+ allowed_origins = [
+ "*",
]
}
+ versioning (known after apply)
+ website {
+ error_document = "error.html"
+ index_document = "index.html"
}
}
# aws_s3_bucket_object.demo_page will be created
+ resource "aws_s3_bucket_object" "demo_page" {
+ acl = "private"
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "demo.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/demo.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# aws_s3_bucket_object.index_page will be created
+ resource "aws_s3_bucket_object" "index_page" {
+ acl = "private"
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "index.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/index.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# aws_s3_bucket_policy.website will be created
+ resource "aws_s3_bucket_policy" "website" {
+ bucket = (known after apply)
+ id = (known after apply)
+ policy = (known after apply)
}
# aws_s3_bucket_public_access_block.website will be created
+ resource "aws_s3_bucket_public_access_block" "website" {
+ block_public_acls = false
+ block_public_policy = false
+ bucket = (known after apply)
+ id = (known after apply)
+ ignore_public_acls = false
+ restrict_public_buckets = false
}
# local_file.demo_page will be created
+ resource "local_file" "demo_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/demo.html"
+ id = (known after apply)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
# module.cors.aws_api_gateway_integration._ will be created
+ resource "aws_api_gateway_integration" "_" {
+ cache_namespace = (known after apply)
+ connection_type = "INTERNET"
+ content_handling = "CONVERT_TO_TEXT"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ passthrough_behavior = (known after apply)
+ request_templates = {
+ "application/json" = jsonencode(
{
+ statusCode = 200
}
)
}
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
+ timeout_milliseconds = 29000
+ type = "MOCK"
}
# module.cors.aws_api_gateway_integration_response._ will be created
+ resource "aws_api_gateway_integration_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = "'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key'"
+ "method.response.header.Access-Control-Allow-Methods" = "'OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE'"
+ "method.response.header.Access-Control-Allow-Origin" = "'*'"
+ "method.response.header.Access-Control-Max-Age" = "'7200'"
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
# module.cors.aws_api_gateway_method._ will be created
+ resource "aws_api_gateway_method" "_" {
+ api_key_required = false
+ authorization = "NONE"
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ rest_api_id = (known after apply)
}
# module.cors.aws_api_gateway_method_response._ will be created
+ resource "aws_api_gateway_method_response" "_" {
+ http_method = "OPTIONS"
+ id = (known after apply)
+ resource_id = (known after apply)
+ response_models = {
+ "application/json" = "Empty"
}
+ response_parameters = {
+ "method.response.header.Access-Control-Allow-Headers" = true
+ "method.response.header.Access-Control-Allow-Methods" = true
+ "method.response.header.Access-Control-Allow-Origin" = true
+ "method.response.header.Access-Control-Max-Age" = true
}
+ rest_api_id = (known after apply)
+ status_code = "200"
}
Plan: 28 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
+ stage_url = (known after apply)
+ website_url = (known after apply)
------------------------------------------------------------------------
Cost estimation:
Resources: 3 of 6 estimated
$1.9344/mo +$1.9344
------------------------------------------------------------------------
aws_lambda_layer_version.test_lambda_layer: Creating...
aws_cloudwatch_event_rule.scheduler: Creating...
aws_api_gateway_rest_api.api: Creating...
aws_dynamodb_table.Register: Creating...
aws_dynamodb_table.Users: Creating...
aws_dynamodb_table.Link_table: Creating...
aws_s3_bucket.website: Creating...
aws_s3_bucket.images: Creating...
aws_cloudwatch_event_rule.scheduler: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan]
aws_api_gateway_rest_api.api: Creation complete after 1s [id=dgm2fasrnh]
aws_api_gateway_resource.resource: Creating...
aws_api_gateway_resource.resource: Creation complete after 1s [id=ruy3e0]
aws_api_gateway_method.method: Creating...
module.cors.aws_api_gateway_method._: Creating...
aws_api_gateway_method.method: Creation complete after 0s [id=agm-dgm2fasrnh-ruy3e0-POST]
aws_api_gateway_method_response.method_response_200: Creating...
module.cors.aws_api_gateway_method._: Creation complete after 0s [id=agm-dgm2fasrnh-ruy3e0-OPTIONS]
module.cors.aws_api_gateway_integration._: Creating...
module.cors.aws_api_gateway_method_response._: Creating...
aws_api_gateway_method_response.method_response_200: Creation complete after 0s [id=agmr-dgm2fasrnh-ruy3e0-POST-200]
module.cors.aws_api_gateway_integration._: Creation complete after 1s [id=agi-dgm2fasrnh-ruy3e0-OPTIONS]
module.cors.aws_api_gateway_method_response._: Creation complete after 1s [id=agmr-dgm2fasrnh-ruy3e0-OPTIONS-200]
module.cors.aws_api_gateway_integration_response._: Creating...
module.cors.aws_api_gateway_integration_response._: Creation complete after 0s [id=agir-dgm2fasrnh-ruy3e0-OPTIONS-200]
aws_s3_bucket.images: Creation complete after 6s [id=mtchoun-mouh-snyk-fix-werkzeug-djansang]
aws_s3_bucket.website: Creation complete after 7s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_s3_bucket_public_access_block.website: Creating...
aws_s3_bucket_public_access_block.website: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_s3_bucket_policy.website: Creating...
aws_lambda_layer_version.test_lambda_layer: Creation complete after 8s [id=arn:aws:lambda:eu-central-1:053932140667:layer:test_lambda_layer:13]
aws_lambda_function.scan: Creating...
aws_lambda_function.lambda: Creating...
aws_s3_bucket_policy.website: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm]
aws_dynamodb_table.Register: Creation complete after 10s [id=mtchoun-mouh-snyk-fix-werkzeug-Register]
aws_dynamodb_table.Link_table: Creation complete after 10s [id=mtchoun-mouh-snyk-fix-werkzeug-Link_table]
aws_dynamodb_table.Users: Still creating... [10s elapsed]
aws_dynamodb_table.Users: Creation complete after 11s [id=mtchoun-mouh-snyk-fix-werkzeug-Users]
aws_lambda_function.scan: Creation complete after 7s [id=mtchoun-mouh-snyk-fix-werkzeug-scan_user_consulcam]
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Creating...
aws_cloudwatch_event_target.target: Creating...
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Creation complete after 1s [id=AllowExecutionFromCloudWatch]
aws_cloudwatch_event_target.target: Creation complete after 1s [id=mtchoun-mouh-snyk-fix-werkzeug-trigger_user_scan-lambda]
aws_lambda_function.lambda: Still creating... [10s elapsed]
aws_lambda_function.lambda: Creation complete after 16s [id=mtchoun-mouh-snyk-fix-werkzeug-user_registration_consulcam]
aws_lambda_permission.apigw_lambda: Creating...
aws_api_gateway_integration.integration: Creating...
aws_api_gateway_integration.integration: Creation complete after 0s [id=agi-dgm2fasrnh-ruy3e0-POST]
aws_api_gateway_deployment.test: Creating...
aws_lambda_permission.apigw_lambda: Creation complete after 0s [id=AllowExecutionFromAPIGateway]
aws_api_gateway_deployment.test: Creation complete after 1s [id=5963bb]
local_file.demo_page: Creating...
local_file.index_page: Creating...
local_file.demo_page: Creation complete after 0s [id=f82f37d2fb30e55243bdd72d4585fcbc17c34f9b]
local_file.index_page: Creation complete after 0s [id=f7c45d12bda697175acc371d30f3a4b93cd2ea29]
aws_s3_bucket_object.demo_page: Creating...
aws_s3_bucket_object.index_page: Creating...
aws_s3_bucket_object.demo_page: Creation complete after 1s [id=demo.html]
aws_s3_bucket_object.index_page: Creation complete after 1s [id=index.html]
Apply complete! Resources: 28 added, 0 changed, 0 destroyed.
Outputs:
register_table = "mtchoun-mouh-snyk-fix-werkzeug-Register"
stage_url = "https://dgm2fasrnh.execute-api.eu-central-1.amazonaws.com/mtchoun-mouh-snyk-fix-werkzeug-dev"
website_url = "http://mtchoun-mouh-snyk-fix-werkzeug-mtchoun-mouh.mongulu.cm.s3-website.eu-central-1.amazonaws.com"
|
Plan Result
Change Result (Click me) # aws_dynamodb_table.Link_table will be updated in-place
~ resource "aws_dynamodb_table" "Link_table" {
id = "Link_table"
name = "Link_table"
~ read_capacity = 0 -> 3
tags = {
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
~ write_capacity = 0 -> 1
# (5 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# aws_s3_bucket.images will be updated in-place
~ resource "aws_s3_bucket" "images" {
id = "djansang"
tags = {
"Name" = "images"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (10 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
}
}
}
# (1 unchanged block hidden)
}
# aws_s3_bucket.website will be updated in-place
~ resource "aws_s3_bucket" "website" {
id = "mtchoun-mouh.mongulu.cm"
tags = {
"Name" = "Website"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (12 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
}
}
}
# (3 unchanged blocks hidden)
}
# aws_s3_bucket_object.demo_page will be created
+ resource "aws_s3_bucket_object" "demo_page" {
+ acl = "private"
+ bucket = "mtchoun-mouh.mongulu.cm"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "demo.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/demo.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# local_file.demo_page will be created
+ resource "local_file" "demo_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/demo.html"
+ id = (known after apply)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
Plan: 3 to add, 3 to change, 0 to destroy.
|
✅ Apply SucceededDetails (Click me)Running apply in the remote backend. Output will stream here. Pressing Ctrl-C
will cancel the remote apply if it's still pending. If the apply started it
will stop streaming the logs, but will not stop the apply running remotely.
Preparing the remote apply...
To view this run in a browser, visit:
https://app.terraform.io/app/tfc-mongulu-cm/mtchoun-mouh-master/runs/run-xc4zeKzgmiXdgLF2
Waiting for the plan to start...
Terraform v1.5.2
on linux_amd64
Initializing plugins and modules...
data.archive_file.lambda_zip: Reading...
data.archive_file.lambda_zip: Read complete after 0s [id=623051e615259cbdddcff0797d5709f4a4b82142]
data.aws_iam_role.role: Reading...
data.aws_caller_identity.current: Reading...
aws_cloudwatch_event_rule.scheduler: Refreshing state... [id=trigger_user_scan]
aws_lambda_layer_version.test_lambda_layer: Refreshing state... [id=arn:aws:lambda:eu-central-1:053932140667:layer:test_lambda_layer:11]
aws_api_gateway_rest_api.api: Refreshing state... [id=gozv19c3jf]
aws_dynamodb_table.Link_table: Refreshing state... [id=Link_table]
aws_dynamodb_table.Users: Refreshing state... [id=Users]
aws_s3_bucket.website: Refreshing state... [id=mtchoun-mouh.mongulu.cm]
aws_s3_bucket.images: Refreshing state... [id=djansang]
aws_dynamodb_table.Register: Refreshing state... [id=Register]
data.aws_caller_identity.current: Read complete after 0s [id=053932140667]
data.aws_iam_role.role: Read complete after 0s [id=website-deployer]
aws_lambda_function.scan: Refreshing state... [id=scan_user_consulcam]
aws_lambda_function.lambda: Refreshing state... [id=user_registration_consulcam]
aws_api_gateway_resource.resource: Refreshing state... [id=gtenoa]
aws_api_gateway_method.method: Refreshing state... [id=agm-gozv19c3jf-gtenoa-POST]
module.cors.aws_api_gateway_method._: Refreshing state... [id=agm-gozv19c3jf-gtenoa-OPTIONS]
module.cors.aws_api_gateway_method_response._: Refreshing state... [id=agmr-gozv19c3jf-gtenoa-OPTIONS-200]
aws_api_gateway_method_response.method_response_200: Refreshing state... [id=agmr-gozv19c3jf-gtenoa-POST-200]
module.cors.aws_api_gateway_integration._: Refreshing state... [id=agi-gozv19c3jf-gtenoa-OPTIONS]
aws_lambda_permission.apigw_lambda: Refreshing state... [id=AllowExecutionFromAPIGateway]
aws_api_gateway_integration.integration: Refreshing state... [id=agi-gozv19c3jf-gtenoa-POST]
aws_lambda_permission.allow_cloudwatch_to_call_check_foo: Refreshing state... [id=AllowExecutionFromCloudWatch]
aws_cloudwatch_event_target.target: Refreshing state... [id=trigger_user_scan-lambda]
aws_api_gateway_deployment.test: Refreshing state... [id=7suq19]
module.cors.aws_api_gateway_integration_response._: Refreshing state... [id=agir-gozv19c3jf-gtenoa-OPTIONS-200]
local_file.demo_page: Refreshing state... [id=b676c3d2c852b67560a461826a2c6b34aaf779ab]
local_file.index_page: Refreshing state... [id=c845316bee69b44546aed5f465d68859a00ebc56]
aws_s3_bucket_public_access_block.website: Refreshing state... [id=mtchoun-mouh.mongulu.cm]
aws_s3_bucket_object.index_page: Refreshing state... [id=index.html]
aws_s3_bucket_object.demo_page: Refreshing state... [id=demo.html]
aws_s3_bucket_policy.website: Refreshing state... [id=mtchoun-mouh.mongulu.cm]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
~ update in-place
Terraform will perform the following actions:
# aws_dynamodb_table.Link_table will be updated in-place
~ resource "aws_dynamodb_table" "Link_table" {
id = "Link_table"
name = "Link_table"
~ read_capacity = 0 -> 3
tags = {
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
~ write_capacity = 0 -> 1
# (5 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# aws_s3_bucket.images will be updated in-place
~ resource "aws_s3_bucket" "images" {
id = "djansang"
tags = {
"Name" = "images"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (10 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
}
}
}
# (1 unchanged block hidden)
}
# aws_s3_bucket.website will be updated in-place
~ resource "aws_s3_bucket" "website" {
id = "mtchoun-mouh.mongulu.cm"
tags = {
"Name" = "Website"
"environment" = "mtchoun-mouh-master"
"project" = "mtchoun-mouh"
}
# (12 unchanged attributes hidden)
- server_side_encryption_configuration {
- rule {
- bucket_key_enabled = false -> null
- apply_server_side_encryption_by_default {
- sse_algorithm = "AES256" -> null
}
}
}
# (3 unchanged blocks hidden)
}
# aws_s3_bucket_object.demo_page will be created
+ resource "aws_s3_bucket_object" "demo_page" {
+ acl = "private"
+ bucket = "mtchoun-mouh.mongulu.cm"
+ bucket_key_enabled = (known after apply)
+ content_type = "text/html"
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "demo.html"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "../html/demo.html"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# local_file.demo_page will be created
+ resource "local_file" "demo_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/demo.html"
+ id = (known after apply)
}
# local_file.index_page will be created
+ resource "local_file" "index_page" {
+ content = (sensitive value)
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "../html/index.html"
+ id = (known after apply)
}
Plan: 3 to add, 3 to change, 0 to destroy.
------------------------------------------------------------------------
Cost estimation:
Resources: 3 of 6 estimated
$1.9344/mo +$0.77376
------------------------------------------------------------------------
aws_dynamodb_table.Link_table: Modifying... [id=Link_table]
aws_s3_bucket.images: Modifying... [id=djansang]
aws_s3_bucket.website: Modifying... [id=mtchoun-mouh.mongulu.cm]
local_file.index_page: Creating...
local_file.demo_page: Creating...
local_file.index_page: Creation complete after 0s [id=c845316bee69b44546aed5f465d68859a00ebc56]
local_file.demo_page: Creation complete after 0s [id=b676c3d2c852b67560a461826a2c6b34aaf779ab]
aws_dynamodb_table.Link_table: Modifications complete after 2s [id=Link_table]
aws_s3_bucket.images: Modifications complete after 5s [id=djansang]
aws_s3_bucket.website: Modifications complete after 5s [id=mtchoun-mouh.mongulu.cm]
aws_s3_bucket_object.demo_page: Creating...
aws_s3_bucket_object.demo_page: Creation complete after 1s [id=demo.html]
Apply complete! Resources: 3 added, 3 changed, 0 destroyed.
Outputs:
register_table = "Register"
stage_url = "https://gozv19c3jf.execute-api.eu-central-1.amazonaws.com/dev"
website_url = "http://mtchoun-mouh.mongulu.cm.s3-website.eu-central-1.amazonaws.com"
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The following vulnerabilities are fixed by pinning transitive dependencies: