Skip to content

Commit

Permalink
[plugins/aws][fix] Update resource insert order and dependencies (#1029)
Browse files Browse the repository at this point in the history 
* Add resource before adding edges

* Update dependencies

* Use kwargs

* Add role
  • Loading branch information
@lloesche
lloesche committed Jul 22, 2022
1 parent 377b13a commit 143dc2e
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 17 deletions.
29 changes: 17 additions & 12 deletions plugins/aws/resoto_plugin_aws/accountcollector.py
View file
Expand Up @@ -1265,10 +1265,11 @@ def collect_lambda_functions(self, region: AWSRegion, graph: Graph) -> None:

tags_response = client.list_tags(Resource=arn)
tags = tags_response.get("Tags", [])
role = function.get("Role")

lambda_function = AWSLambdaFunction(
arn,
tags,
lf = AWSLambdaFunction(
id=arn,
tags=tags,
account=self.account,
region=region,
name=name,
Expand All @@ -1277,32 +1278,36 @@ def collect_lambda_functions(self, region: AWSRegion, graph: Graph) -> None:
code_size=function["CodeSize"],
memory_size=function["MemorySize"],
mtime=function["LastModified"],
role=function.get("Role"),
role=role,
kms_key_arn=function.get("KmsKeyArn"),
)
graph.add_resource(region, lf)

vpc_config = function.get("VpcConfig", {})

vpc_id = vpc_config.get("VpcId")
if vpc_id:
vpc = graph.search_first("id", vpc_id)
if vpc:
graph.add_edge(vpc, lambda_function)
graph.add_edge(vpc, lambda_function, edge_type=EdgeType.delete)
graph.add_edge(vpc, lf)
graph.add_edge(vpc, lf, edge_type=EdgeType.delete)

for subnet_id in vpc_config.get("SubnetIds", {}):
subnet = graph.search_first("id", subnet_id)
if subnet:
graph.add_edge(subnet, lambda_function)
graph.add_edge(subnet, lambda_function, edge_type=EdgeType.delete)
graph.add_edge(subnet, lf)
graph.add_edge(subnet, lf, edge_type=EdgeType.delete)

for security_group_id in vpc_config.get("SecurityGroupIds", {}):
security_group = graph.search_first("id", security_group_id)
if security_group:
graph.add_edge(security_group, lambda_function)
graph.add_edge(security_group, lambda_function, edge_type=EdgeType.delete)
graph.add_edge(security_group, lf)
graph.add_edge(security_group, lf, edge_type=EdgeType.delete)

graph.add_resource(region, lambda_function)
if role:
log.debug(f"Queuing deferred connection from role {role} to {lf.rtdname}")
lf.add_deferred_connection({"arn": role})
lf.add_deferred_connection({"arn": role}, edge_type=EdgeType.delete)

@metrics_collect_autoscaling_groups.time() # type: ignore
def collect_autoscaling_groups(self, region: AWSRegion, graph: Graph) -> None:
Expand Down Expand Up @@ -2118,7 +2123,7 @@ def collect_eks_clusters(self, region: AWSRegion, graph: Graph) -> None:
log.debug(f"Found {c.rtdname} in account {self.account.dname} region {region.id}")
if "roleArn" in cluster:
log.debug(f"Queuing deferred connection from role {cluster['roleArn']} to {c.rtdname}")
c.add_deferred_connection({"arn": cluster["roleArn"]}, parent=False)
c.add_deferred_connection({"arn": cluster["roleArn"]})
c.add_deferred_connection({"arn": cluster["roleArn"]}, edge_type=EdgeType.delete)
graph.add_resource(region, c)
self.get_eks_nodegroups(region, graph, c)
Expand Down
19 changes: 14 additions & 5 deletions plugins/aws/resoto_plugin_aws/resources.py
View file
Expand Up @@ -199,7 +199,7 @@ class AWSLambdaFunction(AWSResource, BaseServerlessFunction):
kind: ClassVar[str] = "aws_lambda_function"
successor_kinds: ClassVar[Dict[str, List[str]]] = {
"default": [],
"delete": ["aws_lambda_function"],
"delete": [],
}

role: Optional[str] = None
Expand Down Expand Up @@ -376,13 +376,15 @@ class AWSEC2Subnet(AWSResource, BaseSubnet):
"aws_ec2_network_acl",
"aws_ec2_nat_gateway",
"aws_alb",
"aws_lambda_function",
],
"delete": [
"aws_vpc_endpoint",
"aws_rds_instance",
"aws_elb",
"aws_ec2_network_interface",
"aws_alb",
"aws_lambda_function",
],
}
}
Expand Down Expand Up @@ -465,6 +467,7 @@ class AWSVPC(AWSResource, BaseNetwork):
"aws_ec2_nat_gateway",
"aws_ec2_internet_gateway",
"aws_alb_target_group",
"aws_lambda_function",
],
"delete": [
"aws_vpc_peering_connection",
Expand All @@ -479,6 +482,7 @@ class AWSVPC(AWSResource, BaseNetwork):
"aws_ec2_nat_gateway",
"aws_ec2_internet_gateway",
"aws_alb_target_group",
"aws_lambda_function",
],
}
}
Expand Down Expand Up @@ -774,8 +778,13 @@ class AWSEC2SecurityGroup(AWSResource, BaseSecurityGroup):
"aws_rds_instance",
"aws_elb",
"aws_ec2_network_interface",
"aws_lambda_function",
],
"delete": [
"aws_vpc_endpoint",
"aws_rds_instance",
"aws_lambda_function",
],
"delete": ["aws_vpc_endpoint", "aws_rds_instance"],
}
}

Expand Down Expand Up @@ -1052,8 +1061,8 @@ class AWSIAMRole(AWSResource, BaseRole):
kind: ClassVar[str] = "aws_iam_role"
reference_kinds: ClassVar[ModelReference] = {
"successors": {
"default": ["aws_iam_policy", "aws_iam_instance_profile"],
"delete": ["aws_iam_policy", "aws_iam_instance_profile", "aws_eks_cluster"],
"default": ["aws_iam_policy", "aws_iam_instance_profile", "aws_eks_cluster", "aws_lambda_function"],
"delete": ["aws_iam_policy", "aws_iam_instance_profile", "aws_eks_cluster", "aws_lambda_function"],
}
}

Expand Down Expand Up @@ -1249,7 +1258,7 @@ class AWSEKSCluster(AWSResource, BaseResource):
kind: ClassVar[str] = "aws_eks_cluster"
reference_kinds: ClassVar[ModelReference] = {
"successors": {
"default": ["aws_iam_role", "aws_eks_nodegroup"],
"default": ["aws_eks_nodegroup"],
"delete": ["aws_eks_nodegroup"],
}
}
Expand Down

0 comments on commit 143dc2e

Please sign in to comment.