forked from ekristen/aws-nuke
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwafv2-webacls.go
119 lines (93 loc) · 2.4 KB
/
wafv2-webacls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package resources
import (
"context"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/endpoints"
"github.com/aws/aws-sdk-go/service/wafv2"
"github.com/ekristen/libnuke/pkg/registry"
"github.com/ekristen/libnuke/pkg/resource"
"github.com/ekristen/libnuke/pkg/types"
"github.com/ekristen/aws-nuke/v3/pkg/nuke"
)
const WAFv2WebACLResource = "WAFv2WebACL"
func init() {
registry.Register(®istry.Registration{
Name: WAFv2WebACLResource,
Scope: nuke.Account,
Lister: &WAFv2WebACLLister{},
})
}
type WAFv2WebACLLister struct{}
func (l *WAFv2WebACLLister) List(_ context.Context, o interface{}) ([]resource.Resource, error) {
opts := o.(*nuke.ListerOpts)
svc := wafv2.New(opts.Session)
resources := make([]resource.Resource, 0)
params := &wafv2.ListWebACLsInput{
Limit: aws.Int64(50),
Scope: aws.String("REGIONAL"),
}
output, err := getWebACLs(svc, params)
if err != nil {
return []resource.Resource{}, err
}
resources = append(resources, output...)
if *opts.Session.Config.Region == endpoints.UsEast1RegionID {
params.Scope = aws.String("CLOUDFRONT")
output, err := getWebACLs(svc, params)
if err != nil {
return []resource.Resource{}, err
}
resources = append(resources, output...)
}
return resources, nil
}
func getWebACLs(svc *wafv2.WAFV2, params *wafv2.ListWebACLsInput) ([]resource.Resource, error) {
resources := make([]resource.Resource, 0)
for {
resp, err := svc.ListWebACLs(params)
if err != nil {
return nil, err
}
for _, webACL := range resp.WebACLs {
resources = append(resources, &WAFv2WebACL{
svc: svc,
ID: webACL.Id,
name: webACL.Name,
lockToken: webACL.LockToken,
scope: params.Scope,
})
}
if resp.NextMarker == nil {
break
}
params.NextMarker = resp.NextMarker
}
return resources, nil
}
type WAFv2WebACL struct {
svc *wafv2.WAFV2
ID *string
name *string
lockToken *string
scope *string
}
func (f *WAFv2WebACL) Remove(_ context.Context) error {
_, err := f.svc.DeleteWebACL(&wafv2.DeleteWebACLInput{
Id: f.ID,
Name: f.name,
Scope: f.scope,
LockToken: f.lockToken,
})
return err
}
func (f *WAFv2WebACL) String() string {
return *f.ID
}
func (f *WAFv2WebACL) Properties() types.Properties {
properties := types.NewProperties()
properties.
Set("ID", f.ID).
Set("Name", f.name).
Set("Scope", f.scope)
return properties
}