fix panic while scanning https://github.com/bridgecrewio/cfngoat (#1238)

tenable · May 5, 2022 · 9baa8ef · 9baa8ef
1 parent 5be816d
commit 9baa8ef
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 15 deletions.
diff --git a/pkg/mapper/iac-providers/cft/config/eks-cluster.go b/pkg/mapper/iac-providers/cft/config/eks-cluster.go
@@ -47,19 +47,21 @@ func GetEksClusterConfig(c *eks.Cluster) []AWSResourceConfig {
 		vpcConfig[0].EndpointPublicAccess = c.ResourcesVpcConfig.EndpointPublicAccess
 	}
 
-	enabledClusterLogTypes := make([]string, len(c.Logging.ClusterLogging.EnabledTypes))
-	for i := range c.Logging.ClusterLogging.EnabledTypes {
-		enabledClusterLogTypes[i] = c.Logging.ClusterLogging.EnabledTypes[i].Type
-	}
-
 	cf := EksClusterConfig{
 		Config: Config{
 			Name: c.Name,
 		},
-		Name:                   c.Name,
-		RoleARN:                c.RoleArn,
-		VPCConfig:              vpcConfig,
-		EnabledClusterLogTypes: enabledClusterLogTypes,
+		Name:      c.Name,
+		RoleARN:   c.RoleArn,
+		VPCConfig: vpcConfig,
+	}
+
+	if c.Logging != nil && c.Logging.ClusterLogging != nil && len(c.Logging.ClusterLogging.EnabledTypes) > 0 {
+		enabledClusterLogTypes := make([]string, len(c.Logging.ClusterLogging.EnabledTypes))
+		for i := range c.Logging.ClusterLogging.EnabledTypes {
+			enabledClusterLogTypes[i] = c.Logging.ClusterLogging.EnabledTypes[i].Type
+		}
+		cf.EnabledClusterLogTypes = enabledClusterLogTypes
 	}
 
 	return []AWSResourceConfig{{

diff --git a/pkg/mapper/iac-providers/cft/config/iam-user.go b/pkg/mapper/iac-providers/cft/config/iam-user.go
@@ -66,17 +66,21 @@ func GetIamUserConfig(i *iam.User) []AWSResourceConfig {
 		},
 	})
 
+	iamLoginProfileConfig := IamUserLoginProfileConfig{
+		Config: Config{
+			Name: i.UserName,
+		},
+	}
+	if i.LoginProfile != nil {
+		iamLoginProfileConfig.PasswordResetRequired = i.LoginProfile.PasswordResetRequired
+	}
+
 	// add aws_iam_user_login_profile
 	resourceConfigs = append(resourceConfigs, AWSResourceConfig{
 		Type:     IamUserLoginProfile,
 		Name:     i.UserName,
 		Metadata: i.AWSCloudFormationMetadata,
-		Resource: IamUserLoginProfileConfig{
-			Config: Config{
-				Name: i.UserName,
-			},
-			PasswordResetRequired: i.LoginProfile.PasswordResetRequired,
-		},
+		Resource: iamLoginProfileConfig,
 	})
 
 	// add aws_iam_user_policy