github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/apigateway/apiv2.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/apigateway/apiv2.go (about)

     1  package apigateway
     2  
     3  import (
     4  	v2 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/apigateway/v2"
     5  	"github.com/khulnasoft-lab/defsec/pkg/terraform"
     6  	defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types"
     7  )
     8  
     9  func adaptAPIsV2(modules terraform.Modules) []v2.API {
    10  
    11  	var apis []v2.API
    12  	apiStageIDs := modules.GetChildResourceIDMapByType("aws_apigatewayv2_stage")
    13  
    14  	for _, module := range modules {
    15  		for _, apiBlock := range module.GetResourcesByType("aws_apigatewayv2_api") {
    16  			api := v2.API{
    17  				Metadata:     apiBlock.GetMetadata(),
    18  				Name:         apiBlock.GetAttribute("name").AsStringValueOrDefault("", apiBlock),
    19  				ProtocolType: apiBlock.GetAttribute("protocol_type").AsStringValueOrDefault("", apiBlock),
    20  				Stages:       nil,
    21  			}
    22  
    23  			for _, stageBlock := range module.GetReferencingResources(apiBlock, "aws_apigatewayv2_stage", "api_id") {
    24  				apiStageIDs.Resolve(stageBlock.ID())
    25  
    26  				stage := adaptStageV2(stageBlock)
    27  
    28  				api.Stages = append(api.Stages, stage)
    29  			}
    30  
    31  			apis = append(apis, api)
    32  		}
    33  	}
    34  
    35  	orphanResources := modules.GetResourceByIDs(apiStageIDs.Orphans()...)
    36  	if len(orphanResources) > 0 {
    37  		orphanage := v2.API{
    38  			Metadata:     defsecTypes.NewUnmanagedMetadata(),
    39  			Name:         defsecTypes.StringDefault("", defsecTypes.NewUnmanagedMetadata()),
    40  			ProtocolType: defsecTypes.StringUnresolvable(defsecTypes.NewUnmanagedMetadata()),
    41  			Stages:       nil,
    42  		}
    43  		for _, stage := range orphanResources {
    44  			orphanage.Stages = append(orphanage.Stages, adaptStageV2(stage))
    45  		}
    46  		apis = append(apis, orphanage)
    47  	}
    48  
    49  	return apis
    50  }
    51  
    52  func adaptStageV2(stageBlock *terraform.Block) v2.Stage {
    53  	stage := v2.Stage{
    54  		Metadata: stageBlock.GetMetadata(),
    55  		Name:     stageBlock.GetAttribute("name").AsStringValueOrDefault("", stageBlock),
    56  		AccessLogging: v2.AccessLogging{
    57  			Metadata:              stageBlock.GetMetadata(),
    58  			CloudwatchLogGroupARN: defsecTypes.StringDefault("", stageBlock.GetMetadata()),
    59  		},
    60  	}
    61  	if accessLogging := stageBlock.GetBlock("access_log_settings"); accessLogging.IsNotNil() {
    62  		stage.AccessLogging.Metadata = accessLogging.GetMetadata()
    63  		stage.AccessLogging.CloudwatchLogGroupARN = accessLogging.GetAttribute("destination_arn").AsStringValueOrDefault("", accessLogging)
    64  	} else {
    65  		stage.AccessLogging.Metadata = stageBlock.GetMetadata()
    66  		stage.AccessLogging.CloudwatchLogGroupARN = defsecTypes.StringDefault("", stageBlock.GetMetadata())
    67  	}
    68  	return stage
    69  }