github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/cloudformation/aws/lambda/function.go (about) 1 package lambda 2 3 import ( 4 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/lambda" 5 "github.com/khulnasoft-lab/defsec/pkg/scanners/cloudformation/parser" 6 "github.com/khulnasoft-lab/defsec/pkg/types" 7 ) 8 9 func getFunctions(ctx parser.FileContext) (functions []lambda.Function) { 10 11 functionResources := ctx.GetResourcesByType("AWS::Lambda::Function") 12 13 for _, r := range functionResources { 14 15 function := lambda.Function{ 16 Metadata: r.Metadata(), 17 Tracing: lambda.Tracing{ 18 Metadata: r.Metadata(), 19 Mode: types.StringDefault("PassThrough", r.Metadata()), 20 }, 21 Permissions: getPermissions(r, ctx), 22 } 23 24 if prop := r.GetProperty("TracingConfig"); prop.IsNotNil() { 25 function.Tracing = lambda.Tracing{ 26 Metadata: prop.Metadata(), 27 Mode: prop.GetStringProperty("Mode", "PassThrough"), 28 } 29 } 30 31 functions = append(functions, function) 32 } 33 34 return functions 35 } 36 37 func getPermissions(funcR *parser.Resource, ctx parser.FileContext) (perms []lambda.Permission) { 38 39 permissionResources := ctx.GetResourcesByType("AWS::Lambda::Permission") 40 41 for _, r := range permissionResources { 42 if prop := r.GetStringProperty("FunctionName"); prop.EqualTo(funcR.ID()) { 43 perm := lambda.Permission{ 44 Metadata: r.Metadata(), 45 Principal: r.GetStringProperty("Principal"), 46 SourceARN: r.GetStringProperty("SourceArn"), 47 } 48 perms = append(perms, perm) 49 } 50 } 51 52 return perms 53 }