github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/nifcloud/network/load_balancer.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/nifcloud/network/load_balancer.go (about)

     1  package network
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/nifcloud/network"
     5  	"github.com/khulnasoft-lab/defsec/pkg/terraform"
     6  	defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types"
     7  )
     8  
     9  func adaptLoadBalancers(modules terraform.Modules) []network.LoadBalancer {
    10  	var loadBalancers []network.LoadBalancer
    11  
    12  	for _, resource := range modules.GetResourcesByType("nifcloud_load_balancer") {
    13  		loadBalancers = append(loadBalancers, adaptLoadBalancer(resource, modules))
    14  	}
    15  
    16  	return loadBalancers
    17  }
    18  
    19  func adaptLoadBalancer(resource *terraform.Block, modules terraform.Modules) network.LoadBalancer {
    20  	var listeners []network.LoadBalancerListener
    21  
    22  	listeners = append(listeners, adaptListener(resource))
    23  	for _, listenerBlock := range modules.GetReferencingResources(resource, "nifcloud_load_balancer_listener", "load_balancer_name") {
    24  		listeners = append(listeners, adaptListener(listenerBlock))
    25  	}
    26  
    27  	return network.LoadBalancer{
    28  		Metadata:  resource.GetMetadata(),
    29  		Listeners: listeners,
    30  	}
    31  }
    32  
    33  func adaptListener(resource *terraform.Block) network.LoadBalancerListener {
    34  	protocolVal := defsecTypes.String("", resource.GetMetadata())
    35  	policyVal := defsecTypes.String("", resource.GetMetadata())
    36  
    37  	portAttr := resource.GetAttribute("load_balancer_port")
    38  	if portAttr.IsNotNil() && portAttr.IsNumber() {
    39  		port := portAttr.AsNumber()
    40  		switch port {
    41  		case 21:
    42  			protocolVal = defsecTypes.String("FTP", portAttr.GetMetadata())
    43  		case 80:
    44  			protocolVal = defsecTypes.String("HTTP", portAttr.GetMetadata())
    45  		case 443:
    46  			protocolVal = defsecTypes.String("HTTPS", portAttr.GetMetadata())
    47  		default:
    48  			protocolVal = defsecTypes.String("custom", portAttr.GetMetadata())
    49  		}
    50  	}
    51  
    52  	policyIDAttr := resource.GetAttribute("ssl_policy_id")
    53  	if policyIDAttr.IsNotNil() && policyIDAttr.IsString() {
    54  		policyVal = policyIDAttr.AsStringValueOrDefault("", resource)
    55  	}
    56  
    57  	policyNameAttr := resource.GetAttribute("ssl_policy_name")
    58  	if policyNameAttr.IsNotNil() && policyNameAttr.IsString() {
    59  		policyVal = policyNameAttr.AsStringValueOrDefault("", resource)
    60  	}
    61  
    62  	return network.LoadBalancerListener{
    63  		Metadata:  resource.GetMetadata(),
    64  		Protocol:  protocolVal,
    65  		TLSPolicy: policyVal,
    66  	}
    67  }