feat(services): Add managedPrefixList service

Author: m-pizarro

README.md

@@ -136,6 +136,7 @@ CloudGraph AWS Provider will ask you what regions you would like to crawl and wi
 | kms                         | cloudtrail, cloudwatchLog, codebuild, ecsCluster, efs, eksCluster, elastiCacheReplicationGroup, elasticSearchDomain, emrCluster, managedAirflow, lambda, rdsCluster, rdsClusterSnapshot, rdsDbInstance, sns, sageMakerNotebookInstance, secretsManager, dmsReplicationInstance, redshiftCluster                                                                               |
 | lambda                      | appSync, cognitoUserPool, kms, s3, secretsManager, securityGroup, subnet, vpc, iamRole                                                                                                                                                                                                                                                                                        |
 | managedAirflow              | cloudwatchLog, iamRole, kms, securityGroups, subnet, s3                                                                                                                                                                                                                                                                                                                       |
+| managedPrefixList           |                                                                                                                                                                                                                                                                                                                        |
 | nacl                        | vpc                                                                                                                                                                                                                                                                                                                                                                           |
 | natGateway                  | networkInterface, subnet, vpc                                                                                                                                                                                                                                                                                                                                                 |
 | networkInterface            | ec2, eip, efsMountTarget, natGateway, sageMakerNotebookInstance, subnet, vpc, flowLog, securityGroup                                                                                                                                                                                                                                                                          |

src/enums/schemasMap.ts

@@ -73,6 +73,7 @@ export default {
   [services.kms]: 'awsKms',
   [services.lambda]: 'awsLambda',
   [services.managedAirflow]: 'awsManagedAirflow',
+  [services.managedPrefixList]: 'awsManagedPrefixList',
   [services.nacl]: 'awsNetworkAcl',
   [services.nat]: 'awsNatGateway',
   [services.networkInterface]: 'awsNetworkInterface',

src/enums/serviceAliases.ts

@@ -51,6 +51,7 @@ export default {
   [services.kinesisStream]: 'kinesisStreams',
   [services.lambda]: 'lambdaFunctions',
   [services.managedAirflow]: 'managedAirflows',
+  [services.managedPrefixList]: 'managedPrefixLists',
   [services.nat]: 'natGateway',
   [services.networkInterface]: 'networkInterfaces',
   [services.organization]: 'organizations',

src/enums/serviceMap.ts

@@ -98,6 +98,7 @@ import SystemsManagerDocument from '../services/systemsManagerDocument'
 import RdsClusterSnapshot from '../services/rdsClusterSnapshot'
 import APIGatewayDomainName from '../services/apiGatewayDomainName'
 import APIGatewayHttpApi from '../services/apiGatewayHttpApi'
+import ManagedPrefixList from '../services/managedPrefixList'
 
 /**
  * serviceMap is an object that contains all currently supported services for AWS
@@ -156,6 +157,7 @@ export default {
   [services.kms]: AwsKms,
   [services.lambda]: Lambda,
   [services.managedAirflow]: ManagedAirflow,
+  [services.managedPrefixList]: ManagedPrefixList,
   [services.nacl]: NetworkAcl,
   [services.nat]: NATGateway,
   [services.networkInterface]: NetworkInterface,

src/enums/services.ts

@@ -67,6 +67,7 @@ export default {
   kms: 'kms',
   lambda: 'lambda',
   managedAirflow: 'managedAirflow',
+  managedPrefixList: 'managedPrefixList',
   nacl: 'nacl',
   nat: 'nat',
   networkInterface: 'networkInterface',

src/properties/logger.ts

@@ -672,4 +672,9 @@ export default {
    * Access Analyzers
    */
   fetchedaccessAnalyzers: (num: number): string => `Found ${num} Access Analyzers`,
+  /**
+   * Managed Prefix Lists
+   */
+  fetchedManagedPrefixLists: (num: number): string => `Found ${num} Managed Prefix Lists`,
+  fetchedManagedPrefixListEntries: (num: number): string => `Found ${num} Managed Prefix List Entries`,
 }

src/services/account/schema.graphql

@@ -68,6 +68,7 @@ type awsAccount implements awsOptionalService @key(fields: "id") {
   kms: [awsKms]
   lambdaFunctions: [awsLambda]
   managedAirflows: [awsManagedAirflow]
+  managedPrefixLists: [awsManagedPrefixList]
   nacl: [awsNetworkAcl]
   natGateway: [awsNatGateway]
   networkInterfaces: [awsNetworkInterface]

src/services/managedPrefixList/data.ts

@@ -0,0 +1,211 @@
+import CloudGraph from '@cloudgraph/sdk'
+import groupBy from 'lodash/groupBy'
+import isEmpty from 'lodash/isEmpty'
+
+import EC2, {
+  DescribeManagedPrefixListsRequest,
+  DescribeManagedPrefixListsResult,
+  GetManagedPrefixListEntriesRequest,
+  GetManagedPrefixListEntriesResult,
+  ManagedPrefixList,
+  PrefixListEntry,
+} from 'aws-sdk/clients/ec2'
+
+import { Config } from 'aws-sdk/lib/config'
+import { AWSError } from 'aws-sdk/lib/error'
+import { convertAwsTagsToTagMap } from '../../utils/format'
+import { AwsTag, TagMap } from '../../types'
+
+import awsLoggerText from '../../properties/logger'
+import { initTestEndpoint } from '../../utils'
+import AwsErrorLog from '../../utils/errorLog'
+
+const lt = { ...awsLoggerText }
+const { logger } = CloudGraph
+const serviceName = 'Managed Prefix List'
+const errorLog = new AwsErrorLog(serviceName)
+const endpoint = initTestEndpoint(serviceName)
+
+const listManagedPrefixListData = async ({
+  ec2,
+  resolveRegion,
+}: {
+  ec2: EC2
+  resolveRegion: () => void
+}): Promise<ManagedPrefixList[]> =>
+  new Promise<ManagedPrefixList[]>(resolve => {
+    const managedPrefixLists: ManagedPrefixList[] = []
+    let args: DescribeManagedPrefixListsRequest = {}
+
+    const listManagedPrefixLists = (token?: string): void => {
+      if (token) {
+        args = { ...args, NextToken: token }
+      }
+      try {
+        ec2.describeManagedPrefixLists(
+          args,
+          (err: AWSError, data: DescribeManagedPrefixListsResult) => {
+            if (err) {
+              errorLog.generateAwsErrorLog({
+                functionName: 'ec2:describeManagedPrefixLists',
+                err,
+              })
+            }
+
+            if (isEmpty(data)) {
+              return resolveRegion()
+            }
+
+            const { NextToken: nextToken, PrefixLists: prefixLists = [] } = data
+
+            if (isEmpty(prefixLists)) {
+              return resolveRegion()
+            }
+
+            managedPrefixLists.push(...prefixLists)
+
+            logger.debug(lt.fetchedManagedPrefixLists(prefixLists.length))
+
+            if (nextToken) {
+              listManagedPrefixLists(nextToken)
+            } else {
+              resolve(managedPrefixLists)
+            }
+          }
+        )
+      } catch (error) {
+        resolve([])
+      }
+    }
+    listManagedPrefixLists()
+  })
+
+const getManagedPrefixListEntries = async ({
+  ec2,
+  prefixListId,
+  resolveEntry,
+}: {
+  ec2: EC2
+  prefixListId: string
+  resolveEntry: () => void
+}): Promise<PrefixListEntry[]> =>
+  new Promise<PrefixListEntry[]>(resolve => {
+    const managedPrefixListEntries: PrefixListEntry[] = []
+    let args: GetManagedPrefixListEntriesRequest = {
+      PrefixListId: prefixListId,
+    }
+
+    const listManagedPrefixListEntries = (token?: string): void => {
+      if (token) {
+        args = { ...args, NextToken: token }
+      }
+      try {
+        ec2.getManagedPrefixListEntries(
+          args,
+          (err: AWSError, data: GetManagedPrefixListEntriesResult) => {
+            if (err) {
+              errorLog.generateAwsErrorLog({
+                functionName: 'ec2:getManagedPrefixListEntries',
+                err,
+              })
+            }
+
+            if (isEmpty(data)) {
+              return resolveEntry()
+            }
+
+            const { NextToken: nextToken, Entries: entries = [] } = data
+
+            if (isEmpty(entries)) {
+              return resolveEntry()
+            }
+
+            managedPrefixListEntries.push(...entries)
+
+            logger.debug(lt.fetchedManagedPrefixListEntries(entries.length))
+
+            if (nextToken) {
+              listManagedPrefixListEntries(nextToken)
+            } else {
+              resolve(managedPrefixListEntries)
+            }
+          }
+        )
+      } catch (error) {
+        resolve([])
+      }
+    }
+    listManagedPrefixListEntries()
+  })
+
+/**
+ * Managed Prefix List
+ */
+
+export interface RawAwsManagedPrefixList
+  extends Omit<ManagedPrefixList, 'Tags'> {
+  region: string
+  Tags?: TagMap
+  Entries?: PrefixListEntry[]
+}
+
+export default async ({
+  regions,
+  config,
+}: {
+  regions: string
+  config: Config
+}): Promise<{
+  [region: string]: RawAwsManagedPrefixList[]
+}> =>
+  new Promise(async resolve => {
+    const managedPrefixListsResult: RawAwsManagedPrefixList[] = []
+    const entriesPromises = []
+
+    const regionPromises = regions.split(',').map(region => {
+      const ec2 = new EC2({ ...config, region, endpoint })
+
+      return new Promise<void>(async resolveRegion => {
+        const managedPrefixLists = await listManagedPrefixListData({
+          ec2,
+          resolveRegion,
+        })
+
+        if (!isEmpty(managedPrefixLists)) {
+          for (const managedPrefixList of managedPrefixLists) {
+            managedPrefixListsResult.push({
+              ...managedPrefixList,
+              region,
+              Tags: convertAwsTagsToTagMap(managedPrefixList.Tags as AwsTag[]),
+            })
+          }
+        }
+        resolveRegion()
+      })
+    })
+    await Promise.all(regionPromises)
+
+    managedPrefixListsResult.map(
+      ({ PrefixListId: prefixListId, region }, idx) => {
+        const ec2 = new EC2({ ...config, region, endpoint })
+        const entryPromise = new Promise<void>(async resolveEntry => {
+          const entries: PrefixListEntry[] =
+            await getManagedPrefixListEntries({
+              ec2,
+              prefixListId,
+              resolveEntry,
+            })
+          managedPrefixListsResult[idx] = {
+            ...managedPrefixListsResult[idx],
+            Entries: entries || [],
+          }
+          resolveEntry()
+        })
+        entriesPromises.push(entryPromise)
+      }
+    )
+    await Promise.all(entriesPromises)
+
+    errorLog.reset()
+    resolve(groupBy(managedPrefixListsResult, 'region'))
+  })

src/services/managedPrefixList/format.ts

@@ -0,0 +1,52 @@
+import cuid from 'cuid'
+import { formatTagsFromMap } from '../../utils/format'
+import { RawAwsManagedPrefixList } from './data'
+import { AwsManagedPrefixList } from '../../types/generated'
+
+/**
+ * Managed Prefix List
+ */
+
+export default ({
+  service: rawData,
+  account,
+  region,
+}: {
+  service: RawAwsManagedPrefixList
+  account: string
+  region: string
+}): AwsManagedPrefixList => {
+  const {
+    PrefixListId: id,
+    PrefixListArn: arn,
+    PrefixListName: name,
+    AddressFamily: addressFamily,
+    State: state,
+    StateMessage: stateMessage,
+    MaxEntries: maxEntries,
+    Version: version,
+    Entries: entries = [],
+    Tags: tags,
+  } = rawData
+
+  const managedPrefixList = {
+    id,
+    accountId: account,
+    arn,
+    region,
+    name,
+    addressFamily,
+    state,
+    stateMessage,
+    maxEntries,
+    version,
+    entries: entries?.map(e => ({
+      id: cuid(),
+      cidr: e.Cidr,
+      description: e.Description,
+    })) || [],
+    tags: formatTagsFromMap(tags),
+  }
+
+  return managedPrefixList
+}

src/services/managedPrefixList/index.ts

@@ -0,0 +1,13 @@
+import { Service } from '@cloudgraph/sdk'
+import BaseService from '../base'
+import format from './format'
+import getData from './data'
+import mutation from './mutation'
+
+export default class ManagedPrefixList extends BaseService implements Service {
+  format = format.bind(this)
+
+  getData = getData.bind(this)
+
+  mutation = mutation
+}