github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/elasticache/adapt.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/elasticache/adapt.go (about)

     1  package elasticache
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/aws/elasticache"
     5  	"github.com/khulnasoft-lab/defsec/pkg/terraform"
     6  )
     7  
     8  func Adapt(modules terraform.Modules) elasticache.ElastiCache {
     9  	return elasticache.ElastiCache{
    10  		Clusters:          adaptClusters(modules),
    11  		ReplicationGroups: adaptReplicationGroups(modules),
    12  		SecurityGroups:    adaptSecurityGroups(modules),
    13  	}
    14  }
    15  func adaptClusters(modules terraform.Modules) []elasticache.Cluster {
    16  	var clusters []elasticache.Cluster
    17  	for _, module := range modules {
    18  		for _, resource := range module.GetResourcesByType("aws_elasticache_cluster") {
    19  			clusters = append(clusters, adaptCluster(resource))
    20  		}
    21  	}
    22  	return clusters
    23  }
    24  
    25  func adaptReplicationGroups(modules terraform.Modules) []elasticache.ReplicationGroup {
    26  	var replicationGroups []elasticache.ReplicationGroup
    27  	for _, module := range modules {
    28  		for _, resource := range module.GetResourcesByType("aws_elasticache_replication_group") {
    29  			replicationGroups = append(replicationGroups, adaptReplicationGroup(resource))
    30  		}
    31  	}
    32  	return replicationGroups
    33  }
    34  
    35  func adaptSecurityGroups(modules terraform.Modules) []elasticache.SecurityGroup {
    36  	var securityGroups []elasticache.SecurityGroup
    37  	for _, module := range modules {
    38  		for _, resource := range module.GetResourcesByType("aws_elasticache_security_group") {
    39  			securityGroups = append(securityGroups, adaptSecurityGroup(resource))
    40  		}
    41  	}
    42  	return securityGroups
    43  }
    44  
    45  func adaptCluster(resource *terraform.Block) elasticache.Cluster {
    46  	engineAttr := resource.GetAttribute("engine")
    47  	engineVal := engineAttr.AsStringValueOrDefault("", resource)
    48  
    49  	nodeTypeAttr := resource.GetAttribute("node_type")
    50  	nodeTypeVal := nodeTypeAttr.AsStringValueOrDefault("", resource)
    51  
    52  	snapshotRetentionAttr := resource.GetAttribute("snapshot_retention_limit")
    53  	snapshotRetentionVal := snapshotRetentionAttr.AsIntValueOrDefault(0, resource)
    54  
    55  	return elasticache.Cluster{
    56  		Metadata:               resource.GetMetadata(),
    57  		Engine:                 engineVal,
    58  		NodeType:               nodeTypeVal,
    59  		SnapshotRetentionLimit: snapshotRetentionVal,
    60  	}
    61  }
    62  
    63  func adaptReplicationGroup(resource *terraform.Block) elasticache.ReplicationGroup {
    64  	transitEncryptionAttr := resource.GetAttribute("transit_encryption_enabled")
    65  	transitEncryptionVal := transitEncryptionAttr.AsBoolValueOrDefault(false, resource)
    66  
    67  	atRestEncryptionAttr := resource.GetAttribute("at_rest_encryption_enabled")
    68  	atRestEncryptionVal := atRestEncryptionAttr.AsBoolValueOrDefault(false, resource)
    69  
    70  	return elasticache.ReplicationGroup{
    71  		Metadata:                 resource.GetMetadata(),
    72  		TransitEncryptionEnabled: transitEncryptionVal,
    73  		AtRestEncryptionEnabled:  atRestEncryptionVal,
    74  	}
    75  }
    76  
    77  func adaptSecurityGroup(resource *terraform.Block) elasticache.SecurityGroup {
    78  	descriptionAttr := resource.GetAttribute("description")
    79  	descriptionVal := descriptionAttr.AsStringValueOrDefault("Managed by Terraform", resource)
    80  
    81  	return elasticache.SecurityGroup{
    82  		Metadata:    resource.GetMetadata(),
    83  		Description: descriptionVal,
    84  	}
    85  }