github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/cloud/aws/ecs/cluster.go (about) 1 package ecs 2 3 import ( 4 "fmt" 5 6 "github.com/khulnasoft-lab/defsec/pkg/concurrency" 7 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 8 9 ecsapi "github.com/aws/aws-sdk-go-v2/service/ecs" 10 "github.com/aws/aws-sdk-go-v2/service/ecs/types" 11 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/ecs" 12 ) 13 14 func (a *adapter) getClusters() ([]ecs.Cluster, error) { 15 16 a.Tracker().SetServiceLabel("Discovering clusters...") 17 18 var clusterARNs []string 19 20 var input ecsapi.ListClustersInput 21 22 for { 23 output, err := a.api.ListClusters(a.Context(), &input) 24 if err != nil { 25 return nil, err 26 } 27 clusterARNs = append(clusterARNs, output.ClusterArns...) 28 a.Tracker().SetTotalResources(len(clusterARNs)) 29 if output.NextToken == nil { 30 break 31 } 32 input.NextToken = output.NextToken 33 } 34 35 a.Tracker().SetServiceLabel("Adapting clusters...") 36 return concurrency.Adapt(clusterARNs, a.RootAdapter, a.adaptCluster), nil 37 } 38 39 func (a *adapter) adaptCluster(arn string) (*ecs.Cluster, error) { 40 41 metadata := a.CreateMetadataFromARN(arn) 42 43 var enableInsights bool 44 45 output, err := a.api.DescribeClusters(a.Context(), &ecsapi.DescribeClustersInput{ 46 Clusters: []string{arn}, 47 Include: []types.ClusterField{ 48 types.ClusterFieldSettings, 49 }, 50 }) 51 if err != nil { 52 return nil, err 53 } 54 if len(output.Clusters) == 0 { 55 return nil, fmt.Errorf("cluster not found") 56 } 57 58 for _, setting := range output.Clusters[0].Settings { 59 if setting.Name == types.ClusterSettingNameContainerInsights { 60 enableInsights = setting.Value != nil && *setting.Value == "enabled" 61 } 62 } 63 64 return &ecs.Cluster{ 65 Metadata: metadata, 66 Settings: ecs.ClusterSettings{ 67 Metadata: metadata, 68 ContainerInsightsEnabled: defsecTypes.Bool(enableInsights, metadata), 69 }, 70 }, nil 71 }