UNPKG

@csermet/multiprovider

Version:

cloud-graph provider plugin for AWS used to fetch AWS cloud data.

www.cloudgraph.dev

cloudgraphdev/cloudgraph-provider-aws

99 lines (98 loc) 3.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); const wafv2_1 = __importDefault(require("aws-sdk/clients/wafv2")); const isEmpty_1 = __importDefault(require("lodash/isEmpty")); const groupBy_1 = __importDefault(require("lodash/groupBy")); const utils_1 = require("../../utils"); const errorLog_1 = __importDefault(require("../../utils/errorLog")); const serviceName = 'wafV2WebAcl'; const errorLog = new errorLog_1.default(serviceName); const endpoint = utils_1.initTestEndpoint(serviceName); const scopes = { cloudfront: 'CLOUDFRONT', regional: 'REGIONAL', }; const resources = [ { name: 'elasticloadbalancing', type: 'APPLICATION_LOAD_BALANCER' }, { name: 'apigateway', type: 'API_GATEWAY' }, { name: 'appsync', type: 'APPSYNC' }, ]; const listResources = async (client, wafArn) => { const wafResources = {}; for (const { name, type } of resources) { const { ResourceArns } = (await client .listResourcesForWebACL({ WebACLArn: wafArn, ResourceType: type, }) .promise()) ?? { ResourceArns: [] }; wafResources[name] = ResourceArns; } return wafResources; }; /** * WafV2WebAcl */ exports.default = async ({ regions, config, }) => { const result = []; const activeRegions = regions.split(','); activeRegions.push('global'); for (const region of activeRegions) { const client = new wafv2_1.default({ ...config, region: region === 'global' ? 'us-east-1' : region, endpoint, }); const scope = region === 'global' ? scopes.cloudfront : scopes.regional; const WafV2WebAclData = []; try { const { WebACLs, NextMarker } = await client .listWebACLs({ Scope: scope, Limit: 10 }) .promise(); WafV2WebAclData.push(...WebACLs); let marker = NextMarker; while (marker) { const { WebACLs, NextMarker } = await client .listWebACLs({ Scope: scope, Limit: 10, NextMarker: marker }) .promise(); marker = NextMarker; WafV2WebAclData.push(...WebACLs); } } catch (err) { errorLog.generateAwsErrorLog({ functionName: 'listWebAcls', err }); } if (!isEmpty_1.default(WafV2WebAclData)) { for (const waf of WafV2WebAclData) { let wafData; try { wafData = await client .getWebACL({ Name: waf.Name, Id: waf.Id, Scope: scope }) .promise(); const arn = wafData?.WebACL?.ARN; const loggingConfiguration = await client .getLoggingConfiguration({ ResourceArn: arn }) .promise(); wafData.loggingConfiguration = loggingConfiguration.LoggingConfiguration; wafData.wafResources = await listResources(client, arn); } catch (err) { errorLog.generateAwsErrorLog({ functionName: 'getWebACL', err }); } result.push({ ...wafData?.WebACL, loggingConfiguration: wafData?.loggingConfiguration, wafResources: wafData?.wafResources, region, scope }); } } } errorLog.reset(); return groupBy_1.default(result, 'region'); };