horkos 0.2.0

Cloud infrastructure language where insecure code won't compile
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

//! Generated from network_create_vpc.yaml
//! DO NOT EDIT - regenerate with `cargo run -p horkos-codegen`

use crate::resources::{Param, ParamValue, ResourceDefinition, SecurityParam};
use crate::types::ResolvedType;

/// Create a VPC with required flow logging
///
/// Terraform: `aws_vpc`
/// Also generates: aws_flow_log, aws_iam_role, aws_iam_role_policy
pub fn network_create_vpc() -> ResourceDefinition {
    ResourceDefinition {
        module: "Network",
        function: "createVpc",
        required_params: vec![Param::string("name"), Param::string("cidr")],
        optional_params: vec![
            Param::string("instanceTenancy"),
            Param::bool("enableDnsHostnames"),
            Param::bool("enableDnsSupport"),
            Param::tags("tags"),
            Param::new("flowLogsBucket", ResolvedType::Bucket), // oneOf: flowLogs
            Param::new("flowLogsLogGroup", ResolvedType::LogGroup), // oneOf: flowLogs
        ],
        preferred_params: vec![],
        security_params: vec![SecurityParam::with_type(
            "flowLogs",
            ResolvedType::Union(
                Box::new(ResolvedType::Bucket),
                Box::new(ResolvedType::LogGroup),
            ),
            ParamValue::String("required".into()),
        )],
        returns: ResolvedType::Vpc,
    }
}

#[allow(dead_code)]
mod security_rules {
    pub const VPC_001: &str = "VPC flow logs are required for network visibility";
}