/
autoscaling.go
86 lines (69 loc) · 2.67 KB
/
autoscaling.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package ec2
import (
"fmt"
"github.com/aquasecurity/trivy/pkg/iac/providers/aws/ec2"
trivyTypes "github.com/aquasecurity/trivy/pkg/iac/types"
ec2api "github.com/aws/aws-sdk-go-v2/service/ec2"
"github.com/aws/aws-sdk-go-v2/service/ec2/types"
"github.com/aquasecurity/trivy-aws/pkg/concurrency"
)
func (a *adapter) getLaunchTemplates() ([]ec2.LaunchTemplate, error) {
a.Tracker().SetServiceLabel("Discovering launch templates...")
input := ec2api.DescribeLaunchTemplatesInput{}
var apiTemplates []types.LaunchTemplate
for {
output, err := a.client.DescribeLaunchTemplates(a.Context(), &input)
if err != nil {
return nil, err
}
apiTemplates = append(apiTemplates, output.LaunchTemplates...)
a.Tracker().SetTotalResources(len(apiTemplates))
if output.NextToken == nil {
break
}
input.NextToken = output.NextToken
}
a.Tracker().SetServiceLabel("Adapting launch templates...")
return concurrency.Adapt(apiTemplates, a.RootAdapter, a.adaptLaunchTemplate), nil
}
func (a *adapter) adaptLaunchTemplate(template types.LaunchTemplate) (*ec2.LaunchTemplate, error) {
metadata := a.CreateMetadata("launch-template/" + *template.LaunchTemplateId)
var version string
if template.DefaultVersionNumber != nil {
version = fmt.Sprintf("%d", *template.DefaultVersionNumber)
} else if template.LatestVersionNumber != nil {
version = fmt.Sprintf("%d", *template.LatestVersionNumber)
}
output, err := a.client.DescribeLaunchTemplateVersions(a.Context(), &ec2api.DescribeLaunchTemplateVersionsInput{
LaunchTemplateId: template.LaunchTemplateId,
Versions: []string{version},
})
if err != nil {
return nil, err
}
if len(output.LaunchTemplateVersions) == 0 {
return nil, fmt.Errorf("launch template not found")
}
templateData := output.LaunchTemplateVersions[0].LaunchTemplateData
instance := ec2.NewInstance(metadata)
if templateData.MetadataOptions != nil {
instance.MetadataOptions.HttpTokens = trivyTypes.StringDefault(string(templateData.MetadataOptions.HttpTokens), metadata)
instance.MetadataOptions.HttpEndpoint = trivyTypes.StringDefault(string(templateData.MetadataOptions.HttpEndpoint), metadata)
}
if templateData.BlockDeviceMappings != nil {
for _, blockMapping := range templateData.BlockDeviceMappings {
ebsDevice := &ec2.BlockDevice{
Metadata: metadata,
Encrypted: trivyTypes.BoolDefault(false, metadata),
}
if blockMapping.Ebs != nil && blockMapping.Ebs.Encrypted != nil {
ebsDevice.Encrypted = trivyTypes.BoolDefault(*blockMapping.Ebs.Encrypted, metadata)
}
instance.EBSBlockDevices = append(instance.EBSBlockDevices, ebsDevice)
}
}
return &ec2.LaunchTemplate{
Metadata: metadata,
Instance: *instance,
}, nil
}