Merge pull request #478 from cloudskiff/fea/new_resource_migration

migrate some more resource to new resource handling
main
Elie 2021-05-18 10:54:36 +02:00 committed by GitHub
commit 58d8195f94
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 344411 additions and 283 deletions

View File

@ -44,7 +44,14 @@ type DriftCTL struct {
resourceSchemaRepository resource.SchemaRepositoryInterface resourceSchemaRepository resource.SchemaRepositoryInterface
} }
func NewDriftCTL(remoteSupplier resource.Supplier, iacSupplier resource.Supplier, alerter *alerter.Alerter, resFactory resource.ResourceFactory, opts *ScanOptions, scanProgress globaloutput.Progress, iacProgress globaloutput.Progress, resourceSchemaRepository resource.SchemaRepositoryInterface) *DriftCTL { func NewDriftCTL(remoteSupplier resource.Supplier,
iacSupplier resource.Supplier,
alerter *alerter.Alerter,
resFactory resource.ResourceFactory,
opts *ScanOptions,
scanProgress globaloutput.Progress,
iacProgress globaloutput.Progress,
resourceSchemaRepository resource.SchemaRepositoryInterface) *DriftCTL {
return &DriftCTL{ return &DriftCTL{
remoteSupplier, remoteSupplier,
iacSupplier, iacSupplier,
@ -84,7 +91,7 @@ func (d DriftCTL) Run() (*analyser.Analysis, error) {
middlewares.NewAwsDefaultRoute(), middlewares.NewAwsDefaultRoute(),
middlewares.NewAwsNatGatewayEipAssoc(), middlewares.NewAwsNatGatewayEipAssoc(),
middlewares.NewAwsBucketPolicyExpander(d.resourceFactory), middlewares.NewAwsBucketPolicyExpander(d.resourceFactory),
middlewares.NewAwsSqsQueuePolicyExpander(d.resourceFactory), middlewares.NewAwsSqsQueuePolicyExpander(d.resourceFactory, d.resourceSchemaRepository),
middlewares.NewAwsDefaultSqsQueuePolicy(), middlewares.NewAwsDefaultSqsQueuePolicy(),
middlewares.NewAwsSNSTopicPolicyExpander(d.resourceFactory, d.resourceSchemaRepository), middlewares.NewAwsSNSTopicPolicyExpander(d.resourceFactory, d.resourceSchemaRepository),
) )

View File

@ -981,50 +981,52 @@ func TestDriftctlRun_Middlewares(t *testing.T) {
{ {
name: "test sqs queue policy expander middleware", name: "test sqs queue policy expander middleware",
stateResources: []resource.Resource{ stateResources: []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: awssdk.String("{\"policy\":\"bar\"}"), Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"policy": "{\"policy\":\"bar\"}",
},
}, },
}, },
remoteResources: []resource.Resource{ remoteResources: []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "foo", Id: "foo",
QueueUrl: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Policy: awssdk.String("{\"policy\":\"baz\"}"), Attrs: &resource.Attributes{
CtyVal: func() *cty.Value { "id": "foo",
v := cty.ObjectVal(map[string]cty.Value{ "queue_url": "foo",
"id": cty.StringVal("foo"), "policy": "{\"policy\":\"baz\"}",
"queue_url": cty.StringVal("foo"), },
"policy": cty.StringVal("{\"policy\":\"baz\"}"),
})
return &v
}(),
}, },
}, },
mocks: func(factory resource.ResourceFactory) { mocks: func(factory resource.ResourceFactory) {
foo := cty.ObjectVal(map[string]cty.Value{ factory.(*terraform.MockResourceFactory).On("CreateAbstractResource", "aws_sqs_queue_policy", "foo", map[string]interface{}{
"id": cty.StringVal("foo"), "id": "foo",
"queue_url": cty.StringVal("foo"), "queue_url": "foo",
"policy": cty.StringVal("{\"policy\":\"bar\"}"), "policy": "{\"policy\":\"bar\"}",
}) }).Times(1).Return(&resource.AbstractResource{
factory.(*terraform.MockResourceFactory).On("CreateResource", mock.MatchedBy(func(input map[string]interface{}) bool { Id: "foo",
return matchByAttributes(input, map[string]interface{}{ Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"id": "foo", "id": "foo",
"queue_url": "foo", "queue_url": "foo",
"policy": awssdk.String("{\"policy\":\"bar\"}"), "policy": "{\"policy\":\"bar\"}",
}) },
}), "aws_sqs_queue_policy").Times(1).Return(&foo, nil) }, nil)
}, },
assert: func(result *test.ScanResult, err error) { assert: func(result *test.ScanResult, err error) {
result.AssertManagedCount(1) result.AssertManagedCount(1)
result.AssertResourceHasDrift("foo", "aws_sqs_queue_policy", analyser.Change{ result.AssertResourceHasDrift("foo", "aws_sqs_queue_policy", analyser.Change{
Change: diff.Change{ Change: diff.Change{
Type: diff.UPDATE, Type: diff.UPDATE,
Path: []string{"Policy"}, Path: []string{"policy"},
From: "{\"policy\":\"bar\"}", From: "{\"policy\":\"bar\"}",
To: "{\"policy\":\"baz\"}", To: "{\"policy\":\"baz\"}",
}, },
Computed: false, Computed: false,
JsonString: true,
}) })
}, },
options: func(t *testing.T) *pkg.ScanOptions { options: func(t *testing.T) *pkg.ScanOptions {

View File

@ -96,6 +96,8 @@ func TestTerraformStateReader_AWS_Resources(t *testing.T) {
{name: "KMS key", dirName: "kms_key", wantErr: false}, {name: "KMS key", dirName: "kms_key", wantErr: false},
{name: "KMS alias", dirName: "kms_alias", wantErr: false}, {name: "KMS alias", dirName: "kms_alias", wantErr: false},
{name: "lambda event source mapping", dirName: "aws_lambda_event_source_mapping", wantErr: false}, {name: "lambda event source mapping", dirName: "aws_lambda_event_source_mapping", wantErr: false},
{name: "VPC", dirName: "vpc", wantErr: false},
{name: "Subnet", dirName: "subnet", wantErr: false},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {

View File

@ -1,48 +1,4 @@
[ [
{
"Id": "vpc-41d1d13b",
"Type": "aws_default_vpc",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-41d1d13b",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "172.31.0.0/16",
"default_network_acl_id": "acl-e88ee595",
"default_route_table_id": "rtb-9642cde8",
"default_security_group_id": "sg-e633c1c8",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": true,
"enable_dns_support": true,
"id": "vpc-41d1d13b",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-9642cde8",
"owner_id": "929327065333"
}
},
{
"Arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-0a5666c0cfc366714",
"AssignGeneratedIpv6CidrBlock": false,
"CidrBlock": "10.0.0.0/16",
"DefaultNetworkAclId": "acl-081a06acb9d092caf",
"DefaultRouteTableId": "rtb-0aa0a93a2960854a1",
"DefaultSecurityGroupId": "sg-0b1ad864ecd584998",
"DhcpOptionsId": "dopt-d29e33a8",
"EnableClassiclink": false,
"EnableClassiclinkDnsSupport": false,
"EnableDnsHostnames": false,
"EnableDnsSupport": true,
"Id": "vpc-0a5666c0cfc366714",
"InstanceTenancy": "default",
"Ipv6AssociationId": "",
"Ipv6CidrBlock": "",
"MainRouteTableId": "rtb-0aa0a93a2960854a1",
"OwnerId": "929327065333",
"Tags": {},
"CtyVal": {}
},
{ {
"Id": "rtb-9642cde8", "Id": "rtb-9642cde8",
"Type": "aws_default_route_table", "Type": "aws_default_route_table",

View File

@ -30,39 +30,6 @@
} }
] ]
}, },
{
"mode": "managed",
"type": "aws_default_vpc",
"name": "default",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-41d1d13b",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "172.31.0.0/16",
"default_network_acl_id": "acl-e88ee595",
"default_route_table_id": "rtb-9642cde8",
"default_security_group_id": "sg-e633c1c8",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": true,
"enable_dns_support": true,
"id": "vpc-41d1d13b",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-9642cde8",
"owner_id": "929327065333",
"tags": null
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="
}
]
},
{ {
"mode": "managed", "mode": "managed",
"type": "aws_route_table", "type": "aws_route_table",
@ -115,39 +82,6 @@
] ]
} }
] ]
},
{
"mode": "managed",
"type": "aws_vpc",
"name": "vpc",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-0a5666c0cfc366714",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "10.0.0.0/16",
"default_network_acl_id": "acl-081a06acb9d092caf",
"default_route_table_id": "rtb-0aa0a93a2960854a1",
"default_security_group_id": "sg-0b1ad864ecd584998",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": false,
"enable_dns_support": true,
"id": "vpc-0a5666c0cfc366714",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-0aa0a93a2960854a1",
"owner_id": "929327065333",
"tags": {}
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="
}
]
} }
] ]
} }

View File

@ -1,40 +1,42 @@
[ [
{ {
"Arn": "arn:aws:sqs:eu-west-3:047081014315:bar.fifo",
"ContentBasedDeduplication": true,
"DelaySeconds": 0,
"FifoQueue": true,
"Id": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo", "Id": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo",
"KmsDataKeyReusePeriodSeconds": 300, "Type": "aws_sqs_queue",
"KmsMasterKeyId": "", "Attrs": {
"MaxMessageSize": 262144, "arn": "arn:aws:sqs:eu-west-3:047081014315:bar.fifo",
"MessageRetentionSeconds": 345600, "content_based_deduplication": true,
"Name": "bar.fifo", "delay_seconds": 0,
"NamePrefix": null, "fifo_queue": true,
"Policy": null, "id": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo",
"ReceiveWaitTimeSeconds": 0, "kms_data_key_reuse_period_seconds": 300,
"RedrivePolicy": "", "kms_master_key_id": "",
"Tags": {}, "max_message_size": 262144,
"VisibilityTimeoutSeconds": 30, "message_retention_seconds": 345600,
"CtyVal": {} "name": "bar.fifo",
"policy": "",
"receive_wait_time_seconds": 0,
"redrive_policy": "",
"visibility_timeout_seconds": 30
}
}, },
{ {
"Arn": "arn:aws:sqs:eu-west-3:047081014315:foo",
"ContentBasedDeduplication": false,
"DelaySeconds": 0,
"FifoQueue": false,
"Id": "https://sqs.eu-west-3.amazonaws.com/047081014315/foo", "Id": "https://sqs.eu-west-3.amazonaws.com/047081014315/foo",
"KmsDataKeyReusePeriodSeconds": 300, "Type": "aws_sqs_queue",
"KmsMasterKeyId": "", "Attrs": {
"MaxMessageSize": 262144, "arn": "arn:aws:sqs:eu-west-3:047081014315:foo",
"MessageRetentionSeconds": 345600, "content_based_deduplication": false,
"Name": "foo", "delay_seconds": 0,
"NamePrefix": null, "fifo_queue": false,
"Policy": null, "id": "https://sqs.eu-west-3.amazonaws.com/047081014315/foo",
"ReceiveWaitTimeSeconds": 0, "kms_data_key_reuse_period_seconds": 300,
"RedrivePolicy": "", "kms_master_key_id": "",
"Tags": {}, "max_message_size": 262144,
"VisibilityTimeoutSeconds": 30, "message_retention_seconds": 345600,
"CtyVal": {} "name": "foo",
"policy": "",
"receive_wait_time_seconds": 0,
"redrive_policy": "",
"visibility_timeout_seconds": 30
}
} }
] ]

View File

@ -1,8 +1,11 @@
[ [
{ {
"Id": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo", "Id": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo",
"Policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:bar.fifo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}", "Type": "aws_sqs_queue_policy",
"QueueUrl": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo", "Attrs": {
"CtyVal": {} "id": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:bar.fifo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
"queue_url": "https://sqs.eu-west-3.amazonaws.com/047081014315/bar.fifo"
}
} }
] ]

View File

@ -0,0 +1,110 @@
[
{
"Id": "subnet-03258f7d55e1df8ed",
"Type": "aws_default_subnet",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-03258f7d55e1df8ed",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1a",
"availability_zone_id": "use1-az1",
"cidr_block": "172.31.0.0/20",
"id": "subnet-03258f7d55e1df8ed",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": true,
"outpost_arn": "",
"owner_id": "526954929923",
"vpc_id": "vpc-075959b9534907185"
}
},
{
"Id": "subnet-03a8928df96cbc112",
"Type": "aws_default_subnet",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-03a8928df96cbc112",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1b",
"availability_zone_id": "use1-az2",
"cidr_block": "172.31.80.0/20",
"id": "subnet-03a8928df96cbc112",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": true,
"outpost_arn": "",
"owner_id": "526954929923",
"vpc_id": "vpc-075959b9534907185"
}
},
{
"Id": "subnet-00242cc446a0e7583",
"Type": "aws_default_subnet",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-00242cc446a0e7583",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1c",
"availability_zone_id": "use1-az4",
"cidr_block": "172.31.16.0/20",
"id": "subnet-00242cc446a0e7583",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": true,
"outpost_arn": "",
"owner_id": "526954929923",
"vpc_id": "vpc-075959b9534907185"
}
},
{
"Id": "subnet-03c1a726f076cec6b",
"Type": "aws_subnet",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-03c1a726f076cec6b",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1c",
"availability_zone_id": "use1-az4",
"cidr_block": "10.0.0.0/24",
"id": "subnet-03c1a726f076cec6b",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": false,
"outpost_arn": "",
"owner_id": "526954929923",
"vpc_id": "vpc-0ad2f4ae7212c2bff"
}
},
{
"Id": "subnet-02fb51b19c891f0e9",
"Type": "aws_subnet",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-02fb51b19c891f0e9",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1d",
"availability_zone_id": "use1-az6",
"cidr_block": "10.0.1.0/24",
"id": "subnet-02fb51b19c891f0e9",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": false,
"outpost_arn": "",
"owner_id": "526954929923",
"vpc_id": "vpc-0ad2f4ae7212c2bff"
}
},
{
"Id": "subnet-09631aa1f17d607c4",
"Type": "aws_subnet",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-09631aa1f17d607c4",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1a",
"availability_zone_id": "use1-az1",
"cidr_block": "10.0.2.0/24",
"id": "subnet-09631aa1f17d607c4",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": false,
"outpost_arn": "",
"owner_id": "526954929923",
"vpc_id": "vpc-0ad2f4ae7212c2bff"
}
}
]

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,192 @@
{
"version": 4,
"terraform_version": "0.14.5",
"serial": 138,
"lineage": "ec9c0716-6733-eae8-88da-b0da6694f4fb",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "aws_default_subnet",
"name": "default-a",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-03258f7d55e1df8ed",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1a",
"availability_zone_id": "use1-az1",
"cidr_block": "172.31.0.0/20",
"id": "subnet-03258f7d55e1df8ed",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": true,
"outpost_arn": "",
"owner_id": "526954929923",
"tags": null,
"timeouts": null,
"vpc_id": "vpc-075959b9534907185"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9"
}
]
},
{
"mode": "managed",
"type": "aws_default_subnet",
"name": "default-b",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-03a8928df96cbc112",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1b",
"availability_zone_id": "use1-az2",
"cidr_block": "172.31.80.0/20",
"id": "subnet-03a8928df96cbc112",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": true,
"outpost_arn": "",
"owner_id": "526954929923",
"tags": null,
"timeouts": null,
"vpc_id": "vpc-075959b9534907185"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9"
}
]
},
{
"mode": "managed",
"type": "aws_default_subnet",
"name": "default-c",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-00242cc446a0e7583",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1c",
"availability_zone_id": "use1-az4",
"cidr_block": "172.31.16.0/20",
"id": "subnet-00242cc446a0e7583",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": true,
"outpost_arn": "",
"owner_id": "526954929923",
"tags": null,
"timeouts": null,
"vpc_id": "vpc-075959b9534907185"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9"
}
]
},
{
"mode": "managed",
"type": "aws_subnet",
"name": "subnet1",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-03c1a726f076cec6b",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1c",
"availability_zone_id": "use1-az4",
"cidr_block": "10.0.0.0/24",
"id": "subnet-03c1a726f076cec6b",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": false,
"outpost_arn": "",
"owner_id": "526954929923",
"tags": null,
"timeouts": null,
"vpc_id": "vpc-0ad2f4ae7212c2bff"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9",
"dependencies": [
"aws_vpc.vpc_for_subnets"
]
}
]
},
{
"mode": "managed",
"type": "aws_subnet",
"name": "subnet2",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-02fb51b19c891f0e9",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1d",
"availability_zone_id": "use1-az6",
"cidr_block": "10.0.1.0/24",
"id": "subnet-02fb51b19c891f0e9",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": false,
"outpost_arn": "",
"owner_id": "526954929923",
"tags": null,
"timeouts": null,
"vpc_id": "vpc-0ad2f4ae7212c2bff"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9",
"dependencies": [
"aws_vpc.vpc_for_subnets"
]
}
]
},
{
"mode": "managed",
"type": "aws_subnet",
"name": "subnet3",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:526954929923:subnet/subnet-09631aa1f17d607c4",
"assign_ipv6_address_on_creation": false,
"availability_zone": "us-east-1a",
"availability_zone_id": "use1-az1",
"cidr_block": "10.0.2.0/24",
"id": "subnet-09631aa1f17d607c4",
"ipv6_cidr_block": "",
"ipv6_cidr_block_association_id": "",
"map_public_ip_on_launch": false,
"outpost_arn": "",
"owner_id": "526954929923",
"tags": null,
"timeouts": null,
"vpc_id": "vpc-0ad2f4ae7212c2bff"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9",
"dependencies": [
"aws_vpc.vpc_for_subnets"
]
}
]
}
]
}

View File

@ -0,0 +1,48 @@
[
{
"Id": "vpc-41d1d13b",
"Type": "aws_default_vpc",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-41d1d13b",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "172.31.0.0/16",
"default_network_acl_id": "acl-e88ee595",
"default_route_table_id": "rtb-9642cde8",
"default_security_group_id": "sg-e633c1c8",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": true,
"enable_dns_support": true,
"id": "vpc-41d1d13b",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-9642cde8",
"owner_id": "929327065333"
}
},
{
"Id": "vpc-0a5666c0cfc366714",
"Type": "aws_vpc",
"Attrs": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-0a5666c0cfc366714",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "10.0.0.0/16",
"default_network_acl_id": "acl-081a06acb9d092caf",
"default_route_table_id": "rtb-0aa0a93a2960854a1",
"default_security_group_id": "sg-0b1ad864ecd584998",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": false,
"enable_dns_support": true,
"id": "vpc-0a5666c0cfc366714",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-0aa0a93a2960854a1",
"owner_id": "929327065333"
}
}
]

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,75 @@
{
"version": 4,
"terraform_version": "0.14.2",
"serial": 72,
"lineage": "0a405b90-f526-2004-0d4b-f5fd84ca6664",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "aws_default_vpc",
"name": "default",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-41d1d13b",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "172.31.0.0/16",
"default_network_acl_id": "acl-e88ee595",
"default_route_table_id": "rtb-9642cde8",
"default_security_group_id": "sg-e633c1c8",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": true,
"enable_dns_support": true,
"id": "vpc-41d1d13b",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-9642cde8",
"owner_id": "929327065333",
"tags": null
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="
}
]
},
{
"mode": "managed",
"type": "aws_vpc",
"name": "vpc",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:ec2:us-east-1:929327065333:vpc/vpc-0a5666c0cfc366714",
"assign_generated_ipv6_cidr_block": false,
"cidr_block": "10.0.0.0/16",
"default_network_acl_id": "acl-081a06acb9d092caf",
"default_route_table_id": "rtb-0aa0a93a2960854a1",
"default_security_group_id": "sg-0b1ad864ecd584998",
"dhcp_options_id": "dopt-d29e33a8",
"enable_classiclink": false,
"enable_classiclink_dns_support": false,
"enable_dns_hostnames": false,
"enable_dns_support": true,
"id": "vpc-0a5666c0cfc366714",
"instance_tenancy": "default",
"ipv6_association_id": "",
"ipv6_cidr_block": "",
"main_route_table_id": "rtb-0aa0a93a2960854a1",
"owner_id": "929327065333",
"tags": {}
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="
}
]
}
]
}

View File

@ -27,11 +27,13 @@ func (m AwsDefaultSqsQueuePolicy) Execute(remoteResources, resourcesFromState *[
continue continue
} }
policy, _ := res.(*aws.AwsSqsQueuePolicy) policyRes, _ := res.(*resource.AbstractResource)
// Ignore all non-default queue policy // Ignore all non-default queue policy
if policy.Policy != nil && *policy.Policy != "" { pol, exists := policyRes.Attrs.Get("policy")
newRemoteResources = append(newRemoteResources, policy) policy := pol.(string)
if exists && policy != "" {
newRemoteResources = append(newRemoteResources, policyRes)
continue continue
} }

View File

@ -4,12 +4,11 @@ import (
"strings" "strings"
"testing" "testing"
awssdk "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awsutil" "github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/r3labs/diff/v2"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/r3labs/diff/v2"
) )
func TestAwsDefaultSqsQueuePolicy_Execute(t *testing.T) { func TestAwsDefaultSqsQueuePolicy_Execute(t *testing.T) {
@ -22,58 +21,108 @@ func TestAwsDefaultSqsQueuePolicy_Execute(t *testing.T) {
{ {
"test default sqs queue policy managed by IaC", "test default sqs queue policy managed by IaC",
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "non-default-sqs-queue-policy", Id: "non-default-sqs-queue-policy",
Policy: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "non-default-sqs-queue-policy",
"id": "non-default-sqs-queue-policy",
"policy": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "default-sqs-queue-policy", Id: "default-sqs-queue-policy",
Policy: awssdk.String(""), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "default-sqs-queue-policy",
"id": "default-sqs-queue-policy",
"policy": "",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "non-default-sqs-queue-policy", Id: "non-default-sqs-queue-policy",
Policy: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "non-default-sqs-queue-policy",
"id": "non-default-sqs-queue-policy",
"policy": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "default-sqs-queue-policy", Id: "default-sqs-queue-policy",
Policy: awssdk.String(""), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "default-sqs-queue-policy",
"id": "default-sqs-queue-policy",
"policy": "",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "non-default-sqs-queue-policy", Id: "non-default-sqs-queue-policy",
Policy: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "non-default-sqs-queue-policy",
"id": "non-default-sqs-queue-policy",
"policy": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "default-sqs-queue-policy", Id: "default-sqs-queue-policy",
Policy: awssdk.String(""), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "default-sqs-queue-policy",
"id": "default-sqs-queue-policy",
"policy": "",
},
}, },
}, },
}, },
{ {
"test default sqs queue policy not managed by IaC", "test default sqs queue policy not managed by IaC",
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "non-default-sqs-queue-policy", Id: "non-default-sqs-queue-policy",
Policy: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "non-default-sqs-queue-policy",
"id": "non-default-sqs-queue-policy",
"policy": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "default-sqs-queue-policy", Id: "default-sqs-queue-policy",
Policy: awssdk.String(""), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "default-sqs-queue-policy",
"id": "default-sqs-queue-policy",
"policy": "",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "non-default-sqs-queue-policy", Id: "non-default-sqs-queue-policy",
Policy: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "non-default-sqs-queue-policy",
"id": "non-default-sqs-queue-policy",
"policy": "foo",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "non-default-sqs-queue-policy", Id: "non-default-sqs-queue-policy",
Policy: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "non-default-sqs-queue-policy",
"id": "non-default-sqs-queue-policy",
"policy": "foo",
},
}, },
}, },
}, },

View File

@ -1,7 +1,6 @@
package middlewares package middlewares
import ( import (
awssdk "github.com/aws/aws-sdk-go/aws"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
@ -10,12 +9,14 @@ import (
// Explodes policy found in aws_sqs_queue.policy from state resources to dedicated resources // Explodes policy found in aws_sqs_queue.policy from state resources to dedicated resources
type AwsSqsQueuePolicyExpander struct { type AwsSqsQueuePolicyExpander struct {
resourceFactory resource.ResourceFactory resourceFactory resource.ResourceFactory
resourceSchemaRepository resource.SchemaRepositoryInterface
} }
func NewAwsSqsQueuePolicyExpander(resourceFactory resource.ResourceFactory) AwsSqsQueuePolicyExpander { func NewAwsSqsQueuePolicyExpander(resourceFactory resource.ResourceFactory, resourceSchemaRepository resource.SchemaRepositoryInterface) AwsSqsQueuePolicyExpander {
return AwsSqsQueuePolicyExpander{ return AwsSqsQueuePolicyExpander{
resourceFactory, resourceFactory,
resourceSchemaRepository,
} }
} }
@ -28,15 +29,16 @@ func (m AwsSqsQueuePolicyExpander) Execute(_, resourcesFromState *[]resource.Res
continue continue
} }
queue, _ := res.(*aws.AwsSqsQueue) queue, _ := res.(*resource.AbstractResource)
newList = append(newList, res) newList = append(newList, res)
if queue.Policy == nil { policy, exist := queue.Attrs.Get("policy")
if !exist || policy == nil {
continue continue
} }
if m.hasPolicyAttached(queue, resourcesFromState) { if m.hasPolicyAttached(queue, resourcesFromState) {
queue.Policy = nil queue.Attrs.SafeDelete([]string{"policy"})
continue continue
} }
@ -49,32 +51,22 @@ func (m AwsSqsQueuePolicyExpander) Execute(_, resourcesFromState *[]resource.Res
return nil return nil
} }
func (m *AwsSqsQueuePolicyExpander) handlePolicy(queue *aws.AwsSqsQueue, results *[]resource.Resource) error { func (m *AwsSqsQueuePolicyExpander) handlePolicy(queue *resource.AbstractResource, results *[]resource.Resource) error {
policy, _ := queue.Attrs.Get("policy")
data := map[string]interface{}{ data := map[string]interface{}{
"queue_url": queue.Id, "queue_url": queue.Id,
"id": queue.Id, "id": queue.Id,
"policy": queue.Policy, "policy": policy,
} }
ctyVal, err := m.resourceFactory.CreateResource(data, "aws_sqs_queue_policy")
if err != nil { newPolicy := m.resourceFactory.CreateAbstractResource("aws_sqs_queue_policy", queue.Id, data)
return err *results = append(*results, newPolicy)
}
newPolicy := &aws.AwsSqsQueuePolicy{
Id: queue.Id,
QueueUrl: awssdk.String(queue.Id),
Policy: queue.Policy,
CtyVal: ctyVal,
}
normalizedRes, err := newPolicy.NormalizeForState()
if err != nil {
return err
}
*results = append(*results, normalizedRes)
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
"id": newPolicy.TerraformId(), "id": newPolicy.TerraformId(),
}).Debug("Created new policy from sqs queue") }).Debug("Created new policy from sqs queue")
queue.Policy = nil queue.Attrs.SafeDelete([]string{"policy"})
return nil return nil
} }
@ -82,7 +74,7 @@ func (m *AwsSqsQueuePolicyExpander) handlePolicy(queue *aws.AwsSqsQueue, results
// It is mandatory since it's possible to have a aws_sqs_queue with an inline policy // It is mandatory since it's possible to have a aws_sqs_queue with an inline policy
// AND a aws_sqs_queue_policy resource at the same time. At the end, on the AWS console, // AND a aws_sqs_queue_policy resource at the same time. At the end, on the AWS console,
// the aws_sqs_queue_policy will be used. // the aws_sqs_queue_policy will be used.
func (m *AwsSqsQueuePolicyExpander) hasPolicyAttached(queue *aws.AwsSqsQueue, resourcesFromState *[]resource.Resource) bool { func (m *AwsSqsQueuePolicyExpander) hasPolicyAttached(queue *resource.AbstractResource, resourcesFromState *[]resource.Resource) bool {
for _, res := range *resourcesFromState { for _, res := range *resourcesFromState {
if res.TerraformType() == aws.AwsSqsQueuePolicyResourceType && if res.TerraformType() == aws.AwsSqsQueuePolicyResourceType &&
res.TerraformId() == queue.Id { res.TerraformId() == queue.Id {

View File

@ -4,13 +4,13 @@ import (
"strings" "strings"
"testing" "testing"
awssdk "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awsutil" "github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/stretchr/testify/mock" "github.com/stretchr/testify/mock"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
testresource "github.com/cloudskiff/driftctl/test/resource"
"github.com/r3labs/diff/v2" "github.com/r3labs/diff/v2"
) )
@ -20,75 +20,196 @@ func TestAwsSqsQueuePolicyExpander_Execute(t *testing.T) {
name string name string
resourcesFromState []resource.Resource resourcesFromState []resource.Resource
expected []resource.Resource expected []resource.Resource
mocks func(factory *terraform.MockResourceFactory)
}{ }{
{ {
"Inline policy, no aws_sqs_queue_policy attached", "Inline policy, no aws_sqs_queue_policy attached",
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: awssdk.String("{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: nil, Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "foo", Id: "foo",
QueueUrl: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Policy: awssdk.String("{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Attrs: &resource.Attributes{
"queue_url": "foo",
"id": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
}, },
func(factory *terraform.MockResourceFactory) {
factory.On("CreateAbstractResource", "aws_sqs_queue_policy", "foo", map[string]interface{}{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
}).Once().Return(&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"queue_url": "foo",
"id": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, nil)
},
}, },
{ {
"No inline policy, aws_sqs_queue_policy attached", "No inline policy, aws_sqs_queue_policy attached",
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: nil, Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "foo", Id: "foo",
QueueUrl: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Policy: awssdk.String("{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Attrs: &resource.Attributes{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: nil, Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "foo", Id: "foo",
QueueUrl: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Policy: awssdk.String("{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Attrs: &resource.Attributes{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
}, },
func(factory *terraform.MockResourceFactory) {},
},
{
"Inline policy duplicate aws_sqs_queue_policy",
[]resource.Resource{
&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
},
&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
},
},
[]resource.Resource{
&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
},
},
&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
},
},
func(factory *terraform.MockResourceFactory) {},
}, },
{ {
"Inline policy and aws_sqs_queue_policy", "Inline policy and aws_sqs_queue_policy",
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: awssdk.String("{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "foo", Id: "bar",
QueueUrl: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Policy: awssdk.String("{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Attrs: &resource.Attributes{
"id": "bar",
"queue_url": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
}, },
[]resource.Resource{ []resource.Resource{
&aws.AwsSqsQueue{ &resource.AbstractResource{
Id: "foo", Id: "foo",
Policy: nil, Type: aws.AwsSqsQueueResourceType,
Attrs: &resource.Attributes{
"id": "foo",
},
}, },
&aws.AwsSqsQueuePolicy{ &resource.AbstractResource{
Id: "foo", Id: "bar",
QueueUrl: awssdk.String("foo"), Type: aws.AwsSqsQueuePolicyResourceType,
Policy: awssdk.String("{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}"), Attrs: &resource.Attributes{
"id": "bar",
"queue_url": "foo",
"policy": "{\"Id\":\"MYSQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, },
&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
},
},
func(factory *terraform.MockResourceFactory) {
factory.On("CreateAbstractResource", "aws_sqs_queue_policy", "foo", mock.MatchedBy(func(input map[string]interface{}) bool {
return input["id"] == "foo"
})).Once().Return(&resource.AbstractResource{
Id: "foo",
Type: aws.AwsSqsQueuePolicyResourceType,
Attrs: &resource.Attributes{
"id": "foo",
"queue_url": "foo",
"policy": "{\"Id\":\"MYINLINESQSPOLICY\",\"Statement\":[{\"Action\":\"sqs:SendMessage\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"arn:aws:sqs:eu-west-3:047081014315:foo\",\"Sid\":\"Stmt1611769527792\"}],\"Version\":\"2012-10-17\"}",
},
}, nil)
}, },
}, },
} }
@ -96,9 +217,14 @@ func TestAwsSqsQueuePolicyExpander_Execute(t *testing.T) {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
factory := &terraform.MockResourceFactory{} factory := &terraform.MockResourceFactory{}
factory.On("CreateResource", mock.Anything, "aws_sqs_queue_policy").Once().Return(nil, nil) if tt.mocks != nil {
tt.mocks(factory)
}
m := NewAwsSqsQueuePolicyExpander(factory) repo := testresource.InitFakeSchemaRepository("aws", "3.19.0")
aws.InitResourcesMetadata(repo)
m := NewAwsSqsQueuePolicyExpander(factory, repo)
err := m.Execute(&[]resource.Resource{}, &tt.resourcesFromState) err := m.Execute(&[]resource.Resource{}, &tt.resourcesFromState)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)

View File

@ -2,8 +2,9 @@
package aws package aws
import ( import (
"github.com/cloudskiff/driftctl/pkg/resource"
"github.com/zclconf/go-cty/cty" "github.com/zclconf/go-cty/cty"
"github.com/cloudskiff/driftctl/pkg/resource"
) )
const AwsDefaultSubnetResourceType = "aws_default_subnet" const AwsDefaultSubnetResourceType = "aws_default_subnet"

View File

@ -1,7 +1,12 @@
// GENERATED, DO NOT EDIT THIS FILE // GENERATED, DO NOT EDIT THIS FILE
package aws package aws
import "github.com/zclconf/go-cty/cty" import (
"github.com/zclconf/go-cty/cty"
"github.com/cloudskiff/driftctl/pkg/helpers"
"github.com/cloudskiff/driftctl/pkg/resource"
)
const AwsSqsQueuePolicyResourceType = "aws_sqs_queue_policy" const AwsSqsQueuePolicyResourceType = "aws_sqs_queue_policy"
@ -23,3 +28,18 @@ func (r *AwsSqsQueuePolicy) TerraformType() string {
func (r *AwsSqsQueuePolicy) CtyValue() *cty.Value { func (r *AwsSqsQueuePolicy) CtyValue() *cty.Value {
return r.CtyVal return r.CtyVal
} }
func initAwsSqsQueuePolicyMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) {
resourceSchemaRepository.UpdateSchema(AwsSqsQueuePolicyResourceType, map[string]func(attributeSchema *resource.AttributeSchema){
"policy": func(attributeSchema *resource.AttributeSchema) {
attributeSchema.JsonString = true
},
})
resourceSchemaRepository.SetNormalizeFunc(AwsSqsQueuePolicyResourceType, func(val *resource.Attributes) {
jsonString, err := helpers.NormalizeJsonString((*val)["policy"])
if err != nil {
return
}
val.SafeSet([]string{"policy"}, jsonString)
})
}

View File

@ -1,7 +1,11 @@
// GENERATED, DO NOT EDIT THIS FILE // GENERATED, DO NOT EDIT THIS FILE
package aws package aws
import "github.com/zclconf/go-cty/cty" import (
"github.com/zclconf/go-cty/cty"
"github.com/cloudskiff/driftctl/pkg/resource"
)
const AwsSubnetResourceType = "aws_subnet" const AwsSubnetResourceType = "aws_subnet"
@ -37,3 +41,9 @@ func (r *AwsSubnet) TerraformType() string {
func (r *AwsSubnet) CtyValue() *cty.Value { func (r *AwsSubnet) CtyValue() *cty.Value {
return r.CtyVal return r.CtyVal
} }
func initAwsSubnetMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) {
resourceSchemaRepository.SetNormalizeFunc(AwsSubnetResourceType, func(val *resource.Attributes) {
val.SafeDelete([]string{"timeouts"})
})
}

View File

@ -0,0 +1,31 @@
package aws_test
import (
"testing"
"github.com/cloudskiff/driftctl/test"
"github.com/cloudskiff/driftctl/test/acceptance"
)
func TestAcc_AwsVPC(t *testing.T) {
acceptance.Run(t, acceptance.AccTestCase{
TerraformVersion: "0.14.9",
Paths: []string{"./testdata/acc/aws_vpc"},
Args: []string{"scan", "--filter", "Type=='aws_vpc'"},
Checks: []acceptance.AccCheck{
{
Env: map[string]string{
"AWS_REGION": "us-east-1",
},
Check: func(result *test.ScanResult, stdout string, err error) {
if err != nil {
t.Fatal(err)
}
result.AssertInfrastructureIsInSync()
result.AssertManagedCount(3)
},
},
},
})
}

View File

@ -32,4 +32,6 @@ func InitResourcesMetadata(resourceSchemaRepository resource.SchemaRepositoryInt
initAwsKeyPairMetaData(resourceSchemaRepository) initAwsKeyPairMetaData(resourceSchemaRepository)
initAwsKmsKeyMetaData(resourceSchemaRepository) initAwsKmsKeyMetaData(resourceSchemaRepository)
initAwsKmsAliasMetaData(resourceSchemaRepository) initAwsKmsAliasMetaData(resourceSchemaRepository)
initAwsSubnetMetaData(resourceSchemaRepository)
initAwsSqsQueuePolicyMetaData(resourceSchemaRepository)
} }

View File

@ -27,6 +27,10 @@ resource "aws_default_subnet" "default-c" {
resource "aws_subnet" "subnet1" { resource "aws_subnet" "subnet1" {
vpc_id = aws_vpc.vpc_for_subnets.id vpc_id = aws_vpc.vpc_for_subnets.id
cidr_block = "10.0.0.0/24" cidr_block = "10.0.0.0/24"
timeouts {
create = "60m"
delete = "2h"
}
} }
resource "aws_subnet" "subnet2" { resource "aws_subnet" "subnet2" {

View File

@ -0,0 +1,20 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/aws" {
version = "3.19.0"
constraints = "3.19.0"
hashes = [
"h1:+7Vi7p13+cnrxjXbfJiTimGSFR97xCaQwkkvWcreLns=",
"zh:185a5259153eb9ee4699d4be43b3d509386b473683392034319beee97d470c3b",
"zh:2d9a0a01f93e8d16539d835c02b8b6e1927b7685f4076e96cb07f7dd6944bc6c",
"zh:703f6da36b1b5f3497baa38fccaa7765fb8a2b6440344e4c97172516b49437dd",
"zh:770855565462abadbbddd98cb357d2f1a8f30f68a358cb37cbd5c072cb15b377",
"zh:8008db43149fe4345301f81e15e6d9ddb47aa5e7a31648f9b290af96ad86e92a",
"zh:8cdd27d375da6dcb7687f1fed126b7c04efce1671066802ee876dbbc9c66ec79",
"zh:be22ae185005690d1a017c1b909e0d80ab567e239b4f06ecacdba85080667c1c",
"zh:d2d02e72dbd80f607636cd6237a6c862897caabc635c7b50c0cb243d11246723",
"zh:d8f125b66a1eda2555c0f9bbdf12036a5f8d073499a22ca9e4812b68067fea31",
"zh:f5a98024c64d5d2973ff15b093725a074c0cb4afde07ef32c542e69f17ac90bc",
]
}

View File

@ -0,0 +1,26 @@
provider "aws" {
region = "us-east-1"
}
terraform {
required_providers {
aws = "3.19.0"
}
}
resource "aws_default_vpc" "default" {
tags = {
Name = "Default VPC"
}
}
resource "aws_vpc" "vpc1" {
cidr_block = "10.0.0.0/16"
}
resource "aws_vpc" "vpc2" {
cidr_block = "10.1.0.0/16"
}
resource "aws_vpc" "vpc3" {
cidr_block = "10.2.0.0/16"
}

View File

@ -67,10 +67,10 @@ var refactoredResources = []string{
"aws_sns_topic", "aws_sns_topic",
"aws_sns_topic_policy", "aws_sns_topic_policy",
"aws_sns_topic_subscription", "aws_sns_topic_subscription",
// "aws_sqs_queue", "aws_sqs_queue",
// "aws_sqs_queue_policy", "aws_sqs_queue_policy",
// "aws_subnet", "aws_subnet",
// "aws_vpc", "aws_vpc",
"github_branch_protection", "github_branch_protection",
"github_membership", "github_membership",