@csermet/multiprovider
Version:
cloud-graph provider plugin for AWS used to fetch AWS cloud data.
110 lines (109 loc) • 4.51 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
const services_1 = __importDefault(require("../../enums/services"));
const regions_1 = require("../../enums/regions");
exports.default = ({ service: domain, data, region, }) => {
const { DomainId, VPCOptions: { SecurityGroupIds = [] } = {}, EncryptionAtRestOptions: { KmsKeyId } = {}, CognitoOptions: { IdentityPoolId, UserPoolId, RoleArn } = {}, LogPublishingOptions = {}, } = domain;
const connections = [];
const logGroupsArns = Object.entries(LogPublishingOptions).map(([, value]) => value.CloudWatchLogsLogGroupArn) || [];
/**
* Find any securityGroup related data
*/
const sgs = data.find(({ name }) => name === services_1.default.sg);
if (sgs?.data?.[region]) {
const dataAtRegion = sgs.data[region].filter(({ GroupId }) => SecurityGroupIds.includes(GroupId));
for (const sg of dataAtRegion) {
connections.push({
id: sg.GroupId,
resourceType: services_1.default.sg,
relation: 'child',
field: 'securityGroups',
});
}
}
/**
* Find any kms related data
*/
const keys = data.find(({ name }) => name === services_1.default.kms);
if (keys?.data?.[region]) {
const dataAtRegion = keys.data[region].filter(({ Arn }) => Arn === KmsKeyId);
for (const key of dataAtRegion) {
connections.push({
id: key.KeyId,
resourceType: services_1.default.kms,
relation: 'child',
field: 'kms',
});
}
}
/**
* Find any cognito identity pool related data
*/
const identityPools = data.find(({ name }) => name === services_1.default.cognitoIdentityPool);
if (identityPools?.data?.[region]) {
const dataAtRegion = identityPools.data[region].filter(({ IdentityPoolId: poolId }) => poolId === IdentityPoolId);
for (const identityPool of dataAtRegion) {
connections.push({
id: identityPool.IdentityPoolId,
resourceType: services_1.default.cognitoIdentityPool,
relation: 'child',
field: 'cognitoIdentityPool',
});
}
}
/**
* Find any cognito user pool related data
*/
const userPools = data.find(({ name }) => name === services_1.default.cognitoUserPool);
if (userPools?.data?.[region]) {
const dataAtRegion = userPools.data[region].filter(({ Id }) => Id === UserPoolId);
for (const userPool of dataAtRegion) {
connections.push({
id: userPool.Id,
resourceType: services_1.default.cognitoUserPool,
relation: 'child',
field: 'cognitoUserPool',
});
}
}
/**
* Find any IAM role related data
*/
const roles = data.find(({ name }) => name === services_1.default.iamRole);
if (roles?.data?.[regions_1.globalRegionName]) {
const dataAtRegion = roles.data[regions_1.globalRegionName].filter(({ Arn }) => Arn === RoleArn);
for (const role of dataAtRegion) {
connections.push({
id: role.Arn,
resourceType: services_1.default.iamRole,
relation: 'child',
field: 'iamRole',
});
}
}
/**
* Find any cloudwatch log group related data
*/
const cloudwatchLogGroups = data.find(({ name }) => name === services_1.default.cloudwatchLog);
if (cloudwatchLogGroups?.data?.[region]) {
const dataAtRegion = cloudwatchLogGroups.data[region].filter(({ arn }) => !isEmpty_1.default(logGroupsArns) &&
logGroupsArns.filter(str => `${str}:*`.includes(arn) // A small interpolation hack to be able to match the full arn
).length > 0);
for (const cloudwatchLogGroup of dataAtRegion) {
connections.push({
id: cloudwatchLogGroup.logGroupName,
resourceType: services_1.default.cloudwatchLog,
relation: 'child',
field: 'cloudwatchLogs',
});
}
}
const natResult = {
[DomainId]: connections,
};
return natResult;
};