driftctl/pkg/remote/aws/vpc_security_group_supplier.go

123 lines
4.0 KiB
Go
Raw Normal View History

package aws
import (
2021-01-15 11:44:13 +00:00
"github.com/cloudskiff/driftctl/pkg/parallel"
"github.com/cloudskiff/driftctl/pkg/remote/deserializer"
"github.com/cloudskiff/driftctl/pkg/resource"
resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws"
awsdeserializer "github.com/cloudskiff/driftctl/pkg/resource/aws/deserializer"
"github.com/cloudskiff/driftctl/pkg/terraform"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/ec2/ec2iface"
"github.com/sirupsen/logrus"
"github.com/zclconf/go-cty/cty"
)
type VPCSecurityGroupSupplier struct {
2021-01-15 13:15:31 +00:00
reader terraform.ResourceReader
defaultSecurityGroupDeserializer deserializer.CTYDeserializer
securityGroupDeserializer deserializer.CTYDeserializer
client ec2iface.EC2API
defaultSecurityGroupRunner *terraform.ParallelResourceReader
securityGroupRunner *terraform.ParallelResourceReader
}
2021-01-15 11:44:13 +00:00
func NewVPCSecurityGroupSupplier(runner *parallel.ParallelRunner, client ec2iface.EC2API) *VPCSecurityGroupSupplier {
2021-01-15 13:15:31 +00:00
return &VPCSecurityGroupSupplier{
terraform.Provider(terraform.AWS),
awsdeserializer.NewDefaultSecurityGroupDeserializer(),
awsdeserializer.NewVPCSecurityGroupDeserializer(),
client,
terraform.NewParallelResourceReader(runner.SubRunner()),
terraform.NewParallelResourceReader(runner.SubRunner()),
}
}
func (s VPCSecurityGroupSupplier) Resources() ([]resource.Resource, error) {
2021-01-15 13:15:31 +00:00
securityGroups, defaultSecurityGroups, err := listSecurityGroups(s.client)
if err != nil {
return nil, err
}
2021-01-15 13:15:31 +00:00
for _, item := range securityGroups {
res := *item
s.securityGroupRunner.Run(func() (cty.Value, error) {
return s.readSecurityGroup(res)
})
}
securityGroupResources, err := s.securityGroupRunner.Wait()
if err != nil {
return nil, err
}
for _, item := range defaultSecurityGroups {
res := *item
s.defaultSecurityGroupRunner.Run(func() (cty.Value, error) {
return s.readSecurityGroup(res)
})
}
defaultSecurityGroupResources, err := s.defaultSecurityGroupRunner.Wait()
if err != nil {
return nil, err
}
2021-01-15 13:15:31 +00:00
// Deserialize
deserializedDefaultSecurityGroups, err := s.defaultSecurityGroupDeserializer.Deserialize(defaultSecurityGroupResources)
if err != nil {
return nil, err
}
deserializedSecurityGroups, err := s.securityGroupDeserializer.Deserialize(securityGroupResources)
if err != nil {
return nil, err
}
resources := make([]resource.Resource, 0, len(securityGroupResources)+len(defaultSecurityGroupResources))
resources = append(resources, deserializedDefaultSecurityGroups...)
resources = append(resources, deserializedSecurityGroups...)
return resources, nil
}
func (s VPCSecurityGroupSupplier) readSecurityGroup(securityGroup ec2.SecurityGroup) (cty.Value, error) {
2021-01-15 13:15:31 +00:00
var Ty resource.ResourceType = resourceaws.AwsSecurityGroupResourceType
if isDefaultSecurityGroup(securityGroup) {
2021-01-15 13:15:31 +00:00
Ty = resourceaws.AwsDefaultSecurityGroupResourceType
}
val, err := s.reader.ReadResource(terraform.ReadResourceArgs{
ID: aws.StringValue(securityGroup.GroupId),
Ty: Ty,
})
if err != nil {
2021-01-15 13:15:31 +00:00
logrus.Error(err)
return cty.NilVal, err
}
2021-01-15 13:15:31 +00:00
return *val, nil
}
2021-01-15 13:15:31 +00:00
func listSecurityGroups(client ec2iface.EC2API) ([]*ec2.SecurityGroup, []*ec2.SecurityGroup, error) {
var securityGroups []*ec2.SecurityGroup
2021-01-15 13:15:31 +00:00
var defaultSecurityGroups []*ec2.SecurityGroup
input := &ec2.DescribeSecurityGroupsInput{}
err := client.DescribeSecurityGroupsPages(input, func(res *ec2.DescribeSecurityGroupsOutput, lastPage bool) bool {
2021-01-15 13:15:31 +00:00
for _, securityGroup := range res.SecurityGroups {
if isDefaultSecurityGroup(*securityGroup) {
2021-01-15 13:15:31 +00:00
defaultSecurityGroups = append(defaultSecurityGroups, securityGroup)
continue
}
securityGroups = append(securityGroups, securityGroup)
}
return !lastPage
})
if err != nil {
2021-01-15 13:15:31 +00:00
return nil, nil, err
}
2021-01-15 13:15:31 +00:00
return securityGroups, defaultSecurityGroups, nil
}
// Return true if the security group is considered as a default one
func isDefaultSecurityGroup(securityGroup ec2.SecurityGroup) bool {
return securityGroup.GroupName != nil && *securityGroup.GroupName == "default"
}