vpc endpoints implementation (#59)

* vpc endpoints implementation

Co-authored-by: Andrii Romanenko <arforgethedev@gmail.com>

client/config.go

@@ -55,6 +55,7 @@ const DefaultConfigYaml = `
       - name: ec2.transit_gateways
       - name: ec2.vpc_peering_connections
       - name: ec2.vpcs
+      - name: ec2.vpc_endpoints
       - name: ecs.clusters
       - name: ecr.repositories
       - name: efs.filesystems

client/mocks/builders_test.go

@@ -557,6 +557,21 @@ func buildEc2Vpcs(t *testing.T, ctrl *gomock.Controller) client.Services {
 	}
 }
 
+func buildEc2VpcEndpoints(t *testing.T, ctrl *gomock.Controller) client.Services {
+	m := mocks.NewMockEc2Client(ctrl)
+	e := ec2Types.VpcEndpoint{}
+	if err := faker.FakeData(&e); err != nil {
+		t.Fatal(err)
+	}
+	m.EXPECT().DescribeVpcEndpoints(gomock.Any(), gomock.Any(), gomock.Any()).Return(
+		&ec2.DescribeVpcEndpointsOutput{
+			VpcEndpoints: []ec2Types.VpcEndpoint{e},
+		}, nil)
+	return client.Services{
+		EC2: m,
+	}
+}
+
 func buildEc2VpcsPeeringConnections(t *testing.T, ctrl *gomock.Controller) client.Services {
 	m := mocks.NewMockEc2Client(ctrl)
 	l := ec2Types.VpcPeeringConnection{}

client/mocks/mock_test.go

@@ -351,6 +351,12 @@ func TestResources(t *testing.T) {
 			mockBuilder:        buildCloudfrontCachePoliciesMock,
 			verifyEmptyColumns: true,
 		},
+		{
+			resource:           "ec2.vpc_endpoints",
+			mainTable:          resources.Ec2VpcEndpoints(),
+			mockBuilder:        buildEc2VpcEndpoints,
+			verifyEmptyColumns: true,
+		},
 	}
 	for _, tc := range testResourcesTable {
 		t.Run(tc.resource, func(t *testing.T) {

client/services.go

@@ -80,6 +80,7 @@ type Ec2Client interface {
 	DescribeVpcPeeringConnections(ctx context.Context, params *ec2.DescribeVpcPeeringConnectionsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeVpcPeeringConnectionsOutput, error)
 	DescribeVolumes(ctx context.Context, params *ec2.DescribeVolumesInput, optFns ...func(*ec2.Options)) (*ec2.DescribeVolumesOutput, error)
 	DescribeVpcs(ctx context.Context, params *ec2.DescribeVpcsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeVpcsOutput, error)
+	DescribeVpcEndpoints(ctx context.Context, params *ec2.DescribeVpcEndpointsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeVpcEndpointsOutput, error)
 }
 
 type EcrClient interface {

resources/ec2_vpc_endpoints.go

@@ -0,0 +1,191 @@
+package resources
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/ec2"
+	"github.com/aws/aws-sdk-go-v2/service/ec2/types"
+	"github.com/cloudquery/cq-provider-aws/client"
+	"github.com/cloudquery/cq-provider-sdk/provider/schema"
+)
+
+func Ec2VpcEndpoints() *schema.Table {
+	return &schema.Table{
+		Name:         "aws_ec2_vpc_endpoints",
+		Resolver:     fetchEc2VpcEndpoints,
+		Multiplex:    client.AccountRegionMultiplex,
+		IgnoreError:  client.IgnoreAccessDeniedServiceDisabled,
+		DeleteFilter: client.DeleteAccountRegionFilter,
+		Columns: []schema.Column{
+			{
+				Name:     "account_id",
+				Type:     schema.TypeString,
+				Resolver: client.ResolveAWSAccount,
+			},
+			{
+				Name:     "region",
+				Type:     schema.TypeString,
+				Resolver: client.ResolveAWSRegion,
+			},
+			{
+				Name: "creation_timestamp",
+				Type: schema.TypeTimestamp,
+			},
+			{
+				Name:     "last_error_code",
+				Type:     schema.TypeString,
+				Resolver: schema.PathResolver("LastError.Code"),
+			},
+			{
+				Name:     "last_error_message",
+				Type:     schema.TypeString,
+				Resolver: schema.PathResolver("LastError.Message"),
+			},
+			{
+				Name: "network_interface_ids",
+				Type: schema.TypeStringArray,
+			},
+			{
+				Name: "owner_id",
+				Type: schema.TypeString,
+			},
+			{
+				Name: "policy_document",
+				Type: schema.TypeString,
+			},
+			{
+				Name: "private_dns_enabled",
+				Type: schema.TypeBool,
+			},
+			{
+				Name: "requester_managed",
+				Type: schema.TypeBool,
+			},
+			{
+				Name: "route_table_ids",
+				Type: schema.TypeStringArray,
+			},
+			{
+				Name: "service_name",
+				Type: schema.TypeString,
+			},
+			{
+				Name: "state",
+				Type: schema.TypeString,
+			},
+			{
+				Name: "subnet_ids",
+				Type: schema.TypeStringArray,
+			},
+			{
+				Name:     "tags",
+				Type:     schema.TypeJSON,
+				Resolver: resolveEc2vpcEndpointTags,
+			},
+			{
+				Name: "vpc_endpoint_id",
+				Type: schema.TypeString,
+			},
+			{
+				Name: "vpc_endpoint_type",
+				Type: schema.TypeString,
+			},
+			{
+				Name: "vpc_id",
+				Type: schema.TypeString,
+			},
+		},
+		Relations: []*schema.Table{
+			{
+				Name:     "aws_ec2_vpc_endpoint_dns_entries",
+				Resolver: fetchEc2VpcEndpointDnsEntries,
+				Columns: []schema.Column{
+					{
+						Name:     "vpc_endpoint_id",
+						Type:     schema.TypeUUID,
+						Resolver: schema.ParentIdResolver,
+					},
+					{
+						Name: "dns_name",
+						Type: schema.TypeString,
+					},
+					{
+						Name: "hosted_zone_id",
+						Type: schema.TypeString,
+					},
+				},
+			},
+			{
+				Name:     "aws_ec2_vpc_endpoint_groups",
+				Resolver: fetchEc2VpcEndpointGroups,
+				Columns: []schema.Column{
+					{
+						Name:     "vpc_endpoint_id",
+						Type:     schema.TypeUUID,
+						Resolver: schema.ParentIdResolver,
+					},
+					{
+						Name: "group_id",
+						Type: schema.TypeString,
+					},
+					{
+						Name: "group_name",
+						Type: schema.TypeString,
+					},
+				},
+			},
+		},
+	}
+}
+
+// ====================================================================================================================
+//                                               Table Resolver Functions
+// ====================================================================================================================
+func fetchEc2VpcEndpoints(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan interface{}) error {
+	var config ec2.DescribeVpcEndpointsInput
+	c := meta.(*client.Client)
+	svc := c.Services().EC2
+	for {
+		output, err := svc.DescribeVpcEndpoints(ctx, &config, func(o *ec2.Options) {
+			o.Region = c.Region
+		})
+		if err != nil {
+			return err
+		}
+		res <- output.VpcEndpoints
+		if aws.ToString(output.NextToken) == "" {
+			break
+		}
+		config.NextToken = output.NextToken
+	}
+	return nil
+}
+func resolveEc2vpcEndpointTags(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
+	r := resource.Item.(types.VpcEndpoint)
+	tags := map[string]*string{}
+	for _, t := range r.Tags {
+		tags[*t.Key] = t.Value
+	}
+	resource.Set("tags", tags)
+	return nil
+}
+func fetchEc2VpcEndpointDnsEntries(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan interface{}) error {
+	endpoint, ok := parent.Item.(types.VpcEndpoint)
+	if !ok {
+		return fmt.Errorf("not vpc endpoint")
+	}
+	res <- endpoint.DnsEntries
+
+	return nil
+}
+func fetchEc2VpcEndpointGroups(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan interface{}) error {
+	endpoint, ok := parent.Item.(types.VpcEndpoint)
+	if !ok {
+		return fmt.Errorf("not vpc endpoint")
+	}
+	res <- endpoint.Groups
+
+	return nil
+}

resources/provider.go

@@ -32,6 +32,7 @@ func Provider() *provider.Provider {
 			"ec2.subnets":                       Ec2Subnets(),
 			"ec2.transit_gateways":              Ec2TransitGateways(),
 			"ec2.vpc_peering_connections":       Ec2VpcPeeringConnections(),
+			"ec2.vpc_endpoints":                 Ec2VpcEndpoints(),
 			"ec2.vpcs":                          Ec2Vpcs(),
 			"ec2.instances":                     Ec2Instances(),
 			"ec2.security_groups":               Ec2SecurityGroups(),