github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/internal/adapters/terraform/aws/cloudwatch/adapt.go (about) 1 package cloudwatch 2 3 import ( 4 "github.com/aquasecurity/defsec/pkg/providers/aws/cloudwatch" 5 "github.com/aquasecurity/defsec/pkg/terraform" 6 "github.com/aquasecurity/defsec/pkg/types" 7 ) 8 9 func Adapt(modules terraform.Modules) cloudwatch.CloudWatch { 10 return cloudwatch.CloudWatch{ 11 LogGroups: adaptLogGroups(modules), 12 } 13 } 14 15 func adaptLogGroups(modules terraform.Modules) []cloudwatch.LogGroup { 16 var logGroups []cloudwatch.LogGroup 17 for _, module := range modules { 18 for _, resource := range module.GetResourcesByType("aws_cloudwatch_log_group") { 19 logGroups = append(logGroups, adaptLogGroup(resource, module)) 20 } 21 } 22 return logGroups 23 } 24 25 func adaptLogGroup(resource *terraform.Block, module *terraform.Module) cloudwatch.LogGroup { 26 nameAttr := resource.GetAttribute("name") 27 nameVal := nameAttr.AsStringValueOrDefault("", resource) 28 29 KMSKeyIDAttr := resource.GetAttribute("kms_key_id") 30 KMSKeyIDVal := KMSKeyIDAttr.AsStringValueOrDefault("", resource) 31 32 if keyBlock, err := module.GetReferencedBlock(KMSKeyIDAttr, resource); err == nil { 33 KMSKeyIDVal = types.String(keyBlock.FullName(), keyBlock.GetMetadata()) 34 } 35 36 retentionInDaysAttr := resource.GetAttribute("retention_in_days") 37 retentionInDaysVal := retentionInDaysAttr.AsIntValueOrDefault(0, resource) 38 39 return cloudwatch.LogGroup{ 40 Metadata: resource.GetMetadata(), 41 Arn: types.StringDefault("", resource.GetMetadata()), 42 Name: nameVal, 43 KMSKeyID: KMSKeyIDVal, 44 RetentionInDays: retentionInDaysVal, 45 MetricFilters: nil, 46 } 47 }