Merged dev into feature/OPT-508

Author: galbiach-irius

CHANGELOG.md

@@ -0,0 +1,3 @@
+# Change Log
+
+All release notes are documented in [Releases Section](https://github.com/iriusrisk/startleft/releases)

README.md

@@ -20,3 +20,6 @@ All the info is available at: https://github.com/iriusrisk/startleft/wiki/Source
 
 # Open Threat Model (OTM)
 See GitHub wiki: https://github.com/iriusrisk/startleft/wiki/Open-Threat-Model-(OTM) 
+
+# Change Log
+All release notes are documented in [Releases Section](https://github.com/iriusrisk/startleft/releases)

examples/cloudformation/iriusrisk-cft-mapping.yaml

@@ -6,7 +6,8 @@ trustzones:
   #type 4
   - id:   f0ba7722-39b6-4c81-8290-a30a248bb8d9
     name: Internet
-    $source: {$singleton: {$root: "Resources|squash(@)[?Type=='AWS::EC2::SecurityGroup' && Properties.SecurityGroupEgress[0].CidrIp]"}}
+    $source: {$singleton:
+                {$root: "Resources|squash(@)[?Type=='AWS::EC2::SecurityGroup' && Properties | (SecurityGroupEgress[0].CidrIp || SecurityGroupIngress[0].CidrIp)]"}}
 
 # The order of the components is important because parent components must be defined before child components
 components:
@@ -55,7 +56,10 @@ components:
     type:   ec2
     name:   {$path: "_key"}
     $source: {$root: "Resources|squash(@)[?Type=='AWS::EC2::Instance']"}
-    parent:  {$findFirst: {$searchParams:{ searchPath: ["Properties.SubnetId.Ref","Properties.SubnetId"], defaultValue: "b61d6911-338d-46a8-9f39-8dcd24abfe91"}}}
+    parent: { $findFirst: { $searchParams: { searchPath: [
+      "Properties | SubnetId.Ref || (NetworkInterfaces[].SubnetId.Ref | [0])",
+      "Properties | SubnetId || (NetworkInterfaces[].SubnetId | [0])"
+    ], defaultValue: "b61d6911-338d-46a8-9f39-8dcd24abfe91" } } }
     tags:
       - { $path: "Type" }
 

examples/cloudformation/split/networks_cft_file.json

@@ -0,0 +1,54 @@
+{
+    "Resources": {
+        "CustomVPC": {
+            "Type": "AWS::EC2::VPC",
+            "Properties": {
+                "CidrBlock": "10.0.0.0/16"
+            }
+        },
+        "PrivateSubnet1": {
+            "Type": "AWS::EC2::Subnet",
+            "Properties": {
+                "VpcId": {
+                    "Ref": "CustomVPC"
+                },
+                "AvailabilityZone": "Select",
+                "CidrBlock": "10.0.2.0/24",
+                "MapPublicIpOnLaunch": false
+            }
+        },
+        "PrivateSubnet2": {
+            "Type": "AWS::EC2::Subnet",
+            "Properties": {
+                "VpcId": {
+                    "Ref": "CustomVPC"
+                },
+                "AvailabilityZone": "elect",
+                "CidrBlock": "10.0.3.0/24",
+                "MapPublicIpOnLaunch": false
+            }
+        },
+        "PublicSubnet1": {
+            "Type": "AWS::EC2::Subnet",
+            "Properties": {
+                "VpcId": {
+                    "Ref": "CustomVPC"
+                },
+                "AvailabilityZone": "Select",
+                "CidrBlock": "10.0.0.0/24",
+                "MapPublicIpOnLaunch": false
+            }
+        },
+        "PublicSubnet2": {
+            "Type": "AWS::EC2::Subnet",
+            "Properties": {
+                "VpcId": {
+                    "Ref": "CustomVPC"
+                },
+                "AvailabilityZone": "Select",
+                "CidrBlock": "10.0.1.0/24",
+                "MapPublicIpOnLaunch": false
+            }
+        }
+    }
+}