82 lines
2.6 KiB
Go
82 lines
2.6 KiB
Go
|
package aws
|
||
|
|
|
||
|
|
import (
|
||
|
|
"fmt"
|
||
|
"github.com/snyk/driftctl/enumeration/alerter"
|
||
|
|
"github.com/snyk/driftctl/enumeration/remote/alerts"
|
||
|
|
"github.com/snyk/driftctl/enumeration/remote/aws/repository"
|
||
|
|
"github.com/snyk/driftctl/enumeration/remote/common"
|
||
|
|
remoteerror "github.com/snyk/driftctl/enumeration/remote/error"
|
||
|
|
tf "github.com/snyk/driftctl/enumeration/remote/terraform"
|
||
|
|
|
||
|
|
"github.com/sirupsen/logrus"
|
||
|
|
"github.com/snyk/driftctl/enumeration/resource"
|
||
|
|
"github.com/snyk/driftctl/enumeration/resource/aws"
|
||
|
|
)
|
||
|
|
|
||
|
|
type S3BucketInventoryEnumerator struct {
|
||
|
|
repository repository.S3Repository
|
||
|
|
factory resource.ResourceFactory
|
||
|
|
providerConfig tf.TerraformProviderConfig
|
||
|
alerter alerter.AlerterInterface
|
||
|
|
}
|
||
|
|
|
||
|
|
func NewS3BucketInventoryEnumerator(repo repository.S3Repository, factory resource.ResourceFactory, providerConfig tf.TerraformProviderConfig, alerter alerter.AlerterInterface) *S3BucketInventoryEnumerator {
|
||
|
|
return &S3BucketInventoryEnumerator{
|
||
|
|
repository: repo,
|
||
|
|
factory: factory,
|
||
|
|
providerConfig: providerConfig,
|
||
|
|
alerter: alerter,
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func (e *S3BucketInventoryEnumerator) SupportedType() resource.ResourceType {
|
||
|
|
return aws.AwsS3BucketInventoryResourceType
|
||
|
|
}
|
||
|
|
|
||
|
|
func (e *S3BucketInventoryEnumerator) Enumerate() ([]*resource.Resource, error) {
|
||
|
|
buckets, err := e.repository.ListAllBuckets()
|
||
|
|
if err != nil {
|
||
|
|
return nil, remoteerror.NewResourceListingErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
|
||
|
|
}
|
||
|
|
|
||
|
results := make([]*resource.Resource, 0, len(buckets))
|
||
|
|
|
||
|
|
for _, bucket := range buckets {
|
||
|
|
region, err := e.repository.GetBucketLocation(*bucket.Name)
|
||
|
|
if err != nil {
|
||
|
|
alerts.SendEnumerationAlert(common.RemoteAWSTerraform, e.alerter, remoteerror.NewResourceScanningError(err, string(e.SupportedType()), *bucket.Name))
|
||
|
|
continue
|
||
|
|
}
|
||
|
|
if region == "" || region != e.providerConfig.DefaultAlias {
|
||
|
|
logrus.WithFields(logrus.Fields{
|
||
|
|
"region": region,
|
||
|
|
"bucket": *bucket.Name,
|
||
|
|
}).Debug("Skipped bucket inventory")
|
||
|
|
continue
|
||
|
|
}
|
||
|
|
|
||
|
|
inventoryConfigurations, err := e.repository.ListBucketInventoryConfigurations(bucket, region)
|
||
|
|
if err != nil {
|
||
|
|
// TODO: we should think about a way to ignore just one bucket inventory listing
|
||
|
|
return nil, remoteerror.NewResourceListingError(err, string(e.SupportedType()))
|
||
|
|
}
|
||
|
|
|
||
|
|
for _, config := range inventoryConfigurations {
|
||
|
|
id := fmt.Sprintf("%s:%s", *bucket.Name, *config.Id)
|
||
|
|
results = append(
|
||
|
|
results,
|
||
|
|
e.factory.CreateAbstractResource(
|
||
|
|
string(e.SupportedType()),
|
||
|
|
id,
|
||
|
|
map[string]interface{}{
|
||
|
|
"region": region,
|
||
|
|
},
|
||
|
|
),
|
||
|
|
)
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
return results, err
|
||
|
|
}
|