This repository has been archived by the owner on Aug 16, 2022. It is now read-only.
/
subscriptions.go
148 lines (143 loc) · 6.17 KB
/
subscriptions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
package shield
import (
"context"
"github.com/aws/aws-sdk-go-v2/service/shield"
"github.com/aws/aws-sdk-go-v2/service/shield/types"
"github.com/cloudquery/cq-provider-aws/client"
"github.com/cloudquery/cq-provider-sdk/provider/diag"
"github.com/cloudquery/cq-provider-sdk/provider/schema"
)
//go:generate cq-gen --resource subscriptions --config gen.hcl --output .
func Subscriptions() *schema.Table {
return &schema.Table{
Name: "aws_shield_subscriptions",
Description: "Information about the Shield Advanced subscription for an account",
Resolver: fetchShieldSubscriptions,
Multiplex: client.AccountMultiplex,
IgnoreError: client.IgnoreAccessDeniedServiceDisabled,
DeleteFilter: client.DeleteAccountFilter,
Options: schema.TableCreationOptions{PrimaryKeys: []string{"arn"}},
IgnoreInTests: true,
Columns: []schema.Column{
{
Name: "account_id",
Description: "The AWS Account ID of the resource.",
Type: schema.TypeString,
Resolver: client.ResolveAWSAccount,
},
{
Name: "protection_group_limits_max_protection_groups",
Description: "The maximum number of protection groups that you can have at one time",
Type: schema.TypeInt,
Resolver: resolveSubscriptionsProtectionGroupLimitsMaxProtectionGroups,
},
{
Name: "protection_group_limits_arbitrary_pattern_limits_max_members",
Description: "The maximum number of resources you can specify for a single arbitrary pattern in a protection group",
Type: schema.TypeInt,
Resolver: resolveSubscriptionsProtectionGroupLimitsArbitraryPatternLimitsMaxMembers,
},
{
Name: "protected_resource_type_limits",
Description: "The maximum number of resource types that you can specify in a protection",
Type: schema.TypeJSON,
Resolver: resolveSubscriptionsProtectedResourceTypeLimits,
},
{
Name: "auto_renew",
Description: "If ENABLED, the subscription will be automatically renewed at the end of the existing subscription period",
Type: schema.TypeString,
},
{
Name: "end_time",
Description: "The date and time your subscription will end",
Type: schema.TypeTimestamp,
},
{
Name: "limits",
Description: "Specifies how many protections of a given type you can create",
Type: schema.TypeJSON,
Resolver: resolveSubscriptionsLimits,
},
{
Name: "proactive_engagement_status",
Description: "If ENABLED, the Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support",
Type: schema.TypeString,
},
{
Name: "start_time",
Description: "The start time of the subscription, in Unix time in seconds",
Type: schema.TypeTimestamp,
},
{
Name: "arn",
Description: "The ARN (Amazon Resource Name) of the subscription",
Type: schema.TypeString,
Resolver: schema.PathResolver("SubscriptionArn"),
},
{
Name: "time_commitment_in_seconds",
Description: "The length, in seconds, of the Shield Advanced subscription for the account",
Type: schema.TypeInt,
Resolver: resolveSubscriptionsTimeCommitmentInSeconds,
},
},
}
}
// ====================================================================================================================
// Table Resolver Functions
// ====================================================================================================================
func fetchShieldSubscriptions(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan<- interface{}) error {
c := meta.(*client.Client)
svc := c.Services().Shield
config := shield.DescribeSubscriptionInput{}
output, err := svc.DescribeSubscription(ctx, &config)
if err != nil {
if c.IsNotFoundError(err) {
return nil
}
return diag.WrapError(err)
}
res <- output.Subscription
return nil
}
func resolveSubscriptionsProtectionGroupLimitsMaxProtectionGroups(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
r := resource.Item.(*types.Subscription)
if r.SubscriptionLimits == nil || r.SubscriptionLimits.ProtectionGroupLimits == nil {
return nil
}
return diag.WrapError(resource.Set(c.Name, int32(r.SubscriptionLimits.ProtectionGroupLimits.MaxProtectionGroups)))
}
func resolveSubscriptionsProtectionGroupLimitsArbitraryPatternLimitsMaxMembers(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
r := resource.Item.(*types.Subscription)
if r.SubscriptionLimits == nil ||
r.SubscriptionLimits.ProtectionGroupLimits == nil ||
r.SubscriptionLimits.ProtectionGroupLimits.PatternTypeLimits == nil ||
r.SubscriptionLimits.ProtectionGroupLimits.PatternTypeLimits.ArbitraryPatternLimits == nil {
return nil
}
return diag.WrapError(resource.Set(c.Name, int32(r.SubscriptionLimits.ProtectionGroupLimits.PatternTypeLimits.ArbitraryPatternLimits.MaxMembers)))
}
func resolveSubscriptionsProtectedResourceTypeLimits(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
r := resource.Item.(*types.Subscription)
json := make(map[string]interface{})
if r.SubscriptionLimits == nil || r.SubscriptionLimits.ProtectionLimits == nil {
return nil
}
for _, l := range r.SubscriptionLimits.ProtectionLimits.ProtectedResourceTypeLimits {
json[*l.Type] = l.Max
}
return diag.WrapError(resource.Set(c.Name, json))
}
func resolveSubscriptionsLimits(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
r := resource.Item.(*types.Subscription)
json := make(map[string]interface{})
for _, l := range r.SubscriptionLimits.ProtectionLimits.ProtectedResourceTypeLimits {
json[*l.Type] = l.Max
}
return diag.WrapError(resource.Set(c.Name, json))
}
func resolveSubscriptionsTimeCommitmentInSeconds(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
r := resource.Item.(*types.Subscription)
return diag.WrapError(resource.Set(c.Name, int32(r.TimeCommitmentInSeconds)))
}