github.com/kyma-project/kyma-environment-broker@v0.0.1/cmd/subscriptioncleanup/cloudprovider/aws.go (about) 1 package cloudprovider 2 3 import ( 4 "context" 5 "fmt" 6 7 "github.com/sirupsen/logrus" 8 9 "github.com/aws/aws-sdk-go-v2/aws" 10 "github.com/aws/aws-sdk-go-v2/credentials" 11 "github.com/aws/aws-sdk-go-v2/service/ec2" 12 "github.com/aws/aws-sdk-go-v2/service/ec2/types" 13 ) 14 15 type awsResourceCleaner struct { 16 credentials awsCredentialsConfig 17 } 18 19 type awsCredentialsConfig struct { 20 accessKeyID string 21 secretAccessKey string 22 } 23 24 func NewAwsResourcesCleaner(secretData map[string][]byte) (ResourceCleaner, error) { 25 awsResourceCleaner := awsResourceCleaner{} 26 awsConfig, err := awsResourceCleaner.toAwsConfig(secretData) 27 if err != nil { 28 return nil, err 29 } 30 31 awsResourceCleaner.credentials = awsConfig 32 return awsResourceCleaner, nil 33 } 34 35 func (ac awsResourceCleaner) Do() error { 36 all_regions, err := ac.getAllRegions() 37 if err != nil { 38 return err 39 } 40 41 for _, region := range all_regions.Regions { 42 logrus.Printf("Switching to region %v", *region.RegionName) 43 ec2Client, err := ac.newAwsEC2Client(ac.credentials, *region.RegionName) 44 if err != nil { 45 return err 46 } 47 48 err = ac.deleteVolumes(ec2Client) 49 if err != nil { 50 return err 51 } 52 } 53 54 return nil 55 } 56 57 func (ac awsResourceCleaner) deleteVolumes(ec2Client ec2.Client) error { 58 volumes, err := ec2Client.DescribeVolumes(context.TODO(), &ec2.DescribeVolumesInput{}) 59 if err != nil { 60 return err 61 } 62 63 for _, volume := range volumes.Volumes { 64 if volume.State == types.VolumeStateInUse { 65 return fmt.Errorf(fmt.Sprintf("There is an EC2 instance which uses this volume with id: %v", *volume.VolumeId)) 66 } 67 } 68 69 for _, volume := range volumes.Volumes { 70 logrus.Printf("Deleting volume with id %v", *volume.VolumeId) 71 ec2Client.DeleteVolume(context.TODO(), &ec2.DeleteVolumeInput{ 72 VolumeId: volume.VolumeId, 73 }) 74 } 75 76 return nil 77 } 78 79 func (ac awsResourceCleaner) getAllRegions() (ec2.DescribeRegionsOutput, error) { 80 allRegions := false 81 ec2Client, err := ac.newAwsEC2Client(ac.credentials, "eu-central-1") 82 if err != nil { 83 return ec2.DescribeRegionsOutput{}, err 84 } 85 86 regionOutput, err := ec2Client.DescribeRegions(context.TODO(), &ec2.DescribeRegionsInput{AllRegions: &allRegions}) 87 if err != nil { 88 return ec2.DescribeRegionsOutput{}, err 89 } 90 91 return *regionOutput, nil 92 } 93 94 func (ac awsResourceCleaner) toAwsConfig(secretData map[string][]byte) (awsCredentialsConfig, error) { 95 accessKeyID, exists := secretData["accessKeyID"] 96 if !exists { 97 return awsCredentialsConfig{}, fmt.Errorf("AccessKeyID was not provided in secret!") 98 } 99 100 secretAccessKey, exists := secretData["secretAccessKey"] 101 if !exists { 102 return awsCredentialsConfig{}, fmt.Errorf("SecretAccessKey was not provided in secret!") 103 } 104 105 return awsCredentialsConfig{ 106 accessKeyID: string(accessKeyID), 107 secretAccessKey: string(secretAccessKey), 108 }, nil 109 } 110 111 func (ac awsResourceCleaner) newAwsEC2Client(awsCredentialConfig awsCredentialsConfig, region string) (ec2.Client, error) { 112 return *ec2.New(ec2.Options{ 113 Region: region, 114 Credentials: aws.NewCredentialsCache(credentials.NewStaticCredentialsProvider(awsCredentialConfig.accessKeyID, awsCredentialConfig.secretAccessKey, "")), 115 }), nil 116 }