Merge pull request #60 from cloudgraphdev/feature/CG-1192

feat: Add apiGatewayHttpApi (apiGatewayV2) and apiGatewayDomainName services

Author: tyler-dunkel

README.md

@@ -70,7 +70,9 @@ CloudGraph AWS Provider will ask you what regions you would like to crawl and wi
 | Service                     | Relations                                                                                                                                                                                                                                                                                                                                                                     |
 | --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | alb                         | ec2, elasticBeanstalkEnv, route53Record, securityGroup, subnet, vpc, wafV2WebAcl                                                                                                                                                                                                                                                                                              |
-| apiGatewayRestApi           | apiGatewayResource, apiGatewayStage, route53Record                                                                                                                                                                                                                                                                                                                            |
+| apiGatewayDomainName        | apiGatewayHttpApi, apiGatewayRestApi                                                                                                                                                                                                                                                                                        |
+| apiGatewayHttpApi           | apiGatewayDomainName                                                                                                                                                                                                                                                                                     |
+| apiGatewayRestApi           | apiGatewayDomainName, apiGatewayResource, apiGatewayStage, route53Record                                                                                                                                                                                                                                                                                                                            |
 | apiGatewayStage             | apiGatewayRestApi, wafV2WebAcl                                                                                                                                                                                                                                                                                                                                                |
 | apiGatewayResource          | apiGatewayRestApi                                                                                                                                                                                                                                                                                                                                                             |
 | appSync                     | cognitoUserPool, dynamodb, iamRole, lambda, rdsCluster, wafV2WebAcl                                                                                                                                                                                                                                                                                                           |

src/enums/relations.ts

@@ -9,4 +9,5 @@ export default {
   emrCluster: ['emrInstance', 'emrStep'],
   ecsService: ['ecsTaskSet', 'ecsTaskDefinition'],
   iamInstanceProfile: ['ec2Instance'],
+  apiGatewayDomainName: ['apiGatewayRestApi'],
 }

src/enums/schemasMap.ts

@@ -6,6 +6,8 @@ import services from './services'
 export default {
   account: 'awsAccount',
   [services.alb]: 'awsAlb',
+  [services.apiGatewayDomainName]: 'awsApiGatewayDomainName',
+  [services.apiGatewayHttpApi]: 'awsApiGatewayHttpApi',
   [services.apiGatewayResource]: 'awsApiGatewayResource',
   [services.apiGatewayRestApi]: 'awsApiGatewayRestApi',
   [services.apiGatewayStage]: 'awsApiGatewayStage',

src/enums/serviceAliases.ts

@@ -2,6 +2,8 @@ import services from './services'
 
 export default {
   [services.alb]: 'albs',
+  [services.apiGatewayDomainName]: 'apiGatewayDomainNames',
+  [services.apiGatewayHttpApi]: 'apiGatewayHttpApis',
   [services.apiGatewayResource]: 'apiGatewayResources',
   [services.apiGatewayRestApi]: 'apiGatewayRestApis',
   [services.apiGatewayStage]: 'apiGatewayStages',

src/enums/serviceMap.ts

@@ -96,6 +96,8 @@ import SageMakerNotebookInstance from '../services/sageMakerNotebookInstance'
 import SystemsManagerInstance from '../services/systemsManagerInstance'
 import SystemsManagerDocument from '../services/systemsManagerDocument'
 import RdsClusterSnapshot from '../services/rdsClusterSnapshot'
+import APIGatewayDomainName from '../services/apiGatewayDomainName'
+import APIGatewayHttpApi from '../services/apiGatewayHttpApi'
 
 /**
  * serviceMap is an object that contains all currently supported services for AWS
@@ -105,6 +107,8 @@ export default {
   account: Account,
   [services.appSync]: AppSync,
   [services.alb]: ALB,
+  [services.apiGatewayDomainName]: APIGatewayDomainName,
+  [services.apiGatewayHttpApi]: APIGatewayHttpApi,
   [services.apiGatewayResource]: APIGatewayResource,
   [services.apiGatewayRestApi]: APIGatewayRestApi,
   [services.apiGatewayStage]: APIGatewayStage,

src/enums/services.ts

@@ -1,5 +1,7 @@
 export default {
   alb: 'alb',
+  apiGatewayDomainName: 'apiGatewayDomainName',
+  apiGatewayHttpApi: 'apiGatewayHttpApi',
   apiGatewayResource: 'apiGatewayResource',
   apiGatewayRestApi: 'apiGatewayRestApi',
   apiGatewayStage: 'apiGatewayStage',

src/services/account/schema.graphql

@@ -1,6 +1,8 @@
 type awsAccount implements awsOptionalService @key(fields: "id") {
   regions: [String] @search(by: [hash])
   albs: [awsAlb]
+  apiGatewayDomainNames: [awsApiGatewayDomainName]
+  apiGatewayHttpApis: [awsApiGatewayHttpApi]
   apiGatewayResources: [awsApiGatewayResource]
   apiGatewayRestApis: [awsApiGatewayRestApi]
   apiGatewayStages: [awsApiGatewayStage]

src/services/apiGatewayDomainName/data.ts

@@ -0,0 +1,198 @@
+import CloudGraph from '@cloudgraph/sdk'
+import APIGW, {
+  ApiMapping,
+  DomainName,
+  GetDomainNamesRequest,
+  GetDomainNamesResponse,
+  GetApiMappingsRequest,
+  GetApiMappingsResponse,
+} from 'aws-sdk/clients/apigatewayv2'
+import { AWSError } from 'aws-sdk/lib/error'
+import { Config } from 'aws-sdk/lib/config'
+import isEmpty from 'lodash/isEmpty'
+import groupBy from 'lodash/groupBy'
+import awsLoggerText from '../../properties/logger'
+import { initTestEndpoint, setAwsRetryOptions } from '../../utils'
+import AwsErrorLog from '../../utils/errorLog'
+import { API_GATEWAY_CUSTOM_DELAY } from '../../config/constants'
+import { TagMap } from '../../types'
+
+const lt = { ...awsLoggerText }
+const { logger } = CloudGraph
+const MAX_DOMAIN_NAMES = '500'
+const serviceName = 'API Gateway Domain Name'
+const errorLog = new AwsErrorLog(serviceName)
+const endpoint = initTestEndpoint(serviceName)
+const customRetrySettings = setAwsRetryOptions({
+  baseDelay: API_GATEWAY_CUSTOM_DELAY,
+})
+
+export const getDomainNamesForRegion = async (
+  apiGw: APIGW
+): Promise<DomainName[]> =>
+  new Promise(async resolve => {
+    const domainNameList: DomainName[] = []
+    const getDomainNamesOpts: GetDomainNamesRequest = {}
+    const listAllDomainNames = (token?: string): void => {
+      getDomainNamesOpts.MaxResults = MAX_DOMAIN_NAMES
+      if (token) {
+        getDomainNamesOpts.NextToken = token
+      }
+      try {
+        apiGw.getDomainNames(
+          getDomainNamesOpts,
+          (err: AWSError, data: GetDomainNamesResponse) => {
+            if (err) {
+              errorLog.generateAwsErrorLog({
+                functionName: 'apiGw:getDomainNames',
+                err,
+              })
+            }
+
+            if (isEmpty(data)) {
+              return resolve([])
+            }
+
+            const { NextToken: nextToken, Items: items = [] } = data || {}
+
+            if (isEmpty(items)) {
+              return resolve([])
+            }
+
+            logger.debug(lt.fetchedApiGwDomainNames(items.length))
+
+            domainNameList.push(...items)
+
+            if (nextToken) {
+              listAllDomainNames(nextToken)
+            } else {
+              resolve(domainNameList)
+            }
+          }
+        )
+      } catch (error) {
+        resolve([])
+      }
+    }
+    listAllDomainNames()
+  })
+
+const getAPIMappings = (
+  apiGw: APIGW,
+  domainName: string
+): Promise<{ domainName: string; apiMappings: ApiMapping[] }> =>
+  new Promise<{ domainName: string; apiMappings: ApiMapping[] }>(resolve => {
+    const apiMappingList: ApiMapping[] = []
+    const args: GetApiMappingsRequest = { DomainName: domainName }
+    const listAllAPIMappings = (token?: string): void => {
+      if (token) {
+        args.NextToken = token
+      }
+      try {
+        apiGw.getApiMappings(
+          args,
+          (err: AWSError, data: GetApiMappingsResponse) => {
+            if (err) {
+              errorLog.generateAwsErrorLog({
+                functionName: 'apiGw:getApiMappings',
+                err,
+              })
+            }
+
+            if (isEmpty(data)) {
+              return resolve({
+                domainName,
+                apiMappings: [],
+              })
+            }
+
+            const { NextToken: nextToken, Items: apiMappings = [] } = data || {}
+
+            if (isEmpty(apiMappings)) {
+              return resolve({
+                domainName,
+                apiMappings: [],
+              })
+            }
+
+            apiMappingList.push(...apiMappings)
+
+            if (nextToken) {
+              listAllAPIMappings(nextToken)
+            } else {
+              resolve({ domainName, apiMappings: apiMappingList })
+            }
+          }
+        )
+      } catch (error) {
+        resolve({
+          domainName,
+          apiMappings: [],
+        })
+      }
+    }
+    listAllAPIMappings()
+  })
+
+export interface RawAwsApiGatewayDomainName extends Omit<DomainName, 'tags'> {
+  region: string
+  Tags: TagMap
+  ApiMappings: ApiMapping[]
+  account
+}
+
+export default async ({
+  regions,
+  config,
+  account,
+}: {
+  account: string
+  regions: string
+  config: Config
+}): Promise<{
+  [region: string]: RawAwsApiGatewayDomainName[]
+}> =>
+  new Promise(async resolve => {
+    const domainNamesResult: RawAwsApiGatewayDomainName[] = []
+
+    const regionPromises = regions.split(',').map(region => {
+      const apiGw = new APIGW({
+        ...config,
+        region,
+        endpoint,
+        ...customRetrySettings,
+      })
+
+      return new Promise<void>(async resolveTransitGatewayData => {
+        // Get Custom Domains Data
+        const customDomains = await getDomainNamesForRegion(apiGw)
+
+        const mappingPromises = customDomains.map(
+          ({ DomainName: domainName }) => getAPIMappings(apiGw, domainName)
+        )
+
+        const mappingData = await Promise.all(mappingPromises)
+
+        if (!isEmpty(customDomains)) {
+          for (const domain of customDomains) {
+            domainNamesResult.push({
+              ...domain,
+              ApiMappings:
+                mappingData?.find(m => m.domainName === domain.DomainName)
+                  ?.apiMappings || [],
+              region,
+              Tags: domain.Tags,
+              account,
+            })
+          }
+        }
+
+        resolveTransitGatewayData()
+      })
+    })
+
+    await Promise.all(regionPromises)
+    errorLog.reset()
+
+    resolve(groupBy(domainNamesResult, 'region'))
+  })

src/services/apiGatewayDomainName/format.ts

@@ -0,0 +1,47 @@
+import cuid from 'cuid'
+import { RawAwsApiGatewayDomainName } from './data'
+import { AwsApiGatewayDomainName } from '../../types/generated'
+import { domainNameArn } from '../../utils/generateArns'
+import { formatTagsFromMap } from '../../utils/format'
+
+export default ({
+  service,
+  account: accountId,
+  region,
+}: {
+  service: RawAwsApiGatewayDomainName
+  account: string
+  region: string
+}): AwsApiGatewayDomainName => {
+  const {
+    DomainName: domainName,
+    ApiMappingSelectionExpression: apiMappingSelectionExpression,
+    DomainNameConfigurations: domainNameConfigurations = [],
+    Tags: tags = {},
+  } = service
+
+  const arn = domainNameArn({ region, account: accountId, name: domainName })
+
+  return {
+    id: arn,
+    accountId,
+    arn,
+    region,
+    domainName,
+    apiMappingSelectionExpression,
+    configurations: domainNameConfigurations?.map(dn => ({
+      id: cuid(),
+      apiGatewayDomainName: dn.ApiGatewayDomainName,
+      certificateArn: dn.CertificateArn,
+      certificateName: dn.CertificateName,
+      certificateUploadDate: dn.CertificateUploadDate?.toDateString(),
+      domainNameStatus: dn.DomainNameStatus,
+      domainNameStatusMessage: dn.DomainNameStatusMessage,
+      endpointType: dn.EndpointType,
+      securityPolicy: dn.SecurityPolicy,
+      ownershipVerificationCertificateArn:
+        dn.OwnershipVerificationCertificateArn,
+    })) || [],
+    tags: formatTagsFromMap(tags),
+  }
+}

src/services/apiGatewayDomainName/index.ts

@@ -0,0 +1,13 @@
+import { Service } from '@cloudgraph/sdk'
+import BaseService from '../base'
+import format from './format'
+import getData from './data'
+import mutation from './mutation'
+
+export default class APIGatewayDomainName extends BaseService implements Service {
+  format = format.bind(this)
+
+  getData = getData.bind(this)
+
+  mutation = mutation
+}