From b5affdaa5eb7ad0e6954aad7a49dd23f4e2a6d46 Mon Sep 17 00:00:00 2001
From: James Woolfenden <james.woolfenden@gmail.com>
Date: Mon, 8 Aug 2022 12:12:46 +0100
Subject: [PATCH] Lots more resources

---
 src/aws.go                                    |  22 ++
 src/aws_data_source.go                        |   4 +-
 src/files.go                                  |  32 +++
 .../resource/aws_iam_instance_profile.json    |  23 ++
 src/mapping/aws/resource/aws_iam_policy.json  |  20 ++
 .../aws/resource/aws_iam_role_policy.json     |  17 ++
 .../aws_iam_role_policy_attachment.json       |  15 ++
 src/mapping/aws/resource/aws_key_pair.json    |  21 ++
 .../aws/resource/aws_route53_record.json      |  16 ++
 .../aws/resource/aws_s3_bucket_acl.json       |  15 ++
 .../aws_s3_bucket_public_access_block.json    |  14 +
 ..._server_side_encryption_configuration.json |  14 +
 .../resource/aws_s3_bucket_versioning.json    |  13 +
 src/mapping/aws/resource/aws_sns_topic.json   |  22 ++
 src/policy.go                                 |  28 +-
 src/utils.go                                  |  14 +-
 terraform/aws_key_pair.tf                     |   7 +
 terraform/backup/aws_iam_instance_profile.tf  |   7 +
 terraform/backup/aws_iam_policy.tf            |  22 ++
 terraform/backup/aws_iam_role_policy.tf       |  19 ++
 .../backup/aws_iam_role_policy_attachment.tf  |   4 +
 terraform/backup/aws_route53_record.tf        |   8 +
 terraform/backup/aws_s3_bucket_acl.tf         |  31 +++
 .../aws_s3_bucket_public_access_block.tf      |  10 +
 ...et_server_side_encryption_configuration.tf |  11 +
 terraform/backup/aws_s3_bucket_versioning.tf  |   7 +
 terraform/backup/aws_sns_topic.tf             |  26 ++
 terraform/role/aws_iam_policy.basic.tf        |  11 +-
 todo.md                                       | 239 +-----------------
 29 files changed, 433 insertions(+), 259 deletions(-)
 create mode 100644 src/mapping/aws/resource/aws_iam_instance_profile.json
 create mode 100644 src/mapping/aws/resource/aws_iam_policy.json
 create mode 100644 src/mapping/aws/resource/aws_iam_role_policy.json
 create mode 100644 src/mapping/aws/resource/aws_iam_role_policy_attachment.json
 create mode 100644 src/mapping/aws/resource/aws_key_pair.json
 create mode 100644 src/mapping/aws/resource/aws_route53_record.json
 create mode 100644 src/mapping/aws/resource/aws_s3_bucket_acl.json
 create mode 100644 src/mapping/aws/resource/aws_s3_bucket_public_access_block.json
 create mode 100644 src/mapping/aws/resource/aws_s3_bucket_server_side_encryption_configuration.json
 create mode 100644 src/mapping/aws/resource/aws_s3_bucket_versioning.json
 create mode 100644 src/mapping/aws/resource/aws_sns_topic.json
 create mode 100644 terraform/aws_key_pair.tf
 create mode 100644 terraform/backup/aws_iam_instance_profile.tf
 create mode 100644 terraform/backup/aws_iam_policy.tf
 create mode 100644 terraform/backup/aws_iam_role_policy.tf
 create mode 100644 terraform/backup/aws_iam_role_policy_attachment.tf
 create mode 100644 terraform/backup/aws_route53_record.tf
 create mode 100644 terraform/backup/aws_s3_bucket_acl.tf
 create mode 100644 terraform/backup/aws_s3_bucket_public_access_block.tf
 create mode 100644 terraform/backup/aws_s3_bucket_server_side_encryption_configuration.tf
 create mode 100644 terraform/backup/aws_s3_bucket_versioning.tf
 create mode 100644 terraform/backup/aws_sns_topic.tf

diff --git a/src/aws.go b/src/aws.go
index 2df89803..c5f8c737 100644
--- a/src/aws.go
+++ b/src/aws.go
@@ -24,6 +24,14 @@ func GetAWSResourcePermissions(result ResourceV2) []string {
 	switch result.Name {
 	case "aws_s3_bucket":
 		Permissions = GetPermissionMap(aws_s3_bucket, result.Attributes)
+	case "aws_s3_bucket_acl":
+		Permissions = GetPermissionMap(aws_s3_bucket_acl, result.Attributes)
+	case "aws_s3_bucket_versioning":
+		Permissions = GetPermissionMap(aws_s3_bucket_versioning, result.Attributes)
+	case "aws_s3_bucket_server_side_encryption_configuration":
+		Permissions = GetPermissionMap(aws_s3_bucket_server_side_encryption_configuration, result.Attributes)
+	case "aws_s3_bucket_public_access_block":
+		Permissions = GetPermissionMap(aws_s3_bucket_public_access_block, result.Attributes)
 	case "aws_instance":
 		Permissions = GetPermissionMap(aws_instance, result.Attributes)
 	case "aws_security_group":
@@ -40,12 +48,26 @@ func GetAWSResourcePermissions(result ResourceV2) []string {
 		Permissions = GetPermissionMap(aws_kms_key, result.Attributes)
 	case "aws_iam_role":
 		Permissions = GetPermissionMap(aws_iam_role, result.Attributes)
+	case "aws_iam_role_policy":
+		Permissions = GetPermissionMap(aws_iam_role_policy, result.Attributes)
+	case "aws_iam_role_policy_attachment":
+		Permissions = GetPermissionMap(aws_iam_role_policy_attachment, result.Attributes)
+	case "aws_iam_policy":
+		Permissions = GetPermissionMap(aws_iam_policy, result.Attributes)
+	case "aws_iam_instance_profile":
+		Permissions = GetPermissionMap(aws_iam_instance_profile, result.Attributes)
 	case "aws_mq_broker":
 		Permissions = GetPermissionMap(aws_mq_broker, result.Attributes)
 	case "aws_mq_configuration":
 		Permissions = GetPermissionMap(aws_mq_configuration, result.Attributes)
 	case "aws_cloudwatch_log_group":
 		Permissions = GetPermissionMap(aws_cloudwatch_log_group, result.Attributes)
+	case "aws_route53_record":
+		Permissions = GetPermissionMap(aws_route53_record, result.Attributes)
+	case "aws_sns_topic":
+		Permissions = GetPermissionMap(aws_sns_topic, result.Attributes)
+	case "aws_key_pair":
+		Permissions = GetPermissionMap(aws_key_pair, result.Attributes)
 	default:
 		log.Printf("%s not implemented", result.Name)
 	}
diff --git a/src/aws_data_source.go b/src/aws_data_source.go
index 152e5092..f4954091 100644
--- a/src/aws_data_source.go
+++ b/src/aws_data_source.go
@@ -8,7 +8,7 @@ func GetAWSDataPermissions(result ResourceV2) []string {
 	switch result.Name {
 	case "aws_vpcs":
 		Permissions = GetPermissionMap(data_aws_vpcs, result.Attributes)
-	case "aws_subnet_ids","aws_subnet", "aws_subnets":
+	case "aws_subnet_ids", "aws_subnet", "aws_subnets":
 		Permissions = GetPermissionMap(data_aws_subnet_ids, result.Attributes)
 	case "aws_ami":
 		Permissions = GetPermissionMap(data_aws_ami, result.Attributes)
@@ -16,7 +16,7 @@ func GetAWSDataPermissions(result ResourceV2) []string {
 		Permissions = GetPermissionMap(data_aws_vpc, result.Attributes)
 	case "aws_availability_zones":
 		Permissions = GetPermissionMap(data_aws_availability_zones, result.Attributes)
-	case "aws_caller_identity","aws_iam_policy_document","aws_region":
+	case "aws_caller_identity", "aws_iam_policy_document", "aws_region", "aws_canonical_user_id":
 		//do nothing
 	default:
 		log.Printf("%s.%s not implemented", result.TypeName, result.Name)
diff --git a/src/files.go b/src/files.go
index 2be161ea..21a3d1f0 100644
--- a/src/files.go
+++ b/src/files.go
@@ -7,6 +7,18 @@ import (
 //go:embed mapping/aws/resource/aws_s3_bucket.json
 var aws_s3_bucket []byte
 
+//go:embed mapping/aws/resource/aws_s3_bucket_acl.json
+var aws_s3_bucket_acl []byte
+
+//go:embed mapping/aws/resource/aws_s3_bucket_versioning.json
+var aws_s3_bucket_versioning []byte
+
+//go:embed mapping/aws/resource/aws_s3_bucket_server_side_encryption_configuration.json
+var aws_s3_bucket_server_side_encryption_configuration []byte
+
+//go:embed mapping/aws/resource/aws_s3_bucket_public_access_block.json
+var aws_s3_bucket_public_access_block []byte
+
 //go:embed mapping/aws/resource/aws_instance.json
 var aws_instance []byte
 
@@ -31,6 +43,18 @@ var aws_kms_key []byte
 //go:embed mapping/aws/resource/aws_iam_role.json
 var aws_iam_role []byte
 
+//go:embed mapping/aws/resource/aws_iam_role_policy.json
+var aws_iam_role_policy []byte
+
+//go:embed mapping/aws/resource/aws_iam_role_policy_attachment.json
+var aws_iam_role_policy_attachment []byte
+
+//go:embed mapping/aws/resource/aws_iam_policy.json
+var aws_iam_policy []byte
+
+//go:embed mapping/aws/resource/aws_iam_instance_profile.json
+var aws_iam_instance_profile []byte
+
 //go:embed mapping/aws/resource/aws_mq_broker.json
 var aws_mq_broker []byte
 
@@ -40,6 +64,14 @@ var aws_mq_configuration []byte
 //go:embed mapping/aws/resource/aws_cloudwatch_log_group.json
 var aws_cloudwatch_log_group []byte
 
+//go:embed mapping/aws/resource/aws_route53_record.json
+var aws_route53_record []byte
+
+//go:embed mapping/aws/resource/aws_sns_topic.json
+var aws_sns_topic []byte
+
+//go:embed mapping/aws/resource/aws_key_pair.json
+var aws_key_pair []byte
 
 //go:embed mapping/gcp/google_compute_instance.json
 var google_compute_instance []byte
diff --git a/src/mapping/aws/resource/aws_iam_instance_profile.json b/src/mapping/aws/resource/aws_iam_instance_profile.json
new file mode 100644
index 00000000..b4213f99
--- /dev/null
+++ b/src/mapping/aws/resource/aws_iam_instance_profile.json
@@ -0,0 +1,23 @@
+[
+  {
+    "apply": [
+      "iam:CreateInstanceProfile",
+      "iam:GetInstanceProfile",
+      "iam:RemoveRoleFromInstanceProfile",
+      "iam:DeleteInstanceProfile",
+      "iam:AddRoleToInstanceProfile",
+      "iam:PassRole"
+    ],
+    "attributes": {
+      "tags": [
+        "iam:TagInstanceProfile",
+        "iam:UntagInstanceProfile"
+      ]
+    },
+    "destroy": [
+      "iam:GetRole"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_iam_policy.json b/src/mapping/aws/resource/aws_iam_policy.json
new file mode 100644
index 00000000..3d50f2a1
--- /dev/null
+++ b/src/mapping/aws/resource/aws_iam_policy.json
@@ -0,0 +1,20 @@
+[
+  {
+    "apply": [
+      "iam:CreatePolicy",
+      "iam:GetPolicy",
+      "iam:GetPolicyVersion",
+      "iam:ListPolicyVersions",
+      "iam:DeletePolicy"
+    ],
+    "attributes": {
+      "tags": [
+        "iam:TagPolicy",
+        "iam:UntagPolicy"
+      ]
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_iam_role_policy.json b/src/mapping/aws/resource/aws_iam_role_policy.json
new file mode 100644
index 00000000..561cfbfd
--- /dev/null
+++ b/src/mapping/aws/resource/aws_iam_role_policy.json
@@ -0,0 +1,17 @@
+[
+  {
+    "apply": [
+      "iam:PutRolePolicy",
+      "iam:GetRolePolicy",
+      "iam:DeleteRolePolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [
+      "iam:DeleteRolePolicy"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_iam_role_policy_attachment.json b/src/mapping/aws/resource/aws_iam_role_policy_attachment.json
new file mode 100644
index 00000000..750466a3
--- /dev/null
+++ b/src/mapping/aws/resource/aws_iam_role_policy_attachment.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "iam:AttachRolePolicy",
+      "iam:ListAttachedRolePolicies",
+      "iam:DetachRolePolicy"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_key_pair.json b/src/mapping/aws/resource/aws_key_pair.json
new file mode 100644
index 00000000..3d7d1a9c
--- /dev/null
+++ b/src/mapping/aws/resource/aws_key_pair.json
@@ -0,0 +1,21 @@
+[
+  {
+    "apply": [
+      "ec2:ImportKeyPair",
+      "ec2:CreateKeyPair",
+      "ec2:DescribeKeyPairs",
+      "ec2:DeleteKeyPair"
+    ],
+    "attributes": {
+      "tags": [
+        "ec2:DeleteTags",
+        "ec2:CreateTags"
+      ]
+    },
+    "destroy": [
+      "ec2:DeleteKeyPair"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_route53_record.json b/src/mapping/aws/resource/aws_route53_record.json
new file mode 100644
index 00000000..6ba7c639
--- /dev/null
+++ b/src/mapping/aws/resource/aws_route53_record.json
@@ -0,0 +1,16 @@
+[
+  {
+    "apply": [
+      "route53:GetHostedZone",
+      "route53:ChangeResourceRecordSets",
+      "route53:GetChange",
+      "route53:ListResourceRecordSets"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_s3_bucket_acl.json b/src/mapping/aws/resource/aws_s3_bucket_acl.json
new file mode 100644
index 00000000..ad037cc6
--- /dev/null
+++ b/src/mapping/aws/resource/aws_s3_bucket_acl.json
@@ -0,0 +1,15 @@
+[
+  {
+    "apply": [
+      "s3:ListAllMyBuckets",
+      "s3:PutBucketAcl",
+      "s3:ListBucket",
+      "s3:GetBucketAcl"
+    ],
+    "attributes": {
+      "tag": []
+    },
+    "destroy": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_s3_bucket_public_access_block.json b/src/mapping/aws/resource/aws_s3_bucket_public_access_block.json
new file mode 100644
index 00000000..3cbfdb60
--- /dev/null
+++ b/src/mapping/aws/resource/aws_s3_bucket_public_access_block.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "s3:GetBucketPublicAccessBlock",
+      "s3:PutBucketPublicAccessBlock"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_s3_bucket_server_side_encryption_configuration.json b/src/mapping/aws/resource/aws_s3_bucket_server_side_encryption_configuration.json
new file mode 100644
index 00000000..a21e2247
--- /dev/null
+++ b/src/mapping/aws/resource/aws_s3_bucket_server_side_encryption_configuration.json
@@ -0,0 +1,14 @@
+[
+  {
+    "apply": [
+      "s3:PutEncryptionConfiguration",
+      "s3:GetEncryptionConfiguration"
+    ],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_s3_bucket_versioning.json b/src/mapping/aws/resource/aws_s3_bucket_versioning.json
new file mode 100644
index 00000000..20b55a64
--- /dev/null
+++ b/src/mapping/aws/resource/aws_s3_bucket_versioning.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [
+      "s3:PutBucketVersioning",
+      "s3:GetBucketVersioning"
+    ],
+    "attributes": {
+      "tag": []
+    },
+    "destroy": [],
+    "plan": []
+  }
+]
diff --git a/src/mapping/aws/resource/aws_sns_topic.json b/src/mapping/aws/resource/aws_sns_topic.json
new file mode 100644
index 00000000..b80b134b
--- /dev/null
+++ b/src/mapping/aws/resource/aws_sns_topic.json
@@ -0,0 +1,22 @@
+[
+  {
+    "apply": [
+      "SNS:CreateTopic",
+      "SNS:SetTopicAttributes",
+      "SNS:GetTopicAttributes",
+      "SNS:ListTagsForResource",
+      "SNS:DeleteTopic"
+    ],
+    "attributes": {
+      "tags": [
+        "SNS:TagResource",
+        "SNS:UnTagResource"
+      ]
+    },
+    "destroy": [
+      "SNS:DeleteTopic"
+    ],
+    "modify": [],
+    "plan": []
+  }
+]
diff --git a/src/policy.go b/src/policy.go
index 574fea33..4375cae9 100644
--- a/src/policy.go
+++ b/src/policy.go
@@ -1,12 +1,12 @@
 package pike
 
 import (
+	_ "embed" //required for embed
 	"encoding/json"
 	"errors"
 	"fmt"
 	"os"
 	"text/template"
-	_ "embed" //required for embed
 )
 
 //go:embed terraform.policy.template
@@ -61,26 +61,30 @@ func AWSPolicy(Permissions []string, output string) error {
 		fmt.Println(err)
 		return err
 	}
-    
+
 	switch output {
-	case "terraform","Terraform":
-		
+	case "terraform", "Terraform":
+
 		type PolicyDetails struct {
-			Policy string
-			Name string
-			Path string
+			Policy      string
+			Name        string
+			Path        string
 			Description string
 		}
 
-        PolicyName:= "terraform"+ randSeq(8)
-		theDetails := PolicyDetails{string(b), PolicyName,"/", "Add Description"}
+		PolicyName := "terraform" + randSeq(8)
+		theDetails := PolicyDetails{string(b), PolicyName, "/", "Add Description"}
 		tmpl, err := template.New("test").Parse(string(policyTemplate))
-		if err != nil { panic(err) }
+		if err != nil {
+			panic(err)
+		}
 
 		err = tmpl.Execute(os.Stdout, theDetails)
 
-		if err != nil { panic(err) }
-	default: 
+		if err != nil {
+			panic(err)
+		}
+	default:
 		fmt.Print(string(b))
 		fmt.Print("\n")
 	}
diff --git a/src/utils.go b/src/utils.go
index e2e54e1c..02ad742a 100644
--- a/src/utils.go
+++ b/src/utils.go
@@ -1,4 +1,4 @@
-package pike 
+package pike
 
 import (
 	"math/rand"
@@ -7,9 +7,9 @@ import (
 var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
 
 func randSeq(n int) string {
-    b := make([]rune, n)
-    for i := range b {
-        b[i] = letters[rand.Intn(len(letters))]
-    }
-    return string(b)
-}
\ No newline at end of file
+	b := make([]rune, n)
+	for i := range b {
+		b[i] = letters[rand.Intn(len(letters))]
+	}
+	return string(b)
+}
diff --git a/terraform/aws_key_pair.tf b/terraform/aws_key_pair.tf
new file mode 100644
index 00000000..208b89e7
--- /dev/null
+++ b/terraform/aws_key_pair.tf
@@ -0,0 +1,7 @@
+resource "aws_key_pair" "example" {
+  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzAEihX6WVbCHLR2f03/3Yyui/yujNy7zT1X21D69Yg4+2wRagRXL48rwzv725n1gxseuy3CcuXzJGq3tIA4ArNZP5ACRqHOijcUgigkiJZfQQsAayRkZcJ1eJGuIIu6eICrB3RFepEH5FhP4oHnet0znf6XbFgbLWvQrFWkL3NYrVR4J3++2OxCyvMWxjCTQ0Cpdri1w7UcxvIT7RyGrPx66Q5N709RgnxQsfz+ex+aTTovew61d3n5xA0/W61A6yVXd0POl6S3MTdcF0iUzQII0N+22WEjzgUHF83Geb6xSjYefuuu9FAnK59eGm59DqD/85xPVDnVlxEuscnaBnBhH4lrCZxoyuEdQ4nlV8eXq6k1FapS/FG3rxCh/TmIG2YUOJqsiet6MBLWIgejyB17nUXD8BvAg1SwU6ZprrK5toStTtgPfUyETKgnXPjDEW+bHMHSEow/rA1G6ZWAPYF7ZXtmiU7+jQU7yJxSX9Bt+vbdk9yVr44YrkD3CpC58= jameswoolfenden@Jamess-MacBook-Pro.local"
+  #tags = {
+  #  mine="notyours"
+  #  another="stillnotyours"
+  #}
+}
diff --git a/terraform/backup/aws_iam_instance_profile.tf b/terraform/backup/aws_iam_instance_profile.tf
new file mode 100644
index 00000000..54138003
--- /dev/null
+++ b/terraform/backup/aws_iam_instance_profile.tf
@@ -0,0 +1,7 @@
+resource "aws_iam_instance_profile" "example" {
+  name = "test_profile"
+  role = "lambda_basic"
+  #  tags = {
+  #    test="james"
+  #  }
+}
diff --git a/terraform/backup/aws_iam_policy.tf b/terraform/backup/aws_iam_policy.tf
new file mode 100644
index 00000000..0c0a5f35
--- /dev/null
+++ b/terraform/backup/aws_iam_policy.tf
@@ -0,0 +1,22 @@
+resource "aws_iam_policy" "policy" {
+  name        = "test-policy"
+  description = "A test policy"
+
+  policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "ec2:Describe*"
+      ],
+      "Effect": "Allow",
+      "Resource": "*"
+    }
+  ]
+}
+EOF
+  tags = {
+    stuff = "mine"
+  }
+}
diff --git a/terraform/backup/aws_iam_role_policy.tf b/terraform/backup/aws_iam_role_policy.tf
new file mode 100644
index 00000000..b6382538
--- /dev/null
+++ b/terraform/backup/aws_iam_role_policy.tf
@@ -0,0 +1,19 @@
+resource "aws_iam_role_policy" "example" {
+
+  name = "test_policy"
+  role = "pike-test-role"
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = [
+          "ec2:Describe*",
+        ]
+        Effect   = "Allow"
+        Resource = "*"
+      },
+    ]
+  })
+
+}
diff --git a/terraform/backup/aws_iam_role_policy_attachment.tf b/terraform/backup/aws_iam_role_policy_attachment.tf
new file mode 100644
index 00000000..b43bc8ba
--- /dev/null
+++ b/terraform/backup/aws_iam_role_policy_attachment.tf
@@ -0,0 +1,4 @@
+resource "aws_iam_role_policy_attachment" "example" {
+  role       = "lambda_basic"
+  policy_arn = "arn:aws:iam::680235478471:policy/basic"
+}
diff --git a/terraform/backup/aws_route53_record.tf b/terraform/backup/aws_route53_record.tf
new file mode 100644
index 00000000..432843e3
--- /dev/null
+++ b/terraform/backup/aws_route53_record.tf
@@ -0,0 +1,8 @@
+resource "aws_route53_record" "example" {
+  name            = "example"
+  type            = "A"
+  ttl             = 100
+  zone_id         = "Z0613304D03LG1SU5BI"
+  records         = ["8.8.8.8"]
+  allow_overwrite = true
+}
diff --git a/terraform/backup/aws_s3_bucket_acl.tf b/terraform/backup/aws_s3_bucket_acl.tf
new file mode 100644
index 00000000..c6e440e8
--- /dev/null
+++ b/terraform/backup/aws_s3_bucket_acl.tf
@@ -0,0 +1,31 @@
+resource "aws_s3_bucket_acl" "example" {
+  bucket = "pike-680235478471"
+  //acl="private"
+  access_control_policy {
+    grant {
+      grantee {
+        id   = data.aws_canonical_user_id.current.id
+        type = "CanonicalUser"
+      }
+      permission = "READ"
+    }
+
+    grant {
+      grantee {
+        type = "Group"
+        uri  = "http://acs.amazonaws.com/groups/s3/LogDelivery"
+      }
+      permission = "READ_ACP"
+    }
+
+    owner {
+      id = data.aws_canonical_user_id.current.id
+    }
+  }
+}
+
+data "aws_canonical_user_id" "current" {}
+
+output "id" {
+  value = data.aws_canonical_user_id.current
+}
diff --git a/terraform/backup/aws_s3_bucket_public_access_block.tf b/terraform/backup/aws_s3_bucket_public_access_block.tf
new file mode 100644
index 00000000..65abc810
--- /dev/null
+++ b/terraform/backup/aws_s3_bucket_public_access_block.tf
@@ -0,0 +1,10 @@
+
+
+resource "aws_s3_bucket_public_access_block" "example" {
+  bucket = "pike-680235478471"
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
+}
diff --git a/terraform/backup/aws_s3_bucket_server_side_encryption_configuration.tf b/terraform/backup/aws_s3_bucket_server_side_encryption_configuration.tf
new file mode 100644
index 00000000..dfe82da5
--- /dev/null
+++ b/terraform/backup/aws_s3_bucket_server_side_encryption_configuration.tf
@@ -0,0 +1,11 @@
+
+
+resource "aws_s3_bucket_server_side_encryption_configuration" "example" {
+  bucket = "pike-680235478471"
+  rule {
+    apply_server_side_encryption_by_default {
+      //kms_master_key_id = aws_kms_key.mykey.arn
+      sse_algorithm = "aws:kms"
+    }
+  }
+}
diff --git a/terraform/backup/aws_s3_bucket_versioning.tf b/terraform/backup/aws_s3_bucket_versioning.tf
new file mode 100644
index 00000000..c50dccd5
--- /dev/null
+++ b/terraform/backup/aws_s3_bucket_versioning.tf
@@ -0,0 +1,7 @@
+resource "aws_s3_bucket_versioning" "example" {
+  bucket = "pike-680235478471"
+  versioning_configuration {
+    status = "Enabled"
+  }
+  expected_bucket_owner = "680235478471"
+}
diff --git a/terraform/backup/aws_sns_topic.tf b/terraform/backup/aws_sns_topic.tf
new file mode 100644
index 00000000..2ab35e73
--- /dev/null
+++ b/terraform/backup/aws_sns_topic.tf
@@ -0,0 +1,26 @@
+resource "aws_sns_topic" "example" {
+  fifo_topic                  = true
+  content_based_deduplication = true
+  #  delivery_policy = <<EOF
+  #{
+  #  "http": {
+  #    "defaultHealthyRetryPolicy": {
+  #      "minDelayTarget": 20,
+  #      "maxDelayTarget": 20,
+  #      "numRetries": 3,
+  #      "numMaxDelayRetries": 0,
+  #      "numNoDelayRetries": 0,
+  #      "numMinDelayRetries": 0,
+  #      "backoffFunction": "linear"
+  #    },
+  #    "disableSubscriptionOverrides": false,
+  #    "defaultThrottlePolicy": {
+  #      "maxReceivesPerSecond": 1
+  #    }
+  #  }
+  #}
+  #EOF
+  tags = {
+    topic = "mine"
+  }
+}
diff --git a/terraform/role/aws_iam_policy.basic.tf b/terraform/role/aws_iam_policy.basic.tf
index ba28d766..394c355b 100644
--- a/terraform/role/aws_iam_policy.basic.tf
+++ b/terraform/role/aws_iam_policy.basic.tf
@@ -5,14 +5,21 @@ resource "aws_iam_policy" "basic" {
     Statement = [
       {
         Action = [
-          "s3:*"
+          "ec2:ImportKeyPair",
+          "ec2:CreateKeyPair",
+          "ec2:DescribeKeyPairs",
+          "ec2:DeleteKeyPair",
+          "ec2:DeleteTags",
+          "ec2:CreateTags",
         ]
         Effect   = "Allow"
         Resource = "*"
       },
     ]
   })
-  tags = { createdby = "JamesWoolfenden" }
+  tags = {
+    createdby = "JamesWoolfenden"
+  }
 }
 
 resource "aws_iam_role_policy_attachment" "basic" {
diff --git a/todo.md b/todo.md
index f70d708b..a6f805ca 100644
--- a/todo.md
+++ b/todo.md
@@ -1,3 +1,6 @@
+
+# todo
+
 2022/08/07 10:09:00 aws_acm_certificate not implemented
 2022/08/07 10:09:00 aws_acm_certificate not implemented
 2022/08/07 10:09:00 aws_acm_certificate_validation not implemented
@@ -233,101 +236,7 @@
 2022/08/07 10:09:00 aws_iam_group_policy_attachment not implemented
 2022/08/07 10:09:00 aws_iam_group_policy_attachment not implemented
 2022/08/07 10:09:00 aws_iam_group_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_instance_profile not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
-2022/08/07 10:09:00 aws_iam_policy not implemented
 2022/08/07 10:09:00 aws_iam_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
-2022/08/07 10:09:00 aws_iam_role_policy_attachment not implemented
 2022/08/07 10:09:00 aws_iam_service_linked_role not implemented
 2022/08/07 10:09:00 aws_iam_service_linked_role not implemented
 2022/08/07 10:09:00 aws_iam_user not implemented
@@ -347,16 +256,6 @@
 2022/08/07 10:09:00 aws_internet_gateway not implemented
 2022/08/07 10:09:00 aws_internet_gateway not implemented
 2022/08/07 10:09:00 aws_internet_gateway not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
-2022/08/07 10:09:00 aws_key_pair not implemented
 2022/08/07 10:09:00 aws_kinesis_firehose_delivery_stream not implemented
 2022/08/07 10:09:00 aws_kinesis_firehose_delivery_stream not implemented
 2022/08/07 10:09:00 aws_kinesis_firehose_delivery_stream not implemented
@@ -461,51 +360,12 @@
 2022/08/07 10:09:00 aws_route53_hosted_zone_dnssec not implemented
 2022/08/07 10:09:00 aws_route53_key_signing_key not implemented
 2022/08/07 10:09:00 aws_route53_query_log not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
-2022/08/07 10:09:00 aws_route53_record not implemented
 2022/08/07 10:09:00 aws_route53_zone not implemented
 2022/08/07 10:09:00 aws_route53_zone not implemented
 2022/08/07 10:09:00 aws_route53_zone not implemented
 2022/08/07 10:09:00 aws_route53_zone not implemented
 2022/08/07 10:09:00 aws_route53_zone not implemented
 2022/08/07 10:09:00 aws_route53_zone not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
-2022/08/07 10:09:00 aws_s3_bucket_acl not implemented
 2022/08/07 10:09:00 aws_s3_bucket_cors_configuration not implemented
 2022/08/07 10:09:00 aws_s3_bucket_cors_configuration not implemented
 2022/08/07 10:09:00 aws_s3_bucket_lifecycle_configuration not implemented
@@ -531,86 +391,7 @@
 2022/08/07 10:09:00 aws_s3_bucket_policy not implemented
 2022/08/07 10:09:00 aws_s3_bucket_policy not implemented
 2022/08/07 10:09:00 aws_s3_bucket_policy not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
-2022/08/07 10:09:00 aws_s3_bucket_public_access_block not implemented
 2022/08/07 10:09:00 aws_s3_bucket_replication_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_server_side_encryption_configuration not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
-2022/08/07 10:09:00 aws_s3_bucket_versioning not implemented
 2022/08/07 10:09:00 aws_s3_bucket_website_configuration not implemented
 2022/08/07 10:09:00 aws_s3_bucket_website_configuration not implemented
 2022/08/07 10:09:00 aws_s3_object not implemented
@@ -669,20 +450,6 @@
 2022/08/07 10:09:00 aws_sfn_activity not implemented
 2022/08/07 10:09:00 aws_sfn_state_machine not implemented
 2022/08/07 10:09:00 aws_sfn_state_machine not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
-2022/08/07 10:09:00 aws_sns_topic not implemented
 2022/08/07 10:09:00 aws_sns_topic_policy not implemented
 2022/08/07 10:09:00 aws_sns_topic_subscription not implemented
 2022/08/07 10:09:00 aws_sns_topic_subscription not implemented