diff --git a/aws/resources/network_firewall.go b/aws/resources/network_firewall.go index 5ba535df..7f9953e6 100644 --- a/aws/resources/network_firewall.go +++ b/aws/resources/network_firewall.go @@ -5,8 +5,9 @@ import ( "slices" "time" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" @@ -14,11 +15,11 @@ import ( "github.com/gruntwork-io/go-commons/errors" ) -func shouldIncludeNetworkFirewall(firewall *networkfirewall.Firewall, firstSeenTime *time.Time, configObj config.Config) bool { +func shouldIncludeNetworkFirewall(firewall *types.Firewall, firstSeenTime *time.Time, configObj config.Config) bool { var identifierName string tags := util.ConvertNetworkFirewallTagsToMap(firewall.Tags) - identifierName = awsgo.StringValue(firewall.FirewallName) // set the default + identifierName = aws.ToString(firewall.FirewallName) // set the default if v, ok := tags["Name"]; ok { identifierName = v } @@ -35,7 +36,7 @@ func (nfw *NetworkFirewall) getAll(c context.Context, configObj config.Config) ( var firstSeenTime *time.Time var err error - metaOutput, err := nfw.Client.ListFirewalls(nil) + metaOutput, err := nfw.Client.ListFirewalls(nfw.Context, &networkfirewall.ListFirewallsInput{}) if err != nil { return nil, errors.WithStackTrace(err) } @@ -43,16 +44,16 @@ func (nfw *NetworkFirewall) getAll(c context.Context, configObj config.Config) ( var deleteprotected []string // describe the firewalls to get more info for _, firewall := range metaOutput.Firewalls { - output, err := nfw.Client.DescribeFirewallWithContext(nfw.Context, &networkfirewall.DescribeFirewallInput{ + output, err := nfw.Client.DescribeFirewall(nfw.Context, &networkfirewall.DescribeFirewallInput{ FirewallArn: firewall.FirewallArn, }) if err != nil { - logging.Errorf("[Failed] to describe the firewall %s", awsgo.StringValue(firewall.FirewallArn)) + logging.Errorf("[Failed] to describe the firewall %s", aws.ToString(firewall.FirewallArn)) return nil, errors.WithStackTrace(err) } if output.Firewall == nil { - logging.Errorf("[Failed] no firewall information found for %s", awsgo.StringValue(firewall.FirewallArn)) + logging.Errorf("[Failed] no firewall information found for %s", aws.ToString(firewall.FirewallArn)) continue } @@ -63,8 +64,8 @@ func (nfw *NetworkFirewall) getAll(c context.Context, configObj config.Config) ( } // check the resource is delete protected - if awsgo.BoolValue(output.Firewall.DeleteProtection) { - deleteprotected = append(deleteprotected, awsgo.StringValue(firewall.FirewallName)) + if output.Firewall.DeleteProtection { + deleteprotected = append(deleteprotected, aws.ToString(firewall.FirewallName)) } if shouldIncludeNetworkFirewall(output.Firewall, firstSeenTime, configObj) { @@ -74,7 +75,7 @@ func (nfw *NetworkFirewall) getAll(c context.Context, configObj config.Config) ( nfw.VerifyNukablePermissions(identifiers, func(id *string) error { // check the resource is enabled delete protection - if slices.Contains(deleteprotected, awsgo.StringValue(id)) { + if slices.Contains(deleteprotected, aws.ToString(id)) { return util.ErrDeleteProtectionEnabled } return nil @@ -98,13 +99,13 @@ func (nfw *NetworkFirewall) nukeAll(identifiers []*string) error { continue } - _, err := nfw.Client.DeleteFirewallWithContext(nfw.Context, &networkfirewall.DeleteFirewallInput{ + _, err := nfw.Client.DeleteFirewall(nfw.Context, &networkfirewall.DeleteFirewallInput{ FirewallName: id, }) // Record status of this resource e := report.Entry{ - Identifier: awsgo.StringValue(id), + Identifier: aws.ToString(id), ResourceType: "Network Firewall", Error: err, } diff --git a/aws/resources/network_firewall_policy.go b/aws/resources/network_firewall_policy.go index 14147d69..8ab78cb6 100644 --- a/aws/resources/network_firewall_policy.go +++ b/aws/resources/network_firewall_policy.go @@ -4,8 +4,9 @@ import ( "context" "time" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" @@ -13,10 +14,10 @@ import ( "github.com/gruntwork-io/go-commons/errors" ) -func shouldIncludeNetworkFirewallPolicy(firewall *networkfirewall.FirewallPolicyResponse, firstSeenTime *time.Time, configObj config.Config) bool { +func shouldIncludeNetworkFirewallPolicy(firewall *types.FirewallPolicyResponse, firstSeenTime *time.Time, configObj config.Config) bool { // if the firewall policy has any attachments, then we can't remove that policy - if awsgo.Int64Value(firewall.NumberOfAssociations) > 0 { - logging.Debugf("[Skipping] the policy %s is still in use", awsgo.StringValue(firewall.FirewallPolicyName)) + if aws.ToInt32(firewall.NumberOfAssociations) > 0 { + logging.Debugf("[Skipping] the policy %s is still in use", aws.ToString(firewall.FirewallPolicyName)) return false } @@ -40,23 +41,23 @@ func (nfw *NetworkFirewallPolicy) getAll(c context.Context, configObj config.Con err error ) - metaOutput, err := nfw.Client.ListFirewallPoliciesWithContext(nfw.Context, nil) + metaOutput, err := nfw.Client.ListFirewallPolicies(nfw.Context, nil) if err != nil { return nil, errors.WithStackTrace(err) } for _, policy := range metaOutput.FirewallPolicies { - output, err := nfw.Client.DescribeFirewallPolicyWithContext(nfw.Context, &networkfirewall.DescribeFirewallPolicyInput{ + output, err := nfw.Client.DescribeFirewallPolicy(nfw.Context, &networkfirewall.DescribeFirewallPolicyInput{ FirewallPolicyArn: policy.Arn, }) if err != nil { - logging.Errorf("[Failed] to describe the firewall policy %s", awsgo.StringValue(policy.Name)) + logging.Errorf("[Failed] to describe the firewall policy %s", aws.ToString(policy.Name)) return nil, errors.WithStackTrace(err) } if output.FirewallPolicyResponse == nil { - logging.Errorf("[Failed] no firewall policy information found for %s", awsgo.StringValue(policy.Name)) + logging.Errorf("[Failed] no firewall policy information found for %s", aws.ToString(policy.Name)) continue } @@ -84,13 +85,13 @@ func (nfw *NetworkFirewallPolicy) nukeAll(identifiers []*string) error { var deleted []*string for _, id := range identifiers { - _, err := nfw.Client.DeleteFirewallPolicyWithContext(nfw.Context, &networkfirewall.DeleteFirewallPolicyInput{ + _, err := nfw.Client.DeleteFirewallPolicy(nfw.Context, &networkfirewall.DeleteFirewallPolicyInput{ FirewallPolicyName: id, }) // Record status of this resource e := report.Entry{ - Identifier: awsgo.StringValue(id), + Identifier: aws.ToString(id), ResourceType: "Network Firewall policy", Error: err, } diff --git a/aws/resources/network_firewall_policy_test.go b/aws/resources/network_firewall_policy_test.go index 4c596ee1..1f75d008 100644 --- a/aws/resources/network_firewall_policy_test.go +++ b/aws/resources/network_firewall_policy_test.go @@ -7,39 +7,31 @@ import ( "testing" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" - - awsgo "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/util" "github.com/stretchr/testify/require" ) type mockedNetworkFirewallPolicy struct { - networkfirewalliface.NetworkFirewallAPI - DeleteFirewallPolicyOutput networkfirewall.DeleteFirewallPolicyOutput + NetworkFirewallPolicyAPI ListFirewallPoliciesOutput networkfirewall.ListFirewallPoliciesOutput - TagResourceOutput networkfirewall.TagResourceOutput DescribeFirewallPolicyOutput map[string]networkfirewall.DescribeFirewallPolicyOutput + DeleteFirewallPolicyOutput networkfirewall.DeleteFirewallPolicyOutput } -func (m mockedNetworkFirewallPolicy) TagResource(*networkfirewall.TagResourceInput) (*networkfirewall.TagResourceOutput, error) { - return &m.TagResourceOutput, nil -} - -func (m mockedNetworkFirewallPolicy) DeleteFirewallPolicyWithContext(_ awsgo.Context, _ *networkfirewall.DeleteFirewallPolicyInput, _ ...request.Option) (*networkfirewall.DeleteFirewallPolicyOutput, error) { +func (m mockedNetworkFirewallPolicy) DeleteFirewallPolicy(ctx context.Context, params *networkfirewall.DeleteFirewallPolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteFirewallPolicyOutput, error) { return &m.DeleteFirewallPolicyOutput, nil } -func (m mockedNetworkFirewallPolicy) ListFirewallPoliciesWithContext(_ awsgo.Context, _ *networkfirewall.ListFirewallPoliciesInput, _ ...request.Option) (*networkfirewall.ListFirewallPoliciesOutput, error) { +func (m mockedNetworkFirewallPolicy) ListFirewallPolicies(ctx context.Context, params *networkfirewall.ListFirewallPoliciesInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListFirewallPoliciesOutput, error) { return &m.ListFirewallPoliciesOutput, nil } -func (m mockedNetworkFirewallPolicy) DescribeFirewallPolicyWithContext(_ awsgo.Context, req *networkfirewall.DescribeFirewallPolicyInput, _ ...request.Option) (*networkfirewall.DescribeFirewallPolicyOutput, error) { - raw := awsgo.StringValue(req.FirewallPolicyArn) +func (m mockedNetworkFirewallPolicy) DescribeFirewallPolicy(ctx context.Context, params *networkfirewall.DescribeFirewallPolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeFirewallPolicyOutput, error) { + raw := aws.ToString(params.FirewallPolicyArn) v, ok := m.DescribeFirewallPolicyOutput[raw] if !ok { return nil, fmt.Errorf("unable to describe the %s", raw) @@ -63,42 +55,42 @@ func TestNetworkFirewallPolicy_GetAll(t *testing.T) { nfw := NetworkFirewallPolicy{ Client: mockedNetworkFirewallPolicy{ ListFirewallPoliciesOutput: networkfirewall.ListFirewallPoliciesOutput{ - FirewallPolicies: []*networkfirewall.FirewallPolicyMetadata{ + FirewallPolicies: []types.FirewallPolicyMetadata{ { - Arn: awsgo.String(testId1), - Name: awsgo.String(testName1), + Arn: aws.String(testId1), + Name: aws.String(testName1), }, { - Arn: awsgo.String(testId2), - Name: awsgo.String(testName2), + Arn: aws.String(testId2), + Name: aws.String(testName2), }, }, }, DescribeFirewallPolicyOutput: map[string]networkfirewall.DescribeFirewallPolicyOutput{ testId1: { - FirewallPolicyResponse: &networkfirewall.FirewallPolicyResponse{ - FirewallPolicyName: awsgo.String(testName1), - Tags: []*networkfirewall.Tag{ + FirewallPolicyResponse: &types.FirewallPolicyResponse{ + FirewallPolicyName: aws.String(testName1), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName1), + Key: aws.String("Name"), + Value: aws.String(testName1), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now)), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now)), }, }, }, }, testId2: { - FirewallPolicyResponse: &networkfirewall.FirewallPolicyResponse{ - FirewallPolicyName: awsgo.String(testName2), - Tags: []*networkfirewall.Tag{ + FirewallPolicyResponse: &types.FirewallPolicyResponse{ + FirewallPolicyName: aws.String(testName2), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName2), + Key: aws.String("Name"), + Value: aws.String(testName2), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now.Add(1 * time.Hour))), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now.Add(1 * time.Hour))), }, }, }, @@ -129,7 +121,7 @@ func TestNetworkFirewallPolicy_GetAll(t *testing.T) { "timeAfterExclusionFilter": { configObj: config.ResourceType{ ExcludeRule: config.FilterRule{ - TimeAfter: awsgo.Time(now), + TimeAfter: aws.Time(now), }}, expected: []string{testName1}, }, @@ -140,7 +132,7 @@ func TestNetworkFirewallPolicy_GetAll(t *testing.T) { NetworkFirewallPolicy: tc.configObj, }) require.NoError(t, err) - require.Equal(t, tc.expected, aws.StringValueSlice(names)) + require.Equal(t, tc.expected, aws.ToStringSlice(names)) }) } } diff --git a/aws/resources/network_firewall_policy_types.go b/aws/resources/network_firewall_policy_types.go index 523d3bd9..68aabf93 100644 --- a/aws/resources/network_firewall_policy_types.go +++ b/aws/resources/network_firewall_policy_types.go @@ -3,26 +3,31 @@ package resources import ( "context" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/go-commons/errors" ) +type NetworkFirewallPolicyAPI interface { + ListFirewallPolicies(ctx context.Context, params *networkfirewall.ListFirewallPoliciesInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListFirewallPoliciesOutput, error) + DescribeFirewallPolicy(ctx context.Context, params *networkfirewall.DescribeFirewallPolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeFirewallPolicyOutput, error) + DeleteFirewallPolicy(ctx context.Context, params *networkfirewall.DeleteFirewallPolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteFirewallPolicyOutput, error) +} + type NetworkFirewallPolicy struct { BaseAwsResource - Client networkfirewalliface.NetworkFirewallAPI + Client NetworkFirewallPolicyAPI Region string Identifiers []string } -func (nfw *NetworkFirewallPolicy) Init(session *session.Session) { - nfw.BaseAwsResource.Init(session) - nfw.Client = networkfirewall.New(session) +func (nfw *NetworkFirewallPolicy) InitV2(cfg aws.Config) { + nfw.Client = networkfirewall.NewFromConfig(cfg) } +func (nfw *NetworkFirewallPolicy) IsUsingV2() bool { return true } + // ResourceName - the simple name of the aws resource func (nfw *NetworkFirewallPolicy) ResourceName() string { return "network-firewall-policy" @@ -49,13 +54,13 @@ func (nfw *NetworkFirewallPolicy) GetAndSetIdentifiers(c context.Context, config return nil, err } - nfw.Identifiers = awsgo.StringValueSlice(identifiers) + nfw.Identifiers = aws.ToStringSlice(identifiers) return nfw.Identifiers, nil } // Nuke - nuke 'em all!!! func (nfw *NetworkFirewallPolicy) Nuke(identifiers []string) error { - if err := nfw.nukeAll(awsgo.StringSlice(identifiers)); err != nil { + if err := nfw.nukeAll(aws.StringSlice(identifiers)); err != nil { return errors.WithStackTrace(err) } diff --git a/aws/resources/network_firewall_resource_policy.go b/aws/resources/network_firewall_resource_policy.go index 8ada94fd..a9963f04 100644 --- a/aws/resources/network_firewall_resource_policy.go +++ b/aws/resources/network_firewall_resource_policy.go @@ -3,8 +3,8 @@ package resources import ( "context" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" @@ -17,14 +17,14 @@ import ( // - https://docs.aws.amazon.com/network-firewall/latest/developerguide/security_iam_resource-based-policy-examples.html // - https://docs.aws.amazon.com/network-firewall/latest/developerguide/sharing.html // - https://docs.aws.amazon.com/ram/latest/userguide/what-is.html -func (nfw *NetworkFirewallResourcePolicy) getAll(_ context.Context, configObj config.Config) ([]*string, error) { +func (nfrp *NetworkFirewallResourcePolicy) getAll(_ context.Context, configObj config.Config) ([]*string, error) { var identifiers []*string var resourceArns []*string // list the firewall policies and rule group { - policyMeta, err := nfw.Client.ListFirewallPoliciesWithContext(nfw.Context, nil) + policyMeta, err := nfrp.Client.ListFirewallPolicies(nfrp.Context, nil) if err != nil { return nil, errors.WithStackTrace(err) } @@ -32,7 +32,7 @@ func (nfw *NetworkFirewallResourcePolicy) getAll(_ context.Context, configObj co for _, policy := range policyMeta.FirewallPolicies { resourceArns = append(resourceArns, policy.Arn) } - groupMeta, err := nfw.Client.ListRuleGroupsWithContext(nfw.Context, nil) + groupMeta, err := nfrp.Client.ListRuleGroups(nfrp.Context, nil) if err != nil { return nil, errors.WithStackTrace(err) } @@ -43,7 +43,7 @@ func (nfw *NetworkFirewallResourcePolicy) getAll(_ context.Context, configObj co // get the resource policies attached on these arns for _, arn := range resourceArns { - output, err := nfw.Client.DescribeResourcePolicyWithContext(nfw.Context, &networkfirewall.DescribeResourcePolicyInput{ + output, err := nfrp.Client.DescribeResourcePolicy(nfrp.Context, &networkfirewall.DescribeResourcePolicyInput{ ResourceArn: arn, }) if err != nil && util.TransformAWSError(err) != util.ErrResourceNotFoundException { @@ -62,23 +62,23 @@ func (nfw *NetworkFirewallResourcePolicy) getAll(_ context.Context, configObj co return identifiers, nil } -func (nfw *NetworkFirewallResourcePolicy) nukeAll(identifiers []*string) error { +func (nfrp *NetworkFirewallResourcePolicy) nukeAll(identifiers []*string) error { if len(identifiers) == 0 { - logging.Debugf("No Network Firewall resource policy to nuke in region %s", nfw.Region) + logging.Debugf("No Network Firewall resource policy to nuke in region %s", nfrp.Region) return nil } - logging.Debugf("Deleting Network firewall resource policy in region %s", nfw.Region) + logging.Debugf("Deleting Network firewall resource policy in region %s", nfrp.Region) var deleted []*string for _, id := range identifiers { - _, err := nfw.Client.DeleteResourcePolicyWithContext(nfw.Context, &networkfirewall.DeleteResourcePolicyInput{ + _, err := nfrp.Client.DeleteResourcePolicy(nfrp.Context, &networkfirewall.DeleteResourcePolicyInput{ ResourceArn: id, }) // Record status of this resource e := report.Entry{ - Identifier: awsgo.StringValue(id), + Identifier: aws.ToString(id), ResourceType: "Network Firewall Resource policy", Error: err, } @@ -91,7 +91,7 @@ func (nfw *NetworkFirewallResourcePolicy) nukeAll(identifiers []*string) error { } } - logging.Debugf("[OK] %d Network Resource Policy(s) deleted in %s", len(deleted), nfw.Region) + logging.Debugf("[OK] %d Network Resource Policy(s) deleted in %s", len(deleted), nfrp.Region) return nil } diff --git a/aws/resources/network_firewall_resource_policy_test.go b/aws/resources/network_firewall_resource_policy_test.go index 18a05a9a..67a70092 100644 --- a/aws/resources/network_firewall_resource_policy_test.go +++ b/aws/resources/network_firewall_resource_policy_test.go @@ -5,36 +5,34 @@ import ( "regexp" "testing" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" - - awsgo "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/stretchr/testify/require" ) type mockedNetworkFirewallResourcePolicy struct { - networkfirewalliface.NetworkFirewallAPI + NetworkFirewallResourcePolicyAPI ListFirewallPoliciesOutput networkfirewall.ListFirewallPoliciesOutput ListRuleGroupsOutput networkfirewall.ListRuleGroupsOutput - DeleteResourcePolicyOutput networkfirewall.DeleteResourcePolicyOutput DescribeResourcePolicyOutput networkfirewall.DescribeResourcePolicyOutput + DeleteResourcePolicyOutput networkfirewall.DeleteResourcePolicyOutput } -func (m mockedNetworkFirewallResourcePolicy) ListFirewallPoliciesWithContext(_ awsgo.Context, _ *networkfirewall.ListFirewallPoliciesInput, _ ...request.Option) (*networkfirewall.ListFirewallPoliciesOutput, error) { +func (m mockedNetworkFirewallResourcePolicy) ListFirewallPolicies(ctx context.Context, params *networkfirewall.ListFirewallPoliciesInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListFirewallPoliciesOutput, error) { return &m.ListFirewallPoliciesOutput, nil } -func (m mockedNetworkFirewallResourcePolicy) ListRuleGroupsWithContext(awsgo.Context, *networkfirewall.ListRuleGroupsInput, ...request.Option) (*networkfirewall.ListRuleGroupsOutput, error) { +func (m mockedNetworkFirewallResourcePolicy) ListRuleGroups(ctx context.Context, params *networkfirewall.ListRuleGroupsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListRuleGroupsOutput, error) { return &m.ListRuleGroupsOutput, nil } -func (m mockedNetworkFirewallResourcePolicy) DeleteResourcePolicyWithContext(awsgo.Context, *networkfirewall.DeleteResourcePolicyInput, ...request.Option) (*networkfirewall.DeleteResourcePolicyOutput, error) { + +func (m mockedNetworkFirewallResourcePolicy) DeleteResourcePolicy(ctx context.Context, params *networkfirewall.DeleteResourcePolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteResourcePolicyOutput, error) { return &m.DeleteResourcePolicyOutput, nil } -func (m mockedNetworkFirewallResourcePolicy) DescribeResourcePolicyWithContext(awsgo.Context, *networkfirewall.DescribeResourcePolicyInput, ...request.Option) (*networkfirewall.DescribeResourcePolicyOutput, error) { +func (m mockedNetworkFirewallResourcePolicy) DescribeResourcePolicy(ctx context.Context, params *networkfirewall.DescribeResourcePolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeResourcePolicyOutput, error) { return &m.DescribeResourcePolicyOutput, nil } @@ -52,22 +50,22 @@ func TestNetworkFirewallResourcePolicy_GetAll(t *testing.T) { nfw := NetworkFirewallResourcePolicy{ Client: mockedNetworkFirewallResourcePolicy{ ListFirewallPoliciesOutput: networkfirewall.ListFirewallPoliciesOutput{ - FirewallPolicies: []*networkfirewall.FirewallPolicyMetadata{ + FirewallPolicies: []types.FirewallPolicyMetadata{ { - Arn: awsgo.String(policy1), + Arn: aws.String(policy1), }, { - Arn: awsgo.String(policy2), + Arn: aws.String(policy2), }, }, }, ListRuleGroupsOutput: networkfirewall.ListRuleGroupsOutput{ - RuleGroups: []*networkfirewall.RuleGroupMetadata{ + RuleGroups: []types.RuleGroupMetadata{ { - Arn: awsgo.String(group1), + Arn: aws.String(group1), }, { - Arn: awsgo.String(group2), + Arn: aws.String(group2), }, }, }, @@ -103,7 +101,7 @@ func TestNetworkFirewallResourcePolicy_GetAll(t *testing.T) { NetworkFirewallResourcePolicy: tc.configObj, }) require.NoError(t, err) - require.Equal(t, tc.expected, aws.StringValueSlice(names)) + require.Equal(t, tc.expected, aws.ToStringSlice(names)) }) } } diff --git a/aws/resources/network_firewall_resource_policy_types.go b/aws/resources/network_firewall_resource_policy_types.go index 84efe172..ae73baaf 100644 --- a/aws/resources/network_firewall_resource_policy_types.go +++ b/aws/resources/network_firewall_resource_policy_types.go @@ -3,25 +3,32 @@ package resources import ( "context" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/go-commons/errors" ) +type NetworkFirewallResourcePolicyAPI interface { + ListFirewallPolicies(ctx context.Context, params *networkfirewall.ListFirewallPoliciesInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListFirewallPoliciesOutput, error) + ListRuleGroups(ctx context.Context, params *networkfirewall.ListRuleGroupsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListRuleGroupsOutput, error) + DescribeResourcePolicy(ctx context.Context, params *networkfirewall.DescribeResourcePolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeResourcePolicyOutput, error) + DeleteResourcePolicy(ctx context.Context, params *networkfirewall.DeleteResourcePolicyInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteResourcePolicyOutput, error) +} + type NetworkFirewallResourcePolicy struct { BaseAwsResource - Client networkfirewalliface.NetworkFirewallAPI + Client NetworkFirewallResourcePolicyAPI Region string Identifiers []string } -func (nfrp *NetworkFirewallResourcePolicy) Init(session *session.Session) { - nfrp.Client = networkfirewall.New(session) +func (nfrp *NetworkFirewallResourcePolicy) InitV2(cfg aws.Config) { + nfrp.Client = networkfirewall.NewFromConfig(cfg) } +func (nfrp *NetworkFirewallResourcePolicy) IsUsingV2() bool { return true } + // ResourceName - the simple name of the aws resource func (nfrp *NetworkFirewallResourcePolicy) ResourceName() string { return "network-firewall-resource-policy" @@ -48,13 +55,13 @@ func (nfrp *NetworkFirewallResourcePolicy) GetAndSetIdentifiers(c context.Contex return nil, err } - nfrp.Identifiers = awsgo.StringValueSlice(identifiers) + nfrp.Identifiers = aws.ToStringSlice(identifiers) return nfrp.Identifiers, nil } // Nuke - nuke 'em all!!! func (nfrp *NetworkFirewallResourcePolicy) Nuke(identifiers []string) error { - if err := nfrp.nukeAll(awsgo.StringSlice(identifiers)); err != nil { + if err := nfrp.nukeAll(aws.StringSlice(identifiers)); err != nil { return errors.WithStackTrace(err) } diff --git a/aws/resources/network_firewall_rule_group.go b/aws/resources/network_firewall_rule_group.go index b7c8e81a..0978b58f 100644 --- a/aws/resources/network_firewall_rule_group.go +++ b/aws/resources/network_firewall_rule_group.go @@ -5,8 +5,9 @@ import ( "fmt" "time" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" @@ -14,17 +15,17 @@ import ( "github.com/gruntwork-io/go-commons/errors" ) -func shouldIncludeNetworkFirewallRuleGroup(group *networkfirewall.RuleGroupResponse, firstSeenTime *time.Time, configObj config.Config) bool { +func shouldIncludeNetworkFirewallRuleGroup(group *types.RuleGroupResponse, firstSeenTime *time.Time, configObj config.Config) bool { // if the firewall policy has any attachments, then we can't remove that policy - if awsgo.Int64Value(group.NumberOfAssociations) > 0 { - logging.Debugf("[Skipping] the rule group %s is still in use", awsgo.StringValue(group.RuleGroupName)) + if aws.ToInt32(group.NumberOfAssociations) > 0 { + logging.Debugf("[Skipping] the rule group %s is still in use", aws.ToString(group.RuleGroupName)) return false } var identifierName string tags := util.ConvertNetworkFirewallTagsToMap(group.Tags) - identifierName = awsgo.StringValue(group.RuleGroupName) // set the default + identifierName = aws.ToString(group.RuleGroupName) // set the default if v, ok := tags["Name"]; ok { identifierName = v } @@ -36,33 +37,33 @@ func shouldIncludeNetworkFirewallRuleGroup(group *networkfirewall.RuleGroupRespo }) } -func (nfw *NetworkFirewallRuleGroup) getAll(c context.Context, configObj config.Config) ([]*string, error) { +func (nfrg *NetworkFirewallRuleGroup) getAll(c context.Context, configObj config.Config) ([]*string, error) { var ( identifiers []*string firstSeenTime *time.Time err error ) - meta, err := nfw.Client.ListRuleGroupsWithContext(nfw.Context, nil) + meta, err := nfrg.Client.ListRuleGroups(nfrg.Context, nil) if err != nil { return nil, errors.WithStackTrace(err) } for _, group := range meta.RuleGroups { - output, err := nfw.Client.DescribeRuleGroupWithContext(nfw.Context, &networkfirewall.DescribeRuleGroupInput{ + output, err := nfrg.Client.DescribeRuleGroup(nfrg.Context, &networkfirewall.DescribeRuleGroupInput{ RuleGroupArn: group.Arn, }) if err != nil { - logging.Errorf("[Failed] to describe the firewall rule group %s", awsgo.StringValue(group.Name)) + logging.Errorf("[Failed] to describe the firewall rule group %s", aws.ToString(group.Name)) return nil, errors.WithStackTrace(err) } if output.RuleGroupResponse == nil { - logging.Errorf("[Failed] no firewall rule group information found for %s", awsgo.StringValue(group.Name)) + logging.Errorf("[Failed] no firewall rule group information found for %s", aws.ToString(group.Name)) continue } - firstSeenTime, err = util.GetOrCreateFirstSeen(c, nfw.Client, group.Arn, util.ConvertNetworkFirewallTagsToMap(output.RuleGroupResponse.Tags)) + firstSeenTime, err = util.GetOrCreateFirstSeen(c, nfrg.Client, group.Arn, util.ConvertNetworkFirewallTagsToMap(output.RuleGroupResponse.Tags)) if err != nil { logging.Error("Unable to retrieve tags") return nil, errors.WithStackTrace(err) @@ -71,10 +72,10 @@ func (nfw *NetworkFirewallRuleGroup) getAll(c context.Context, configObj config. if shouldIncludeNetworkFirewallRuleGroup(output.RuleGroupResponse, firstSeenTime, configObj) { identifiers = append(identifiers, group.Name) - raw := awsgo.StringValue(group.Name) - nfw.RuleGroups[raw] = RuleGroup{ + raw := aws.ToString(group.Name) + nfrg.RuleGroups[raw] = RuleGroup{ Name: output.RuleGroupResponse.RuleGroupName, - Type: output.RuleGroupResponse.Type, + Type: aws.String(string(output.RuleGroupResponse.Type)), } } } @@ -82,32 +83,32 @@ func (nfw *NetworkFirewallRuleGroup) getAll(c context.Context, configObj config. return identifiers, nil } -func (nfw *NetworkFirewallRuleGroup) nukeAll(identifiers []*string) error { +func (nfrg *NetworkFirewallRuleGroup) nukeAll(identifiers []*string) error { if len(identifiers) == 0 { - logging.Debugf("No Network Firewall rule group to nuke in region %s", nfw.Region) + logging.Debugf("No Network Firewall rule group to nuke in region %s", nfrg.Region) return nil } - logging.Debugf("Deleting Network firewall rule group in region %s", nfw.Region) + logging.Debugf("Deleting Network firewall rule group in region %s", nfrg.Region) var deleted []*string for _, id := range identifiers { // check and get the type for this identifier - group, ok := nfw.RuleGroups[awsgo.StringValue(id)] + group, ok := nfrg.RuleGroups[aws.ToString(id)] if !ok { - logging.Errorf("couldn't find the rule group type for %s", awsgo.StringValue(id)) - return fmt.Errorf("couldn't find the rule group type for %s", awsgo.StringValue(id)) + logging.Errorf("couldn't find the rule group type for %s", aws.ToString(id)) + return fmt.Errorf("couldn't find the rule group type for %s", aws.ToString(id)) } // delete the rule group - _, err := nfw.Client.DeleteRuleGroupWithContext(nfw.Context, &networkfirewall.DeleteRuleGroupInput{ + _, err := nfrg.Client.DeleteRuleGroup(nfrg.Context, &networkfirewall.DeleteRuleGroupInput{ RuleGroupName: id, - Type: group.Type, + Type: types.RuleGroupType(aws.ToString(group.Type)), }) // Record status of this resource e := report.Entry{ - Identifier: awsgo.StringValue(id), + Identifier: aws.ToString(id), ResourceType: "Network Firewall Rule group", Error: err, } @@ -120,7 +121,7 @@ func (nfw *NetworkFirewallRuleGroup) nukeAll(identifiers []*string) error { } } - logging.Debugf("[OK] %d Network Firewall Rule group(s) deleted in %s", len(deleted), nfw.Region) + logging.Debugf("[OK] %d Network Firewall Rule group(s) deleted in %s", len(deleted), nfrg.Region) return nil } diff --git a/aws/resources/network_firewall_rule_group_test.go b/aws/resources/network_firewall_rule_group_test.go index f3053924..a3e71e7b 100644 --- a/aws/resources/network_firewall_rule_group_test.go +++ b/aws/resources/network_firewall_rule_group_test.go @@ -7,31 +7,23 @@ import ( "testing" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" - - awsgo "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/util" "github.com/stretchr/testify/require" ) type mockedNetworkFirewallRuleGroup struct { - networkfirewalliface.NetworkFirewallAPI + NetworkFirewallRuleGroupAPI + ListRuleGroupsOutput networkfirewall.ListRuleGroupsOutput DescribeRuleGroupOutput map[string]networkfirewall.DescribeRuleGroupOutput - TagResourceOutput networkfirewall.TagResourceOutput DeleteRuleGroupOutput networkfirewall.DeleteRuleGroupOutput - ListRuleGroupsOutput networkfirewall.ListRuleGroupsOutput -} - -func (m mockedNetworkFirewallRuleGroup) TagResource(*networkfirewall.TagResourceInput) (*networkfirewall.TagResourceOutput, error) { - return &m.TagResourceOutput, nil } -func (m mockedNetworkFirewallRuleGroup) DescribeRuleGroupWithContext(_ awsgo.Context, req *networkfirewall.DescribeRuleGroupInput, _ ...request.Option) (*networkfirewall.DescribeRuleGroupOutput, error) { - raw := awsgo.StringValue(req.RuleGroupArn) +func (m mockedNetworkFirewallRuleGroup) DescribeRuleGroup(ctx context.Context, params *networkfirewall.DescribeRuleGroupInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeRuleGroupOutput, error) { + raw := aws.ToString(params.RuleGroupArn) v, ok := m.DescribeRuleGroupOutput[raw] if !ok { return nil, fmt.Errorf("unable to describe the %s", raw) @@ -39,11 +31,11 @@ func (m mockedNetworkFirewallRuleGroup) DescribeRuleGroupWithContext(_ awsgo.Con return &v, nil } -func (m mockedNetworkFirewallRuleGroup) DeleteRuleGroupWithContext(_ awsgo.Context, _ *networkfirewall.DeleteRuleGroupInput, _ ...request.Option) (*networkfirewall.DeleteRuleGroupOutput, error) { +func (m mockedNetworkFirewallRuleGroup) DeleteRuleGroup(ctx context.Context, params *networkfirewall.DeleteRuleGroupInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteRuleGroupOutput, error) { return &m.DeleteRuleGroupOutput, nil } -func (m mockedNetworkFirewallRuleGroup) ListRuleGroupsWithContext(_ awsgo.Context, _ *networkfirewall.ListRuleGroupsInput, _ ...request.Option) (*networkfirewall.ListRuleGroupsOutput, error) { +func (m mockedNetworkFirewallRuleGroup) ListRuleGroups(ctx context.Context, params *networkfirewall.ListRuleGroupsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListRuleGroupsOutput, error) { return &m.ListRuleGroupsOutput, nil } @@ -64,42 +56,42 @@ func TestNetworkFirewallRuleGroup_GetAll(t *testing.T) { RuleGroups: make(map[string]RuleGroup), Client: mockedNetworkFirewallRuleGroup{ ListRuleGroupsOutput: networkfirewall.ListRuleGroupsOutput{ - RuleGroups: []*networkfirewall.RuleGroupMetadata{ + RuleGroups: []types.RuleGroupMetadata{ { - Arn: awsgo.String(testId1), - Name: awsgo.String(testName1), + Arn: aws.String(testId1), + Name: aws.String(testName1), }, { - Arn: awsgo.String(testId2), - Name: awsgo.String(testName2), + Arn: aws.String(testId2), + Name: aws.String(testName2), }, }, }, DescribeRuleGroupOutput: map[string]networkfirewall.DescribeRuleGroupOutput{ testId1: { - RuleGroupResponse: &networkfirewall.RuleGroupResponse{ - RuleGroupName: awsgo.String(testName1), - Tags: []*networkfirewall.Tag{ + RuleGroupResponse: &types.RuleGroupResponse{ + RuleGroupName: aws.String(testName1), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName1), + Key: aws.String("Name"), + Value: aws.String(testName1), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now)), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now)), }, }, }, }, testId2: { - RuleGroupResponse: &networkfirewall.RuleGroupResponse{ - RuleGroupName: awsgo.String(testName2), - Tags: []*networkfirewall.Tag{ + RuleGroupResponse: &types.RuleGroupResponse{ + RuleGroupName: aws.String(testName2), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName2), + Key: aws.String("Name"), + Value: aws.String(testName2), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now.Add(1 * time.Hour))), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now.Add(1 * time.Hour))), }, }, }, @@ -130,7 +122,7 @@ func TestNetworkFirewallRuleGroup_GetAll(t *testing.T) { "timeAfterExclusionFilter": { configObj: config.ResourceType{ ExcludeRule: config.FilterRule{ - TimeAfter: awsgo.Time(now), + TimeAfter: aws.Time(now), }}, expected: []string{testName1}, }, @@ -141,7 +133,7 @@ func TestNetworkFirewallRuleGroup_GetAll(t *testing.T) { NetworkFirewallRuleGroup: tc.configObj, }) require.NoError(t, err) - require.Equal(t, tc.expected, aws.StringValueSlice(names)) + require.Equal(t, tc.expected, aws.ToStringSlice(names)) }) } } @@ -156,12 +148,12 @@ func TestNetworkFirewallRuleGroup_NukeAll(t *testing.T) { }, RuleGroups: map[string]RuleGroup{ "test-001": { - Name: awsgo.String("test-001"), - Type: awsgo.String("stateless"), + Name: aws.String("test-001"), + Type: aws.String("stateless"), }, "test-002": { - Name: awsgo.String("test-002"), - Type: awsgo.String("stateless"), + Name: aws.String("test-002"), + Type: aws.String("stateless"), }, }, } diff --git a/aws/resources/network_firewall_rule_group_types.go b/aws/resources/network_firewall_rule_group_types.go index 3f32cd16..e809561b 100644 --- a/aws/resources/network_firewall_rule_group_types.go +++ b/aws/resources/network_firewall_rule_group_types.go @@ -3,10 +3,8 @@ package resources import ( "context" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/go-commons/errors" ) @@ -15,9 +13,15 @@ type RuleGroup struct { Name, Type *string } +type NetworkFirewallRuleGroupAPI interface { + ListRuleGroups(ctx context.Context, params *networkfirewall.ListRuleGroupsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListRuleGroupsOutput, error) + DescribeRuleGroup(ctx context.Context, params *networkfirewall.DescribeRuleGroupInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeRuleGroupOutput, error) + DeleteRuleGroup(ctx context.Context, params *networkfirewall.DeleteRuleGroupInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteRuleGroupOutput, error) +} + type NetworkFirewallRuleGroup struct { BaseAwsResource - Client networkfirewalliface.NetworkFirewallAPI + Client NetworkFirewallRuleGroupAPI Region string Identifiers []string // Note: It is mandatory to pass the rule type while nuking it. @@ -26,11 +30,13 @@ type NetworkFirewallRuleGroup struct { RuleGroups map[string]RuleGroup } -func (nfrg *NetworkFirewallRuleGroup) Init(session *session.Session) { - nfrg.Client = networkfirewall.New(session) - nfrg.RuleGroups = make(map[string]RuleGroup, 0) +func (nfrg *NetworkFirewallRuleGroup) InitV2(cfg aws.Config) { + nfrg.Client = networkfirewall.NewFromConfig(cfg) + nfrg.RuleGroups = make(map[string]RuleGroup) } +func (nfrg *NetworkFirewallRuleGroup) IsUsingV2() bool { return true } + // ResourceName - the simple name of the aws resource func (nfrg *NetworkFirewallRuleGroup) ResourceName() string { return "network-firewall-rule-group" @@ -57,13 +63,13 @@ func (nfrg *NetworkFirewallRuleGroup) GetAndSetIdentifiers(c context.Context, co return nil, err } - nfrg.Identifiers = awsgo.StringValueSlice(identifiers) + nfrg.Identifiers = aws.ToStringSlice(identifiers) return nfrg.Identifiers, nil } // Nuke - nuke 'em all!!! func (nfrg *NetworkFirewallRuleGroup) Nuke(identifiers []string) error { - if err := nfrg.nukeAll(awsgo.StringSlice(identifiers)); err != nil { + if err := nfrg.nukeAll(aws.StringSlice(identifiers)); err != nil { return errors.WithStackTrace(err) } diff --git a/aws/resources/network_firewall_test.go b/aws/resources/network_firewall_test.go index cabbc096..98f273c3 100644 --- a/aws/resources/network_firewall_test.go +++ b/aws/resources/network_firewall_test.go @@ -7,39 +7,32 @@ import ( "testing" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" - - awsgo "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/util" "github.com/stretchr/testify/require" ) type mockedNetworkFirewall struct { - networkfirewalliface.NetworkFirewallAPI - DeleteFirewallOutput networkfirewall.DeleteFirewallOutput + NetworkFirewallAPI + ListFirewallsOutput networkfirewall.ListFirewallsOutput - TagResourceOutput networkfirewall.TagResourceOutput DescribeFirewallOutput map[string]networkfirewall.DescribeFirewallOutput + DeleteFirewallOutput networkfirewall.DeleteFirewallOutput } -func (m mockedNetworkFirewall) TagResource(*networkfirewall.TagResourceInput) (*networkfirewall.TagResourceOutput, error) { - return &m.TagResourceOutput, nil -} - -func (m mockedNetworkFirewall) DeleteFirewallWithContext(_ awsgo.Context, _ *networkfirewall.DeleteFirewallInput, _ ...request.Option) (*networkfirewall.DeleteFirewallOutput, error) { +func (m mockedNetworkFirewall) DeleteFirewall(ctx context.Context, params *networkfirewall.DeleteFirewallInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteFirewallOutput, error) { return &m.DeleteFirewallOutput, nil } -func (m mockedNetworkFirewall) ListFirewalls(*networkfirewall.ListFirewallsInput) (*networkfirewall.ListFirewallsOutput, error) { +func (m mockedNetworkFirewall) ListFirewalls(ctx context.Context, params *networkfirewall.ListFirewallsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListFirewallsOutput, error) { return &m.ListFirewallsOutput, nil } -func (m mockedNetworkFirewall) DescribeFirewallWithContext(_ awsgo.Context, req *networkfirewall.DescribeFirewallInput, _ ...request.Option) (*networkfirewall.DescribeFirewallOutput, error) { - raw := awsgo.StringValue(req.FirewallArn) +func (m mockedNetworkFirewall) DescribeFirewall(ctx context.Context, params *networkfirewall.DescribeFirewallInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeFirewallOutput, error) { + raw := aws.ToString(params.FirewallArn) v, ok := m.DescribeFirewallOutput[raw] if !ok { return nil, fmt.Errorf("unable to describe the %s", raw) @@ -63,42 +56,42 @@ func TestNetworkFirewall_GetAll(t *testing.T) { nfw := NetworkFirewall{ Client: mockedNetworkFirewall{ ListFirewallsOutput: networkfirewall.ListFirewallsOutput{ - Firewalls: []*networkfirewall.FirewallMetadata{ + Firewalls: []types.FirewallMetadata{ { - FirewallArn: awsgo.String(testId1), - FirewallName: awsgo.String(testName1), + FirewallArn: aws.String(testId1), + FirewallName: aws.String(testName1), }, { - FirewallArn: awsgo.String(testId2), - FirewallName: awsgo.String(testName2), + FirewallArn: aws.String(testId2), + FirewallName: aws.String(testName2), }, }, }, DescribeFirewallOutput: map[string]networkfirewall.DescribeFirewallOutput{ testId1: { - Firewall: &networkfirewall.Firewall{ - FirewallName: awsgo.String(testName1), - Tags: []*networkfirewall.Tag{ + Firewall: &types.Firewall{ + FirewallName: aws.String(testName1), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName1), + Key: aws.String("Name"), + Value: aws.String(testName1), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now)), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now)), }, }, }, }, testId2: { - Firewall: &networkfirewall.Firewall{ - FirewallName: awsgo.String(testName2), - Tags: []*networkfirewall.Tag{ + Firewall: &types.Firewall{ + FirewallName: aws.String(testName2), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName2), + Key: aws.String("Name"), + Value: aws.String(testName2), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now.Add(1 * time.Hour))), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now.Add(1 * time.Hour))), }, }, }, @@ -129,7 +122,7 @@ func TestNetworkFirewall_GetAll(t *testing.T) { "timeAfterExclusionFilter": { configObj: config.ResourceType{ ExcludeRule: config.FilterRule{ - TimeAfter: awsgo.Time(now), + TimeAfter: aws.Time(now), }}, expected: []string{testName1}, }, @@ -140,7 +133,7 @@ func TestNetworkFirewall_GetAll(t *testing.T) { NetworkFirewall: tc.configObj, }) require.NoError(t, err) - require.Equal(t, tc.expected, aws.StringValueSlice(names)) + require.Equal(t, tc.expected, aws.ToStringSlice(names)) }) } } diff --git a/aws/resources/network_firewall_tls_config.go b/aws/resources/network_firewall_tls_config.go index ea8c58ab..bac396cd 100644 --- a/aws/resources/network_firewall_tls_config.go +++ b/aws/resources/network_firewall_tls_config.go @@ -5,8 +5,9 @@ import ( "fmt" "time" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/logging" "github.com/gruntwork-io/cloud-nuke/report" @@ -14,12 +15,12 @@ import ( "github.com/gruntwork-io/go-commons/errors" ) -func shouldIncludeNetworkFirewallTLSConfig(tlsconfig *networkfirewall.TLSInspectionConfigurationResponse, firstSeenTime *time.Time, configObj config.Config) bool { +func shouldIncludeNetworkFirewallTLSConfig(tlsconfig *types.TLSInspectionConfigurationResponse, firstSeenTime *time.Time, configObj config.Config) bool { var identifierName string tags := util.ConvertNetworkFirewallTagsToMap(tlsconfig.Tags) - identifierName = awsgo.StringValue(tlsconfig.TLSInspectionConfigurationName) // set the default + identifierName = aws.ToString(tlsconfig.TLSInspectionConfigurationName) // set the default if v, ok := tags["Name"]; ok { identifierName = v } @@ -38,22 +39,22 @@ func (nftc *NetworkFirewallTLSConfig) getAll(c context.Context, configObj config err error ) - meta, err := nftc.Client.ListTLSInspectionConfigurationsWithContext(nftc.Context, nil) + meta, err := nftc.Client.ListTLSInspectionConfigurations(nftc.Context, nil) if err != nil { return nil, errors.WithStackTrace(err) } for _, tlsconfig := range meta.TLSInspectionConfigurations { - output, err := nftc.Client.DescribeTLSInspectionConfigurationWithContext(nftc.Context, &networkfirewall.DescribeTLSInspectionConfigurationInput{ + output, err := nftc.Client.DescribeTLSInspectionConfiguration(nftc.Context, &networkfirewall.DescribeTLSInspectionConfigurationInput{ TLSInspectionConfigurationArn: tlsconfig.Arn, }) if err != nil { - logging.Errorf("[Failed] to describe the firewall TLS inspection configuation %s", awsgo.StringValue(tlsconfig.Name)) + logging.Errorf("[Failed] to describe the firewall TLS inspection configuation %s", aws.ToString(tlsconfig.Name)) return nil, errors.WithStackTrace(err) } if output.TLSInspectionConfigurationResponse == nil { - logging.Errorf("[Failed] no firewall TLS inspection configuation information found for %s", awsgo.StringValue(tlsconfig.Name)) + logging.Errorf("[Failed] no firewall TLS inspection configuation information found for %s", aws.ToString(tlsconfig.Name)) continue } @@ -82,13 +83,13 @@ func (nftc *NetworkFirewallTLSConfig) nukeAll(identifiers []*string) error { for _, id := range identifiers { fmt.Println(":nftc.Client:::", nftc.Client) - _, err := nftc.Client.DeleteTLSInspectionConfigurationWithContext(nftc.Context, &networkfirewall.DeleteTLSInspectionConfigurationInput{ + _, err := nftc.Client.DeleteTLSInspectionConfiguration(nftc.Context, &networkfirewall.DeleteTLSInspectionConfigurationInput{ TLSInspectionConfigurationName: id, }) // Record status of this resource e := report.Entry{ - Identifier: awsgo.StringValue(id), + Identifier: aws.ToString(id), ResourceType: "Network Firewall TLS inspection configurations", Error: err, } diff --git a/aws/resources/network_firewall_tls_config_test.go b/aws/resources/network_firewall_tls_config_test.go index 710403a4..510ead65 100644 --- a/aws/resources/network_firewall_tls_config_test.go +++ b/aws/resources/network_firewall_tls_config_test.go @@ -7,31 +7,23 @@ import ( "testing" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" - - awsgo "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/cloud-nuke/util" "github.com/stretchr/testify/require" ) type mockedNetworkFirewallTLSConfig struct { - networkfirewalliface.NetworkFirewallAPI + NetworkFirewallTLSConfigAPI + ListTLSInspectionConfigurationsOutput networkfirewall.ListTLSInspectionConfigurationsOutput DescribeTLSInspectionConfigurationOutput map[string]networkfirewall.DescribeTLSInspectionConfigurationOutput - TagResourceOutput networkfirewall.TagResourceOutput DeleteTLSInspectionConfigurationOutput networkfirewall.DeleteTLSInspectionConfigurationOutput - ListTLSInspectionConfigurationsOutput networkfirewall.ListTLSInspectionConfigurationsOutput -} - -func (m mockedNetworkFirewallTLSConfig) TagResource(*networkfirewall.TagResourceInput) (*networkfirewall.TagResourceOutput, error) { - return &m.TagResourceOutput, nil } -func (m mockedNetworkFirewallTLSConfig) DescribeTLSInspectionConfigurationWithContext(_ aws.Context, req *networkfirewall.DescribeTLSInspectionConfigurationInput, _ ...request.Option) (*networkfirewall.DescribeTLSInspectionConfigurationOutput, error) { - raw := awsgo.StringValue(req.TLSInspectionConfigurationArn) +func (m mockedNetworkFirewallTLSConfig) DescribeTLSInspectionConfiguration(ctx context.Context, params *networkfirewall.DescribeTLSInspectionConfigurationInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeTLSInspectionConfigurationOutput, error) { + raw := aws.ToString(params.TLSInspectionConfigurationArn) v, ok := m.DescribeTLSInspectionConfigurationOutput[raw] if !ok { return nil, fmt.Errorf("unable to describe the %s", raw) @@ -39,11 +31,11 @@ func (m mockedNetworkFirewallTLSConfig) DescribeTLSInspectionConfigurationWithCo return &v, nil } -func (m mockedNetworkFirewallTLSConfig) DeleteTLSInspectionConfigurationWithContext(aws.Context, *networkfirewall.DeleteTLSInspectionConfigurationInput, ...request.Option) (*networkfirewall.DeleteTLSInspectionConfigurationOutput, error) { +func (m mockedNetworkFirewallTLSConfig) DeleteTLSInspectionConfiguration(ctx context.Context, params *networkfirewall.DeleteTLSInspectionConfigurationInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteTLSInspectionConfigurationOutput, error) { return &m.DeleteTLSInspectionConfigurationOutput, nil } -func (m mockedNetworkFirewallTLSConfig) ListTLSInspectionConfigurationsWithContext(aws.Context, *networkfirewall.ListTLSInspectionConfigurationsInput, ...request.Option) (*networkfirewall.ListTLSInspectionConfigurationsOutput, error) { +func (m mockedNetworkFirewallTLSConfig) ListTLSInspectionConfigurations(ctx context.Context, params *networkfirewall.ListTLSInspectionConfigurationsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListTLSInspectionConfigurationsOutput, error) { return &m.ListTLSInspectionConfigurationsOutput, nil } @@ -63,42 +55,42 @@ func TestNetworkFirewallTLSConfig_GetAll(t *testing.T) { nfw := NetworkFirewallTLSConfig{ Client: mockedNetworkFirewallTLSConfig{ ListTLSInspectionConfigurationsOutput: networkfirewall.ListTLSInspectionConfigurationsOutput{ - TLSInspectionConfigurations: []*networkfirewall.TLSInspectionConfigurationMetadata{ + TLSInspectionConfigurations: []types.TLSInspectionConfigurationMetadata{ { - Arn: awsgo.String(testId1), - Name: awsgo.String(testName1), + Arn: aws.String(testId1), + Name: aws.String(testName1), }, { - Arn: awsgo.String(testId2), - Name: awsgo.String(testName2), + Arn: aws.String(testId2), + Name: aws.String(testName2), }, }, }, DescribeTLSInspectionConfigurationOutput: map[string]networkfirewall.DescribeTLSInspectionConfigurationOutput{ testId1: { - TLSInspectionConfigurationResponse: &networkfirewall.TLSInspectionConfigurationResponse{ - TLSInspectionConfigurationName: awsgo.String(testName1), - Tags: []*networkfirewall.Tag{ + TLSInspectionConfigurationResponse: &types.TLSInspectionConfigurationResponse{ + TLSInspectionConfigurationName: aws.String(testName1), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName1), + Key: aws.String("Name"), + Value: aws.String(testName1), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now)), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now)), }, }, }, }, testId2: { - TLSInspectionConfigurationResponse: &networkfirewall.TLSInspectionConfigurationResponse{ - TLSInspectionConfigurationName: awsgo.String(testName2), - Tags: []*networkfirewall.Tag{ + TLSInspectionConfigurationResponse: &types.TLSInspectionConfigurationResponse{ + TLSInspectionConfigurationName: aws.String(testName2), + Tags: []types.Tag{ { - Key: awsgo.String("Name"), - Value: awsgo.String(testName2), + Key: aws.String("Name"), + Value: aws.String(testName2), }, { - Key: awsgo.String(util.FirstSeenTagKey), - Value: awsgo.String(util.FormatTimestamp(now.Add(1 * time.Hour))), + Key: aws.String(util.FirstSeenTagKey), + Value: aws.String(util.FormatTimestamp(now.Add(1 * time.Hour))), }, }, }, @@ -129,7 +121,7 @@ func TestNetworkFirewallTLSConfig_GetAll(t *testing.T) { "timeAfterExclusionFilter": { configObj: config.ResourceType{ ExcludeRule: config.FilterRule{ - TimeAfter: awsgo.Time(now), + TimeAfter: aws.Time(now), }}, expected: []string{testName1}, }, @@ -140,7 +132,7 @@ func TestNetworkFirewallTLSConfig_GetAll(t *testing.T) { NetworkFirewallTLSConfig: tc.configObj, }) require.NoError(t, err) - require.Equal(t, tc.expected, aws.StringValueSlice(names)) + require.Equal(t, tc.expected, aws.ToStringSlice(names)) }) } } diff --git a/aws/resources/network_firewall_tls_config_types.go b/aws/resources/network_firewall_tls_config_types.go index 69e035f1..5bd64c53 100644 --- a/aws/resources/network_firewall_tls_config_types.go +++ b/aws/resources/network_firewall_tls_config_types.go @@ -3,25 +3,31 @@ package resources import ( "context" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/go-commons/errors" ) +type NetworkFirewallTLSConfigAPI interface { + ListTLSInspectionConfigurations(ctx context.Context, params *networkfirewall.ListTLSInspectionConfigurationsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListTLSInspectionConfigurationsOutput, error) + DescribeTLSInspectionConfiguration(ctx context.Context, params *networkfirewall.DescribeTLSInspectionConfigurationInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeTLSInspectionConfigurationOutput, error) + DeleteTLSInspectionConfiguration(ctx context.Context, params *networkfirewall.DeleteTLSInspectionConfigurationInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteTLSInspectionConfigurationOutput, error) +} + type NetworkFirewallTLSConfig struct { BaseAwsResource - Client networkfirewalliface.NetworkFirewallAPI + Client NetworkFirewallTLSConfigAPI Region string Identifiers []string } -func (nftc *NetworkFirewallTLSConfig) Init(session *session.Session) { - nftc.Client = networkfirewall.New(session) +func (nftc *NetworkFirewallTLSConfig) InitV2(cfg aws.Config) { + nftc.Client = networkfirewall.NewFromConfig(cfg) } +func (nftc *NetworkFirewallTLSConfig) IsUsingV2() bool { return true } + // ResourceName - the simple name of the aws resource func (nftc *NetworkFirewallTLSConfig) ResourceName() string { return "network-firewall-tls-config" @@ -48,13 +54,13 @@ func (nftc *NetworkFirewallTLSConfig) GetAndSetIdentifiers(c context.Context, co return nil, err } - nftc.Identifiers = awsgo.StringValueSlice(identifiers) + nftc.Identifiers = aws.ToStringSlice(identifiers) return nftc.Identifiers, nil } // Nuke - nuke 'em all!!! func (nftc *NetworkFirewallTLSConfig) Nuke(identifiers []string) error { - if err := nftc.nukeAll(awsgo.StringSlice(identifiers)); err != nil { + if err := nftc.nukeAll(aws.StringSlice(identifiers)); err != nil { return errors.WithStackTrace(err) } diff --git a/aws/resources/network_firewall_types.go b/aws/resources/network_firewall_types.go index 3b3def78..149a7a8f 100644 --- a/aws/resources/network_firewall_types.go +++ b/aws/resources/network_firewall_types.go @@ -3,26 +3,31 @@ package resources import ( "context" - awsgo "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/networkfirewall" - "github.com/aws/aws-sdk-go/service/networkfirewall/networkfirewalliface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/networkfirewall" "github.com/gruntwork-io/cloud-nuke/config" "github.com/gruntwork-io/go-commons/errors" ) +type NetworkFirewallAPI interface { + ListFirewalls(ctx context.Context, params *networkfirewall.ListFirewallsInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.ListFirewallsOutput, error) + DescribeFirewall(ctx context.Context, params *networkfirewall.DescribeFirewallInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DescribeFirewallOutput, error) + DeleteFirewall(ctx context.Context, params *networkfirewall.DeleteFirewallInput, optFns ...func(*networkfirewall.Options)) (*networkfirewall.DeleteFirewallOutput, error) +} + type NetworkFirewall struct { BaseAwsResource - Client networkfirewalliface.NetworkFirewallAPI + Client NetworkFirewallAPI Region string Identifiers []string } -func (nfw *NetworkFirewall) Init(session *session.Session) { - nfw.BaseAwsResource.Init(session) - nfw.Client = networkfirewall.New(session) +func (nfw *NetworkFirewall) InitV2(cfg aws.Config) { + nfw.Client = networkfirewall.NewFromConfig(cfg) } +func (nfw *NetworkFirewall) IsUsingV2() bool { return true } + // ResourceName - the simple name of the aws resource func (nfw *NetworkFirewall) ResourceName() string { return "network-firewall" @@ -49,13 +54,13 @@ func (nfw *NetworkFirewall) GetAndSetIdentifiers(c context.Context, configObj co return nil, err } - nfw.Identifiers = awsgo.StringValueSlice(identifiers) + nfw.Identifiers = aws.ToStringSlice(identifiers) return nfw.Identifiers, nil } // Nuke - nuke 'em all!!! func (nfw *NetworkFirewall) Nuke(identifiers []string) error { - if err := nfw.nukeAll(awsgo.StringSlice(identifiers)); err != nil { + if err := nfw.nukeAll(aws.StringSlice(identifiers)); err != nil { return errors.WithStackTrace(err) } diff --git a/go.mod b/go.mod index a4346e65..2ca1aee7 100644 --- a/go.mod +++ b/go.mod @@ -14,9 +14,9 @@ require ( github.com/aws/aws-sdk-go-v2/service/apigateway v1.28.0 github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.24.6 github.com/aws/aws-sdk-go-v2/service/apprunner v1.32.6 - github.com/aws/aws-sdk-go-v2/service/autoscaling v1.50.0 + github.com/aws/aws-sdk-go-v2/service/autoscaling v1.51.0 github.com/aws/aws-sdk-go-v2/service/backup v1.39.7 - github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.46.0 + github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.46.1 github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.43.1 github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.44.0 github.com/aws/aws-sdk-go-v2/service/codedeploy v1.29.6 @@ -31,7 +31,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/elasticache v1.44.0 github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.28.5 github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.28.5 - github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.42.1 + github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.43.0 github.com/aws/aws-sdk-go-v2/service/eventbridge v1.35.6 github.com/aws/aws-sdk-go-v2/service/firehose v1.35.1 github.com/aws/aws-sdk-go-v2/service/grafana v1.26.6 @@ -39,17 +39,18 @@ require ( github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 github.com/aws/aws-sdk-go-v2/service/kinesis v1.32.6 github.com/aws/aws-sdk-go-v2/service/kms v1.37.6 - github.com/aws/aws-sdk-go-v2/service/lambda v1.68.0 + github.com/aws/aws-sdk-go-v2/service/lambda v1.69.0 github.com/aws/aws-sdk-go-v2/service/macie2 v1.43.6 + github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.44.3 github.com/aws/aws-sdk-go-v2/service/opensearch v1.44.1 github.com/aws/aws-sdk-go-v2/service/s3 v1.68.0 github.com/aws/aws-sdk-go-v2/service/s3control v1.50.1 github.com/aws/aws-sdk-go-v2/service/scheduler v1.12.6 github.com/aws/aws-sdk-go-v2/service/securityhub v1.54.7 - github.com/aws/aws-sdk-go-v2/service/ses v1.28.5 - github.com/aws/aws-sdk-go-v2/service/sns v1.33.5 + github.com/aws/aws-sdk-go-v2/service/ses v1.29.0 + github.com/aws/aws-sdk-go-v2/service/sns v1.33.6 github.com/aws/aws-sdk-go-v2/service/sqs v1.37.1 - github.com/aws/aws-sdk-go-v2/service/vpclattice v1.12.8 + github.com/aws/aws-sdk-go-v2/service/vpclattice v1.12.9 github.com/aws/smithy-go v1.22.1 github.com/charmbracelet/lipgloss v0.6.0 github.com/go-errors/errors v1.4.2 diff --git a/go.sum b/go.sum index 28b5e0af..a00f86f4 100644 --- a/go.sum +++ b/go.sum @@ -47,12 +47,12 @@ github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.24.6 h1:wNUMxMjviF0fbO1pWKV github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.24.6/go.mod h1:pCq9ErKoUWYFfmpENhlWuhBF+NNNwVOXNrZA5C480eM= github.com/aws/aws-sdk-go-v2/service/apprunner v1.32.6 h1:Wqlx6m821gv7qXMJQ3f7JuTQusWbZNWbpEgFD6/qkgE= github.com/aws/aws-sdk-go-v2/service/apprunner v1.32.6/go.mod h1:liN6AXsZpCSw888Vdsc1OSeKuEVvWek31jv41mn4KCA= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.50.0 h1:5tF6T8pAKna0TZ2g77jKdTCKoIRDsaYlYxz9OC1BraI= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.50.0/go.mod h1:I1+/2m+IhnK5qEbhS3CrzjeiVloo9sItE/2K+so0fkU= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.51.0 h1:1KzQVZi7OTixxaVJ8fWaJAUBjme+iQ3zBOCZhE4RgxQ= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.51.0/go.mod h1:I1+/2m+IhnK5qEbhS3CrzjeiVloo9sItE/2K+so0fkU= github.com/aws/aws-sdk-go-v2/service/backup v1.39.7 h1:YeU78WW19lWGew7OBP2lImtLvn2d5Zlktjwh268d07I= github.com/aws/aws-sdk-go-v2/service/backup v1.39.7/go.mod h1:oeRKTbMD3NrXPRvFZGSibtpJfpYlyLKnQOyHvl6rjqQ= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.46.0 h1:Rqsc2iSjGyl+/4B26d7I2lyzIO0RNY7OhLs+RwSL5Ps= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.46.0/go.mod h1:1UmWM2dmPjAP9GndptgNB5ZO1GnVRHFUX5JK0RB+ozY= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.46.1 h1:2ak2eGvO11EG8dbF2rduX0LFYqkSmLTaFiAXbrYeBik= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.46.1/go.mod h1:1UmWM2dmPjAP9GndptgNB5ZO1GnVRHFUX5JK0RB+ozY= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.43.1 h1:FbjhJTRoTujDYDwTnnE46Km5Qh1mMSH+BwTL4ODFifg= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.43.1/go.mod h1:OwyCzHw6CH8pkLqT8uoCkOgUsgm11LTfexLZyRy6fBg= github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.44.0 h1:OREVd94+oXW5a+3SSUAo4K0L5ci8cucCLu+PSiek8OU= @@ -81,8 +81,8 @@ github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.28.5 h1:bCj+S/v35iLUnHp github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.28.5/go.mod h1:gOJmxmxThaTRM7r8WZ6BeOCl14UE48lSgMca7U4/oMM= github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.28.5 h1:12Fm4tTwFk2Url99X56hdKXKVK7suzZKjtdXAILne4g= github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.28.5/go.mod h1:qnlecrYsTCjPhGuF+3SZaz7WGuNz/T3L/Q8a3Yc7uww= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.42.1 h1:7CbnVh+BXerN1kiqTbm3Y2GkaaAiZ26v9GMlb0nubYo= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.42.1/go.mod h1:pZP3I+Ts+XuhJJtZE49+ABVjfxm7u9/hxcNUYSpY3OE= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.43.0 h1:fIAJ5VM/ANpYV81C1Jbf4ePbElMSzuWFljezD6weU9k= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.43.0/go.mod h1:pZP3I+Ts+XuhJJtZE49+ABVjfxm7u9/hxcNUYSpY3OE= github.com/aws/aws-sdk-go-v2/service/eventbridge v1.35.6 h1:LLUzdN3H7EEmpRjkJDpMGdbimAPTg6+3fFvJCDpjcrQ= github.com/aws/aws-sdk-go-v2/service/eventbridge v1.35.6/go.mod h1:njIZoyz4eQquthx3TH9aIz5svTr55u/6+agentCxFC0= github.com/aws/aws-sdk-go-v2/service/firehose v1.35.1 h1:yA6/HoFnFrPhE1nMO3LzsgKIT/99NDWoX5Xzqnqhpyg= @@ -107,10 +107,12 @@ github.com/aws/aws-sdk-go-v2/service/kinesis v1.32.6 h1:yN7WEx9ksiP5+9zdKtoQYrUT github.com/aws/aws-sdk-go-v2/service/kinesis v1.32.6/go.mod h1:j8MNat6qtGw5OoEACRbWtT8r5my4nRWfM/6Uk+NsuC4= github.com/aws/aws-sdk-go-v2/service/kms v1.37.6 h1:CZImQdb1QbU9sGgJ9IswhVkxAcjkkD1eQTMA1KHWk+E= github.com/aws/aws-sdk-go-v2/service/kms v1.37.6/go.mod h1:YJDdlK0zsyxVBxGU48AR/Mi8DMrGdc1E3Yij4fNrONA= -github.com/aws/aws-sdk-go-v2/service/lambda v1.68.0 h1:iOeBeG/kwavag7SR2obST2YVIika2Bt+BvKUdFYDN30= -github.com/aws/aws-sdk-go-v2/service/lambda v1.68.0/go.mod h1:guz2K3x4FKSdDaoeB+TPVgJNU9oj2gftbp5cR8ela1A= +github.com/aws/aws-sdk-go-v2/service/lambda v1.69.0 h1:BXt75frE/FYtAmEDBJRBa2HexOw+oAZWZl6QknZEFgg= +github.com/aws/aws-sdk-go-v2/service/lambda v1.69.0/go.mod h1:guz2K3x4FKSdDaoeB+TPVgJNU9oj2gftbp5cR8ela1A= github.com/aws/aws-sdk-go-v2/service/macie2 v1.43.6 h1:8Ma/55QqIQBimERWAPLiOafZZ2CGMz15l1jKOcx2YnU= github.com/aws/aws-sdk-go-v2/service/macie2 v1.43.6/go.mod h1:8DUfCGSV5Y4q2H2pyN1+oZtLszDKMzizpUx6AA9WAxo= +github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.44.3 h1:5gs6lyhGYupTMTE+sFsbh35W+XPCdCt4Pgg8qEUleGw= +github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.44.3/go.mod h1:RrSc7fUe1EX71WfWClFvg55tAdQJ0UdG1uCOBzAgFFo= github.com/aws/aws-sdk-go-v2/service/opensearch v1.44.1 h1:8LrDaf/GI94aAXufGevIiHYd+btpMkWPmpHRKn7gLPs= github.com/aws/aws-sdk-go-v2/service/opensearch v1.44.1/go.mod h1:Hda4HPusP9TqF+NEC+aw2296WJ+yJGZR72Ufj1atZ3w= github.com/aws/aws-sdk-go-v2/service/s3 v1.68.0 h1:bFpcqdwtAEsgpZXvkTxIThFQx/EM0oV6kXmfFIGjxME= @@ -121,10 +123,10 @@ github.com/aws/aws-sdk-go-v2/service/scheduler v1.12.6 h1:68IWlYXT4lWbn1EmL8NBou github.com/aws/aws-sdk-go-v2/service/scheduler v1.12.6/go.mod h1:p6YS4Jv8IRTR8g77fl7iAYa72RfFV5t7ek8TP8/fKVM= github.com/aws/aws-sdk-go-v2/service/securityhub v1.54.7 h1:pWQKR8guL3JKhJo4fzbez5TwcG6oNShKNv1cOlDX0KM= github.com/aws/aws-sdk-go-v2/service/securityhub v1.54.7/go.mod h1:UleZz3snRNYUF7PwsUDdKFq7VF1SUI4WGgMrnLNbYos= -github.com/aws/aws-sdk-go-v2/service/ses v1.28.5 h1:fct7t4dGDFoJRk+8EIYBXLNsjd0PdvlRRTtfVwkMwSc= -github.com/aws/aws-sdk-go-v2/service/ses v1.28.5/go.mod h1:JRCjHrdiLrSoHRbbOd0lTQOS5U9Yxe72wB3Rk+e2tcQ= -github.com/aws/aws-sdk-go-v2/service/sns v1.33.5 h1:nJDOsZumqKsejsiGKgpezFzI2oatHmQi/kKKC4wS8v4= -github.com/aws/aws-sdk-go-v2/service/sns v1.33.5/go.mod h1:SODr0Lu3lFdT0SGsGX1TzFTapwveBrT5wztVoYtppm8= +github.com/aws/aws-sdk-go-v2/service/ses v1.29.0 h1:b6Je/QdCfxf6xupis7Eu8fH6SPFE3tG/Xd6MDOpOGJo= +github.com/aws/aws-sdk-go-v2/service/ses v1.29.0/go.mod h1:JRCjHrdiLrSoHRbbOd0lTQOS5U9Yxe72wB3Rk+e2tcQ= +github.com/aws/aws-sdk-go-v2/service/sns v1.33.6 h1:lEUtRHICiXsd7VRwRjXaY7MApT2X4Ue0Mrwe6XbyBro= +github.com/aws/aws-sdk-go-v2/service/sns v1.33.6/go.mod h1:SODr0Lu3lFdT0SGsGX1TzFTapwveBrT5wztVoYtppm8= github.com/aws/aws-sdk-go-v2/service/sqs v1.37.1 h1:39WvSrVq9DD6UHkD+fx5x19P5KpRQfNdtgReDVNbelc= github.com/aws/aws-sdk-go-v2/service/sqs v1.37.1/go.mod h1:3gwPzC9LER/BTQdQZ3r6dUktb1rSjABF1D3Sr6nS7VU= github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 h1:3zu537oLmsPfDMyjnUS2g+F2vITgy5pB74tHI+JBNoM= @@ -133,8 +135,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5 h1:K0OQAsDywb0ltlFrZm0JHPY3 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5/go.mod h1:ORITg+fyuMoeiQFiVGoqB3OydVTLkClw/ljbblMq6Cc= github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 h1:6SZUVRQNvExYlMLbHdlKB48x0fLbc2iVROyaNEwBHbU= github.com/aws/aws-sdk-go-v2/service/sts v1.33.1/go.mod h1:GqWyYCwLXnlUB1lOAXQyNSPqPLQJvmo8J0DWBzp9mtg= -github.com/aws/aws-sdk-go-v2/service/vpclattice v1.12.8 h1:a7UROHRTNSQrJ2h4BETtfACcPjWuZPoPpeMBmxS7K00= -github.com/aws/aws-sdk-go-v2/service/vpclattice v1.12.8/go.mod h1:X0X0qZ4S3qpAm8NfTdW4lacTf2VusIV3sbwF+CN3d4k= +github.com/aws/aws-sdk-go-v2/service/vpclattice v1.12.9 h1:GRU6B7siT+PRSIS9JmOFLugE90//aCQ9jOfk09wxI+g= +github.com/aws/aws-sdk-go-v2/service/vpclattice v1.12.9/go.mod h1:X0X0qZ4S3qpAm8NfTdW4lacTf2VusIV3sbwF+CN3d4k= github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro= github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= diff --git a/util/tag.go b/util/tag.go index 9648271b..f4f9fa68 100644 --- a/util/tag.go +++ b/util/tag.go @@ -3,11 +3,11 @@ package util import ( autoscaling "github.com/aws/aws-sdk-go-v2/service/autoscaling/types" iam "github.com/aws/aws-sdk-go-v2/service/iam/types" + networkfirewalltypes "github.com/aws/aws-sdk-go-v2/service/networkfirewall/types" s3types "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/aws/aws-sdk-go-v2/service/ec2/types" "github.com/aws/aws-sdk-go/service/ec2" - "github.com/aws/aws-sdk-go/service/networkfirewall" "github.com/aws/aws-sdk-go/service/rds" "github.com/aws/aws-sdk-go/service/s3" ) @@ -102,7 +102,7 @@ func GetEC2ResourceNameTagValue[T *ec2.Tag | types.Tag](tags []T) *string { return nil } -func ConvertNetworkFirewallTagsToMap(tags []*networkfirewall.Tag) map[string]string { +func ConvertNetworkFirewallTagsToMap(tags []networkfirewalltypes.Tag) map[string]string { tagMap := make(map[string]string) for _, tag := range tags { tagMap[*tag.Key] = *tag.Value diff --git a/v2_migration_report/output.md b/v2_migration_report/output.md index 9f6a5203..9cf90a85 100644 --- a/v2_migration_report/output.md +++ b/v2_migration_report/output.md @@ -78,11 +78,11 @@ run `go generate ./...` to refresh this report. | msk-cluster | | | nat-gateway | | | network-acl | | -| network-firewall | | -| network-firewall-policy | | -| network-firewall-resource-policy | | -| network-firewall-rule-group | | -| network-firewall-tls-config | | +| network-firewall | :white_check_mark: | +| network-firewall-policy | :white_check_mark: | +| network-firewall-resource-policy | :white_check_mark: | +| network-firewall-rule-group | :white_check_mark: | +| network-firewall-tls-config | :white_check_mark: | | network-interface | | | oidcprovider | | | opensearchdomain | :white_check_mark: |