Merge branch 'fix/add-missing-properties-for-nist-rules' into 'master'

tyler-dunkel · tyler-dunkel · commit 496c04374480 · 2022-03-29T18:50:45.000Z
fix: Added missing properties needed for nist rules

See merge request auto-cloud/cloudgraph/provider/cloudgraph-provider-aws!229
diff --git a/src/services/cloudfront/format.ts b/src/services/cloudfront/format.ts
@@ -14,6 +14,7 @@ import {
   AwsCloudfrontCustomErrorResponse,
   AwsCloudfrontOriginData,
   AwsCloudfrontViewerCertificate,
+  AwsCloudfrontLoggingConfig,
 } from '../../types/generated'
 import { RawAwsCloudfront } from './data'
 
@@ -120,6 +121,7 @@ export default ({
       Restrictions: { GeoRestriction: { Items: geoRestrictions = [] } } = {
         GeoRestriction: { RestrictionType: '', Items: [], Quantity: 0 },
       },
+      Logging: logging,
     },
     etag,
     summary: {
@@ -212,6 +214,15 @@ export default ({
     })
   )
 
+  const loggingConfig: AwsCloudfrontLoggingConfig = logging
+    ? {
+        enabled: logging.Enabled,
+        includeCookies: logging.IncludeCookies,
+        bucket: logging.Bucket,
+        prefix: logging.Prefix,
+      }
+    : {}
+
   return {
     id,
     accountId: account,
@@ -238,5 +249,6 @@ export default ({
     tags: formatTagsFromMap(Tags),
     viewerCertificate,
     webAclId,
+    logging: loggingConfig,
   }
 }
diff --git a/src/services/cloudfront/schema.graphql b/src/services/cloudfront/schema.graphql
@@ -19,6 +19,7 @@ type awsCloudfront @key(fields: "id") {
   orderedCacheBehaviors: [awsCloudfrontCacheBehavior]
   viewerCertificate: awsCloudfrontViewerCertificate
   origins: [awsCloudfrontOriginData]
+  logging: awsCloudfrontLoggingConfig
   elb: [awsElb] @hasInverse(field: cloudfrontDistribution)
   s3: [awsS3] @hasInverse(field: cloudfrontDistribution)
   tags: [awsRawTag]
@@ -89,3 +90,10 @@ type awsCloudfrontCustomErrorResponse {
   responseCode: String @search(by: [hash, regexp])
   responsePagePath: String @search(by: [hash, regexp])
 }
+
+type awsCloudfrontLoggingConfig {
+  enabled: Boolean @search
+  includeCookies: Boolean @search
+  bucket: String @search(by: [hash, regexp])
+  prefix: String @search(by: [hash, regexp])
+}
diff --git a/src/services/cloudtrail/format.ts b/src/services/cloudtrail/format.ts
@@ -50,10 +50,11 @@ export default ({
   let eventSelectors = []
   if (!isEmpty(EventSelectors)) {
     eventSelectors = EventSelectors.map(
-      ({ ReadWriteType, IncludeManagementEvents }) => ({
+      ({ ReadWriteType, IncludeManagementEvents, DataResources }) => ({
         id: cuid(),
         readWriteType: ReadWriteType,
         includeManagementEvents: IncludeManagementEvents,
+        dataResources: DataResources?.map(({ Type, Values }) => ({id: cuid(), type: Type, values : Values})) || [],
       })
     )
   }
diff --git a/src/services/cloudtrail/schema.graphql b/src/services/cloudtrail/schema.graphql
@@ -51,4 +51,16 @@ type awsCloudtrailEventSelector
   id: String! @id @search(by: [hash])
   readWriteType: String @search(by: [hash, regexp])
   includeManagementEvents: Boolean @search
+  dataResources: [awsCloudtrailDataResource]
+}
+
+type awsCloudtrailDataResource
+  @generate(
+    query: { get: false, query: true, aggregate: false }
+    mutation: { add: false, delete: false }
+    subscription: false
+  ) {
+  id: String! @id @search(by: [hash])
+  type: String @search(by: [hash, regexp])
+  values: [String] @search(by: [hash, regexp])
 }
diff --git a/src/types/generated.ts b/src/types/generated.ts
@@ -785,6 +785,7 @@ export type AwsCloudfront = {
   id: Scalars['String'];
   ipv6Enabled?: Maybe<Scalars['String']>;
   lastModified?: Maybe<Scalars['String']>;
+  logging?: Maybe<AwsCloudfrontLoggingConfig>;
   orderedCacheBehaviors?: Maybe<Array<Maybe<AwsCloudfrontCacheBehavior>>>;
   origins?: Maybe<Array<Maybe<AwsCloudfrontOriginData>>>;
   priceClass?: Maybe<Scalars['String']>;
@@ -828,6 +829,13 @@ export type AwsCloudfrontCustomOriginConfig = {
   originSslProtocols?: Maybe<AwsCloudfrontOriginSslProtocols>;
 };
 
+export type AwsCloudfrontLoggingConfig = {
+  bucket?: Maybe<Scalars['String']>;
+  enabled?: Maybe<Scalars['Boolean']>;
+  includeCookies?: Maybe<Scalars['Boolean']>;
+  prefix?: Maybe<Scalars['String']>;
+};
+
 export type AwsCloudfrontOriginCustomHeader = {
   id: Scalars['String'];
   name?: Maybe<Scalars['String']>;
@@ -890,7 +898,14 @@ export type AwsCloudtrail = {
   tags?: Maybe<Array<Maybe<AwsRawTag>>>;
 };
 
+export type AwsCloudtrailDataResource = {
+  id: Scalars['String'];
+  type?: Maybe<Scalars['String']>;
+  values?: Maybe<Array<Maybe<Scalars['String']>>>;
+};
+
 export type AwsCloudtrailEventSelector = {
+  dataResources?: Maybe<Array<Maybe<AwsCloudtrailDataResource>>>;
   id: Scalars['String'];
   includeManagementEvents?: Maybe<Scalars['Boolean']>;
   readWriteType?: Maybe<Scalars['String']>;

Original file line number	Diff line number	Diff line change
`@@ -50,10 +50,11 @@ export default ({`
`50`	`50`	`let eventSelectors = []`
`51`	`51`	`if (!isEmpty(EventSelectors)) {`
`52`	`52`	`eventSelectors = EventSelectors.map(`
`53`		`- ({ ReadWriteType, IncludeManagementEvents }) => ({`
	`53`	`+ ({ ReadWriteType, IncludeManagementEvents, DataResources }) => ({`
`54`	`54`	`id: cuid(),`
`55`	`55`	`readWriteType: ReadWriteType,`
`56`	`56`	`includeManagementEvents: IncludeManagementEvents,`
	`57`	`+ dataResources: DataResources?.map(({ Type, Values }) => ({id: cuid(), type: Type, values : Values})) \|\| [],`
`57`	`58`	`})`
`58`	`59`	`)`
`59`	`60`	`}`