Skip to content

Commit

Permalink
🐛 aws resource bugfixes (#1855)
Browse files Browse the repository at this point in the history
  • Loading branch information
vjeffrey authored Sep 22, 2023
1 parent 36075f9 commit 64433b8
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 29 deletions.
14 changes: 10 additions & 4 deletions providers/aws/resources/aws_cloudtrail.go
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ func initAwsCloudtrailTrail(runtime *plugin.Runtime, args map[string]*llx.RawDat
}
awsCloudtrail := obj.(*mqlAwsCloudtrail)

rawResources := awsCloudtrail.Trails.Data
rawResources := awsCloudtrail.GetTrails().Data

for i := range rawResources {
trail := rawResources[i].(*mqlAwsCloudtrailTrail)
Expand Down Expand Up @@ -136,6 +136,8 @@ func (a *mqlAwsCloudtrail) getTrails(conn *connection.AwsConnection) []*jobpool.
} else {
args["s3bucket"] = llx.ResourceData(mqlAwsS3Bucket, mqlAwsS3Bucket.MqlName())
}
} else {
args["s3bucket"] = llx.NilData
}

// add kms key if there is one
Expand All @@ -151,10 +153,12 @@ func (a *mqlAwsCloudtrail) getTrails(conn *connection.AwsConnection) []*jobpool.
mqlKey := mqlKeyResource.(*mqlAwsKmsKey)
args["kmsKey"] = llx.ResourceData(mqlKey, mqlKey.MqlName())
}
} else {
args["kmsKey"] = llx.NilData
}
if trail.CloudWatchLogsLogGroupArn != nil {
mqlLoggroup, err := NewResource(a.MqlRuntime, "aws.cloudwatch.loggroup",
map[string]*llx.RawData{"arn": llx.StringData(convert.ToString(trail.CloudWatchLogsLogGroupArn))},
map[string]*llx.RawData{"arn": llx.StringDataPtr(trail.CloudWatchLogsLogGroupArn)},
)
// means the log group does not exist or we have no access to it
// dont err out, just assign nil
Expand All @@ -164,6 +168,8 @@ func (a *mqlAwsCloudtrail) getTrails(conn *connection.AwsConnection) []*jobpool.
mqlLog := mqlLoggroup.(*mqlAwsCloudwatchLoggroup)
args["logGroup"] = llx.ResourceData(mqlLog, mqlLog.MqlName())
}
} else {
args["logGroup"] = llx.NilData
}

mqlAwsCloudtrailTrail, err := CreateResource(a.MqlRuntime, "aws.cloudtrail.trail", args)
Expand All @@ -181,11 +187,11 @@ func (a *mqlAwsCloudtrail) getTrails(conn *connection.AwsConnection) []*jobpool.
}

func (a *mqlAwsCloudtrailTrail) s3bucket() (*mqlAwsS3Bucket, error) {
return a.GetS3bucket().Data, nil
return a.S3bucket.Data, nil
}

func (a *mqlAwsCloudtrailTrail) logGroup() (*mqlAwsCloudwatchLoggroup, error) {
return a.GetLogGroup().Data, nil
return a.LogGroup.Data, nil
}

func (a *mqlAwsCloudtrailTrail) kmsKey() (*mqlAwsKmsKey, error) {
Expand Down
16 changes: 8 additions & 8 deletions providers/aws/resources/aws_cloudwatch.go
Original file line number Diff line number Diff line change
Expand Up @@ -616,11 +616,11 @@ func (a *mqlAwsCloudwatch) getLogGroups(conn *connection.AwsConnection) []*jobpo
"arn": llx.StringData(convert.ToString(loggroup.KmsKeyId)),
})
if err != nil {
return nil, err
args["kmsKey"] = llx.NilData
} else {
mqlKey := mqlKeyResource.(*mqlAwsKmsKey)
args["kmsKey"] = llx.ResourceData(mqlKey, mqlKey.MqlName())
}

mqlKey := mqlKeyResource.(*mqlAwsKmsKey)
args["kmsKey"] = llx.ResourceData(mqlKey, mqlKey.MqlName())
} else {
args["kmsKey"] = llx.NilData
}
Expand Down Expand Up @@ -659,7 +659,7 @@ func initAwsCloudwatchLoggroup(runtime *plugin.Runtime, args map[string]*llx.Raw
return nil, nil, err
}
cloudwatch := obj.(*mqlAwsCloudwatch)
rawResources := cloudwatch.LogGroups.Data
rawResources := cloudwatch.GetLogGroups().Data

arnVal := args["arn"].Value.(string)
for i := range rawResources {
Expand All @@ -673,8 +673,8 @@ func initAwsCloudwatchLoggroup(runtime *plugin.Runtime, args map[string]*llx.Raw
return nil, nil, errors.New("cloudwatch log group does not exist")
}

func (s *mqlAwsCloudwatchLoggroup) kmsKey() (*mqlAwsKmsKey, error) {
return &mqlAwsKmsKey{}, nil
func (a *mqlAwsCloudwatchLoggroup) kmsKey() (*mqlAwsKmsKey, error) {
return a.KmsKey.Data, nil
}

func (a *mqlAwsCloudwatchLoggroup) id() (string, error) {
Expand Down Expand Up @@ -766,7 +766,7 @@ func initAwsCloudwatchMetricsalarm(runtime *plugin.Runtime, args map[string]*llx
}
aws := obj.(*mqlAwsCloudwatch)

rawResources := aws.Alarms.Data
rawResources := aws.GetAlarms().Data

arnVal := args["arn"].Value.(string)
for i := range rawResources {
Expand Down
4 changes: 3 additions & 1 deletion providers/aws/resources/aws_ec2.go
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,8 @@ func (a *mqlAwsEc2Networkacl) entries() ([]interface{}, error) {
return nil, err
}
args["portRange"] = llx.ResourceData(mqlPortRange, mqlPortRange.MqlName())
} else {
args["portRange"] = llx.NilData
}

mqlAclEntry, err := CreateResource(a.MqlRuntime, "aws.ec2.networkacl.entry", args)
Expand All @@ -180,7 +182,7 @@ func (a *mqlAwsEc2Networkacl) entries() ([]interface{}, error) {
}

func (a *mqlAwsEc2NetworkaclEntry) portRange() (*mqlAwsEc2NetworkaclEntryPortrange, error) {
return a.GetPortRange().Data, nil
return a.PortRange.Data, nil
}

func (a *mqlAwsEc2Securitygroup) isAttachedToNetworkInterface() (bool, error) {
Expand Down
41 changes: 25 additions & 16 deletions providers/aws/resources/aws_iam.go
Original file line number Diff line number Diff line change
Expand Up @@ -297,22 +297,27 @@ func (a *mqlAwsIam) virtualMfaDevices() ([]interface{}, error) {
device := devicesResp.VirtualMFADevices[i]

var mqlAwsIamUser plugin.Resource
args := map[string]*llx.RawData{
"serialNumber": llx.StringDataPtr(device.SerialNumber),
"enableDate": llx.TimeDataPtr(device.EnableDate),
}

usr := device.User
if usr != nil {
mqlAwsIamUser, err = NewResource(a.MqlRuntime, "aws.iam.user", map[string]*llx.RawData{
"arn": llx.StringData(convert.ToString(usr.Arn)),
"arn": llx.StringDataPtr(usr.Arn),
"name": llx.StringDataPtr(usr.UserName),
})
if err != nil {
return nil, err
if err == nil {
args["user"] = llx.ResourceData(mqlAwsIamUser, "aws.iam.user")
}
}

mqlAwsIamMfaDevice, err := CreateResource(a.MqlRuntime, "aws.iam.virtualmfadevice",
map[string]*llx.RawData{
"serialNumber": llx.StringData(convert.ToString(device.SerialNumber)),
"enableDate": llx.TimeData(toTime(device.EnableDate)),
"user": llx.ResourceData(mqlAwsIamUser, mqlAwsIamUser.MqlName()),
})
if usr == nil || err != nil {
args["user"] = llx.NilData
}

mqlAwsIamMfaDevice, err := CreateResource(a.MqlRuntime, "aws.iam.virtualmfadevice", args)
if err != nil {
return nil, err
}
Expand Down Expand Up @@ -671,14 +676,15 @@ func (a *mqlAwsIamUsercredentialreportentry) user() (*mqlAwsIamUser, error) {
log.Info().Msgf("could not retrieve key")
return nil, errors.New("could not read the credentials report")
}

// handle special case for the root account since that user does not exist
if props["user"] == "<root_account>" {
return nil, nil
return nil, errors.New("root user does not exist")
}

mqlUser, err := CreateResource(a.MqlRuntime, "aws.iam.user",
map[string]*llx.RawData{"name": llx.StringData(props["user"].(string))},
mqlUser, err := NewResource(a.MqlRuntime, "aws.iam.user",
map[string]*llx.RawData{
"name": llx.StringData(props["user"].(string)),
},
)
if err != nil {
return nil, err
Expand Down Expand Up @@ -706,8 +712,8 @@ func initAwsIamUser(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[
}
}

if args["arn"] == nil && args["name"] == nil {
return nil, nil, errors.New("arn or name required to fetch aws iam user")
if args["name"] == nil {
return nil, nil, errors.New("name required to fetch aws iam user")
}
conn := runtime.Connection.(*connection.AwsConnection)

Expand Down Expand Up @@ -738,6 +744,9 @@ func initAwsIamUser(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[
}

func (a *mqlAwsIamUser) id() (string, error) {
if a.Arn.Error != nil {
return "", a.Arn.Error
}
return a.Arn.Data, nil
}

Expand Down Expand Up @@ -1035,7 +1044,7 @@ func (a *mqlAwsIamPolicy) attachedRoles() ([]interface{}, error) {
for i := range entities.PolicyRoles {
role := entities.PolicyRoles[i]

mqlUser, err := CreateResource(a.MqlRuntime, "aws.iam.role",
mqlUser, err := NewResource(a.MqlRuntime, "aws.iam.role",
map[string]*llx.RawData{"name": llx.StringData(convert.ToString(role.RoleName))},
)
if err != nil {
Expand Down
2 changes: 2 additions & 0 deletions providers/aws/resources/aws_sagemaker.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,8 @@ func (a *mqlAwsSagemakerNotebookinstance) details() (*mqlAwsSagemakerNotebookins
} else {
args["kmsKey"] = llx.ResourceData(mqlKeyResource, mqlKeyResource.MqlName())
}
} else {
args["kmsKey"] = llx.NilData
}
mqlInstanceDetails, err := CreateResource(a.MqlRuntime, "aws.sagemaker.notebookinstance.details", args)
if err != nil {
Expand Down

0 comments on commit 64433b8

Please sign in to comment.