From 132cc97e93042505c392f1b817403b2acb6934df Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Sun, 10 Dec 2023 22:28:17 -0800 Subject: [PATCH] New defaults and fields for aws.ec2.volume (#2784) Signed-off-by: Tim Smith --- providers/aws/resources/aws.lr | 10 +++- providers/aws/resources/aws.lr.go | 48 ++++++++++++++++++++ providers/aws/resources/aws.lr.manifest.yaml | 8 ++++ providers/aws/resources/aws_ec2.go | 24 ++++++---- 4 files changed, 79 insertions(+), 11 deletions(-) diff --git a/providers/aws/resources/aws.lr b/providers/aws/resources/aws.lr index fe7a95d37e..41b6f95b89 100644 --- a/providers/aws/resources/aws.lr +++ b/providers/aws/resources/aws.lr @@ -1754,7 +1754,7 @@ private aws.ec2.snapshot @defaults("arn") { } // Amazon EC2 volume -private aws.ec2.volume @defaults("arn encrypted state") { +private aws.ec2.volume @defaults("id region volumeType size encrypted state") { // ARN for the EC2 volume arn string // ID of the EC2 volume @@ -1775,6 +1775,14 @@ private aws.ec2.volume @defaults("arn encrypted state") { createTime time // Region where the EC2 volume is stored region string + // Whether Amazon EBS Multi-Attach is enabled. + multiAttachEnabled bool + // The throughput that the volume supports, in MiB/s. + throughput int + // The size of the volume, in GiBs. + size int + // The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. + iops int } // Amazon EC2 instance diff --git a/providers/aws/resources/aws.lr.go b/providers/aws/resources/aws.lr.go index e70b71da6e..e23cd9a9bd 100644 --- a/providers/aws/resources/aws.lr.go +++ b/providers/aws/resources/aws.lr.go @@ -2546,6 +2546,18 @@ var getDataFields = map[string]func(r plugin.Resource) *plugin.DataRes{ "aws.ec2.volume.region": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEc2Volume).GetRegion()).ToDataRes(types.String) }, + "aws.ec2.volume.multiAttachEnabled": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEc2Volume).GetMultiAttachEnabled()).ToDataRes(types.Bool) + }, + "aws.ec2.volume.throughput": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEc2Volume).GetThroughput()).ToDataRes(types.Int) + }, + "aws.ec2.volume.size": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEc2Volume).GetSize()).ToDataRes(types.Int) + }, + "aws.ec2.volume.iops": func(r plugin.Resource) *plugin.DataRes { + return (r.(*mqlAwsEc2Volume).GetIops()).ToDataRes(types.Int) + }, "aws.ec2.instance.arn": func(r plugin.Resource) *plugin.DataRes { return (r.(*mqlAwsEc2Instance).GetArn()).ToDataRes(types.String) }, @@ -5910,6 +5922,22 @@ var setDataFields = map[string]func(r plugin.Resource, v *llx.RawData) bool { r.(*mqlAwsEc2Volume).Region, ok = plugin.RawToTValue[string](v.Value, v.Error) return }, + "aws.ec2.volume.multiAttachEnabled": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEc2Volume).MultiAttachEnabled, ok = plugin.RawToTValue[bool](v.Value, v.Error) + return + }, + "aws.ec2.volume.throughput": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEc2Volume).Throughput, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, + "aws.ec2.volume.size": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEc2Volume).Size, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, + "aws.ec2.volume.iops": func(r plugin.Resource, v *llx.RawData) (ok bool) { + r.(*mqlAwsEc2Volume).Iops, ok = plugin.RawToTValue[int64](v.Value, v.Error) + return + }, "aws.ec2.instance.__id": func(r plugin.Resource, v *llx.RawData) (ok bool) { r.(*mqlAwsEc2Instance).__id, ok = v.Value.(string) return @@ -15634,6 +15662,10 @@ type mqlAwsEc2Volume struct { VolumeType plugin.TValue[string] CreateTime plugin.TValue[*time.Time] Region plugin.TValue[string] + MultiAttachEnabled plugin.TValue[bool] + Throughput plugin.TValue[int64] + Size plugin.TValue[int64] + Iops plugin.TValue[int64] } // createAwsEc2Volume creates a new instance of this resource @@ -15713,6 +15745,22 @@ func (c *mqlAwsEc2Volume) GetRegion() *plugin.TValue[string] { return &c.Region } +func (c *mqlAwsEc2Volume) GetMultiAttachEnabled() *plugin.TValue[bool] { + return &c.MultiAttachEnabled +} + +func (c *mqlAwsEc2Volume) GetThroughput() *plugin.TValue[int64] { + return &c.Throughput +} + +func (c *mqlAwsEc2Volume) GetSize() *plugin.TValue[int64] { + return &c.Size +} + +func (c *mqlAwsEc2Volume) GetIops() *plugin.TValue[int64] { + return &c.Iops +} + // mqlAwsEc2Instance for the aws.ec2.instance resource type mqlAwsEc2Instance struct { MqlRuntime *plugin.Runtime diff --git a/providers/aws/resources/aws.lr.manifest.yaml b/providers/aws/resources/aws.lr.manifest.yaml index 38a1713b54..41b968c932 100755 --- a/providers/aws/resources/aws.lr.manifest.yaml +++ b/providers/aws/resources/aws.lr.manifest.yaml @@ -1093,9 +1093,17 @@ resources: min_mondoo_version: 5.25.0 encrypted: {} id: {} + iops: + min_mondoo_version: 9.11.0 + multiAttachEnabled: + min_mondoo_version: 9.11.0 region: {} + size: + min_mondoo_version: 9.11.0 state: {} tags: {} + throughput: + min_mondoo_version: 9.11.0 volumeType: {} is_private: true min_mondoo_version: 5.15.0 diff --git a/providers/aws/resources/aws_ec2.go b/providers/aws/resources/aws_ec2.go index b84843e2bc..34a602003b 100644 --- a/providers/aws/resources/aws_ec2.go +++ b/providers/aws/resources/aws_ec2.go @@ -1051,16 +1051,20 @@ func (a *mqlAwsEc2) getVolumes(conn *connection.AwsConnection) []*jobpool.Job { } mqlVol, err := CreateResource(a.MqlRuntime, "aws.ec2.volume", map[string]*llx.RawData{ - "arn": llx.StringData(fmt.Sprintf(volumeArnPattern, region, conn.AccountId(), convert.ToString(vol.VolumeId))), - "id": llx.StringData(convert.ToString(vol.VolumeId)), - "attachments": llx.ArrayData(jsonAttachments, types.Any), - "encrypted": llx.BoolData(convert.ToBool(vol.Encrypted)), - "state": llx.StringData(string(vol.State)), - "tags": llx.MapData(Ec2TagsToMap(vol.Tags), types.String), - "availabilityZone": llx.StringData(convert.ToString(vol.AvailabilityZone)), - "volumeType": llx.StringData(string(vol.VolumeType)), - "createTime": llx.TimeDataPtr(vol.CreateTime), - "region": llx.StringData(regionVal), + "arn": llx.StringData(fmt.Sprintf(volumeArnPattern, region, conn.AccountId(), convert.ToString(vol.VolumeId))), + "attachments": llx.ArrayData(jsonAttachments, types.Any), + "availabilityZone": llx.StringDataPtr(vol.AvailabilityZone), + "createTime": llx.TimeDataPtr(vol.CreateTime), + "encrypted": llx.BoolDataPtr(vol.Encrypted), + "id": llx.StringDataPtr(vol.VolumeId), + "iops": llx.IntData(convert.ToInt64From32(vol.Iops)), + "multiAttachEnabled": llx.BoolDataPtr(vol.MultiAttachEnabled), + "region": llx.StringData(regionVal), + "size": llx.IntData(convert.ToInt64From32(vol.Size)), + "state": llx.StringData(string(vol.State)), + "tags": llx.MapData(Ec2TagsToMap(vol.Tags), types.String), + "throughput": llx.IntData(convert.ToInt64From32(vol.Throughput)), + "volumeType": llx.StringData(string(vol.VolumeType)), }) if err != nil { return nil, err