From dad6bbff730d323d37528e251717ed71b8fd8064 Mon Sep 17 00:00:00 2001 From: Martin Guibert Date: Wed, 3 Feb 2021 14:18:17 +0100 Subject: [PATCH] fix doc, add aws permissions for sns topics --- doc/cmd/scan/supported_resources/aws.md | 10 ++++++++++ pkg/remote/aws/repository/sns_repository.go | 8 ++++---- pkg/remote/aws/repository/sns_repository_test.go | 4 ++-- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/doc/cmd/scan/supported_resources/aws.md b/doc/cmd/scan/supported_resources/aws.md index 291f2403..ec6ff8bc 100644 --- a/doc/cmd/scan/supported_resources/aws.md +++ b/doc/cmd/scan/supported_resources/aws.md @@ -130,6 +130,9 @@ As AWS documentation recommends, the below policy is granting only the permissio "sqs:GetQueueAttributes", "sqs:ListQueueTags", "sqs:ListQueues" + "sns:ListTopics", + "sns:GetTopicAttributes", + "sns:ListTagsForResource" ] } ] @@ -245,3 +248,10 @@ As AWS documentation recommends, the below policy is granting only the permissio - [x] aws_sqs_queue - [x] aws_sqs_queue_policy + +## SNS +- [x] aws_sns_topic +- [ ] aws_sns_topic_policy +- [ ] aws_sns_topic_subscription +- [ ] aws_sns_platform_application +- [ ] aws_sns_sms_preferences diff --git a/pkg/remote/aws/repository/sns_repository.go b/pkg/remote/aws/repository/sns_repository.go index ede6b1e0..4e6392fb 100644 --- a/pkg/remote/aws/repository/sns_repository.go +++ b/pkg/remote/aws/repository/sns_repository.go @@ -10,17 +10,17 @@ type SNSRepository interface { ListAllTopics() ([]*sns.Topic, error) } -type snsRepositoryImpl struct { +type snsRepository struct { client snsiface.SNSAPI } -func NewSNSClient(session *session.Session) *snsRepositoryImpl { - return &snsRepositoryImpl{ +func NewSNSClient(session *session.Session) *snsRepository { + return &snsRepository{ sns.New(session), } } -func (r *snsRepositoryImpl) ListAllTopics() ([]*sns.Topic, error) { +func (r *snsRepository) ListAllTopics() ([]*sns.Topic, error) { var topics []*sns.Topic input := &sns.ListTopicsInput{} err := r.client.ListTopicsPages(input, func(res *sns.ListTopicsOutput, lastPage bool) bool { diff --git a/pkg/remote/aws/repository/sns_repository_test.go b/pkg/remote/aws/repository/sns_repository_test.go index 87145cda..762b622e 100644 --- a/pkg/remote/aws/repository/sns_repository_test.go +++ b/pkg/remote/aws/repository/sns_repository_test.go @@ -15,7 +15,7 @@ import ( "github.com/aws/aws-sdk-go/service/sns" ) -func Test_snsRepositoryImpl_ListAllTopics(t *testing.T) { +func Test_snsRepository_ListAllTopics(t *testing.T) { tests := []struct { name string @@ -60,7 +60,7 @@ func Test_snsRepositoryImpl_ListAllTopics(t *testing.T) { t.Run(tt.name, func(t *testing.T) { client := &mocks.SNSClient{} tt.mocks(client) - r := &snsRepositoryImpl{ + r := &snsRepository{ client: client, } got, err := r.ListAllTopics()