Merge pull request #882 from cloudskiff/fix/accessDeniedExceptions

Handle access denied exceptions on resource details fetching
main
Raphaël 2021-08-02 15:35:50 +02:00 committed by GitHub
commit dcc67c80a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
83 changed files with 312 additions and 146 deletions

View File

@ -104,7 +104,7 @@ func (c *Console) Write(analysis *analyser.Analysis) error {
for _, alerts := range analysis.Alerts() { for _, alerts := range analysis.Alerts() {
for _, alert := range alerts { for _, alert := range alerts {
fmt.Println(color.YellowString(alert.Message())) fmt.Println(color.YellowString(alert.Message()))
if alert, ok := alert.(*remote.EnumerationAccessDeniedAlert); ok && enumerationErrorMessage == "" { if alert, ok := alert.(*remote.RemoteAccessDeniedAlert); ok && enumerationErrorMessage == "" {
enumerationErrorMessage = alert.GetProviderMessage() enumerationErrorMessage = alert.GetProviderMessage()
} }
} }

View File

@ -85,9 +85,9 @@ func fakeAnalysisWithAlerts() *analyser.Analysis {
a := fakeAnalysis() a := fakeAnalysis()
a.SetAlerts(alerter.Alerts{ a.SetAlerts(alerter.Alerts{
"": []alerter.Alert{ "": []alerter.Alert{
remote.NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc"), remote.NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", remote.EnumerationPhase),
remote.NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sqs", "aws_sqs"), remote.NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sqs", "aws_sqs", remote.EnumerationPhase),
remote.NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sns", "aws_sns"), remote.NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sns", "aws_sns", remote.EnumerationPhase),
}, },
}) })
a.ProviderVersion = "3.19.0" a.ProviderVersion = "3.19.0"
@ -318,9 +318,9 @@ func fakeAnalysisWithAWSEnumerationError() *analyser.Analysis {
a := analyser.Analysis{} a := analyser.Analysis{}
a.SetAlerts(alerter.Alerts{ a.SetAlerts(alerter.Alerts{
"": []alerter.Alert{ "": []alerter.Alert{
remote.NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc"), remote.NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", remote.EnumerationPhase),
remote.NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sqs", "aws_sqs"), remote.NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sqs", "aws_sqs", remote.EnumerationPhase),
remote.NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sns", "aws_sns"), remote.NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_sns", "aws_sns", remote.EnumerationPhase),
}, },
}) })
a.ProviderName = "AWS" a.ProviderName = "AWS"
@ -332,8 +332,8 @@ func fakeAnalysisWithGithubEnumerationError() *analyser.Analysis {
a := analyser.Analysis{} a := analyser.Analysis{}
a.SetAlerts(alerter.Alerts{ a.SetAlerts(alerter.Alerts{
"": []alerter.Alert{ "": []alerter.Alert{
remote.NewEnumerationAccessDeniedAlert(github.RemoteGithubTerraform, "github_team", "github_team"), remote.NewRemoteAccessDeniedAlert(github.RemoteGithubTerraform, "github_team", "github_team", remote.EnumerationPhase),
remote.NewEnumerationAccessDeniedAlert(github.RemoteGithubTerraform, "github_team_membership", "github_team"), remote.NewRemoteAccessDeniedAlert(github.RemoteGithubTerraform, "github_team_membership", "github_team", remote.EnumerationPhase),
}, },
}) })
a.ProviderName = "AWS" a.ProviderName = "AWS"

View File

@ -26,7 +26,7 @@ func (e *CloudfrontDistributionEnumerator) SupportedType() resource.ResourceType
func (e *CloudfrontDistributionEnumerator) Enumerate() ([]resource.Resource, error) { func (e *CloudfrontDistributionEnumerator) Enumerate() ([]resource.Resource, error) {
distributions, err := e.repository.ListAllDistributions() distributions, err := e.repository.ListAllDistributions()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(distributions)) results := make([]resource.Resource, len(distributions))

View File

@ -28,7 +28,7 @@ func (e *DefaultVPCEnumerator) SupportedType() resource.ResourceType {
func (e *DefaultVPCEnumerator) Enumerate() ([]resource.Resource, error) { func (e *DefaultVPCEnumerator) Enumerate() ([]resource.Resource, error) {
_, defaultVPCs, err := e.repo.ListAllVPCs() _, defaultVPCs, err := e.repo.ListAllVPCs()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, aws.AwsDefaultVpcResourceType) return nil, remoteerror.NewResourceScanningError(err, aws.AwsDefaultVpcResourceType)
} }
results := make([]resource.Resource, 0, len(defaultVPCs)) results := make([]resource.Resource, 0, len(defaultVPCs))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *DynamoDBTableDetailsFetcher) ReadDetails(res resource.Resource) (resour
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsDynamodbTableResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsDynamodbTableResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -26,7 +26,7 @@ func (e *DynamoDBTableEnumerator) SupportedType() resource.ResourceType {
func (e *DynamoDBTableEnumerator) Enumerate() ([]resource.Resource, error) { func (e *DynamoDBTableEnumerator) Enumerate() ([]resource.Resource, error) {
tables, err := e.repository.ListAllTables() tables, err := e.repository.ListAllTables()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(tables)) results := make([]resource.Resource, len(tables))

View File

@ -26,7 +26,7 @@ func (e *EC2AmiEnumerator) SupportedType() resource.ResourceType {
func (e *EC2AmiEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2AmiEnumerator) Enumerate() ([]resource.Resource, error) {
images, err := e.repository.ListAllImages() images, err := e.repository.ListAllImages()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(images)) results := make([]resource.Resource, len(images))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *EC2DefaultRouteTableDetailsFetcher) ReadDetails(res resource.Resource)
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsDefaultRouteTableResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsDefaultRouteTableResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -26,7 +26,7 @@ func (e *EC2DefaultRouteTableEnumerator) SupportedType() resource.ResourceType {
func (e *EC2DefaultRouteTableEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2DefaultRouteTableEnumerator) Enumerate() ([]resource.Resource, error) {
routeTables, err := e.repository.ListAllRouteTables() routeTables, err := e.repository.ListAllRouteTables()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
var results []resource.Resource var results []resource.Resource

View File

@ -26,7 +26,7 @@ func (e *EC2DefaultSubnetEnumerator) SupportedType() resource.ResourceType {
func (e *EC2DefaultSubnetEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2DefaultSubnetEnumerator) Enumerate() ([]resource.Resource, error) {
_, defaultSubnets, err := e.repository.ListAllSubnets() _, defaultSubnets, err := e.repository.ListAllSubnets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(defaultSubnets)) results := make([]resource.Resource, len(defaultSubnets))

View File

@ -26,7 +26,7 @@ func (e *EC2EbsSnapshotEnumerator) SupportedType() resource.ResourceType {
func (e *EC2EbsSnapshotEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2EbsSnapshotEnumerator) Enumerate() ([]resource.Resource, error) {
snapshots, err := e.repository.ListAllSnapshots() snapshots, err := e.repository.ListAllSnapshots()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(snapshots)) results := make([]resource.Resource, len(snapshots))

View File

@ -26,7 +26,7 @@ func (e *EC2EbsVolumeEnumerator) SupportedType() resource.ResourceType {
func (e *EC2EbsVolumeEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2EbsVolumeEnumerator) Enumerate() ([]resource.Resource, error) {
volumes, err := e.repository.ListAllVolumes() volumes, err := e.repository.ListAllVolumes()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(volumes)) results := make([]resource.Resource, len(volumes))

View File

@ -26,7 +26,7 @@ func (e *EC2EipAssociationEnumerator) SupportedType() resource.ResourceType {
func (e *EC2EipAssociationEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2EipAssociationEnumerator) Enumerate() ([]resource.Resource, error) {
addresses, err := e.repository.ListAllAddressesAssociation() addresses, err := e.repository.ListAllAddressesAssociation()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, 0, len(addresses)) results := make([]resource.Resource, 0, len(addresses))

View File

@ -26,7 +26,7 @@ func (e *EC2EipEnumerator) SupportedType() resource.ResourceType {
func (e *EC2EipEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2EipEnumerator) Enumerate() ([]resource.Resource, error) {
addresses, err := e.repository.ListAllAddresses() addresses, err := e.repository.ListAllAddresses()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(addresses)) results := make([]resource.Resource, len(addresses))

View File

@ -26,7 +26,7 @@ func (e *EC2InstanceEnumerator) SupportedType() resource.ResourceType {
func (e *EC2InstanceEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2InstanceEnumerator) Enumerate() ([]resource.Resource, error) {
instances, err := e.repository.ListAllInstances() instances, err := e.repository.ListAllInstances()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(instances)) results := make([]resource.Resource, len(instances))

View File

@ -26,7 +26,7 @@ func (e *EC2InternetGatewayEnumerator) SupportedType() resource.ResourceType {
func (e *EC2InternetGatewayEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2InternetGatewayEnumerator) Enumerate() ([]resource.Resource, error) {
internetGateways, err := e.repository.ListAllInternetGateways() internetGateways, err := e.repository.ListAllInternetGateways()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(internetGateways)) results := make([]resource.Resource, len(internetGateways))

View File

@ -26,7 +26,7 @@ func (e *EC2KeyPairEnumerator) SupportedType() resource.ResourceType {
func (e *EC2KeyPairEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2KeyPairEnumerator) Enumerate() ([]resource.Resource, error) {
keyPairs, err := e.repository.ListAllKeyPairs() keyPairs, err := e.repository.ListAllKeyPairs()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(keyPairs)) results := make([]resource.Resource, len(keyPairs))

View File

@ -26,7 +26,7 @@ func (e *EC2NatGatewayEnumerator) SupportedType() resource.ResourceType {
func (e *EC2NatGatewayEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2NatGatewayEnumerator) Enumerate() ([]resource.Resource, error) {
natGateways, err := e.repository.ListAllNatGateways() natGateways, err := e.repository.ListAllNatGateways()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(natGateways)) results := make([]resource.Resource, len(natGateways))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -34,7 +35,7 @@ func (r *EC2RouteDetailsFetcher) ReadDetails(res resource.Resource) (resource.Re
Attributes: attributes, Attributes: attributes,
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsRouteResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsRouteResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -26,7 +26,7 @@ func (e *EC2RouteEnumerator) SupportedType() resource.ResourceType {
func (e *EC2RouteEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2RouteEnumerator) Enumerate() ([]resource.Resource, error) {
routeTables, err := e.repository.ListAllRouteTables() routeTables, err := e.repository.ListAllRouteTables()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsRouteTableResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsRouteTableResourceType)
} }
var results []resource.Resource var results []resource.Resource

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *EC2RouteTableAssociationDetailsFetcher) ReadDetails(res resource.Resour
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsRouteTableAssociationResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsRouteTableAssociationResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -27,7 +27,7 @@ func (e *EC2RouteTableAssociationEnumerator) SupportedType() resource.ResourceTy
func (e *EC2RouteTableAssociationEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2RouteTableAssociationEnumerator) Enumerate() ([]resource.Resource, error) {
routeTables, err := e.repository.ListAllRouteTables() routeTables, err := e.repository.ListAllRouteTables()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsRouteTableResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsRouteTableResourceType)
} }
var results []resource.Resource var results []resource.Resource

View File

@ -27,7 +27,7 @@ func (e *EC2RouteTableEnumerator) SupportedType() resource.ResourceType {
func (e *EC2RouteTableEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2RouteTableEnumerator) Enumerate() ([]resource.Resource, error) {
routeTables, err := e.repository.ListAllRouteTables() routeTables, err := e.repository.ListAllRouteTables()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
var results []resource.Resource var results []resource.Resource

View File

@ -26,7 +26,7 @@ func (e *EC2SubnetEnumerator) SupportedType() resource.ResourceType {
func (e *EC2SubnetEnumerator) Enumerate() ([]resource.Resource, error) { func (e *EC2SubnetEnumerator) Enumerate() ([]resource.Resource, error) {
subnets, _, err := e.repository.ListAllSubnets() subnets, _, err := e.repository.ListAllSubnets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(subnets)) results := make([]resource.Resource, len(subnets))

View File

@ -26,7 +26,7 @@ func (e *ECRRepositoryEnumerator) SupportedType() resource.ResourceType {
func (e *ECRRepositoryEnumerator) Enumerate() ([]resource.Resource, error) { func (e *ECRRepositoryEnumerator) Enumerate() ([]resource.Resource, error) {
repos, err := e.repository.ListAllRepositories() repos, err := e.repository.ListAllRepositories()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(repos)) results := make([]resource.Resource, len(repos))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *IamAccessKeyDetailsFetcher) ReadDetails(res resource.Resource) (resourc
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsIamAccessKeyResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsIamAccessKeyResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -26,12 +26,12 @@ func (e *IamAccessKeyEnumerator) SupportedType() resource.ResourceType {
func (e *IamAccessKeyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamAccessKeyEnumerator) Enumerate() ([]resource.Resource, error) {
users, err := e.repository.ListAllUsers() users, err := e.repository.ListAllUsers()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), resourceaws.AwsIamUserResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), resourceaws.AwsIamUserResourceType)
} }
keys, err := e.repository.ListAllAccessKeys(users) keys, err := e.repository.ListAllAccessKeys(users)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, resourceaws.AwsIamAccessKeyResourceType) return nil, remoteerror.NewResourceScanningError(err, resourceaws.AwsIamAccessKeyResourceType)
} }
results := make([]resource.Resource, 0) results := make([]resource.Resource, 0)

View File

@ -27,7 +27,7 @@ func (e *IamPolicyEnumerator) SupportedType() resource.ResourceType {
func (e *IamPolicyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamPolicyEnumerator) Enumerate() ([]resource.Resource, error) {
policies, err := e.repository.ListAllPolicies() policies, err := e.repository.ListAllPolicies()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(policies)) results := make([]resource.Resource, len(policies))

View File

@ -40,7 +40,7 @@ func awsIamRoleShouldBeIgnored(roleName string) bool {
func (e *IamRoleEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamRoleEnumerator) Enumerate() ([]resource.Resource, error) {
roles, err := e.repository.ListAllRoles() roles, err := e.repository.ListAllRoles()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, 0) results := make([]resource.Resource, 0)

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -28,7 +29,7 @@ func (r *IamRolePolicyAttachmentDetailsFetcher) ReadDetails(res resource.Resourc
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsIamRolePolicyAttachmentResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsIamRolePolicyAttachmentResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -29,7 +29,7 @@ func (e *IamRolePolicyAttachmentEnumerator) SupportedType() resource.ResourceTyp
func (e *IamRolePolicyAttachmentEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamRolePolicyAttachmentEnumerator) Enumerate() ([]resource.Resource, error) {
roles, err := e.repository.ListAllRoles() roles, err := e.repository.ListAllRoles()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), resourceaws.AwsIamRoleResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), resourceaws.AwsIamRoleResourceType)
} }
results := make([]resource.Resource, 0) results := make([]resource.Resource, 0)
@ -48,7 +48,7 @@ func (e *IamRolePolicyAttachmentEnumerator) Enumerate() ([]resource.Resource, er
policyAttachments, err := e.repository.ListAllRolePolicyAttachments(rolesNotIgnored) policyAttachments, err := e.repository.ListAllRolePolicyAttachments(rolesNotIgnored)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
for _, attachedPol := range policyAttachments { for _, attachedPol := range policyAttachments {

View File

@ -29,12 +29,12 @@ func (e *IamRolePolicyEnumerator) SupportedType() resource.ResourceType {
func (e *IamRolePolicyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamRolePolicyEnumerator) Enumerate() ([]resource.Resource, error) {
roles, err := e.repository.ListAllRoles() roles, err := e.repository.ListAllRoles()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, resourceaws.AwsIamRolePolicyResourceType, resourceaws.AwsIamRoleResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, resourceaws.AwsIamRolePolicyResourceType, resourceaws.AwsIamRoleResourceType)
} }
policies, err := e.repository.ListAllRolePolicies(roles) policies, err := e.repository.ListAllRolePolicies(roles)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, resourceaws.AwsIamRolePolicyResourceType) return nil, remoteerror.NewResourceScanningError(err, resourceaws.AwsIamRolePolicyResourceType)
} }
results := make([]resource.Resource, len(policies)) results := make([]resource.Resource, len(policies))

View File

@ -27,7 +27,7 @@ func (e *IamUserEnumerator) SupportedType() resource.ResourceType {
func (e *IamUserEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamUserEnumerator) Enumerate() ([]resource.Resource, error) {
users, err := e.repository.ListAllUsers() users, err := e.repository.ListAllUsers()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(users)) results := make([]resource.Resource, len(users))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -28,7 +29,7 @@ func (r *IamUserPolicyAttachmentDetailsFetcher) ReadDetails(res resource.Resourc
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsIamUserPolicyAttachmentResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsIamUserPolicyAttachmentResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -28,13 +28,13 @@ func (e *IamUserPolicyAttachmentEnumerator) SupportedType() resource.ResourceTyp
func (e *IamUserPolicyAttachmentEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamUserPolicyAttachmentEnumerator) Enumerate() ([]resource.Resource, error) {
users, err := e.repository.ListAllUsers() users, err := e.repository.ListAllUsers()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), resourceaws.AwsIamUserResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), resourceaws.AwsIamUserResourceType)
} }
results := make([]resource.Resource, 0) results := make([]resource.Resource, 0)
policyAttachments, err := e.repository.ListAllUserPolicyAttachments(users) policyAttachments, err := e.repository.ListAllUserPolicyAttachments(users)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
for _, attachedPol := range policyAttachments { for _, attachedPol := range policyAttachments {

View File

@ -26,11 +26,11 @@ func (e *IamUserPolicyEnumerator) SupportedType() resource.ResourceType {
func (e *IamUserPolicyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *IamUserPolicyEnumerator) Enumerate() ([]resource.Resource, error) {
users, err := e.repository.ListAllUsers() users, err := e.repository.ListAllUsers()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsIamUserResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsIamUserResourceType)
} }
userPolicies, err := e.repository.ListAllUserPolicies(users) userPolicies, err := e.repository.ListAllUserPolicies(users)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(userPolicies)) results := make([]resource.Resource, len(userPolicies))

View File

@ -26,7 +26,7 @@ func (e *KMSAliasEnumerator) SupportedType() resource.ResourceType {
func (e *KMSAliasEnumerator) Enumerate() ([]resource.Resource, error) { func (e *KMSAliasEnumerator) Enumerate() ([]resource.Resource, error) {
aliases, err := e.repository.ListAllAliases() aliases, err := e.repository.ListAllAliases()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(aliases)) results := make([]resource.Resource, len(aliases))

View File

@ -26,7 +26,7 @@ func (e *KMSKeyEnumerator) SupportedType() resource.ResourceType {
func (e *KMSKeyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *KMSKeyEnumerator) Enumerate() ([]resource.Resource, error) {
keys, err := e.repository.ListAllKeys() keys, err := e.repository.ListAllKeys()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(keys)) results := make([]resource.Resource, len(keys))

View File

@ -26,7 +26,7 @@ func (e *LambdaEventSourceMappingEnumerator) SupportedType() resource.ResourceTy
func (e *LambdaEventSourceMappingEnumerator) Enumerate() ([]resource.Resource, error) { func (e *LambdaEventSourceMappingEnumerator) Enumerate() ([]resource.Resource, error) {
eventSourceMappings, err := e.repository.ListAllLambdaEventSourceMappings() eventSourceMappings, err := e.repository.ListAllLambdaEventSourceMappings()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(eventSourceMappings)) results := make([]resource.Resource, len(eventSourceMappings))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws" resourceaws "github.com/cloudskiff/driftctl/pkg/resource/aws"
@ -30,7 +31,7 @@ func (r *LambdaFunctionDetailsFetcher) ReadDetails(topic resource.Resource) (res
}) })
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return nil, err return nil, remoteerror.NewResourceScanningError(err, resourceaws.AwsLambdaFunctionResourceType)
} }
return r.deserializer.DeserializeOne(resourceaws.AwsLambdaFunctionResourceType, *val) return r.deserializer.DeserializeOne(resourceaws.AwsLambdaFunctionResourceType, *val)
} }

View File

@ -26,7 +26,7 @@ func (e *LambdaFunctionEnumerator) SupportedType() resource.ResourceType {
func (e *LambdaFunctionEnumerator) Enumerate() ([]resource.Resource, error) { func (e *LambdaFunctionEnumerator) Enumerate() ([]resource.Resource, error) {
functions, err := e.repository.ListAllLambdaFunctions() functions, err := e.repository.ListAllLambdaFunctions()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(functions)) results := make([]resource.Resource, len(functions))

View File

@ -26,7 +26,7 @@ func (e *RDSDBInstanceEnumerator) SupportedType() resource.ResourceType {
func (e *RDSDBInstanceEnumerator) Enumerate() ([]resource.Resource, error) { func (e *RDSDBInstanceEnumerator) Enumerate() ([]resource.Resource, error) {
instances, err := e.repository.ListAllDBInstances() instances, err := e.repository.ListAllDBInstances()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(instances)) results := make([]resource.Resource, len(instances))

View File

@ -26,7 +26,7 @@ func (e *RDSDBSubnetGroupEnumerator) SupportedType() resource.ResourceType {
func (e *RDSDBSubnetGroupEnumerator) Enumerate() ([]resource.Resource, error) { func (e *RDSDBSubnetGroupEnumerator) Enumerate() ([]resource.Resource, error) {
subnetGroups, err := e.repository.ListAllDBSubnetGroups() subnetGroups, err := e.repository.ListAllDBSubnetGroups()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(subnetGroups)) results := make([]resource.Resource, len(subnetGroups))

View File

@ -26,7 +26,7 @@ func (e *Route53HealthCheckEnumerator) SupportedType() resource.ResourceType {
func (e *Route53HealthCheckEnumerator) Enumerate() ([]resource.Resource, error) { func (e *Route53HealthCheckEnumerator) Enumerate() ([]resource.Resource, error) {
healthChecks, err := e.repository.ListAllHealthChecks() healthChecks, err := e.repository.ListAllHealthChecks()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(healthChecks)) results := make([]resource.Resource, len(healthChecks))

View File

@ -31,7 +31,7 @@ func (e *Route53RecordEnumerator) Enumerate() ([]resource.Resource, error) {
zones, err := e.client.ListAllZones() zones, err := e.client.ListAllZones()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), resourceaws.AwsRoute53ZoneResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), resourceaws.AwsRoute53ZoneResourceType)
} }
results := make([]resource.Resource, len(zones)) results := make([]resource.Resource, len(zones))
@ -39,7 +39,7 @@ func (e *Route53RecordEnumerator) Enumerate() ([]resource.Resource, error) {
for _, hostedZone := range zones { for _, hostedZone := range zones {
records, err := e.listRecordsForZone(strings.TrimPrefix(*hostedZone.Id, "/hostedzone/")) records, err := e.listRecordsForZone(strings.TrimPrefix(*hostedZone.Id, "/hostedzone/"))
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results = append(results, records...) results = append(results, records...)

View File

@ -30,7 +30,7 @@ func (e *Route53ZoneSupplier) SupportedType() resource.ResourceType {
func (e *Route53ZoneSupplier) Enumerate() ([]resource.Resource, error) { func (e *Route53ZoneSupplier) Enumerate() ([]resource.Resource, error) {
zones, err := e.client.ListAllZones() zones, err := e.client.ListAllZones()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(zones)) results := make([]resource.Resource, len(zones))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *S3BucketAnalyticDetailsFetcher) ReadDetails(res resource.Resource) (res
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketAnalyticsConfigurationResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketAnalyticsConfigurationResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -32,7 +32,7 @@ func (e *S3BucketAnalyticEnumerator) SupportedType() resource.ResourceType {
func (e *S3BucketAnalyticEnumerator) Enumerate() ([]resource.Resource, error) { func (e *S3BucketAnalyticEnumerator) Enumerate() ([]resource.Resource, error) {
buckets, err := e.repository.ListAllBuckets() buckets, err := e.repository.ListAllBuckets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
results := make([]resource.Resource, len(buckets)) results := make([]resource.Resource, len(buckets))
@ -40,7 +40,7 @@ func (e *S3BucketAnalyticEnumerator) Enumerate() ([]resource.Resource, error) {
for _, bucket := range buckets { for _, bucket := range buckets {
region, err := e.repository.GetBucketLocation(*bucket.Name) region, err := e.repository.GetBucketLocation(*bucket.Name)
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
if region == "" || region != e.providerConfig.DefaultAlias { if region == "" || region != e.providerConfig.DefaultAlias {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
@ -52,7 +52,7 @@ func (e *S3BucketAnalyticEnumerator) Enumerate() ([]resource.Resource, error) {
analyticsConfigurationList, err := e.repository.ListBucketAnalyticsConfigurations(bucket, region) analyticsConfigurationList, err := e.repository.ListBucketAnalyticsConfigurations(bucket, region)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
for _, analytics := range analyticsConfigurationList { for _, analytics := range analyticsConfigurationList {

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *S3BucketDetailsFetcher) ReadDetails(res resource.Resource) (resource.Re
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -30,7 +30,7 @@ func (e *S3BucketEnumerator) SupportedType() resource.ResourceType {
func (e *S3BucketEnumerator) Enumerate() ([]resource.Resource, error) { func (e *S3BucketEnumerator) Enumerate() ([]resource.Resource, error) {
buckets, err := e.repository.ListAllBuckets() buckets, err := e.repository.ListAllBuckets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(buckets)) results := make([]resource.Resource, len(buckets))
@ -38,7 +38,7 @@ func (e *S3BucketEnumerator) Enumerate() ([]resource.Resource, error) {
for _, bucket := range buckets { for _, bucket := range buckets {
region, err := e.repository.GetBucketLocation(*bucket.Name) region, err := e.repository.GetBucketLocation(*bucket.Name)
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
if region == "" || region != e.providerConfig.DefaultAlias { if region == "" || region != e.providerConfig.DefaultAlias {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *S3BucketInventoryDetailsFetcher) ReadDetails(res resource.Resource) (re
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketInventoryResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketInventoryResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -32,7 +32,7 @@ func (e *S3BucketInventoryEnumerator) SupportedType() resource.ResourceType {
func (e *S3BucketInventoryEnumerator) Enumerate() ([]resource.Resource, error) { func (e *S3BucketInventoryEnumerator) Enumerate() ([]resource.Resource, error) {
buckets, err := e.repository.ListAllBuckets() buckets, err := e.repository.ListAllBuckets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
results := make([]resource.Resource, len(buckets)) results := make([]resource.Resource, len(buckets))
@ -40,7 +40,7 @@ func (e *S3BucketInventoryEnumerator) Enumerate() ([]resource.Resource, error) {
for _, bucket := range buckets { for _, bucket := range buckets {
region, err := e.repository.GetBucketLocation(*bucket.Name) region, err := e.repository.GetBucketLocation(*bucket.Name)
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
if region == "" || region != e.providerConfig.DefaultAlias { if region == "" || region != e.providerConfig.DefaultAlias {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
@ -52,7 +52,7 @@ func (e *S3BucketInventoryEnumerator) Enumerate() ([]resource.Resource, error) {
inventoryConfigurations, err := e.repository.ListBucketInventoryConfigurations(bucket, region) inventoryConfigurations, err := e.repository.ListBucketInventoryConfigurations(bucket, region)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, aws.AwsS3BucketInventoryResourceType) return nil, remoteerror.NewResourceScanningError(err, aws.AwsS3BucketInventoryResourceType)
} }
for _, config := range inventoryConfigurations { for _, config := range inventoryConfigurations {

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *S3BucketMetricsDetailsFetcher) ReadDetails(res resource.Resource) (reso
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketMetricResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketMetricResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -32,7 +32,7 @@ func (e *S3BucketMetricsEnumerator) SupportedType() resource.ResourceType {
func (e *S3BucketMetricsEnumerator) Enumerate() ([]resource.Resource, error) { func (e *S3BucketMetricsEnumerator) Enumerate() ([]resource.Resource, error) {
buckets, err := e.repository.ListAllBuckets() buckets, err := e.repository.ListAllBuckets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, aws.AwsS3BucketMetricResourceType, aws.AwsS3BucketResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, aws.AwsS3BucketMetricResourceType, aws.AwsS3BucketResourceType)
} }
results := make([]resource.Resource, len(buckets)) results := make([]resource.Resource, len(buckets))
@ -40,7 +40,7 @@ func (e *S3BucketMetricsEnumerator) Enumerate() ([]resource.Resource, error) {
for _, bucket := range buckets { for _, bucket := range buckets {
region, err := e.repository.GetBucketLocation(*bucket.Name) region, err := e.repository.GetBucketLocation(*bucket.Name)
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningErrorWithType(err, aws.AwsS3BucketMetricResourceType, aws.AwsS3BucketResourceType)
} }
if region == "" || region != e.providerConfig.DefaultAlias { if region == "" || region != e.providerConfig.DefaultAlias {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
@ -52,7 +52,7 @@ func (e *S3BucketMetricsEnumerator) Enumerate() ([]resource.Resource, error) {
metricsConfigurationList, err := e.repository.ListBucketMetricsConfigurations(bucket, region) metricsConfigurationList, err := e.repository.ListBucketMetricsConfigurations(bucket, region)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, aws.AwsS3BucketMetricResourceType) return nil, remoteerror.NewResourceScanningError(err, aws.AwsS3BucketMetricResourceType)
} }
for _, metric := range metricsConfigurationList { for _, metric := range metricsConfigurationList {
@ -70,5 +70,5 @@ func (e *S3BucketMetricsEnumerator) Enumerate() ([]resource.Resource, error) {
} }
} }
return results, err return results, nil
} }

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *S3BucketNotificationDetailsFetcher) ReadDetails(res resource.Resource)
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketNotificationResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketNotificationResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -30,7 +30,7 @@ func (e *S3BucketNotificationEnumerator) SupportedType() resource.ResourceType {
func (e *S3BucketNotificationEnumerator) Enumerate() ([]resource.Resource, error) { func (e *S3BucketNotificationEnumerator) Enumerate() ([]resource.Resource, error) {
buckets, err := e.repository.ListAllBuckets() buckets, err := e.repository.ListAllBuckets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
results := make([]resource.Resource, len(buckets)) results := make([]resource.Resource, len(buckets))
@ -38,7 +38,7 @@ func (e *S3BucketNotificationEnumerator) Enumerate() ([]resource.Resource, error
for _, bucket := range buckets { for _, bucket := range buckets {
region, err := e.repository.GetBucketLocation(*bucket.Name) region, err := e.repository.GetBucketLocation(*bucket.Name)
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
if region == "" || region != e.providerConfig.DefaultAlias { if region == "" || region != e.providerConfig.DefaultAlias {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
@ -50,7 +50,7 @@ func (e *S3BucketNotificationEnumerator) Enumerate() ([]resource.Resource, error
notification, err := e.repository.GetBucketNotification(*bucket.Name, region) notification, err := e.repository.GetBucketNotification(*bucket.Name, region)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
if notification == nil { if notification == nil {

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -27,7 +28,7 @@ func (r *S3BucketPolicyDetailsFetcher) ReadDetails(res resource.Resource) (resou
}, },
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketPolicyResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsS3BucketPolicyResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -30,7 +30,7 @@ func (e *S3BucketPolicyEnumerator) SupportedType() resource.ResourceType {
func (e *S3BucketPolicyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *S3BucketPolicyEnumerator) Enumerate() ([]resource.Resource, error) {
buckets, err := e.repository.ListAllBuckets() buckets, err := e.repository.ListAllBuckets()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
results := make([]resource.Resource, len(buckets)) results := make([]resource.Resource, len(buckets))
@ -38,7 +38,7 @@ func (e *S3BucketPolicyEnumerator) Enumerate() ([]resource.Resource, error) {
for _, bucket := range buckets { for _, bucket := range buckets {
region, err := e.repository.GetBucketLocation(*bucket.Name) region, err := e.repository.GetBucketLocation(*bucket.Name)
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsS3BucketResourceType)
} }
if region == "" || region != e.providerConfig.DefaultAlias { if region == "" || region != e.providerConfig.DefaultAlias {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
@ -50,7 +50,7 @@ func (e *S3BucketPolicyEnumerator) Enumerate() ([]resource.Resource, error) {
policy, err := e.repository.GetBucketPolicy(*bucket.Name, region) policy, err := e.repository.GetBucketPolicy(*bucket.Name, region)
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, aws.AwsS3BucketPolicyResourceType) return nil, remoteerror.NewResourceScanningError(err, aws.AwsS3BucketPolicyResourceType)
} }
if policy != nil { if policy != nil {

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -30,7 +31,7 @@ func (r *SNSTopicDetailsFetcher) ReadDetails(topic resource.Resource) (resource.
}) })
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return nil, err return nil, remoteerror.NewResourceScanningError(err, topic.TerraformType())
} }
return r.deserializer.DeserializeOne(aws.AwsSnsTopicResourceType, *val) return r.deserializer.DeserializeOne(aws.AwsSnsTopicResourceType, *val)
} }

View File

@ -26,7 +26,7 @@ func (e *SNSTopicEnumerator) SupportedType() resource.ResourceType {
func (e *SNSTopicEnumerator) Enumerate() ([]resource.Resource, error) { func (e *SNSTopicEnumerator) Enumerate() ([]resource.Resource, error) {
topics, err := e.repository.ListAllTopics() topics, err := e.repository.ListAllTopics()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(topics)) results := make([]resource.Resource, len(topics))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -30,7 +31,7 @@ func (r *SNSTopicPolicyDetailsFetcher) ReadDetails(topic resource.Resource) (res
}) })
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return nil, err return nil, remoteerror.NewResourceScanningError(err, topic.TerraformType())
} }
return r.deserializer.DeserializeOne(aws.AwsSnsTopicPolicyResourceType, *val) return r.deserializer.DeserializeOne(aws.AwsSnsTopicPolicyResourceType, *val)
} }

View File

@ -26,7 +26,7 @@ func (e *SNSTopicPolicyEnumerator) SupportedType() resource.ResourceType {
func (e *SNSTopicPolicyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *SNSTopicPolicyEnumerator) Enumerate() ([]resource.Resource, error) {
topics, err := e.repository.ListAllTopics() topics, err := e.repository.ListAllTopics()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsSnsTopicResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsSnsTopicResourceType)
} }
results := make([]resource.Resource, len(topics)) results := make([]resource.Resource, len(topics))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -30,7 +31,7 @@ func (r *SNSTopicSubscriptionDetailsFetcher) ReadDetails(res resource.Resource)
}) })
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsSnsTopicSubscriptionResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsSnsTopicSubscriptionResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -58,7 +58,7 @@ func (e *SNSTopicSubscriptionEnumerator) SupportedType() resource.ResourceType {
func (e *SNSTopicSubscriptionEnumerator) Enumerate() ([]resource.Resource, error) { func (e *SNSTopicSubscriptionEnumerator) Enumerate() ([]resource.Resource, error) {
allSubscriptions, err := e.repository.ListAllSubscriptions() allSubscriptions, err := e.repository.ListAllSubscriptions()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(allSubscriptions)) results := make([]resource.Resource, len(allSubscriptions))

View File

@ -3,6 +3,7 @@ package aws
import ( import (
"strings" "strings"
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -35,7 +36,7 @@ func (r *SQSQueueDetailsFetcher) ReadDetails(res resource.Resource) (resource.Re
return nil, nil return nil, nil
} }
logrus.Error(err) logrus.Error(err)
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsSqsQueueResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsSqsQueueResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -28,7 +28,7 @@ func (e *SQSQueueEnumerator) SupportedType() resource.ResourceType {
func (e *SQSQueueEnumerator) Enumerate() ([]resource.Resource, error) { func (e *SQSQueueEnumerator) Enumerate() ([]resource.Resource, error) {
queues, err := e.repository.ListAllQueues() queues, err := e.repository.ListAllQueues()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, len(queues)) results := make([]resource.Resource, len(queues))

View File

@ -32,7 +32,7 @@ func (e *SQSQueuePolicyEnumerator) SupportedType() resource.ResourceType {
func (e *SQSQueuePolicyEnumerator) Enumerate() ([]resource.Resource, error) { func (e *SQSQueuePolicyEnumerator) Enumerate() ([]resource.Resource, error) {
queues, err := e.repository.ListAllQueues() queues, err := e.repository.ListAllQueues()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), aws.AwsSqsQueueResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), aws.AwsSqsQueueResourceType)
} }
results := make([]resource.Resource, 0, len(queues)) results := make([]resource.Resource, 0, len(queues))
@ -50,7 +50,7 @@ func (e *SQSQueuePolicyEnumerator) Enumerate() ([]resource.Resource, error) {
}).Debugf("Ignoring queue that seems to be already deleted: %+v", err) }).Debugf("Ignoring queue that seems to be already deleted: %+v", err)
continue continue
} }
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
if attributes.Attributes != nil { if attributes.Attributes != nil {
attrs["policy"] = *attributes.Attributes[sqs.QueueAttributeNamePolicy] attrs["policy"] = *attributes.Attributes[sqs.QueueAttributeNamePolicy]

View File

@ -29,7 +29,7 @@ func (e *VPCDefaultSecurityGroupEnumerator) SupportedType() resource.ResourceTyp
func (e *VPCDefaultSecurityGroupEnumerator) Enumerate() ([]resource.Resource, error) { func (e *VPCDefaultSecurityGroupEnumerator) Enumerate() ([]resource.Resource, error) {
_, defaultSecurityGroups, err := e.repository.ListAllSecurityGroups() _, defaultSecurityGroups, err := e.repository.ListAllSecurityGroups()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, 0, len(defaultSecurityGroups)) results := make([]resource.Resource, 0, len(defaultSecurityGroups))

View File

@ -28,7 +28,7 @@ func (e *VPCEnumerator) SupportedType() resource.ResourceType {
func (e *VPCEnumerator) Enumerate() ([]resource.Resource, error) { func (e *VPCEnumerator) Enumerate() ([]resource.Resource, error) {
VPCs, _, err := e.repo.ListAllVPCs() VPCs, _, err := e.repo.ListAllVPCs()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, aws.AwsVpcResourceType) return nil, remoteerror.NewResourceScanningError(err, aws.AwsVpcResourceType)
} }
results := make([]resource.Resource, 0, len(VPCs)) results := make([]resource.Resource, 0, len(VPCs))

View File

@ -29,7 +29,7 @@ func (e *VPCSecurityGroupEnumerator) SupportedType() resource.ResourceType {
func (e *VPCSecurityGroupEnumerator) Enumerate() ([]resource.Resource, error) { func (e *VPCSecurityGroupEnumerator) Enumerate() ([]resource.Resource, error) {
securityGroups, _, err := e.repository.ListAllSecurityGroups() securityGroups, _, err := e.repository.ListAllSecurityGroups()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(e.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(e.SupportedType()))
} }
results := make([]resource.Resource, 0, len(securityGroups)) results := make([]resource.Resource, 0, len(securityGroups))

View File

@ -1,6 +1,7 @@
package aws package aws
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/resource/aws"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
@ -59,7 +60,7 @@ func (r *VPCSecurityGroupRuleDetailsFetcher) ReadDetails(res resource.Resource)
Attributes: flatmap.Flatten(attrs), Attributes: flatmap.Flatten(attrs),
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsSecurityGroupRuleResourceType, *ctyVal) deserializedRes, err := r.deserializer.DeserializeOne(aws.AwsSecurityGroupRuleResourceType, *ctyVal)
if err != nil { if err != nil {

View File

@ -78,7 +78,7 @@ func (e *VPCSecurityGroupRuleEnumerator) SupportedType() resource.ResourceType {
func (e *VPCSecurityGroupRuleEnumerator) Enumerate() ([]resource.Resource, error) { func (e *VPCSecurityGroupRuleEnumerator) Enumerate() ([]resource.Resource, error) {
securityGroups, defaultSecurityGroups, err := e.repository.ListAllSecurityGroups() securityGroups, defaultSecurityGroups, err := e.repository.ListAllSecurityGroups()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationErrorWithType(err, string(e.SupportedType()), resourceaws.AwsSecurityGroupResourceType) return nil, remoteerror.NewResourceScanningErrorWithType(err, string(e.SupportedType()), resourceaws.AwsSecurityGroupResourceType)
} }
secGroups := make([]*ec2.SecurityGroup, 0, len(securityGroups)+len(defaultSecurityGroups)) secGroups := make([]*ec2.SecurityGroup, 0, len(securityGroups)+len(defaultSecurityGroups))

View File

@ -1,6 +1,7 @@
package common package common
import ( import (
remoteerror "github.com/cloudskiff/driftctl/pkg/remote/error"
"github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource"
"github.com/cloudskiff/driftctl/pkg/terraform" "github.com/cloudskiff/driftctl/pkg/terraform"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -30,7 +31,7 @@ func (f *GenericDetailsFetcher) ReadDetails(res resource.Resource) (resource.Res
ID: res.TerraformId(), ID: res.TerraformId(),
}) })
if err != nil { if err != nil {
return nil, err return nil, remoteerror.NewResourceScanningError(err, res.TerraformType())
} }
if ctyVal.IsNull() { if ctyVal.IsNull() {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{

View File

@ -29,25 +29,25 @@ func (b *SupplierError) Context() map[string]string {
return b.context return b.context
} }
type ResourceEnumerationError struct { type ResourceScanningError struct {
SupplierError SupplierError
listedTypeError string listedTypeError string
} }
func NewResourceEnumerationErrorWithType(error error, supplierType string, listedTypeError string) *ResourceEnumerationError { func NewResourceScanningErrorWithType(error error, supplierType string, listedTypeError string) *ResourceScanningError {
context := map[string]string{ context := map[string]string{
"ListedTypeError": listedTypeError, "ListedTypeError": listedTypeError,
} }
return &ResourceEnumerationError{ return &ResourceScanningError{
SupplierError: *NewSupplierError(error, context, supplierType), SupplierError: *NewSupplierError(error, context, supplierType),
listedTypeError: listedTypeError, listedTypeError: listedTypeError,
} }
} }
func NewResourceEnumerationError(error error, supplierType string) *ResourceEnumerationError { func NewResourceScanningError(error error, supplierType string) *ResourceScanningError {
return NewResourceEnumerationErrorWithType(error, supplierType, supplierType) return NewResourceScanningErrorWithType(error, supplierType, supplierType)
} }
func (b *ResourceEnumerationError) ListedTypeError() string { func (b *ResourceScanningError) ListedTypeError() string {
return b.listedTypeError return b.listedTypeError
} }

View File

@ -25,7 +25,7 @@ func (g *GithubBranchProtectionEnumerator) SupportedType() resource.ResourceType
func (g *GithubBranchProtectionEnumerator) Enumerate() ([]resource.Resource, error) { func (g *GithubBranchProtectionEnumerator) Enumerate() ([]resource.Resource, error) {
ids, err := g.repository.ListBranchProtection() ids, err := g.repository.ListBranchProtection()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(g.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(g.SupportedType()))
} }
results := make([]resource.Resource, len(ids)) results := make([]resource.Resource, len(ids))

View File

@ -25,7 +25,7 @@ func (g *GithubMembershipEnumerator) SupportedType() resource.ResourceType {
func (g *GithubMembershipEnumerator) Enumerate() ([]resource.Resource, error) { func (g *GithubMembershipEnumerator) Enumerate() ([]resource.Resource, error) {
ids, err := g.Membership.ListMembership() ids, err := g.Membership.ListMembership()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(g.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(g.SupportedType()))
} }
results := make([]resource.Resource, len(ids)) results := make([]resource.Resource, len(ids))

View File

@ -25,7 +25,7 @@ func (g *GithubRepositoryEnumerator) SupportedType() resource.ResourceType {
func (g *GithubRepositoryEnumerator) Enumerate() ([]resource.Resource, error) { func (g *GithubRepositoryEnumerator) Enumerate() ([]resource.Resource, error) {
ids, err := g.repository.ListRepositories() ids, err := g.repository.ListRepositories()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(g.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(g.SupportedType()))
} }
results := make([]resource.Resource, len(ids)) results := make([]resource.Resource, len(ids))

View File

@ -27,7 +27,7 @@ func (g *GithubTeamEnumerator) SupportedType() resource.ResourceType {
func (g *GithubTeamEnumerator) Enumerate() ([]resource.Resource, error) { func (g *GithubTeamEnumerator) Enumerate() ([]resource.Resource, error) {
resourceList, err := g.repository.ListTeams() resourceList, err := g.repository.ListTeams()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(g.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(g.SupportedType()))
} }
results := make([]resource.Resource, len(resourceList)) results := make([]resource.Resource, len(resourceList))

View File

@ -25,7 +25,7 @@ func (g *GithubTeamMembershipEnumerator) SupportedType() resource.ResourceType {
func (g *GithubTeamMembershipEnumerator) Enumerate() ([]resource.Resource, error) { func (g *GithubTeamMembershipEnumerator) Enumerate() ([]resource.Resource, error) {
ids, err := g.repository.ListTeamMemberships() ids, err := g.repository.ListTeamMemberships()
if err != nil { if err != nil {
return nil, remoteerror.NewResourceEnumerationError(err, string(g.SupportedType())) return nil, remoteerror.NewResourceScanningError(err, string(g.SupportedType()))
} }
results := make([]resource.Resource, len(ids)) results := make([]resource.Resource, len(ids))

View File

@ -12,26 +12,49 @@ import (
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
type EnumerationAccessDeniedAlert struct { type ScanningPhase int
const (
EnumerationPhase ScanningPhase = iota
DetailsFetchingPhase
)
type RemoteAccessDeniedAlert struct {
message string message string
provider string provider string
scanningPhase ScanningPhase
} }
func NewEnumerationAccessDeniedAlert(provider, supplierType, listedTypeError string) *EnumerationAccessDeniedAlert { func NewRemoteAccessDeniedAlert(provider, supplierType, listedTypeError string, scanningPhase ScanningPhase) *RemoteAccessDeniedAlert {
message := fmt.Sprintf("Ignoring %s from drift calculation: Listing %s is forbidden.", supplierType, listedTypeError) var message string
return &EnumerationAccessDeniedAlert{message, provider} switch scanningPhase {
case EnumerationPhase:
message = fmt.Sprintf("Ignoring %s from drift calculation: Listing %s is forbidden.", supplierType, listedTypeError)
case DetailsFetchingPhase:
message = fmt.Sprintf("Ignoring %s from drift calculation: Reading details of %s is forbidden.", supplierType, listedTypeError)
default:
message = fmt.Sprintf("Ignoring %s from drift calculation: %s", supplierType, listedTypeError)
}
return &RemoteAccessDeniedAlert{message, provider, scanningPhase}
} }
func (e *EnumerationAccessDeniedAlert) Message() string { func (e *RemoteAccessDeniedAlert) Message() string {
return e.message return e.message
} }
func (e *EnumerationAccessDeniedAlert) ShouldIgnoreResource() bool { func (e *RemoteAccessDeniedAlert) ShouldIgnoreResource() bool {
return true return true
} }
func (e *EnumerationAccessDeniedAlert) GetProviderMessage() string { func (e *RemoteAccessDeniedAlert) GetProviderMessage() string {
message := "It seems that we got access denied exceptions while listing resources.\n" var message string
if e.scanningPhase == DetailsFetchingPhase {
message = "It seems that we got access denied exceptions while reading details of resources.\n"
}
if e.scanningPhase == EnumerationPhase {
message = "It seems that we got access denied exceptions while listing resources.\n"
}
switch e.provider { switch e.provider {
case github.RemoteGithubTerraform: case github.RemoteGithubTerraform:
message += "Please be sure that your Github token has the right permissions, check the last up-to-date documentation there: https://docs.driftctl.com/github/policy" message += "Please be sure that your Github token has the right permissions, check the last up-to-date documentation there: https://docs.driftctl.com/github/policy"
@ -44,7 +67,7 @@ func (e *EnumerationAccessDeniedAlert) GetProviderMessage() string {
} }
func HandleResourceEnumerationError(err error, alerter alerter.AlerterInterface) error { func HandleResourceEnumerationError(err error, alerter alerter.AlerterInterface) error {
listError, ok := err.(*remoteerror.ResourceEnumerationError) listError, ok := err.(*remoteerror.ResourceScanningError)
if !ok { if !ok {
return err return err
} }
@ -56,6 +79,13 @@ func HandleResourceEnumerationError(err error, alerter alerter.AlerterInterface)
return handleAWSError(alerter, listError, reqerr) return handleAWSError(alerter, listError, reqerr)
} }
// This handles access denied errors like the following:
// aws_s3_bucket_policy: AccessDenied: Error listing bucket policy <policy_name>
if strings.Contains(rootCause.Error(), "AccessDenied") {
sendEnumerationAlert(aws.RemoteAWSTerraform, alerter, listError)
return nil
}
if strings.HasPrefix( if strings.HasPrefix(
rootCause.Error(), rootCause.Error(),
"Your token has not been granted the required scopes to execute this query.", "Your token has not been granted the required scopes to execute this query.",
@ -67,7 +97,27 @@ func HandleResourceEnumerationError(err error, alerter alerter.AlerterInterface)
return err return err
} }
func handleAWSError(alerter alerter.AlerterInterface, listError *remoteerror.ResourceEnumerationError, reqerr awserr.RequestFailure) error { func HandleResourceDetailsFetchingError(err error, alerter alerter.AlerterInterface) error {
listError, ok := err.(*remoteerror.ResourceScanningError)
if !ok {
return err
}
rootCause := listError.RootCause()
// This handles access denied errors like the following:
// iam_role_policy: error reading IAM Role Policy (<policy>): AccessDenied: User: <role_arn> ...
if strings.HasPrefix(rootCause.Error(), "AccessDeniedException") ||
strings.Contains(rootCause.Error(), "AccessDenied") ||
strings.Contains(rootCause.Error(), "AuthorizationError") {
sendDetailsFetchingAlert(aws.RemoteAWSTerraform, alerter, listError)
return nil
}
return err
}
func handleAWSError(alerter alerter.AlerterInterface, listError *remoteerror.ResourceScanningError, reqerr awserr.RequestFailure) error {
if reqerr.StatusCode() == 403 || (reqerr.StatusCode() == 400 && strings.Contains(reqerr.Code(), "AccessDenied")) { if reqerr.StatusCode() == 403 || (reqerr.StatusCode() == 400 && strings.Contains(reqerr.Code(), "AccessDenied")) {
sendEnumerationAlert(aws.RemoteAWSTerraform, alerter, listError) sendEnumerationAlert(aws.RemoteAWSTerraform, alerter, listError)
return nil return nil
@ -76,10 +126,18 @@ func handleAWSError(alerter alerter.AlerterInterface, listError *remoteerror.Res
return reqerr return reqerr
} }
func sendEnumerationAlert(provider string, alerter alerter.AlerterInterface, listError *remoteerror.ResourceEnumerationError) { func sendRemoteAccessDeniedAlert(provider string, alerter alerter.AlerterInterface, listError *remoteerror.ResourceScanningError, p ScanningPhase) {
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
"supplier_type": listError.SupplierType(), "supplier_type": listError.SupplierType(),
"listed_type": listError.ListedTypeError(), "listed_type": listError.ListedTypeError(),
}).Debugf("Got an access denied error") }).Debugf("Got an access denied error")
alerter.SendAlert(listError.SupplierType(), NewEnumerationAccessDeniedAlert(provider, listError.SupplierType(), listError.ListedTypeError())) alerter.SendAlert(listError.SupplierType(), NewRemoteAccessDeniedAlert(provider, listError.SupplierType(), listError.ListedTypeError(), p))
}
func sendEnumerationAlert(provider string, alerter alerter.AlerterInterface, listError *remoteerror.ResourceScanningError) {
sendRemoteAccessDeniedAlert(provider, alerter, listError, EnumerationPhase)
}
func sendDetailsFetchingAlert(provider string, alerter alerter.AlerterInterface, listError *remoteerror.ResourceScanningError) {
sendRemoteAccessDeniedAlert(provider, alerter, listError, DetailsFetchingPhase)
} }

View File

@ -17,7 +17,7 @@ import (
"github.com/cloudskiff/driftctl/pkg/alerter" "github.com/cloudskiff/driftctl/pkg/alerter"
) )
func TestHandleListAwsError(t *testing.T) { func TestHandleAwsEnumerationErrors(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
@ -27,19 +27,19 @@ func TestHandleListAwsError(t *testing.T) {
}{ }{
{ {
name: "Handled error 403", name: "Handled error 403",
err: remoteerror.NewResourceEnumerationError(awserr.NewRequestFailure(awserr.New("", "", errors.New("")), 403, ""), resourceaws.AwsVpcResourceType), err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("", "", errors.New("")), 403, ""), resourceaws.AwsVpcResourceType),
wantAlerts: alerter.Alerts{"aws_vpc": []alerter.Alert{NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc")}}, wantAlerts: alerter.Alerts{"aws_vpc": []alerter.Alert{NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", EnumerationPhase)}},
wantErr: false, wantErr: false,
}, },
{ {
name: "Handled error AccessDenied", name: "Handled error AccessDenied",
err: remoteerror.NewResourceEnumerationError(awserr.NewRequestFailure(awserr.New("AccessDeniedException", "", errors.New("")), 403, ""), resourceaws.AwsDynamodbTableResourceType), err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("AccessDeniedException", "", errors.New("")), 403, ""), resourceaws.AwsDynamodbTableResourceType),
wantAlerts: alerter.Alerts{"aws_dynamodb_table": []alerter.Alert{NewEnumerationAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_dynamodb_table", "aws_dynamodb_table")}}, wantAlerts: alerter.Alerts{"aws_dynamodb_table": []alerter.Alert{NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_dynamodb_table", "aws_dynamodb_table", EnumerationPhase)}},
wantErr: false, wantErr: false,
}, },
{ {
name: "Not Handled error code", name: "Not Handled error code",
err: remoteerror.NewResourceEnumerationError(awserr.NewRequestFailure(awserr.New("", "", errors.New("")), 404, ""), resourceaws.AwsVpcResourceType), err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("", "", errors.New("")), 404, ""), resourceaws.AwsVpcResourceType),
wantAlerts: map[string][]alerter.Alert{}, wantAlerts: map[string][]alerter.Alert{},
wantErr: true, wantErr: true,
}, },
@ -57,10 +57,16 @@ func TestHandleListAwsError(t *testing.T) {
}, },
{ {
name: "Not Handled root error type", name: "Not Handled root error type",
err: remoteerror.NewResourceEnumerationError(errors.New("error"), resourceaws.AwsVpcResourceType), err: remoteerror.NewResourceScanningError(errors.New("error"), resourceaws.AwsVpcResourceType),
wantAlerts: map[string][]alerter.Alert{}, wantAlerts: map[string][]alerter.Alert{},
wantErr: true, wantErr: true,
}, },
{
name: "Handle AccessDenied error",
err: remoteerror.NewResourceScanningError(errors.New("an error occured: AccessDenied: 403"), resourceaws.AwsVpcResourceType),
wantAlerts: alerter.Alerts{"aws_vpc": []alerter.Alert{NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", EnumerationPhase)}},
wantErr: false,
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
@ -75,7 +81,7 @@ func TestHandleListAwsError(t *testing.T) {
} }
} }
func TestHandleListGithubError(t *testing.T) { func TestHandleGithubEnumerationErrors(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
@ -85,13 +91,13 @@ func TestHandleListGithubError(t *testing.T) {
}{ }{
{ {
name: "Handled graphql error", name: "Handled graphql error",
err: remoteerror.NewResourceEnumerationError(errors.New("Your token has not been granted the required scopes to execute this query."), resourcegithub.GithubTeamResourceType), err: remoteerror.NewResourceScanningError(errors.New("Your token has not been granted the required scopes to execute this query."), resourcegithub.GithubTeamResourceType),
wantAlerts: alerter.Alerts{"github_team": []alerter.Alert{NewEnumerationAccessDeniedAlert(github.RemoteGithubTerraform, "github_team", "github_team")}}, wantAlerts: alerter.Alerts{"github_team": []alerter.Alert{NewRemoteAccessDeniedAlert(github.RemoteGithubTerraform, "github_team", "github_team", EnumerationPhase)}},
wantErr: false, wantErr: false,
}, },
{ {
name: "Not handled graphql error", name: "Not handled graphql error",
err: remoteerror.NewResourceEnumerationError(errors.New("This is a not handler graphql error"), resourcegithub.GithubTeamResourceType), err: remoteerror.NewResourceScanningError(errors.New("This is a not handler graphql error"), resourcegithub.GithubTeamResourceType),
wantAlerts: map[string][]alerter.Alert{}, wantAlerts: map[string][]alerter.Alert{},
wantErr: true, wantErr: true,
}, },
@ -121,6 +127,52 @@ func TestHandleListGithubError(t *testing.T) {
} }
} }
func TestHandleAwsDetailsFetchingErrors(t *testing.T) {
tests := []struct {
name string
err error
wantAlerts alerter.Alerts
wantErr bool
}{
{
name: "Handle AccessDeniedException error",
err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("AccessDeniedException", "test", errors.New("")), 403, ""), resourceaws.AwsVpcResourceType),
wantAlerts: alerter.Alerts{"aws_vpc": []alerter.Alert{NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", DetailsFetchingPhase)}},
wantErr: false,
},
{
name: "Handle AccessDenied error",
err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("test", "error: AccessDenied", errors.New("")), 403, ""), resourceaws.AwsVpcResourceType),
wantAlerts: alerter.Alerts{"aws_vpc": []alerter.Alert{NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", DetailsFetchingPhase)}},
wantErr: false,
},
{
name: "Handle AuthorizationError error",
err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("test", "error: AuthorizationError", errors.New("")), 403, ""), resourceaws.AwsVpcResourceType),
wantAlerts: alerter.Alerts{"aws_vpc": []alerter.Alert{NewRemoteAccessDeniedAlert(aws.RemoteAWSTerraform, "aws_vpc", "aws_vpc", DetailsFetchingPhase)}},
wantErr: false,
},
{
name: "Unhandled error",
err: remoteerror.NewResourceScanningError(awserr.NewRequestFailure(awserr.New("test", "error: dummy error", errors.New("")), 403, ""), resourceaws.AwsVpcResourceType),
wantAlerts: alerter.Alerts{},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
alertr := alerter.NewAlerter()
gotErr := HandleResourceDetailsFetchingError(tt.err, alertr)
assert.Equal(t, tt.wantErr, gotErr != nil)
retrieve := alertr.Retrieve()
assert.Equal(t, tt.wantAlerts, retrieve)
})
}
}
func TestEnumerationAccessDeniedAlert_GetProviderMessage(t *testing.T) { func TestEnumerationAccessDeniedAlert_GetProviderMessage(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
@ -145,7 +197,39 @@ func TestEnumerationAccessDeniedAlert_GetProviderMessage(t *testing.T) {
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
e := NewEnumerationAccessDeniedAlert(tt.provider, "supplier_type", "listed_type_error") e := NewRemoteAccessDeniedAlert(tt.provider, "supplier_type", "listed_type_error", EnumerationPhase)
if got := e.GetProviderMessage(); got != tt.want {
t.Errorf("GetProviderMessage() = %v, want %v", got, tt.want)
}
})
}
}
func TestDetailsFetchingAccessDeniedAlert_GetProviderMessage(t *testing.T) {
tests := []struct {
name string
provider string
want string
}{
{
name: "test for unsupported provider",
provider: "foobar",
want: "",
},
{
name: "test for AWS",
provider: aws.RemoteAWSTerraform,
want: "It seems that we got access denied exceptions while reading details of resources.\nThe latest minimal read-only IAM policy for driftctl is always available here, please update yours: https://docs.driftctl.com/aws/policy",
},
{
name: "test for github",
provider: github.RemoteGithubTerraform,
want: "It seems that we got access denied exceptions while reading details of resources.\nPlease be sure that your Github token has the right permissions, check the last up-to-date documentation there: https://docs.driftctl.com/github/policy",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
e := NewRemoteAccessDeniedAlert(tt.provider, "supplier_type", "listed_type_error", DetailsFetchingPhase)
if got := e.GetProviderMessage(); got != tt.want { if got := e.GetProviderMessage(); got != tt.want {
t.Errorf("GetProviderMessage() = %v, want %v", got, tt.want) t.Errorf("GetProviderMessage() = %v, want %v", got, tt.want)
} }

View File

@ -76,13 +76,13 @@ func (s *Scanner) scan() ([]resource.Resource, error) {
} }
return nil, err return nil, err
} }
for _, resource := range resources { for _, res := range resources {
if resource == nil { if res == nil {
continue continue
} }
logrus.WithFields(logrus.Fields{ logrus.WithFields(logrus.Fields{
"id": resource.TerraformId(), "id": res.TerraformId(),
"type": resource.TerraformType(), "type": res.TerraformType(),
}).Debug("Found cloud resource") }).Debug("Found cloud resource")
} }
return resources, nil return resources, nil
@ -102,14 +102,18 @@ func (s *Scanner) scan() ([]resource.Resource, error) {
res := res res := res
s.detailsFetcherRunner.Run(func() (interface{}, error) { s.detailsFetcherRunner.Run(func() (interface{}, error) {
fetcher := s.remoteLibrary.GetDetailsFetcher(resource.ResourceType(res.TerraformType())) fetcher := s.remoteLibrary.GetDetailsFetcher(resource.ResourceType(res.TerraformType()))
if fetcher != nil { if fetcher == nil {
return []resource.Resource{res}, nil
}
resourceWithDetails, err := fetcher.ReadDetails(res) resourceWithDetails, err := fetcher.ReadDetails(res)
if err != nil { if err != nil {
if err := HandleResourceDetailsFetchingError(err, s.alerter); err != nil {
return nil, err return nil, err
} }
return []resource.Resource{resourceWithDetails}, nil return []resource.Resource{}, nil
} }
return []resource.Resource{res}, nil return []resource.Resource{resourceWithDetails}, nil
}) })
} }

View File

@ -279,7 +279,7 @@ func TestSNSTopicSubscriptionScan(t *testing.T) {
}, },
alerts: map[string][]alerter.Alert{ alerts: map[string][]alerter.Alert{
resourceaws.AwsSnsTopicSubscriptionResourceType: { resourceaws.AwsSnsTopicSubscriptionResourceType: {
NewEnumerationAccessDeniedAlert("aws+tf", resourceaws.AwsSnsTopicSubscriptionResourceType, resourceaws.AwsSnsTopicSubscriptionResourceType), NewRemoteAccessDeniedAlert("aws+tf", resourceaws.AwsSnsTopicSubscriptionResourceType, resourceaws.AwsSnsTopicSubscriptionResourceType, EnumerationPhase),
}, },
}, },
err: nil, err: nil,