EBS Volumes Not Getting Tagged

bridgecrewio / yor

Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

https://www.yor.io

Apache License 2.0

825 stars 123 forks source link

EBS Volumes Not Getting Tagged #372

Closed yashg-ti closed 1 year ago

yashg-ti commented 1 year ago

Describe the bug Terraform allows volume resources(ebs volume) to get defined and attached seperately, as well as within the instance's block. Taggings missing when volumes are defined internally(within the instance's block). The image shows ebs_block_storage property of an instance used to associate a volume to the instance.

To Reproduce Steps to reproduce the behavior:

Create a terraform file with an ebs_block_device defined withn an ec2 instance's block, as shown in the image.
Run cli command ' yor tag -d . --tag-groups code2cloud --parsers Terraform' to apply taggings
Find taggings missing in these ebs_blocks

Expected behavior yor_tag within the tags{} property of the ebs_block_storage.

Screenshots islander's volume the image shows missing tags in the ebs_block_devices after running the command.

Desktop :

OS: Ubunut 22.04
Yor Version: 0.1.150

Additional context Apart from terraform, similar tagging issues exist for IaC tools like cloudformation too.

yashg-ti commented 1 year ago

@lonegunmanb @nimrodkor Could you pls suggest which section of the code might be leading to missing out of those embedded volumes? And is there an already existing utility to cover these volumes, would appreciate a quick response.

nimrodkor commented 1 year ago

Hey @yashg-ti ! This is an interesting use case, as what we are looking for here is actually tagging terraform blocks which are not resources - and that's something yor doesn't support. I see the use case though. one possible way around this is to build a special block for aws_instance resource, which inherits from terraform_block, and change how it is tagged and how it is written to support this use case. Are you up for a contribution? This is not a small change...

nimrodkor commented 1 year ago

I do note that the other way to denote the addition of EBS volumes, via aws_ebs_volume, is supported OOTB... https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ebs_volume

yashg-ti commented 1 year ago

Hey @yashg-ti ! This is an interesting use case, as what we are looking for here is actually tagging terraform blocks which are not resources - and that's something yor doesn't support. I see the use case though. one possible way around this is to build a special block for aws_instance resource, which inherits from terraform_block, and change how it is tagged and how it is written to support this use case. Are you up for a contribution? This is not a small change...

Hey, thanks for the response! Sure, would be happy to contribute. Will raise a PR soon.

elaygl commented 1 year ago

@yashg-ti any update on that?

We have a similar use case. We want the EC2 to be tagged from the launch template.

yashg-ti commented 1 year ago

@yashg-ti any update on that?

We have a similar use case. We want the EC2 to be tagged from the launch template.

Hey, actually we discarded the usage of tagging, hence didn't proceed further with fixing yor.

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.