driftctl/pkg/middlewares/aws_default_igw_route.go

package middlewares

import (
	"github.com/sirupsen/logrus"
	"github.com/snyk/driftctl/enumeration/resource"
	"github.com/snyk/driftctl/enumeration/resource/aws"
)

// Each region has a default vpc which has an internet gateway attached and thus the route table of this
// same vpc has a default route (0.0.0.0/0) that should not be seen as unmanaged if not managed by IaC
// This middleware ignores the above route from unmanaged resources if not managed by IaC
type AwsDefaultInternetGatewayRoute struct{}

func NewAwsDefaultInternetGatewayRoute() AwsDefaultInternetGatewayRoute {
	return AwsDefaultInternetGatewayRoute{}
}

func (m AwsDefaultInternetGatewayRoute) Execute(remoteResources, resourcesFromState *[]*resource.Resource) error {
	newRemoteResources := make([]*resource.Resource, 0)

	for _, remoteResource := range *remoteResources {
		// Ignore all resources other than routes
		if remoteResource.ResourceType() != aws.AwsRouteResourceType {
			newRemoteResources = append(newRemoteResources, remoteResource)
			continue
		}

		// Ignore all routes except the one that came from the default internet gateway
		if !isDefaultInternetGatewayRoute(remoteResource, remoteResources) {
			newRemoteResources = append(newRemoteResources, remoteResource)
			continue
		}

		// Check if route is managed by IaC
		existInState := false
		for _, stateResource := range *resourcesFromState {
			if remoteResource.Equal(stateResource) {
				existInState = true
				break
			}
		}

		// Include resource if it's managed in IaC
		if existInState {
			newRemoteResources = append(newRemoteResources, remoteResource)
			continue
		}

		// Else, resource is not added to newRemoteResources slice so it will be ignored
		logrus.WithFields(logrus.Fields{
			"id":   remoteResource.ResourceId(),
			"type": remoteResource.ResourceType(),
		}).Debug("Ignoring default internet gateway route as it is not managed by IaC")
	}

	*remoteResources = newRemoteResources

	return nil
}

// Return true if the route's target is the default internet gateway (e.g. attached to the default vpc)
func isDefaultInternetGatewayRoute(route *resource.Resource, remoteResources *[]*resource.Resource) bool {
	for _, remoteResource := range *remoteResources {
		if remoteResource.ResourceType() == aws.AwsInternetGatewayResourceType &&
			isDefaultInternetGateway(remoteResource, remoteResources) {
			gtwId, gtwIdExist := route.Attrs.Get("gateway_id")
			destCIDRBlock, destCIDRBlockExist := route.Attrs.Get("destination_cidr_block")
			return gtwIdExist && destCIDRBlockExist && gtwId == remoteResource.ResourceId() && destCIDRBlock == "0.0.0.0/0"
		}
	}
	return false
}
Add middleware 2021-01-22 10:32:56 +00:00			`package middlewares`

			`import (`
			`"github.com/sirupsen/logrus"`
chore: extract enumeration to it's own submodule 2022-06-28 07:23:29 +00:00			`"github.com/snyk/driftctl/enumeration/resource"`
			`"github.com/snyk/driftctl/enumeration/resource/aws"`
Add middleware 2021-01-22 10:32:56 +00:00			`)`

			`// Each region has a default vpc which has an internet gateway attached and thus the route table of this`
Fix bug in default igw route middleware 2021-04-13 08:43:05 +00:00			`// same vpc has a default route (0.0.0.0/0) that should not be seen as unmanaged if not managed by IaC`
Add middleware 2021-01-22 10:32:56 +00:00			`// This middleware ignores the above route from unmanaged resources if not managed by IaC`
			`type AwsDefaultInternetGatewayRoute struct{}`

			`func NewAwsDefaultInternetGatewayRoute() AwsDefaultInternetGatewayRoute {`
			`return AwsDefaultInternetGatewayRoute{}`
			`}`

Remove `Resource` interface 2021-08-09 14:03:04 +00:00			`func (m AwsDefaultInternetGatewayRoute) Execute(remoteResources, resourcesFromState []resource.Resource) error {`
			`newRemoteResources := make([]*resource.Resource, 0)`
Add middleware 2021-01-22 10:32:56 +00:00
			`for _, remoteResource := range *remoteResources {`
			`// Ignore all resources other than routes`
refactor: normalize resource method names 2021-08-18 13:58:28 +00:00			`if remoteResource.ResourceType() != aws.AwsRouteResourceType {`
Add middleware 2021-01-22 10:32:56 +00:00			`newRemoteResources = append(newRemoteResources, remoteResource)`
			`continue`
			`}`

			`// Ignore all routes except the one that came from the default internet gateway`
Remove `Resource` interface 2021-08-09 14:03:04 +00:00			`if !isDefaultInternetGatewayRoute(remoteResource, remoteResources) {`
Add middleware 2021-01-22 10:32:56 +00:00			`newRemoteResources = append(newRemoteResources, remoteResource)`
			`continue`
			`}`

			`// Check if route is managed by IaC`
			`existInState := false`
			`for _, stateResource := range *resourcesFromState {`
Remove `Resource` interface 2021-08-09 14:03:04 +00:00			`if remoteResource.Equal(stateResource) {`
Add middleware 2021-01-22 10:32:56 +00:00			`existInState = true`
			`break`
			`}`
			`}`

			`// Include resource if it's managed in IaC`
			`if existInState {`
			`newRemoteResources = append(newRemoteResources, remoteResource)`
			`continue`
			`}`

			`// Else, resource is not added to newRemoteResources slice so it will be ignored`
			`logrus.WithFields(logrus.Fields{`
refactor: normalize resource method names 2021-08-18 13:58:28 +00:00			`"id": remoteResource.ResourceId(),`
			`"type": remoteResource.ResourceType(),`
Add middleware 2021-01-22 10:32:56 +00:00			`}).Debug("Ignoring default internet gateway route as it is not managed by IaC")`
			`}`

			`*remoteResources = newRemoteResources`

			`return nil`
			`}`

			`// Return true if the route's target is the default internet gateway (e.g. attached to the default vpc)`
Remove `Resource` interface 2021-08-09 14:03:04 +00:00			`func isDefaultInternetGatewayRoute(route resource.Resource, remoteResources []*resource.Resource) bool {`
Add middleware 2021-01-22 10:32:56 +00:00			`for _, remoteResource := range *remoteResources {`
refactor: normalize resource method names 2021-08-18 13:58:28 +00:00			`if remoteResource.ResourceType() == aws.AwsInternetGatewayResourceType &&`
Remove `Resource` interface 2021-08-09 14:03:04 +00:00			`isDefaultInternetGateway(remoteResource, remoteResources) {`
Fix aws_default_route_table, add aws_route_table and add aws_route 2021-05-07 18:55:49 +00:00			`gtwId, gtwIdExist := route.Attrs.Get("gateway_id")`
			`destCIDRBlock, destCIDRBlockExist := route.Attrs.Get("destination_cidr_block")`
refactor: normalize resource method names 2021-08-18 13:58:28 +00:00			`return gtwIdExist && destCIDRBlockExist && gtwId == remoteResource.ResourceId() && destCIDRBlock == "0.0.0.0/0"`
Add middleware 2021-01-22 10:32:56 +00:00			`}`
			`}`
			`return false`
			`}`