address pr feedback

cmd/aws-application-networking-k8s/main.go

@@ -120,15 +120,15 @@ func main() {
 		"DefaultServiceNetwork", config.DefaultServiceNetwork,
 		"ClusterName", config.ClusterName,
 		"LogLevel", logLevel,
-		"EnablePrivateVPC", config.EnablePrivateVPC,
+		"DisableTaggingServiceAPI", config.DisableTaggingServiceAPI,
 	)
 
 	cloud, err := aws.NewCloud(log.Named("cloud"), aws.CloudConfig{
-		VpcId:       config.VpcID,
-		AccountId:   config.AccountID,
-		Region:      config.Region,
-		ClusterName: config.ClusterName,
-		PrivateVPC:  config.EnablePrivateVPC,
+		VpcId:                     config.VpcID,
+		AccountId:                 config.AccountID,
+		Region:                    config.Region,
+		ClusterName:               config.ClusterName,
+		TaggingServiceAPIDisabled: config.DisableTaggingServiceAPI,
 	})
 	if err != nil {
 		setupLog.Fatal("cloud client setup failed: %s", err)

pkg/aws/cloud.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/request"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/vpclattice"
@@ -22,11 +21,11 @@ const (
 //go:generate mockgen -destination cloud_mocks.go -package aws github.com/aws/aws-application-networking-k8s/pkg/aws Cloud
 
 type CloudConfig struct {
-	VpcId       string
-	AccountId   string
-	Region      string
-	ClusterName string
-	PrivateVPC  bool
+	VpcId                     string
+	AccountId                 string
+	Region                    string
+	ClusterName               string
+	TaggingServiceAPIDisabled bool
 }
 
 type Cloud interface {
@@ -40,12 +39,6 @@ type Cloud interface {
 	// creates lattice tags with default values populated and merges them with provided tags
 	DefaultTagsMergedWith(services.Tags) services.Tags
 
-	// find tags on lattice resources
-	FindTagsForARNs(ctx context.Context, arns []string) (map[string]services.Tags, error)
-
-	// find lattice target group ARNs using tags
-	FindTargetGroupARNs(context.Context, services.Tags) ([]string, error)
-
 	// check if managedBy tag set for lattice resource
 	IsArnManaged(ctx context.Context, arn string) (bool, error)
 
@@ -79,7 +72,14 @@ func NewCloud(log gwlog.Logger, cfg CloudConfig) (Cloud, error) {
 	})
 
 	lattice := services.NewDefaultLattice(sess, cfg.AccountId, cfg.Region)
-	tagging := services.NewDefaultTagging(sess, cfg.Region)
+	var tagging services.Tagging
+
+	if cfg.TaggingServiceAPIDisabled {
+		tagging = services.NewLatticeTagging(sess, cfg.AccountId, cfg.Region, cfg.VpcId)
+	} else {
+		tagging = services.NewDefaultTagging(sess, cfg.Region)
+	}
+
 	cl := NewDefaultCloudWithTagging(lattice, tagging, cfg)
 	return cl, nil
 }
@@ -133,55 +133,6 @@ func (c *defaultCloud) DefaultTagsMergedWith(tags services.Tags) services.Tags {
 	return newTags
 }
 
-func (c *defaultCloud) FindTagsForARNs(ctx context.Context, arns []string) (map[string]services.Tags, error) {
-	if !c.cfg.PrivateVPC {
-		return c.tagging.GetTagsForArns(ctx, arns)
-	}
-
-	tagsForARNs := map[string]services.Tags{}
-
-	for _, arn := range arns {
-		tags, err := c.lattice.ListTagsForResourceWithContext(ctx,
-			&vpclattice.ListTagsForResourceInput{ResourceArn: aws.String(arn)},
-		)
-		if err != nil {
-			return nil, err
-		}
-		tagsForARNs[arn] = tags.Tags
-	}
-	return tagsForARNs, nil
-}
-
-func (c *defaultCloud) FindTargetGroupARNs(ctx context.Context, tags services.Tags) ([]string, error) {
-	if !c.cfg.PrivateVPC {
-		return c.tagging.FindResourcesByTags(ctx, services.ResourceTypeTargetGroup, tags)
-	}
-
-	tgs, err := c.lattice.ListTargetGroupsAsList(ctx, &vpclattice.ListTargetGroupsInput{
-		VpcIdentifier: aws.String(c.cfg.VpcId),
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	arns := make([]string, 0, len(tgs))
-
-	for _, tg := range tgs {
-		resp, err := c.lattice.ListTagsForResourceWithContext(ctx,
-			&vpclattice.ListTagsForResourceInput{ResourceArn: tg.Arn},
-		)
-		if err != nil {
-			return nil, err
-		}
-
-		if containsTags(tags, resp.Tags) {
-			arns = append(arns, aws.StringValue(tg.Arn))
-		}
-	}
-
-	return arns, nil
-}
-
 func (c *defaultCloud) getTags(ctx context.Context, arn string) (services.Tags, error) {
 	tagsReq := &vpclattice.ListTagsForResourceInput{ResourceArn: &arn}
 	resp, err := c.lattice.ListTagsForResourceWithContext(ctx, tagsReq)
@@ -229,15 +180,6 @@ func (c *defaultCloud) TryOwnFromTags(ctx context.Context, arn string, tags serv
 	return c.isOwner(managedBy), nil
 }
 
-func containsTags(source, check services.Tags) bool {
-	for k, v := range source {
-		if aws.StringValue(check[k]) != aws.StringValue(v) {
-			return false
-		}
-	}
-	return true
-}
-
 func (c *defaultCloud) ownResource(ctx context.Context, arn string) error {
 	_, err := c.Lattice().TagResourceWithContext(ctx, &vpclattice.TagResourceInput{
 		ResourceArn: &arn,

pkg/aws/services/tagging.go

@@ -2,11 +2,14 @@ package services
 
 import (
 	"context"
+	"fmt"
+
 	"github.com/aws/aws-application-networking-k8s/pkg/utils"
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
 	taggingapi "github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi"
 	taggingapiiface "github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi/resourcegroupstaggingapiiface"
+	"github.com/aws/aws-sdk-go/service/vpclattice"
 )
 
 //go:generate mockgen -destination tagging_mocks.go -package services github.com/aws/aws-application-networking-k8s/pkg/aws/services Tagging
@@ -26,8 +29,6 @@ const (
 type Tags = map[string]*string
 
 type Tagging interface {
-	taggingapiiface.ResourceGroupsTaggingAPIAPI
-
 	// Receives a list of arns and returns arn-to-tags map.
 	GetTagsForArns(ctx context.Context, arns []string) (map[string]Tags, error)
 
@@ -39,6 +40,11 @@ type defaultTagging struct {
 	taggingapiiface.ResourceGroupsTaggingAPIAPI
 }
 
+type latticeTagging struct {
+	Lattice
+	vpcId string
+}
+
 func (t *defaultTagging) GetTagsForArns(ctx context.Context, arns []string) (map[string]Tags, error) {
 	chunks := utils.Chunks(utils.SliceMap(arns, aws.String), maxArnsPerGetResourcesApi)
 	result := make(map[string]Tags)
@@ -80,6 +86,66 @@ func NewDefaultTagging(sess *session.Session, region string) *defaultTagging {
 	return &defaultTagging{ResourceGroupsTaggingAPIAPI: api}
 }
 
+// Use VPC Lattice API instead of the Resource Groups Tagging API
+func NewLatticeTagging(sess *session.Session, acc string, region string, vpcId string) *latticeTagging {
+	api := NewDefaultLattice(sess, acc, region)
+	return &latticeTagging{Lattice: api, vpcId: vpcId}
+}
+
+func (t *latticeTagging) GetTagsForArns(ctx context.Context, arns []string) (map[string]Tags, error) {
+	result := map[string]Tags{}
+
+	for _, arn := range arns {
+		tags, err := t.ListTagsForResourceWithContext(ctx,
+			&vpclattice.ListTagsForResourceInput{ResourceArn: aws.String(arn)},
+		)
+		if err != nil {
+			return nil, err
+		}
+		result[arn] = tags.Tags
+	}
+	return result, nil
+}
+
+func (t *latticeTagging) FindResourcesByTags(ctx context.Context, resourceType ResourceType, tags Tags) ([]string, error) {
+	if resourceType != ResourceTypeTargetGroup {
+		return nil, fmt.Errorf("unsupported resource type %q for FindResourcesByTags", resourceType)
+	}
+
+	tgs, err := t.ListTargetGroupsAsList(ctx, &vpclattice.ListTargetGroupsInput{
+		VpcIdentifier: aws.String(t.vpcId),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	arns := make([]string, 0, len(tgs))
+
+	for _, tg := range tgs {
+		resp, err := t.ListTagsForResourceWithContext(ctx,
+			&vpclattice.ListTagsForResourceInput{ResourceArn: tg.Arn},
+		)
+		if err != nil {
+			return nil, err
+		}
+
+		if containsTags(tags, resp.Tags) {
+			arns = append(arns, aws.StringValue(tg.Arn))
+		}
+	}
+
+	return arns, nil
+}
+
+func containsTags(source, check Tags) bool {
+	for k, v := range source {
+		if aws.StringValue(check[k]) != aws.StringValue(v) {
+			return false
+		}
+	}
+	return true
+}
+
 func convertTags(tags []*taggingapi.Tag) Tags {
 	out := make(Tags)
 	for _, tag := range tags {