github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/internal/adapters/terraform/aws/config/adapt.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/internal/adapters/terraform/aws/config/adapt.go (about)

     1  package config
     2  
     3  import (
     4  	"github.com/aquasecurity/defsec/pkg/providers/aws/config"
     5  	"github.com/aquasecurity/defsec/pkg/terraform"
     6  	defsecTypes "github.com/aquasecurity/defsec/pkg/types"
     7  )
     8  
     9  func Adapt(modules terraform.Modules) config.Config {
    10  	return config.Config{
    11  		ConfigurationAggregrator: adaptConfigurationAggregrator(modules),
    12  	}
    13  }
    14  
    15  func adaptConfigurationAggregrator(modules terraform.Modules) config.ConfigurationAggregrator {
    16  	configurationAggregrator := config.ConfigurationAggregrator{
    17  		Metadata:         defsecTypes.NewUnmanagedMetadata(),
    18  		SourceAllRegions: defsecTypes.BoolDefault(false, defsecTypes.NewUnmanagedMetadata()),
    19  	}
    20  
    21  	for _, resource := range modules.GetResourcesByType("aws_config_configuration_aggregator") {
    22  		configurationAggregrator.Metadata = resource.GetMetadata()
    23  		aggregationBlock := resource.GetFirstMatchingBlock("account_aggregation_source", "organization_aggregation_source")
    24  		if aggregationBlock.IsNil() {
    25  			configurationAggregrator.SourceAllRegions = defsecTypes.Bool(false, resource.GetMetadata())
    26  		} else {
    27  			allRegionsAttr := aggregationBlock.GetAttribute("all_regions")
    28  			allRegionsVal := allRegionsAttr.AsBoolValueOrDefault(false, aggregationBlock)
    29  			configurationAggregrator.SourceAllRegions = allRegionsVal
    30  		}
    31  	}
    32  	return configurationAggregrator
    33  }