From d753ac327eaf4ad53c4ea4f8b00c39a255140420 Mon Sep 17 00:00:00 2001 From: James Kwon Date: Thu, 20 Jul 2023 15:49:55 -0400 Subject: [PATCH 1/3] Initialize aws Client in ResourceType --- aws/access_analyzer_types.go | 3 + aws/ami_types.go | 3 + aws/apigatewayv2_types.go | 5 +- aws/asg_types.go | 3 + aws/aws.go | 294 ++++++++++++++++++----- aws/backup_vault_types.go | 5 +- aws/cloudtrail_types.go | 5 +- aws/cloudwatch_alarm_types.go | 3 + aws/cloudwatch_dashboard_types.go | 3 + aws/cloudwatch_loggroup_types.go | 5 +- aws/codedeploy_application_types.go | 3 + aws/config_recorder_types.go | 3 + aws/config_service_types.go | 3 + aws/dynamodb_types.go | 3 + aws/ebs_types.go | 3 + aws/ec2_dedicated_host_types.go | 3 + aws/ec2_key_pair_types.go | 3 + aws/ec2_types.go | 32 +-- aws/ec2_vpc_types.go | 38 +++ aws/ecr_types.go | 3 + aws/ecs_cluster_types.go | 3 + aws/ecs_service_types.go | 3 + aws/efs_types.go | 5 +- aws/eip_types.go | 3 + aws/elasticache_types.go | 7 + aws/elb_types.go | 5 +- aws/elbv2_types.go | 5 +- aws/guardduty_types.go | 3 + aws/iam_group_types.go | 2 + aws/iam_policy_types.go | 2 + aws/iam_role_types.go | 2 + aws/iam_service_linked_role_types.go | 2 + aws/iam_types.go | 2 + aws/kinesis_stream_types.go | 5 +- aws/kms_customer_key_types.go | 3 + aws/lambda_types.go | 3 + aws/launch_template_types.go | 3 + aws/macie_types.go | 3 + aws/nat_gateway_types.go | 3 + aws/oidc_provider_types.go | 2 + aws/opensearch_types.go | 3 + aws/rds_subnet_group_types.go | 3 + aws/rds_types.go | 3 + aws/redshift_types.go | 3 + aws/s3_types.go | 5 +- aws/sagemaker_notebook_instance_types.go | 3 + aws/secrets_manager_types.go | 3 + aws/security_hub_types.go | 3 + aws/snapshot_types.go | 3 + aws/sns_types.go | 5 +- aws/sqs_types.go | 3 + aws/transit_gateway_types.go | 13 +- 52 files changed, 441 insertions(+), 98 deletions(-) create mode 100644 aws/ec2_vpc_types.go diff --git a/aws/access_analyzer_types.go b/aws/access_analyzer_types.go index 6734076d..fda623e9 100644 --- a/aws/access_analyzer_types.go +++ b/aws/access_analyzer_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/accessanalyzer/accessanalyzeriface" "github.com/gruntwork-io/go-commons/errors" ) // AccessAnalyzer - represents all AWS secrets manager secrets that should be deleted. type AccessAnalyzer struct { + Client accessanalyzeriface.AccessAnalyzerAPI + Region string AnalyzerNames []string } diff --git a/aws/ami_types.go b/aws/ami_types.go index afe9b8f0..d61717f4 100644 --- a/aws/ami_types.go +++ b/aws/ami_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // AMIs - represents all user owned AMIs type AMIs struct { + Client ec2iface.EC2API + Region string ImageIds []string } diff --git a/aws/apigatewayv2_types.go b/aws/apigatewayv2_types.go index 053217c9..74186847 100644 --- a/aws/apigatewayv2_types.go +++ b/aws/apigatewayv2_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/apigatewayv2/apigatewayv2iface" "github.com/gruntwork-io/go-commons/errors" ) type ApiGatewayV2 struct { - Ids []string + Client apigatewayv2iface.ApiGatewayV2API + Region string + Ids []string } func (apigateway ApiGatewayV2) ResourceName() string { diff --git a/aws/asg_types.go b/aws/asg_types.go index c6fb72cf..6b67d2bc 100644 --- a/aws/asg_types.go +++ b/aws/asg_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/autoscaling/autoscalingiface" "github.com/gruntwork-io/go-commons/errors" ) // ASGroups - represents all auto scaling groups type ASGroups struct { + Client autoscalingiface.AutoScalingAPI + Region string GroupNames []string } diff --git a/aws/aws.go b/aws/aws.go index 49ad1530..acefa1c8 100644 --- a/aws/aws.go +++ b/aws/aws.go @@ -2,7 +2,6 @@ package aws import ( "fmt" - "github.com/aws/aws-sdk-go/service/acmpca" "math/rand" "sort" "strings" @@ -14,10 +13,40 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/acm" + "github.com/aws/aws-sdk-go/service/acmpca" "github.com/aws/aws-sdk-go/service/apigateway" + "github.com/aws/aws-sdk-go/service/apigatewayv2" + "github.com/aws/aws-sdk-go/service/autoscaling" + "github.com/aws/aws-sdk-go/service/backup" + "github.com/aws/aws-sdk-go/service/cloudtrail" + "github.com/aws/aws-sdk-go/service/cloudwatch" + "github.com/aws/aws-sdk-go/service/cloudwatchlogs" + "github.com/aws/aws-sdk-go/service/codedeploy" + "github.com/aws/aws-sdk-go/service/configservice" + "github.com/aws/aws-sdk-go/service/dynamodb" + "github.com/aws/aws-sdk-go/service/ebs" "github.com/aws/aws-sdk-go/service/ec2" + "github.com/aws/aws-sdk-go/service/ecr" + "github.com/aws/aws-sdk-go/service/ecs" + "github.com/aws/aws-sdk-go/service/efs" "github.com/aws/aws-sdk-go/service/eks" + "github.com/aws/aws-sdk-go/service/elasticache" + "github.com/aws/aws-sdk-go/service/elb" + "github.com/aws/aws-sdk-go/service/elbv2" + "github.com/aws/aws-sdk-go/service/guardduty" + "github.com/aws/aws-sdk-go/service/iam" + "github.com/aws/aws-sdk-go/service/kinesis" + "github.com/aws/aws-sdk-go/service/kms" + "github.com/aws/aws-sdk-go/service/lambda" + "github.com/aws/aws-sdk-go/service/macie2" "github.com/aws/aws-sdk-go/service/rds" + "github.com/aws/aws-sdk-go/service/redshift" + "github.com/aws/aws-sdk-go/service/s3" + "github.com/aws/aws-sdk-go/service/sagemaker" + "github.com/aws/aws-sdk-go/service/secretsmanager" + "github.com/aws/aws-sdk-go/service/securityhub" + "github.com/aws/aws-sdk-go/service/sns" + "github.com/aws/aws-sdk-go/service/sqs" "github.com/aws/aws-sdk-go/service/sts" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/externalcreds" @@ -271,7 +300,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End ACMPCA arns // ASG Names - asGroups := ASGroups{} + asGroups := ASGroups{ + Client: autoscaling.New(cloudNukeSession), + Region: region, + } if IsNukeable(asGroups.ResourceName(), resourceTypes) { start := time.Now() groupNames, err := getAllAutoScalingGroups(cloudNukeSession, region, excludeAfter, configObj) @@ -325,7 +357,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Launch Configuration Names // Launch Template Names - templates := LaunchTemplates{} + templates := LaunchTemplates{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(templates.ResourceName(), resourceTypes) { start := time.Now() templateNames, err := getAllLaunchTemplates(cloudNukeSession, excludeAfter, configObj) @@ -352,8 +387,11 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp } // End Launch Template Names - // LoadBalancer Names - loadBalancers := LoadBalancers{} + // LoadBalancers Names + loadBalancers := LoadBalancers{ + Client: elb.New(cloudNukeSession), + Region: region, + } if IsNukeable(loadBalancers.ResourceName(), resourceTypes) { start := time.Now() elbNames, err := getAllElbInstances(cloudNukeSession, region, excludeAfter) @@ -380,7 +418,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End LoadBalancer Names // LoadBalancerV2 Arns - loadBalancersV2 := LoadBalancersV2{} + loadBalancersV2 := LoadBalancersV2{ + Client: elbv2.New(cloudNukeSession), + Region: region, + } if IsNukeable(loadBalancersV2.ResourceName(), resourceTypes) { start := time.Now() elbv2Arns, err := getAllElbv2Instances(cloudNukeSession, region, excludeAfter, configObj) @@ -407,7 +448,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End LoadBalancerV2 Arns // SQS Queues - sqsQueue := SqsQueue{} + sqsQueue := SqsQueue{ + Client: sqs.New(cloudNukeSession), + Region: region, + } if IsNukeable(sqsQueue.ResourceName(), resourceTypes) { start := time.Now() queueUrls, err := getAllSqsQueue(cloudNukeSession, region, excludeAfter) @@ -434,7 +478,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End SQS Queue // TransitGatewayVpcAttachment - transitGatewayVpcAttachments := TransitGatewaysVpcAttachment{} + transitGatewayVpcAttachments := TransitGatewaysVpcAttachment{ + Client: ec2.New(cloudNukeSession), + Region: region, + } transitGatewayIsAvailable, err := tgIsAvailableInRegion(cloudNukeSession, region) if err != nil { ge := report.GeneralError{ @@ -470,7 +517,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End TransitGatewayVpcAttachment // TransitGatewayRouteTable - transitGatewayRouteTables := TransitGatewaysRouteTables{} + transitGatewayRouteTables := TransitGatewaysRouteTables{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(transitGatewayRouteTables.ResourceName(), resourceTypes) && transitGatewayIsAvailable { start := time.Now() transitGatewayRouteTableIds, err := getAllTransitGatewayRouteTables(cloudNukeSession, region, excludeAfter) @@ -497,7 +547,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End TransitGatewayRouteTable // TransitGateway - transitGateways := TransitGateways{} + transitGateways := TransitGateways{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(transitGateways.ResourceName(), resourceTypes) && transitGatewayIsAvailable { start := time.Now() transitGatewayIds, err := getAllTransitGatewayInstances(cloudNukeSession, region, excludeAfter) @@ -524,7 +577,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End TransitGateway // NATGateway - natGateways := NatGateways{} + natGateways := NatGateways{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(natGateways.ResourceName(), resourceTypes) { start := time.Now() ngwIDs, err := getAllNatGateways(cloudNukeSession, excludeAfter, configObj) @@ -551,7 +607,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End NATGateway // OpenSearch Domains - domains := OpenSearchDomains{} + domains := OpenSearchDomains{ + Client: iam.New(cloudNukeSession), + Region: region, + } if IsNukeable(domains.ResourceName(), resourceTypes) { start := time.Now() domainNames, err := getOpenSearchDomainsToNuke(cloudNukeSession, excludeAfter, configObj) @@ -578,7 +637,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End OpenSearchDomains // EC2 Instances - ec2Instances := EC2Instances{} + ec2Instances := EC2Instances{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(ec2Instances.ResourceName(), resourceTypes) { start := time.Now() instanceIds, err := getAllEc2Instances(cloudNukeSession, region, excludeAfter, configObj) @@ -605,7 +667,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End EC2 Instances // EC2 Dedicated Hosts - ec2DedicatedHosts := EC2DedicatedHosts{} + ec2DedicatedHosts := EC2DedicatedHosts{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(ec2DedicatedHosts.ResourceName(), resourceTypes) { start := time.Now() hostIds, err := getAllEc2DedicatedHosts(cloudNukeSession, excludeAfter, configObj) @@ -633,7 +698,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End EC2 Dedicated Hosts // EBS Volumes - ebsVolumes := EBSVolumes{} + ebsVolumes := EBSVolumes{ + Client: ebs.New(cloudNukeSession), + Region: region, + } if IsNukeable(ebsVolumes.ResourceName(), resourceTypes) { start := time.Now() volumeIds, err := getAllEbsVolumes(cloudNukeSession, region, excludeAfter, configObj) @@ -660,7 +728,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End EBS Volumes // EIP Addresses - eipAddresses := EIPAddresses{} + eipAddresses := EIPAddresses{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(eipAddresses.ResourceName(), resourceTypes) { start := time.Now() allocationIds, err := getAllEIPAddresses(cloudNukeSession, region, excludeAfter, configObj) @@ -687,7 +758,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End EIP Addresses // AMIs - amis := AMIs{} + amis := AMIs{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(amis.ResourceName(), resourceTypes) { start := time.Now() imageIds, err := getAllAMIs(cloudNukeSession, region, excludeAfter) @@ -714,7 +788,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End AMIs // Snapshots - snapshots := Snapshots{} + snapshots := Snapshots{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(snapshots.ResourceName(), resourceTypes) { start := time.Now() snapshotIds, err := getAllSnapshots(cloudNukeSession, region, excludeAfter) @@ -741,7 +818,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Snapshots // ECS resources - ecsServices := ECSServices{} + ecsServices := ECSServices{ + Client: ecs.New(cloudNukeSession), + Region: region, + } if IsNukeable(ecsServices.ResourceName(), resourceTypes) { start := time.Now() clusterArns, err := getAllEcsClusters(cloudNukeSession) @@ -771,7 +851,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp }) } - ecsClusters := ECSClusters{} + ecsClusters := ECSClusters{ + Client: ecs.New(cloudNukeSession), + Region: region, + } if IsNukeable(ecsClusters.ResourceName(), resourceTypes) { start := time.Now() ecsClusterArns, err := getAllEcsClustersOlderThan(cloudNukeSession, excludeAfter, configObj) @@ -828,7 +911,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End EKS resources // RDS DB Instances - dbInstances := DBInstances{} + dbInstances := DBInstances{ + Client: rds.New(cloudNukeSession), + Region: region, + } if IsNukeable(dbInstances.ResourceName(), resourceTypes) { start := time.Now() instanceNames, err := getAllRdsInstances(cloudNukeSession, excludeAfter, configObj) @@ -856,7 +942,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End RDS DB Instances // RDS DB Subnet Groups - dbSubnetGroups := DBSubnetGroups{} + dbSubnetGroups := DBSubnetGroups{ + Client: rds.New(cloudNukeSession), + Region: region, + } if IsNukeable(dbSubnetGroups.ResourceName(), resourceTypes) { start := time.Now() @@ -920,7 +1009,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End RDS DB Clusters // Backup Vaults - backupVault := BackupVault{} + backupVault := BackupVault{ + Client: backup.New(cloudNukeSession), + Region: region, + } if IsNukeable(backupVault.ResourceName(), resourceTypes) { start := time.Now() backupVaultNames, err := getAllBackupVault(cloudNukeSession, configObj) @@ -948,7 +1040,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End backup vaults // Lambda Functions - lambdaFunctions := LambdaFunctions{} + lambdaFunctions := LambdaFunctions{ + Client: lambda.New(cloudNukeSession), + Region: region, + } if IsNukeable(lambdaFunctions.ResourceName(), resourceTypes) { start := time.Now() lambdaFunctionNames, err := getAllLambdaFunctions(cloudNukeSession, excludeAfter, configObj, lambdaFunctions.MaxBatchSize()) @@ -976,7 +1071,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Lambda Functions // Secrets Manager Secrets - secretsManagerSecrets := SecretsManagerSecrets{} + secretsManagerSecrets := SecretsManagerSecrets{ + Client: secretsmanager.New(cloudNukeSession), + Region: region, + } if IsNukeable(secretsManagerSecrets.ResourceName(), resourceTypes) { start := time.Now() secrets, err := getAllSecretsManagerSecrets(cloudNukeSession, excludeAfter, configObj) @@ -1033,7 +1131,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End AccessAnalyzer // CloudWatchDashboard - cloudwatchDashboards := CloudWatchDashboards{} + cloudwatchDashboards := CloudWatchDashboards{ + Client: cloudwatch.New(cloudNukeSession), + Region: region, + } if IsNukeable(cloudwatchDashboards.ResourceName(), resourceTypes) { start := time.Now() cwdbNames, err := getAllCloudWatchDashboards(cloudNukeSession, excludeAfter, configObj) @@ -1061,7 +1162,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End CloudWatchDashboard // CloudWatchLogGroup - cloudwatchLogGroups := CloudWatchLogGroups{} + cloudwatchLogGroups := CloudWatchLogGroups{ + Client: cloudwatchlogs.New(cloudNukeSession), + Region: region, + } if IsNukeable(cloudwatchLogGroups.ResourceName(), resourceTypes) { start := time.Now() lgNames, err := getAllCloudWatchLogGroups(cloudNukeSession, excludeAfter, configObj) @@ -1088,7 +1192,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End CloudWatchLogGroup // S3 Buckets - s3Buckets := S3Buckets{} + s3Buckets := S3Buckets{ + Client: s3.New(cloudNukeSession), + Region: region, + } if IsNukeable(s3Buckets.ResourceName(), resourceTypes) { start := time.Now() var bucketNamesPerRegion map[string][]*string @@ -1147,7 +1254,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp } // End S3 Buckets - DynamoDB := DynamoDB{} + DynamoDB := DynamoDB{ + Client: dynamodb.New(cloudNukeSession), + Region: region, + } if IsNukeable(DynamoDB.ResourceName(), resourceTypes) { start := time.Now() tablenames, err := getAllDynamoTables(cloudNukeSession, excludeAfter, configObj, DynamoDB) @@ -1175,7 +1285,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Dynamo DB tables // EC2 VPCS - ec2Vpcs := EC2VPCs{} + ec2Vpcs := VPC{ + Client: ec2.New(cloudNukeSession), + Region: region, + } if IsNukeable(ec2Vpcs.ResourceName(), resourceTypes) { start := time.Now() vpcids, vpcs, err := getAllVpcs(cloudNukeSession, region, excludeAfter, configObj) @@ -1227,7 +1340,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End EC2 KeyPairs // Elasticaches - elasticaches := Elasticaches{} + elasticaches := Elasticaches{ + Client: elasticache.New(cloudNukeSession), + Region: region, + } if IsNukeable(elasticaches.ResourceName(), resourceTypes) { start := time.Now() clusterIds, err := getAllElasticacheClusters(cloudNukeSession, region, excludeAfter, configObj) @@ -1255,7 +1371,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Elasticaches // Elasticache Parameter Groups - elasticacheParameterGroups := ElasticacheParameterGroups{} + elasticacheParameterGroups := ElasticacheParameterGroups{ + Client: elasticache.New(cloudNukeSession), + Region: region, + } if IsNukeable(elasticacheParameterGroups.ResourceName(), resourceTypes) { start := time.Now() groupNames, err := getAllElasticacheParameterGroups(cloudNukeSession, region, excludeAfter, configObj) @@ -1283,7 +1402,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Elasticache Parameter Groups // Elasticache Subnet Groups - elasticacheSubnetGroups := ElasticacheSubnetGroups{} + elasticacheSubnetGroups := ElasticacheSubnetGroups{ + Client: elasticache.New(cloudNukeSession), + Region: region, + } if IsNukeable(elasticacheSubnetGroups.ResourceName(), resourceTypes) { start := time.Now() groupNames, err := getAllElasticacheSubnetGroups(cloudNukeSession, region, excludeAfter, configObj) @@ -1311,7 +1433,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Elasticache Subnet Groups // KMS Customer managed keys - customerKeys := KmsCustomerKeys{} + customerKeys := KmsCustomerKeys{ + Client: kms.New(cloudNukeSession), + Region: region, + } if IsNukeable(customerKeys.ResourceName(), resourceTypes) { start := time.Now() keys, aliases, err := getAllKmsUserKeys(cloudNukeSession, customerKeys.MaxBatchSize(), excludeAfter, configObj, allowDeleteUnaliasedKeys) @@ -1340,7 +1465,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End KMS Customer managed keys // GuardDuty detectors - guardDutyDetectors := GuardDuty{} + guardDutyDetectors := GuardDuty{ + Client: guardduty.New(cloudNukeSession), + Region: region, + } if IsNukeable(guardDutyDetectors.ResourceName(), resourceTypes) { start := time.Now() detectors, err := getAllGuardDutyDetectors(cloudNukeSession, excludeAfter, configObj, guardDutyDetectors.MaxBatchSize()) @@ -1367,7 +1495,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End GuardDuty detectors // Macie member accounts - macieAccounts := MacieMember{} + macieAccounts := MacieMember{ + Client: macie2.New(cloudNukeSession), + Region: region, + } if IsNukeable(macieAccounts.ResourceName(), resourceTypes) { start := time.Now() // Unfortunately, the Macie API doesn't provide the metadata information we'd need to implement the excludeAfter or configObj patterns @@ -1396,7 +1527,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Macie member accounts // Start SageMaker Notebook Instances - notebookInstances := SageMakerNotebookInstances{} + notebookInstances := SageMakerNotebookInstances{ + Client: sagemaker.New(cloudNukeSession), + Region: region, + } if IsNukeable(notebookInstances.ResourceName(), resourceTypes) { start := time.Now() instances, err := getAllNotebookInstances(cloudNukeSession, excludeAfter, configObj) @@ -1423,7 +1557,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End SageMaker Notebook Instances // Kinesis Streams - kinesisStreams := KinesisStreams{} + kinesisStreams := KinesisStreams{ + Client: kinesis.New(cloudNukeSession), + Region: region, + } if IsNukeable(kinesisStreams.ResourceName(), resourceTypes) { start := time.Now() streams, err := getAllKinesisStreams(cloudNukeSession, configObj) @@ -1450,7 +1587,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Kinesis Streams // Redshift Clusters - redshiftClusters := RedshiftClusters{} + redshiftClusters := RedshiftClusters{ + Client: redshift.New(cloudNukeSession), + Region: region, + } if IsNukeable(redshiftClusters.ResourceName(), resourceTypes) { start := time.Now() clusters, err := getAllRedshiftClusters(cloudNukeSession, region, excludeAfter, configObj) @@ -1507,7 +1647,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End API Gateways (v1) // API Gateways (v2) - apiGatewaysV2 := ApiGatewayV2{} + apiGatewaysV2 := ApiGatewayV2{ + Client: apigatewayv2.New(cloudNukeSession), + Region: region, + } if IsNukeable(apiGatewaysV2.ResourceName(), resourceTypes) { start := time.Now() gatewayV2Ids, err := getAllAPIGatewaysV2(cloudNukeSession, excludeAfter, configObj) @@ -1534,7 +1677,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End API Gateways (v2) // Elastic FileSystems (efs) - elasticFileSystems := ElasticFileSystem{} + elasticFileSystems := ElasticFileSystem{ + Client: efs.New(cloudNukeSession), + Region: region, + } if IsNukeable(elasticFileSystems.ResourceName(), resourceTypes) { start := time.Now() elasticFileSystemsIds, err := getAllElasticFileSystems(cloudNukeSession, excludeAfter, configObj) @@ -1561,7 +1707,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Elastic FileSystems (efs) // SNS Topics - snsTopics := SNSTopic{} + snsTopics := SNSTopic{ + Client: sns.New(cloudNukeSession), + Region: region, + } if IsNukeable(snsTopics.ResourceName(), resourceTypes) { start := time.Now() snsTopicArns, err := getAllSNSTopics(cloudNukeSession, excludeAfter, configObj) @@ -1588,7 +1737,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End SNS Topics // Cloudtrail Trails - cloudtrailTrails := CloudtrailTrail{} + cloudtrailTrails := CloudtrailTrail{ + Client: cloudtrail.New(cloudNukeSession), + Region: region, + } if IsNukeable(cloudtrailTrails.ResourceName(), resourceTypes) { start := time.Now() cloudtrailArns, err := getAllCloudtrailTrails(cloudNukeSession, excludeAfter, configObj) @@ -1615,7 +1767,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Cloudtrail Trails // ECR Repositories - ecrRepositories := ECR{} + ecrRepositories := ECR{ + Client: ecr.New(cloudNukeSession), + Region: region, + } if IsNukeable(ecrRepositories.ResourceName(), resourceTypes) { start := time.Now() ecrRepositoryArns, err := getAllECRRepositories(cloudNukeSession, excludeAfter, configObj) @@ -1642,7 +1797,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End ECR Repositories // Config Service Rules - configServiceRules := ConfigServiceRule{} + configServiceRules := ConfigServiceRule{ + Client: configservice.New(cloudNukeSession), + Region: region, + } if IsNukeable(configServiceRules.ResourceName(), resourceTypes) { start := time.Now() configServiceRuleNames, err := getAllConfigRules(cloudNukeSession, excludeAfter, configObj) @@ -1669,7 +1827,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Config service rules // Config Service recorders - configServiceRecorders := ConfigServiceRecorders{} + configServiceRecorders := ConfigServiceRecorders{ + Client: configservice.New(cloudNukeSession), + Region: region, + } if IsNukeable(configServiceRecorders.ResourceName(), resourceTypes) { start := time.Now() configServiceRecorderNames, err := getAllConfigRecorders(cloudNukeSession, excludeAfter, configObj) @@ -1696,7 +1857,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Config service recorders // CloudWatchAlarm - cloudwatchAlarms := CloudWatchAlarms{} + cloudwatchAlarms := CloudWatchAlarms{ + Client: cloudwatch.New(cloudNukeSession), + Region: region, + } if IsNukeable(cloudwatchAlarms.ResourceName(), resourceTypes) { start := time.Now() cwalNames, err := getAllCloudWatchAlarms(cloudNukeSession, excludeAfter, configObj) @@ -1723,7 +1887,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End CloudWatchAlarm // Security Hub - securityHub := SecurityHub{} + securityHub := SecurityHub{ + Client: securityhub.New(cloudNukeSession), + Region: region, + } if IsNukeable(securityHub.ResourceName(), resourceTypes) { start := time.Now() hubArns, err := getAllSecurityHubArns(cloudNukeSession, excludeAfter) @@ -1750,7 +1917,10 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Security Hub // CodeDeploy Applications - codeDeployApplications := CodeDeployApplications{} + codeDeployApplications := CodeDeployApplications{ + Client: codedeploy.New(cloudNukeSession), + Region: region, + } if IsNukeable(codeDeployApplications.ResourceName(), resourceTypes) { start := time.Now() applications, err := getAllCodeDeployApplications(cloudNukeSession, excludeAfter, configObj) @@ -1823,7 +1993,9 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp globalResources := AwsRegionResource{} // IAM Users - iamUsers := IAMUsers{} + iamUsers := IAMUsers{ + Client: iam.New(session), + } if IsNukeable(iamUsers.ResourceName(), resourceTypes) { start := time.Now() userNames, err := getAllIamUsers(session, excludeAfter, configObj) @@ -1850,7 +2022,9 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End IAM Users // IAM Groups - iamGroups := IAMGroups{} + iamGroups := IAMGroups{ + Client: iam.New(session), + } if IsNukeable(iamGroups.ResourceName(), resourceTypes) { start := time.Now() groupNames, err := getAllIamGroups(session, excludeAfter, configObj) @@ -1872,7 +2046,9 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // END IAM Groups // IAM Policies - iamPolicies := IAMPolicies{} + iamPolicies := IAMPolicies{ + Client: iam.New(session), + } if IsNukeable(iamPolicies.ResourceName(), resourceTypes) { start := time.Now() policyArns, err := getAllLocalIamPolicies(session, excludeAfter, configObj) @@ -1894,7 +2070,9 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End IAM Policies // IAM OpenID Connect Providers - oidcProviders := OIDCProviders{} + oidcProviders := OIDCProviders{ + Client: iam.New(session), + } if IsNukeable(oidcProviders.ResourceName(), resourceTypes) { start := time.Now() providerARNs, err := getAllOIDCProviders(session, excludeAfter, configObj) @@ -1922,7 +2100,9 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End IAM OpenIDConnectProviders // IAM Roles - iamRoles := IAMRoles{} + iamRoles := IAMRoles{ + Client: iam.New(session), + } if IsNukeable(iamRoles.ResourceName(), resourceTypes) { start := time.Now() roleNames, err := getAllIamRoles(session, excludeAfter, configObj) @@ -1949,7 +2129,9 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End IAM Roles // IAM Service Linked Roles - iamServiceLinkedRoles := IAMServiceLinkedRoles{} + iamServiceLinkedRoles := IAMServiceLinkedRoles{ + Client: iam.New(session), + } if IsNukeable(iamServiceLinkedRoles.ResourceName(), resourceTypes) { start := time.Now() roleNames, err := getAllIamServiceLinkedRoles(session, excludeAfter, configObj) @@ -2018,7 +2200,7 @@ func ListResourceTypes() []string { CloudWatchDashboards{}.ResourceName(), AccessAnalyzer{}.ResourceName(), DynamoDB{}.ResourceName(), - EC2VPCs{}.ResourceName(), + VPC{}.ResourceName(), Elasticaches{}.ResourceName(), ElasticacheParameterGroups{}.ResourceName(), ElasticacheSubnetGroups{}.ResourceName(), diff --git a/aws/backup_vault_types.go b/aws/backup_vault_types.go index 47ca3e80..834a4d78 100644 --- a/aws/backup_vault_types.go +++ b/aws/backup_vault_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/backup/backupiface" "github.com/gruntwork-io/go-commons/errors" ) type BackupVault struct { - Names []string + Client backupiface.BackupAPI + Region string + Names []string } // ResourceName - the simple name of the aws resource diff --git a/aws/cloudtrail_types.go b/aws/cloudtrail_types.go index 5ee79206..799cf22e 100644 --- a/aws/cloudtrail_types.go +++ b/aws/cloudtrail_types.go @@ -3,12 +3,15 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/cloudtrail/cloudtrailiface" "github.com/gruntwork-io/go-commons/errors" ) // CloudWatchLogGroup - represents all ec2 instances type CloudtrailTrail struct { - Arns []string + Client cloudtrailiface.CloudTrailAPI + Region string + Arns []string } // ResourceName - the simple name of the aws resource diff --git a/aws/cloudwatch_alarm_types.go b/aws/cloudwatch_alarm_types.go index 24a06e8b..82846811 100644 --- a/aws/cloudwatch_alarm_types.go +++ b/aws/cloudwatch_alarm_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/cloudwatch/cloudwatchiface" "github.com/gruntwork-io/go-commons/errors" ) // CloudWatchAlarms - represents all CloudWatchAlarms that should be deleted. type CloudWatchAlarms struct { + Client cloudwatchiface.CloudWatchAPI + Region string AlarmNames []string } diff --git a/aws/cloudwatch_dashboard_types.go b/aws/cloudwatch_dashboard_types.go index 6a4dea0c..e7b8454f 100644 --- a/aws/cloudwatch_dashboard_types.go +++ b/aws/cloudwatch_dashboard_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/cloudwatch/cloudwatchiface" "github.com/gruntwork-io/go-commons/errors" ) // CloudWatchDashboards - represents all CloudWatch Dashboards that should be deleted. type CloudWatchDashboards struct { + Client cloudwatchiface.CloudWatchAPI + Region string DashboardNames []string } diff --git a/aws/cloudwatch_loggroup_types.go b/aws/cloudwatch_loggroup_types.go index 525d4f67..26c8da3a 100644 --- a/aws/cloudwatch_loggroup_types.go +++ b/aws/cloudwatch_loggroup_types.go @@ -3,12 +3,15 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/cloudwatchlogs/cloudwatchlogsiface" "github.com/gruntwork-io/go-commons/errors" ) // CloudWatchLogGroup - represents all ec2 instances type CloudWatchLogGroups struct { - Names []string + Client cloudwatchlogsiface.CloudWatchLogsAPI + Region string + Names []string } // ResourceName - the simple name of the aws resource diff --git a/aws/codedeploy_application_types.go b/aws/codedeploy_application_types.go index 2d353177..913c77be 100644 --- a/aws/codedeploy_application_types.go +++ b/aws/codedeploy_application_types.go @@ -2,11 +2,14 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/codedeploy/codedeployiface" "github.com/gruntwork-io/go-commons/errors" ) // CodeDeployApplications - represents all codedeploy applications type CodeDeployApplications struct { + Client codedeployiface.CodeDeployAPI + Region string AppNames []string } diff --git a/aws/config_recorder_types.go b/aws/config_recorder_types.go index de7adc9c..ed71ed78 100644 --- a/aws/config_recorder_types.go +++ b/aws/config_recorder_types.go @@ -2,10 +2,13 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/configservice/configserviceiface" "github.com/gruntwork-io/go-commons/errors" ) type ConfigServiceRecorders struct { + Client configserviceiface.ConfigServiceAPI + Region string RecorderNames []string } diff --git a/aws/config_service_types.go b/aws/config_service_types.go index c6e70966..46affe00 100644 --- a/aws/config_service_types.go +++ b/aws/config_service_types.go @@ -2,10 +2,13 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/configservice/configserviceiface" "github.com/gruntwork-io/go-commons/errors" ) type ConfigServiceRule struct { + Client configserviceiface.ConfigServiceAPI + Region string RuleNames []string } diff --git a/aws/dynamodb_types.go b/aws/dynamodb_types.go index f9213f7b..7cae1d17 100644 --- a/aws/dynamodb_types.go +++ b/aws/dynamodb_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/dynamodb/dynamodbiface" "github.com/gruntwork-io/gruntwork-cli/errors" ) type DynamoDB struct { + Client dynamodbiface.DynamoDBAPI + Region string DynamoTableNames []string } diff --git a/aws/ebs_types.go b/aws/ebs_types.go index 088039ca..9e0ccebf 100644 --- a/aws/ebs_types.go +++ b/aws/ebs_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ebs/ebsiface" "github.com/gruntwork-io/go-commons/errors" ) // EBSVolumes - represents all ebs volumes type EBSVolumes struct { + Client ebsiface.EBSAPI + Region string VolumeIds []string } diff --git a/aws/ec2_dedicated_host_types.go b/aws/ec2_dedicated_host_types.go index b5580dce..b0ae3e13 100644 --- a/aws/ec2_dedicated_host_types.go +++ b/aws/ec2_dedicated_host_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // EC2DedicatedHosts - represents all host allocation IDs type EC2DedicatedHosts struct { + Client ec2iface.EC2API + Region string HostIds []string } diff --git a/aws/ec2_key_pair_types.go b/aws/ec2_key_pair_types.go index 80eb8c87..8ad22f46 100644 --- a/aws/ec2_key_pair_types.go +++ b/aws/ec2_key_pair_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) type EC2KeyPairs struct { + Client ec2iface.EC2API + Region string KeyPairIds []string } diff --git a/aws/ec2_types.go b/aws/ec2_types.go index e2f2a4a3..06f546a3 100644 --- a/aws/ec2_types.go +++ b/aws/ec2_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // EC2Instances - represents all ec2 instances type EC2Instances struct { + Client ec2iface.EC2API + Region string InstanceIds []string } @@ -34,32 +37,3 @@ func (instance EC2Instances) Nuke(session *session.Session, identifiers []string return nil } - -type EC2VPCs struct { - VPCIds []string - VPCs []Vpc -} - -// ResourceName - the simple name of the aws resource -func (v EC2VPCs) ResourceName() string { - return "vpc" -} - -// ResourceIdentifiers - The instance ids of the ec2 instances -func (v EC2VPCs) ResourceIdentifiers() []string { - return v.VPCIds -} - -func (v EC2VPCs) MaxBatchSize() int { - // Tentative batch size to ensure AWS doesn't throttle - return 49 -} - -// Nuke - nuke 'em all!!! -func (v EC2VPCs) Nuke(session *session.Session, identifiers []string) error { - if err := nukeAllVPCs(session, identifiers, v.VPCs); err != nil { - return errors.WithStackTrace(err) - } - - return nil -} diff --git a/aws/ec2_vpc_types.go b/aws/ec2_vpc_types.go new file mode 100644 index 00000000..1e017c0a --- /dev/null +++ b/aws/ec2_vpc_types.go @@ -0,0 +1,38 @@ +package aws + +import ( + "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" + "github.com/gruntwork-io/go-commons/errors" +) + +type VPC struct { + Client ec2iface.EC2API + Region string + VPCIds []string + VPCs []Vpc +} + +// ResourceName - the simple name of the aws resource +func (v VPC) ResourceName() string { + return "vpc" +} + +// ResourceIdentifiers - The instance ids of the ec2 instances +func (v VPC) ResourceIdentifiers() []string { + return v.VPCIds +} + +func (v VPC) MaxBatchSize() int { + // Tentative batch size to ensure AWS doesn't throttle + return 49 +} + +// Nuke - nuke 'em all!!! +func (v VPC) Nuke(session *session.Session, identifiers []string) error { + if err := nukeAllVPCs(session, identifiers, v.VPCs); err != nil { + return errors.WithStackTrace(err) + } + + return nil +} diff --git a/aws/ecr_types.go b/aws/ecr_types.go index c5758020..282da040 100644 --- a/aws/ecr_types.go +++ b/aws/ecr_types.go @@ -2,10 +2,13 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ecr/ecriface" "github.com/gruntwork-io/go-commons/errors" ) type ECR struct { + Client ecriface.ECRAPI + Region string RepositoryNames []string } diff --git a/aws/ecs_cluster_types.go b/aws/ecs_cluster_types.go index 3d32b6ab..cd7a5d91 100644 --- a/aws/ecs_cluster_types.go +++ b/aws/ecs_cluster_types.go @@ -3,6 +3,7 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ecs/ecsiface" "github.com/gruntwork-io/go-commons/errors" ) @@ -15,6 +16,8 @@ const maxBatchSize = 49 // ECSClusters - Represents all ECS clusters found in a region type ECSClusters struct { + Client ecsiface.ECSAPI + Region string ClusterArns []string } diff --git a/aws/ecs_service_types.go b/aws/ecs_service_types.go index 149c03b2..a9d7c8d4 100644 --- a/aws/ecs_service_types.go +++ b/aws/ecs_service_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ecs/ecsiface" "github.com/gruntwork-io/go-commons/errors" ) // ECSServices - Represents all ECS services found in a region type ECSServices struct { + Client ecsiface.ECSAPI + Region string Services []string ServiceClusterMap map[string]string } diff --git a/aws/efs_types.go b/aws/efs_types.go index 0e31f827..94a3d4cf 100644 --- a/aws/efs_types.go +++ b/aws/efs_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/efs/efsiface" "github.com/gruntwork-io/go-commons/errors" ) type ElasticFileSystem struct { - Ids []string + Client efsiface.EFSAPI + Region string + Ids []string } func (efs ElasticFileSystem) ResourceName() string { diff --git a/aws/eip_types.go b/aws/eip_types.go index 5c5c778f..36ce2aeb 100644 --- a/aws/eip_types.go +++ b/aws/eip_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // EBSVolumes - represents all ebs volumes type EIPAddresses struct { + Client ec2iface.EC2API + Region string AllocationIds []string } diff --git a/aws/elasticache_types.go b/aws/elasticache_types.go index f6fb2c19..15f174b2 100644 --- a/aws/elasticache_types.go +++ b/aws/elasticache_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/elasticache/elasticacheiface" "github.com/gruntwork-io/go-commons/errors" ) // Elasticaches - represents all Elasticache clusters type Elasticaches struct { + Client elasticacheiface.ElastiCacheAPI + Region string ClusterIds []string } @@ -40,6 +43,8 @@ Elasticache Parameter Groups */ type ElasticacheParameterGroups struct { + Client elasticacheiface.ElastiCacheAPI + Region string GroupNames []string } @@ -72,6 +77,8 @@ Elasticache Subnet Groups */ type ElasticacheSubnetGroups struct { + Client elasticacheiface.ElastiCacheAPI + Region string GroupNames []string } diff --git a/aws/elb_types.go b/aws/elb_types.go index 168f250c..e864908a 100644 --- a/aws/elb_types.go +++ b/aws/elb_types.go @@ -3,12 +3,15 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/elb/elbiface" "github.com/gruntwork-io/go-commons/errors" ) // LoadBalancers - represents all load balancers type LoadBalancers struct { - Names []string + Client elbiface.ELBAPI + Region string + Names []string } // ResourceName - the simple name of the aws resource diff --git a/aws/elbv2_types.go b/aws/elbv2_types.go index fce5150b..19cd98b5 100644 --- a/aws/elbv2_types.go +++ b/aws/elbv2_types.go @@ -3,12 +3,15 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/elbv2/elbv2iface" "github.com/gruntwork-io/go-commons/errors" ) // LoadBalancersV2 - represents all load balancers type LoadBalancersV2 struct { - Arns []string + Client elbv2iface.ELBV2API + Region string + Arns []string } // ResourceName - the simple name of the aws resource diff --git a/aws/guardduty_types.go b/aws/guardduty_types.go index 5dc5d306..0cca4b01 100644 --- a/aws/guardduty_types.go +++ b/aws/guardduty_types.go @@ -2,9 +2,12 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/guardduty/guarddutyiface" ) type GuardDuty struct { + Client guarddutyiface.GuardDutyAPI + Region string detectorIds []string } diff --git a/aws/iam_group_types.go b/aws/iam_group_types.go index 9a1d12c0..57be5d7a 100644 --- a/aws/iam_group_types.go +++ b/aws/iam_group_types.go @@ -3,11 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // IAMGroups - represents all IAMGroups on the AWS Account type IAMGroups struct { + Client iamiface.IAMAPI GroupNames []string } diff --git a/aws/iam_policy_types.go b/aws/iam_policy_types.go index 50f5d066..15e99fcc 100644 --- a/aws/iam_policy_types.go +++ b/aws/iam_policy_types.go @@ -3,11 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // IAMPolicies - represents all IAM Policies on the AWS account type IAMPolicies struct { + Client iamiface.IAMAPI PolicyArns []string } diff --git a/aws/iam_role_types.go b/aws/iam_role_types.go index 3a224267..813d1063 100644 --- a/aws/iam_role_types.go +++ b/aws/iam_role_types.go @@ -3,11 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // IAMRoles - represents all IAMRoles on the AWS Account type IAMRoles struct { + Client iamiface.IAMAPI RoleNames []string } diff --git a/aws/iam_service_linked_role_types.go b/aws/iam_service_linked_role_types.go index e6243674..84c3a266 100644 --- a/aws/iam_service_linked_role_types.go +++ b/aws/iam_service_linked_role_types.go @@ -3,11 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // IAMServiceLinkedRoles - represents all IAMServiceLinkedRoles on the AWS Account type IAMServiceLinkedRoles struct { + Client iamiface.IAMAPI RoleNames []string } diff --git a/aws/iam_types.go b/aws/iam_types.go index cc51b052..fa758f79 100644 --- a/aws/iam_types.go +++ b/aws/iam_types.go @@ -3,11 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // IAMUsers - represents all IAMUsers on the AWS Account type IAMUsers struct { + Client iamiface.IAMAPI UserNames []string } diff --git a/aws/kinesis_stream_types.go b/aws/kinesis_stream_types.go index 7c61946a..464be599 100644 --- a/aws/kinesis_stream_types.go +++ b/aws/kinesis_stream_types.go @@ -3,12 +3,15 @@ package aws import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/kinesis/kinesisiface" "github.com/gruntwork-io/go-commons/errors" ) // KinesisStreams - represents all Kinesis streams type KinesisStreams struct { - Names []string + Client kinesisiface.KinesisAPI + Region string + Names []string } // ResourceName - The simple name of the AWS resource diff --git a/aws/kms_customer_key_types.go b/aws/kms_customer_key_types.go index d35a3397..fa8da626 100644 --- a/aws/kms_customer_key_types.go +++ b/aws/kms_customer_key_types.go @@ -3,6 +3,7 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/kms/kmsiface" "github.com/gruntwork-io/go-commons/errors" ) @@ -11,6 +12,8 @@ import ( const kmsRemovalWindow = 7 type KmsCustomerKeys struct { + Client kmsiface.KMSAPI + Region string KeyIds []string KeyAliases map[string][]string } diff --git a/aws/lambda_types.go b/aws/lambda_types.go index 149d61c8..faef295d 100644 --- a/aws/lambda_types.go +++ b/aws/lambda_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/lambda/lambdaiface" "github.com/gruntwork-io/go-commons/errors" ) type LambdaFunctions struct { + Client lambdaiface.LambdaAPI + Region string LambdaFunctionNames []string } diff --git a/aws/launch_template_types.go b/aws/launch_template_types.go index 3123d74c..8452b917 100644 --- a/aws/launch_template_types.go +++ b/aws/launch_template_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // LaunchTemplates - represents all launch templates type LaunchTemplates struct { + Client ec2iface.EC2API + Region string LaunchTemplateNames []string } diff --git a/aws/macie_types.go b/aws/macie_types.go index ebdb40f7..71e9847d 100644 --- a/aws/macie_types.go +++ b/aws/macie_types.go @@ -2,10 +2,13 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/macie2/macie2iface" "github.com/gruntwork-io/go-commons/errors" ) type MacieMember struct { + Client macie2iface.Macie2API + Region string AccountIds []string } diff --git a/aws/nat_gateway_types.go b/aws/nat_gateway_types.go index 9f11bf87..d8d62059 100644 --- a/aws/nat_gateway_types.go +++ b/aws/nat_gateway_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // NatGateways - represents all AWS secrets manager secrets that should be deleted. type NatGateways struct { + Client ec2iface.EC2API + Region string NatGatewayIDs []string } diff --git a/aws/oidc_provider_types.go b/aws/oidc_provider_types.go index 8905d197..ec9c19a6 100644 --- a/aws/oidc_provider_types.go +++ b/aws/oidc_provider_types.go @@ -3,11 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // OIDCProviders - represents all AWS OpenID Connect providers that should be deleted. type OIDCProviders struct { + Client iamiface.IAMAPI ProviderARNs []string } diff --git a/aws/opensearch_types.go b/aws/opensearch_types.go index 3a9f4235..87ea0821 100644 --- a/aws/opensearch_types.go +++ b/aws/opensearch_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/iam/iamiface" "github.com/gruntwork-io/go-commons/errors" ) // OpenSearchDomains represents all OpenSearch domains found in a region type OpenSearchDomains struct { + Client iamiface.IAMAPI + Region string DomainNames []string } diff --git a/aws/rds_subnet_group_types.go b/aws/rds_subnet_group_types.go index d00e8bbe..bc47e8b0 100644 --- a/aws/rds_subnet_group_types.go +++ b/aws/rds_subnet_group_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/rds/rdsiface" "github.com/gruntwork-io/go-commons/errors" ) type DBSubnetGroups struct { + Client rdsiface.RDSAPI + Region string InstanceNames []string } diff --git a/aws/rds_types.go b/aws/rds_types.go index 63e3ee08..b5539ce0 100644 --- a/aws/rds_types.go +++ b/aws/rds_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/rds/rdsiface" "github.com/gruntwork-io/go-commons/errors" ) type DBInstances struct { + Client rdsiface.RDSAPI + Region string InstanceNames []string } diff --git a/aws/redshift_types.go b/aws/redshift_types.go index d22dcfb5..d247244f 100644 --- a/aws/redshift_types.go +++ b/aws/redshift_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/redshift/redshiftiface" "github.com/gruntwork-io/go-commons/errors" ) type RedshiftClusters struct { + Client redshiftiface.RedshiftAPI + Region string ClusterIdentifiers []string } diff --git a/aws/s3_types.go b/aws/s3_types.go index 2067a600..5d5ed7e9 100644 --- a/aws/s3_types.go +++ b/aws/s3_types.go @@ -3,13 +3,16 @@ package aws import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/s3/s3iface" "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/go-commons/errors" ) // S3Buckets - represents all S3 Buckets type S3Buckets struct { - Names []string + Client s3iface.S3API + Region string + Names []string } // ResourceName - the simple name of the aws resource diff --git a/aws/sagemaker_notebook_instance_types.go b/aws/sagemaker_notebook_instance_types.go index e1007eff..00fb1569 100644 --- a/aws/sagemaker_notebook_instance_types.go +++ b/aws/sagemaker_notebook_instance_types.go @@ -3,10 +3,13 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/sagemaker/sagemakeriface" "github.com/gruntwork-io/go-commons/errors" ) type SageMakerNotebookInstances struct { + Client sagemakeriface.SageMakerAPI + Region string InstanceNames []string } diff --git a/aws/secrets_manager_types.go b/aws/secrets_manager_types.go index f9458505..d1942719 100644 --- a/aws/secrets_manager_types.go +++ b/aws/secrets_manager_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface" "github.com/gruntwork-io/go-commons/errors" ) // SecretsManagerSecrets - represents all AWS secrets manager secrets that should be deleted. type SecretsManagerSecrets struct { + Client secretsmanageriface.SecretsManagerAPI + Region string SecretIDs []string } diff --git a/aws/security_hub_types.go b/aws/security_hub_types.go index d89b99af..caaeb38e 100644 --- a/aws/security_hub_types.go +++ b/aws/security_hub_types.go @@ -2,10 +2,13 @@ package aws import ( "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/securityhub/securityhubiface" "github.com/gruntwork-io/go-commons/errors" ) type SecurityHub struct { + Client securityhubiface.SecurityHubAPI + Region string HubArns []string } diff --git a/aws/snapshot_types.go b/aws/snapshot_types.go index 5b76a147..f163d8c1 100644 --- a/aws/snapshot_types.go +++ b/aws/snapshot_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // Snapshots - represents all user owned Snapshots type Snapshots struct { + Client ec2iface.EC2API + Region string SnapshotIds []string } diff --git a/aws/sns_types.go b/aws/sns_types.go index 3a3871f7..f4535021 100644 --- a/aws/sns_types.go +++ b/aws/sns_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/sns/snsiface" "github.com/gruntwork-io/go-commons/errors" ) type SNSTopic struct { - Arns []string + Client snsiface.SNSAPI + Region string + Arns []string } func (s SNSTopic) ResourceName() string { diff --git a/aws/sqs_types.go b/aws/sqs_types.go index b5134f35..801a8932 100644 --- a/aws/sqs_types.go +++ b/aws/sqs_types.go @@ -3,11 +3,14 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/sqs/sqsiface" "github.com/gruntwork-io/go-commons/errors" ) // SqsQueue - represents all sqs queues type SqsQueue struct { + Client sqsiface.SQSAPI + Region string QueueUrls []string } diff --git a/aws/transit_gateway_types.go b/aws/transit_gateway_types.go index 98d2615c..a8caf3b8 100644 --- a/aws/transit_gateway_types.go +++ b/aws/transit_gateway_types.go @@ -3,12 +3,15 @@ package aws import ( awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ec2/ec2iface" "github.com/gruntwork-io/go-commons/errors" ) // TransitGatewaysVpcAttachment - represents all transit gateways vpc attachments type TransitGatewaysVpcAttachment struct { - Ids []string + Client ec2iface.EC2API + Region string + Ids []string } // ResourceName - the simple name of the aws resource @@ -37,7 +40,9 @@ func (tgw TransitGatewaysVpcAttachment) Nuke(session *session.Session, identifie // TransitGatewaysRouteTables - represents all transit gateways route tables type TransitGatewaysRouteTables struct { - Ids []string + Client ec2iface.EC2API + Region string + Ids []string } // ResourceName - the simple name of the aws resource @@ -66,7 +71,9 @@ func (tgw TransitGatewaysRouteTables) Nuke(session *session.Session, identifiers // TransitGateways - represents all transit gateways type TransitGateways struct { - Ids []string + Client ec2iface.EC2API + Region string + Ids []string } // ResourceName - the simple name of the aws resource From b597b68f4feabb786b8af6988a4b5a0ff89fcf87 Mon Sep 17 00:00:00 2001 From: James Kwon Date: Thu, 20 Jul 2023 15:52:35 -0400 Subject: [PATCH 2/3] address typo --- aws/aws.go | 2 +- aws/ec2_vpc_types.go | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/aws/aws.go b/aws/aws.go index acefa1c8..f8a66695 100644 --- a/aws/aws.go +++ b/aws/aws.go @@ -1285,7 +1285,7 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp // End Dynamo DB tables // EC2 VPCS - ec2Vpcs := VPC{ + ec2Vpcs := EC2VPCs{ Client: ec2.New(cloudNukeSession), Region: region, } diff --git a/aws/ec2_vpc_types.go b/aws/ec2_vpc_types.go index 1e017c0a..7122071f 100644 --- a/aws/ec2_vpc_types.go +++ b/aws/ec2_vpc_types.go @@ -6,7 +6,7 @@ import ( "github.com/gruntwork-io/go-commons/errors" ) -type VPC struct { +type EC2VPCs struct { Client ec2iface.EC2API Region string VPCIds []string @@ -14,22 +14,22 @@ type VPC struct { } // ResourceName - the simple name of the aws resource -func (v VPC) ResourceName() string { +func (v EC2VPCs) ResourceName() string { return "vpc" } // ResourceIdentifiers - The instance ids of the ec2 instances -func (v VPC) ResourceIdentifiers() []string { +func (v EC2VPCs) ResourceIdentifiers() []string { return v.VPCIds } -func (v VPC) MaxBatchSize() int { +func (v EC2VPCs) MaxBatchSize() int { // Tentative batch size to ensure AWS doesn't throttle return 49 } // Nuke - nuke 'em all!!! -func (v VPC) Nuke(session *session.Session, identifiers []string) error { +func (v EC2VPCs) Nuke(session *session.Session, identifiers []string) error { if err := nukeAllVPCs(session, identifiers, v.VPCs); err != nil { return errors.WithStackTrace(err) } From b81f3c0591a27df47ece92c9d78eff35d939b92c Mon Sep 17 00:00:00 2001 From: James Kwon Date: Thu, 20 Jul 2023 16:00:02 -0400 Subject: [PATCH 3/3] create configs --- aws/aws.go | 2 +- config/config.go | 111 +++++++++++++++++++++++------------------- config/config_test.go | 12 ++++- 3 files changed, 72 insertions(+), 53 deletions(-) diff --git a/aws/aws.go b/aws/aws.go index f8a66695..2e9d9368 100644 --- a/aws/aws.go +++ b/aws/aws.go @@ -2200,7 +2200,7 @@ func ListResourceTypes() []string { CloudWatchDashboards{}.ResourceName(), AccessAnalyzer{}.ResourceName(), DynamoDB{}.ResourceName(), - VPC{}.ResourceName(), + EC2VPCs{}.ResourceName(), Elasticaches{}.ResourceName(), ElasticacheParameterGroups{}.ResourceName(), ElasticacheSubnetGroups{}.ResourceName(), diff --git a/config/config.go b/config/config.go index bdcc7045..ee3190f9 100644 --- a/config/config.go +++ b/config/config.go @@ -11,57 +11,66 @@ import ( // Config - the config object we pass around type Config struct { - S3 ResourceType `yaml:"s3"` - IAMUsers ResourceType `yaml:"IAMUsers"` - IAMGroups ResourceType `yaml:"IAMGroups"` - IAMPolicies ResourceType `yaml:"IAMPolicies"` - IAMServiceLinkedRoles ResourceType `yaml:"IAMServiceLinkedRoles"` - IAMRoles ResourceType `yaml:"IAMRoles"` - SecretsManagerSecrets ResourceType `yaml:"SecretsManager"` - NatGateway ResourceType `yaml:"NatGateway"` - AccessAnalyzer ResourceType `yaml:"AccessAnalyzer"` - CloudWatchDashboard ResourceType `yaml:"CloudWatchDashboard"` - OpenSearchDomain ResourceType `yaml:"OpenSearchDomain"` - DynamoDB ResourceType `yaml:"DynamoDB"` - EBSVolume ResourceType `yaml:"EBSVolume"` - LambdaFunction ResourceType `yaml:"LambdaFunction"` - ELBv2 ResourceType `yaml:"ELBv2"` - ECSService ResourceType `yaml:"ECSService"` - ECSCluster ResourceType `yaml:"ECSCluster"` - Elasticache ResourceType `yaml:"Elasticache"` - ElasticacheParameterGroups ResourceType `yaml:"ElasticacheParameterGroups"` - ElasticacheSubnetGroups ResourceType `yaml:"ElasticacheSubnetGroups"` - VPC ResourceType `yaml:"VPC"` - OIDCProvider ResourceType `yaml:"OIDCProvider"` - AutoScalingGroup ResourceType `yaml:"AutoScalingGroup"` - LaunchConfiguration ResourceType `yaml:"LaunchConfiguration"` - ElasticIP ResourceType `yaml:"ElasticIP"` - EC2 ResourceType `yaml:"EC2"` - EC2KeyPairs ResourceType `yaml:"EC2KeyPairs"` - EC2DedicatedHosts ResourceType `yaml:"EC2DedicatedHosts"` - CloudWatchLogGroup ResourceType `yaml:"CloudWatchLogGroup"` - KMSCustomerKeys KMSCustomerKeyResourceType `yaml:"KMSCustomerKeys"` - EKSCluster ResourceType `yaml:"EKSCluster"` - SageMakerNotebook ResourceType `yaml:"SageMakerNotebook"` - KinesisStream ResourceType `yaml:"KinesisStream"` - APIGateway ResourceType `yaml:"APIGateway"` - APIGatewayV2 ResourceType `yaml:"APIGatewayV2"` - ElasticFileSystem ResourceType `yaml:"ElasticFileSystem"` - CloudtrailTrail ResourceType `yaml:"CloudtrailTrail"` - ECRRepository ResourceType `yaml:"ECRRepository"` - DBInstances ResourceType `yaml:"DBInstances"` - DBSubnetGroups ResourceType `yaml:"DBSubnetGroups"` - LaunchTemplate ResourceType `yaml:"LaunchTemplate"` - ConfigServiceRule ResourceType `yaml:"ConfigServiceRule"` - ConfigServiceRecorder ResourceType `yaml:"ConfigServiceRecorder"` - CloudWatchAlarm ResourceType `yaml:"CloudWatchAlarm"` - Redshift ResourceType `yaml:"Redshift"` - CodeDeployApplications ResourceType `yaml:"CodeDeployApplications"` - ACM ResourceType `yaml:"ACM"` - ACMPCA ResourceType `yaml:"ACMPCA"` - SNS ResourceType `yaml:"SNS"` - BackupVault ResourceType `yaml:"BackupVault"` - DBClusters ResourceType `yaml:"DBClusters"` + ACM ResourceType `yaml:"ACM"` + ACMPCA ResourceType `yaml:"ACMPCA"` + AMI ResourceType `yaml:"AMI"` + APIGateway ResourceType `yaml:"APIGateway"` + APIGatewayV2 ResourceType `yaml:"APIGatewayV2"` + AccessAnalyzer ResourceType `yaml:"AccessAnalyzer"` + AutoScalingGroup ResourceType `yaml:"AutoScalingGroup"` + BackupVault ResourceType `yaml:"BackupVault"` + CloudWatchAlarm ResourceType `yaml:"CloudWatchAlarm"` + CloudWatchDashboard ResourceType `yaml:"CloudWatchDashboard"` + CloudWatchLogGroup ResourceType `yaml:"CloudWatchLogGroup"` + CloudtrailTrail ResourceType `yaml:"CloudtrailTrail"` + CodeDeployApplications ResourceType `yaml:"CodeDeployApplications"` + ConfigServiceRecorder ResourceType `yaml:"ConfigServiceRecorder"` + ConfigServiceRule ResourceType `yaml:"ConfigServiceRule"` + DBClusters ResourceType `yaml:"DBClusters"` + DBInstances ResourceType `yaml:"DBInstances"` + DBSubnetGroups ResourceType `yaml:"DBSubnetGroups"` + DynamoDB ResourceType `yaml:"DynamoDB"` + EBSVolume ResourceType `yaml:"EBSVolume"` + EC2 ResourceType `yaml:"EC2"` + EC2DedicatedHosts ResourceType `yaml:"EC2DedicatedHosts"` + EC2KeyPairs ResourceType `yaml:"EC2KeyPairs"` + ECRRepository ResourceType `yaml:"ECRRepository"` + ECSCluster ResourceType `yaml:"ECSCluster"` + ECSService ResourceType `yaml:"ECSService"` + EKSCluster ResourceType `yaml:"EKSCluster"` + ELBv1 ResourceType `yaml:"ELBv1"` + ELBv2 ResourceType `yaml:"ELBv2"` + ElasticFileSystem ResourceType `yaml:"ElasticFileSystem"` + ElasticIP ResourceType `yaml:"ElasticIP"` + Elasticache ResourceType `yaml:"Elasticache"` + ElasticacheParameterGroups ResourceType `yaml:"ElasticacheParameterGroups"` + ElasticacheSubnetGroups ResourceType `yaml:"ElasticacheSubnetGroups"` + GuardDuty ResourceType `yaml:"GuardDuty"` + IAMGroups ResourceType `yaml:"IAMGroups"` + IAMPolicies ResourceType `yaml:"IAMPolicies"` + IAMRoles ResourceType `yaml:"IAMRoles"` + IAMServiceLinkedRoles ResourceType `yaml:"IAMServiceLinkedRoles"` + IAMUsers ResourceType `yaml:"IAMUsers"` + KMSCustomerKeys KMSCustomerKeyResourceType `yaml:"KMSCustomerKeys"` + KinesisStream ResourceType `yaml:"KinesisStream"` + LambdaFunction ResourceType `yaml:"LambdaFunction"` + LaunchConfiguration ResourceType `yaml:"LaunchConfiguration"` + LaunchTemplate ResourceType `yaml:"LaunchTemplate"` + MacieMember ResourceType `yaml:"MacieMember"` + NatGateway ResourceType `yaml:"NatGateway"` + OIDCProvider ResourceType `yaml:"OIDCProvider"` + OpenSearchDomain ResourceType `yaml:"OpenSearchDomain"` + Redshift ResourceType `yaml:"Redshift"` + S3 ResourceType `yaml:"s3"` + SNS ResourceType `yaml:"SNS"` + SQS ResourceType `yaml:"SQS"` + SageMakerNotebook ResourceType `yaml:"SageMakerNotebook"` + SecretsManagerSecrets ResourceType `yaml:"SecretsManager"` + SecurityHub ResourceType `yaml:"SecurityHub"` + TransitGateway ResourceType `yaml:"TransitGateway"` + TransitGatewayRouteTable ResourceType `yaml:"TransitGatewayRouteTable"` + TransitGatewaysVpcAttachment ResourceType `yaml:"TransitGatewaysVpcAttachment"` + VPC ResourceType `yaml:"VPC"` } type KMSCustomerKeyResourceType struct { diff --git a/config/config_test.go b/config/config_test.go index 5f03e529..f8543808 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -42,7 +42,6 @@ func emptyConfig() *Config { ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, - KMSCustomerKeyResourceType{false, ResourceType{FilterRule{}, FilterRule{}}}, ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, @@ -54,6 +53,17 @@ func emptyConfig() *Config { ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, + KMSCustomerKeyResourceType{false, ResourceType{FilterRule{}, FilterRule{}}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, + ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}}, ResourceType{FilterRule{}, FilterRule{}},