Merge pull request #144 from cloudgraphdev/feat/EP-3185

feat: Added missing data to RDS

Author: Marco Franceschi

README.md

@@ -147,6 +147,9 @@ CloudGraph AWS Provider will ask you what regions you would like to crawl and wi
 | organization                |
 | rdsCluster                  | appSync, rdsClusterSnapshot, rdsDbInstance, route53HostedZone, securityGroup, subnet, iamRole, kms                                                                                                                                                                                                                                                                            |
 | rdsClusterSnapshot          | kms, rdsCluster, vpc                                                                                                                                                                                                                                                                                                                                                          |
+| rdsDbProxies          |                                                                                                                                                                                                                                                                                                                                                           |
+| rdsEventSubscription          |                                                                                                                                                                                                                                                                                                                                                           |
+| rdsGlobalCluster           |                                                                                                                                                                                                                                                                                                                                                           |
 | rdsDbInstance               | kms, iamRole, rdsCluster, securityGroup, vpc, subnet, cloudwatchLog                                                                                                                                                                                                                                                                                                           |
 | redshiftCluster             | kms, vpc                                                                                                                                                                                                                                                                                                                                                                      |
 | route53Record               | alb, apiGatewayRestApi, elb, route53HostedZone                                                                                                                                                                                                                                                                                                                                |

src/enums/serviceMap.ts

@@ -51,7 +51,10 @@ import NATGateway from '../services/natGateway'
 import NetworkAcl from '../services/nacl'
 import NetworkInterface from '../services/networkInterface'
 import RDSCluster from '../services/rdsCluster'
+import RDSGlobalCluster from '../services/rdsGlobalCluster '
 import RDSDbInstance from '../services/rdsDbInstance'
+import RDSEventSubscription from '../services/rdsEventSubscription'
+import RdsDbProxies from '../services/rdsDbProxies'
 import RedshiftCluster from '../services/redshift'
 import Route53HostedZone from '../services/route53HostedZone'
 import Route53Record from '../services/route53Record'
@@ -183,8 +186,11 @@ export default {
   [services.vpcPeeringConnection]: VpcPeeringConnection,
   [services.sqs]: SQS,
   [services.rdsCluster]: RDSCluster,
+  [services.rdsGlobalCluster]: RDSGlobalCluster,
   [services.rdsClusterSnapshot]: RdsClusterSnapshot,
   [services.rdsDbInstance]: RDSDbInstance,
+  [services.rdsEventSubscription]: RDSEventSubscription,
+  [services.rdsDbProxies]: RdsDbProxies,
   [services.redshiftCluster]: RedshiftCluster,
   [services.route53HostedZone]: Route53HostedZone,
   [services.route53Record]: Route53Record,

src/enums/services.ts

@@ -78,8 +78,11 @@ export default {
   networkInterface: 'networkInterface',
   organization: 'organization',
   rdsCluster: 'rdsCluster',
+  rdsGlobalCluster: 'rdsGlobalCluster',
   rdsClusterSnapshot: 'rdsClusterSnapshot',
   rdsDbInstance: 'rdsDbInstance',
+  rdsEventSubscription: 'rdsEventSubscription',
+  rdsDbProxies: 'rdsDbProxies',
   redshiftCluster: 'redshiftCluster',
   route53HostedZone: 'route53HostedZone',
   route53Record: 'route53Record',

src/properties/logger.ts

@@ -291,8 +291,13 @@ export default {
   lookingforRdsClusters: 'Looking for RDS Clusters...',
   creatingRdsInstance: (num: number): string => `Creating RDS Instance #${num}`,
   fetchedRdsClusters: (num: number): string => `Fetched ${num} RDS Clusters`,
+  fetchedRdsGlobalClusters: (num: number): string => `Fetched ${num} RDS Global Clusters`,
   fetchedRdsInstances: (num: number): string =>
     `Fetched ${num} RDS DB Instances`,
+  fetchedRdsEventSubscriptions: (num: number): string =>
+    `Fetched ${num} RDS DB Event Subscriptions`,
+  fetchedRdsDbProxies: (num: number): string =>
+    `Fetched ${num} RDS DB Proxies`,
   noClusterFound: '❎ DB Instance is not part of a cluster ❎ ',
   foundCluster: 'Found the cluster the instance belongs to',
   addingRdsInstances: (num: number): string =>

src/services/account/schema.graphql

@@ -75,8 +75,11 @@ type awsAccount implements awsOptionalService @key(fields: "id") {
   networkInterfaces: [awsNetworkInterface]
   organizations: [awsOrganization]
   rdsClusters: [awsRdsCluster]
+  rdsGlobalCluster : [awsRdsGlobalCluster]
   rdsClusterSnapshots: [awsRdsClusterSnapshot]
   rdsDbInstances: [awsRdsDbInstance]
+  rdsEventSubscription: [awsRdsEventSubscription]
+  rdsDbProxies: [awsRdsDbProxies]
   redshiftClusters: [awsRedshiftCluster]
   route53HostedZones: [awsRoute53HostedZone]
   route53Records: [awsRoute53Record]

src/services/rdsDbInstance/data.ts

@@ -4,6 +4,8 @@ import RDS, {
   DBInstance,
   DescribeDBInstancesMessage,
   DBInstanceMessage,
+  DBSnapshotMessage,
+  DBSnapshot,
 } from 'aws-sdk/clients/rds'
 import { AWSError } from 'aws-sdk/lib/error'
 import groupBy from 'lodash/groupBy'
@@ -57,6 +59,28 @@ const listDBInstancesForRegion = async (rds: RDS): Promise<DBInstance[]> =>
     listAllDBInstances()
   })
 
+const getInstanceSnapshots = async (rds: RDS, arn: string): Promise<DBSnapshot[]> =>
+  new Promise(resolve => {
+    try {
+      rds.describeDBSnapshots(
+        { DBInstanceIdentifier: arn },
+        (err: AWSError, data: DBSnapshotMessage) => {
+          if (err) {
+            errorLog.generateAwsErrorLog({
+              functionName: 'rds:describeDBSnapshots',
+              err,
+            })
+            return resolve([])
+          }
+          const { DBSnapshots: snapshots = [] } = data || {}
+          resolve(snapshots)
+        }
+      )
+    } catch (error) {
+      resolve([])
+    }
+  })
+
 const getResourceTags = async (rds: RDS, arn: string): Promise<TagMap> =>
   new Promise(resolve => {
     try {
@@ -81,6 +105,7 @@ const getResourceTags = async (rds: RDS, arn: string): Promise<TagMap> =>
 
 export interface RawAwsRdsDbInstance extends DBInstance {
   Tags?: TagMap
+  Snapshots?: DBSnapshot[]
   region: string
 }
 
@@ -123,6 +148,7 @@ export default async ({
       const rds = new RDS({ ...config, region, endpoint })
       const tagsPromise = new Promise<void>(async resolveTags => {
         rdsData[idx].Tags = await getResourceTags(rds, DBInstanceArn)
+        rdsData[idx].Snapshots = await getInstanceSnapshots(rds, DBInstanceArn)
         resolveTags()
       })
       tagsPromises.push(tagsPromise)

src/services/rdsDbInstance/format.ts

@@ -1,20 +1,23 @@
+import { generateUniqueId } from '@cloudgraph/sdk'
+
 import upperFirst from 'lodash/upperFirst'
 import { RawAwsRdsDbInstance } from './data'
-import { 
-  AwsRdsDbInstance, 
+import {
+  AwsRdsDbInstance, AwsRdsDbInstanceGroupOption, AwsRdsDbInstanceParameterGroup, AwsRdsDbInstanceSnapshot,
 } from '../../types/generated'
-import { formatTagsFromMap } from '../../utils/format'
+import { convertAwsTagsToTagMap, formatTagsFromMap } from '../../utils/format'
+import { AwsTag } from '../../types'
 
 export default ({
   service,
   account,
   region
-}: 
-{
-  service: RawAwsRdsDbInstance
-  account: string
-  region: string
-}): AwsRdsDbInstance => {
+}:
+  {
+    service: RawAwsRdsDbInstance
+    account: string
+    region: string
+  }): AwsRdsDbInstance => {
   const {
     DBInstanceArn: arn,
     DBInstanceIdentifier: dBInstanceIdentifier,
@@ -42,19 +45,96 @@ export default ({
     Endpoint: endpoint,
     LicenseModel: licenseModel,
     Tags = {},
+    Snapshots = []
   } = service
 
   const subnetGroup = service.DBSubnetGroup?.DBSubnetGroupName || ''
 
-  const parameterGroup = service.DBParameterGroups.map(
-    ({ DBParameterGroupName, ParameterApplyStatus }) =>
-      `${DBParameterGroupName} (${ParameterApplyStatus})`
-  ).join(' | ')
+  const parameterGroups: AwsRdsDbInstanceParameterGroup[] = service.DBParameterGroups.map(
+    (parameter) => {
+      const { DBParameterGroupName, ParameterApplyStatus } = parameter
+      return ({
+        id: generateUniqueId({
+          arn,
+          ...parameter
+        }),
+        description: `${DBParameterGroupName} (${ParameterApplyStatus})`,
+        name: DBParameterGroupName,
+        status: ParameterApplyStatus
+      })
+    }
+  )
+
+  const optionsGroups: AwsRdsDbInstanceGroupOption[] = service.OptionGroupMemberships.map(
+    (option) => {
+      const { OptionGroupName, Status } = option
+      return ({
+        id: generateUniqueId({
+          arn,
+          ...option
+        }),
+        description: `${OptionGroupName} (${upperFirst(Status)})`,
+        groupName: OptionGroupName,
+        status: Status
+      })
+    }
+
+  )
+
+  const snapshots: AwsRdsDbInstanceSnapshot[] = Snapshots.map(
+    (snapshot) => {
+      const tags = convertAwsTagsToTagMap(snapshot.TagList as AwsTag[])
+      return ({
+        id: generateUniqueId({
+          arn,
+          ...snapshot
+        }),
+        dBSnapshotIdentifier: snapshot.DBSnapshotIdentifier,
+        dBInstanceIdentifier: snapshot.DBInstanceIdentifier,
+        snapshotCreateTime: snapshot.SnapshotCreateTime?.toISOString(),
+        engine: snapshot.Engine,
+        allocatedStorage: snapshot.AllocatedStorage,
+        status: snapshot.Status,
+        port: snapshot.Port,
+        availabilityZone: snapshot.AvailabilityZone,
+        vpcId: snapshot.VpcId,
+        instanceCreateTime: snapshot.InstanceCreateTime?.toISOString(),
+        masterUsername: snapshot.MasterUsername,
+        engineVersion: snapshot.EngineVersion,
+        licenseModel: snapshot.LicenseModel,
+        snapshotType: snapshot.SnapshotType,
+        iops: snapshot.Iops,
+        optionGroupName: snapshot.OptionGroupName,
+        percentProgress: snapshot.PercentProgress,
+        sourceRegion: snapshot.SourceRegion,
+        sourceDBSnapshotIdentifier: snapshot.SourceDBSnapshotIdentifier,
+        storageType: snapshot.StorageType,
+        tdeCredentialArn: snapshot.TdeCredentialArn,
+        encrypted: snapshot.Encrypted,
+        kmsKeyId: snapshot.KmsKeyId,
+        dBSnapshotArn: snapshot.DBSnapshotArn,
+        timezone: snapshot.Timezone,
+        iAMDatabaseAuthenticationEnabled: snapshot.IAMDatabaseAuthenticationEnabled,
+        processorFeatures: snapshot.ProcessorFeatures?.map(p => ({
+          id: generateUniqueId({
+            arn,
+            ...p
+          }),
+          name: p.Name,
+          value: p.Value
+        })),
+        dbiResourceId: snapshot.DbiResourceId,
+        tagList: snapshot.TagList,
+        originalSnapshotCreateTime: snapshot.OriginalSnapshotCreateTime?.toISOString(),
+        snapshotDatabaseTime: snapshot.SnapshotDatabaseTime?.toISOString(),
+        snapshotTarget: snapshot.SnapshotTarget,
+        storageThroughput: snapshot.StorageThroughput,
+        tags: formatTagsFromMap(tags)
+      })
+    }
+  )
+
 
-  const optionsGroups = service.OptionGroupMemberships.map(
-    ({ OptionGroupName, Status }) =>
-      `${OptionGroupName} (${upperFirst(Status)})`
-  ).join(' | ')
 
   return {
     id: arn,
@@ -77,7 +157,7 @@ export default ({
     autoMinorVersionUpgrade,
     iamDbAuthenticationEnabled,
     optionsGroups,
-    parameterGroup,
+    parameterGroups,
     storageType,
     instanceClass,
     allocatedStorage,
@@ -91,6 +171,7 @@ export default ({
     kmsKey,
     encrypted,
     licenseModel,
+    snapshots,
     tags: formatTagsFromMap(Tags),
   }
 }

src/services/rdsDbInstance/schema.graphql

@@ -1,3 +1,69 @@
+type awsRdsDbInstanceParameterGroup {
+  id: String! @id
+  name: String @search(by: [hash, regexp])
+  status: String @search(by: [hash, regexp])
+  description: String @search(by: [hash, regexp])
+}
+
+type awsRdsDbInstanceGroupOption {
+  id: String! @id
+  groupName: String @search(by: [hash, regexp])
+  status: String @search(by: [hash, regexp])
+  description: String @search(by: [hash, regexp])
+}
+
+type awsRdsDbInstanceSnapshot {
+  id: String! @id
+  groupName: String @search(by: [hash, regexp])
+  status: String @search(by: [hash, regexp])
+  description: String @search(by: [hash, regexp])
+}
+
+
+type awsRdsDbInstanceProcessorFeature {
+  id: String! @id
+  name: String @search(by: [hash, regexp])
+  value: String @search(by: [hash, regexp])
+}
+
+type awsRdsDbInstanceSnapshot {
+  id: String! @id
+  dBSnapshotIdentifier: String @search(by: [hash, regexp])
+  dBInstanceIdentifier: String @search(by: [hash, regexp])
+  snapshotCreateTime: DateTime @search(by: [day])
+  engine: String @search(by: [hash, regexp])
+  allocatedStorage: Int @search
+  status: String @search(by: [hash, regexp])
+  port: Int @search
+  availabilityZone: String @search(by: [hash, regexp])
+  vpcId: String @search(by: [hash, regexp])
+  instanceCreateTime: DateTime @search(by: [day])
+  masterUsername: String @search(by: [hash, regexp])
+  engineVersion: String @search(by: [hash, regexp])
+  licenseModel: String @search(by: [hash, regexp])
+  snapshotType: String @search(by: [hash, regexp])
+  iops: Int @search
+  optionGroupName: String @search(by: [hash, regexp])
+  percentProgress: Int @search
+  sourceRegion: String @search(by: [hash, regexp])
+  sourceDBSnapshotIdentifier: String @search(by: [hash, regexp])
+  storageType: String @search(by: [hash, regexp])
+  tdeCredentialArn: String @search(by: [hash, regexp])
+  encrypted: Boolean @search
+  kmsKeyId: String @search(by: [hash, regexp])
+  dBSnapshotArn: String @search(by: [hash, regexp])
+  timezone: String @search(by: [hash, regexp])
+  iAMDatabaseAuthenticationEnabled: Boolean @search
+  processorFeatures: [awsRdsDbInstanceProcessorFeature]
+  dbiResourceId: String @search(by: [hash, regexp])
+  tags: [awsRawTag]
+  originalSnapshotCreateTime: DateTime @search(by: [day])
+  snapshotDatabaseTime: DateTime @search(by: [day])
+  snapshotTarget: String @search(by: [hash, regexp])
+  storageThroughput: Int @search
+}
+
+
 type awsRdsDbInstance implements awsBaseService @key(fields: "arn") {
   name: String @search(by: [hash, regexp])
   port: Int @search
@@ -14,8 +80,8 @@ type awsRdsDbInstance implements awsBaseService @key(fields: "arn") {
   performanceInsightsEnabled: Boolean @search
   autoMinorVersionUpgrade: Boolean @search
   iamDbAuthenticationEnabled: Boolean @search
-  optionsGroups: String
-  parameterGroup: String
+  optionsGroups: [awsRdsDbInstanceGroupOption]
+  parameterGroups: [awsRdsDbInstanceParameterGroup]
   storageType: String @search(by: [hash, regexp])
   instanceClass: String @search(by: [hash, regexp])
   allocatedStorage: Int @search
@@ -30,6 +96,7 @@ type awsRdsDbInstance implements awsBaseService @key(fields: "arn") {
   encrypted: Boolean @search
   licenseModel: String @search(by: [hash, regexp])
   tags: [awsRawTag]
+  snapshots: [awsRdsDbInstanceSnapshot]
   cluster: [awsRdsCluster] @hasInverse(field: instances)
   kms: [awsKms] @hasInverse(field: rdsDbInstance)
   securityGroups: [awsSecurityGroup] @hasInverse(field: rdsDbInstance)