From 395c3df2a9ffc2e316ad632bf5cddf3ee3e8df02 Mon Sep 17 00:00:00 2001
From: John De Armas <john.dearmas@rhinosecuritylabs.com>
Date: Mon, 13 Jan 2025 11:14:05 -0700
Subject: [PATCH] Update rds_snapshot

---
 scenarios/rds_snapshot/terraform/ec2.tf      |  1 +
 scenarios/rds_snapshot/terraform/provider.tf | 24 +++++++++++++++++++-
 scenarios/rds_snapshot/terraform/rds.tf      |  4 +++-
 scenarios/rds_snapshot/terraform/variable.tf | 14 +++++++++++-
 4 files changed, 40 insertions(+), 3 deletions(-)

diff --git a/scenarios/rds_snapshot/terraform/ec2.tf b/scenarios/rds_snapshot/terraform/ec2.tf
index 057d3b7a..018ea859 100644
--- a/scenarios/rds_snapshot/terraform/ec2.tf
+++ b/scenarios/rds_snapshot/terraform/ec2.tf
@@ -59,6 +59,7 @@ resource "aws_instance" "cg-ec2-instance" {
     }
   }
 
+  // https://developer.hashicorp.com/terraform/language/v1.5.x/resources/provisioners/remote-exec
   provisioner "remote-exec" {
   inline = [
     "sudo apt-get update -y",
diff --git a/scenarios/rds_snapshot/terraform/provider.tf b/scenarios/rds_snapshot/terraform/provider.tf
index 37a868bf..54b2d922 100644
--- a/scenarios/rds_snapshot/terraform/provider.tf
+++ b/scenarios/rds_snapshot/terraform/provider.tf
@@ -1,4 +1,26 @@
+terraform {
+  required_version = ">= 1.5"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.0.0"
+    }
+    archive = {
+      source  = "hashicorp/archive"
+      version = ">= 2.4"
+    }
+  }
+}
+
 provider "aws" {
   profile = var.profile
   region  = var.region
-}
\ No newline at end of file
+
+  default_tags {
+    tags = {
+      Stack    = var.stack-name
+      Scenario = var.scenario-name
+    }
+  }
+}
diff --git a/scenarios/rds_snapshot/terraform/rds.tf b/scenarios/rds_snapshot/terraform/rds.tf
index b1d8893e..821aa8ec 100644
--- a/scenarios/rds_snapshot/terraform/rds.tf
+++ b/scenarios/rds_snapshot/terraform/rds.tf
@@ -1,3 +1,4 @@
+// https://registry.terraform.io/providers/hashicorp/aws/5.0.0/docs/resources/db_instance
 resource "aws_db_instance" "cg-rds-db_instance" {
   allocated_storage    = 20
   engine               = "mysql"
@@ -14,13 +15,14 @@ resource "aws_db_instance" "cg-rds-db_instance" {
 
   vpc_security_group_ids = [aws_security_group.allow_mysql.id]
 
-  publicly_accessible = true
+  publicly_accessible = false
 
   tags = {
     Name = "cg-rds-db_instance-${var.cgid}"
   }
 }
 
+// https://registry.terraform.io/providers/hashicorp/aws/5.0.0/docs/resources/db_snapshot
 resource "aws_db_snapshot" "cg-rds_snapshot" {
   db_instance_identifier = aws_db_instance.cg-rds-db_instance.identifier
   db_snapshot_identifier = "cg-rds-snapshot"
diff --git a/scenarios/rds_snapshot/terraform/variable.tf b/scenarios/rds_snapshot/terraform/variable.tf
index a03d973f..977995e7 100644
--- a/scenarios/rds_snapshot/terraform/variable.tf
+++ b/scenarios/rds_snapshot/terraform/variable.tf
@@ -37,4 +37,16 @@ variable "rds-password" {
   description = "RDS Mysql instance password"
   default     = "cgoat9562!"
   type        = string
-}
\ No newline at end of file
+}
+
+variable "stack-name" {
+  description = "Name of the stack."
+  default     = "CloudGoat"
+  type        = string
+}
+
+variable "scenario-name" {
+  description = "Name of the scenario."
+  default     = "rds_snapshot"
+  type        = string
+}