diff --git a/plugins/source/aws/docs/tables/README.md b/plugins/source/aws/docs/tables/README.md index 240cf3178849b3..bad532815ca335 100644 --- a/plugins/source/aws/docs/tables/README.md +++ b/plugins/source/aws/docs/tables/README.md @@ -122,6 +122,7 @@ - [aws_computeoptimizer_enrollment_statuses](../../../../../website/tables/aws/aws_computeoptimizer_enrollment_statuses.md) - [aws_computeoptimizer_lambda_function_recommendations](../../../../../website/tables/aws/aws_computeoptimizer_lambda_function_recommendations.md) - [aws_config_config_rules](../../../../../website/tables/aws/aws_config_config_rules.md) + - [aws_config_config_rule_compliance_details](../../../../../website/tables/aws/aws_config_config_rule_compliance_details.md) - [aws_config_config_rule_compliances](../../../../../website/tables/aws/aws_config_config_rule_compliances.md) - [aws_config_remediation_configurations](../../../../../website/tables/aws/aws_config_remediation_configurations.md) - [aws_config_configuration_aggregators](../../../../../website/tables/aws/aws_config_configuration_aggregators.md) diff --git a/plugins/source/aws/resources/services/config/config_rule_compliance_details.go b/plugins/source/aws/resources/services/config/config_rule_compliance_details.go new file mode 100644 index 00000000000000..182e913be95c51 --- /dev/null +++ b/plugins/source/aws/resources/services/config/config_rule_compliance_details.go @@ -0,0 +1,57 @@ +package config + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/configservice" + "github.com/aws/aws-sdk-go-v2/service/configservice/types" + "github.com/cloudquery/cloudquery/plugins/source/aws/client" + "github.com/cloudquery/plugin-sdk/v2/schema" + "github.com/cloudquery/plugin-sdk/v2/transformers" +) + +func configRuleComplianceDetails() *schema.Table { + tableName := "aws_config_config_rule_compliance_details" + return &schema.Table{ + Name: tableName, + Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_EvaluationResult.html`, + Resolver: fetchConfigConfigRuleComplianceDetails, + Multiplex: client.ServiceAccountRegionMultiplexer(tableName, "config"), + // no primary key because all the relevant candidate fields can either be null or are not + // uniquely identifying of a resource. For example, ResourceEvaluationId can be null, + // and so can ResultToken. However, hashing the entire object can work because a combination of + // all fields must be unique. + Transform: transformers.TransformWithStruct(&types.EvaluationResult{}), + Columns: []schema.Column{ + client.DefaultAccountIDColumn(false), + client.DefaultRegionColumn(false), + { + Name: "config_rule_name", + Type: schema.TypeString, + Resolver: schema.ParentColumnResolver("config_rule_name"), + }, + }, + } +} + +func fetchConfigConfigRuleComplianceDetails(ctx context.Context, meta schema.ClientMeta, parent *schema.Resource, res chan<- any) error { + ruleDetail := parent.Item.(types.ConfigRule) + c := meta.(*client.Client) + svc := c.Services().Configservice + + input := &configservice.GetComplianceDetailsByConfigRuleInput{ + ConfigRuleName: ruleDetail.ConfigRuleName, + Limit: 100, + } + p := configservice.NewGetComplianceDetailsByConfigRulePaginator(svc, input) + for p.HasMorePages() { + response, err := p.NextPage(ctx, func(options *configservice.Options) { + options.Region = c.Region + }) + if err != nil { + return err + } + res <- response.EvaluationResults + } + return nil +} diff --git a/plugins/source/aws/resources/services/config/config_rule_compliance_details_mock_test.go b/plugins/source/aws/resources/services/config/config_rule_compliance_details_mock_test.go new file mode 100644 index 00000000000000..f481d47f806c7b --- /dev/null +++ b/plugins/source/aws/resources/services/config/config_rule_compliance_details_mock_test.go @@ -0,0 +1,26 @@ +package config + +import ( + "testing" + + "github.com/aws/aws-sdk-go-v2/service/configservice" + "github.com/aws/aws-sdk-go-v2/service/configservice/types" + "github.com/cloudquery/cloudquery/plugins/source/aws/client" + "github.com/cloudquery/cloudquery/plugins/source/aws/client/mocks" + "github.com/cloudquery/plugin-sdk/v2/faker" + "github.com/golang/mock/gomock" +) + +func buildComplianceDetails(t *testing.T, m *mocks.MockConfigserviceClient) client.Services { + l := types.EvaluationResult{} + if err := faker.FakeObject(&l); err != nil { + t.Fatal(err) + } + m.EXPECT().GetComplianceDetailsByConfigRule(gomock.Any(), gomock.Any(), gomock.Any()).Return( + &configservice.GetComplianceDetailsByConfigRuleOutput{ + EvaluationResults: []types.EvaluationResult{l}, + }, nil) + return client.Services{ + Configservice: m, + } +} diff --git a/plugins/source/aws/resources/services/config/config_rules.go b/plugins/source/aws/resources/services/config/config_rules.go index b0cc4c359b49a0..f17a958a60ac28 100644 --- a/plugins/source/aws/resources/services/config/config_rules.go +++ b/plugins/source/aws/resources/services/config/config_rules.go @@ -14,7 +14,7 @@ func ConfigRules() *schema.Table { tableName := "aws_config_config_rules" return &schema.Table{ Name: tableName, - Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRules.html`, + Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigRule.html`, Resolver: fetchConfigConfigRules, Multiplex: client.ServiceAccountRegionMultiplexer(tableName, "config"), Transform: transformers.TransformWithStruct(&types.ConfigRule{}), @@ -33,6 +33,7 @@ func ConfigRules() *schema.Table { Relations: []*schema.Table{ configRuleCompliances(), + configRuleComplianceDetails(), remediationConfigurations(), }, } @@ -42,8 +43,7 @@ func fetchConfigConfigRules(ctx context.Context, meta schema.ClientMeta, parent c := meta.(*client.Client) svc := c.Services().Configservice - input := &configservice.DescribeConfigRulesInput{} - p := configservice.NewDescribeConfigRulesPaginator(svc, input) + p := configservice.NewDescribeConfigRulesPaginator(svc, nil) for p.HasMorePages() { response, err := p.NextPage(ctx, func(options *configservice.Options) { options.Region = c.Region diff --git a/plugins/source/aws/resources/services/config/config_rules_mock_test.go b/plugins/source/aws/resources/services/config/config_rules_mock_test.go index f5da9d964af8c1..787fd308833a5a 100644 --- a/plugins/source/aws/resources/services/config/config_rules_mock_test.go +++ b/plugins/source/aws/resources/services/config/config_rules_mock_test.go @@ -30,6 +30,7 @@ func buildConfigRules(t *testing.T, ctrl *gomock.Controller) client.Services { ComplianceByConfigRules: []types.ComplianceByConfigRule{sl}, }, nil) buildRemediationConfigurations(t, m) + buildComplianceDetails(t, m) return client.Services{ Configservice: m, } diff --git a/plugins/source/aws/resources/services/config/configuration_aggregators.go b/plugins/source/aws/resources/services/config/configuration_aggregators.go index 173b85347cc8a6..a6095d5c987628 100644 --- a/plugins/source/aws/resources/services/config/configuration_aggregators.go +++ b/plugins/source/aws/resources/services/config/configuration_aggregators.go @@ -14,7 +14,7 @@ func ConfigurationAggregators() *schema.Table { tableName := "aws_config_configuration_aggregators" return &schema.Table{ Name: tableName, - Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregators.html`, + Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigurationAggregator.html`, Resolver: fetchConfigurationAggregators, Multiplex: client.ServiceAccountRegionMultiplexer(tableName, "config"), Transform: transformers.TransformWithStruct(&types.ConfigurationAggregator{}), @@ -38,8 +38,7 @@ func fetchConfigurationAggregators(ctx context.Context, meta schema.ClientMeta, c := meta.(*client.Client) svc := c.Services().Configservice - input := &configservice.DescribeConfigurationAggregatorsInput{} - p := configservice.NewDescribeConfigurationAggregatorsPaginator(svc, input) + p := configservice.NewDescribeConfigurationAggregatorsPaginator(svc, nil) for p.HasMorePages() { response, err := p.NextPage(ctx, func(options *configservice.Options) { options.Region = c.Region diff --git a/plugins/source/aws/resources/services/config/delivery_channels.go b/plugins/source/aws/resources/services/config/delivery_channels.go index 67e21d153f313b..64f81842683e21 100644 --- a/plugins/source/aws/resources/services/config/delivery_channels.go +++ b/plugins/source/aws/resources/services/config/delivery_channels.go @@ -14,7 +14,7 @@ func DeliveryChannels() *schema.Table { tableName := "aws_config_delivery_channels" return &schema.Table{ Name: tableName, - Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannels.html`, + Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_DeliveryChannel.html`, Resolver: fetchDeliveryChannels, Multiplex: client.ServiceAccountRegionMultiplexer(tableName, "config"), Transform: transformers.TransformWithStruct(&types.DeliveryChannel{}, transformers.WithPrimaryKeys("Name")), diff --git a/plugins/source/aws/resources/services/config/remediation_configurations.go b/plugins/source/aws/resources/services/config/remediation_configurations.go index f445dd591db033..5d14d87159ca28 100644 --- a/plugins/source/aws/resources/services/config/remediation_configurations.go +++ b/plugins/source/aws/resources/services/config/remediation_configurations.go @@ -14,7 +14,7 @@ func remediationConfigurations() *schema.Table { tableName := "aws_config_remediation_configurations" return &schema.Table{ Name: tableName, - Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationConfigurations.html`, + Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationConfiguration.html`, Resolver: fetchRemediationConfigurations, Multiplex: client.ServiceAccountRegionMultiplexer(tableName, "config"), Transform: transformers.TransformWithStruct(&types.RemediationConfiguration{}, diff --git a/plugins/source/aws/resources/services/config/retention_configurations.go b/plugins/source/aws/resources/services/config/retention_configurations.go index d674c9278057f3..aa66a7becac6a4 100644 --- a/plugins/source/aws/resources/services/config/retention_configurations.go +++ b/plugins/source/aws/resources/services/config/retention_configurations.go @@ -14,7 +14,7 @@ func RetentionConfigurations() *schema.Table { tableName := "aws_config_retention_configurations" return &schema.Table{ Name: tableName, - Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRetentionConfigurations.html`, + Description: `https://docs.aws.amazon.com/config/latest/APIReference/API_RetentionConfiguration.html`, Resolver: fetchRetentionConfigurations, Multiplex: client.ServiceAccountRegionMultiplexer(tableName, "config"), Transform: transformers.TransformWithStruct(&types.RetentionConfiguration{}, @@ -31,8 +31,7 @@ func fetchRetentionConfigurations(ctx context.Context, meta schema.ClientMeta, p c := meta.(*client.Client) svc := c.Services().Configservice - input := &configservice.DescribeRetentionConfigurationsInput{} - p := configservice.NewDescribeRetentionConfigurationsPaginator(svc, input) + p := configservice.NewDescribeRetentionConfigurationsPaginator(svc, nil) for p.HasMorePages() { response, err := p.NextPage(ctx, func(options *configservice.Options) { options.Region = c.Region diff --git a/website/pages/docs/plugins/sources/aws/tables.md b/website/pages/docs/plugins/sources/aws/tables.md index 76628823f96767..3a6cb6b64a92e8 100644 --- a/website/pages/docs/plugins/sources/aws/tables.md +++ b/website/pages/docs/plugins/sources/aws/tables.md @@ -122,6 +122,7 @@ - [aws_computeoptimizer_enrollment_statuses](tables/aws_computeoptimizer_enrollment_statuses) - [aws_computeoptimizer_lambda_function_recommendations](tables/aws_computeoptimizer_lambda_function_recommendations) - [aws_config_config_rules](tables/aws_config_config_rules) + - [aws_config_config_rule_compliance_details](tables/aws_config_config_rule_compliance_details) - [aws_config_config_rule_compliances](tables/aws_config_config_rule_compliances) - [aws_config_remediation_configurations](tables/aws_config_remediation_configurations) - [aws_config_configuration_aggregators](tables/aws_config_configuration_aggregators) diff --git a/website/tables/aws/aws_config_config_rule_compliance_details.md b/website/tables/aws/aws_config_config_rule_compliance_details.md new file mode 100644 index 00000000000000..c729d0fdf2be56 --- /dev/null +++ b/website/tables/aws/aws_config_config_rule_compliance_details.md @@ -0,0 +1,29 @@ +# Table: aws_config_config_rule_compliance_details + +This table shows data for Config Config Rule Compliance Details. + +https://docs.aws.amazon.com/config/latest/APIReference/API_EvaluationResult.html + +The primary key for this table is **_cq_id**. + +## Relations + +This table depends on [aws_config_config_rules](aws_config_config_rules). + +## Columns + +| Name | Type | +| ------------- | ------------- | +|_cq_source_name|String| +|_cq_sync_time|Timestamp| +|_cq_id (PK)|UUID| +|_cq_parent_id|UUID| +|account_id|String| +|region|String| +|config_rule_name|String| +|annotation|String| +|compliance_type|String| +|config_rule_invoked_time|Timestamp| +|evaluation_result_identifier|JSON| +|result_recorded_time|Timestamp| +|result_token|String| \ No newline at end of file diff --git a/website/tables/aws/aws_config_config_rules.md b/website/tables/aws/aws_config_config_rules.md index 39cd369598ca7f..2e9fd6a452b0a7 100644 --- a/website/tables/aws/aws_config_config_rules.md +++ b/website/tables/aws/aws_config_config_rules.md @@ -2,13 +2,14 @@ This table shows data for Config Config Rules. -https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigRules.html +https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigRule.html The primary key for this table is **arn**. ## Relations The following tables depend on aws_config_config_rules: + - [aws_config_config_rule_compliance_details](aws_config_config_rule_compliance_details) - [aws_config_config_rule_compliances](aws_config_config_rule_compliances) - [aws_config_remediation_configurations](aws_config_remediation_configurations) diff --git a/website/tables/aws/aws_config_configuration_aggregators.md b/website/tables/aws/aws_config_configuration_aggregators.md index ede82a52e298d5..eb6b99c1727844 100644 --- a/website/tables/aws/aws_config_configuration_aggregators.md +++ b/website/tables/aws/aws_config_configuration_aggregators.md @@ -2,7 +2,7 @@ This table shows data for Config Configuration Aggregators. -https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeConfigurationAggregators.html +https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigurationAggregator.html The primary key for this table is **arn**. diff --git a/website/tables/aws/aws_config_delivery_channels.md b/website/tables/aws/aws_config_delivery_channels.md index 0444b9c2b1cc26..8cb44f857210af 100644 --- a/website/tables/aws/aws_config_delivery_channels.md +++ b/website/tables/aws/aws_config_delivery_channels.md @@ -2,7 +2,7 @@ This table shows data for Config Delivery Channels. -https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeDeliveryChannels.html +https://docs.aws.amazon.com/config/latest/APIReference/API_DeliveryChannel.html The composite primary key for this table is (**account_id**, **region**, **name**). diff --git a/website/tables/aws/aws_config_remediation_configurations.md b/website/tables/aws/aws_config_remediation_configurations.md index 7a140d00b73a83..0ffc5ba57553e5 100644 --- a/website/tables/aws/aws_config_remediation_configurations.md +++ b/website/tables/aws/aws_config_remediation_configurations.md @@ -2,7 +2,7 @@ This table shows data for Config Remediation Configurations. -https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRemediationConfigurations.html +https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationConfiguration.html The primary key for this table is **arn**. diff --git a/website/tables/aws/aws_config_retention_configurations.md b/website/tables/aws/aws_config_retention_configurations.md index fb89b0c572ab2b..5ad96776c4df41 100644 --- a/website/tables/aws/aws_config_retention_configurations.md +++ b/website/tables/aws/aws_config_retention_configurations.md @@ -2,7 +2,7 @@ This table shows data for Config Retention Configurations. -https://docs.aws.amazon.com/config/latest/APIReference/API_DescribeRetentionConfigurations.html +https://docs.aws.amazon.com/config/latest/APIReference/API_RetentionConfiguration.html The composite primary key for this table is (**account_id**, **region**, **name**).