Bump version to 1.0.0-beta.4

CHANGELOG.md

@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.0-beta.4] - 2023-10-26
+
+### Added
+- `terraform_plan/direct_dependencies`: Added option `references_to` and `referenced_by` to make sure whether the resource is referenced by or references to the given resource (e.g. `references_to: "aws_security_group"`)
+
 ## [1.0.0-beta.3] - 2023-07-20
 
 ### Fixed

README.md

@@ -151,7 +151,7 @@ optional arguments:
 }
 ```
 
-4. Make sure that AWS ELBs are attached to security group (using Terraform plan provider)
+4. Make sure that all AWS ELBs are attached to security group (using Terraform plan provider)
 ```json
 {
   "meta": {
@@ -164,19 +164,47 @@ optional arguments:
       "provider_args": {
         "operation_type": "direct_references",
         "terraform_resource_type": "aws_elb"
+        "references_to": "aws_security_group"
       },
       "condition": {
-        "type": "Contains",
-        "value": "aws_security_group",
-        "error_tolerance": 2
+        "type": "Equals",
+        "value": true,
+        "error_tolerance": 0
       }
     }
   ],
   "eval_expression": "aws_elbs_have_direct_references_to_security_group"
 }
 ```
 
-5. Kubernetes (using Kubernetes provider)
+5. Make sure that all `aws_s3_bucket` are referenced by `aws_s3_bucket_intelligent_tiering_configuration` (using Terraform plan provider)
+```json
+{
+  "meta": {
+    "required_provider": "stackguardian/terraform_plan",
+    "version": "v1"
+  },
+  "evaluators": [
+    {
+      "id": "s3HasLifeCycleIntelligentTiering",
+      "description": "Make sure all aws_s3_bucket are referenced by aws_s3_bucket_intelligent_tiering_configuration",
+      "provider_args": {
+        "operation_type": "direct_references",
+        "terraform_resource_type": "aws_s3_bucket",
+        "referenced_by": "aws_s3_bucket_intelligent_tiering_configuration"
+      },
+      "condition": {
+        "type": "Equals",
+        "value": true,
+        "error_tolerance": 0
+      }
+    }
+  ],
+  "eval_expression": "s3HasLifeCycleIntelligentTiering"
+}
+```
+
+6. Kubernetes (using Kubernetes provider)
 - Make sure that all pods have a liveness probe defined
 
 ```json

setup.py

@@ -22,7 +22,7 @@ def read(*names, **kwargs):
 
 setup(
     name="py-tirith",
-    version="1.0.0-beta.3",
+    version="1.0.0-beta.4",
     license="Apache",
     description="Tirith simplifies defining Policy as Code.",
     long_description_content_type="text/markdown",

src/tirith/__init__.py

@@ -2,6 +2,6 @@
 tirith: Execute policies defined using Tirith (StackGuardian Policy Framework)
 """
 
-__version__ = "1.0.0-beta.3"
+__version__ = "1.0.0-beta.4"
 __author__ = "StackGuardian"
 __license__ = "Apache"

src/tirith/cli.py

@@ -84,7 +84,7 @@ def __init__(self, prog="PROG") -> None:
             action="store_true",
             help="Show detailed logs of from the run",
         )
-        parser.add_argument("--version", action="version", version="1.0.0-beta.3")
+        parser.add_argument("--version", action="version", version="1.0.0-beta.4")
 
         args = parser.parse_args()