forked from tenable/terrascan
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding CFT support for new resources (tenable#1293)
* Adding CFT support for following resources: - AWS Subnet - AWS Nat Gateway - AWS Route Table - AWS Route Table Association - AWS Route * Fixing incorrect variable names * Removing unnecessary Config allocation
- Loading branch information
1 parent
c729550
commit 00664bc
Showing
8 changed files
with
261 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| /* | ||
| Copyright (C) 2022 Tenable, Inc. | ||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||
| you may not use this file except in compliance with the License. | ||
| You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| */ | ||
|
|
||
| package config | ||
|
|
||
| import ( | ||
| "github.com/awslabs/goformation/v5/cloudformation/ec2" | ||
| ) | ||
|
|
||
| // NatGatewayConfig holds config for aws_nat_gateway | ||
| type NatGatewayConfig struct { | ||
| Config | ||
| AllocationID string `json:"allocation_id"` | ||
| ConnectivityType string `json:"connectivity_type"` | ||
| SubnetID string `json:"subnet_id"` | ||
| } | ||
|
|
||
| // GetNatGatewayConfig returns config for aws_nat_gateway | ||
| func GetNatGatewayConfig(e *ec2.NatGateway) []AWSResourceConfig { | ||
| cf := NatGatewayConfig{ | ||
| Config: Config{ | ||
| Tags: e.Tags, | ||
| }, | ||
| AllocationID: e.AllocationId, | ||
| ConnectivityType: e.ConnectivityType, | ||
| SubnetID: e.SubnetId, | ||
| } | ||
| return []AWSResourceConfig{{ | ||
| Resource: cf, | ||
| Metadata: e.AWSCloudFormationMetadata, | ||
| }} | ||
| } |
40 changes: 40 additions & 0 deletions
40
pkg/mapper/iac-providers/cft/config/route-table-association.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| /* | ||
| Copyright (C) 2022 Tenable, Inc. | ||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||
| you may not use this file except in compliance with the License. | ||
| You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| */ | ||
|
|
||
| package config | ||
|
|
||
| import ( | ||
| "github.com/awslabs/goformation/v5/cloudformation/ec2" | ||
| ) | ||
|
|
||
| // RouteTableAssociationConfig holds config for aws_route_table_association | ||
| type RouteTableAssociationConfig struct { | ||
| Config | ||
| RouteTableID string `json:"route_table_id"` | ||
| SubnetID string `json:"subnet_id"` | ||
| } | ||
|
|
||
| // GetRouteTableAssociationConfig returns config for aws_route_table_association | ||
| func GetRouteTableAssociationConfig(e *ec2.SubnetRouteTableAssociation) []AWSResourceConfig { | ||
| cf := RouteTableAssociationConfig{ | ||
| RouteTableID: e.RouteTableId, | ||
| SubnetID: e.SubnetId, | ||
| } | ||
| return []AWSResourceConfig{{ | ||
| Resource: cf, | ||
| Metadata: e.AWSCloudFormationMetadata, | ||
| }} | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| /* | ||
| Copyright (C) 2022 Tenable, Inc. | ||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||
| you may not use this file except in compliance with the License. | ||
| You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| */ | ||
|
|
||
| package config | ||
|
|
||
| import ( | ||
| "github.com/awslabs/goformation/v5/cloudformation/ec2" | ||
| ) | ||
|
|
||
| // RouteTableConfig holds config for aws_route_table | ||
| type RouteTableConfig struct { | ||
| Config | ||
| VpcID string `json:"vpc_id"` | ||
| } | ||
|
|
||
| // GetRouteTableConfig returns config for aws_route_table | ||
| func GetRouteTableConfig(e *ec2.RouteTable) []AWSResourceConfig { | ||
| cf := RouteTableConfig{ | ||
| Config: Config{ | ||
| Tags: e.Tags, | ||
| }, | ||
| VpcID: e.VpcId, | ||
| } | ||
| return []AWSResourceConfig{{ | ||
| Resource: cf, | ||
| Metadata: e.AWSCloudFormationMetadata, | ||
| }} | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| /* | ||
| Copyright (C) 2022 Tenable, Inc. | ||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||
| you may not use this file except in compliance with the License. | ||
| You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| */ | ||
|
|
||
| package config | ||
|
|
||
| import ( | ||
| "github.com/awslabs/goformation/v5/cloudformation/ec2" | ||
| ) | ||
|
|
||
| // RouteConfig holds config for aws_route | ||
| type RouteConfig struct { | ||
| Config | ||
| CarrierGatewayID string `json:"carrier_gateway_id"` | ||
| DestinationCidrBlock string `json:"destination_cidr_block"` | ||
| DestinationIpv6CidrBlock string `json:"destination_ipv6_cidr_block"` | ||
| EgressOnlyInternetGatewayID string `json:"egress_only_gateway_id"` | ||
| GatewayID string `json:"gateway_id"` | ||
| InstanceID string `json:"instance_id"` | ||
| LocalGatewayID string `json:"local_gateway_id"` | ||
| NatGatewayID string `json:"nat_gateway_id"` | ||
| NetworkInterfaceID string `json:"network_interface_id"` | ||
| RouteTableID string `json:"route_table_id"` | ||
| TransitGatewayID string `json:"transit_gateway_id"` | ||
| VpcEndpointID string `json:"vpc_endpoint_id"` | ||
| VpcPeeringConnectionID string `json:"vpc_peering_connection_id"` | ||
| } | ||
|
|
||
| // GetRouteConfig returns config for aws_route | ||
| func GetRouteConfig(e *ec2.Route) []AWSResourceConfig { | ||
| cf := RouteConfig{ | ||
| CarrierGatewayID: e.CarrierGatewayId, | ||
| DestinationCidrBlock: e.DestinationCidrBlock, | ||
| DestinationIpv6CidrBlock: e.DestinationIpv6CidrBlock, | ||
| EgressOnlyInternetGatewayID: e.EgressOnlyInternetGatewayId, | ||
| GatewayID: e.GatewayId, | ||
| InstanceID: e.InstanceId, | ||
| LocalGatewayID: e.LocalGatewayId, | ||
| NatGatewayID: e.NatGatewayId, | ||
| NetworkInterfaceID: e.NetworkInterfaceId, | ||
| RouteTableID: e.RouteTableId, | ||
| TransitGatewayID: e.TransitGatewayId, | ||
| VpcEndpointID: e.VpcEndpointId, | ||
| VpcPeeringConnectionID: e.VpcPeeringConnectionId, | ||
| } | ||
| return []AWSResourceConfig{{ | ||
| Resource: cf, | ||
| Metadata: e.AWSCloudFormationMetadata, | ||
| }} | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| /* | ||
| Copyright (C) 2022 Tenable, Inc. | ||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||
| you may not use this file except in compliance with the License. | ||
| You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| */ | ||
|
|
||
| package config | ||
|
|
||
| import ( | ||
| "github.com/awslabs/goformation/v5/cloudformation/ec2" | ||
| ) | ||
|
|
||
| // SubnetConfig holds config for aws_subnet | ||
| type SubnetConfig struct { | ||
| Config | ||
| AssignIpv6AddressOnCreation bool `json:"assign_ipv6_address_on_creation"` | ||
| AvailabilityZone string `json:"availability_zone"` | ||
| CidrBlock string `json:"cidr_block"` | ||
| Ipv6CidrBlock string `json:"ipv6_cidr_block"` | ||
| MapPublicIPOnLaunch bool `json:"map_public_ip_on_launch"` | ||
| OutpostArn string `json:"outpost_arn"` | ||
| VpcID string `json:"vpc_id"` | ||
| } | ||
|
|
||
| // GetSubnetConfig returns config for aws_subnet | ||
| func GetSubnetConfig(e *ec2.Subnet) []AWSResourceConfig { | ||
| cf := SubnetConfig{ | ||
| Config: Config{ | ||
| Tags: e.Tags, | ||
| }, | ||
| AssignIpv6AddressOnCreation: e.AssignIpv6AddressOnCreation, | ||
| AvailabilityZone: e.AvailabilityZone, | ||
| CidrBlock: e.CidrBlock, | ||
| Ipv6CidrBlock: e.Ipv6CidrBlock, | ||
| MapPublicIPOnLaunch: e.MapPublicIpOnLaunch, | ||
| OutpostArn: e.OutpostArn, | ||
| VpcID: e.VpcId, | ||
| } | ||
| return []AWSResourceConfig{{ | ||
| Resource: cf, | ||
| Metadata: e.AWSCloudFormationMetadata, | ||
| }} | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters