⭐ Add new properties to the aws.vpc resource (#2007)

* Add new properties to the aws.vpc resource Add a few new things for asset inventory: - CIDR Block - Instance tenancy settings ``` cnquery> aws.vpcs.first{*} aws.vpcs.first: { instanceTenancy: "default" region: "ap-south-1" cidrBlock: "172.31.0.0/16" isDefault: true state: "available" arn: "FOO" id: "vpc-0c67aa67" flowLogs: [] tags: {} routeTables: [ 0: aws.vpc.routetable id="FOO" ] } ``` Signed-off-by: Tim Smith <[email protected]> * Review updates Signed-off-by: Tim Smith <[email protected]> --------- Signed-off-by: Tim Smith <[email protected]>
mondoohq · Oct 2, 2023 · e56eac2 · e56eac2
1 parent fda5ca6
commit e56eac2
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 8 deletions.
diff --git a/providers/aws/resources/aws.lr b/providers/aws/resources/aws.lr
@@ -35,15 +35,19 @@ aws.organization @defaults("arn masterAccountEmail") {
 }
 
 // Amazon Virtual Private Cloud (VPC)
-private aws.vpc @defaults("arn isDefault") {
+private aws.vpc @defaults("arn isDefault cidrBlock") {
   // ARN of the VPC
   arn string
   // ID of the VPC
   id string
+  // IPv4 CIDR block of the VPC
+  cidrBlock string
   // State of the VPC (pending or available)
   state string
   // Whether the VPC is the default one
   isDefault bool
+  // How instance hardware tenancy settings are enforced on instances launched in this VPC
+  instanceTenancy string
   // Region the VPC exists in
   region string
   // A list of flowlogs for the VPC

diff --git a/providers/aws/resources/aws.lr.go b/providers/aws/resources/aws.lr.go
diff --git a/providers/aws/resources/aws.lr.manifest.yaml b/providers/aws/resources/aws.lr.manifest.yaml
@@ -2177,8 +2177,12 @@ resources:
   aws.vpc:
     fields:
       arn: {}
+      cidrBlock:
+        min_mondoo_version: 9.0.0
       flowLogs: {}
       id: {}
+      instanceTenancy:
+        min_mondoo_version: 9.0.0
       isDefault: {}
       region: {}
       routeTables: {}

diff --git a/providers/aws/resources/aws_vpc.go b/providers/aws/resources/aws_vpc.go
@@ -80,12 +80,14 @@ func (a *mqlAws) getVpcs(conn *connection.AwsConnection) []*jobpool.Job {
 
 					mqlVpc, err := CreateResource(a.MqlRuntime, "aws.vpc",
 						map[string]*llx.RawData{
-							"arn":       llx.StringData(fmt.Sprintf(vpcArnPattern, regionVal, conn.AccountId(), convert.ToString(v.VpcId))),
-							"id":        llx.StringData(convert.ToString(v.VpcId)),
-							"state":     llx.StringData(string(v.State)),
-							"isDefault": llx.BoolData(convert.ToBool(v.IsDefault)),
-							"region":    llx.StringData(regionVal),
-							"tags":      llx.MapData(Ec2TagsToMap(v.Tags), types.String),
+							"arn":             llx.StringData(fmt.Sprintf(vpcArnPattern, regionVal, conn.AccountId(), convert.ToString(v.VpcId))),
+							"id":              llx.StringDataPtr(v.VpcId),
+							"state":           llx.StringData(string(v.State)),
+							"isDefault":       llx.BoolData(convert.ToBool(v.IsDefault)),
+							"instanceTenancy": llx.StringData(string(v.InstanceTenancy)),
+							"cidrBlock":       llx.StringDataPtr(v.CidrBlock),
+							"region":          llx.StringData(regionVal),
+							"tags":            llx.MapData(Ec2TagsToMap(v.Tags), types.String),
 						})
 					if err != nil {
 						log.Error().Msg(err.Error())
@@ -141,7 +143,7 @@ func (a *mqlAwsVpc) flowLogs() ([]interface{}, error) {
 }
 
 func (a *mqlAwsVpcRoutetable) id() (string, error) {
-  return a.Id.Data, nil
+	return a.Id.Data, nil
 }
 
 func (a *mqlAwsVpc) routeTables() ([]interface{}, error) {