add: accessanalyzer adapter

aquasecurity · Feb 15, 2023 · 88d9a3a · 88d9a3a
1 parent 2bc1852
commit 88d9a3a
Show file tree

Hide file tree

Showing 4 changed files with 76 additions and 4 deletions.
diff --git a/internal/adapters/cloudformation/aws/accessanalyzer/accessanalyzer.go b/internal/adapters/cloudformation/aws/accessanalyzer/accessanalyzer.go
@@ -0,0 +1,13 @@
+package accessanalyzer
+
+import (
+	"github.com/aquasecurity/defsec/pkg/providers/aws/accessanalyzer"
+	"github.com/aquasecurity/defsec/pkg/scanners/cloudformation/parser"
+)
+
+// Adapt ...
+func Adapt(cfFile parser.FileContext) accessanalyzer.AccessAnalyzer {
+	return accessanalyzer.AccessAnalyzer{
+		Analyzers: getAccessAnalyzer(cfFile),
+	}
+}
diff --git a/internal/adapters/cloudformation/aws/accessanalyzer/analyzer.go b/internal/adapters/cloudformation/aws/accessanalyzer/analyzer.go
@@ -0,0 +1,21 @@
+package accessanalyzer
+
+import (
+	"github.com/aquasecurity/defsec/pkg/providers/aws/accessanalyzer"
+	"github.com/aquasecurity/defsec/pkg/scanners/cloudformation/parser"
+)
+
+func getAccessAnalyzer(ctx parser.FileContext) (analyzers []accessanalyzer.Analyzer) {
+
+	analyzersList := ctx.GetResourcesByType("AWS::AccessAnalyzer::Analyzer")
+
+	for _, r := range analyzersList {
+		aa := accessanalyzer.Analyzer{
+			Metadata: r.Metadata(),
+			Name:     r.GetStringProperty("AnalyzerName"),
+		}
+
+		analyzers = append(analyzers, aa)
+	}
+	return analyzers
+}
diff --git a/internal/adapters/terraform/aws/accessanalyzer/accessanalyzer.go b/internal/adapters/terraform/aws/accessanalyzer/accessanalyzer.go
@@ -0,0 +1,38 @@
+package accessanalyzer
+
+import (
+	"github.com/aquasecurity/defsec/pkg/providers/aws/accessanalyzer"
+	"github.com/aquasecurity/defsec/pkg/terraform"
+)
+
+func Adapt(modules terraform.Modules) accessanalyzer.AccessAnalyzer {
+	return accessanalyzer.AccessAnalyzer{
+		Analyzers: adaptTrails(modules),
+	}
+}
+
+func adaptTrails(modules terraform.Modules) []accessanalyzer.Analyzer {
+	var analyzer []accessanalyzer.Analyzer
+
+	for _, module := range modules {
+		for _, resource := range module.GetResourcesByType("aws_accessanalyzer_analyzer") {
+			analyzer = append(analyzer, adaptAnalyzers(resource))
+		}
+	}
+	return analyzer
+}
+
+func adaptAnalyzers(resource *terraform.Block) accessanalyzer.Analyzer {
+
+	analyzerName := resource.GetAttribute("analyzer_name")
+	analyzerNameAttr := analyzerName.AsStringValueOrDefault("", resource)
+
+	arnAnalyzer := resource.GetAttribute("arn")
+	arnAnalyzerAttr := arnAnalyzer.AsStringValueOrDefault("", resource)
+
+	return accessanalyzer.Analyzer{
+		Metadata: resource.GetMetadata(),
+		Name:     analyzerNameAttr,
+		ARN:      arnAnalyzerAttr,
+	}
+}
diff --git a/pkg/providers/aws/accessanalyzer/aa.go b/pkg/providers/aws/accessanalyzer/aa.go
@@ -7,8 +7,8 @@ type AccessAnalyzer struct {
 }
 
 type Analyzer struct {
-	types.Metadata
-	ARN    types.StringValue
-	Name   types.StringValue
-	Active types.BoolValue
+	Metadata types.Metadata
+	ARN      types.StringValue
+	Name     types.StringValue
+	Active   types.BoolValue
 }