github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/athena/adapt.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/athena/adapt.go (about)

     1  package athena
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/aws/athena"
     5  	"github.com/khulnasoft-lab/defsec/pkg/terraform"
     6  	defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types"
     7  )
     8  
     9  func Adapt(modules terraform.Modules) athena.Athena {
    10  	return athena.Athena{
    11  		Databases:  adaptDatabases(modules),
    12  		Workgroups: adaptWorkgroups(modules),
    13  	}
    14  }
    15  
    16  func adaptDatabases(modules terraform.Modules) []athena.Database {
    17  	var databases []athena.Database
    18  	for _, module := range modules {
    19  		for _, resource := range module.GetResourcesByType("aws_athena_database") {
    20  			databases = append(databases, adaptDatabase(resource))
    21  		}
    22  	}
    23  	return databases
    24  }
    25  
    26  func adaptWorkgroups(modules terraform.Modules) []athena.Workgroup {
    27  	var workgroups []athena.Workgroup
    28  	for _, module := range modules {
    29  		for _, resource := range module.GetResourcesByType("aws_athena_workgroup") {
    30  			workgroups = append(workgroups, adaptWorkgroup(resource))
    31  		}
    32  	}
    33  	return workgroups
    34  }
    35  
    36  func adaptDatabase(resource *terraform.Block) athena.Database {
    37  	database := athena.Database{
    38  		Metadata: resource.GetMetadata(),
    39  		Name:     resource.GetAttribute("name").AsStringValueOrDefault("", resource),
    40  		Encryption: athena.EncryptionConfiguration{
    41  			Metadata: resource.GetMetadata(),
    42  			Type:     defsecTypes.StringDefault("", resource.GetMetadata()),
    43  		},
    44  	}
    45  	if encryptionConfigBlock := resource.GetBlock("encryption_configuration"); encryptionConfigBlock.IsNotNil() {
    46  		database.Encryption.Metadata = encryptionConfigBlock.GetMetadata()
    47  		encryptionOptionAttr := encryptionConfigBlock.GetAttribute("encryption_option")
    48  		database.Encryption.Type = encryptionOptionAttr.AsStringValueOrDefault("", encryptionConfigBlock)
    49  	}
    50  
    51  	return database
    52  }
    53  
    54  func adaptWorkgroup(resource *terraform.Block) athena.Workgroup {
    55  	workgroup := athena.Workgroup{
    56  		Metadata: resource.GetMetadata(),
    57  		Name:     resource.GetAttribute("name").AsStringValueOrDefault("", resource),
    58  		Encryption: athena.EncryptionConfiguration{
    59  			Metadata: resource.GetMetadata(),
    60  			Type:     defsecTypes.StringDefault("", resource.GetMetadata()),
    61  		},
    62  		EnforceConfiguration: defsecTypes.BoolDefault(false, resource.GetMetadata()),
    63  	}
    64  
    65  	if configBlock := resource.GetBlock("configuration"); configBlock.IsNotNil() {
    66  
    67  		enforceWGConfigAttr := configBlock.GetAttribute("enforce_workgroup_configuration")
    68  		workgroup.EnforceConfiguration = enforceWGConfigAttr.AsBoolValueOrDefault(true, configBlock)
    69  
    70  		if resultConfigBlock := configBlock.GetBlock("result_configuration"); configBlock.IsNotNil() {
    71  			if encryptionConfigBlock := resultConfigBlock.GetBlock("encryption_configuration"); encryptionConfigBlock.IsNotNil() {
    72  				encryptionOptionAttr := encryptionConfigBlock.GetAttribute("encryption_option")
    73  				workgroup.Encryption.Metadata = encryptionConfigBlock.GetMetadata()
    74  				workgroup.Encryption.Type = encryptionOptionAttr.AsStringValueOrDefault("", encryptionConfigBlock)
    75  			}
    76  		}
    77  	}
    78  
    79  	return workgroup
    80  }