Terraform Plans #110
Assignees
Labels
question
Further information is requested
Comments
|
Hi there! I have a couple ideas around generating graphs from data sources that are not the AWS APIs. I think Terraform plans could be one of those. However, that'll be a pretty large hunk of work that will not be available anytime soon. In the meantime, feel free to checkout https://github.com/ncc-erik-steringer/Aerides and see if you can wedge that into your CI today. |
|
OOOO that is really neat! Thanks, I will give this a try. Feel free to close this issue for now if you like. |
wdahlenburg
pushed a commit
to wdahlenburg/PMapper
that referenced
this issue
Sep 5, 2022
wdahlenburg
pushed a commit
to wdahlenburg/PMapper
that referenced
this issue
Sep 5, 2022
…rm_rce Address nccgroup#110: Added note about stealing env variables from TFE runs
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Question
Hey Erik, I love your tool. Happy to see you are actively maintaining it.
I am pretty sure this would not be possible, but if pmapper had a graph of an account could it produce an updated graph based on a Terraform plan to that account? Right now, I run pmapper at regular intervals to find privilege escalations, but it would be even nicer to catch them as people were checking in Terraform to the codebase. Terraform doesn't always know everything at the plan time, though, so I figured it wouldn't produce the highest quality graph, but I thought I would ask in case you had thought about it.
Did the Wiki Have an Answer?
Not sure, maybe a suggested features section? You might have a section about how this can and cannot work with infra-as-code tools because of their nature.
The text was updated successfully, but these errors were encountered: