feat: Added rdsDBProxies

Author: Marco Franceschi

src/enums/serviceMap.ts

@@ -53,6 +53,7 @@ import NetworkInterface from '../services/networkInterface'
 import RDSCluster from '../services/rdsCluster'
 import RDSDbInstance from '../services/rdsDbInstance'
 import RDSEventSubscription from '../services/rdsEventSubscription'
+import RdsDbProxies from '../services/rdsDbProxies'
 import RedshiftCluster from '../services/redshift'
 import Route53HostedZone from '../services/route53HostedZone'
 import Route53Record from '../services/route53Record'
@@ -187,6 +188,7 @@ export default {
   [services.rdsClusterSnapshot]: RdsClusterSnapshot,
   [services.rdsDbInstance]: RDSDbInstance,
   [services.rdsEventSubscription]: RDSEventSubscription,
+  [services.rdsDbProxies]: RdsDbProxies,
   [services.redshiftCluster]: RedshiftCluster,
   [services.route53HostedZone]: Route53HostedZone,
   [services.route53Record]: Route53Record,

src/enums/services.ts

@@ -81,6 +81,7 @@ export default {
   rdsClusterSnapshot: 'rdsClusterSnapshot',
   rdsDbInstance: 'rdsDbInstance',
   rdsEventSubscription: 'rdsEventSubscription',
+  rdsDbProxies: 'rdsDbProxies',
   redshiftCluster: 'redshiftCluster',
   route53HostedZone: 'route53HostedZone',
   route53Record: 'route53Record',

src/properties/logger.ts

@@ -296,6 +296,8 @@ export default {
     `Fetched ${num} RDS DB Instances`,
   fetchedRdsEventSubscriptions: (num: number): string =>
     `Fetched ${num} RDS DB Event Subscriptions`,
+  fetchedRdsDbProxies: (num: number): string =>
+    `Fetched ${num} RDS DB Proxies`,
   noClusterFound: '❎ DB Instance is not part of a cluster ❎ ',
   foundCluster: 'Found the cluster the instance belongs to',
   addingRdsInstances: (num: number): string =>

src/services/rdsDbProxies/data.ts

@@ -0,0 +1,97 @@
+import CloudGraph from '@cloudgraph/sdk'
+import RDS, {
+  DescribeDBProxiesResponse,
+  DBProxy,
+  DescribeDBProxiesRequest
+} from 'aws-sdk/clients/rds'
+import { AWSError } from 'aws-sdk/lib/error'
+import groupBy from 'lodash/groupBy'
+import isEmpty from 'lodash/isEmpty'
+import { Config } from 'aws-sdk/lib/config'
+import { initTestEndpoint } from '../../utils'
+import AwsErrorLog from '../../utils/errorLog'
+import awsLoggerText from '../../properties/logger'
+
+
+const { logger } = CloudGraph
+const lt = { ...awsLoggerText }
+const serviceName = 'RDS DB Proxies'
+const errorLog = new AwsErrorLog(serviceName)
+const endpoint = initTestEndpoint(serviceName)
+
+const listDBProxiesForRegion = async (rds: RDS): Promise<DBProxy[]> =>
+  new Promise<DBProxy[]>(resolve => {
+    const proxies: DBProxy[] = []
+    const descDBProxiesOpts: DescribeDBProxiesRequest = {}
+    const listProxies = (token?: string): void => {
+      if (token) {
+        descDBProxiesOpts.Marker = token
+      }
+      try {
+        rds.describeDBProxies(
+          descDBProxiesOpts,
+          (err: AWSError, data: DescribeDBProxiesResponse) => {
+            const { Marker, DBProxies = [] } = data || {}
+            if (err) {
+              errorLog.generateAwsErrorLog({
+                functionName: 'rds:describeDBProxies',
+                err,
+              })
+            }
+
+            proxies.push(...DBProxies)
+
+            if (Marker) {
+              listProxies(Marker)
+            } else {
+              resolve(proxies)
+            }
+          }
+        )
+      } catch (error) {
+        resolve([])
+      }
+    }
+    listProxies()
+  })
+
+export interface RawAwsRdsDbProxies extends DBProxy {
+  region: string
+}
+
+export default async ({
+  regions,
+  config,
+}: {
+  regions: string
+  config: Config
+}): Promise<{ [property: string]: RawAwsRdsDbProxies[] }> =>
+  new Promise(async resolve => {
+    const rdsData: RawAwsRdsDbProxies[] = []
+    const regionPromises = []
+
+    // Get all the proxies for the region
+    regions.split(',').map(region => {
+      const regionPromise = new Promise<void>(async resolveRegion => {
+        const rds = new RDS({ ...config, region, endpoint })
+        const subscriptions = await listDBProxiesForRegion(rds)
+
+        if (!isEmpty(subscriptions)) {
+          rdsData.push(
+            ...subscriptions.map(subscription => ({
+              ...subscription,
+              region,
+            }))
+          )
+        }
+        resolveRegion()
+      })
+      regionPromises.push(regionPromise)
+    })
+
+    await Promise.all(regionPromises)
+    logger.debug(lt.fetchedRdsDbProxies(rdsData.length))
+
+    errorLog.reset()
+    resolve(groupBy(rdsData, 'region'))
+  })

src/services/rdsDbProxies/format.ts

@@ -0,0 +1,81 @@
+import { UserAuthConfigInfo } from 'aws-sdk/clients/rds'
+import { AwsRdsDbProxies, AwsRdsDbProxiesUserAuthConfigInfo } from '../../types/generated'
+import { RawAwsRdsDbProxies } from './data'
+import { generateUniqueId } from '@cloudgraph/sdk'
+
+/**
+ * RdsDbProxies
+ */
+
+export default ({
+  account,
+  service: rawData,
+  region,
+}: {
+  account,
+  service: RawAwsRdsDbProxies
+  region,
+}): AwsRdsDbProxies => {
+  const {
+    DBProxyName: dBProxyName,
+    DBProxyArn: arn,
+    Status: status,
+    EngineFamily: engineFamily,
+    VpcId: vpcId,
+    VpcSecurityGroupIds: vpcSecurityGroupIds = [],
+    VpcSubnetIds: vpcSubnetIds = [],
+    Auth: auth,
+    RoleArn: roleArn,
+    Endpoint: endpoint,
+    RequireTLS: requireTLS,
+    IdleClientTimeout: idleClientTimeout,
+    DebugLogging: debugLogging,
+    CreatedDate: createdDate,
+    UpdatedDate: updatedDate,
+  } = rawData
+
+
+
+  const formatUserAuthConfigInfo = (
+    configList?: UserAuthConfigInfo[]
+  ): AwsRdsDbProxiesUserAuthConfigInfo[] => {
+    return (
+      configList?.map(c => ({
+        id: generateUniqueId({
+          arn,
+          ...c,
+        }),
+        description: c.Description,
+        userName: c.UserName,
+        authScheme: c.AuthScheme,
+        secretArn: c.SecretArn,
+        iAMAuth: c.IAMAuth,
+        clientPasswordAuthType: c.ClientPasswordAuthType
+      })) || []
+    )
+  }
+
+
+
+
+  return {
+    id: arn,
+    accountId: account,
+    region,
+    dBProxyName,
+    arn,
+    status,
+    engineFamily,
+    vpcId,
+    vpcSecurityGroupIds,
+    vpcSubnetIds,
+    auth: formatUserAuthConfigInfo(auth),
+    roleArn,
+    endpoint,
+    requireTLS,
+    idleClientTimeout,
+    debugLogging,
+    createdDate: createdDate.toISOString(),
+    updatedDate: updatedDate.toISOString(),
+  }
+}

src/services/rdsDbProxies/index.ts

@@ -0,0 +1,13 @@
+import { Service } from '@cloudgraph/sdk'
+import BaseService from '../base'
+import format from './format'
+import getData from './data'
+import mutation from './mutation'
+
+export default class RdsDbProxies extends BaseService implements Service {
+  format = format.bind(this)
+
+  getData = getData.bind(this)
+
+  mutation = mutation
+}

src/services/rdsDbProxies/mutation.ts

@@ -0,0 +1,5 @@
+export default `mutation($input: [AddawsRdsDbProxiesInput!]!) {
+  addawsRdsDbProxies(input: $input, upsert: true) {
+    numUids
+  }
+}`;

src/services/rdsDbProxies/schema.graphql

@@ -0,0 +1,32 @@
+
+type awsRdsDbProxiesUserAuthConfigInfo
+  @generate(
+    query: { get: false, query: true, aggregate: false }
+    mutation: { add: false, delete: false }
+    subscription: false
+  ) {
+   id: String! @id
+   Description: String @search(by: [hash, regexp])
+   UserName: String @search(by: [hash, regexp])
+   AuthScheme: String @search(by: [hash, regexp])
+   SecretArn: String @search(by: [hash, regexp])
+   IAMAuth: String @search(by: [hash, regexp])
+   ClientPasswordAuthType: String @search(by: [hash, regexp])
+}
+
+type awsRdsDbProxies implements awsBaseService @key(fields: "arn") {
+   dBProxyName: String @search(by: [hash, regexp])
+   status: String @search(by: [hash, regexp])
+   engineFamily: String @search(by: [hash, regexp])
+   vpcId: String @search(by: [hash, regexp])
+   vpcSecurityGroupIds: [String] @search(by: [hash])
+   vpcSubnetIds: [String] @search(by: [hash])
+   auth: [awsRdsDbProxiesUserAuthConfigInfo]
+   roleArn: String @search(by: [hash, regexp])
+   endpoint: String @search(by: [hash, regexp])
+   requireTLS: Boolean @search
+   idleClientTimeout: Int @search
+   debugLogging: Boolean @search
+   createdDate: DateTime @search(by: [day])
+   updatedDate: DateTime @search(by: [day])
+}

src/services/rdsEventSubscription/data.ts

@@ -70,7 +70,7 @@ export default async ({
     const rdsData: RawAwsRdsEventSubscription[] = []
     const regionPromises = []
 
-    // Get all the instances for the region
+    // Get all the events subscriptions for the region
     regions.split(',').map(region => {
       const regionPromise = new Promise<void>(async resolveRegion => {
         const rds = new RDS({ ...config, region, endpoint })

src/types/generated.ts

@@ -4067,6 +4067,33 @@ export type AwsRdsDbInstanceParameterGroup = {
   status?: Maybe<Scalars['String']>;
 };
 
+export type AwsRdsDbProxies = AwsBaseService & {
+  auth?: Maybe<Array<Maybe<AwsRdsDbProxiesUserAuthConfigInfo>>>;
+  createdDate?: Maybe<Scalars['DateTime']>;
+  dBProxyName?: Maybe<Scalars['String']>;
+  debugLogging?: Maybe<Scalars['Boolean']>;
+  endpoint?: Maybe<Scalars['String']>;
+  engineFamily?: Maybe<Scalars['String']>;
+  idleClientTimeout?: Maybe<Scalars['Int']>;
+  requireTLS?: Maybe<Scalars['Boolean']>;
+  roleArn?: Maybe<Scalars['String']>;
+  status?: Maybe<Scalars['String']>;
+  updatedDate?: Maybe<Scalars['DateTime']>;
+  vpcId?: Maybe<Scalars['String']>;
+  vpcSecurityGroupIds?: Maybe<Array<Maybe<Scalars['String']>>>;
+  vpcSubnetIds?: Maybe<Array<Maybe<Scalars['String']>>>;
+};
+
+export type AwsRdsDbProxiesUserAuthConfigInfo = {
+  AuthScheme?: Maybe<Scalars['String']>;
+  ClientPasswordAuthType?: Maybe<Scalars['String']>;
+  Description?: Maybe<Scalars['String']>;
+  IAMAuth?: Maybe<Scalars['String']>;
+  SecretArn?: Maybe<Scalars['String']>;
+  UserName?: Maybe<Scalars['String']>;
+  id: Scalars['String'];
+};
+
 export type AwsRdsEventSubscription = AwsBaseService & {
   custSubscriptionId?: Maybe<Scalars['String']>;
   customerAwsId?: Maybe<Scalars['String']>;