driftctl/pkg/middlewares/s3_bucket_acl.go

47 lines
1.1 KiB
Go
Raw Normal View History

package middlewares
import (
"github.com/sirupsen/logrus"
"github.com/snyk/driftctl/enumeration/resource"
2022-07-21 08:37:03 +00:00
"github.com/snyk/driftctl/pkg/resource/aws"
)
// Remove grant field on remote resources when acl field != private in state
type S3BucketAcl struct{}
func NewS3BucketAcl() S3BucketAcl {
return S3BucketAcl{}
}
2021-08-09 14:03:04 +00:00
func (m S3BucketAcl) Execute(remoteResources, resourcesFromState *[]*resource.Resource) error {
for _, iacResource := range *resourcesFromState {
// Ignore all resources other than s3 buckets
if iacResource.ResourceType() != aws.AwsS3BucketResourceType {
continue
}
for _, remoteResource := range *remoteResources {
2021-08-09 14:03:04 +00:00
if remoteResource.Equal(iacResource) {
aclAttr, exist := iacResource.Attrs.Get("acl")
2021-04-29 14:36:05 +00:00
if !exist || aclAttr == nil || aclAttr == "" {
break
}
if aclAttr != "private" {
logrus.WithFields(logrus.Fields{
"type": remoteResource.ResourceType(),
"id": remoteResource.ResourceId(),
}).Debug("Found a resource to update")
2021-08-09 14:03:04 +00:00
remoteResource.Attrs.SafeDelete([]string{"grant"})
}
break
}
}
2021-04-29 14:36:05 +00:00
2021-08-09 14:03:04 +00:00
iacResource.Attrs.SafeDelete([]string{"acl"})
}
return nil
}