-
Notifications
You must be signed in to change notification settings - Fork 501
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(aws): Add Support For Config Rules and Compliance (#4730)
#### Summary <!-- Explain what problem this PR addresses --> <!--
- Loading branch information
Showing
10 changed files
with
289 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20 changes: 20 additions & 0 deletions
20
plugins/source/aws/docs/tables/aws_config_config_rule_compliances.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# Table: aws_config_config_rule_compliances | ||
|
||
|
||
|
||
The primary key for this table is **_cq_id**. | ||
|
||
## Relations | ||
This table depends on [aws_config_config_rules](aws_config_config_rules.md). | ||
|
||
## Columns | ||
| Name | Type | | ||
| ------------- | ------------- | | ||
|_cq_source_name|String| | ||
|_cq_sync_time|Timestamp| | ||
|_cq_id (PK)|UUID| | ||
|_cq_parent_id|UUID| | ||
|account_id|String| | ||
|region|String| | ||
|compliance|JSON| | ||
|config_rule_name|String| |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# Table: aws_config_config_rules | ||
|
||
|
||
|
||
The primary key for this table is **arn**. | ||
|
||
## Relations | ||
The following tables depend on aws_config_config_rules: | ||
- [aws_config_config_rule_compliances](aws_config_config_rule_compliances.md) | ||
|
||
## Columns | ||
| Name | Type | | ||
| ------------- | ------------- | | ||
|_cq_source_name|String| | ||
|_cq_sync_time|Timestamp| | ||
|_cq_id|UUID| | ||
|_cq_parent_id|UUID| | ||
|account_id|String| | ||
|region|String| | ||
|arn (PK)|String| | ||
|source|JSON| | ||
|config_rule_id|String| | ||
|config_rule_name|String| | ||
|config_rule_state|String| | ||
|created_by|String| | ||
|description|String| | ||
|input_parameters|String| | ||
|maximum_execution_frequency|String| | ||
|scope|JSON| |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
38 changes: 38 additions & 0 deletions
38
plugins/source/aws/resources/services/config/config_rule_compliances.go
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
30 changes: 30 additions & 0 deletions
30
plugins/source/aws/resources/services/config/config_rule_compliances_fetch.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
package config | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/aws/aws-sdk-go-v2/aws" | ||
"github.com/aws/aws-sdk-go-v2/service/configservice" | ||
"github.com/aws/aws-sdk-go-v2/service/configservice/types" | ||
"github.com/cloudquery/cloudquery/plugins/source/aws/client" | ||
"github.com/cloudquery/plugin-sdk/schema" | ||
) | ||
|
||
func fetchConfigConfigRuleCompliances(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan<- interface{}) error { | ||
ruleDetail := parent.Item.(types.ConfigRule) | ||
c := meta.(*client.Client) | ||
svc := c.Services().Configservice | ||
|
||
input := &configservice.DescribeComplianceByConfigRuleInput{ | ||
ConfigRuleNames: []string{aws.ToString(ruleDetail.ConfigRuleName)}, | ||
} | ||
p := configservice.NewDescribeComplianceByConfigRulePaginator(svc, input) | ||
for p.HasMorePages() { | ||
response, err := p.NextPage(ctx) | ||
if err != nil { | ||
return err | ||
} | ||
res <- response.ComplianceByConfigRules | ||
} | ||
return nil | ||
} |
85 changes: 85 additions & 0 deletions
85
plugins/source/aws/resources/services/config/config_rules.go
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
25 changes: 25 additions & 0 deletions
25
plugins/source/aws/resources/services/config/config_rules_fetch.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
package config | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/aws/aws-sdk-go-v2/service/configservice" | ||
"github.com/cloudquery/cloudquery/plugins/source/aws/client" | ||
"github.com/cloudquery/plugin-sdk/schema" | ||
) | ||
|
||
func fetchConfigConfigRules(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan<- interface{}) error { | ||
c := meta.(*client.Client) | ||
svc := c.Services().Configservice | ||
|
||
input := &configservice.DescribeConfigRulesInput{} | ||
p := configservice.NewDescribeConfigRulesPaginator(svc, input) | ||
for p.HasMorePages() { | ||
response, err := p.NextPage(ctx) | ||
if err != nil { | ||
return err | ||
} | ||
res <- response.ConfigRules | ||
} | ||
return nil | ||
} |
39 changes: 39 additions & 0 deletions
39
plugins/source/aws/resources/services/config/config_rules_mock_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package config | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/aws/aws-sdk-go-v2/service/configservice" | ||
"github.com/aws/aws-sdk-go-v2/service/configservice/types" | ||
"github.com/cloudquery/cloudquery/plugins/source/aws/client" | ||
"github.com/cloudquery/cloudquery/plugins/source/aws/client/mocks" | ||
"github.com/cloudquery/plugin-sdk/faker" | ||
"github.com/golang/mock/gomock" | ||
) | ||
|
||
func buildConfigRules(t *testing.T, ctrl *gomock.Controller) client.Services { | ||
m := mocks.NewMockConfigserviceClient(ctrl) | ||
l := types.ConfigRule{} | ||
if err := faker.FakeObject(&l); err != nil { | ||
t.Fatal(err) | ||
} | ||
sl := types.ComplianceByConfigRule{} | ||
if err := faker.FakeObject(&sl); err != nil { | ||
t.Fatal(err) | ||
} | ||
m.EXPECT().DescribeConfigRules(gomock.Any(), gomock.Any(), gomock.Any()).Return( | ||
&configservice.DescribeConfigRulesOutput{ | ||
ConfigRules: []types.ConfigRule{l}, | ||
}, nil) | ||
m.EXPECT().DescribeComplianceByConfigRule(gomock.Any(), gomock.Any(), gomock.Any()).Return( | ||
&configservice.DescribeComplianceByConfigRuleOutput{ | ||
ComplianceByConfigRules: []types.ComplianceByConfigRule{sl}, | ||
}, nil) | ||
return client.Services{ | ||
Configservice: m, | ||
} | ||
} | ||
|
||
func TestConfigRules(t *testing.T) { | ||
client.AwsMockTestHelper(t, ConfigRules(), buildConfigRules, client.TestOptions{}) | ||
} |