diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index cbe4b8e88..92f8120bb 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -9,11 +9,11 @@ cavium cdn certificatechains cmek +Cooldown cryptokey customresources datapath Ddos -DIRECTORYID dfw DIRECTORYID dlq diff --git a/providers/aws/resources/aws.lr b/providers/aws/resources/aws.lr index ff8015465..0f2561fe0 100644 --- a/providers/aws/resources/aws.lr +++ b/providers/aws/resources/aws.lr @@ -540,6 +540,18 @@ private aws.autoscaling.group @defaults("name region") { tags map[string]string // The region of the Auto Scaling group region string + // The minimum number of instances to scale down to + minSize int + // The maximum number of instances to scale up to + maxSize int + // The time to wait after scaling up / down before the next scaling event is started + defaultCooldown int + // The name of the launch configuration + launchConfigurationName string + // The grace period in seconds before an instance with a failing health check will be replaced + healthCheckGracePeriod int + // Time when the autoscaling group was created + createdAt time } // AWS Elastic Load Balancing @@ -1436,7 +1448,7 @@ private aws.redshift.cluster @defaults("dbName clusterVersion clusterStatus regi // Version of the Redshift engine running on the cluster clusterVersion string // Cluster creation timestamp - createdAt string + createdAt time // Name of the initial database that was created when the cluster was created dbName string // Whether the cluster is encrypted at rest @@ -1596,12 +1608,12 @@ private aws.lambda.function @defaults("arn") { } // Amazon Systems Manager -aws.ssm { +aws.ssm @defaults("instances") { instances() []aws.ssm.instance } // Amazon SSM instance -private aws.ssm.instance { +private aws.ssm.instance @defaults("instanceId region platformName platformVersion ipAddress") { // Instance ID for the SSM Instance instanceId string // Ping status (e.g., online) for the SSM Instance @@ -1610,6 +1622,10 @@ private aws.ssm.instance { ipAddress string // Platform name for the SSM Instance, as described by AWS platformName string + // The type of for the SSM Instance, as described by AWS (Windows, Linux, etc) + platformType string + // Platform version for the SSM Instance, as described by AWS + platformVersion string // Region where the SSM instance is located region string // ARN for the SSM instance @@ -1641,7 +1657,7 @@ aws.ec2 { } // Amazon EC2 network ACL -private aws.ec2.networkacl @defaults("arn") { +private aws.ec2.networkacl @defaults("id region") { // ARN for the network ACL arn string // ID for the network ACL @@ -1653,19 +1669,23 @@ private aws.ec2.networkacl @defaults("arn") { } // Amazon EC2 network ACL entry -private aws.ec2.networkacl.entry { +private aws.ec2.networkacl.entry @defaults("id egress ruleAction cidrBlock portRange") { // Whether this is an entry for egress rules egress bool // Allow or deny ruleAction string + // The rule number + ruleNumber int // Port range for the ACL entry portRange() aws.ec2.networkacl.entry.portrange + // CIDR block for the ACL entry + cidrBlock string // ID for the ACL entry rule id string } // Amazon EC2 network ACL entry port range -private aws.ec2.networkacl.entry.portrange { +private aws.ec2.networkacl.entry.portrange @defaults("from to") { // Starting port for port range from int // Ending port for port range diff --git a/providers/aws/resources/aws.lr.go b/providers/aws/resources/aws.lr.go index 954badaaf..e35cbacc4 100644 --- a/providers/aws/resources/aws.lr.go +++ b/providers/aws/resources/aws.lr.go @@ -1148,6 +1148,24 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "aws.autoscaling.group.region": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsAutoscalingGroup).GetRegion()).ToDataRes(types.String) }, + "aws.autoscaling.group.minSize": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsAutoscalingGroup).GetMinSize()).ToDataRes(types.Int) + }, + "aws.autoscaling.group.maxSize": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsAutoscalingGroup).GetMaxSize()).ToDataRes(types.Int) + }, + "aws.autoscaling.group.defaultCooldown": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsAutoscalingGroup).GetDefaultCooldown()).ToDataRes(types.Int) + }, + "aws.autoscaling.group.launchConfigurationName": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsAutoscalingGroup).GetLaunchConfigurationName()).ToDataRes(types.String) + }, + "aws.autoscaling.group.healthCheckGracePeriod": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsAutoscalingGroup).GetHealthCheckGracePeriod()).ToDataRes(types.Int) + }, + "aws.autoscaling.group.createdAt": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsAutoscalingGroup).GetCreatedAt()).ToDataRes(types.Time) + }, "aws.elb.classicLoadBalancers": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsElb).GetClassicLoadBalancers()).ToDataRes(types.Array(types.Resource("aws.elb.loadbalancer"))) }, @@ -2160,7 +2178,7 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ return (r.(*mqlAwsRedshiftCluster).GetClusterVersion()).ToDataRes(types.String) }, "aws.redshift.cluster.createdAt": func(r plugin.Resource) *plugin.DataRes { - return (r.(*mqlAwsRedshiftCluster).GetCreatedAt()).ToDataRes(types.String) + return (r.(*mqlAwsRedshiftCluster).GetCreatedAt()).ToDataRes(types.Time) }, "aws.redshift.cluster.dbName": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsRedshiftCluster).GetDbName()).ToDataRes(types.String) @@ -2357,6 +2375,12 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "aws.ssm.instance.platformName": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsSsmInstance).GetPlatformName()).ToDataRes(types.String) }, + "aws.ssm.instance.platformType": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsSsmInstance).GetPlatformType()).ToDataRes(types.String) + }, + "aws.ssm.instance.platformVersion": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsSsmInstance).GetPlatformVersion()).ToDataRes(types.String) + }, "aws.ssm.instance.region": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsSsmInstance).GetRegion()).ToDataRes(types.String) }, @@ -2411,9 +2435,15 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "aws.ec2.networkacl.entry.ruleAction": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEc2NetworkaclEntry).GetRuleAction()).ToDataRes(types.String) }, + "aws.ec2.networkacl.entry.ruleNumber": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEc2NetworkaclEntry).GetRuleNumber()).ToDataRes(types.Int) + }, "aws.ec2.networkacl.entry.portRange": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEc2NetworkaclEntry).GetPortRange()).ToDataRes(types.Resource("aws.ec2.networkacl.entry.portrange")) }, + "aws.ec2.networkacl.entry.cidrBlock": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEc2NetworkaclEntry).GetCidrBlock()).ToDataRes(types.String) + }, "aws.ec2.networkacl.entry.id": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEc2NetworkaclEntry).GetId()).ToDataRes(types.String) }, @@ -3690,6 +3720,30 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlAwsAutoscalingGroup).Region, ok = plugin.RawToTValue[string](v.Value, v.Error) return }, + "aws.autoscaling.group.minSize": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsAutoscalingGroup).MinSize, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, + "aws.autoscaling.group.maxSize": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsAutoscalingGroup).MaxSize, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, + "aws.autoscaling.group.defaultCooldown": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsAutoscalingGroup).DefaultCooldown, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, + "aws.autoscaling.group.launchConfigurationName": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsAutoscalingGroup).LaunchConfigurationName, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, + "aws.autoscaling.group.healthCheckGracePeriod": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsAutoscalingGroup).HealthCheckGracePeriod, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, + "aws.autoscaling.group.createdAt": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsAutoscalingGroup).CreatedAt, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error) + return + }, "aws.elb.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlAwsElb).__id, ok = v.Value.(string) return @@ -5255,7 +5309,7 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { return }, "aws.redshift.cluster.createdAt": func(r plugin.Resource, v *llx.RawData) (ok bool) { - r.(*mqlAwsRedshiftCluster).CreatedAt, ok = plugin.RawToTValue[string](v.Value, v.Error) + r.(*mqlAwsRedshiftCluster).CreatedAt, ok = plugin.RawToTValue[*time.Time](v.Value, v.Error) return }, "aws.redshift.cluster.dbName": func(r plugin.Resource, v *llx.RawData) (ok bool) { @@ -5562,6 +5616,14 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlAwsSsmInstance).PlatformName, ok = plugin.RawToTValue[string](v.Value, v.Error) return }, + "aws.ssm.instance.platformType": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsSsmInstance).PlatformType, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, + "aws.ssm.instance.platformVersion": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsSsmInstance).PlatformVersion, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, "aws.ssm.instance.region": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlAwsSsmInstance).Region, ok = plugin.RawToTValue[string](v.Value, v.Error) return @@ -5646,10 +5708,18 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlAwsEc2NetworkaclEntry).RuleAction, ok = plugin.RawToTValue[string](v.Value, v.Error) return }, + "aws.ec2.networkacl.entry.ruleNumber": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEc2NetworkaclEntry).RuleNumber, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, "aws.ec2.networkacl.entry.portRange": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlAwsEc2NetworkaclEntry).PortRange, ok = plugin.RawToTValue[*mqlAwsEc2NetworkaclEntryPortrange](v.Value, v.Error) return }, + "aws.ec2.networkacl.entry.cidrBlock": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEc2NetworkaclEntry).CidrBlock, ok = plugin.RawToTValue[string](v.Value, v.Error) + return + }, "aws.ec2.networkacl.entry.id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlAwsEc2NetworkaclEntry).Id, ok = plugin.RawToTValue[string](v.Value, v.Error) return @@ -9122,6 +9192,12 @@ type mqlAwsAutoscalingGroup struct { HealthCheckType plugin.TValue[string] Tags plugin.TValue[map[string]interface{}] Region plugin.TValue[string] + MinSize plugin.TValue[int64] + MaxSize plugin.TValue[int64] + DefaultCooldown plugin.TValue[int64] + LaunchConfigurationName plugin.TValue[string] + HealthCheckGracePeriod plugin.TValue[int64] + CreatedAt plugin.TValue[*time.Time] } // createAwsAutoscalingGroup creates a new instance of this resource @@ -9185,6 +9261,30 @@ func (c *mqlAwsAutoscalingGroup) GetRegion() *plugin.TValue[string] { return &c.Region } +func (c *mqlAwsAutoscalingGroup) GetMinSize() *plugin.TValue[int64] { + return &c.MinSize +} + +func (c *mqlAwsAutoscalingGroup) GetMaxSize() *plugin.TValue[int64] { + return &c.MaxSize +} + +func (c *mqlAwsAutoscalingGroup) GetDefaultCooldown() *plugin.TValue[int64] { + return &c.DefaultCooldown +} + +func (c *mqlAwsAutoscalingGroup) GetLaunchConfigurationName() *plugin.TValue[string] { + return &c.LaunchConfigurationName +} + +func (c *mqlAwsAutoscalingGroup) GetHealthCheckGracePeriod() *plugin.TValue[int64] { + return &c.HealthCheckGracePeriod +} + +func (c *mqlAwsAutoscalingGroup) GetCreatedAt() *plugin.TValue[*time.Time] { + return &c.CreatedAt +} + // mqlAwsElb for the aws.elb resource type mqlAwsElb struct { MqlRuntime *plugin.Runtime @@ -13741,7 +13841,7 @@ type mqlAwsRedshiftCluster struct { ClusterStatus plugin.TValue[string] ClusterSubnetGroupName plugin.TValue[string] ClusterVersion plugin.TValue[string] - CreatedAt plugin.TValue[string] + CreatedAt plugin.TValue[*time.Time] DbName plugin.TValue[string] Encrypted plugin.TValue[bool] EnhancedVpcRouting plugin.TValue[bool] @@ -13832,7 +13932,7 @@ func (c *mqlAwsRedshiftCluster) GetClusterVersion() *plugin.TValue[string] { return &c.ClusterVersion } -func (c *mqlAwsRedshiftCluster) GetCreatedAt() *plugin.TValue[string] { +func (c *mqlAwsRedshiftCluster) GetCreatedAt() *plugin.TValue[*time.Time] { return &c.CreatedAt } @@ -14681,6 +14781,8 @@ type mqlAwsSsmInstance struct { PingStatus plugin.TValue[string] IpAddress plugin.TValue[string] PlatformName plugin.TValue[string] + PlatformType plugin.TValue[string] + PlatformVersion plugin.TValue[string] Region plugin.TValue[string] Arn plugin.TValue[string] Tags plugin.TValue[map[string]interface{}] @@ -14739,6 +14841,14 @@ func (c *mqlAwsSsmInstance) GetPlatformName() *plugin.TValue[string] { return &c.PlatformName } +func (c *mqlAwsSsmInstance) GetPlatformType() *plugin.TValue[string] { + return &c.PlatformType +} + +func (c *mqlAwsSsmInstance) GetPlatformVersion() *plugin.TValue[string] { + return &c.PlatformVersion +} + func (c *mqlAwsSsmInstance) GetRegion() *plugin.TValue[string] { return &c.Region } @@ -15023,7 +15133,9 @@ type mqlAwsEc2NetworkaclEntry struct { // optional: if you define mqlAwsEc2NetworkaclEntryInternal it will be used here Egress plugin.TValue[bool] RuleAction plugin.TValue[string] + RuleNumber plugin.TValue[int64] PortRange plugin.TValue[*mqlAwsEc2NetworkaclEntryPortrange] + CidrBlock plugin.TValue[string] Id plugin.TValue[string] } @@ -15072,6 +15184,10 @@ func (c *mqlAwsEc2NetworkaclEntry) GetRuleAction() *plugin.TValue[string] { return &c.RuleAction } +func (c *mqlAwsEc2NetworkaclEntry) GetRuleNumber() *plugin.TValue[int64] { + return &c.RuleNumber +} + func (c *mqlAwsEc2NetworkaclEntry) GetPortRange() *plugin.TValue[*mqlAwsEc2NetworkaclEntryPortrange] { return plugin.GetOrCompute[*mqlAwsEc2NetworkaclEntryPortrange](&c.PortRange, func() (*mqlAwsEc2NetworkaclEntryPortrange, error) { if c.MqlRuntime.HasRecording { @@ -15088,6 +15204,10 @@ func (c *mqlAwsEc2NetworkaclEntry) GetPortRange() *plugin.TValue[*mqlAwsEc2Netwo }) } +func (c *mqlAwsEc2NetworkaclEntry) GetCidrBlock() *plugin.TValue[string] { + return &c.CidrBlock +} + func (c *mqlAwsEc2NetworkaclEntry) GetId() *plugin.TValue[string] { return &c.Id } diff --git a/providers/aws/resources/aws.lr.manifest.yaml b/providers/aws/resources/aws.lr.manifest.yaml index 39b86a8f9..ff5e5a520 100755 --- a/providers/aws/resources/aws.lr.manifest.yaml +++ b/providers/aws/resources/aws.lr.manifest.yaml @@ -273,8 +273,20 @@ resources: The `aws.autoscaling.group` resource provides fields representing an individual AWS auto scaling group within the account. For usage see the `aws.autoscaling` resource documentation. fields: arn: {} + createdAt: + min_mondoo_version: latest + defaultCooldown: + min_mondoo_version: latest + healthCheckGracePeriod: + min_mondoo_version: latest healthCheckType: {} + launchConfigurationName: + min_mondoo_version: latest loadBalancerNames: {} + maxSize: + min_mondoo_version: latest + minSize: + min_mondoo_version: latest name: {} region: min_mondoo_version: latest @@ -956,10 +968,14 @@ resources: desc: | The `aws.ec2.networkacl.entry` resource provides fields for assessing the configuration of network ACL entries within an AWS account. For usage see `aws.ec2` resource. fields: + cidrBlock: + min_mondoo_version: latest egress: {} id: {} portRange: {} ruleAction: {} + ruleNumber: + min_mondoo_version: latest is_private: true min_mondoo_version: 5.15.0 platform: @@ -2245,6 +2261,8 @@ resources: ipAddress: {} pingStatus: {} platformName: {} + platformType: {} + platformVersion: {} region: {} tags: {} is_private: true diff --git a/providers/aws/resources/aws_autoscaling.go b/providers/aws/resources/aws_autoscaling.go index 29d40a667..23b93a133 100644 --- a/providers/aws/resources/aws_autoscaling.go +++ b/providers/aws/resources/aws_autoscaling.go @@ -76,12 +76,18 @@ func (a *mqlAwsAutoscaling) getGroups(conn *connection.AwsConnection) []*jobpool } mqlGroup, err := CreateResource(a.MqlRuntime, "aws.autoscaling.group", map[string]*llx.RawData{ - "arn": llx.StringDataPtr(group.AutoScalingGroupARN), - "name": llx.StringDataPtr(group.AutoScalingGroupName), - "loadBalancerNames": llx.ArrayData(lbNames, types.String), - "healthCheckType": llx.StringDataPtr(group.HealthCheckType), - "tags": llx.MapData(autoscalingTagsToMap(group.Tags), types.String), - "region": llx.StringData(regionVal), + "arn": llx.StringDataPtr(group.AutoScalingGroupARN), + "name": llx.StringDataPtr(group.AutoScalingGroupName), + "loadBalancerNames": llx.ArrayData(lbNames, types.String), + "healthCheckType": llx.StringDataPtr(group.HealthCheckType), + "tags": llx.MapData(autoscalingTagsToMap(group.Tags), types.String), + "region": llx.StringData(regionVal), + "minSize": llx.IntData(convert.ToInt64From32(group.MinSize)), + "maxSize": llx.IntData(convert.ToInt64From32(group.MaxSize)), + "defaultCooldown": llx.IntData(convert.ToInt64From32(group.DefaultCooldown)), + "launchConfigurationName": llx.StringDataPtr(group.LaunchConfigurationName), + "healthCheckGracePeriod": llx.IntData(convert.ToInt64From32(group.HealthCheckGracePeriod)), + "createdAt": llx.TimeDataPtr(group.CreatedTime), }) if err != nil { return nil, err diff --git a/providers/aws/resources/aws_ec2.go b/providers/aws/resources/aws_ec2.go index 2b332afea..8ff14bbd9 100644 --- a/providers/aws/resources/aws_ec2.go +++ b/providers/aws/resources/aws_ec2.go @@ -104,7 +104,7 @@ func (a *mqlAwsEc2) getNetworkACLs(conn *connection.AwsConnection) []*jobpool.Jo mqlNetworkAcl, err := CreateResource(a.MqlRuntime, "aws.ec2.networkacl", map[string]*llx.RawData{ "arn": llx.StringData(fmt.Sprintf(networkAclArnPattern, regionVal, conn.AccountId(), convert.ToString(acl.NetworkAclId))), - "id": llx.StringData(convert.ToString(acl.NetworkAclId)), + "id": llx.StringDataPtr(acl.NetworkAclId), "region": llx.StringData(regionVal), }) if err != nil { @@ -156,6 +156,8 @@ func (a *mqlAwsEc2Networkacl) entries() ([]interface{}, error) { args := map[string]*llx.RawData{ "egress": llx.BoolData(egress), "ruleAction": llx.StringData(string(entry.RuleAction)), + "ruleNumber": llx.IntData(convert.ToInt64From32(entry.RuleNumber)), + "cidrBlock": llx.StringDataPtr(entry.CidrBlock), "id": llx.StringData(entryId), } if entry.PortRange != nil { diff --git a/providers/aws/resources/aws_ssm.go b/providers/aws/resources/aws_ssm.go index b2470f0e3..dd3e74d04 100644 --- a/providers/aws/resources/aws_ssm.go +++ b/providers/aws/resources/aws_ssm.go @@ -85,12 +85,14 @@ func (a *mqlAwsSsm) getInstances(conn *connection.AwsConnection) []*jobpool.Job for _, instance := range ssminstances { mqlInstance, err := CreateResource(a.MqlRuntime, "aws.ssm.instance", map[string]*llx.RawData{ - "instanceId": llx.StringDataPtr(instance.InstanceId), - "pingStatus": llx.StringData(string(instance.PingStatus)), - "ipAddress": llx.StringDataPtr(instance.IPAddress), - "platformName": llx.StringDataPtr(instance.PlatformName), - "region": llx.StringData(region), - "arn": llx.StringData(ssmInstanceArn(conn.AccountId(), region, convert.ToString(instance.InstanceId))), + "instanceId": llx.StringDataPtr(instance.InstanceId), + "pingStatus": llx.StringData(string(instance.PingStatus)), + "ipAddress": llx.StringDataPtr(instance.IPAddress), + "platformName": llx.StringDataPtr(instance.PlatformName), + "platformType": llx.StringData(string(instance.PlatformType)), + "platformVersion": llx.StringDataPtr(instance.PlatformVersion), + "region": llx.StringData(region), + "arn": llx.StringData(ssmInstanceArn(conn.AccountId(), region, convert.ToString(instance.InstanceId))), }) if err != nil { return nil, err