Skip to content

Commit

Permalink
sam validate fix, changed key
Browse files Browse the repository at this point in the history
  • Loading branch information
@ryantanjunming
ryantanjunming committed Oct 10, 2024
1 parent 7ba5738 commit 873937b
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 41 deletions.
10 changes: 5 additions & 5 deletions src/resource-metadata/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@ import { sendToCoralogix } from './coralogix.js'
import { collectEc2Resources } from './ec2.js';

const validateAndExtractConfiguration = () => {
const filterEC2= String(process.env.RESOURCE_TYPE_FILTER).toLowerCase() === 'ec2';
const filterLambda= String(process.env.RESOURCE_TYPE_FILTER).toLowerCase() === 'lambda';
return { filterEC2, filterLambda };
const excludeEC2= String(process.env.RESOURCE_TYPE_EXCLUDE).toLowerCase() === 'ec2';
const excludeLambda= String(process.env.RESOURCE_TYPE_EXCLUDE).toLowerCase() === 'lambda';
return { excludeEC2, excludeLambda };
}
const { filterEC2, filterLambda } = validateAndExtractConfiguration();

Expand All @@ -33,8 +33,8 @@ export const handler = async (_, context) => {
const ec2 = collectAndSendEc2Resources(collectorId, invokedArn.region, invokedArn.accountId)

let dataToCollect = []
if(!filterEC2) dataToCollect.push(ec2)
if(!filterLambda) dataToCollect.push(lambda)
if(!excludeEC2) dataToCollect.push(ec2)
if(!excludeLambda) dataToCollect.push(lambda)
await Promise.all(dataToCollect)

console.info("Collection done")
Expand Down
79 changes: 43 additions & 36 deletions src/resource-metadata/template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ Metadata:
- ResourceTtlMinutes
- LatestVersionsPerFunction
- CollectAliases
- ResourceTypeFilter
- ResourceTypeExclude
- LambdaFunctionIncludeRegexFilter
- LambdaFunctionExcludeRegexFilter
- LambdaFunctionTagFilters
Expand Down Expand Up @@ -61,8 +61,8 @@ Metadata:
default: Latest Versions Per Function
CollectAliases:
default: Collect Aliases
ResourceTypeFilter:
default: Resource Type Filter
ResourceTypeExclude:
default: Resource Type Exclude
LambdaFunctionIncludeRegexFilter:
default: Lambda Function Include Regex
LambdaFunctionExcludeRegexFilter:
Expand Down Expand Up @@ -119,7 +119,7 @@ Parameters:
Type: String
Description: '[True/False]'
Default: 'False'
ResourceTypeFilter:
ResourceTypeExclude:
Type: String
Description: 'If specified, resources of the specified type will be excluded in the collected metadata [ec2, lambda]'
Default: ""
Expand Down Expand Up @@ -211,14 +211,14 @@ Conditions:
- Fn::Equals:
- Ref: CreateSecret
- 'True'
IsEC2ResourceTypeFilter:
IsEC2ResourceTypeExcluded:
Fn::Equals:
- Ref: ResourceTypeFilter
- ec2
IsLambdaResourceTypeFilter:
- Ref: ResourceTypeExclude
- 'ec2'
IsLambdaResourceTypeExcluded:
Fn::Equals:
- Ref: ResourceTypeFilter
- lambda
- Ref: ResourceTypeExclude
- 'lambda'
Resources:
LambdaFunction:
Condition: IsNotSMEnabled
Expand Down Expand Up @@ -250,6 +250,8 @@ Resources:
Ref: LatestVersionsPerFunction
COLLECT_ALIASES:
Ref: CollectAliases
RESOURCE_TYPE_EXCLUDE:
Ref: ResourceTypeExclude
RESOURCE_TTL_MINUTES:
Ref: ResourceTtlMinutes
LAMBDA_FUNCTION_INCLUDE_REGEX_FILTER:
Expand All @@ -273,25 +275,30 @@ Resources:
Type: SNS
Policies:
- !If
- Version: "2012-10-17"
Statement:
- Sid: GetEc2Metadata
Effect: Allow
Action:
- ec2:DescribeInstances
Resource: "*"
- Version: "2012-10-17"
Statement:
- Sid: GetLambdaMetadata
Effect: Allow
Action:
- lambda:ListFunctions
- lambda:ListVersionsByFunction
- lambda:GetFunction
- lambda:ListAliases
- lambda:ListEventSourceMappings
- lambda:GetPolicy
Resource: "*"
- IsEC2ResourceTypeExcluded
- Version: "2012-10-17"
Statement:
- Sid: GetEc2Metadata
Effect: Allow
Action:
- ec2:DescribeInstances
Resource: "*"
- !Ref 'AWS::NoValue'
- !If:
- IsLambdaResourceTypeExcluded
- Version: "2012-10-17"
Statement:
- Sid: GetLambdaMetadata
Effect: Allow
Action:
- lambda:ListFunctions
- lambda:ListVersionsByFunction
- lambda:GetFunction
- lambda:ListAliases
- lambda:ListEventSourceMappings
- lambda:GetPolicy
Resource: "*"
- !Ref 'AWS::NoValue'
- Version: "2012-10-17"
Statement:
- Sid: GetResourcesByTags
Expand Down Expand Up @@ -330,8 +337,8 @@ Resources:
Ref: LatestVersionsPerFunction
COLLECT_ALIASES:
Ref: CollectAliases
RESOURCE_TYPE_FILTER:
Ref: ResourceTypeFilter
RESOURCE_TYPE_EXCLUDE:
Ref: ResourceTypeExclude
RESOURCE_TTL_MINUTES:
Ref: ResourceTtlMinutes
LAMBDA_FUNCTION_INCLUDE_REGEX_FILTER:
Expand Down Expand Up @@ -359,17 +366,17 @@ Resources:
Type: SNS
Policies:
- !If
- IsEC2ResourceTypeFilter
- IsEC2ResourceTypeExcluded
- Version: "2012-10-17"
Statement:
- Sid: GetEc2Metadata
Effect: Allow
Action:
- ec2:DescribeInstances
Resource: "*"
- !Ref 'AWS::NoValue'
- If:
- IsLambdaResourceTypeFilter
- !Ref "AWS::NoValue"
- !If:
- IsLambdaResourceTypeExcluded
- Version: "2012-10-17"
Statement:
- Sid: GetLambdaMetadata
Expand All @@ -382,7 +389,7 @@ Resources:
- lambda:ListEventSourceMappings
- lambda:GetPolicy
Resource: "*"
- !Ref 'AWS::NoValue'
- !Ref "AWS::NoValue"
- Version: "2012-10-17"
Statement:
- Sid: GetResourcesByTags
Expand Down

0 comments on commit 873937b

Please sign in to comment.