diff --git a/providers/aws/resources/aws.lr b/providers/aws/resources/aws.lr index d04fd999e9..bce64ee084 100644 --- a/providers/aws/resources/aws.lr +++ b/providers/aws/resources/aws.lr @@ -891,7 +891,7 @@ private aws.iam.virtualmfadevice @defaults("serialNumber") { // Time when the MFA device was enabled enableDate time // User associated with the MFA device - user aws.iam.user + user() aws.iam.user } // AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) diff --git a/providers/aws/resources/aws.lr.go b/providers/aws/resources/aws.lr.go index 576b502a4d..9292a41833 100644 --- a/providers/aws/resources/aws.lr.go +++ b/providers/aws/resources/aws.lr.go @@ -15721,7 +15721,7 @@ func (c *mqlAwsIamGroup) GetUsernames() *plugin.TValue[[]interface{}] { type mqlAwsIamVirtualmfadevice struct { MqlRuntime *plugin.Runtime __id string - // optional: if you define mqlAwsIamVirtualmfadeviceInternal it will be used here + mqlAwsIamVirtualmfadeviceInternal SerialNumber plugin.TValue[string] EnableDate plugin.TValue[*time.Time] User plugin.TValue[*mqlAwsIamUser] @@ -15773,7 +15773,19 @@ func (c *mqlAwsIamVirtualmfadevice) GetEnableDate() *plugin.TValue[*time.Time] { } func (c *mqlAwsIamVirtualmfadevice) GetUser() *plugin.TValue[*mqlAwsIamUser] { - return &c.User + return plugin.GetOrCompute[*mqlAwsIamUser](&c.User, func() (*mqlAwsIamUser, error) { + if c.MqlRuntime.HasRecording { + d, err := c.MqlRuntime.FieldResourceFromRecording("aws.iam.virtualmfadevice", c.__id, "user") + if err != nil { + return nil, err + } + if d != nil { + return d.Value.(*mqlAwsIamUser), nil + } + } + + return c.user() + }) } // mqlAwsIamAccessAnalyzer for the aws.iam.accessAnalyzer resource @@ -16200,7 +16212,7 @@ func (c *mqlAwsSagemakerNotebookinstance) GetTags() *plugin.TValue[map[string]in type mqlAwsSagemakerNotebookinstanceDetails struct { MqlRuntime *plugin.Runtime __id string - // optional: if you define mqlAwsSagemakerNotebookinstanceDetailsInternal it will be used here + mqlAwsSagemakerNotebookinstanceDetailsInternal Arn plugin.TValue[string] KmsKey plugin.TValue[*mqlAwsKmsKey] DirectInternetAccess plugin.TValue[string] diff --git a/providers/aws/resources/aws_iam.go b/providers/aws/resources/aws_iam.go index 664e95d57c..044545866c 100644 --- a/providers/aws/resources/aws_iam.go +++ b/providers/aws/resources/aws_iam.go @@ -303,38 +303,46 @@ func (a *mqlAwsIam) virtualMfaDevices() ([]interface{}, error) { for i := range devicesResp.VirtualMFADevices { device := devicesResp.VirtualMFADevices[i] - var mqlAwsIamUser plugin.Resource args := map[string]*llx.RawData{ "serialNumber": llx.StringDataPtr(device.SerialNumber), "enableDate": llx.TimeDataPtr(device.EnableDate), } - usr := device.User - if usr != nil { - mqlAwsIamUser, err = NewResource(a.MqlRuntime, "aws.iam.user", map[string]*llx.RawData{ - "arn": llx.StringDataPtr(usr.Arn), - "name": llx.StringDataPtr(usr.UserName), - }) - if err == nil { - args["user"] = llx.ResourceData(mqlAwsIamUser, "aws.iam.user") - } - } - - if usr == nil || err != nil { - args["user"] = llx.NilData - } - mqlAwsIamMfaDevice, err := CreateResource(a.MqlRuntime, "aws.iam.virtualmfadevice", args) if err != nil { return nil, err } res = append(res, mqlAwsIamMfaDevice) + if device.User != nil { + mqlAwsIamMfaDevice.(*mqlAwsIamVirtualmfadevice).cacheUserArn = device.User.Arn + mqlAwsIamMfaDevice.(*mqlAwsIamVirtualmfadevice).cacheUserName = device.User.UserName + } } return res, nil } +func (a *mqlAwsIamVirtualmfadevice) user() (*mqlAwsIamUser, error) { + if a.cacheUserArn != nil && a.cacheUserName != nil { + awsIamUser, err := NewResource(a.MqlRuntime, "aws.iam.user", map[string]*llx.RawData{ + "arn": llx.StringDataPtr(a.cacheUserArn), + "name": llx.StringDataPtr(a.cacheUserName), + }) + if err != nil { + return nil, err + } + return awsIamUser.(*mqlAwsIamUser), nil + } + a.User.State = plugin.StateIsNull | plugin.StateIsSet + return nil, nil +} + +type mqlAwsIamVirtualmfadeviceInternal struct { + cacheUserName *string + cacheUserArn *string +} + func (a *mqlAwsIam) mqlPolicies(policies []iamtypes.Policy) ([]interface{}, error) { res := []interface{}{} for i := range policies { diff --git a/providers/aws/resources/aws_sagemaker.go b/providers/aws/resources/aws_sagemaker.go index 4d58c291c8..a4b0aa9d7f 100644 --- a/providers/aws/resources/aws_sagemaker.go +++ b/providers/aws/resources/aws_sagemaker.go @@ -238,27 +238,30 @@ func (a *mqlAwsSagemakerNotebookinstance) details() (*mqlAwsSagemakerNotebookins "directInternetAccess": llx.StringData(string(instanceDetails.DirectInternetAccess)), } - if instanceDetails.KmsKeyId != nil && *instanceDetails.KmsKeyId != "" { - mqlKeyResource, err := NewResource(a.MqlRuntime, "aws.kms.key", - map[string]*llx.RawData{"arn": llx.StringData(convert.ToString(instanceDetails.KmsKeyId))}, - ) - if err != nil { - log.Error().Err(err).Msg("cannot create kms key resource") - } else { - args["kmsKey"] = llx.ResourceData(mqlKeyResource, mqlKeyResource.MqlName()) - } - } else { - args["kmsKey"] = llx.NilData - } mqlInstanceDetails, err := CreateResource(a.MqlRuntime, "aws.sagemaker.notebookinstance.details", args) if err != nil { return nil, err } + mqlInstanceDetails.(*mqlAwsSagemakerNotebookinstanceDetails).cacheKmsKey = instanceDetails.KmsKeyId return mqlInstanceDetails.(*mqlAwsSagemakerNotebookinstanceDetails), nil } +type mqlAwsSagemakerNotebookinstanceDetailsInternal struct { + cacheKmsKey *string +} + func (a *mqlAwsSagemakerNotebookinstanceDetails) kmsKey() (*mqlAwsKmsKey, error) { - return &mqlAwsKmsKey{}, nil + if a.cacheKmsKey != nil && *a.cacheKmsKey != "" { + mqlKeyResource, err := NewResource(a.MqlRuntime, "aws.kms.key", + map[string]*llx.RawData{"arn": llx.StringData(convert.ToString(a.cacheKmsKey))}, + ) + if err != nil { + return nil, err + } + return mqlKeyResource.(*mqlAwsKmsKey), nil + } + a.KmsKey.State = plugin.StateIsNull | plugin.StateIsSet + return nil, nil } func (a *mqlAwsSagemakerEndpoint) id() (string, error) {