cloudquery · candiduslynx · Aug 12, 2022 · Aug 10, 2022 · Aug 10, 2022 · Aug 10, 2022
@@ -51,6 +51,8 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/glue"
 	"github.com/aws/aws-sdk-go-v2/service/guardduty"
 	"github.com/aws/aws-sdk-go-v2/service/iam"
+	"github.com/aws/aws-sdk-go-v2/service/inspector"
+	"github.com/aws/aws-sdk-go-v2/service/inspector2"
 	"github.com/aws/aws-sdk-go-v2/service/iot"
 	"github.com/aws/aws-sdk-go-v2/service/kinesis"
 	"github.com/aws/aws-sdk-go-v2/service/kms"
@@ -159,6 +161,8 @@ type Services struct {
 	Glue                   GlueClient
 	GuardDuty              GuardDutyClient
 	IAM                    IamClient
+	Inspector              InspectorClient
+	InspectorV2            InspectorV2Client
 	IOT                    IOTClient
 	Kinesis                KinesisClient
 	KMS                    KmsClient
@@ -660,6 +664,8 @@ func initServices(region string, c aws.Config) Services {
 		Glue:                   glue.NewFromConfig(awsCfg),
 		GuardDuty:              guardduty.NewFromConfig(awsCfg),
 		IAM:                    iam.NewFromConfig(awsCfg),
+		Inspector:              inspector.NewFromConfig(awsCfg),
+		InspectorV2:            inspector2.NewFromConfig(awsCfg),
 		IOT:                    iot.NewFromConfig(awsCfg),
 		Kinesis:                kinesis.NewFromConfig(awsCfg),
 		KMS:                    kms.NewFromConfig(awsCfg),

@@ -2,7 +2,6 @@ package client
 
 import (
 	"context"
-	"io/ioutil"
 	"log"
 	"os"
 	"reflect"
@@ -194,7 +193,7 @@ func (m mockAssumeRole) AssumeRole(ctx context.Context, params *sts.AssumeRoleIn
 func Test_Configure(t *testing.T) {
 	ctx := context.Background()
 	logger := hclog.New(&hclog.LoggerOptions{})
-	f, err := ioutil.TempFile("", "")
+	f, err := os.CreateTemp("", "")
 	if err != nil {
 		log.Fatal(err)
 	}

@@ -41,6 +41,8 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/glue"
 	"github.com/aws/aws-sdk-go-v2/service/guardduty"
 	"github.com/aws/aws-sdk-go-v2/service/iam"
+	"github.com/aws/aws-sdk-go-v2/service/inspector"
+	"github.com/aws/aws-sdk-go-v2/service/inspector2"
 	"github.com/aws/aws-sdk-go-v2/service/iot"
 	"github.com/aws/aws-sdk-go-v2/service/kinesis"
 	"github.com/aws/aws-sdk-go-v2/service/kms"
@@ -481,6 +483,17 @@ type IamClient interface {
 	GetAccountSummary(ctx context.Context, params *iam.GetAccountSummaryInput, optFns ...func(*iam.Options)) (*iam.GetAccountSummaryOutput, error)
 }
 
+//go:generate mockgen -package=mocks -destination=./moc—ks/inspector.go . InspectorClient
+type InspectorClient interface {
+	ListFindings(ctx context.Context, params *inspector.ListFindingsInput, optFns ...func(*inspector.Options)) (*inspector.ListFindingsOutput, error)
+	DescribeFindings(ctx context.Context, params *inspector.DescribeFindingsInput, optFns ...func(*inspector.Options)) (*inspector.DescribeFindingsOutput, error)
+}
+
+//go:generate mockgen -package=mocks -destination=./mocks/inspector_v2.go . InspectorV2Client
+type InspectorV2Client interface {
+	ListFindings(ctx context.Context, params *inspector2.ListFindingsInput, optFns ...func(*inspector2.Options)) (*inspector2.ListFindingsOutput, error)
+}
+
 //go:generate mockgen -package=mocks -destination=./mocks/mock_iot.go . IOTClient
 type IOTClient interface {
 	DescribeBillingGroup(ctx context.Context, params *iot.DescribeBillingGroupInput, optFns ...func(*iot.Options)) (*iot.DescribeBillingGroupOutput, error)

@@ -0,0 +1,14 @@
+
+# Table: aws_inspector2_finding_resources
+Details about the resource involved in a finding
+## Columns
+| Name        | Type           | Description  |
+| ------------- | ------------- | -----  |
+|finding_cq_id|uuid|Unique CloudQuery ID of aws_inspector2_findings table (FK)|
+|id|text|The ID of the resource|
+|type|text|The type of resource|
+|aws_ec2_instance|jsonb|An object that contains details about the Amazon EC2 instance involved in the finding|
+|aws_ecr_container_image|jsonb|An object that contains details about the Amazon ECR container image involved in the finding|
+|partition|text|The partition of the resource|
+|region|text|The Amazon Web Services Region the impacted resource is located in|
+|tags|jsonb|The tags attached to the resource|
@@ -0,0 +1,24 @@
+
+# Table: aws_inspector2_findings
+Details about an Amazon Inspector finding
+## Columns
+| Name        | Type           | Description  |
+| ------------- | ------------- | -----  |
+|arn|text|The Amazon Resource Name (ARN) of the finding|
+|region|text|The AWS Region of the resource|
+|account_id|text|The Amazon Web Services account ID associated with the finding|
+|description|text|The description of the finding|
+|finding_arn|text|The Amazon Resource Number (ARN) of the finding|
+|first_observed_at|timestamp without time zone|The date and time that the finding was first observed|
+|last_observed_at|timestamp without time zone|The date and time that the finding was last observed|
+|remediation_recommendation_text|text|The recommended course of action to remediate the finding|
+|remediation_recommendation_url|text|The URL address to the CVE remediation recommendations|
+|severity|text|The severity of the finding|
+|status|text|The status of the finding|
+|type|text|The type of the finding|
+|inspector_score|float|The Amazon Inspector score given to the finding|
+|inspector_score_details|jsonb|An object that contains details of the Amazon Inspector score|
+|network_reachability_details|jsonb|An object that contains the details of a network reachability finding|
+|package_vulnerability_details|jsonb|An object that contains the details of a package vulnerability finding|
+|title|text|The title of the finding|
+|updated_at|timestamp without time zone|The date and time the finding was last updated at|
@@ -0,0 +1,26 @@
+
+# Table: aws_inspector_findings
+Contains information about an Amazon Inspector finding
+## Columns
+| Name        | Type           | Description  |
+| ------------- | ------------- | -----  |
+|account_id|text|The AWS Account ID of the resource|
+|region|text|The AWS Region of the resource|
+|arn|text|The ARN that specifies the finding|
+|attributes|jsonb|The system-defined attributes for the finding|
+|created_at|timestamp without time zone|The time when the finding was generated|
+|updated_at|timestamp without time zone|The time when AddAttributesToFindings is called|
+|user_attributes|jsonb|The user-defined attributes that are assigned to the finding|
+|asset_attributes|jsonb|A collection of attributes of the host from which the finding is generated|
+|asset_type|text|The type of the host from which the finding is generated|
+|confidence|bigint|This data element is currently not used|
+|description|text|The description of the finding|
+|id|text|The ID of the finding|
+|indicator_of_compromise|boolean|This data element is currently not used|
+|numeric_severity|float|The numeric value of the finding severity|
+|recommendation|text|The recommendation for the finding|
+|schema_version|bigint|The schema version of this data type|
+|service|text|The data element is set to "Inspector"|
+|service_attributes|jsonb|This data type is used in the Finding data type|
+|severity|text|The finding severity|
+|title|text|The name of the finding|
@@ -3,7 +3,7 @@ module github.com/cloudquery/cq-provider-aws
 go 1.18
 
 require (
-	github.com/aws/aws-sdk-go-v2 v1.16.8
+	github.com/aws/aws-sdk-go-v2 v1.16.10
 	github.com/aws/aws-sdk-go-v2/config v1.15.14
 	github.com/aws/aws-sdk-go-v2/credentials v1.12.9
 	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.20
@@ -42,6 +42,8 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/fsx v1.24.2
 	github.com/aws/aws-sdk-go-v2/service/guardduty v1.14.1
 	github.com/aws/aws-sdk-go-v2/service/iam v1.18.8
+	github.com/aws/aws-sdk-go-v2/service/inspector v1.12.11
+	github.com/aws/aws-sdk-go-v2/service/inspector2 v1.7.3
 	github.com/aws/aws-sdk-go-v2/service/iot v1.25.4
 	github.com/aws/aws-sdk-go-v2/service/kinesis v1.15.9
 	github.com/aws/aws-sdk-go-v2/service/kms v1.17.4
@@ -68,7 +70,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/wafv2 v1.20.4
 	github.com/aws/aws-sdk-go-v2/service/workspaces v1.19.1
 	github.com/aws/aws-sdk-go-v2/service/xray v1.13.8
-	github.com/aws/smithy-go v1.12.0
+	github.com/aws/smithy-go v1.12.1
 	github.com/basgys/goxml2json v1.1.0
 	github.com/bxcodec/faker v2.0.1+incompatible
 	github.com/cloudquery/cq-gen v0.0.8
@@ -106,8 +108,8 @@ require (
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.8 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.11 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15 // indirect
 	github.com/aws/aws-sdk-go-v2/service/athena v1.16.0
 	github.com/aws/aws-sdk-go-v2/service/backup v1.16.3

@@ -56,8 +56,9 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6
 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
 github.com/aws/aws-sdk-go-v2 v1.16.6/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
 github.com/aws/aws-sdk-go-v2 v1.16.7/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
-github.com/aws/aws-sdk-go-v2 v1.16.8 h1:gOe9UPR98XSf7oEJCcojYg+N2/jCRm4DdeIsP85pIyQ=
 github.com/aws/aws-sdk-go-v2 v1.16.8/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
+github.com/aws/aws-sdk-go-v2 v1.16.10 h1:+yDD0tcuHRQZgqONkpDwzepqmElQaSlFPymHRHR9mrc=
+github.com/aws/aws-sdk-go-v2 v1.16.10/go.mod h1:WTACcleLz6VZTp7fak4EO5b9Q4foxbn+8PIz3PmyKlo=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 h1:S/ZBwevQkr7gv5YxONYpGQxlMFFYSRfz3RMcjsC9Qhk=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3/go.mod h1:gNsR5CaXKmQSSzrmGxmwmct/r+ZBfbxorAuXYsj/M5Y=
 github.com/aws/aws-sdk-go-v2/config v1.15.14 h1:+BqpqlydTq4c2et9Daury7gE+o67P4lbk7eybiCBNc4=
@@ -70,12 +71,14 @@ github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.20 h1:J7/+NFr8N7ebaC/Khie8
 github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.20/go.mod h1:IOgK2DAat3WO2qAaPmIzTdF+QqL18samL3dqZdjRBZI=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.13/go.mod h1:wLLesU+LdMZDM3U0PP9vZXJW39zmD/7L4nY2pSrYZ/g=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14/go.mod h1:kdjrMwHwrC3+FsKhNcCMJ7tUVj/8uSD5CZXeQ4wV6fM=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15 h1:bx5F2mr6H6FC7zNIQoDoUr8wEKnvmwRncujT3FYRtic=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15/go.mod h1:pWrr2OoHlT7M/Pd2y4HV3gJyPb3qj5qMmnPkKSNPYK4=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.17 h1:U8DZvyFFesBmK62dYC6BRXm4Cd/wPP3aPcecu3xv/F4=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.17/go.mod h1:6qtGip7sJEyvgsLjphRZWF9qPe3xJf1mL/MM01E35Wc=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.7/go.mod h1:93Uot80ddyVzSl//xEJreNKMhxntr71WtR3v/A1cRYk=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8/go.mod h1:ZIV8GYoC6WLBW5KGs+o4rsc65/ozd+eQ0L31XF5VDwk=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9 h1:5sbyznZC2TeFpa4fvtpvpcGbzeXEEs1l1Jo51ynUNsQ=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9/go.mod h1:08tUpeSGN33QKSO7fwxXczNfiwCpbj+GxK6XKwqWVv0=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.11 h1:GMp98usVW5tzQhxd26KWhoNQPlR2noIlfbzqjVGBhLU=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.11/go.mod h1:cYAfnB+9ZkmZWpQWmPDsuIGm4EA+6k2ZVtxKjw/XJBY=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15 h1:QquxR7NH3ULBsKC+NoTpilzbKKS+5AELfNREInbhvas=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15/go.mod h1:Tkrthp/0sNBShQQsamR7j/zY4p19tVTAs+nnqhH6R3c=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.5 h1:tEEHn+PGAxRVqMPEhtU8oCSW/1Ge3zP5nUgPrGQNUPs=
@@ -156,6 +159,10 @@ github.com/aws/aws-sdk-go-v2/service/guardduty v1.14.1 h1:5bWqv1hwsELtYvmBpuOtOm
 github.com/aws/aws-sdk-go-v2/service/guardduty v1.14.1/go.mod h1:zeMwk8nXD/85ck1aCJs82TXj+QZcT4wNWmdU62+h9LM=
 github.com/aws/aws-sdk-go-v2/service/iam v1.18.8 h1:MYOkrSNwOUokctOnhGUNM9J/yNu87roEmdKcJ74d4eA=
 github.com/aws/aws-sdk-go-v2/service/iam v1.18.8/go.mod h1:xXYmwG+PAIuS9smWCqQ/YwVTGnDmw1K1Q796xVS96Ls=
+github.com/aws/aws-sdk-go-v2/service/inspector v1.12.11 h1:F71zQZGfbQlCEpvnZuF078NapUF9JyuowK1f4jg5YHA=
+github.com/aws/aws-sdk-go-v2/service/inspector v1.12.11/go.mod h1:P2FIUk9XTrgMYaBRR7FIKG1n8+MldC8TEjrB/9xYydU=
+github.com/aws/aws-sdk-go-v2/service/inspector2 v1.7.3 h1:wBMnRaQBlPu8aGTllfMhemDnOzYdhawOt+AsGaKqegU=
+github.com/aws/aws-sdk-go-v2/service/inspector2 v1.7.3/go.mod h1:eANO6mqiwJtCyp/fJ598J5OVMTxv6ocb3T+oRzBsoNQ=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3 h1:4n4KCtv5SUoT5Er5XV41huuzrCqepxlW3SDI9qHQebc=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3/go.mod h1:gkb2qADY+OHaGLKNTYxMaQNacfeyQpZ4csDTQMeFmcw=
 github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.9 h1:gVv2vXOMqJeR4ZHHV32K7LElIJIIzyw/RU1b0lSfWTQ=
@@ -226,8 +233,9 @@ github.com/aws/aws-sdk-go-v2/service/workspaces v1.19.1 h1:9RPddc77OH7e7JNYlUyZd
 github.com/aws/aws-sdk-go-v2/service/workspaces v1.19.1/go.mod h1:osYwY68aqK2yF7/uBKhf6TTT9PP1h2lpaHBMwku4OiA=
 github.com/aws/aws-sdk-go-v2/service/xray v1.13.8 h1:dUvwdvAQT1CGzJZkM6k7WOK8DqKgHAJIPndcU6wWKMU=
 github.com/aws/aws-sdk-go-v2/service/xray v1.13.8/go.mod h1:7lySrwul/Rp89ZBnZqSiALFosEFiYyLvBR32ze0DUPI=
-github.com/aws/smithy-go v1.12.0 h1:gXpeZel/jPoWQ7OEmLIgCUnhkFftqNfwWUwAHSlp1v0=
 github.com/aws/smithy-go v1.12.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
+github.com/aws/smithy-go v1.12.1 h1:yQRC55aXN/y1W10HgwHle01DRuV9Dpf31iGkotjt3Ag=
+github.com/aws/smithy-go v1.12.1/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
 github.com/basgys/goxml2json v1.1.0 h1:4ln5i4rseYfXNd86lGEB+Vi652IsIXIvggKM/BhUKVw=
 github.com/basgys/goxml2json v1.1.0/go.mod h1:wH7a5Np/Q4QoECFIU8zTQlZwZkrilY0itPfecMw41Dw=
 github.com/bitly/go-simplejson v0.5.0 h1:6IH+V8/tVMab511d5bn4M7EwGXZf9Hj6i2xSwkNEM+Y=

@@ -41,6 +41,8 @@ import (
 	"github.com/cloudquery/cq-provider-aws/resources/services/glue"
 	"github.com/cloudquery/cq-provider-aws/resources/services/guardduty"
 	"github.com/cloudquery/cq-provider-aws/resources/services/iam"
+	"github.com/cloudquery/cq-provider-aws/resources/services/inspector"
+	"github.com/cloudquery/cq-provider-aws/resources/services/inspector2"
 	"github.com/cloudquery/cq-provider-aws/resources/services/iot"
 	"github.com/cloudquery/cq-provider-aws/resources/services/kinesis"
 	"github.com/cloudquery/cq-provider-aws/resources/services/kms"
@@ -197,6 +199,8 @@ func Provider() *provider.Provider {
 			"iam.server_certificates":                 iam.IamServerCertificates(),
 			"iam.users":                               iam.IamUsers(),
 			"iam.virtual_mfa_devices":                 iam.IamVirtualMfaDevices(),
+			"inspector.findings":                      inspector.Findings(),
+			"inspector2.findings":                     inspector2.Findings(),
 			"iot.billing_groups":                      iot.IotBillingGroups(),
 			"iot.ca_certificates":                     iot.IotCaCertificates(),
 			"iot.certificates":                        iot.IotCertificates(),