Feature/eks msk vpc version (#1140)

* update version * add support for eks cluster * version upgrade * add support for vpc * fix vpc config block creation * add comment for ImageScanningConfigurationBlock * fix json pair * nil check on encryption at rest in msk
tenable · Feb 7, 2022 · 575bff2 · 575bff2
1 parent 4dae7e4
commit 575bff2
Show file tree

Hide file tree

Showing 67 changed files with 267 additions and 204 deletions.
diff --git a/go.mod b/go.mod
@@ -22,7 +22,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.3.2
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.11.1
 	github.com/aws/smithy-go v1.6.0
-	github.com/awslabs/goformation/v4 v4.19.1
+	github.com/awslabs/goformation/v5 v5.4.5
 	github.com/ghodss/yaml v1.0.0
 	github.com/go-errors/errors v1.0.1
 	github.com/google/go-containerregistry v0.1.2
@@ -43,8 +43,8 @@ require (
 	github.com/mattn/go-isatty v0.0.12
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/moby/buildkit v0.8.3
-	github.com/onsi/ginkgo v1.15.1
-	github.com/onsi/gomega v1.11.0
+	github.com/onsi/ginkgo v1.16.4
+	github.com/onsi/gomega v1.12.0
 	github.com/open-policy-agent/opa v0.22.0
 	github.com/owenrumney/go-sarif v1.0.12
 	github.com/pelletier/go-toml v1.9.3

diff --git a/go.sum b/go.sum
diff --git a/pkg/iac-providers/cft/v1/load-file.go b/pkg/iac-providers/cft/v1/load-file.go
@@ -27,8 +27,8 @@ import (
 	"github.com/accurics/terrascan/pkg/mapper"
 	cftRes "github.com/accurics/terrascan/pkg/mapper/iac-providers/cft/config"
 	"github.com/accurics/terrascan/pkg/mapper/iac-providers/cft/store"
-	"github.com/awslabs/goformation/v4"
-	"github.com/awslabs/goformation/v4/cloudformation"
+	"github.com/awslabs/goformation/v5"
+	"github.com/awslabs/goformation/v5/cloudformation"
 	"go.uber.org/zap"
 )
 

diff --git a/pkg/iac-providers/cft/v1/sanitize-cft-template.go b/pkg/iac-providers/cft/v1/sanitize-cft-template.go
@@ -23,9 +23,9 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/awslabs/goformation/v4/cloudformation"
-	"github.com/awslabs/goformation/v4/cloudformation/policies"
-	"github.com/awslabs/goformation/v4/intrinsics"
+	"github.com/awslabs/goformation/v5/cloudformation"
+	"github.com/awslabs/goformation/v5/cloudformation/policies"
+	"github.com/awslabs/goformation/v5/intrinsics"
 	"go.uber.org/zap"
 )
 

diff --git a/pkg/iac-providers/cft/v1/sanitize-cft-template_test.go b/pkg/iac-providers/cft/v1/sanitize-cft-template_test.go
@@ -23,7 +23,7 @@ import (
 	"reflect"
 	"testing"
 
-	"github.com/awslabs/goformation/v4"
+	"github.com/awslabs/goformation/v5"
 )
 
 func TestCFTV1_sanitizeCftTemplate(t *testing.T) {

diff --git a/pkg/mapper/iac-providers/cft/cft.go b/pkg/mapper/iac-providers/cft/cft.go
@@ -19,59 +19,60 @@ package cft
 import (
 	"errors"
 
-	"github.com/awslabs/goformation/v4/cloudformation/autoscaling"
-	"github.com/awslabs/goformation/v4/cloudformation/certificatemanager"
-	"github.com/awslabs/goformation/v4/cloudformation/cloudfront"
-	"github.com/awslabs/goformation/v4/cloudformation/cloudtrail"
-	"github.com/awslabs/goformation/v4/cloudformation/codebuild"
-	"github.com/awslabs/goformation/v4/cloudformation/cognito"
-	"github.com/awslabs/goformation/v4/cloudformation/dms"
-	"github.com/awslabs/goformation/v4/cloudformation/emr"
-	"github.com/awslabs/goformation/v4/cloudformation/lambda"
-	"github.com/awslabs/goformation/v4/cloudformation/msk"
-	"github.com/awslabs/goformation/v4/cloudformation/sagemaker"
-	"github.com/awslabs/goformation/v4/cloudformation/sns"
-	"github.com/awslabs/goformation/v4/cloudformation/sqs"
+	"github.com/awslabs/goformation/v5/cloudformation/autoscaling"
+	"github.com/awslabs/goformation/v5/cloudformation/certificatemanager"
+	"github.com/awslabs/goformation/v5/cloudformation/cloudfront"
+	"github.com/awslabs/goformation/v5/cloudformation/cloudtrail"
+	"github.com/awslabs/goformation/v5/cloudformation/codebuild"
+	"github.com/awslabs/goformation/v5/cloudformation/cognito"
+	"github.com/awslabs/goformation/v5/cloudformation/dms"
+	"github.com/awslabs/goformation/v5/cloudformation/eks"
+	"github.com/awslabs/goformation/v5/cloudformation/emr"
+	"github.com/awslabs/goformation/v5/cloudformation/lambda"
+	"github.com/awslabs/goformation/v5/cloudformation/msk"
+	"github.com/awslabs/goformation/v5/cloudformation/sagemaker"
+	"github.com/awslabs/goformation/v5/cloudformation/sns"
+	"github.com/awslabs/goformation/v5/cloudformation/sqs"
 
-	cf "github.com/awslabs/goformation/v4/cloudformation/cloudformation"
-	cnf "github.com/awslabs/goformation/v4/cloudformation/config"
-	"github.com/awslabs/goformation/v4/cloudformation/ecr"
-	"github.com/awslabs/goformation/v4/cloudformation/neptune"
-	"github.com/awslabs/goformation/v4/cloudformation/secretsmanager"
-	"github.com/awslabs/goformation/v4/cloudformation/workspaces"
+	cf "github.com/awslabs/goformation/v5/cloudformation/cloudformation"
+	cnf "github.com/awslabs/goformation/v5/cloudformation/config"
+	"github.com/awslabs/goformation/v5/cloudformation/ecr"
+	"github.com/awslabs/goformation/v5/cloudformation/neptune"
+	"github.com/awslabs/goformation/v5/cloudformation/secretsmanager"
+	"github.com/awslabs/goformation/v5/cloudformation/workspaces"
 
-	"github.com/awslabs/goformation/v4/cloudformation/ec2"
-	"github.com/awslabs/goformation/v4/cloudformation/efs"
-	"github.com/awslabs/goformation/v4/cloudformation/elasticache"
+	"github.com/awslabs/goformation/v5/cloudformation/ec2"
+	"github.com/awslabs/goformation/v5/cloudformation/efs"
+	"github.com/awslabs/goformation/v5/cloudformation/elasticache"
 
-	"github.com/awslabs/goformation/v4/cloudformation/dax"
-	"github.com/awslabs/goformation/v4/cloudformation/dynamodb"
-	"github.com/awslabs/goformation/v4/cloudformation/rds"
+	"github.com/awslabs/goformation/v5/cloudformation/dax"
+	"github.com/awslabs/goformation/v5/cloudformation/dynamodb"
+	"github.com/awslabs/goformation/v5/cloudformation/rds"
 
-	"github.com/awslabs/goformation/v4/cloudformation/ecs"
-	"github.com/awslabs/goformation/v4/cloudformation/logs"
+	"github.com/awslabs/goformation/v5/cloudformation/ecs"
+	"github.com/awslabs/goformation/v5/cloudformation/logs"
 
 	"github.com/accurics/terrascan/pkg/iac-providers/output"
 	"github.com/accurics/terrascan/pkg/mapper/core"
 	"github.com/accurics/terrascan/pkg/mapper/iac-providers/cft/config"
 	"github.com/accurics/terrascan/pkg/mapper/iac-providers/cft/store"
 	"github.com/accurics/terrascan/pkg/utils"
-	"github.com/awslabs/goformation/v4/cloudformation"
-	"github.com/awslabs/goformation/v4/cloudformation/amazonmq"
-	"github.com/awslabs/goformation/v4/cloudformation/apigateway"
-	"github.com/awslabs/goformation/v4/cloudformation/apigatewayv2"
-	"github.com/awslabs/goformation/v4/cloudformation/docdb"
-	"github.com/awslabs/goformation/v4/cloudformation/elasticloadbalancing"
-	"github.com/awslabs/goformation/v4/cloudformation/elasticloadbalancingv2"
-	"github.com/awslabs/goformation/v4/cloudformation/elasticsearch"
-	"github.com/awslabs/goformation/v4/cloudformation/guardduty"
-	"github.com/awslabs/goformation/v4/cloudformation/iam"
-	"github.com/awslabs/goformation/v4/cloudformation/kinesis"
-	"github.com/awslabs/goformation/v4/cloudformation/kinesisfirehose"
-	"github.com/awslabs/goformation/v4/cloudformation/kms"
-	"github.com/awslabs/goformation/v4/cloudformation/redshift"
-	"github.com/awslabs/goformation/v4/cloudformation/route53"
-	"github.com/awslabs/goformation/v4/cloudformation/s3"
+	"github.com/awslabs/goformation/v5/cloudformation"
+	"github.com/awslabs/goformation/v5/cloudformation/amazonmq"
+	"github.com/awslabs/goformation/v5/cloudformation/apigateway"
+	"github.com/awslabs/goformation/v5/cloudformation/apigatewayv2"
+	"github.com/awslabs/goformation/v5/cloudformation/docdb"
+	"github.com/awslabs/goformation/v5/cloudformation/elasticloadbalancing"
+	"github.com/awslabs/goformation/v5/cloudformation/elasticloadbalancingv2"
+	"github.com/awslabs/goformation/v5/cloudformation/elasticsearch"
+	"github.com/awslabs/goformation/v5/cloudformation/guardduty"
+	"github.com/awslabs/goformation/v5/cloudformation/iam"
+	"github.com/awslabs/goformation/v5/cloudformation/kinesis"
+	"github.com/awslabs/goformation/v5/cloudformation/kinesisfirehose"
+	"github.com/awslabs/goformation/v5/cloudformation/kms"
+	"github.com/awslabs/goformation/v5/cloudformation/redshift"
+	"github.com/awslabs/goformation/v5/cloudformation/route53"
+	"github.com/awslabs/goformation/v5/cloudformation/s3"
 )
 
 const errUnsupportedDoc = "unsupported document type"
@@ -169,6 +170,8 @@ func (m cftMapper) mapConfigForResource(r cloudformation.Resource, resourceName
 		return config.GetSecurityGroupConfig(resource)
 	case *ec2.Volume:
 		return config.GetEbsVolumeConfig(resource)
+	case *ec2.VPC:
+		return config.GetEc2VpcConfig(resource)
 	case *efs.FileSystem:
 		return config.GetEfsFileSystemConfig(resource)
 	case *elasticache.CacheCluster:
@@ -253,6 +256,8 @@ func (m cftMapper) mapConfigForResource(r cloudformation.Resource, resourceName
 		return config.GetEmrClusterConfig(resource)
 	case *msk.Cluster:
 		return config.GetMskClusterConfig(resource)
+	case *eks.Cluster:
+		return config.GetEksClusterConfig(resource)
 	default:
 	}
 	return []config.AWSResourceConfig{}

diff --git a/pkg/mapper/iac-providers/cft/config/api-gateway-rest-api.go b/pkg/mapper/iac-providers/cft/config/api-gateway-rest-api.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/apigateway"
+	"github.com/awslabs/goformation/v5/cloudformation/apigateway"
 )
 
 // APIGatewayRestAPIConfig holds config for aws_api_gateway_rest_api

diff --git a/pkg/mapper/iac-providers/cft/config/api-gateway-stage.go b/pkg/mapper/iac-providers/cft/config/api-gateway-stage.go
@@ -19,7 +19,7 @@ package config
 import (
 	"fmt"
 
-	"github.com/awslabs/goformation/v4/cloudformation/apigateway"
+	"github.com/awslabs/goformation/v5/cloudformation/apigateway"
 )
 
 const (

diff --git a/pkg/mapper/iac-providers/cft/config/api-gatewayv2-stage.go b/pkg/mapper/iac-providers/cft/config/api-gatewayv2-stage.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/apigatewayv2"
+	"github.com/awslabs/goformation/v5/cloudformation/apigatewayv2"
 )
 
 // APIGatewayV2StageConfig holds config for aws_api_gatewayv2_stage

diff --git a/pkg/mapper/iac-providers/cft/config/autoscaling-launch-configuration.go b/pkg/mapper/iac-providers/cft/config/autoscaling-launch-configuration.go
@@ -20,7 +20,7 @@ import (
 	"encoding/base64"
 	"unicode"
 
-	"github.com/awslabs/goformation/v4/cloudformation/autoscaling"
+	"github.com/awslabs/goformation/v5/cloudformation/autoscaling"
 )
 
 // EbsBlockDeviceBlock holds config for EbsBlockDevice

diff --git a/pkg/mapper/iac-providers/cft/config/certificatemanager-certificate.go b/pkg/mapper/iac-providers/cft/config/certificatemanager-certificate.go
@@ -16,7 +16,7 @@
 
 package config
 
-import "github.com/awslabs/goformation/v4/cloudformation/certificatemanager"
+import "github.com/awslabs/goformation/v5/cloudformation/certificatemanager"
 
 // CertificateManagerCertificateConfig holds config for CertificateManagerCertificate
 type CertificateManagerCertificateConfig struct {

diff --git a/pkg/mapper/iac-providers/cft/config/cloudformation-stack.go b/pkg/mapper/iac-providers/cft/config/cloudformation-stack.go
@@ -18,7 +18,7 @@ package config
 
 import (
 	fn "github.com/accurics/terrascan/pkg/mapper/iac-providers/cft/functions"
-	"github.com/awslabs/goformation/v4/cloudformation/cloudformation"
+	"github.com/awslabs/goformation/v5/cloudformation/cloudformation"
 )
 
 // CloudFormationStackConfig holds config for aws_cloudformation_stack

diff --git a/pkg/mapper/iac-providers/cft/config/cloudfront-distribution.go b/pkg/mapper/iac-providers/cft/config/cloudfront-distribution.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/cloudfront"
+	"github.com/awslabs/goformation/v5/cloudformation/cloudfront"
 )
 
 // CloudFrontDistributionConfig holds config for aws_cloudfront_distribution

diff --git a/pkg/mapper/iac-providers/cft/config/cloudtrail.go b/pkg/mapper/iac-providers/cft/config/cloudtrail.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/cloudtrail"
+	"github.com/awslabs/goformation/v5/cloudformation/cloudtrail"
 )
 
 // CloudTrailConfig holds config for aws_cloudtrail

diff --git a/pkg/mapper/iac-providers/cft/config/cloudwatch-log-group.go b/pkg/mapper/iac-providers/cft/config/cloudwatch-log-group.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/logs"
+	"github.com/awslabs/goformation/v5/cloudformation/logs"
 )
 
 // LogCloudWatchGroupConfig holds config for aws_cloudwatch_log_group

diff --git a/pkg/mapper/iac-providers/cft/config/codebuild-project.go b/pkg/mapper/iac-providers/cft/config/codebuild-project.go
@@ -16,7 +16,7 @@
 
 package config
 
-import "github.com/awslabs/goformation/v4/cloudformation/codebuild"
+import "github.com/awslabs/goformation/v5/cloudformation/codebuild"
 
 // ArtifactBlock holds config for ArtifactBlock
 type ArtifactBlock struct {

diff --git a/pkg/mapper/iac-providers/cft/config/cognito-user-pool.go b/pkg/mapper/iac-providers/cft/config/cognito-user-pool.go
@@ -16,7 +16,7 @@
 
 package config
 
-import "github.com/awslabs/goformation/v4/cloudformation/cognito"
+import "github.com/awslabs/goformation/v5/cloudformation/cognito"
 
 // PasswordPolicyBlock holds config for PasswordPolicy
 type PasswordPolicyBlock struct {

diff --git a/pkg/mapper/iac-providers/cft/config/config-configrule.go b/pkg/mapper/iac-providers/cft/config/config-configrule.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/config"
+	"github.com/awslabs/goformation/v5/cloudformation/config"
 )
 
 // AWSConfigConfigRuleConfig holds config for aws_config_config_rule

diff --git a/pkg/mapper/iac-providers/cft/config/config-configurationaggregator.go b/pkg/mapper/iac-providers/cft/config/config-configurationaggregator.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/config"
+	"github.com/awslabs/goformation/v5/cloudformation/config"
 )
 
 // ConfigurationAggregatorConfig holds config for aws_config_configuration_aggregator

diff --git a/pkg/mapper/iac-providers/cft/config/dax-cluster.go b/pkg/mapper/iac-providers/cft/config/dax-cluster.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/dax"
+	"github.com/awslabs/goformation/v5/cloudformation/dax"
 )
 
 // DaxClusterConfig holds config for aws_dax_cluster

diff --git a/pkg/mapper/iac-providers/cft/config/db-instance.go b/pkg/mapper/iac-providers/cft/config/db-instance.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/rds"
+	"github.com/awslabs/goformation/v5/cloudformation/rds"
 )
 
 // DBInstanceConfig holds config for aws_db_instance

diff --git a/pkg/mapper/iac-providers/cft/config/db-security-group.go b/pkg/mapper/iac-providers/cft/config/db-security-group.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/rds"
+	"github.com/awslabs/goformation/v5/cloudformation/rds"
 )
 
 // DBSecurityGroupConfig holds config for aws_db_security_group

diff --git a/pkg/mapper/iac-providers/cft/config/dms-replication-instance.go b/pkg/mapper/iac-providers/cft/config/dms-replication-instance.go
@@ -16,7 +16,7 @@
 
 package config
 
-import "github.com/awslabs/goformation/v4/cloudformation/dms"
+import "github.com/awslabs/goformation/v5/cloudformation/dms"
 
 // DmsReplicationInstanceConfig holds config for DmsReplicationInstance
 type DmsReplicationInstanceConfig struct {

diff --git a/pkg/mapper/iac-providers/cft/config/docdb-cluster.go b/pkg/mapper/iac-providers/cft/config/docdb-cluster.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/docdb"
+	"github.com/awslabs/goformation/v5/cloudformation/docdb"
 )
 
 // DocDBClusterConfig holds config for aws_docdb_cluster

diff --git a/pkg/mapper/iac-providers/cft/config/dynamodb-table.go b/pkg/mapper/iac-providers/cft/config/dynamodb-table.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/dynamodb"
+	"github.com/awslabs/goformation/v5/cloudformation/dynamodb"
 )
 
 // DynamoDBTableConfig holds config for aws_dynamodb_table

diff --git a/pkg/mapper/iac-providers/cft/config/ebs-volume.go b/pkg/mapper/iac-providers/cft/config/ebs-volume.go
@@ -17,7 +17,7 @@
 package config
 
 import (
-	"github.com/awslabs/goformation/v4/cloudformation/ec2"
+	"github.com/awslabs/goformation/v5/cloudformation/ec2"
 )
 
 // EbsVolumeConfig holds config for aws_ebs_volume

diff --git a/pkg/mapper/iac-providers/cft/config/ec2-instance.go b/pkg/mapper/iac-providers/cft/config/ec2-instance.go
@@ -21,7 +21,7 @@ import (
 	"strconv"
 
 	"github.com/accurics/terrascan/pkg/mapper/iac-providers/cft/store"
-	"github.com/awslabs/goformation/v4/cloudformation/ec2"
+	"github.com/awslabs/goformation/v5/cloudformation/ec2"
 )
 
 // GetNetworkInterface represents subresource aws_network_interface for NetworkInterface attribute
-Original file line number
+Diff line change
@@ Expand Up / @@ -19,7 +19,7 @@ package config @@
     import (
     	"fmt"
-    	"github.com/awslabs/goformation/v4/cloudformation/apigateway"
+    	"github.com/awslabs/goformation/v5/cloudformation/apigateway"
     )
     const (
@@ Expand Down @@