From f11a027b830112cfc5f9a0b262e2f167559f1226 Mon Sep 17 00:00:00 2001 From: AJ Date: Mon, 15 Jul 2024 15:05:58 +0100 Subject: [PATCH] add aws v2 sdk to support newer resources (#745) add support for Managed Prometheus --- README.md | 2 + aws/region.go | 27 +++ aws/resource.go | 3 + aws/resource_registry.go | 27 ++- aws/resources/base_resource.go | 10 ++ aws/resources/managed_prometheus.go | 77 ++++++++ aws/resources/managed_prometheus_types.go | 53 ++++++ config/config.go | 1 + config/config_test.go | 209 +++++++++++----------- go.mod | 16 +- go.sum | 34 +++- 11 files changed, 346 insertions(+), 113 deletions(-) create mode 100644 aws/resources/managed_prometheus.go create mode 100644 aws/resources/managed_prometheus_types.go diff --git a/README.md b/README.md index fee6f8dc..6a92a440 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,7 @@ Cloud-nuke suppports 🔎 inspecting and 🔥💀 deleting the following AWS res | CloudWatch | Alarms | | OpenSearch | Domains | | KMS | Custgomer managed keys (and associated key aliases) | +| Managed Prometheus | Prometheus Workspace | | GuardDuty | Detectors | | Macie | Member accounts | | SageMaker | Notebook instances | @@ -606,6 +607,7 @@ of the file that are supported are listed here. | lt | LaunchTemplate | ✅ (Launch Template Name) | ✅ (Created Time) | ❌ | ✅ | | macie-member | MacieMember | ❌ | ✅ (Creation Time) | ❌ | ✅ | | msk-cluster | MSKCluster | ✅ (Cluster Name) | ✅ (Creation Time) | ❌ | ✅ | +| managed-prometheus | ManagedPrometheus | ✅ (Workspace Alias) | ✅ (Creation Time) | ✅ | ✅ | | nat-gateway | NatGateway | ✅ (EC2 Name Tag) | ✅ (Creation Time) | ✅ | ✅ | | network-acl | NetworkACL | ✅ (ACL Name Tag) | ✅ (Creation Time) | ✅ | ✅ | | network-interface | NetworkInterface | ✅ (Interface Name Tag) | ✅ (Creation Time) | ✅ | ✅ | diff --git a/aws/region.go b/aws/region.go index 6cd382da..eadfd6ae 100644 --- a/aws/region.go +++ b/aws/region.go @@ -1,7 +1,12 @@ package aws import ( + "context" "fmt" + + awsgoV2 "github.com/aws/aws-sdk-go-v2/aws" + awsgoV2cfg "github.com/aws/aws-sdk-go-v2/config" + awsgoV2cred "github.com/aws/aws-sdk-go-v2/credentials" awsgo "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ec2" @@ -146,3 +151,25 @@ func GetTargetRegions(enabledRegions []string, selectedRegions []string, exclude } return targetRegions, nil } + +func Session2cfg(ctx context.Context, session *session.Session) (awsgoV2.Config, error) { + cfgV1 := session.Config + cred, err := cfgV1.Credentials.Get() + if err != nil { + return awsgoV2.Config{}, errors.WithStackTrace(err) + } + + cfgV2, err := awsgoV2cfg.LoadDefaultConfig(ctx, + awsgoV2cfg.WithRegion(*cfgV1.Region), + awsgoV2cfg.WithCredentialsProvider(awsgoV2cred.NewStaticCredentialsProvider( + cred.AccessKeyID, + cred.SecretAccessKey, + cred.SessionToken, + )), + ) + if err != nil { + return awsgoV2.Config{}, errors.WithStackTrace(err) + } + + return cfgV2, nil +} diff --git a/aws/resource.go b/aws/resource.go index 0317daac..a1d83aba 100644 --- a/aws/resource.go +++ b/aws/resource.go @@ -4,6 +4,7 @@ import ( "context" "strings" + awsgoV2 "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/gruntwork-io/cloud-nuke/config" ) @@ -11,12 +12,14 @@ import ( // AwsResource is an interface that represents a single AWS resource type AwsResource interface { Init(session *session.Session) + InitV2(cfg awsgoV2.Config) ResourceName() string ResourceIdentifiers() []string MaxBatchSize() int Nuke(identifiers []string) error GetAndSetIdentifiers(c context.Context, configObj config.Config) ([]string, error) IsNukable(string) (bool, error) + IsUsingV2() bool PrepareContext(context.Context, config.ResourceType) error GetAndSetResourceConfig(config.Config) config.ResourceType diff --git a/aws/resource_registry.go b/aws/resource_registry.go index fe1c4f48..f2deb449 100644 --- a/aws/resource_registry.go +++ b/aws/resource_registry.go @@ -1,10 +1,13 @@ package aws import ( + "context" + "fmt" "reflect" "github.com/aws/aws-sdk-go/aws/session" "github.com/gruntwork-io/cloud-nuke/aws/resources" + "github.com/gruntwork-io/cloud-nuke/logging" ) const Global = "global" @@ -60,6 +63,7 @@ func getRegisteredRegionalResources() []AwsResource { &resources.ASGroups{}, &resources.AppRunnerService{}, &resources.BackupVault{}, + &resources.ManagedPrometheus{}, &resources.CloudtrailTrail{}, &resources.CloudWatchAlarms{}, &resources.CloudWatchDashboards{}, @@ -163,7 +167,28 @@ func toAwsResourcesPointer(resources []AwsResource) []*AwsResource { func initRegisteredResources(resources []*AwsResource, session *session.Session, region string) []*AwsResource { for _, resource := range resources { - (*resource).Init(session) + if (*resource).IsUsingV2() { + v2Config, err := Session2cfg(context.Background(), session) + if err != nil { + logging.Debug(fmt.Sprintf( + "[aws sdk cfg] failed to convert v1 session into aws v2 config for resource %s: %v", + (*resource).ResourceName(), + err, + )) + } + + logging.Debug(fmt.Sprintf( + "[aws sdk cfg] using aws sdk v2 for resource %s", + (*resource).ResourceName(), + )) + (*resource).InitV2(v2Config) + } else { + logging.Debug(fmt.Sprintf( + "[aws sdk cfg] using deprecated aws sdk v1 for resource %s", + (*resource).ResourceName(), + )) + (*resource).Init(session) + } // Note: only regional resources have the field `Region`, which is used for logging purposes only setRegionForRegionalResource(resource, region) diff --git a/aws/resources/base_resource.go b/aws/resources/base_resource.go index f4ce25e8..d8e03397 100644 --- a/aws/resources/base_resource.go +++ b/aws/resources/base_resource.go @@ -6,6 +6,7 @@ import ( "fmt" "time" + awsgoV2 "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/util" @@ -25,6 +26,11 @@ type BaseAwsResource struct { func (br *BaseAwsResource) Init(_ *session.Session) { br.Nukables = make(map[string]error) } + +func (br *BaseAwsResource) InitV2(cfg awsgoV2.Config) { + br.Nukables = make(map[string]error) +} + func (br *BaseAwsResource) ResourceName() string { return "not implemented: ResourceName" } @@ -101,3 +107,7 @@ func (br *BaseAwsResource) IsNukable(identifier string) (bool, error) { return true, nil } + +func (br *BaseAwsResource) IsUsingV2() bool { + return false +} diff --git a/aws/resources/managed_prometheus.go b/aws/resources/managed_prometheus.go new file mode 100644 index 00000000..04c039e4 --- /dev/null +++ b/aws/resources/managed_prometheus.go @@ -0,0 +1,77 @@ +package resources + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/amp" + "github.com/aws/aws-sdk-go-v2/service/amp/types" + "github.com/gruntwork-io/cloud-nuke/config" + "github.com/gruntwork-io/cloud-nuke/logging" + "github.com/gruntwork-io/cloud-nuke/report" + "github.com/gruntwork-io/go-commons/errors" +) + +func (a *ManagedPrometheus) nukeAll(identifiers []*string) error { + if len(identifiers) == 0 { + logging.Debugf("[Managed Prometheus] No Prometheus Workspaces found in region %s", a.Region) + return nil + } + + logging.Debugf("[Managed Prometheus] Deleting all Prometheus Workspaces in %s", a.Region) + var deleted []*string + + for _, identifier := range identifiers { + logging.Debugf("[Managed Prometheus] Deleting Prometheus Workspace %s in region %s", *identifier, a.Region) + + _, err := a.Client.DeleteWorkspace(a.Context, &.DeleteWorkspaceInput{ + WorkspaceId: identifier, + ClientToken: nil, + }) + if err != nil { + logging.Debugf("[Managed Prometheus] Error deleting Workspace %s in region %s", *identifier, a.Region) + } else { + deleted = append(deleted, identifier) + logging.Debugf("[Managed Prometheus] Deleted Workspace %s in region %s", *identifier, a.Region) + } + + e := report.Entry{ + Identifier: aws.ToString(identifier), + ResourceType: a.ResourceName(), + Error: err, + } + report.Record(e) + } + + logging.Debugf("[OK] %d Prometheus Workspace(s) deleted in %s", len(deleted), a.Region) + return nil +} + +func (a *ManagedPrometheus) getAll(ctx context.Context, cnfObj config.Config) ([]*string, error) { + paginator := amp.NewListWorkspacesPaginator(a.Client, &.ListWorkspacesInput{}) + + var identifiers []*string + for paginator.HasMorePages() { + workspaces, err := paginator.NextPage(ctx) + if err != nil { + logging.Debugf("[Managed Prometheus] Failed to list workspaces: %s", err) + return nil, errors.WithStackTrace(err) + } + + for _, workspace := range workspaces.Workspaces { + if workspace.Status.StatusCode != types.WorkspaceStatusCodeActive { + continue + } + + if cnfObj.ManagedPrometheus.ShouldInclude(config.ResourceValue{ + Name: workspace.Alias, + Time: workspace.CreatedAt, + Tags: workspace.Tags, + }) { + identifiers = append(identifiers, workspace.WorkspaceId) + } + } + } + + return identifiers, nil +} diff --git a/aws/resources/managed_prometheus_types.go b/aws/resources/managed_prometheus_types.go new file mode 100644 index 00000000..1b86d227 --- /dev/null +++ b/aws/resources/managed_prometheus_types.go @@ -0,0 +1,53 @@ +package resources + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/amp" + "github.com/gruntwork-io/cloud-nuke/config" + "github.com/gruntwork-io/go-commons/errors" +) + +type ManagedPrometheus struct { + BaseAwsResource + Client *amp.Client + Region string + WorkSpaces []string +} + +func (a *ManagedPrometheus) GetAndSetResourceConfig(configObj config.Config) config.ResourceType { + return configObj.ManagedPrometheus +} + +func (a *ManagedPrometheus) InitV2(cfg aws.Config) { + a.Client = amp.NewFromConfig(cfg) +} + +func (a *ManagedPrometheus) IsUsingV2() bool { return true } + +func (a *ManagedPrometheus) ResourceName() string { return "managed-prometheus" } + +func (a *ManagedPrometheus) ResourceIdentifiers() []string { return a.WorkSpaces } + +func (a *ManagedPrometheus) MaxBatchSize() int { + return 100 +} + +func (a *ManagedPrometheus) Nuke(identifiers []string) error { + if err := a.nukeAll(aws.StringSlice(identifiers)); err != nil { + return errors.WithStackTrace(err) + } + + return nil +} + +func (a *ManagedPrometheus) GetAndSetIdentifiers(ctx context.Context, cnfObj config.Config) ([]string, error) { + identifiers, err := a.getAll(ctx, cnfObj) + if err != nil { + return nil, err + } + + a.WorkSpaces = aws.ToStringSlice(identifiers) + return a.WorkSpaces, nil +} diff --git a/config/config.go b/config/config.go index 709c12cb..1f29a3da 100644 --- a/config/config.go +++ b/config/config.go @@ -30,6 +30,7 @@ type Config struct { AutoScalingGroup ResourceType `yaml:"AutoScalingGroup"` AppRunnerService ResourceType `yaml:"AppRunnerService"` BackupVault ResourceType `yaml:"BackupVault"` + ManagedPrometheus ResourceType `yaml:"ManagedPrometheus"` CloudWatchAlarm ResourceType `yaml:"CloudWatchAlarm"` CloudWatchDashboard ResourceType `yaml:"CloudWatchDashboard"` CloudWatchLogGroup ResourceType `yaml:"CloudWatchLogGroup"` diff --git a/config/config_test.go b/config/config_test.go index ca156988..cb4d9db9 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -13,111 +13,112 @@ import ( func emptyConfig() *Config { return &Config{ - ACM: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ACMPCA: ResourceType{FilterRule{}, FilterRule{}, "",false}, - AMI: ResourceType{FilterRule{}, FilterRule{}, "",false}, - APIGateway: ResourceType{FilterRule{}, FilterRule{}, "",false}, - APIGatewayV2: ResourceType{FilterRule{}, FilterRule{}, "",false}, - AccessAnalyzer: ResourceType{FilterRule{}, FilterRule{}, "",false}, - AutoScalingGroup: ResourceType{FilterRule{}, FilterRule{}, "",false}, - AppRunnerService: ResourceType{FilterRule{}, FilterRule{}, "",false}, - BackupVault: ResourceType{FilterRule{}, FilterRule{}, "",false}, - CloudWatchAlarm: ResourceType{FilterRule{}, FilterRule{}, "",false}, - CloudWatchDashboard: ResourceType{FilterRule{}, FilterRule{}, "",false}, - CloudWatchLogGroup: ResourceType{FilterRule{}, FilterRule{}, "",false}, - CloudtrailTrail: ResourceType{FilterRule{}, FilterRule{}, "",false}, - CodeDeployApplications: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ConfigServiceRecorder: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ConfigServiceRule: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DataSyncLocation: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DataSyncTask: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DBGlobalClusters: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DBClusters: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DBInstances: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DBGlobalClusterMemberships: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DBSubnetGroups: ResourceType{FilterRule{}, FilterRule{}, "",false}, - DynamoDB: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EBSVolume: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ElasticBeanstalk: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2DedicatedHosts: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2DHCPOption: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2KeyPairs: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2IPAM: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2IPAMPool: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2IPAMResourceDiscovery: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2IPAMScope: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2Endpoint: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EC2Subnet: EC2ResourceType{false, ResourceType{FilterRule{}, FilterRule{}, "",false}}, - EgressOnlyInternetGateway: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ECRRepository: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ECSCluster: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ECSService: ResourceType{FilterRule{}, FilterRule{}, "",false}, - EKSCluster: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ELBv1: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ELBv2: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ElasticFileSystem: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ElasticIP: ResourceType{FilterRule{}, FilterRule{}, "",false}, - Elasticache: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ElasticacheParameterGroups: ResourceType{FilterRule{}, FilterRule{}, "",false}, - ElasticacheSubnetGroups: ResourceType{FilterRule{}, FilterRule{}, "",false}, - GuardDuty: ResourceType{FilterRule{}, FilterRule{}, "",false}, - IAMGroups: ResourceType{FilterRule{}, FilterRule{}, "",false}, - IAMPolicies: ResourceType{FilterRule{}, FilterRule{}, "",false}, - IAMRoles: ResourceType{FilterRule{}, FilterRule{}, "",false}, - IAMServiceLinkedRoles: ResourceType{FilterRule{}, FilterRule{}, "",false}, - IAMUsers: ResourceType{FilterRule{}, FilterRule{}, "",false}, + ACM: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ACMPCA: ResourceType{FilterRule{}, FilterRule{}, "", false}, + AMI: ResourceType{FilterRule{}, FilterRule{}, "", false}, + APIGateway: ResourceType{FilterRule{}, FilterRule{}, "", false}, + APIGatewayV2: ResourceType{FilterRule{}, FilterRule{}, "", false}, + AccessAnalyzer: ResourceType{FilterRule{}, FilterRule{}, "", false}, + AutoScalingGroup: ResourceType{FilterRule{}, FilterRule{}, "", false}, + AppRunnerService: ResourceType{FilterRule{}, FilterRule{}, "", false}, + BackupVault: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ManagedPrometheus: ResourceType{FilterRule{}, FilterRule{}, "", false}, + CloudWatchAlarm: ResourceType{FilterRule{}, FilterRule{}, "", false}, + CloudWatchDashboard: ResourceType{FilterRule{}, FilterRule{}, "", false}, + CloudWatchLogGroup: ResourceType{FilterRule{}, FilterRule{}, "", false}, + CloudtrailTrail: ResourceType{FilterRule{}, FilterRule{}, "", false}, + CodeDeployApplications: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ConfigServiceRecorder: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ConfigServiceRule: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DataSyncLocation: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DataSyncTask: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DBGlobalClusters: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DBClusters: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DBInstances: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DBGlobalClusterMemberships: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DBSubnetGroups: ResourceType{FilterRule{}, FilterRule{}, "", false}, + DynamoDB: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EBSVolume: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ElasticBeanstalk: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2DedicatedHosts: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2DHCPOption: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2KeyPairs: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2IPAM: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2IPAMPool: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2IPAMResourceDiscovery: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2IPAMScope: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2Endpoint: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EC2Subnet: EC2ResourceType{false, ResourceType{FilterRule{}, FilterRule{}, "", false}}, + EgressOnlyInternetGateway: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ECRRepository: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ECSCluster: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ECSService: ResourceType{FilterRule{}, FilterRule{}, "", false}, + EKSCluster: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ELBv1: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ELBv2: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ElasticFileSystem: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ElasticIP: ResourceType{FilterRule{}, FilterRule{}, "", false}, + Elasticache: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ElasticacheParameterGroups: ResourceType{FilterRule{}, FilterRule{}, "", false}, + ElasticacheSubnetGroups: ResourceType{FilterRule{}, FilterRule{}, "", false}, + GuardDuty: ResourceType{FilterRule{}, FilterRule{}, "", false}, + IAMGroups: ResourceType{FilterRule{}, FilterRule{}, "", false}, + IAMPolicies: ResourceType{FilterRule{}, FilterRule{}, "", false}, + IAMRoles: ResourceType{FilterRule{}, FilterRule{}, "", false}, + IAMServiceLinkedRoles: ResourceType{FilterRule{}, FilterRule{}, "", false}, + IAMUsers: ResourceType{FilterRule{}, FilterRule{}, "", false}, KMSCustomerKeys: KMSCustomerKeyResourceType{false, ResourceType{}}, - KinesisStream: ResourceType{FilterRule{}, FilterRule{}, "",false}, - KinesisFirehose: ResourceType{FilterRule{}, FilterRule{}, "",false}, - LambdaFunction: ResourceType{FilterRule{}, FilterRule{}, "",false}, - LambdaLayer: ResourceType{FilterRule{}, FilterRule{}, "",false}, - LaunchConfiguration: ResourceType{FilterRule{}, FilterRule{}, "",false}, - LaunchTemplate: ResourceType{FilterRule{}, FilterRule{}, "",false}, - MacieMember: ResourceType{FilterRule{}, FilterRule{}, "",false}, - MSKCluster: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NatGateway: ResourceType{FilterRule{}, FilterRule{}, "",false}, - OIDCProvider: ResourceType{FilterRule{}, FilterRule{}, "",false}, - OpenSearchDomain: ResourceType{FilterRule{}, FilterRule{}, "",false}, - Redshift: ResourceType{FilterRule{}, FilterRule{}, "",false}, - RdsSnapshot: ResourceType{FilterRule{}, FilterRule{}, "",false}, - RdsParameterGroup: ResourceType{FilterRule{}, FilterRule{}, "",false}, - RdsProxy: ResourceType{FilterRule{}, FilterRule{}, "",false}, - S3: ResourceType{FilterRule{}, FilterRule{}, "",false}, - S3AccessPoint: ResourceType{FilterRule{}, FilterRule{}, "",false}, - S3ObjectLambdaAccessPoint: ResourceType{FilterRule{}, FilterRule{}, "",false}, - S3MultiRegionAccessPoint: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SESIdentity: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SESConfigurationSet: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SESReceiptRuleSet: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SESReceiptFilter: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SESEmailTemplates: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SNS: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SQS: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SageMakerNotebook: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SecretsManagerSecrets: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SecurityHub: ResourceType{FilterRule{}, FilterRule{}, "",false}, - Snapshots: ResourceType{FilterRule{}, FilterRule{}, "",false}, - TransitGateway: ResourceType{FilterRule{}, FilterRule{}, "",false}, - TransitGatewayRouteTable: ResourceType{FilterRule{}, FilterRule{}, "",false}, - TransitGatewaysVpcAttachment: ResourceType{FilterRule{}, FilterRule{}, "",false}, - TransitGatewayPeeringAttachment: ResourceType{FilterRule{}, FilterRule{}, "",false}, - VPC: EC2ResourceType{false, ResourceType{FilterRule{}, FilterRule{}, "",false}}, - Route53HostedZone: ResourceType{FilterRule{}, FilterRule{}, "",false}, - Route53CIDRCollection: ResourceType{FilterRule{}, FilterRule{}, "",false}, - Route53TrafficPolicy: ResourceType{FilterRule{}, FilterRule{}, "",false}, - InternetGateway: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NetworkACL: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NetworkInterface: ResourceType{FilterRule{}, FilterRule{}, "",false}, - SecurityGroup: EC2ResourceType{false, ResourceType{FilterRule{}, FilterRule{}, "",false}}, - NetworkFirewall: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NetworkFirewallPolicy: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NetworkFirewallRuleGroup: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NetworkFirewallTLSConfig: ResourceType{FilterRule{}, FilterRule{}, "",false}, - NetworkFirewallResourcePolicy: ResourceType{FilterRule{}, FilterRule{}, "",false}, - VPCLatticeServiceNetwork: ResourceType{FilterRule{}, FilterRule{}, "",false}, - VPCLatticeService: ResourceType{FilterRule{}, FilterRule{}, "",false}, - VPCLatticeTargetGroup: ResourceType{FilterRule{}, FilterRule{}, "",false}, + KinesisStream: ResourceType{FilterRule{}, FilterRule{}, "", false}, + KinesisFirehose: ResourceType{FilterRule{}, FilterRule{}, "", false}, + LambdaFunction: ResourceType{FilterRule{}, FilterRule{}, "", false}, + LambdaLayer: ResourceType{FilterRule{}, FilterRule{}, "", false}, + LaunchConfiguration: ResourceType{FilterRule{}, FilterRule{}, "", false}, + LaunchTemplate: ResourceType{FilterRule{}, FilterRule{}, "", false}, + MacieMember: ResourceType{FilterRule{}, FilterRule{}, "", false}, + MSKCluster: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NatGateway: ResourceType{FilterRule{}, FilterRule{}, "", false}, + OIDCProvider: ResourceType{FilterRule{}, FilterRule{}, "", false}, + OpenSearchDomain: ResourceType{FilterRule{}, FilterRule{}, "", false}, + Redshift: ResourceType{FilterRule{}, FilterRule{}, "", false}, + RdsSnapshot: ResourceType{FilterRule{}, FilterRule{}, "", false}, + RdsParameterGroup: ResourceType{FilterRule{}, FilterRule{}, "", false}, + RdsProxy: ResourceType{FilterRule{}, FilterRule{}, "", false}, + S3: ResourceType{FilterRule{}, FilterRule{}, "", false}, + S3AccessPoint: ResourceType{FilterRule{}, FilterRule{}, "", false}, + S3ObjectLambdaAccessPoint: ResourceType{FilterRule{}, FilterRule{}, "", false}, + S3MultiRegionAccessPoint: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SESIdentity: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SESConfigurationSet: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SESReceiptRuleSet: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SESReceiptFilter: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SESEmailTemplates: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SNS: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SQS: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SageMakerNotebook: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SecretsManagerSecrets: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SecurityHub: ResourceType{FilterRule{}, FilterRule{}, "", false}, + Snapshots: ResourceType{FilterRule{}, FilterRule{}, "", false}, + TransitGateway: ResourceType{FilterRule{}, FilterRule{}, "", false}, + TransitGatewayRouteTable: ResourceType{FilterRule{}, FilterRule{}, "", false}, + TransitGatewaysVpcAttachment: ResourceType{FilterRule{}, FilterRule{}, "", false}, + TransitGatewayPeeringAttachment: ResourceType{FilterRule{}, FilterRule{}, "", false}, + VPC: EC2ResourceType{false, ResourceType{FilterRule{}, FilterRule{}, "", false}}, + Route53HostedZone: ResourceType{FilterRule{}, FilterRule{}, "", false}, + Route53CIDRCollection: ResourceType{FilterRule{}, FilterRule{}, "", false}, + Route53TrafficPolicy: ResourceType{FilterRule{}, FilterRule{}, "", false}, + InternetGateway: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NetworkACL: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NetworkInterface: ResourceType{FilterRule{}, FilterRule{}, "", false}, + SecurityGroup: EC2ResourceType{false, ResourceType{FilterRule{}, FilterRule{}, "", false}}, + NetworkFirewall: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NetworkFirewallPolicy: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NetworkFirewallRuleGroup: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NetworkFirewallTLSConfig: ResourceType{FilterRule{}, FilterRule{}, "", false}, + NetworkFirewallResourcePolicy: ResourceType{FilterRule{}, FilterRule{}, "", false}, + VPCLatticeServiceNetwork: ResourceType{FilterRule{}, FilterRule{}, "", false}, + VPCLatticeService: ResourceType{FilterRule{}, FilterRule{}, "", false}, + VPCLatticeTargetGroup: ResourceType{FilterRule{}, FilterRule{}, "", false}, } } diff --git a/go.mod b/go.mod index 24263cbc..c43337d0 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,10 @@ go 1.21 require ( github.com/aws/aws-sdk-go v1.49.13 - github.com/aws/aws-sdk-go-v2 v1.24.0 + github.com/aws/aws-sdk-go-v2 v1.30.1 + github.com/aws/aws-sdk-go-v2/config v1.27.24 + github.com/aws/aws-sdk-go-v2/credentials v1.17.24 + github.com/aws/aws-sdk-go-v2/service/amp v1.27.1 github.com/charmbracelet/lipgloss v0.6.0 github.com/go-errors/errors v1.4.2 github.com/gruntwork-io/go-commons v0.17.0 @@ -20,7 +23,16 @@ require ( require ( atomicgo.dev/cursor v0.1.1 // indirect atomicgo.dev/keyboard v0.2.8 // indirect - github.com/aws/smithy-go v1.19.0 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.9 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.13 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.13 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.15 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.22.1 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.2 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.30.1 // indirect + github.com/aws/smithy-go v1.20.3 // indirect github.com/containerd/console v1.0.3 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect diff --git a/go.sum b/go.sum index 8f9efe1f..9d2f7bab 100644 --- a/go.sum +++ b/go.sum @@ -15,10 +15,34 @@ github.com/MarvinJWendt/testza v0.4.2/go.mod h1:mSdhXiKH8sg/gQehJ63bINcCKp7RtYew github.com/atomicgo/cursor v0.0.1/go.mod h1:cBON2QmmrysudxNBFthvMtN32r3jxVRIvzkUiF/RuIk= github.com/aws/aws-sdk-go v1.49.13 h1:f4mGztsgnx2dR9r8FQYa9YW/RsKb+N7bgef4UGrOW1Y= github.com/aws/aws-sdk-go v1.49.13/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/aws/aws-sdk-go-v2 v1.24.0 h1:890+mqQ+hTpNuw0gGP6/4akolQkSToDJgHfQE7AwGuk= -github.com/aws/aws-sdk-go-v2 v1.24.0/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4= -github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM= -github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= +github.com/aws/aws-sdk-go-v2 v1.30.1 h1:4y/5Dvfrhd1MxRDD77SrfsDaj8kUkkljU7XE83NPV+o= +github.com/aws/aws-sdk-go-v2 v1.30.1/go.mod h1:nIQjQVp5sfpQcTc9mPSr1B0PaWK5ByX9MOoDadSN4lc= +github.com/aws/aws-sdk-go-v2/config v1.27.24 h1:NM9XicZ5o1CBU/MZaHwFtimRpWx9ohAUAqkG6AqSqPo= +github.com/aws/aws-sdk-go-v2/config v1.27.24/go.mod h1:aXzi6QJTuQRVVusAO8/NxpdTeTyr/wRcybdDtfUwJSs= +github.com/aws/aws-sdk-go-v2/credentials v1.17.24 h1:YclAsrnb1/GTQNt2nzv+756Iw4mF8AOzcDfweWwwm/M= +github.com/aws/aws-sdk-go-v2/credentials v1.17.24/go.mod h1:Hld7tmnAkoBQdTMNYZGzztzKRdA4fCdn9L83LOoigac= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.9 h1:Aznqksmd6Rfv2HQN9cpqIV/lQRMaIpJkLLaJ1ZI76no= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.9/go.mod h1:WQr3MY7AxGNxaqAtsDWn+fBxmd4XvLkzeqQ8P1VM0/w= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.13 h1:5SAoZ4jYpGH4721ZNoS1znQrhOfZinOhc4XuTXx/nVc= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.13/go.mod h1:+rdA6ZLpaSeM7tSg/B0IEDinCIBJGmW8rKDFkYpP04g= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.13 h1:WIijqeaAO7TYFLbhsZmi2rgLEAtWOC1LhxCAVTJlSKw= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.13/go.mod h1:i+kbfa76PQbWw/ULoWnp51EYVWH4ENln76fLQE3lXT8= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY= +github.com/aws/aws-sdk-go-v2/service/amp v1.27.1 h1:va9j7MGA8jBlQs9KujMlkSdnC26TuEJXv7ywnFjmTZ8= +github.com/aws/aws-sdk-go-v2/service/amp v1.27.1/go.mod h1:QhmX7qjomjuHJjCJbW+QRdaCBM42v1eAbWvBVFrT1Vw= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 h1:dT3MqvGhSoaIhRseqw2I0yH81l7wiR2vjs57O51EAm8= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3/go.mod h1:GlAeCkHwugxdHaueRr4nhPuY+WW+gR8UjlcqzPr1SPI= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.15 h1:I9zMeF107l0rJrpnHpjEiiTSCKYAIw8mALiXcPsGBiA= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.15/go.mod h1:9xWJ3Q/S6Ojusz1UIkfycgD1mGirJfLLKqq3LPT7WN8= +github.com/aws/aws-sdk-go-v2/service/sso v1.22.1 h1:p1GahKIjyMDZtiKoIn0/jAj/TkMzfzndDv5+zi2Mhgc= +github.com/aws/aws-sdk-go-v2/service/sso v1.22.1/go.mod h1:/vWdhoIoYA5hYoPZ6fm7Sv4d8701PiG5VKe8/pPJL60= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.2 h1:ORnrOK0C4WmYV/uYt3koHEWBLYsRDwk2Np+eEoyV4Z0= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.2/go.mod h1:xyFHA4zGxgYkdD73VeezHt3vSKEG9EmFnGwoKlP00u4= +github.com/aws/aws-sdk-go-v2/service/sts v1.30.1 h1:+woJ607dllHJQtsnJLi52ycuqHMwlW+Wqm2Ppsfp4nQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.30.1/go.mod h1:jiNR3JqT15Dm+QWq2SRgh0x0bCNSRP2L25+CqPNpJlQ= +github.com/aws/smithy-go v1.20.3 h1:ryHwveWzPV5BIof6fyDvor6V3iUL7nTfiTKXHiW05nE= +github.com/aws/smithy-go v1.20.3/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/charmbracelet/lipgloss v0.6.0 h1:1StyZB9vBSOyuZxQUcUwGr17JmojPNm87inij9N3wJY= github.com/charmbracelet/lipgloss v0.6.0/go.mod h1:tHh2wr34xcHjC2HCXIlGSG1jaDF0S0atAUvBMP6Ppuk= @@ -34,8 +58,6 @@ github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gookit/color v1.4.2/go.mod h1:fqRyamkC1W8uxl+lxCQxOT09l/vYfZ+QeiX3rKQHCoQ=