github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/cloudtrail/adapt.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/cloudtrail/adapt.go (about)

     1  package cloudtrail
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/aws/cloudtrail"
     5  	"github.com/khulnasoft-lab/defsec/pkg/terraform"
     6  )
     7  
     8  func Adapt(modules terraform.Modules) cloudtrail.CloudTrail {
     9  	return cloudtrail.CloudTrail{
    10  		Trails: adaptTrails(modules),
    11  	}
    12  }
    13  
    14  func adaptTrails(modules terraform.Modules) []cloudtrail.Trail {
    15  	var trails []cloudtrail.Trail
    16  
    17  	for _, module := range modules {
    18  		for _, resource := range module.GetResourcesByType("aws_cloudtrail") {
    19  			trails = append(trails, adaptTrail(resource))
    20  		}
    21  	}
    22  	return trails
    23  }
    24  
    25  func adaptTrail(resource *terraform.Block) cloudtrail.Trail {
    26  	nameAttr := resource.GetAttribute("name")
    27  	nameVal := nameAttr.AsStringValueOrDefault("", resource)
    28  
    29  	enableLogFileValidationAttr := resource.GetAttribute("enable_log_file_validation")
    30  	enableLogFileValidationVal := enableLogFileValidationAttr.AsBoolValueOrDefault(false, resource)
    31  
    32  	isMultiRegionAttr := resource.GetAttribute("is_multi_region_trail")
    33  	isMultiRegionVal := isMultiRegionAttr.AsBoolValueOrDefault(false, resource)
    34  
    35  	KMSKeyIDAttr := resource.GetAttribute("kms_key_id")
    36  	KMSKeyIDVal := KMSKeyIDAttr.AsStringValueOrDefault("", resource)
    37  
    38  	var selectors []cloudtrail.EventSelector
    39  	for _, selBlock := range resource.GetBlocks("event_selector") {
    40  		var resources []cloudtrail.DataResource
    41  		for _, resBlock := range selBlock.GetBlocks("data_resource") {
    42  			resources = append(resources, cloudtrail.DataResource{
    43  				Metadata: resBlock.GetMetadata(),
    44  				Type:     resBlock.GetAttribute("type").AsStringValueOrDefault("", resBlock),
    45  				Values:   resBlock.GetAttribute("values").AsStringValues(),
    46  			})
    47  		}
    48  		selector := cloudtrail.EventSelector{
    49  			Metadata:      selBlock.GetMetadata(),
    50  			DataResources: resources,
    51  			ReadWriteType: selBlock.GetAttribute("read_write_type").AsStringValueOrDefault("All", selBlock),
    52  		}
    53  		selectors = append(selectors, selector)
    54  	}
    55  
    56  	return cloudtrail.Trail{
    57  		Metadata:                  resource.GetMetadata(),
    58  		Name:                      nameVal,
    59  		EnableLogFileValidation:   enableLogFileValidationVal,
    60  		IsMultiRegion:             isMultiRegionVal,
    61  		KMSKeyID:                  KMSKeyIDVal,
    62  		CloudWatchLogsLogGroupArn: resource.GetAttribute("cloud_watch_logs_group_arn").AsStringValueOrDefault("", resource),
    63  		IsLogging:                 resource.GetAttribute("enable_logging").AsBoolValueOrDefault(true, resource),
    64  		BucketName:                resource.GetAttribute("s3_bucket_name").AsStringValueOrDefault("", resource),
    65  		EventSelectors:            selectors,
    66  	}
    67  }