From c293926b793af92b82c73edbc910f87ecf1c3f69 Mon Sep 17 00:00:00 2001 From: James Kwon <96548424+hongil0316@users.noreply.github.com> Date: Thu, 25 Jan 2024 11:13:18 +0900 Subject: [PATCH 1/3] Add nukable check + nukable check implementation for transit gateway --- .circleci/config.yml | 2 +- aws/aws.go | 5 +-- aws/resource.go | 4 ++- aws/resources/access_analyzer_types.go | 2 ++ aws/resources/acm_types.go | 2 ++ aws/resources/acmpca_types.go | 2 ++ aws/resources/ami_types.go | 2 ++ aws/resources/apigateway_types.go | 2 ++ aws/resources/apigatewayv2_types.go | 2 ++ aws/resources/asg_types.go | 2 ++ aws/resources/backup_vault_types.go | 2 ++ aws/resources/base_resource.go | 35 +++++++++++++++++++ aws/resources/cloudtrail_types.go | 2 ++ aws/resources/cloudwatch_alarm_types.go | 2 ++ aws/resources/cloudwatch_dashboard_types.go | 2 ++ aws/resources/cloudwatch_loggroup_types.go | 2 ++ aws/resources/codedeploy_application_types.go | 2 ++ aws/resources/config_recorder_types.go | 2 ++ aws/resources/config_service_types.go | 2 ++ aws/resources/dynamodb_types.go | 2 ++ aws/resources/ebs_types.go | 2 ++ aws/resources/ec2_dedicated_host_types.go | 2 ++ aws/resources/ec2_dhcp_option_types.go | 2 ++ aws/resources/ec2_ipam_byoasn_types.go | 1 + .../ec2_ipam_custom_allocation_types.go | 1 + aws/resources/ec2_ipam_pool_types.go | 1 + .../ec2_ipam_resource_discovery_types.go | 1 + aws/resources/ec2_ipam_scope_types.go | 1 + aws/resources/ec2_ipam_types.go | 1 + aws/resources/ec2_key_pair_types.go | 2 ++ aws/resources/ec2_types.go | 2 ++ aws/resources/ec2_vpc_types.go | 2 ++ aws/resources/ecr_types.go | 2 ++ aws/resources/ecs_cluster_types.go | 2 ++ aws/resources/ecs_service_types.go | 2 ++ aws/resources/efs_types.go | 2 ++ aws/resources/eip_types.go | 2 ++ aws/resources/eks_types.go | 2 ++ aws/resources/elasticache_types.go | 4 +++ aws/resources/elb_types.go | 2 ++ aws/resources/elbv2_types.go | 2 ++ aws/resources/guardduty_types.go | 2 ++ aws/resources/iam_group_types.go | 2 ++ aws/resources/iam_policy_types.go | 2 ++ aws/resources/iam_role_types.go | 2 ++ .../iam_service_linked_role_types.go | 2 ++ aws/resources/iam_types.go | 2 ++ aws/resources/kinesis_stream_types.go | 2 ++ aws/resources/kms_customer_key_types.go | 2 ++ aws/resources/lambda_layer_types.go | 1 + aws/resources/lambda_types.go | 1 + aws/resources/launch_config_types.go | 2 ++ aws/resources/launch_template_types.go | 2 ++ aws/resources/macie_types.go | 2 ++ aws/resources/msk_cluster_types.go | 2 ++ aws/resources/nat_gateway_types.go | 2 ++ aws/resources/oidc_provider_types.go | 2 ++ aws/resources/opensearch_types.go | 2 ++ aws/resources/rds_cluster_types.go | 2 ++ aws/resources/rds_snapshot_types.go | 2 ++ aws/resources/rds_subnet_group_types.go | 2 ++ aws/resources/rds_types.go | 2 ++ aws/resources/redshift_types.go | 2 ++ aws/resources/s3_types.go | 2 ++ .../sagemaker_notebook_instance_types.go | 2 ++ aws/resources/secrets_manager_types.go | 2 ++ aws/resources/security_hub_types.go | 2 ++ aws/resources/snapshot_types.go | 2 ++ aws/resources/sns_types.go | 2 ++ aws/resources/sqs_types.go | 2 ++ aws/resources/transit_gateway.go | 34 ++++++++++++++++++ aws/resources/transit_gateway_test.go | 6 ++-- aws/resources/transit_gateway_types.go | 17 +++++++++ ui/ui.go | 15 +++++--- util/error.go | 17 +++++++++ 75 files changed, 250 insertions(+), 11 deletions(-) create mode 100644 aws/resources/base_resource.go create mode 100644 util/error.go diff --git a/.circleci/config.yml b/.circleci/config.yml index 9c334d0b..fc9c8e98 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,5 +1,5 @@ orbs: - go: circleci/go@1.7.3 + go: circleci/go@1.21 # The "sign binary" runs in a MacOS environment, so it's necessary to download GW's binaries env: &env diff --git a/aws/aws.go b/aws/aws.go index f53e9304..44209b6c 100644 --- a/aws/aws.go +++ b/aws/aws.go @@ -3,12 +3,13 @@ package aws import ( "context" "fmt" - "github.com/gruntwork-io/cloud-nuke/util" - "github.com/pterm/pterm" "sort" "strings" "time" + "github.com/gruntwork-io/cloud-nuke/util" + "github.com/pterm/pterm" + commonTelemetry "github.com/gruntwork-io/go-commons/telemetry" "github.com/gruntwork-io/cloud-nuke/config" diff --git a/aws/resource.go b/aws/resource.go index 51203e6d..3d3a9cd4 100644 --- a/aws/resource.go +++ b/aws/resource.go @@ -2,9 +2,10 @@ package aws import ( "context" + "strings" + "github.com/aws/aws-sdk-go/aws/session" "github.com/gruntwork-io/cloud-nuke/config" - "strings" ) // AwsResource is an interface that represents a single AWS resource @@ -15,6 +16,7 @@ type AwsResource interface { MaxBatchSize() int Nuke(identifiers []string) error GetAndSetIdentifiers(c context.Context, configObj config.Config) ([]string, error) + IsNukable(string) (bool, error) } // AwsResources is a struct to hold multiple instances of AwsResource. diff --git a/aws/resources/access_analyzer_types.go b/aws/resources/access_analyzer_types.go index d27fd689..e879fc3e 100644 --- a/aws/resources/access_analyzer_types.go +++ b/aws/resources/access_analyzer_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/accessanalyzer" @@ -12,6 +13,7 @@ import ( // AccessAnalyzer - represents all AWS secrets manager secrets that should be deleted. type AccessAnalyzer struct { + BaseAwsResource Client accessanalyzeriface.AccessAnalyzerAPI Region string AnalyzerNames []string diff --git a/aws/resources/acm_types.go b/aws/resources/acm_types.go index dd344435..1fbb8ac4 100644 --- a/aws/resources/acm_types.go +++ b/aws/resources/acm_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/acm" @@ -12,6 +13,7 @@ import ( // ACMPA - represents all ACMPA type ACM struct { + BaseAwsResource Client acmiface.ACMAPI Region string ARNs []string diff --git a/aws/resources/acmpca_types.go b/aws/resources/acmpca_types.go index 84d1b6c3..46837e05 100644 --- a/aws/resources/acmpca_types.go +++ b/aws/resources/acmpca_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/acmpca" @@ -12,6 +13,7 @@ import ( // ACMPA - represents all ACMPA type ACMPCA struct { + BaseAwsResource Client acmpcaiface.ACMPCAAPI Region string ARNs []string diff --git a/aws/resources/ami_types.go b/aws/resources/ami_types.go index b91f0cd1..d5b7b648 100644 --- a/aws/resources/ami_types.go +++ b/aws/resources/ami_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // AMIs - represents all user owned AMIs type AMIs struct { + BaseAwsResource Client ec2iface.EC2API Region string ImageIds []string diff --git a/aws/resources/apigateway_types.go b/aws/resources/apigateway_types.go index dd58b080..4675099d 100644 --- a/aws/resources/apigateway_types.go +++ b/aws/resources/apigateway_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/apigateway" @@ -11,6 +12,7 @@ import ( ) type ApiGateway struct { + BaseAwsResource Client apigatewayiface.APIGatewayAPI Region string Ids []string diff --git a/aws/resources/apigatewayv2_types.go b/aws/resources/apigatewayv2_types.go index ceff89cc..57d8daaf 100644 --- a/aws/resources/apigatewayv2_types.go +++ b/aws/resources/apigatewayv2_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/apigatewayv2" @@ -11,6 +12,7 @@ import ( ) type ApiGatewayV2 struct { + BaseAwsResource Client apigatewayv2iface.ApiGatewayV2API Region string Ids []string diff --git a/aws/resources/asg_types.go b/aws/resources/asg_types.go index 9fbdedf6..8a58e411 100644 --- a/aws/resources/asg_types.go +++ b/aws/resources/asg_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/autoscaling" @@ -12,6 +13,7 @@ import ( // ASGroups - represents all auto scaling groups type ASGroups struct { + BaseAwsResource Client autoscalingiface.AutoScalingAPI Region string GroupNames []string diff --git a/aws/resources/backup_vault_types.go b/aws/resources/backup_vault_types.go index 8290208a..36d4d7fd 100644 --- a/aws/resources/backup_vault_types.go +++ b/aws/resources/backup_vault_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/backup" @@ -11,6 +12,7 @@ import ( ) type BackupVault struct { + BaseAwsResource Client backupiface.BackupAPI Region string Names []string diff --git a/aws/resources/base_resource.go b/aws/resources/base_resource.go new file mode 100644 index 00000000..5c714080 --- /dev/null +++ b/aws/resources/base_resource.go @@ -0,0 +1,35 @@ +package resources + +import ( + "context" + "errors" + + "github.com/aws/aws-sdk-go/aws/session" + "github.com/gruntwork-io/cloud-nuke/config" +) + +// BaseAwsResource This BaseAwsResource struct and its associated methods to serve as a placeholder or template for a resource +// that is not yet fully implemented within a system or framework. +// Its purpose is to provide a skeleton structure that adheres to a specific interface or contract expected by the +// system without containing the actual implementation details. +type BaseAwsResource struct{} + +func (umpl *BaseAwsResource) Init(_ *session.Session) {} +func (umpl *BaseAwsResource) ResourceName() string { + return "not implemented: ResourceName" +} +func (umpl *BaseAwsResource) ResourceIdentifiers() []string { + return nil +} +func (umpl *BaseAwsResource) MaxBatchSize() int { + return 0 +} +func (umpl *BaseAwsResource) Nuke(_ []string) error { + return errors.New("not implemented: Nuke") +} +func (umpl *BaseAwsResource) GetAndSetIdentifiers(_ context.Context, _ config.Config) ([]string, error) { + return nil, errors.New("not implemented: GetAndSetIdentifiers") +} +func (umpl *BaseAwsResource) IsNukable(_ string) (bool, error) { + return false, errors.New("not implemented yet.") +} diff --git a/aws/resources/cloudtrail_types.go b/aws/resources/cloudtrail_types.go index 4c49ce3d..df5ea247 100644 --- a/aws/resources/cloudtrail_types.go +++ b/aws/resources/cloudtrail_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/cloudtrail" @@ -12,6 +13,7 @@ import ( // CloudWatchLogGroup - represents all ec2 instances type CloudtrailTrail struct { + BaseAwsResource Client cloudtrailiface.CloudTrailAPI Region string Arns []string diff --git a/aws/resources/cloudwatch_alarm_types.go b/aws/resources/cloudwatch_alarm_types.go index 321ac22b..e5e57680 100644 --- a/aws/resources/cloudwatch_alarm_types.go +++ b/aws/resources/cloudwatch_alarm_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/cloudwatch" @@ -12,6 +13,7 @@ import ( // CloudWatchAlarms - represents all CloudWatchAlarms that should be deleted. type CloudWatchAlarms struct { + BaseAwsResource Client cloudwatchiface.CloudWatchAPI Region string AlarmNames []string diff --git a/aws/resources/cloudwatch_dashboard_types.go b/aws/resources/cloudwatch_dashboard_types.go index 9b431195..a8ff6b30 100644 --- a/aws/resources/cloudwatch_dashboard_types.go +++ b/aws/resources/cloudwatch_dashboard_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/cloudwatch" @@ -12,6 +13,7 @@ import ( // CloudWatchDashboards - represents all CloudWatch Dashboards that should be deleted. type CloudWatchDashboards struct { + BaseAwsResource Client cloudwatchiface.CloudWatchAPI Region string DashboardNames []string diff --git a/aws/resources/cloudwatch_loggroup_types.go b/aws/resources/cloudwatch_loggroup_types.go index e501b4ac..9112b659 100644 --- a/aws/resources/cloudwatch_loggroup_types.go +++ b/aws/resources/cloudwatch_loggroup_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/cloudwatchlogs" @@ -12,6 +13,7 @@ import ( // CloudWatchLogGroup - represents all ec2 instances type CloudWatchLogGroups struct { + BaseAwsResource Client cloudwatchlogsiface.CloudWatchLogsAPI Region string Names []string diff --git a/aws/resources/codedeploy_application_types.go b/aws/resources/codedeploy_application_types.go index 42ee1456..19d5d468 100644 --- a/aws/resources/codedeploy_application_types.go +++ b/aws/resources/codedeploy_application_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/codedeploy" @@ -12,6 +13,7 @@ import ( // CodeDeployApplications - represents all codedeploy applications type CodeDeployApplications struct { + BaseAwsResource Client codedeployiface.CodeDeployAPI Region string AppNames []string diff --git a/aws/resources/config_recorder_types.go b/aws/resources/config_recorder_types.go index 9d5207f2..d955ebab 100644 --- a/aws/resources/config_recorder_types.go +++ b/aws/resources/config_recorder_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/configservice" @@ -11,6 +12,7 @@ import ( ) type ConfigServiceRecorders struct { + BaseAwsResource Client configserviceiface.ConfigServiceAPI Region string RecorderNames []string diff --git a/aws/resources/config_service_types.go b/aws/resources/config_service_types.go index 7396a512..e42ef8a8 100644 --- a/aws/resources/config_service_types.go +++ b/aws/resources/config_service_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/configservice" @@ -11,6 +12,7 @@ import ( ) type ConfigServiceRule struct { + BaseAwsResource Client configserviceiface.ConfigServiceAPI Region string RuleNames []string diff --git a/aws/resources/dynamodb_types.go b/aws/resources/dynamodb_types.go index 98fc401f..11e66921 100644 --- a/aws/resources/dynamodb_types.go +++ b/aws/resources/dynamodb_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/dynamodb" @@ -11,6 +12,7 @@ import ( ) type DynamoDB struct { + BaseAwsResource Client dynamodbiface.DynamoDBAPI Region string DynamoTableNames []string diff --git a/aws/resources/ebs_types.go b/aws/resources/ebs_types.go index dcaebf83..82df5f23 100644 --- a/aws/resources/ebs_types.go +++ b/aws/resources/ebs_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // EBSVolumes - represents all ebs volumes type EBSVolumes struct { + BaseAwsResource Client ec2iface.EC2API Region string VolumeIds []string diff --git a/aws/resources/ec2_dedicated_host_types.go b/aws/resources/ec2_dedicated_host_types.go index 67b09210..13a3ea8c 100644 --- a/aws/resources/ec2_dedicated_host_types.go +++ b/aws/resources/ec2_dedicated_host_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // EC2DedicatedHosts - represents all host allocation IDs type EC2DedicatedHosts struct { + BaseAwsResource Client ec2iface.EC2API Region string HostIds []string diff --git a/aws/resources/ec2_dhcp_option_types.go b/aws/resources/ec2_dhcp_option_types.go index 551722d1..6ea7b865 100644 --- a/aws/resources/ec2_dhcp_option_types.go +++ b/aws/resources/ec2_dhcp_option_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -11,6 +12,7 @@ import ( ) type EC2DhcpOption struct { + BaseAwsResource Client ec2iface.EC2API Region string VPCIds []string diff --git a/aws/resources/ec2_ipam_byoasn_types.go b/aws/resources/ec2_ipam_byoasn_types.go index 925734a7..fcad343b 100644 --- a/aws/resources/ec2_ipam_byoasn_types.go +++ b/aws/resources/ec2_ipam_byoasn_types.go @@ -13,6 +13,7 @@ import ( // IPAM Byoasn- represents all IPAMs type EC2IPAMByoasn struct { + BaseAwsResource Client ec2iface.EC2API Region string Pools []string diff --git a/aws/resources/ec2_ipam_custom_allocation_types.go b/aws/resources/ec2_ipam_custom_allocation_types.go index 809c2873..e19f2a0e 100644 --- a/aws/resources/ec2_ipam_custom_allocation_types.go +++ b/aws/resources/ec2_ipam_custom_allocation_types.go @@ -13,6 +13,7 @@ import ( // IPAM Byoasn- represents all IPAMs type EC2IPAMCustomAllocation struct { + BaseAwsResource Client ec2iface.EC2API Region string Allocations []string diff --git a/aws/resources/ec2_ipam_pool_types.go b/aws/resources/ec2_ipam_pool_types.go index 6c2c54f8..cbcd262c 100644 --- a/aws/resources/ec2_ipam_pool_types.go +++ b/aws/resources/ec2_ipam_pool_types.go @@ -13,6 +13,7 @@ import ( // IPAM Pool- represents all IPAMs type EC2IPAMPool struct { + BaseAwsResource Client ec2iface.EC2API Region string Pools []string diff --git a/aws/resources/ec2_ipam_resource_discovery_types.go b/aws/resources/ec2_ipam_resource_discovery_types.go index d7eb3965..4d5ee3de 100644 --- a/aws/resources/ec2_ipam_resource_discovery_types.go +++ b/aws/resources/ec2_ipam_resource_discovery_types.go @@ -13,6 +13,7 @@ import ( // IPAM - represents all IPAMs type EC2IPAMResourceDiscovery struct { + BaseAwsResource Client ec2iface.EC2API Region string DiscoveryIDs []string diff --git a/aws/resources/ec2_ipam_scope_types.go b/aws/resources/ec2_ipam_scope_types.go index 112d73db..c41acaac 100644 --- a/aws/resources/ec2_ipam_scope_types.go +++ b/aws/resources/ec2_ipam_scope_types.go @@ -13,6 +13,7 @@ import ( // scope - represents all scopes type EC2IpamScopes struct { + BaseAwsResource Client ec2iface.EC2API Region string ScopreIDs []string diff --git a/aws/resources/ec2_ipam_types.go b/aws/resources/ec2_ipam_types.go index 61625ead..8ac6994f 100644 --- a/aws/resources/ec2_ipam_types.go +++ b/aws/resources/ec2_ipam_types.go @@ -13,6 +13,7 @@ import ( // IPAM - represents all IPAMs type EC2IPAMs struct { + BaseAwsResource Client ec2iface.EC2API Region string IDs []string diff --git a/aws/resources/ec2_key_pair_types.go b/aws/resources/ec2_key_pair_types.go index 7623ec09..21bb6842 100644 --- a/aws/resources/ec2_key_pair_types.go +++ b/aws/resources/ec2_key_pair_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -11,6 +12,7 @@ import ( ) type EC2KeyPairs struct { + BaseAwsResource Client ec2iface.EC2API Region string KeyPairIds []string diff --git a/aws/resources/ec2_types.go b/aws/resources/ec2_types.go index 94609a7e..ef264a08 100644 --- a/aws/resources/ec2_types.go +++ b/aws/resources/ec2_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // EC2Instances - represents all ec2 instances type EC2Instances struct { + BaseAwsResource Client ec2iface.EC2API Region string InstanceIds []string diff --git a/aws/resources/ec2_vpc_types.go b/aws/resources/ec2_vpc_types.go index e22dd418..4f3105e7 100644 --- a/aws/resources/ec2_vpc_types.go +++ b/aws/resources/ec2_vpc_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -11,6 +12,7 @@ import ( ) type EC2VPCs struct { + BaseAwsResource Client ec2iface.EC2API Region string VPCIds []string diff --git a/aws/resources/ecr_types.go b/aws/resources/ecr_types.go index e4c7cf85..3f446162 100644 --- a/aws/resources/ecr_types.go +++ b/aws/resources/ecr_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ecr" @@ -11,6 +12,7 @@ import ( ) type ECR struct { + BaseAwsResource Client ecriface.ECRAPI Region string RepositoryNames []string diff --git a/aws/resources/ecs_cluster_types.go b/aws/resources/ecs_cluster_types.go index bb66786c..32a81b09 100644 --- a/aws/resources/ecs_cluster_types.go +++ b/aws/resources/ecs_cluster_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ecs" @@ -19,6 +20,7 @@ const maxBatchSize = 49 // ECSClusters - Represents all ECS clusters found in a region type ECSClusters struct { + BaseAwsResource Client ecsiface.ECSAPI Region string ClusterArns []string diff --git a/aws/resources/ecs_service_types.go b/aws/resources/ecs_service_types.go index 759e938a..11d6b308 100644 --- a/aws/resources/ecs_service_types.go +++ b/aws/resources/ecs_service_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ecs" @@ -12,6 +13,7 @@ import ( // ECSServices - Represents all ECS services found in a region type ECSServices struct { + BaseAwsResource Client ecsiface.ECSAPI Region string Services []string diff --git a/aws/resources/efs_types.go b/aws/resources/efs_types.go index 2044f719..eadae5e7 100644 --- a/aws/resources/efs_types.go +++ b/aws/resources/efs_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/efs" @@ -11,6 +12,7 @@ import ( ) type ElasticFileSystem struct { + BaseAwsResource Client efsiface.EFSAPI Region string Ids []string diff --git a/aws/resources/eip_types.go b/aws/resources/eip_types.go index 3cce1e05..8df303da 100644 --- a/aws/resources/eip_types.go +++ b/aws/resources/eip_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // EBSVolumes - represents all ebs volumes type EIPAddresses struct { + BaseAwsResource Client ec2iface.EC2API Region string AllocationIds []string diff --git a/aws/resources/eks_types.go b/aws/resources/eks_types.go index e0e924e0..f0799c27 100644 --- a/aws/resources/eks_types.go +++ b/aws/resources/eks_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/eks" @@ -12,6 +13,7 @@ import ( // EKSClusters - Represents all EKS clusters found in a region type EKSClusters struct { + BaseAwsResource Client eksiface.EKSAPI Region string Clusters []string diff --git a/aws/resources/elasticache_types.go b/aws/resources/elasticache_types.go index 6d5b0a2c..6859e074 100644 --- a/aws/resources/elasticache_types.go +++ b/aws/resources/elasticache_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/elasticache" @@ -12,6 +13,7 @@ import ( // Elasticaches - represents all Elasticache clusters type Elasticaches struct { + BaseAwsResource Client elasticacheiface.ElastiCacheAPI Region string ClusterIds []string @@ -60,6 +62,7 @@ Elasticache Parameter Groups */ type ElasticacheParameterGroups struct { + BaseAwsResource Client elasticacheiface.ElastiCacheAPI Region string GroupNames []string @@ -108,6 +111,7 @@ Elasticache Subnet Groups */ type ElasticacheSubnetGroups struct { + BaseAwsResource Client elasticacheiface.ElastiCacheAPI Region string GroupNames []string diff --git a/aws/resources/elb_types.go b/aws/resources/elb_types.go index 3bc4b1f0..d1f371d7 100644 --- a/aws/resources/elb_types.go +++ b/aws/resources/elb_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/elb" @@ -12,6 +13,7 @@ import ( // LoadBalancers - represents all load balancers type LoadBalancers struct { + BaseAwsResource Client elbiface.ELBAPI Region string Names []string diff --git a/aws/resources/elbv2_types.go b/aws/resources/elbv2_types.go index d19e6284..bb056e3a 100644 --- a/aws/resources/elbv2_types.go +++ b/aws/resources/elbv2_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/elbv2" @@ -12,6 +13,7 @@ import ( // LoadBalancersV2 - represents all load balancers type LoadBalancersV2 struct { + BaseAwsResource Client elbv2iface.ELBV2API Region string Arns []string diff --git a/aws/resources/guardduty_types.go b/aws/resources/guardduty_types.go index 0b2eed2d..2a3235d1 100644 --- a/aws/resources/guardduty_types.go +++ b/aws/resources/guardduty_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/guardduty" @@ -10,6 +11,7 @@ import ( ) type GuardDuty struct { + BaseAwsResource Client guarddutyiface.GuardDutyAPI Region string detectorIds []string diff --git a/aws/resources/iam_group_types.go b/aws/resources/iam_group_types.go index 43ff7285..5dda26e6 100644 --- a/aws/resources/iam_group_types.go +++ b/aws/resources/iam_group_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +13,7 @@ import ( // IAMGroups - represents all IAMGroups on the AWS Account type IAMGroups struct { + BaseAwsResource Client iamiface.IAMAPI GroupNames []string } diff --git a/aws/resources/iam_policy_types.go b/aws/resources/iam_policy_types.go index c8112e86..3e880132 100644 --- a/aws/resources/iam_policy_types.go +++ b/aws/resources/iam_policy_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +13,7 @@ import ( // IAMPolicies - represents all IAM Policies on the AWS account type IAMPolicies struct { + BaseAwsResource Client iamiface.IAMAPI PolicyArns []string } diff --git a/aws/resources/iam_role_types.go b/aws/resources/iam_role_types.go index 8fd4a0b0..8008d4f8 100644 --- a/aws/resources/iam_role_types.go +++ b/aws/resources/iam_role_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +13,7 @@ import ( // IAMRoles - represents all IAMRoles on the AWS Account type IAMRoles struct { + BaseAwsResource Client iamiface.IAMAPI RoleNames []string } diff --git a/aws/resources/iam_service_linked_role_types.go b/aws/resources/iam_service_linked_role_types.go index 80d55449..3faedb61 100644 --- a/aws/resources/iam_service_linked_role_types.go +++ b/aws/resources/iam_service_linked_role_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +13,7 @@ import ( // IAMServiceLinkedRoles - represents all IAMServiceLinkedRoles on the AWS Account type IAMServiceLinkedRoles struct { + BaseAwsResource Client iamiface.IAMAPI RoleNames []string } diff --git a/aws/resources/iam_types.go b/aws/resources/iam_types.go index 06288c95..c9d138ad 100644 --- a/aws/resources/iam_types.go +++ b/aws/resources/iam_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +13,7 @@ import ( // IAMUsers - represents all IAMUsers on the AWS Account type IAMUsers struct { + BaseAwsResource Client iamiface.IAMAPI UserNames []string } diff --git a/aws/resources/kinesis_stream_types.go b/aws/resources/kinesis_stream_types.go index 5cfffddc..1b06d010 100644 --- a/aws/resources/kinesis_stream_types.go +++ b/aws/resources/kinesis_stream_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/kinesis" @@ -12,6 +13,7 @@ import ( // KinesisStreams - represents all Kinesis streams type KinesisStreams struct { + BaseAwsResource Client kinesisiface.KinesisAPI Region string Names []string diff --git a/aws/resources/kms_customer_key_types.go b/aws/resources/kms_customer_key_types.go index 189c9752..4b7abed6 100644 --- a/aws/resources/kms_customer_key_types.go +++ b/aws/resources/kms_customer_key_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/kms" @@ -15,6 +16,7 @@ import ( const kmsRemovalWindow = 7 type KmsCustomerKeys struct { + BaseAwsResource Client kmsiface.KMSAPI Region string KeyIds []string diff --git a/aws/resources/lambda_layer_types.go b/aws/resources/lambda_layer_types.go index 8a321ca1..8c5899d4 100644 --- a/aws/resources/lambda_layer_types.go +++ b/aws/resources/lambda_layer_types.go @@ -12,6 +12,7 @@ import ( ) type LambdaLayers struct { + BaseAwsResource Client lambdaiface.LambdaAPI Region string LambdaFunctionNames []string diff --git a/aws/resources/lambda_types.go b/aws/resources/lambda_types.go index c6641c3c..bd4a3ecf 100644 --- a/aws/resources/lambda_types.go +++ b/aws/resources/lambda_types.go @@ -12,6 +12,7 @@ import ( ) type LambdaFunctions struct { + BaseAwsResource Client lambdaiface.LambdaAPI Region string LambdaFunctionNames []string diff --git a/aws/resources/launch_config_types.go b/aws/resources/launch_config_types.go index abeccd9e..1dcba0ff 100644 --- a/aws/resources/launch_config_types.go +++ b/aws/resources/launch_config_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/autoscaling" @@ -12,6 +13,7 @@ import ( // LaunchConfigs - represents all launch configurations type LaunchConfigs struct { + BaseAwsResource Client autoscalingiface.AutoScalingAPI Region string LaunchConfigurationNames []string diff --git a/aws/resources/launch_template_types.go b/aws/resources/launch_template_types.go index 18869e11..4adf0cb2 100644 --- a/aws/resources/launch_template_types.go +++ b/aws/resources/launch_template_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // LaunchTemplates - represents all launch templates type LaunchTemplates struct { + BaseAwsResource Client ec2iface.EC2API Region string LaunchTemplateNames []string diff --git a/aws/resources/macie_types.go b/aws/resources/macie_types.go index c3590f8b..692776e8 100644 --- a/aws/resources/macie_types.go +++ b/aws/resources/macie_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/macie2" @@ -11,6 +12,7 @@ import ( ) type MacieMember struct { + BaseAwsResource Client macie2iface.Macie2API Region string AccountIds []string diff --git a/aws/resources/msk_cluster_types.go b/aws/resources/msk_cluster_types.go index d9fc5616..81e32731 100644 --- a/aws/resources/msk_cluster_types.go +++ b/aws/resources/msk_cluster_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/kafka" @@ -12,6 +13,7 @@ import ( // MSKCluster - represents all AWS Managed Streaming for Kafka clusters that should be deleted. type MSKCluster struct { + BaseAwsResource Client kafkaiface.KafkaAPI Region string ClusterArns []string diff --git a/aws/resources/nat_gateway_types.go b/aws/resources/nat_gateway_types.go index 649c108b..8431e89a 100644 --- a/aws/resources/nat_gateway_types.go +++ b/aws/resources/nat_gateway_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // NatGateways - represents all AWS secrets manager secrets that should be deleted. type NatGateways struct { + BaseAwsResource Client ec2iface.EC2API Region string NatGatewayIDs []string diff --git a/aws/resources/oidc_provider_types.go b/aws/resources/oidc_provider_types.go index 795cc670..06489fd7 100644 --- a/aws/resources/oidc_provider_types.go +++ b/aws/resources/oidc_provider_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" @@ -12,6 +13,7 @@ import ( // OIDCProviders - represents all AWS OpenID Connect providers that should be deleted. type OIDCProviders struct { + BaseAwsResource Client iamiface.IAMAPI ProviderARNs []string } diff --git a/aws/resources/opensearch_types.go b/aws/resources/opensearch_types.go index f049686c..0525139f 100644 --- a/aws/resources/opensearch_types.go +++ b/aws/resources/opensearch_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/opensearchservice" @@ -12,6 +13,7 @@ import ( // OpenSearchDomains represents all OpenSearch domains found in a region type OpenSearchDomains struct { + BaseAwsResource Client opensearchserviceiface.OpenSearchServiceAPI Region string DomainNames []string diff --git a/aws/resources/rds_cluster_types.go b/aws/resources/rds_cluster_types.go index c8954109..fa3158b9 100644 --- a/aws/resources/rds_cluster_types.go +++ b/aws/resources/rds_cluster_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/rds" @@ -11,6 +12,7 @@ import ( ) type DBClusters struct { + BaseAwsResource Client rdsiface.RDSAPI Region string InstanceNames []string diff --git a/aws/resources/rds_snapshot_types.go b/aws/resources/rds_snapshot_types.go index 6ba91342..86de1ea0 100644 --- a/aws/resources/rds_snapshot_types.go +++ b/aws/resources/rds_snapshot_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/rds" @@ -11,6 +12,7 @@ import ( ) type RdsSnapshot struct { + BaseAwsResource Client rdsiface.RDSAPI Region string Identifiers []string diff --git a/aws/resources/rds_subnet_group_types.go b/aws/resources/rds_subnet_group_types.go index a4cea4ec..b9ab9521 100644 --- a/aws/resources/rds_subnet_group_types.go +++ b/aws/resources/rds_subnet_group_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/rds" @@ -11,6 +12,7 @@ import ( ) type DBSubnetGroups struct { + BaseAwsResource Client rdsiface.RDSAPI Region string InstanceNames []string diff --git a/aws/resources/rds_types.go b/aws/resources/rds_types.go index 0bfc97c9..3f25a95e 100644 --- a/aws/resources/rds_types.go +++ b/aws/resources/rds_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/rds" @@ -11,6 +12,7 @@ import ( ) type DBInstances struct { + BaseAwsResource Client rdsiface.RDSAPI Region string InstanceNames []string diff --git a/aws/resources/redshift_types.go b/aws/resources/redshift_types.go index aa415c64..6221b175 100644 --- a/aws/resources/redshift_types.go +++ b/aws/resources/redshift_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/redshift" @@ -11,6 +12,7 @@ import ( ) type RedshiftClusters struct { + BaseAwsResource Client redshiftiface.RedshiftAPI Region string ClusterIdentifiers []string diff --git a/aws/resources/s3_types.go b/aws/resources/s3_types.go index 3e7a4699..08ebc032 100644 --- a/aws/resources/s3_types.go +++ b/aws/resources/s3_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/s3" @@ -13,6 +14,7 @@ import ( // S3Buckets - represents all S3 Buckets type S3Buckets struct { + BaseAwsResource Client s3iface.S3API Region string Names []string diff --git a/aws/resources/sagemaker_notebook_instance_types.go b/aws/resources/sagemaker_notebook_instance_types.go index daa36c0f..fc996457 100644 --- a/aws/resources/sagemaker_notebook_instance_types.go +++ b/aws/resources/sagemaker_notebook_instance_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/sagemaker" @@ -11,6 +12,7 @@ import ( ) type SageMakerNotebookInstances struct { + BaseAwsResource Client sagemakeriface.SageMakerAPI Region string InstanceNames []string diff --git a/aws/resources/secrets_manager_types.go b/aws/resources/secrets_manager_types.go index 0c50f79d..277afa5a 100644 --- a/aws/resources/secrets_manager_types.go +++ b/aws/resources/secrets_manager_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/secretsmanager" @@ -12,6 +13,7 @@ import ( // SecretsManagerSecrets - represents all AWS secrets manager secrets that should be deleted. type SecretsManagerSecrets struct { + BaseAwsResource Client secretsmanageriface.SecretsManagerAPI Region string SecretIDs []string diff --git a/aws/resources/security_hub_types.go b/aws/resources/security_hub_types.go index 27957cb9..686787de 100644 --- a/aws/resources/security_hub_types.go +++ b/aws/resources/security_hub_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/securityhub" @@ -11,6 +12,7 @@ import ( ) type SecurityHub struct { + BaseAwsResource Client securityhubiface.SecurityHubAPI Region string HubArns []string diff --git a/aws/resources/snapshot_types.go b/aws/resources/snapshot_types.go index 05648263..42207836 100644 --- a/aws/resources/snapshot_types.go +++ b/aws/resources/snapshot_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // Snapshots - represents all user owned Snapshots type Snapshots struct { + BaseAwsResource Client ec2iface.EC2API Region string SnapshotIds []string diff --git a/aws/resources/sns_types.go b/aws/resources/sns_types.go index beb6f09f..a2305af2 100644 --- a/aws/resources/sns_types.go +++ b/aws/resources/sns_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/sns" @@ -11,6 +12,7 @@ import ( ) type SNSTopic struct { + BaseAwsResource Client snsiface.SNSAPI Region string Arns []string diff --git a/aws/resources/sqs_types.go b/aws/resources/sqs_types.go index 752ae348..624a4a0f 100644 --- a/aws/resources/sqs_types.go +++ b/aws/resources/sqs_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/sqs" @@ -12,6 +13,7 @@ import ( // SqsQueue - represents all sqs queues type SqsQueue struct { + BaseAwsResource Client sqsiface.SQSAPI Region string QueueUrls []string diff --git a/aws/resources/transit_gateway.go b/aws/resources/transit_gateway.go index 13185170..336ad039 100644 --- a/aws/resources/transit_gateway.go +++ b/aws/resources/transit_gateway.go @@ -12,14 +12,37 @@ import ( "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" "github.com/gruntwork-io/cloud-nuke/telemetry" + "github.com/gruntwork-io/cloud-nuke/util" "github.com/gruntwork-io/go-commons/errors" commonTelemetry "github.com/gruntwork-io/go-commons/telemetry" ) +/* +NOTE on the Apporach used:-Using the `dry run` approach on verifying the nuking permission in case of a scoped IAM role. +IAM:simulateCustomPolicy : could also be used but the IAM role itself needs permission for simulateCustomPolicy method +else this would not get the desired result. Also in case of multiple t-gateway, if only some has permssion to be nuked, +the t-gateway resource ids needs to be passed individually inside the IAM:simulateCustomPolicy to get the desired result, +else all would result in `Implicit-deny` as response- this might increase the time complexity.Using dry run to avoid this. +*/ +func (tgw *TransitGateways) VerifyNukablePermissions(ctx context.Context, ids []*string) { + // check permissions without actually performing the nuke operation + for _, id := range ids { + // dry run set as true , checks permission without actualy making the request + params := &ec2.DeleteTransitGatewayInput{ + TransitGatewayId: id, + DryRun: aws.Bool(true), + } + _, err := tgw.Client.DeleteTransitGateway(params) + tgw.Nukable[*id] = !util.IsAwsUnauthorizedError(err) + } +} + // Returns a formatted string of TransitGateway IDs func (tgw *TransitGateways) getAll(c context.Context, configObj config.Config) ([]*string, error) { + result, err := tgw.Client.DescribeTransitGateways(&ec2.DescribeTransitGatewaysInput{}) if err != nil { + logging.Debugf("[DescribeTransitGateways Failed] %s", err) return nil, errors.WithStackTrace(err) } @@ -31,10 +54,14 @@ func (tgw *TransitGateways) getAll(c context.Context, configObj config.Config) ( } } + // Check and verfiy the list of allowed nuke actions + tgw.VerifyNukablePermissions(c, ids) + return ids, nil } // Delete all TransitGateways +// it attempts to nuke only those resources for which the current IAM user has permission func (tgw *TransitGateways) nukeAll(ids []*string) error { if len(ids) == 0 { logging.Debugf("No Transit Gateways to nuke in region %s", tgw.Region) @@ -45,6 +72,13 @@ func (tgw *TransitGateways) nukeAll(ids []*string) error { var deletedIds []*string for _, id := range ids { + //check the id has the permission to nuke, if not. continue the execution + if nukable, err := tgw.IsNukable(*id); !nukable && err == nil { + //not adding the report on final result hence not adding a record entry here + logging.Debugf("[Skipping] %s nuke while you didn't have the permission", *id) + continue + } + params := &ec2.DeleteTransitGatewayInput{ TransitGatewayId: id, } diff --git a/aws/resources/transit_gateway_test.go b/aws/resources/transit_gateway_test.go index a6711ce1..77602165 100644 --- a/aws/resources/transit_gateway_test.go +++ b/aws/resources/transit_gateway_test.go @@ -2,14 +2,15 @@ package resources import ( "context" + "testing" + "time" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ec2" "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/telemetry" "github.com/stretchr/testify/require" - "testing" - "time" ) type mockedTransitGateway struct { @@ -86,6 +87,7 @@ func TestTransitGateways_GetAll(t *testing.T) { gatewayId1 := "gateway1" gatewayId2 := "gateway2" tgw := TransitGateways{ + Nukable: make(map[string]bool), Client: mockedTransitGateway{ DescribeTransitGatewaysOutput: ec2.DescribeTransitGatewaysOutput{ TransitGateways: []*ec2.TransitGateway{ diff --git a/aws/resources/transit_gateway_types.go b/aws/resources/transit_gateway_types.go index 32404877..d08503f3 100644 --- a/aws/resources/transit_gateway_types.go +++ b/aws/resources/transit_gateway_types.go @@ -2,6 +2,7 @@ package resources import ( "context" + awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -12,6 +13,7 @@ import ( // TransitGateways - represents all transit gateways type TransitGatewayPeeringAttachment struct { + BaseAwsResource Client ec2iface.EC2API Region string Ids []string @@ -53,6 +55,7 @@ func (tgpa *TransitGatewayPeeringAttachment) Nuke(identifiers []string) error { // TransitGatewaysVpcAttachment - represents all transit gateways vpc attachments type TransitGatewaysVpcAttachment struct { + BaseAwsResource Client ec2iface.EC2API Region string Ids []string @@ -98,6 +101,7 @@ func (tgw *TransitGatewaysVpcAttachment) Nuke(identifiers []string) error { // TransitGatewaysRouteTables - represents all transit gateways route tables type TransitGatewaysRouteTables struct { + BaseAwsResource Client ec2iface.EC2API Region string Ids []string @@ -143,13 +147,17 @@ func (tgw *TransitGatewaysRouteTables) Nuke(identifiers []string) error { // TransitGateways - represents all transit gateways type TransitGateways struct { + BaseAwsResource Client ec2iface.EC2API Region string Ids []string + // A key-value of identifiers and nukable status + Nukable map[string]bool } func (tgw *TransitGateways) Init(session *session.Session) { tgw.Client = ec2.New(session) + tgw.Nukable = map[string]bool{} } // ResourceName - the simple name of the aws resource @@ -185,3 +193,12 @@ func (tgw *TransitGateways) Nuke(identifiers []string) error { return nil } + +// IsNukable - Checks whether the given identifier is authorized to nuke +func (tgw *TransitGateways) IsNukable(identifier string) (bool, error) { + if status, ok := tgw.Nukable[identifier]; ok && status { + return true, nil + } + + return false, nil +} diff --git a/ui/ui.go b/ui/ui.go index ec020257..b2c3eb91 100644 --- a/ui/ui.go +++ b/ui/ui.go @@ -2,13 +2,14 @@ package ui import ( "fmt" - "github.com/gruntwork-io/cloud-nuke/aws" - "github.com/gruntwork-io/cloud-nuke/util" - "github.com/gruntwork-io/go-commons/errors" "io" "os" "strings" + "github.com/gruntwork-io/cloud-nuke/aws" + "github.com/gruntwork-io/cloud-nuke/util" + "github.com/gruntwork-io/go-commons/errors" + "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" "github.com/pterm/pterm" @@ -132,12 +133,16 @@ func renderTableWithHeader(headers []string, data [][]string, w io.Writer) { func RenderResourcesAsTable(account *aws.AwsAccountResources) error { var tableData [][]string - tableData = append(tableData, []string{"Resource Type", "Region", "Identifier"}) + tableData = append(tableData, []string{"Resource Type", "Region", "Identifier", "Nukable"}) for region, resourcesInRegion := range account.Resources { for _, foundResources := range resourcesInRegion.Resources { for _, identifier := range (*foundResources).ResourceIdentifiers() { - tableData = append(tableData, []string{(*foundResources).ResourceName(), region, identifier}) + isnukable := "-" + if marked, err := (*foundResources).IsNukable(identifier); err == nil { + isnukable = fmt.Sprintf("%v", marked) + } + tableData = append(tableData, []string{(*foundResources).ResourceName(), region, identifier, isnukable}) } } } diff --git a/util/error.go b/util/error.go new file mode 100644 index 00000000..3be79fbd --- /dev/null +++ b/util/error.go @@ -0,0 +1,17 @@ +package util + +import ( + "github.com/aws/aws-sdk-go/aws/awserr" +) + +const AWsUnauthorizedError string = "UnauthorizedOperation" + +// IsAwsUnauthorizedError : checks whether the aws returned error is AWsUnauthorizedError +// For any unauthorised error we can use the same code as AWS returns the same code in this scenario +// ref : https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html +func IsAwsUnauthorizedError(err error) bool { + if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == AWsUnauthorizedError { + return true + } + return false +} From 5ec8dd8890ea381811c76a5d0ff81bb900570d6a Mon Sep 17 00:00:00 2001 From: James Kwon <96548424+hongil0316@users.noreply.github.com> Date: Wed, 7 Feb 2024 16:50:44 -0500 Subject: [PATCH 2/3] Fix golang version --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index fc9c8e98..e4951f8b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,5 +1,5 @@ orbs: - go: circleci/go@1.21 + go: circleci/go@1.21.1 # The "sign binary" runs in a MacOS environment, so it's necessary to download GW's binaries env: &env From 7e42dcca517b6ee1a7916ad2eb3ace13d1f31ae8 Mon Sep 17 00:00:00 2001 From: James Kwon <96548424+hongil0316@users.noreply.github.com> Date: Wed, 7 Feb 2024 16:53:30 -0500 Subject: [PATCH 3/3] Fix golang version --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index e4951f8b..63a8e315 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,5 +1,5 @@ orbs: - go: circleci/go@1.21.1 + go: circleci/go@1.11.0 # The "sign binary" runs in a MacOS environment, so it's necessary to download GW's binaries env: &env