Skip to content

Instantly share code, notes, and snippets.

@fridim

fridim/issue660.patch

Created July 8, 2021 13:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save fridim/013b6824af484df0f630fd2fd3183ec4 to your computer and use it in GitHub Desktop.
Save fridim/013b6824af484df0f630fd2fd3183ec4 to your computer and use it in GitHub Desktop.
Download ZIP
Work in progress for 660
Raw
issue660.patch
1 file changed, 58 insertions(+)
resources/s3-buckets.go | 58 +++++++++++++++++++++++++++++++++++++++++++++++++
modified resources/s3-buckets.go
@@ -9,6 +9,8 @@ import (
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/s3"
+ "github.com/aws/aws-sdk-go/service/sts"
+ "github.com/aws/aws-sdk-go/service/s3control"
"github.com/aws/aws-sdk-go/service/s3/s3iface"
"github.com/aws/aws-sdk-go/service/s3/s3manager"
"github.com/rebuy-de/aws-nuke/pkg/types"
@@ -20,13 +22,27 @@ func init() {
type S3Bucket struct {
svc *s3.S3
+ svcControl *s3control.S3Control
name string
tags []*s3.Tag
+ accessPoints []*s3control.AccessPoint
+ accountID string
}
func ListS3Buckets(s *session.Session) ([]Resource, error) {
svc := s3.New(s)
+ svcControl := s3control.New(s)
+
+ // Lookup current account ID
+ stsSvc := sts.New(s)
+ callerID, err := stsSvc.GetCallerIdentity(&sts.GetCallerIdentityInput{})
+ if err != nil {
+ return nil, err
+ }
+
+ accountID := callerID.Account
+
buckets, err := DescribeS3Buckets(svc)
if err != nil {
return nil, err
@@ -34,6 +50,21 @@ func ListS3Buckets(s *session.Session) ([]Resource, error) {
resources := make([]Resource, 0)
for _, name := range buckets {
+ fmt.Println("listing BUCKET", name)
+ input := &s3control.ListAccessPointsInput{
+ Bucket: &name,
+ AccountId: accountID,
+ }
+ output, err := svcControl.ListAccessPoints(input)
+ accessPoints := []*s3control.AccessPoint{}
+ if err == nil {
+ accessPoints = output.AccessPointList
+
+ fmt.Println("access points", accessPoints)
+ } else {
+ fmt.Println(err)
+ }
+
tags, err := svc.GetBucketTagging(&s3.GetBucketTaggingInput{
Bucket: aws.String(name),
})
@@ -45,6 +76,9 @@ func ListS3Buckets(s *session.Session) ([]Resource, error) {
svc: svc,
name: name,
tags: make([]*s3.Tag, 0),
+ svcControl: svcControl,
+ accountID: *accountID,
+ accessPoints: accessPoints,
})
}
}
@@ -53,6 +87,9 @@ func ListS3Buckets(s *session.Session) ([]Resource, error) {
resources = append(resources, &S3Bucket{
svc: svc,
+ svcControl: svcControl,
+ accountID: *accountID,
+ accessPoints: accessPoints,
name: name,
tags: tags.TagSet,
})
@@ -112,6 +149,12 @@ func (e *S3Bucket) Remove() error {
return err
}
+ fmt.Println("REMOVING BUCKET")
+ err = e.RemoveAllAccessPoints()
+ if err != nil {
+ return err
+ }
+
_, err = e.svc.DeleteBucket(&s3.DeleteBucketInput{
Bucket: &e.name,
})
@@ -119,6 +162,21 @@ func (e *S3Bucket) Remove() error {
return err
}
+func (e *S3Bucket) RemoveAllAccessPoints() error {
+ for _, accessPoint := range e.accessPoints {
+ fmt.Println("REMOVING accessPoint", accessPoint)
+ input := &s3control.DeleteAccessPointInput{
+ Name: accessPoint.Name,
+ AccountId: &e.accountID,
+ }
+ if _, err := e.svcControl.DeleteAccessPoint(input) ; err != nil {
+ return err
+ }
+
+ }
+ return nil
+}
+
func (e *S3Bucket) RemoveAllVersions() error {
params := &s3.ListObjectVersionsInput{
Bucket: &e.name,
[back]
Raw
output.log
listing BUCKET vehsystempoc-infra
DNS lookup failed for s3-control.ap-southeast-1.amazonaws.com; assuming it does not exist in this region
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment