diff --git a/IAC/ec2.tf b/IAC/ec2.tf
index 7302c82..a1ca9a5 100644
--- a/IAC/ec2.tf
+++ b/IAC/ec2.tf
@@ -17,6 +17,28 @@ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMAAAKEY
export AWS_DEFAULT_REGION=us-west-2
echo "Deployed via Terraform
" | sudo tee /var/www/html/index.html
EOF
+
+resource "aws_instance" "web_host2" {
+ # ec2 have plain text secrets in user data
+ ami = "${var.ami}"
+ instance_type = "t2.micro"
+
+ vpc_security_group_ids = [
+ "${aws_security_group.web-node.id}"]
+ subnet_id = "${aws_subnet.web_subnet.id}"
+ user_data = <Deployed via Terraform" | sudo tee /var/www/html/index.html
+EOF
+
+
tags = merge({
Name = "${local.resource_prefix.value}-ec2"
}, {
diff --git a/IAC/s3.tf b/IAC/s3.tf
index b8a52d5..0c84e87 100644
--- a/IAC/s3.tf
+++ b/IAC/s3.tf
@@ -21,7 +21,29 @@ resource "aws_s3_bucket" "data" {
yor_name = "data"
})
}
-
+resource "aws_s3_bucket" "data2" {
+ # bucket is public
+ # bucket is not encrypted
+ # bucket does not have access logs
+ # bucket does not have versioning
+ bucket = "${local.resource_prefix.value}-data"
+ force_destroy = true
+ tags = merge({
+ Name = "${local.resource_prefix.value}-data"
+ Environment = local.resource_prefix.value
+ }, {
+ git_commit = "4d57f83ca4d3a78a44fb36d1dcf0d23983fa44f5"
+ git_file = "terraform/aws/s3.tf"
+ git_last_modified_at = "2022-05-18 07:08:06"
+ git_last_modified_by = "jmagee@paloaltonetworks.com"
+ git_modifiers = "34870196+LironElbaz/nimrod/nimrodkor/jmagee"
+ git_org = "bridgecrewio"
+ git_repo = "terragoat"
+ yor_trace = "0874007d-903a-4b4c-945f-c9c233e13243"
+ }, {
+ yor_name = "data"
+ })
+}
resource "aws_s3_bucket_object" "data_object" {
bucket = aws_s3_bucket.data.id
key = "customer-master.xlsx"