{ "version": 4, "terraform_version": "1.3.7", "serial": 187, "lineage": "7413839f-c67c-02f5-4933-fcb84251bb29", "outputs": {}, "resources": [ { "mode": "data", "type": "aws_iam_policy_document", "name": "policy_document", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "id": "3300858488", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"codebuild:StopBuild\",\n \"codebuild:StartBuild\",\n \"codebuild:RetryBuild\",\n \"codebuild:BatchGetBuilds\"\n ],\n \"Resource\": \"arn:aws:codebuild:ap-northeast-1:259692501178:project/growi-official-image-builder\"\n }\n ]\n}", "override_json": null, "override_policy_documents": null, "policy_id": null, "source_json": null, "source_policy_documents": null, "statement": [ { "actions": [ "codebuild:BatchGetBuilds", "codebuild:RetryBuild", "codebuild:StartBuild", "codebuild:StopBuild" ], "condition": [], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [], "resources": [ "arn:aws:codebuild:ap-northeast-1:259692501178:project/growi-official-image-builder" ], "sid": "" } ], "version": "2012-10-17" }, "sensitive_attributes": [] } ] }, { "mode": "managed", "type": "aws_secretsmanager_secret", "name": "secret", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "arn": "arn:aws:secretsmanager:ap-northeast-1:259692501178:secret:growi/official-image-builder-LMU1uz", "description": "", "force_overwrite_replica_secret": false, "id": "arn:aws:secretsmanager:ap-northeast-1:259692501178:secret:growi/official-image-builder-LMU1uz", "kms_key_id": "", "name": "growi/official-image-builder", "name_prefix": "", "policy": "", "recovery_window_in_days": 30, "replica": [], "rotation_enabled": false, "rotation_lambda_arn": "", "rotation_rules": [], "tags": {}, "tags_all": {} }, "sensitive_attributes": [], "private": "bnVsbA==" } ] }, { "mode": "managed", "type": "aws_secretsmanager_secret_version", "name": "main", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "arn": "arn:aws:secretsmanager:ap-northeast-1:259692501178:secret:growi/official-image-builder-LMU1uz", "id": "arn:aws:secretsmanager:ap-northeast-1:259692501178:secret:growi/official-image-builder-LMU1uz|C8147827-E635-4B07-80B8-B80E82FE22E5", "secret_binary": "", "secret_id": "arn:aws:secretsmanager:ap-northeast-1:259692501178:secret:growi/official-image-builder-LMU1uz", "secret_string": "{\"KEY1\":\"CHANGE THIS\",\"KEY2\":\"CHANGE THIS\"}", "version_id": "C8147827-E635-4B07-80B8-B80E82FE22E5", "version_stages": [ "AWSPREVIOUS" ] }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "aws_secretsmanager_secret.secret" ] } ] }, { "module": "module.codebuild", "mode": "data", "type": "aws_caller_identity", "name": "default", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "account_id": "259692501178", "arn": "arn:aws:iam::259692501178:user/yuki", "id": "259692501178", "user_id": "AIDAI6K42G2YZESELYLD4" }, "sensitive_attributes": [] } ] }, { "module": "module.codebuild", "mode": "data", "type": "aws_iam_policy_document", "name": "combined_permissions", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "id": "1570789323", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParameters\",\n \"secretsmanager:GetSecretValue\",\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\",\n \"logs:CreateLogGroup\",\n \"iam:PassRole\",\n \"ecs:RunTask\",\n \"ecr:UploadLayerPart\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:GetAuthorizationToken\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:BatchCheckLayerAvailability\",\n \"codecommit:GitPull\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}", "override_json": null, "override_policy_documents": [ "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParameters\",\n \"secretsmanager:GetSecretValue\",\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\",\n \"logs:CreateLogGroup\",\n \"iam:PassRole\",\n \"ecs:RunTask\",\n \"ecr:UploadLayerPart\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:GetAuthorizationToken\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:BatchCheckLayerAvailability\",\n \"codecommit:GitPull\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}" ], "policy_id": null, "source_json": null, "source_policy_documents": null, "statement": null, "version": "2012-10-17" }, "sensitive_attributes": [] } ] }, { "module": "module.codebuild", "mode": "data", "type": "aws_iam_policy_document", "name": "permissions", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "id": "1570789323", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParameters\",\n \"secretsmanager:GetSecretValue\",\n \"logs:PutLogEvents\",\n \"logs:CreateLogStream\",\n \"logs:CreateLogGroup\",\n \"iam:PassRole\",\n \"ecs:RunTask\",\n \"ecr:UploadLayerPart\",\n \"ecr:PutImage\",\n \"ecr:InitiateLayerUpload\",\n \"ecr:GetAuthorizationToken\",\n \"ecr:CompleteLayerUpload\",\n \"ecr:BatchCheckLayerAvailability\",\n \"codecommit:GitPull\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}", "override_json": null, "override_policy_documents": null, "policy_id": null, "source_json": null, "source_policy_documents": null, "statement": [ { "actions": [ "codecommit:GitPull", "ecr:BatchCheckLayerAvailability", "ecr:CompleteLayerUpload", "ecr:GetAuthorizationToken", "ecr:InitiateLayerUpload", "ecr:PutImage", "ecr:UploadLayerPart", "ecs:RunTask", "iam:PassRole", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "secretsmanager:GetSecretValue", "ssm:GetParameters" ], "condition": [], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [], "resources": [ "*" ], "sid": "" } ], "version": "2012-10-17" }, "sensitive_attributes": [] } ] }, { "module": "module.codebuild", "mode": "data", "type": "aws_iam_policy_document", "name": "role", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "id": "442947395", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"codebuild.amazonaws.com\"\n }\n }\n ]\n}", "override_json": null, "override_policy_documents": null, "policy_id": null, "source_json": null, "source_policy_documents": null, "statement": [ { "actions": [ "sts:AssumeRole" ], "condition": [], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [ { "identifiers": [ "codebuild.amazonaws.com" ], "type": "Service" } ], "resources": [], "sid": "" } ], "version": "2012-10-17" }, "sensitive_attributes": [] } ] }, { "module": "module.codebuild", "mode": "data", "type": "aws_region", "name": "default", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "description": "Asia Pacific (Tokyo)", "endpoint": "ec2.ap-northeast-1.amazonaws.com", "id": "ap-northeast-1", "name": "ap-northeast-1" }, "sensitive_attributes": [] } ] }, { "module": "module.codebuild", "mode": "managed", "type": "aws_codebuild_project", "name": "default", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "arn": "arn:aws:codebuild:ap-northeast-1:259692501178:project/growi-official-image-builder", "artifacts": [ { "artifact_identifier": "", "bucket_owner_access": "", "encryption_disabled": false, "location": "", "name": "", "namespace_type": "", "override_artifact_name": false, "packaging": "", "path": "", "type": "NO_ARTIFACTS" } ], "badge_enabled": false, "badge_url": "", "build_batch_config": [ { "combine_artifacts": false, "restrictions": [ { "compute_types_allowed": [], "maximum_builds_allowed": 100 } ], "service_role": "arn:aws:iam::259692501178:role/growi-official-image-builder", "timeout_in_mins": 2160 } ], "build_timeout": 60, "cache": [ { "location": "", "modes": [ "LOCAL_DOCKER_LAYER_CACHE", "LOCAL_CUSTOM_CACHE" ], "type": "LOCAL" } ], "concurrent_build_limit": 0, "description": "The CodeBuild Project for GROWI official docker image", "encryption_key": "arn:aws:kms:ap-northeast-1:259692501178:alias/aws/s3", "environment": [ { "certificate": "", "compute_type": "BUILD_GENERAL1_LARGE", "environment_variable": [ { "name": "AWS_REGION", "type": "PLAINTEXT", "value": "ap-northeast-1" }, { "name": "AWS_ACCOUNT_ID", "type": "PLAINTEXT", "value": "259692501178" }, { "name": "IMAGE_REPO_NAME", "type": "PLAINTEXT", "value": "UNSET" }, { "name": "IMAGE_TAG", "type": "PLAINTEXT", "value": "latest" }, { "name": "NO_ADDITIONAL_BUILD_VARS", "type": "PLAINTEXT", "value": "TRUE" } ], "image": "aws/codebuild/amazonlinux2-x86_64-standard:3.0", "image_pull_credentials_type": "CODEBUILD", "privileged_mode": true, "registry_credential": [], "type": "LINUX_CONTAINER" } ], "file_system_locations": [], "id": "arn:aws:codebuild:ap-northeast-1:259692501178:project/growi-official-image-builder", "logs_config": [ { "cloudwatch_logs": [ { "group_name": "", "status": "ENABLED", "stream_name": "" } ], "s3_logs": [ { "bucket_owner_access": "", "encryption_disabled": false, "location": "", "status": "DISABLED" } ] } ], "name": "growi-official-image-builder", "project_visibility": "PRIVATE", "public_project_alias": "", "queued_timeout": 480, "resource_access_role": "", "secondary_artifacts": [], "secondary_source_version": [], "secondary_sources": [], "service_role": "arn:aws:iam::259692501178:role/growi-official-image-builder", "source": [ { "auth": [], "build_status_config": [], "buildspec": "packages/app/docker/codebuild/buildspec.yml", "git_clone_depth": 1, "git_submodules_config": [], "insecure_ssl": false, "location": "https://github.com/weseek/growi.git", "report_build_status": false, "type": "GITHUB" } ], "source_version": "refs/heads/support/build-with-codebuild", "tags": { "Name": "growi-official-image-builder" }, "tags_all": { "Name": "growi-official-image-builder" }, "vpc_config": [] }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "module.codebuild.aws_codebuild_source_credential.authorization", "module.codebuild.aws_iam_role.default", "module.codebuild.aws_s3_bucket.cache_bucket", "module.codebuild.data.aws_caller_identity.default", "module.codebuild.data.aws_region.default" ] } ] }, { "module": "module.codebuild", "mode": "managed", "type": "aws_iam_policy", "name": "default", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "arn": "arn:aws:iam::259692501178:policy/service-role/growi-official-image-builder", "description": "", "id": "arn:aws:iam::259692501178:policy/service-role/growi-official-image-builder", "name": "growi-official-image-builder", "name_prefix": null, "path": "/service-role/", "policy": "{\"Statement\":[{\"Action\":[\"ssm:GetParameters\",\"secretsmanager:GetSecretValue\",\"logs:PutLogEvents\",\"logs:CreateLogStream\",\"logs:CreateLogGroup\",\"iam:PassRole\",\"ecs:RunTask\",\"ecr:UploadLayerPart\",\"ecr:PutImage\",\"ecr:InitiateLayerUpload\",\"ecr:GetAuthorizationToken\",\"ecr:CompleteLayerUpload\",\"ecr:BatchCheckLayerAvailability\",\"codecommit:GitPull\"],\"Effect\":\"Allow\",\"Resource\":\"*\",\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", "policy_id": "ANPATY5XBDC5HSN3IY7CW", "tags": { "Name": "growi-official-image-builder" }, "tags_all": { "Name": "growi-official-image-builder" } }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "module.codebuild.data.aws_iam_policy_document.combined_permissions", "module.codebuild.data.aws_iam_policy_document.permissions", "module.codebuild.data.aws_iam_policy_document.vpc_permissions", "module.codebuild.data.aws_s3_bucket.secondary_artifact" ] } ] }, { "module": "module.codebuild", "mode": "managed", "type": "aws_iam_role", "name": "default", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "arn": "arn:aws:iam::259692501178:role/growi-official-image-builder", "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"codebuild.amazonaws.com\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", "create_date": "2023-01-16T09:02:08Z", "description": "", "force_detach_policies": true, "id": "growi-official-image-builder", "inline_policy": [], "managed_policy_arns": [ "arn:aws:iam::259692501178:policy/service-role/CodeBuildBuildBatchPolicy-growi-official-image-builder-ap-northeast-1-growi-official-image-builder", "arn:aws:iam::259692501178:policy/service-role/growi-official-image-builder" ], "max_session_duration": 3600, "name": "growi-official-image-builder", "name_prefix": "", "path": "/", "permissions_boundary": null, "tags": { "Name": "growi-official-image-builder" }, "tags_all": { "Name": "growi-official-image-builder" }, "unique_id": "AROATY5XBDC5EIUMPRJKC" }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "module.codebuild.data.aws_iam_policy_document.role" ] } ] }, { "module": "module.codebuild", "mode": "managed", "type": "aws_iam_role_policy_attachment", "name": "default", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "id": "growi-official-image-builder-20230116090200654500000001", "policy_arn": "arn:aws:iam::259692501178:policy/service-role/growi-official-image-builder", "role": "growi-official-image-builder" }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "module.codebuild.aws_iam_policy.default", "module.codebuild.aws_iam_role.default", "module.codebuild.data.aws_iam_policy_document.combined_permissions", "module.codebuild.data.aws_iam_policy_document.permissions", "module.codebuild.data.aws_iam_policy_document.role", "module.codebuild.data.aws_iam_policy_document.vpc_permissions", "module.codebuild.data.aws_s3_bucket.secondary_artifact" ] } ] }, { "module": "module.codebuild", "mode": "managed", "type": "random_string", "name": "bucket_prefix", "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", "instances": [ { "index_key": 0, "schema_version": 2, "attributes": { "id": "vpkowftojwbb", "keepers": null, "length": 12, "lower": true, "min_lower": 0, "min_numeric": 0, "min_special": 0, "min_upper": 0, "number": false, "numeric": false, "override_special": null, "result": "vpkowftojwbb", "special": false, "upper": false }, "sensitive_attributes": [] } ] }, { "module": "module.oidc_github", "mode": "data", "type": "aws_iam_policy_document", "name": "assume_role", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "id": "2164859932", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRoleWithWebIdentity\",\n \"Principal\": {\n \"Federated\": \"arn:aws:iam::259692501178:oidc-provider/token.actions.githubusercontent.com\"\n },\n \"Condition\": {\n \"StringLike\": {\n \"token.actions.githubusercontent.com:sub\": \"repo:weseek/growi:*\"\n }\n }\n }\n ]\n}", "override_json": null, "override_policy_documents": null, "policy_id": null, "source_json": null, "source_policy_documents": null, "statement": [ { "actions": [ "sts:AssumeRoleWithWebIdentity" ], "condition": [ { "test": "StringLike", "values": [ "repo:weseek/growi:*" ], "variable": "token.actions.githubusercontent.com:sub" } ], "effect": "Allow", "not_actions": [], "not_principals": [], "not_resources": [], "principals": [ { "identifiers": [ "arn:aws:iam::259692501178:oidc-provider/token.actions.githubusercontent.com" ], "type": "Federated" } ], "resources": [], "sid": "" } ], "version": "2012-10-17" }, "sensitive_attributes": [] } ] }, { "module": "module.oidc_github", "mode": "data", "type": "aws_partition", "name": "current", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "schema_version": 0, "attributes": { "dns_suffix": "amazonaws.com", "id": "aws", "partition": "aws", "reverse_dns_prefix": "com.amazonaws" }, "sensitive_attributes": [] } ] }, { "module": "module.oidc_github", "mode": "data", "type": "tls_certificate", "name": "github", "provider": "provider[\"registry.terraform.io/hashicorp/tls\"]", "instances": [ { "schema_version": 0, "attributes": { "certificates": [ { "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIE6jCCA9KgAwIBAgIQCjUI1VwpKwF9+K1lwA/35DANBgkqhkiG9w0BAQsFADBh\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\nQTAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaME8xCzAJBgNVBAYTAlVT\nMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS\nU0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a\nqXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn\ng9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW\nraKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB\nAfr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r\neacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBrjCCAaowHQYDVR0OBBYEFLdrouqo\nqoSMeeq02g+YssWVdrn0MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFV\nMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw\nEgYDVR0TAQH/BAgwBgEB/wIBADB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG\nGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh\nY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDB7BgNV\nHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH\nbG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v\nRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EMAQEwCAYG\nZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAHer\nt3onPa679n/gWlbJhKrKW3EX3SJH/E6f7tDBpATho+vFScH90cnfjK+URSxGKqNj\nOSD5nkoklEHIqdninFQFBstcHL4AGw+oWv8Zu2XHFq8hVt1hBcnpj5h232sb0HIM\nULkwKXq/YFkQZhM6LawVEWwtIwwCPgU7/uWhnOKK24fXSuhe50gG66sSmvKvhMNb\ng0qZgYOrAKHKCjxMoiWJKiKnpPMzTFuMLhoClw+dj20tlQj7T9rxkTgl4ZxuYRiH\nas6xuwAwapu3r9rxxZf+ingkquqTgLozZXq8oXfpf2kUCwA/d5KxTVtzhwoT0JzI\n8ks5T1KESaZMkE4f97Q=\n-----END CERTIFICATE-----\n", "is_ca": true, "issuer": "CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US", "not_after": "2030-09-23T23:59:59Z", "not_before": "2020-09-24T00:00:00Z", "public_key_algorithm": "RSA", "serial_number": "13567650854749339296468135199911180260", "sha1_fingerprint": "6938fd4d98bab03faadb97b34396831e3780aea1", "signature_algorithm": "SHA256-RSA", "subject": "CN=DigiCert TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US", "version": 3 }, { "cert_pem": "-----BEGIN CERTIFICATE-----\nMIIG8jCCBdqgAwIBAgIQCn5zvdee2Vg6XXlzFLM1XDANBgkqhkiG9w0BAQsFADBP\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE\naWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjExMDQwMDAwMDBa\nFw0yMzExMDcyMzU5NTlaMHsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y\nbmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIElu\nYy4xKDAmBgNVBAMMHyouYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC94vT0wbk+S/Pr5WRRN7NA5dGS\n5aZv3ww34dnFTUiwf8DKYaAnR2TrV3OGDg7Sb7D/laMMhg2gzCyK45RIoqJI3bcN\nX2IPp36ewyyZczV76SD4/BXDqnO6SQ/wFIv4fCKS2jQjqNHG+HUtJNp0/sII4uLn\n2DyMgE06/vTXleTDxRGfTSgOLdLjjM3uftP3VO3hYUOEogmgFtRVl7ggkLgJ+ZWi\n0I9LO039/zsbnygpL+d5HhLBK3Tb4E11wCEen5582rohs1dhPS/Vu1zyXcGIW7n8\nbLV4acK+KyGEnRBbLp890hw+BABQf/C9Uo6F9t/jNtCnTTw+4rkzCY1M8/a1AgMB\nAAGjggOcMIIDmDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV\nHQ4EFgQUQgJD/1vA//F/LF4NGvO+N9cN7mIwSQYDVR0RBEIwQIIfKi5hY3Rpb25z\nLmdpdGh1YnVzZXJjb250ZW50LmNvbYIdYWN0aW9ucy5naXRodWJ1c2VyY29udGVu\ndC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF\nBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2VydC5j\nb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpodHRw\nOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex\nLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6\nLy93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUH\nMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDov\nL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENB\nMS0xLmNydDAJBgNVHRMEAjAAMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQDo\nPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYRErGRdAAAEAwBGMEQC\nHy+p/x51ZahWaQt+UfDcxTyJnRQaO7T/+X90x+3kkmYCIQC7IDygd0wCyBaYeGVc\nnH8Hj76j3logQZVyDAotBT1Y/QB2ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zw\nAw55NqWaAAABhESsZIoAAAQDAEcwRQIhAMmnFDlLuSOA/UJ/TlIWcj3m8u3EXujf\njG5cfWIGXAs9AiAQnjXxxnebYM0IANOySg/+dHxDNVgGq/px8RvtxoPfZQB1ALc+\n+yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABhESsZEcAAAQDAEYwRAIg\nfOzkC+UGgdW08pfaBR18OGq4moGKK+j4/C93RFDev44CIDI0TxiDfya551M/N0pm\naQQNLr5t96xiFVY3aSMfv2qHMA0GCSqGSIb3DQEBCwUAA4IBAQA+duG+V4+gv9eT\nOA/ZSjU+6h29oS2i991HhjD2qDno3IksmGZqJ47cxSC2uJbf04LWcShVOslOp5e6\nlq+lxOEW+Cj65+Y+ORsp4sbSILVn8mj9+kfxTnEPD+A8Ii0YJoj98fc/u5UDM2B1\n00c6TPiKzUtYRBMoitFhAAB4H93d5illIHK2/RYZUPN3hMcDhv3GFxC0j40OBAUA\nuJ5ZrAXfh48ZtVq/qmjfCX7f0ntUcsm85S2oNKAaKqqlGuwjA7ye80O3WHKQLXXM\nevZ35QEWOlwhphLyHhUL6QFCuAe0wL2arESMXnxgaYE7Ka+SexxEiT5ZmdyrcFwg\nBL7FKjOM\n-----END CERTIFICATE-----\n", "is_ca": false, "issuer": "CN=DigiCert TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US", "not_after": "2023-11-07T23:59:59Z", "not_before": "2022-11-04T00:00:00Z", "public_key_algorithm": "RSA", "serial_number": "13948856879982995920425685801082500444", "sha1_fingerprint": "f879abce0008e4eb126e0097e46620f5aaae26ad", "signature_algorithm": "SHA256-RSA", "subject": "CN=*.actions.githubusercontent.com,O=GitHub\\, Inc.,L=San Francisco,ST=California,C=US", "version": 3 } ], "content": null, "id": "2f98b9dddcf0778622dc6788373a7f8c02e3a2c3", "url": "https://token.actions.githubusercontent.com/.well-known/openid-configuration", "verify_chain": true }, "sensitive_attributes": [] } ] }, { "module": "module.oidc_github", "mode": "managed", "type": "aws_iam_openid_connect_provider", "name": "github", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "arn": "arn:aws:iam::259692501178:oidc-provider/token.actions.githubusercontent.com", "client_id_list": [ "https://github.com/weseek", "sts.amazonaws.com" ], "id": "arn:aws:iam::259692501178:oidc-provider/token.actions.githubusercontent.com", "tags": {}, "tags_all": {}, "thumbprint_list": [ "6938fd4d98bab03faadb97b34396831e3780aea1" ], "url": "token.actions.githubusercontent.com" }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "module.oidc_github.data.tls_certificate.github" ] } ] }, { "module": "module.oidc_github", "mode": "managed", "type": "aws_iam_role", "name": "github", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "arn": "arn:aws:iam::259692501178:role/GitHubOIDC-for-growi", "assume_role_policy": "{\"Statement\":[{\"Action\":\"sts:AssumeRoleWithWebIdentity\",\"Condition\":{\"StringLike\":{\"token.actions.githubusercontent.com:sub\":\"repo:weseek/growi:*\"}},\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::259692501178:oidc-provider/token.actions.githubusercontent.com\"},\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}", "create_date": "2023-01-16T12:17:26Z", "description": "Role assumed by the GitHub OIDC provider.", "force_detach_policies": false, "id": "GitHubOIDC-for-growi", "inline_policy": [ { "name": "inline_policy", "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"codebuild:StopBuild\",\n \"codebuild:StartBuild\",\n \"codebuild:RetryBuild\",\n \"codebuild:BatchGetBuilds\"\n ],\n \"Resource\": \"arn:aws:codebuild:ap-northeast-1:259692501178:project/growi-official-image-builder\"\n }\n ]\n}" } ], "managed_policy_arns": [ "arn:aws:iam::aws:policy/ReadOnlyAccess" ], "max_session_duration": 3600, "name": "GitHubOIDC-for-growi", "name_prefix": "", "path": "/", "permissions_boundary": "", "tags": {}, "tags_all": {}, "unique_id": "AROATY5XBDC5JJ573R2X5" }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "data.aws_iam_policy_document.policy_document", "module.codebuild.aws_codebuild_project.default", "module.codebuild.aws_codebuild_source_credential.authorization", "module.codebuild.aws_iam_role.default", "module.codebuild.aws_s3_bucket.cache_bucket", "module.codebuild.data.aws_caller_identity.default", "module.codebuild.data.aws_iam_policy_document.role", "module.codebuild.data.aws_region.default", "module.codebuild.random_string.bucket_prefix", "module.oidc_github.aws_iam_openid_connect_provider.github", "module.oidc_github.data.aws_iam_openid_connect_provider.github", "module.oidc_github.data.aws_iam_policy_document.assume_role", "module.oidc_github.data.tls_certificate.github" ] } ] }, { "module": "module.oidc_github", "mode": "managed", "type": "aws_iam_role_policy_attachment", "name": "read_only", "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", "instances": [ { "index_key": 0, "schema_version": 0, "attributes": { "id": "GitHubOIDC-for-growi-20230116121718851400000001", "policy_arn": "arn:aws:iam::aws:policy/ReadOnlyAccess", "role": "GitHubOIDC-for-growi" }, "sensitive_attributes": [], "private": "bnVsbA==", "dependencies": [ "data.aws_iam_policy_document.policy_document", "module.codebuild.aws_codebuild_project.default", "module.codebuild.aws_codebuild_source_credential.authorization", "module.codebuild.aws_iam_role.default", "module.codebuild.aws_s3_bucket.cache_bucket", "module.codebuild.data.aws_caller_identity.default", "module.codebuild.data.aws_iam_policy_document.role", "module.codebuild.data.aws_region.default", "module.codebuild.random_string.bucket_prefix", "module.oidc_github.aws_iam_openid_connect_provider.github", "module.oidc_github.aws_iam_role.github", "module.oidc_github.data.aws_iam_openid_connect_provider.github", "module.oidc_github.data.aws_iam_policy_document.assume_role", "module.oidc_github.data.aws_partition.current", "module.oidc_github.data.tls_certificate.github" ] } ] } ], "check_results": null }