/
config_service.go
88 lines (74 loc) · 2.71 KB
/
config_service.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package resources
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/configservice"
"github.com/gruntwork-io/cloud-nuke/config"
"github.com/gruntwork-io/cloud-nuke/logging"
"github.com/gruntwork-io/cloud-nuke/report"
"github.com/gruntwork-io/go-commons/errors"
"github.com/pterm/pterm"
)
func (csr *ConfigServiceRule) getAll(c context.Context, configObj config.Config) ([]*string, error) {
configRuleNames := []*string{}
paginator := func(output *configservice.DescribeConfigRulesOutput, lastPage bool) bool {
for _, configRule := range output.ConfigRules {
if configObj.ConfigServiceRule.ShouldInclude(config.ResourceValue{
Name: configRule.ConfigRuleName,
}) && *configRule.ConfigRuleState == "ACTIVE" {
configRuleNames = append(configRuleNames, configRule.ConfigRuleName)
}
}
return !lastPage
}
// Pass an empty config rules input, to signify we want all config rules returned
param := &configservice.DescribeConfigRulesInput{}
err := csr.Client.DescribeConfigRulesPages(param, paginator)
if err != nil {
return nil, errors.WithStackTrace(err)
}
return configRuleNames, nil
}
func (csr *ConfigServiceRule) nukeAll(configRuleNames []string) error {
if len(configRuleNames) == 0 {
logging.Debugf("No Config service rules to nuke in region %s", csr.Region)
}
var deletedConfigRuleNames []*string
for _, configRuleName := range configRuleNames {
logging.Debug(fmt.Sprintf("Start deleting config service rule: %s", configRuleName))
_, err := csr.Client.DeleteRemediationConfiguration(&configservice.DeleteRemediationConfigurationInput{
ConfigRuleName: aws.String(configRuleName),
})
if err != nil {
pterm.Error.Println(fmt.Sprintf("Failed to delete remediation configuration w/ err %s", err))
report.Record(report.Entry{
Identifier: configRuleName,
ResourceType: "Config service rule",
Error: err,
})
continue
}
params := &configservice.DeleteConfigRuleInput{
ConfigRuleName: aws.String(configRuleName),
}
_, err = csr.Client.DeleteConfigRule(params)
if err != nil {
pterm.Error.Println(fmt.Sprintf("Failed to delete config rule w/ err %s", err))
report.Record(report.Entry{
Identifier: configRuleName,
ResourceType: "Config service rule",
Error: err,
})
}
deletedConfigRuleNames = append(deletedConfigRuleNames, aws.String(configRuleName))
logging.Debug(fmt.Sprintf("Successfully deleted config service rule: %s", configRuleName))
report.Record(report.Entry{
Identifier: configRuleName,
ResourceType: "Config service rule",
})
}
logging.Debug(
fmt.Sprintf("Completed deleting %d config service rules %s", len(deletedConfigRuleNames), csr.Region))
return nil
}