From c4d1d8a47c796097b3d8c6c918c988af6ce65654 Mon Sep 17 00:00:00 2001
From: vjeffrey <vj@mondoo.com>
Date: Tue, 23 Jan 2024 10:28:39 -0700
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20aws=20resource=20fixes=20(#3083)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* 🐛 fix aws elb loadbalancer attributes

* 🧹 add dynamodb global table discovery

* 🧹 add log message for required namespace for aws applicationautoscaling

* 🧹 fixups
---
 .../resources/aws_applicationautoscaling.go   |  3 ++
 providers/aws/resources/aws_elb.go            | 35 +++++++++++++++++--
 providers/aws/resources/discovery.go          | 12 ++++++-
 3 files changed, 47 insertions(+), 3 deletions(-)

diff --git a/providers/aws/resources/aws_applicationautoscaling.go b/providers/aws/resources/aws_applicationautoscaling.go
index f7e2847c93..ed65a96f2c 100644
--- a/providers/aws/resources/aws_applicationautoscaling.go
+++ b/providers/aws/resources/aws_applicationautoscaling.go
@@ -31,6 +31,9 @@ func (a *mqlAwsApplicationautoscalingTarget) id() (string, error) {
 func (a *mqlAwsApplicationAutoscaling) scalableTargets() ([]interface{}, error) {
 	conn := a.MqlRuntime.Connection.(*connection.AwsConnection)
 	namespace := a.Namespace.Data
+	if namespace == "" {
+		return nil, errors.New("namespace required for application autoscaling query. please specify one of [comprehend, rds, sagemaker, appstream, elasticmapreduce, dynamodb, lambda, ecs, cassandra, ec2, neptune, kafka, custom-resource, elasticache]")
+	}
 
 	res := []interface{}{}
 	poolOfJobs := jobpool.CreatePool(a.getTargets(conn, aatypes.ServiceNamespace(namespace)), 5)
diff --git a/providers/aws/resources/aws_elb.go b/providers/aws/resources/aws_elb.go
index 6f772ae0be..12445fa273 100644
--- a/providers/aws/resources/aws_elb.go
+++ b/providers/aws/resources/aws_elb.go
@@ -7,9 +7,11 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 
 	"github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing"
 	"github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2"
+	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/rs/zerolog/log"
 	"go.mondoo.com/cnquery/v10/llx"
 	"go.mondoo.com/cnquery/v10/providers-sdk/v1/plugin"
@@ -215,8 +217,12 @@ func (a *mqlAwsElbLoadbalancer) listenerDescriptions() ([]interface{}, error) {
 	if err != nil {
 		return nil, err
 	}
-	svc := conn.Elbv2(region)
 	ctx := context.Background()
+
+	if isV1LoadBalancerArn(arn) {
+		return a.ListenerDescriptions.Data, nil
+	}
+	svc := conn.Elbv2(region)
 	listeners, err := svc.DescribeListeners(ctx, &elasticloadbalancingv2.DescribeListenersInput{LoadBalancerArn: &arn})
 	if err != nil {
 		return nil, err
@@ -227,16 +233,41 @@ func (a *mqlAwsElbLoadbalancer) listenerDescriptions() ([]interface{}, error) {
 func (a *mqlAwsElbLoadbalancer) attributes() ([]interface{}, error) {
 	conn := a.MqlRuntime.Connection.(*connection.AwsConnection)
 	arn := a.Arn.Data
+	name := a.Name.Data
 
 	region, err := GetRegionFromArn(arn)
 	if err != nil {
 		return nil, err
 	}
-	svc := conn.Elbv2(region)
 	ctx := context.Background()
+
+	if isV1LoadBalancerArn(arn) {
+		svc := conn.Elb(region)
+		attributes, err := svc.DescribeLoadBalancerAttributes(ctx, &elasticloadbalancing.DescribeLoadBalancerAttributesInput{LoadBalancerName: &name})
+		if err != nil {
+			return nil, err
+		}
+		j, err := convert.JsonToDict(attributes.LoadBalancerAttributes)
+		if err != nil {
+			return nil, err
+		}
+		return []interface{}{j}, nil
+	}
+	svc := conn.Elbv2(region)
 	attributes, err := svc.DescribeLoadBalancerAttributes(ctx, &elasticloadbalancingv2.DescribeLoadBalancerAttributesInput{LoadBalancerArn: &arn})
 	if err != nil {
 		return nil, err
 	}
 	return convert.JsonToDictSlice(attributes.Attributes)
 }
+
+func isV1LoadBalancerArn(a string) bool {
+	arnVal, err := arn.Parse(a)
+	if err != nil {
+		return false
+	}
+	if strings.Contains(arnVal.Resource, "classic") {
+		return true
+	}
+	return false
+}
diff --git a/providers/aws/resources/discovery.go b/providers/aws/resources/discovery.go
index 69a73196a4..e031ee345f 100644
--- a/providers/aws/resources/discovery.go
+++ b/providers/aws/resources/discovery.go
@@ -41,6 +41,7 @@ const (
 	DiscoveryCloudwatchLoggroups        = "cloudwatch-loggroups"
 	DiscoveryLambdaFunctions            = "lambda-functions"
 	DiscoveryDynamoDBTables             = "dynamodb-tables"
+	DiscoveryDynamoDBGlobalTables       = "dynamodb-global-tables"
 	DiscoveryRedshiftClusters           = "redshift-clusters"
 	DiscoveryVolumes                    = "ec2-volumes"
 	DiscoverySnapshots                  = "ec2-snapshots"
@@ -80,6 +81,7 @@ var AllAPIResources = []string{
 	DiscoveryCloudwatchLoggroups,
 	DiscoveryLambdaFunctions,
 	DiscoveryDynamoDBTables,
+	DiscoveryDynamoDBGlobalTables,
 	DiscoveryRedshiftClusters,
 	DiscoveryVolumes,
 	DiscoverySnapshots,
@@ -709,7 +711,15 @@ func discover(runtime *plugin.Runtime, awsAccount *mqlAwsAccount, target string,
 			}
 			assetList = append(assetList, MqlObjectToAsset(accountId, m, conn))
 		}
-		ts = d.GetGlobalTables()
+	case DiscoveryDynamoDBGlobalTables:
+		res, err := NewResource(runtime, "aws.dynamodb", map[string]*llx.RawData{})
+		if err != nil {
+			return nil, err
+		}
+
+		d := res.(*mqlAwsDynamodb)
+
+		ts := d.GetGlobalTables()
 		if ts == nil {
 			return assetList, nil
 		}