feat: Handle TODOs for ecs cluster

Author: m-pizarro

README.md

@@ -92,7 +92,7 @@ CloudGraph AWS Provider will ask you what regions you would like to crawl and wi
 | ebs                         | asg, ec2, emrInstance                                                                                                                                                                      |
 | ec2                         | alb, asg, ebs, eip, emrInstance, networkInterface, securityGroup, subnet, systemsManagerInstance, vpc, ecsContainer                                                                                                |
 | ecr                         |                                                                                                                                                                                            |
-| ecsCluster                  | ecsService, ecsTask, ecsTaskSet                                                                                                                                                            |
+| ecsCluster                  | cloudwatchLog, ecsService, ecsTask, ecsTaskSet, kms, s3                                                                                                                                                            |
 | ecsContainer                | ecsTask, ec2                                                                                                                                                                               |
 | ecsService                  | ecsCluster, ecsTaskDefinition, ecsTaskSet, elb, iamRole, securityGroup, subnet, vpc                                                                                                        |
 | ecsTask                     | ecsContainer, ecsCluster, ecsTaskDefinition                                                                                                                                                |

src/services/cloudwatchLogs/schema.graphql

@@ -12,6 +12,7 @@ type awsCloudwatchLog @key(fields: "arn") {
   kms: [awsKms] @hasInverse(field: cloudwatchLog)
   cloudwatch: [awsCloudwatch] @hasInverse(field: cloudwatchLog)
   cloudtrail: [awsCloudtrail] @hasInverse(field: cloudwatchLog)
+  ecsCluster: [awsEcsCluster] @hasInverse(field: cloudwatchLog)
 }
 
 type awsMetricFilter

src/services/ecsCluster/connections.ts

@@ -0,0 +1,97 @@
+import { ServiceConnection } from '@cloudgraph/sdk'
+
+import { isEmpty } from 'lodash'
+import services from '../../enums/services'
+import { RawAwsEcsCluster } from '../ecsCluster/data'
+import { RawAwsS3 } from '../s3/data'
+import { RawAwsLogGroup } from '../cloudwatchLogs/data'
+import { AwsKms } from '../kms/data'
+import { gets3BucketId } from '../../utils/ids'
+
+export default ({
+  service: ecsCluster,
+  data,
+  region,
+}: {
+  service: RawAwsEcsCluster
+  data: Array<{ name: string; data: { [property: string]: any[] } }>
+  region: string
+}): {
+  [property: string]: ServiceConnection[]
+} => {
+  const {
+    clusterArn: arn,
+    configuration: {
+      executeCommandConfiguration: { logConfiguration, kmsKeyId } = {},
+    } = {},
+  } = ecsCluster
+  const connections: ServiceConnection[] = []
+
+  /**
+   * Find S3
+   * related to this ecs cluster
+   */
+  const buckets = data.find(({ name }) => name === services.s3)
+  if (buckets?.data?.[region]) {
+    const dataAtRegion: RawAwsS3[] = buckets.data[region].filter(
+      ({ Name: name }: RawAwsS3) => name === logConfiguration?.s3BucketName
+    )
+    for (const bucket of dataAtRegion) {
+      connections.push({
+        id: gets3BucketId(bucket.Name),
+        resourceType: services.s3,
+        relation: 'child',
+        field: 's3',
+      })
+    }
+  }
+
+  /**
+   * Find Cloudwatch Log Group
+   * related to this ecs cluster
+   */
+  const logGroups = data.find(({ name }) => name === services.cloudwatchLog)
+  let logGroupsInRegion: RawAwsLogGroup[] = []
+  if (logGroups?.data?.[region]) {
+    logGroupsInRegion = logGroups.data[region].filter(
+      ({ logGroupName }: RawAwsLogGroup) =>
+        logGroupName === logConfiguration?.cloudWatchLogGroupName
+    )
+  }
+
+  if (!isEmpty(logGroupsInRegion)) {
+    for (const logGroup of logGroupsInRegion) {
+      connections.push({
+        id: logGroup.logGroupName,
+        resourceType: services.cloudwatchLog,
+        relation: 'child',
+        field: 'cloudwatchLog',
+      })
+    }
+  }
+
+  /**
+   * Find MKS
+   * related to this ecs cluster
+   */
+  const kms = data.find(({ name }) => name === services.kms)
+  if (kms?.data?.[region]) {
+    const kmsInRegion: AwsKms = kms.data[region].find(
+      ({ KeyId }: AwsKms) => KeyId === kmsKeyId
+    )
+
+    if (kmsInRegion) {
+      connections.push({
+        id: kmsInRegion.KeyId,
+        resourceType: services.kms,
+        relation: 'child',
+        field: 'kms',
+      })
+    }
+  }
+
+  const natResult = {
+    [arn]: connections,
+  }
+  return natResult
+}

src/services/ecsCluster/index.ts

@@ -2,12 +2,15 @@ import {Service} from '@cloudgraph/sdk'
 import BaseService from '../base'
 import format from './format'
 import getData from './data'
+import getConnections from './connections'
 import mutation from './mutation'
 
 export default class EcsCluster extends BaseService implements Service {
   format = format.bind(this)
 
   getData = getData.bind(this)
 
+  getConnections = getConnections.bind(this)
+  
   mutation = mutation
 }

src/services/ecsCluster/schema.graphql

@@ -19,11 +19,12 @@ type awsEcsCluster @key(fields: "arn") {
   ecsService: [awsEcsService] @hasInverse(field: ecsCluster)
   ecsTask: [awsEcsTask] @hasInverse(field: ecsCluster)
   ecsTaskSet: [awsEcsTaskSet] @hasInverse(field: ecsCluster)
+  s3: [awsS3] @hasInverse(field: ecsCluster)
+  cloudwatchLog: [awsCloudwatchLog] @hasInverse(field: ecsCluster)
+  kms: [awsKms] @hasInverse(field: ecsCluster)
 }
 
-#TODO: add connections to cloudwatchLog, s3, 
-
-type AwsEcsExecuteCommandLogConfiguration 
+type AwsEcsExecuteCommandLogConfiguration
   @generate(
     query: { get: false, query: true, aggregate: false }
     mutation: { add: false, delete: false }

src/services/kms/schema.graphql

@@ -30,4 +30,5 @@ type awsKms @key(fields: "id"){
   dmsReplicationInstances: [awsDmsReplicationInstance] @hasInverse(field: kms)
   sageMakerNotebookInstances: [awsSageMakerNotebookInstance] @hasInverse(field: kms)
   rdsClusterSnapshots: [awsRdsClusterSnapshot] @hasInverse(field: kms)
+  ecsCluster: [awsEcsCluster] @hasInverse(field: kms)
 }

src/services/s3/schema.graphql

@@ -27,6 +27,7 @@ type awsS3 @key(fields: "arn") {
   cloudfrontDistribution: [awsCloudfront] @hasInverse(field: s3) #change to plural
   cloudtrail: [awsCloudtrail] @hasInverse(field: s3) #change to plural
   managedAirflows: [awsManagedAirflow] @hasInverse(field: s3)
+  ecsCluster: [awsEcsCluster] @hasInverse(field: s3)
 }
 
 # TODO: use getBucketReplication and getBucketNotificationConfiguration to make connections to lambda, sns, iamRole, SQS

src/types/generated.ts

@@ -960,6 +960,7 @@ export type AwsCloudwatchLog = {
   cloudtrail?: Maybe<Array<Maybe<AwsCloudtrail>>>;
   cloudwatch?: Maybe<Array<Maybe<AwsCloudwatch>>>;
   creationTime?: Maybe<Scalars['String']>;
+  ecsCluster?: Maybe<Array<Maybe<AwsEcsCluster>>>;
   id: Scalars['String'];
   kms?: Maybe<Array<Maybe<AwsKms>>>;
   kmsKeyId?: Maybe<Scalars['String']>;
@@ -1650,16 +1651,19 @@ export type AwsEcsCluster = {
   attachments?: Maybe<Array<Maybe<AwsEcsAttachment>>>;
   attachmentsStatus?: Maybe<Scalars['String']>;
   capacityProviders?: Maybe<Array<Maybe<Scalars['String']>>>;
+  cloudwatchLog?: Maybe<Array<Maybe<AwsCloudwatchLog>>>;
   clusterName?: Maybe<Scalars['String']>;
   configuration?: Maybe<AwsEcsClusterConfiguration>;
   defaultCapacityProviderStrategy?: Maybe<Array<Maybe<AwsEcsCapacityProviderStrategyItem>>>;
   ecsService?: Maybe<Array<Maybe<AwsEcsService>>>;
   ecsTask?: Maybe<Array<Maybe<AwsEcsTask>>>;
   ecsTaskSet?: Maybe<Array<Maybe<AwsEcsTaskSet>>>;
   id: Scalars['String'];
+  kms?: Maybe<Array<Maybe<AwsKms>>>;
   pendingTasksCount?: Maybe<Scalars['Int']>;
   registeredContainerInstancesCount?: Maybe<Scalars['Int']>;
   runningTasksCount?: Maybe<Scalars['Int']>;
+  s3?: Maybe<Array<Maybe<AwsS3>>>;
   settings?: Maybe<Array<Maybe<AwsEcsClusterSettings>>>;
   statistics?: Maybe<Array<Maybe<AwsEcsStatistics>>>;
   status?: Maybe<Scalars['String']>;
@@ -3343,6 +3347,7 @@ export type AwsKms = {
   deletionDate?: Maybe<Scalars['String']>;
   description?: Maybe<Scalars['String']>;
   dmsReplicationInstances?: Maybe<Array<Maybe<AwsDmsReplicationInstance>>>;
+  ecsCluster?: Maybe<Array<Maybe<AwsEcsCluster>>>;
   efs?: Maybe<Array<Maybe<AwsEfs>>>;
   eksCluster?: Maybe<Array<Maybe<AwsEksCluster>>>;
   elastiCacheReplicationGroup?: Maybe<Array<Maybe<AwsElastiCacheReplicationGroup>>>;
@@ -3885,6 +3890,7 @@ export type AwsS3 = {
   cloudtrail?: Maybe<Array<Maybe<AwsCloudtrail>>>;
   corsConfiguration?: Maybe<Scalars['String']>;
   crossRegionReplication?: Maybe<Scalars['String']>;
+  ecsCluster?: Maybe<Array<Maybe<AwsEcsCluster>>>;
   encrypted?: Maybe<Scalars['String']>;
   id: Scalars['String'];
   ignorePublicAcls?: Maybe<Scalars['String']>;