diff --git a/providers/aws/resources/aws_dms.go b/providers/aws/resources/aws_dms.go index 97172fd2c4..eacb2caac5 100644 --- a/providers/aws/resources/aws_dms.go +++ b/providers/aws/resources/aws_dms.go @@ -5,9 +5,9 @@ package resources import ( "context" + "errors" "github.com/aws/aws-sdk-go-v2/service/databasemigrationservice" - "github.com/aws/aws-sdk-go-v2/service/databasemigrationservice/types" "github.com/rs/zerolog/log" "go.mondoo.com/cnquery/v10/providers-sdk/v1/util/convert" "go.mondoo.com/cnquery/v10/providers-sdk/v1/util/jobpool" @@ -21,7 +21,7 @@ func (a *mqlAwsDms) id() (string, error) { func (a *mqlAwsDms) replicationInstances() ([]interface{}, error) { conn := a.MqlRuntime.Connection.(*connection.AwsConnection) - res := []types.ReplicationInstance{} + res := []interface{}{} poolOfJobs := jobpool.CreatePool(a.getReplicationInstances(conn), 5) poolOfJobs.Run() @@ -29,11 +29,21 @@ func (a *mqlAwsDms) replicationInstances() ([]interface{}, error) { if poolOfJobs.HasErrors() { return nil, poolOfJobs.GetErrors() } + var errs []error // get all the results for i := range poolOfJobs.Jobs { - res = append(res, poolOfJobs.Jobs[i].Result.([]types.ReplicationInstance)...) + if poolOfJobs.Jobs[i].Err != nil { + errs = append(errs, poolOfJobs.Jobs[i].Err) + } + if poolOfJobs.Jobs[i].Result != nil { + res = append(res, poolOfJobs.Jobs[i].Result.([]interface{})...) + } + } + converted, err := convert.JsonToDictSlice(res) + if err != nil { + return nil, err } - return convert.JsonToDictSlice(res) + return converted, errors.Join(errs...) } func (a *mqlAwsDms) getReplicationInstances(conn *connection.AwsConnection) []*jobpool.Job { @@ -50,7 +60,7 @@ func (a *mqlAwsDms) getReplicationInstances(conn *connection.AwsConnection) []*j svc := conn.Dms(regionVal) ctx := context.Background() - replicationInstancesAggregated := []types.ReplicationInstance{} + res := []interface{}{} var marker *string for { @@ -58,18 +68,23 @@ func (a *mqlAwsDms) getReplicationInstances(conn *connection.AwsConnection) []*j if err != nil { if Is400AccessDeniedError(err) { log.Warn().Str("region", regionVal).Msg("error accessing region for AWS API") - return tasks, nil + return nil, nil } return nil, err } - replicationInstancesAggregated = append(replicationInstancesAggregated, replicationInstances.ReplicationInstances...) + + mqlRep, err := convert.JsonToDictSlice(replicationInstances.ReplicationInstances) + if err != nil { + return nil, err + } + res = append(res, mqlRep...) if replicationInstances.Marker == nil { break } marker = replicationInstances.Marker } - return jobpool.JobResult(replicationInstancesAggregated), nil + return jobpool.JobResult(res), nil } tasks = append(tasks, jobpool.NewJob(f)) } diff --git a/providers/aws/resources/aws_ec2.go b/providers/aws/resources/aws_ec2.go index ddf61a974c..4dd9461234 100644 --- a/providers/aws/resources/aws_ec2.go +++ b/providers/aws/resources/aws_ec2.go @@ -508,8 +508,10 @@ func (a *mqlAwsEc2) ebsEncryptionByDefault() (map[string]interface{}, error) { } // get all the results for i := range poolOfJobs.Jobs { - jobResult := poolOfJobs.Jobs[i].Result.(ebsEncryption) - res[jobResult.region] = jobResult.ebsEncryptionByDefault + if poolOfJobs.Jobs[i].Result != nil { + jobResult := poolOfJobs.Jobs[i].Result.(ebsEncryption) + res[jobResult.region] = jobResult.ebsEncryptionByDefault + } } return res, nil } @@ -528,13 +530,12 @@ func (a *mqlAwsEc2) getEbsEncryptionPerRegion(conn *connection.AwsConnection) [] svc := conn.Ec2(regionVal) ctx := context.Background() - res := []interface{}{} ebsEncryptionRes, err := svc.GetEbsEncryptionByDefault(ctx, &ec2.GetEbsEncryptionByDefaultInput{}) if err != nil { if Is400AccessDeniedError(err) { log.Warn().Str("region", regionVal).Msg("error accessing region for AWS API") - return res, nil + return nil, nil } return nil, err } diff --git a/providers/aws/resources/aws_elasticache.go b/providers/aws/resources/aws_elasticache.go index c4ec6ea4cb..815770b4a1 100644 --- a/providers/aws/resources/aws_elasticache.go +++ b/providers/aws/resources/aws_elasticache.go @@ -8,7 +8,6 @@ import ( "fmt" "github.com/aws/aws-sdk-go-v2/service/elasticache" - ecstypes "github.com/aws/aws-sdk-go-v2/service/elasticache/types" "github.com/rs/zerolog/log" "go.mondoo.com/cnquery/v10/llx" @@ -36,7 +35,7 @@ func (a *mqlAwsElasticache) clusters() ([]interface{}, error) { // get all the results for i := range poolOfJobs.Jobs { if poolOfJobs.Jobs[i].Result != nil { - res = append(res, poolOfJobs.Jobs[i].Result.([]interface{})...) + res = append(res, poolOfJobs.Jobs[i].Result.(interface{})) } } @@ -57,7 +56,7 @@ func (a *mqlAwsElasticache) getClusters(conn *connection.AwsConnection) []*jobpo svc := conn.Elasticache(regionVal) ctx := context.Background() - res := []ecstypes.CacheCluster{} + var res interface{} var marker *string for { @@ -72,7 +71,6 @@ func (a *mqlAwsElasticache) getClusters(conn *connection.AwsConnection) []*jobpo if len(clusters.CacheClusters) == 0 { return nil, nil } - res = append(res, clusters.CacheClusters...) if clusters.Marker == nil { break } diff --git a/providers/aws/resources/shared.go b/providers/aws/resources/shared.go index 2c75cbbdcb..e016c94c9b 100644 --- a/providers/aws/resources/shared.go +++ b/providers/aws/resources/shared.go @@ -16,8 +16,8 @@ import ( "go.mondoo.com/cnquery/v10/llx" "go.mondoo.com/cnquery/v10/providers-sdk/v1/inventory" "go.mondoo.com/cnquery/v10/providers-sdk/v1/plugin" - "go.mondoo.com/cnquery/v10/providers/network/resources/certificates" "go.mondoo.com/cnquery/v10/providers/aws/connection" + "go.mondoo.com/cnquery/v10/providers/network/resources/certificates" "go.mondoo.com/cnquery/v10/types" "k8s.io/client-go/util/cert" ) @@ -58,7 +58,7 @@ func (a *mqlAws) regions() ([]interface{}, error) { func Is400AccessDeniedError(err error) bool { var respErr *http.ResponseError if errors.As(err, &respErr) { - if respErr.HTTPStatusCode() == 400 && strings.Contains(respErr.Error(), "AccessDeniedException") { + if (respErr.HTTPStatusCode() == 400 || respErr.HTTPStatusCode() == 403) && (strings.Contains(respErr.Error(), "AccessDenied") || strings.Contains(respErr.Error(), "UnauthorizedOperation") || strings.Contains(respErr.Error(), "AuthorizationError")) { return true } }