github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/cloudformation/aws/ec2/launch_template.go (about) 1 package ec2 2 3 import ( 4 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/ec2" 5 "github.com/khulnasoft-lab/defsec/pkg/scanners/cloudformation/parser" 6 "github.com/khulnasoft-lab/defsec/pkg/types" 7 ) 8 9 func getLaunchTemplates(file parser.FileContext) (templates []ec2.LaunchTemplate) { 10 launchConfigResources := file.GetResourcesByType("AWS::EC2::LaunchTemplate") 11 12 for _, r := range launchConfigResources { 13 14 launchTemplate := ec2.LaunchTemplate{ 15 Metadata: r.Metadata(), 16 Instance: ec2.Instance{ 17 Metadata: r.Metadata(), 18 MetadataOptions: ec2.MetadataOptions{ 19 Metadata: r.Metadata(), 20 HttpTokens: types.StringDefault("optional", r.Metadata()), 21 HttpEndpoint: types.StringDefault("enabled", r.Metadata()), 22 }, 23 UserData: types.StringDefault("", r.Metadata()), 24 SecurityGroups: nil, 25 RootBlockDevice: nil, 26 EBSBlockDevices: nil, 27 }, 28 } 29 30 if data := r.GetProperty("LaunchTemplateData"); data.IsNotNil() { 31 if opts := data.GetProperty("MetadataOptions"); opts.IsNotNil() { 32 launchTemplate.MetadataOptions = ec2.MetadataOptions{ 33 Metadata: opts.Metadata(), 34 HttpTokens: opts.GetStringProperty("HttpTokens", "optional"), 35 HttpEndpoint: opts.GetStringProperty("HttpEndpoint", "enabled"), 36 } 37 } 38 39 launchTemplate.Instance.UserData = data.GetStringProperty("UserData", "") 40 41 blockDevices := getBlockDevices(r) 42 for i, device := range blockDevices { 43 copyDevice := device 44 if i == 0 { 45 launchTemplate.RootBlockDevice = copyDevice 46 continue 47 } 48 launchTemplate.EBSBlockDevices = append(launchTemplate.EBSBlockDevices, device) 49 } 50 } 51 52 templates = append(templates, launchTemplate) 53 54 } 55 return templates 56 }