feat(CG-1339): add kms connection to ebs snapshot

cloudgraphdev · Mar 6, 2023 · beac5fd · beac5fd
1 parent a446229
commit beac5fd
Show file tree

Hide file tree

Showing 5 changed files with 70 additions and 3 deletions.
diff --git a/src/services/ebs/connections.ts b/src/services/ebs/connections.ts
@@ -1,6 +1,6 @@
 import isEmpty from 'lodash/isEmpty'
 
-import EC2, {
+import {
   Volume,
   Snapshot,
   TagList,
@@ -10,7 +10,6 @@ import { ServiceConnection } from '@cloudgraph/sdk'
 
 import services from '../../enums/services'
 
-
 /**
  * EBS
  */
@@ -34,7 +33,6 @@ export default ({
     const {
       VolumeId: id,
       SnapshotId: snapshotId,
-      Tags: tags,
     } = volume
 
     /**

diff --git a/src/services/ebsSnapshot/connections.ts b/src/services/ebsSnapshot/connections.ts
@@ -0,0 +1,64 @@
+import isEmpty from 'lodash/isEmpty'
+
+import {
+  Snapshot,
+  TagList,
+} from 'aws-sdk/clients/ec2'
+
+import { ServiceConnection } from '@cloudgraph/sdk'
+
+import services from '../../enums/services'
+
+
+/**
+ * EBS Snapshot
+ */
+
+export default ({
+    service: snapshot,
+    data,
+    region,
+    account,
+  }: {
+    account: string
+    data: { name: string; data: { [property: string]: any[] } }[]
+    service: Snapshot & {
+      region: string
+      Tags?: TagList
+    }
+    region: string
+}): { [key: string]: ServiceConnection[] } => {
+    const connections: ServiceConnection[] = []
+
+    const {
+      SnapshotId: id,
+      KmsKeyId: kmsKeyId,
+    } = snapshot
+
+    /**
+     * Find KMS
+     * related to the cloudTrail
+     */
+    const kmsKeys = data.find(({ name }) => name === services.kms)
+    if (kmsKeys?.data?.[region]) {
+      const kmsKeyInRegion = kmsKeys.data[region].filter(
+        kmsKey => kmsKey.Arn === kmsKeyId
+      )
+
+      if (!isEmpty(kmsKeyInRegion)) {
+        for (const kms of kmsKeyInRegion) {
+          connections.push({
+            id: kms.KeyId,
+            resourceType: services.kms,
+            relation: 'child',
+            field: 'kms',
+          })
+        }
+      }
+    }
+
+    const snapshotResult = {
+      [id]: connections,
+    }
+    return snapshotResult
+}
diff --git a/src/services/ebsSnapshot/index.ts b/src/services/ebsSnapshot/index.ts
@@ -2,12 +2,15 @@ import { Service } from '@cloudgraph/sdk'
 import BaseService from '../base'
 import format from './format'
 import getData from './data'
+import getConnections from './connections'
 import mutation from './mutation'
 
 export default class EBSSnapshot extends BaseService implements Service {
   format = format.bind(this)
 
   getData = getData.bind(this)
 
+  getConnections = getConnections.bind(this)
+
   mutation = mutation
 }
diff --git a/src/services/ebsSnapshot/schema.graphql b/src/services/ebsSnapshot/schema.graphql
@@ -17,6 +17,7 @@ type awsEbsSnapshot implements awsBaseService @key(fields: "arn") {
   storageTier: String @search(by: [hash, regexp])
   restoreExpiryTime: String @search(by: [hash, regexp])
   ebs: [awsEbs] @hasInverse(field: ebsSnapshots)
+  kms: [awsKms] @hasInverse(field: ebsSnapshots)
 }
 
 type awsEbsPermission

diff --git a/src/services/kms/schema.graphql b/src/services/kms/schema.graphql
@@ -52,4 +52,5 @@ type awsKms implements awsBaseService @key(fields: "id") {
   rdsDbInstance: [awsRdsDbInstance] @hasInverse(field: kms)
   managedAirflows: [awsManagedAirflow] @hasInverse(field: kms)
   s3: [awsS3] @hasInverse(field: kms)
+  ebsSnapshots: [awsEbsSnapshot] @hasInverse(field: kms)
 }