Merge pull request #25 from cloudskiff/add_default_vpc

Add VPC support

doc/cmd/scan/supported_resources/aws.md

@@ -168,5 +168,7 @@ As AWS documentation recommends, the below policy is granting only the permissio
 
 ## VPC
 
+- [x]  aws_default_vpc
+- [x]  aws_vpc
 - [x]  aws_security_group
 - [x]  aws_security_group_rule

pkg/driftctl.go

@@ -37,6 +37,7 @@ func (d DriftCTL) Run() *analyser.Analysis {
 		middlewares.NewVPCSecurityGroupRuleSanitizer(),
 		middlewares.NewIamPolicyAttachmentSanitizer(),
 		middlewares.AwsInstanceEIP{},
+		middlewares.NewAwsDefaultVPC(),
 	)
 
 	logrus.Debug("Ready to run middlewares")

pkg/iac/deserializers.go

@@ -36,5 +36,7 @@ func Deserializers() []deserializer.CTYDeserializer {
 		awsdeserializer.NewIamRolePolicyDeserializer(),
 		awsdeserializer.NewIamRolePolicyAttachmentDeserializer(),
 		awsdeserializer.NewVPCSecurityGroupRuleDeserializer(),
+		awsdeserializer.NewDefaultVPCDeserializer(),
+		awsdeserializer.NewVPCDeserializer(),
 	}
 }

pkg/middlewares/aws_default_vpc.go

@@ -0,0 +1,53 @@
+package middlewares
+
+import (
+	"github.com/cloudskiff/driftctl/pkg/resource"
+	"github.com/cloudskiff/driftctl/pkg/resource/aws"
+	"github.com/sirupsen/logrus"
+)
+
+// Default VPC should not be shown as unmanaged as they are present by default
+// This middleware ignores default VPC from unmanaged resources of they are not managed  IaC
+type AwsDefaultVPC struct{}
+
+func NewAwsDefaultVPC() AwsDefaultVPC {
+	return AwsDefaultVPC{}
+}
+
+func (m AwsDefaultVPC) Execute(remoteResources, resourcesFromState *[]resource.Resource) error {
+
+	newRemoteResources := make([]resource.Resource, 0)
+
+	for _, remoteResource := range *remoteResources {
+		existInState := false
+
+		// Ignore all resources other than default VPC
+		if remoteResource.TerraformType() != aws.AwsDefaultVpcResourceType {
+			newRemoteResources = append(newRemoteResources, remoteResource)
+			continue
+		}
+
+		for _, stateResource := range *resourcesFromState {
+			if resource.IsSameResource(remoteResource, stateResource) {
+				existInState = true
+				break
+			}
+		}
+
+		if existInState {
+			newRemoteResources = append(newRemoteResources, remoteResource)
+		}
+
+		if !existInState {
+			logrus.WithFields(logrus.Fields{
+				"id":   remoteResource.TerraformId(),
+				"type": remoteResource.TerraformType(),
+			}).Debug("Ignoring default VPC as it is not managed by IaC")
+		}
+
+	}
+
+	*remoteResources = newRemoteResources
+
+	return nil
+}

pkg/middlewares/default_vpc_test.go

@@ -0,0 +1,51 @@
+package middlewares
+
+import (
+	"testing"
+
+	"github.com/cloudskiff/driftctl/pkg/resource/aws"
+
+	"github.com/cloudskiff/driftctl/pkg/resource"
+)
+
+func TestAwsDefaultVPCShouldBeIgnored(t *testing.T) {
+	middleware := NewAwsDefaultVPC()
+	remoteResources := []resource.Resource{
+		&aws.AwsDefaultVpc{
+			Id: "foobar",
+		},
+	}
+	stateResources := []resource.Resource{}
+	err := middleware.Execute(&remoteResources, &stateResources)
+
+	if err != nil {
+		t.Error(err)
+	}
+
+	if len(remoteResources) != 0 {
+		t.Error("Default VPC was not ignored")
+	}
+}
+
+func TestAwsDefaultVPCShouldNotBeIgnoredWhenManaged(t *testing.T) {
+	middleware := NewAwsDefaultVPC()
+	remoteResources := []resource.Resource{
+		&aws.AwsDefaultVpc{
+			Id: "foobar",
+		},
+	}
+	stateResources := []resource.Resource{
+		&aws.AwsDefaultVpc{
+			Id: "foobar",
+		},
+	}
+	err := middleware.Execute(&remoteResources, &stateResources)
+
+	if err != nil {
+		t.Error(err)
+	}
+
+	if len(remoteResources) != 1 {
+		t.Error("Default VPC was ignored")
+	}
+}

pkg/remote/aws/init.go

@@ -55,6 +55,7 @@ func Init() error {
 	resource.AddSupplier(NewIamRolePolicySupplier(provider.Runner().SubRunner(), iam.New(provider.session)))
 	resource.AddSupplier(NewIamRolePolicyAttachmentSupplier(provider.Runner().SubRunner(), iam.New(provider.session)))
 	resource.AddSupplier(NewVPCSecurityGroupRuleSupplier(provider.Runner().SubRunner(), ec2.New(provider.session)))
+	resource.AddSupplier(NewVPCSupplier(provider.Runner(), ec2.New(provider.session)))
 
 	return nil
 }

pkg/remote/aws/test/vpc/aws_default_vpc-vpc-a8c5d4c1.res.golden.json

@@ -0,0 +1,5 @@
+{
+ "Typ": "WyJvYmplY3QiLHsiYXJuIjoic3RyaW5nIiwiYXNzaWduX2dlbmVyYXRlZF9pcHY2X2NpZHJfYmxvY2siOiJib29sIiwiY2lkcl9ibG9jayI6InN0cmluZyIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJzdHJpbmciLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InN0cmluZyIsImRoY3Bfb3B0aW9uc19pZCI6InN0cmluZyIsImVuYWJsZV9jbGFzc2ljbGluayI6ImJvb2wiLCJlbmFibGVfY2xhc3NpY2xpbmtfZG5zX3N1cHBvcnQiOiJib29sIiwiZW5hYmxlX2Ruc19ob3N0bmFtZXMiOiJib29sIiwiZW5hYmxlX2Ruc19zdXBwb3J0IjoiYm9vbCIsImlkIjoic3RyaW5nIiwiaW5zdGFuY2VfdGVuYW5jeSI6InN0cmluZyIsImlwdjZfYXNzb2NpYXRpb25faWQiOiJzdHJpbmciLCJpcHY2X2NpZHJfYmxvY2siOiJzdHJpbmciLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwib3duZXJfaWQiOiJzdHJpbmciLCJ0YWdzIjpbIm1hcCIsInN0cmluZyJdfV0=",
+ "Val": "eyJhcm4iOiJhcm46YXdzOmVjMjpldS13ZXN0LTM6OTI5MzI3MDY1MzMzOnZwYy92cGMtYThjNWQ0YzEiLCJhc3NpZ25fZ2VuZXJhdGVkX2lwdjZfY2lkcl9ibG9jayI6ZmFsc2UsImNpZHJfYmxvY2siOiIxNzIuMzEuMC4wLzE2IiwiZGVmYXVsdF9uZXR3b3JrX2FjbF9pZCI6ImFjbC0zZDQzNTk1NCIsImRlZmF1bHRfcm91dGVfdGFibGVfaWQiOiJydGItYjBiYTViZDgiLCJkZWZhdWx0X3NlY3VyaXR5X2dyb3VwX2lkIjoic2ctYTc0ODE1YzgiLCJkaGNwX29wdGlvbnNfaWQiOiJkb3B0LTliZWNmMmYyIiwiZW5hYmxlX2NsYXNzaWNsaW5rIjpudWxsLCJlbmFibGVfY2xhc3NpY2xpbmtfZG5zX3N1cHBvcnQiOm51bGwsImVuYWJsZV9kbnNfaG9zdG5hbWVzIjp0cnVlLCJlbmFibGVfZG5zX3N1cHBvcnQiOnRydWUsImlkIjoidnBjLWE4YzVkNGMxIiwiaW5zdGFuY2VfdGVuYW5jeSI6ImRlZmF1bHQiLCJpcHY2X2Fzc29jaWF0aW9uX2lkIjoiIiwiaXB2Nl9jaWRyX2Jsb2NrIjoiIiwibWFpbl9yb3V0ZV90YWJsZV9pZCI6InJ0Yi1iMGJhNWJkOCIsIm93bmVyX2lkIjoiOTI5MzI3MDY1MzMzIiwidGFncyI6eyJOYW1lIjoiRGVmYXVsdCBWUEMifX0=",
+ "Err": null
+}

pkg/remote/aws/test/vpc/aws_vpc-vpc-020b072316a95b97f.res.golden.json

@@ -0,0 +1,5 @@
+{
+ "Typ": "WyJvYmplY3QiLHsiYXJuIjoic3RyaW5nIiwiYXNzaWduX2dlbmVyYXRlZF9pcHY2X2NpZHJfYmxvY2siOiJib29sIiwiY2lkcl9ibG9jayI6InN0cmluZyIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJzdHJpbmciLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InN0cmluZyIsImRoY3Bfb3B0aW9uc19pZCI6InN0cmluZyIsImVuYWJsZV9jbGFzc2ljbGluayI6ImJvb2wiLCJlbmFibGVfY2xhc3NpY2xpbmtfZG5zX3N1cHBvcnQiOiJib29sIiwiZW5hYmxlX2Ruc19ob3N0bmFtZXMiOiJib29sIiwiZW5hYmxlX2Ruc19zdXBwb3J0IjoiYm9vbCIsImlkIjoic3RyaW5nIiwiaW5zdGFuY2VfdGVuYW5jeSI6InN0cmluZyIsImlwdjZfYXNzb2NpYXRpb25faWQiOiJzdHJpbmciLCJpcHY2X2NpZHJfYmxvY2siOiJzdHJpbmciLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwib3duZXJfaWQiOiJzdHJpbmciLCJ0YWdzIjpbIm1hcCIsInN0cmluZyJdfV0=",
+ "Val": "eyJhcm4iOiJhcm46YXdzOmVjMjpldS13ZXN0LTM6OTI5MzI3MDY1MzMzOnZwYy92cGMtMDIwYjA3MjMxNmE5NWI5N2YiLCJhc3NpZ25fZ2VuZXJhdGVkX2lwdjZfY2lkcl9ibG9jayI6ZmFsc2UsImNpZHJfYmxvY2siOiIxMC4yLjAuMC8xNiIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJhY2wtMGZmNWQxNzVhMWFhOGY1MWEiLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoicnRiLTA0ZDQyZTNjYjFlYzRmNTAwIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InNnLTA0ODIzMGM1MTllMGMyMzQ1IiwiZGhjcF9vcHRpb25zX2lkIjoiZG9wdC05YmVjZjJmMiIsImVuYWJsZV9jbGFzc2ljbGluayI6bnVsbCwiZW5hYmxlX2NsYXNzaWNsaW5rX2Ruc19zdXBwb3J0IjpudWxsLCJlbmFibGVfZG5zX2hvc3RuYW1lcyI6ZmFsc2UsImVuYWJsZV9kbnNfc3VwcG9ydCI6dHJ1ZSwiaWQiOiJ2cGMtMDIwYjA3MjMxNmE5NWI5N2YiLCJpbnN0YW5jZV90ZW5hbmN5IjoiZGVmYXVsdCIsImlwdjZfYXNzb2NpYXRpb25faWQiOiIiLCJpcHY2X2NpZHJfYmxvY2siOiIiLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoicnRiLTA0ZDQyZTNjYjFlYzRmNTAwIiwib3duZXJfaWQiOiI5MjkzMjcwNjUzMzMiLCJ0YWdzIjp7fX0=",
+ "Err": null
+}

pkg/remote/aws/test/vpc/aws_vpc-vpc-02c50896b59598761.res.golden.json

@@ -0,0 +1,5 @@
+{
+ "Typ": "WyJvYmplY3QiLHsiYXJuIjoic3RyaW5nIiwiYXNzaWduX2dlbmVyYXRlZF9pcHY2X2NpZHJfYmxvY2siOiJib29sIiwiY2lkcl9ibG9jayI6InN0cmluZyIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJzdHJpbmciLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InN0cmluZyIsImRoY3Bfb3B0aW9uc19pZCI6InN0cmluZyIsImVuYWJsZV9jbGFzc2ljbGluayI6ImJvb2wiLCJlbmFibGVfY2xhc3NpY2xpbmtfZG5zX3N1cHBvcnQiOiJib29sIiwiZW5hYmxlX2Ruc19ob3N0bmFtZXMiOiJib29sIiwiZW5hYmxlX2Ruc19zdXBwb3J0IjoiYm9vbCIsImlkIjoic3RyaW5nIiwiaW5zdGFuY2VfdGVuYW5jeSI6InN0cmluZyIsImlwdjZfYXNzb2NpYXRpb25faWQiOiJzdHJpbmciLCJpcHY2X2NpZHJfYmxvY2siOiJzdHJpbmciLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwib3duZXJfaWQiOiJzdHJpbmciLCJ0YWdzIjpbIm1hcCIsInN0cmluZyJdfV0=",
+ "Val": "eyJhcm4iOiJhcm46YXdzOmVjMjpldS13ZXN0LTM6OTI5MzI3MDY1MzMzOnZwYy92cGMtMDJjNTA4OTZiNTk1OTg3NjEiLCJhc3NpZ25fZ2VuZXJhdGVkX2lwdjZfY2lkcl9ibG9jayI6ZmFsc2UsImNpZHJfYmxvY2siOiIxMC4wLjAuMC8xNiIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJhY2wtMGFjZDY2YjE0NWY2ZjIxMDIiLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoicnRiLTBiYmQ5NWM0MTMzMjNlOTBhIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InNnLTAzOGUwOGJkZDg5MmNjYWUxIiwiZGhjcF9vcHRpb25zX2lkIjoiZG9wdC05YmVjZjJmMiIsImVuYWJsZV9jbGFzc2ljbGluayI6bnVsbCwiZW5hYmxlX2NsYXNzaWNsaW5rX2Ruc19zdXBwb3J0IjpudWxsLCJlbmFibGVfZG5zX2hvc3RuYW1lcyI6ZmFsc2UsImVuYWJsZV9kbnNfc3VwcG9ydCI6dHJ1ZSwiaWQiOiJ2cGMtMDJjNTA4OTZiNTk1OTg3NjEiLCJpbnN0YW5jZV90ZW5hbmN5IjoiZGVmYXVsdCIsImlwdjZfYXNzb2NpYXRpb25faWQiOiIiLCJpcHY2X2NpZHJfYmxvY2siOiIiLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoicnRiLTBiYmQ5NWM0MTMzMjNlOTBhIiwib3duZXJfaWQiOiI5MjkzMjcwNjUzMzMiLCJ0YWdzIjp7fX0=",
+ "Err": null
+}

pkg/remote/aws/test/vpc/aws_vpc-vpc-0768e1fd0029e3fc3.res.golden.json

@@ -0,0 +1,5 @@
+{
+ "Typ": "WyJvYmplY3QiLHsiYXJuIjoic3RyaW5nIiwiYXNzaWduX2dlbmVyYXRlZF9pcHY2X2NpZHJfYmxvY2siOiJib29sIiwiY2lkcl9ibG9jayI6InN0cmluZyIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJzdHJpbmciLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InN0cmluZyIsImRoY3Bfb3B0aW9uc19pZCI6InN0cmluZyIsImVuYWJsZV9jbGFzc2ljbGluayI6ImJvb2wiLCJlbmFibGVfY2xhc3NpY2xpbmtfZG5zX3N1cHBvcnQiOiJib29sIiwiZW5hYmxlX2Ruc19ob3N0bmFtZXMiOiJib29sIiwiZW5hYmxlX2Ruc19zdXBwb3J0IjoiYm9vbCIsImlkIjoic3RyaW5nIiwiaW5zdGFuY2VfdGVuYW5jeSI6InN0cmluZyIsImlwdjZfYXNzb2NpYXRpb25faWQiOiJzdHJpbmciLCJpcHY2X2NpZHJfYmxvY2siOiJzdHJpbmciLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoic3RyaW5nIiwib3duZXJfaWQiOiJzdHJpbmciLCJ0YWdzIjpbIm1hcCIsInN0cmluZyJdfV0=",
+ "Val": "eyJhcm4iOiJhcm46YXdzOmVjMjpldS13ZXN0LTM6OTI5MzI3MDY1MzMzOnZwYy92cGMtMDc2OGUxZmQwMDI5ZTNmYzMiLCJhc3NpZ25fZ2VuZXJhdGVkX2lwdjZfY2lkcl9ibG9jayI6ZmFsc2UsImNpZHJfYmxvY2siOiIxMC4xLjAuMC8xNiIsImRlZmF1bHRfbmV0d29ya19hY2xfaWQiOiJhY2wtMGQxNzk2NGQ2MzNiYWY0YjMiLCJkZWZhdWx0X3JvdXRlX3RhYmxlX2lkIjoicnRiLTA1ZWYxMDMwYzE1YTA1MjdjIiwiZGVmYXVsdF9zZWN1cml0eV9ncm91cF9pZCI6InNnLTAwOTE0ZWRlZmMzYmY4YmM1IiwiZGhjcF9vcHRpb25zX2lkIjoiZG9wdC05YmVjZjJmMiIsImVuYWJsZV9jbGFzc2ljbGluayI6bnVsbCwiZW5hYmxlX2NsYXNzaWNsaW5rX2Ruc19zdXBwb3J0IjpudWxsLCJlbmFibGVfZG5zX2hvc3RuYW1lcyI6ZmFsc2UsImVuYWJsZV9kbnNfc3VwcG9ydCI6dHJ1ZSwiaWQiOiJ2cGMtMDc2OGUxZmQwMDI5ZTNmYzMiLCJpbnN0YW5jZV90ZW5hbmN5IjoiZGVmYXVsdCIsImlwdjZfYXNzb2NpYXRpb25faWQiOiIiLCJpcHY2X2NpZHJfYmxvY2siOiIiLCJtYWluX3JvdXRlX3RhYmxlX2lkIjoicnRiLTA1ZWYxMDMwYzE1YTA1MjdjIiwib3duZXJfaWQiOiI5MjkzMjcwNjUzMzMiLCJ0YWdzIjp7fX0=",
+ "Err": null
+}

pkg/remote/aws/test/vpc/results.aws_default_vpc.golden.json

@@ -0,0 +1,24 @@
+[
+ {
+  "arn": "arn:aws:ec2:eu-west-3:929327065333:vpc/vpc-a8c5d4c1",
+  "assign_generated_ipv6_cidr_block": false,
+  "cidr_block": "172.31.0.0/16",
+  "default_network_acl_id": "acl-3d435954",
+  "default_route_table_id": "rtb-b0ba5bd8",
+  "default_security_group_id": "sg-a74815c8",
+  "dhcp_options_id": "dopt-9becf2f2",
+  "enable_classiclink": null,
+  "enable_classiclink_dns_support": null,
+  "enable_dns_hostnames": true,
+  "enable_dns_support": true,
+  "id": "vpc-a8c5d4c1",
+  "instance_tenancy": "default",
+  "ipv6_association_id": "",
+  "ipv6_cidr_block": "",
+  "main_route_table_id": "rtb-b0ba5bd8",
+  "owner_id": "929327065333",
+  "tags": {
+   "Name": "Default VPC"
+  }
+ }
+]

pkg/remote/aws/test/vpc/results.aws_vpc.golden.json

@@ -0,0 +1,62 @@
+[
+ {
+  "arn": "arn:aws:ec2:eu-west-3:929327065333:vpc/vpc-02c50896b59598761",
+  "assign_generated_ipv6_cidr_block": false,
+  "cidr_block": "10.0.0.0/16",
+  "default_network_acl_id": "acl-0acd66b145f6f2102",
+  "default_route_table_id": "rtb-0bbd95c413323e90a",
+  "default_security_group_id": "sg-038e08bdd892ccae1",
+  "dhcp_options_id": "dopt-9becf2f2",
+  "enable_classiclink": null,
+  "enable_classiclink_dns_support": null,
+  "enable_dns_hostnames": false,
+  "enable_dns_support": true,
+  "id": "vpc-02c50896b59598761",
+  "instance_tenancy": "default",
+  "ipv6_association_id": "",
+  "ipv6_cidr_block": "",
+  "main_route_table_id": "rtb-0bbd95c413323e90a",
+  "owner_id": "929327065333",
+  "tags": {}
+ },
+ {
+  "arn": "arn:aws:ec2:eu-west-3:929327065333:vpc/vpc-0768e1fd0029e3fc3",
+  "assign_generated_ipv6_cidr_block": false,
+  "cidr_block": "10.1.0.0/16",
+  "default_network_acl_id": "acl-0d17964d633baf4b3",
+  "default_route_table_id": "rtb-05ef1030c15a0527c",
+  "default_security_group_id": "sg-00914edefc3bf8bc5",
+  "dhcp_options_id": "dopt-9becf2f2",
+  "enable_classiclink": null,
+  "enable_classiclink_dns_support": null,
+  "enable_dns_hostnames": false,
+  "enable_dns_support": true,
+  "id": "vpc-0768e1fd0029e3fc3",
+  "instance_tenancy": "default",
+  "ipv6_association_id": "",
+  "ipv6_cidr_block": "",
+  "main_route_table_id": "rtb-05ef1030c15a0527c",
+  "owner_id": "929327065333",
+  "tags": {}
+ },
+ {
+  "arn": "arn:aws:ec2:eu-west-3:929327065333:vpc/vpc-020b072316a95b97f",
+  "assign_generated_ipv6_cidr_block": false,
+  "cidr_block": "10.2.0.0/16",
+  "default_network_acl_id": "acl-0ff5d175a1aa8f51a",
+  "default_route_table_id": "rtb-04d42e3cb1ec4f500",
+  "default_security_group_id": "sg-048230c519e0c2345",
+  "dhcp_options_id": "dopt-9becf2f2",
+  "enable_classiclink": null,
+  "enable_classiclink_dns_support": null,
+  "enable_dns_hostnames": false,
+  "enable_dns_support": true,
+  "id": "vpc-020b072316a95b97f",
+  "instance_tenancy": "default",
+  "ipv6_association_id": "",
+  "ipv6_cidr_block": "",
+  "main_route_table_id": "rtb-04d42e3cb1ec4f500",
+  "owner_id": "929327065333",
+  "tags": {}
+ }
+]

pkg/remote/aws/test/vpc/terraform.tf

@@ -0,0 +1,26 @@
+provider "aws" {
+  region = "eu-west-3"
+}
+
+terraform {
+  required_providers {
+    aws = "3.19.0"
+  }
+}
+resource "aws_default_vpc" "default" {
+  tags = {
+    Name = "Default VPC"
+  }
+}
+
+resource "aws_vpc" "vpc1" {
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_vpc" "vpc2" {
+  cidr_block = "10.1.0.0/16"
+}
+
+resource "aws_vpc" "vpc3" {
+  cidr_block = "10.2.0.0/16"
+}

pkg/remote/aws/test/vpc_empty/results.aws_default_vpc.golden.json

@@ -0,0 +1 @@
+[]

pkg/remote/aws/test/vpc_empty/results.aws_vpc.golden.json

@@ -0,0 +1 @@
+[]

pkg/remote/aws/vpc_supplier.go

@@ -0,0 +1,115 @@
+package aws
+
+import (
+	"github.com/aws/aws-sdk-go/service/ec2"
+	"github.com/aws/aws-sdk-go/service/ec2/ec2iface"
+	"github.com/cloudskiff/driftctl/pkg"
+	"github.com/cloudskiff/driftctl/pkg/remote/deserializer"
+	"github.com/cloudskiff/driftctl/pkg/resource/aws"
+	awsdeserializer "github.com/cloudskiff/driftctl/pkg/resource/aws/deserializer"
+	"github.com/zclconf/go-cty/cty"
+
+	"github.com/cloudskiff/driftctl/pkg/resource"
+	"github.com/cloudskiff/driftctl/pkg/terraform"
+
+	"github.com/sirupsen/logrus"
+)
+
+type VPCSupplier struct {
+	reader                 terraform.ResourceReader
+	defaultVPCDeserializer deserializer.CTYDeserializer
+	VPCDeserializer        deserializer.CTYDeserializer
+	client                 ec2iface.EC2API
+	defaultVPCRunner       *terraform.ParallelResourceReader
+	VPCRunner              *terraform.ParallelResourceReader
+}
+
+func NewVPCSupplier(runner *pkg.ParallelRunner, client ec2iface.EC2API) *VPCSupplier {
+	return &VPCSupplier{
+		terraform.Provider(terraform.AWS),
+		awsdeserializer.NewDefaultVPCDeserializer(),
+		awsdeserializer.NewVPCDeserializer(),
+		client,
+		terraform.NewParallelResourceReader(runner.SubRunner()),
+		terraform.NewParallelResourceReader(runner.SubRunner()),
+	}
+}
+
+func (s VPCSupplier) Resources() ([]resource.Resource, error) {
+	input := ec2.DescribeVpcsInput{}
+	var VPCs []*ec2.Vpc
+	var defaultVPCs []*ec2.Vpc
+	err := s.client.DescribeVpcsPages(&input,
+		func(resp *ec2.DescribeVpcsOutput, lastPage bool) bool {
+			for _, vpc := range resp.Vpcs {
+				if vpc.IsDefault != nil && *vpc.IsDefault {
+					defaultVPCs = append(defaultVPCs, vpc)
+					continue
+				}
+				VPCs = append(VPCs, vpc)
+			}
+			return !lastPage
+		},
+	)
+
+	if err != nil {
+		logrus.Error(err)
+		return nil, err
+	}
+
+	for _, item := range VPCs {
+		res := *item
+		s.VPCRunner.Run(func() (cty.Value, error) {
+			return s.readVPC(res)
+		})
+	}
+
+	for _, item := range defaultVPCs {
+		res := *item
+		s.defaultVPCRunner.Run(func() (cty.Value, error) {
+			return s.readVPC(res)
+		})
+	}
+
+	// Retrieve results from terraform provider
+	defaultVPCResources, err := s.defaultVPCRunner.Wait()
+	if err != nil {
+		return nil, err
+	}
+	VPCResources, err := s.VPCRunner.Wait()
+	if err != nil {
+		return nil, err
+	}
+
+	// Deserialize
+	deserializedDefaultVPCs, err := s.defaultVPCDeserializer.Deserialize(defaultVPCResources)
+	if err != nil {
+		return nil, err
+	}
+	deserializedVPCs, err := s.VPCDeserializer.Deserialize(VPCResources)
+	if err != nil {
+		return nil, err
+	}
+
+	resources := make([]resource.Resource, 0, len(VPCResources)+len(deserializedDefaultVPCs))
+	resources = append(resources, deserializedDefaultVPCs...)
+	resources = append(resources, deserializedVPCs...)
+
+	return resources, nil
+}
+
+func (s VPCSupplier) readVPC(vpc ec2.Vpc) (cty.Value, error) {
+	var Ty resource.ResourceType = aws.AwsVpcResourceType
+	if vpc.IsDefault != nil && *vpc.IsDefault {
+		Ty = aws.AwsDefaultVpcResourceType
+	}
+	val, err := s.reader.ReadResource(terraform.ReadResourceArgs{
+		ID: *vpc.VpcId,
+		Ty: Ty,
+	})
+	if err != nil {
+		logrus.Error(err)
+		return cty.NilVal, err
+	}
+	return *val, nil
+}

pkg/remote/aws/vpc_supplier_test.go

@@ -0,0 +1,118 @@
+package aws
+
+import (
+	"context"
+	"testing"
+
+	"github.com/cloudskiff/driftctl/pkg/remote/deserializer"
+	awsdeserializer "github.com/cloudskiff/driftctl/pkg/resource/aws/deserializer"
+
+	"github.com/aws/aws-sdk-go/service/ec2"
+
+	"github.com/aws/aws-sdk-go/aws"
+
+	"github.com/cloudskiff/driftctl/test/goldenfile"
+	mocks2 "github.com/cloudskiff/driftctl/test/mocks"
+	"github.com/stretchr/testify/mock"
+
+	"github.com/cloudskiff/driftctl/mocks"
+
+	"github.com/cloudskiff/driftctl/pkg"
+	"github.com/cloudskiff/driftctl/pkg/resource"
+	"github.com/cloudskiff/driftctl/pkg/terraform"
+	"github.com/cloudskiff/driftctl/test"
+)
+
+func TestVPCSupplier_Resources(t *testing.T) {
+	cases := []struct {
+		test    string
+		dirName string
+		mocks   func(client *mocks.FakeEC2)
+		err     error
+	}{
+		{
+			test:    "no VPC",
+			dirName: "vpc_empty",
+			mocks: func(client *mocks.FakeEC2) {
+				client.On("DescribeVpcsPages",
+					&ec2.DescribeVpcsInput{},
+					mock.MatchedBy(func(callback func(res *ec2.DescribeVpcsOutput, lastPage bool) bool) bool {
+						callback(&ec2.DescribeVpcsOutput{}, true)
+						return true
+					})).Return(nil)
+			},
+			err: nil,
+		},
+		{
+			test:    "mixed default VPC and VPC",
+			dirName: "vpc",
+			mocks: func(client *mocks.FakeEC2) {
+				client.On("DescribeVpcsPages",
+					&ec2.DescribeVpcsInput{},
+					mock.MatchedBy(func(callback func(res *ec2.DescribeVpcsOutput, lastPage bool) bool) bool {
+						callback(&ec2.DescribeVpcsOutput{
+							Vpcs: []*ec2.Vpc{
+								{
+									VpcId:     aws.String("vpc-a8c5d4c1"),
+									IsDefault: aws.Bool(true),
+								},
+								{
+									VpcId: aws.String("vpc-0768e1fd0029e3fc3"),
+								},
+								{
+									VpcId:     aws.String("vpc-020b072316a95b97f"),
+									IsDefault: aws.Bool(false),
+								},
+							},
+						}, false)
+						callback(&ec2.DescribeVpcsOutput{
+							Vpcs: []*ec2.Vpc{
+								{
+									VpcId:     aws.String("vpc-02c50896b59598761"),
+									IsDefault: aws.Bool(false),
+								},
+							},
+						}, true)
+						return true
+					})).Return(nil)
+			},
+			err: nil,
+		},
+	}
+	for _, c := range cases {
+		shouldUpdate := c.dirName == *goldenfile.Update
+		if shouldUpdate {
+			provider, err := NewTerraFormProvider()
+			if err != nil {
+				t.Fatal(err)
+			}
+
+			terraform.AddProvider(terraform.AWS, provider)
+			resource.AddSupplier(NewVPCSupplier(provider.Runner(), ec2.New(provider.session)))
+		}
+
+		t.Run(c.test, func(tt *testing.T) {
+			fakeEC2 := mocks.FakeEC2{}
+			c.mocks(&fakeEC2)
+			provider := mocks2.NewMockedGoldenTFProvider(c.dirName, terraform.Provider(terraform.AWS), shouldUpdate)
+			VPCDeserializer := awsdeserializer.NewVPCDeserializer()
+			defaultVPCDeserializer := awsdeserializer.NewDefaultVPCDeserializer()
+			s := &VPCSupplier{
+				provider,
+				defaultVPCDeserializer,
+				VPCDeserializer,
+				&fakeEC2,
+				terraform.NewParallelResourceReader(pkg.NewParallelRunner(context.TODO(), 10)),
+				terraform.NewParallelResourceReader(pkg.NewParallelRunner(context.TODO(), 10)),
+			}
+			got, err := s.Resources()
+			if c.err != err {
+				tt.Errorf("Expected error %+v got %+v", c.err, err)
+			}
+
+			mock.AssertExpectationsForObjects(tt)
+			deserializers := []deserializer.CTYDeserializer{VPCDeserializer, defaultVPCDeserializer}
+			test.CtyTestDiffMixed(got, c.dirName, provider, deserializers, shouldUpdate, tt)
+		})
+	}
+}

pkg/resource/aws/aws_default_vpc.go

@@ -0,0 +1,33 @@
+// GENERATED, DO NOT EDIT THIS FILE
+package aws
+
+const AwsDefaultVpcResourceType = "aws_default_vpc"
+
+type AwsDefaultVpc struct {
+	Arn                          *string           `cty:"arn" computed:"true"`
+	AssignGeneratedIpv6CidrBlock *bool             `cty:"assign_generated_ipv6_cidr_block" computed:"true"`
+	CidrBlock                    *string           `cty:"cidr_block" computed:"true"`
+	DefaultNetworkAclId          *string           `cty:"default_network_acl_id" computed:"true"`
+	DefaultRouteTableId          *string           `cty:"default_route_table_id" computed:"true"`
+	DefaultSecurityGroupId       *string           `cty:"default_security_group_id" computed:"true"`
+	DhcpOptionsId                *string           `cty:"dhcp_options_id" computed:"true"`
+	EnableClassiclink            *bool             `cty:"enable_classiclink" computed:"true"`
+	EnableClassiclinkDnsSupport  *bool             `cty:"enable_classiclink_dns_support" computed:"true"`
+	EnableDnsHostnames           *bool             `cty:"enable_dns_hostnames" computed:"true"`
+	EnableDnsSupport             *bool             `cty:"enable_dns_support"`
+	Id                           string            `cty:"id" computed:"true"`
+	InstanceTenancy              *string           `cty:"instance_tenancy" computed:"true"`
+	Ipv6AssociationId            *string           `cty:"ipv6_association_id" computed:"true"`
+	Ipv6CidrBlock                *string           `cty:"ipv6_cidr_block" computed:"true"`
+	MainRouteTableId             *string           `cty:"main_route_table_id" computed:"true"`
+	OwnerId                      *string           `cty:"owner_id" computed:"true"`
+	Tags                         map[string]string `cty:"tags"`
+}
+
+func (r *AwsDefaultVpc) TerraformId() string {
+	return r.Id
+}
+
+func (r *AwsDefaultVpc) TerraformType() string {
+	return AwsDefaultVpcResourceType
+}

pkg/resource/aws/aws_vpc.go

@@ -0,0 +1,33 @@
+// GENERATED, DO NOT EDIT THIS FILE
+package aws
+
+const AwsVpcResourceType = "aws_vpc"
+
+type AwsVpc struct {
+	Arn                          *string           `cty:"arn" computed:"true"`
+	AssignGeneratedIpv6CidrBlock *bool             `cty:"assign_generated_ipv6_cidr_block"`
+	CidrBlock                    *string           `cty:"cidr_block"`
+	DefaultNetworkAclId          *string           `cty:"default_network_acl_id" computed:"true"`
+	DefaultRouteTableId          *string           `cty:"default_route_table_id" computed:"true"`
+	DefaultSecurityGroupId       *string           `cty:"default_security_group_id" computed:"true"`
+	DhcpOptionsId                *string           `cty:"dhcp_options_id" computed:"true"`
+	EnableClassiclink            *bool             `cty:"enable_classiclink" computed:"true"`
+	EnableClassiclinkDnsSupport  *bool             `cty:"enable_classiclink_dns_support" computed:"true"`
+	EnableDnsHostnames           *bool             `cty:"enable_dns_hostnames" computed:"true"`
+	EnableDnsSupport             *bool             `cty:"enable_dns_support"`
+	Id                           string            `cty:"id" computed:"true"`
+	InstanceTenancy              *string           `cty:"instance_tenancy"`
+	Ipv6AssociationId            *string           `cty:"ipv6_association_id" computed:"true"`
+	Ipv6CidrBlock                *string           `cty:"ipv6_cidr_block" computed:"true"`
+	MainRouteTableId             *string           `cty:"main_route_table_id" computed:"true"`
+	OwnerId                      *string           `cty:"owner_id" computed:"true"`
+	Tags                         map[string]string `cty:"tags"`
+}
+
+func (r *AwsVpc) TerraformId() string {
+	return r.Id
+}
+
+func (r *AwsVpc) TerraformType() string {
+	return AwsVpcResourceType
+}

pkg/resource/aws/deserializer/default_vpc_deserializer.go

@@ -0,0 +1,43 @@
+package deserializer
+
+import (
+	"github.com/cloudskiff/driftctl/pkg/resource"
+	resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws"
+
+	"github.com/sirupsen/logrus"
+
+	"github.com/zclconf/go-cty/cty"
+	"github.com/zclconf/go-cty/cty/gocty"
+)
+
+type DefaultVPCDeserializer struct {
+}
+
+func NewDefaultVPCDeserializer() *DefaultVPCDeserializer {
+	return &DefaultVPCDeserializer{}
+}
+
+func (s *DefaultVPCDeserializer) HandledType() resource.ResourceType {
+	return resourceaws.AwsDefaultVpcResourceType
+}
+
+func (s DefaultVPCDeserializer) Deserialize(rawList []cty.Value) ([]resource.Resource, error) {
+	resources := make([]resource.Resource, 0)
+	for _, rawResource := range rawList {
+		resource, err := decodeDefaultVPC(&rawResource)
+		if err != nil {
+			logrus.Warnf("Error when deserializing resource %+v : %+v", rawResource, err)
+			return nil, err
+		}
+		resources = append(resources, resource)
+	}
+	return resources, nil
+}
+
+func decodeDefaultVPC(raw *cty.Value) (*resourceaws.AwsDefaultVpc, error) {
+	var decoded resourceaws.AwsDefaultVpc
+	if err := gocty.FromCtyValue(*raw, &decoded); err != nil {
+		return nil, err
+	}
+	return &decoded, nil
+}

pkg/resource/aws/deserializer/vpc_deserializer.go

@@ -0,0 +1,43 @@
+package deserializer
+
+import (
+	"github.com/cloudskiff/driftctl/pkg/resource"
+	resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws"
+
+	"github.com/sirupsen/logrus"
+
+	"github.com/zclconf/go-cty/cty"
+	"github.com/zclconf/go-cty/cty/gocty"
+)
+
+type VPCDeserializer struct {
+}
+
+func NewVPCDeserializer() *VPCDeserializer {
+	return &VPCDeserializer{}
+}
+
+func (s *VPCDeserializer) HandledType() resource.ResourceType {
+	return resourceaws.AwsVpcResourceType
+}
+
+func (s VPCDeserializer) Deserialize(rawList []cty.Value) ([]resource.Resource, error) {
+	resources := make([]resource.Resource, 0)
+	for _, rawResource := range rawList {
+		resource, err := decodeVPC(&rawResource)
+		if err != nil {
+			logrus.Warnf("Error when deserializing resource %+v : %+v", rawResource, err)
+			return nil, err
+		}
+		resources = append(resources, resource)
+	}
+	return resources, nil
+}
+
+func decodeVPC(raw *cty.Value) (*resourceaws.AwsVpc, error) {
+	var decoded resourceaws.AwsVpc
+	if err := gocty.FromCtyValue(*raw, &decoded); err != nil {
+		return nil, err
+	}
+	return &decoded, nil
+}

test/cty_test_diff.go

@@ -1,6 +1,7 @@
 package test
 
 import (
+	"fmt"
 	"strings"
 	"testing"
 
@@ -19,11 +20,25 @@ import (
 	"github.com/zclconf/go-cty/cty/gocty"
 )
 
-func CtyTestDiff(got []resource.Resource, dirName string, provider terraform.TerraformProvider, deserializer deserializer.CTYDeserializer, shouldUpdate bool, t *testing.T) {
+func doTestDiff(got []resource.Resource, dirName string, provider terraform.TerraformProvider, deserializers []deserializer.CTYDeserializer, shouldUpdate bool) (diff.Changelog, error) {
+
+	expectedResources := []resource.Resource{}
+	for _, deserializer := range deserializers {
+		ty := deserializer.HandledType().String()
+
+		resList := []resource.Resource{}
+		for _, res := range got {
+			if res.TerraformType() == ty {
+				resList = append(resList, res)
+			}
+		}
 		resGoldenName := "results.golden.json"
-	ctyType := cty.List(provider.Schema()[deserializer.HandledType().String()].Block.ImpliedType())
+		if len(deserializers) > 1 {
+			resGoldenName = fmt.Sprintf("results.%s.golden.json", ty)
+		}
+		ctyType := cty.List(provider.Schema()[ty].Block.ImpliedType())
 		if shouldUpdate {
-		ctVal, err := gocty.ToCtyValue(got, ctyType)
+			ctVal, err := gocty.ToCtyValue(resList, ctyType)
 			if err != nil {
 				panic(err)
 			}
@@ -38,12 +53,23 @@ func CtyTestDiff(got []resource.Resource, dirName string, provider terraform.Ter
 		if err != nil {
 			panic(err)
 		}
-	expectedResources, err := deserializer.Deserialize(decodedJson.AsValueSlice())
+		decodedResources, err := deserializer.Deserialize(decodedJson.AsValueSlice())
 		if err != nil {
 			panic(err)
 		}
+		expectedResources = append(expectedResources, decodedResources...)
+	}
 
-	changelog, err := diff.Diff(got, expectedResources)
+	return diff.Diff(got, expectedResources)
+}
+
+func CtyTestDiff(got []resource.Resource, dirName string, provider terraform.TerraformProvider, d deserializer.CTYDeserializer, shouldUpdate bool, t *testing.T) {
+	deserializers := []deserializer.CTYDeserializer{d}
+	CtyTestDiffMixed(got, dirName, provider, deserializers, shouldUpdate, t)
+}
+
+func CtyTestDiffMixed(got []resource.Resource, dirName string, provider terraform.TerraformProvider, deserializers []deserializer.CTYDeserializer, shouldUpdate bool, t *testing.T) {
+	changelog, err := doTestDiff(got, dirName, provider, deserializers, shouldUpdate)
 	if err != nil {
 		panic(err)
 	}