backup

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 14, 2026 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var BackupCalls = []types.AWSService{
	{
		Name: "backup:ListBackupVaults",
		Call: func(ctx context.Context, sess *session.Session) (interface{}, error) {
			var allVaults []bkVault
			var lastErr error

			for _, region := range types.Regions {
				svc := backup.New(sess, &aws.Config{Region: aws.String(region)})
				var nextToken *string
				for {
					input := &backup.ListBackupVaultsInput{
						MaxResults: aws.Int64(1000),
					}
					if nextToken != nil {
						input.NextToken = nextToken
					}
					output, err := svc.ListBackupVaultsWithContext(ctx, input)
					if err != nil {
						lastErr = err
						utils.HandleAWSError(false, "backup:ListBackupVaults", err)
						break
					}

					for _, v := range output.BackupVaultList {
						name := ""
						if v.BackupVaultName != nil {
							name = *v.BackupVaultName
						}

						arn := ""
						if v.BackupVaultArn != nil {
							arn = *v.BackupVaultArn
						}

						var recoveryPointCount int64
						if v.NumberOfRecoveryPoints != nil {
							recoveryPointCount = *v.NumberOfRecoveryPoints
						}

						encryptionKeyArn := ""
						if v.EncryptionKeyArn != nil {
							encryptionKeyArn = *v.EncryptionKeyArn
						}

						creationDate := ""
						if v.CreationDate != nil {
							creationDate = v.CreationDate.Format(time.RFC3339)
						}

						locked := false
						if v.Locked != nil {
							locked = *v.Locked
						}

						allVaults = append(allVaults, bkVault{
							Name:               name,
							Arn:                arn,
							RecoveryPointCount: recoveryPointCount,
							EncryptionKeyArn:   encryptionKeyArn,
							CreationDate:       creationDate,
							Locked:             locked,
							Region:             region,
						})
					}

					if output.NextToken == nil {
						break
					}
					nextToken = output.NextToken
				}
			}

			if len(allVaults) == 0 && lastErr != nil {
				return nil, lastErr
			}
			return allVaults, nil
		},
		Process: func(output interface{}, err error, debug bool) []types.ScanResult {
			var results []types.ScanResult

			if err != nil {
				utils.HandleAWSError(debug, "backup:ListBackupVaults", err)
				return []types.ScanResult{
					{
						ServiceName: "Backup",
						MethodName:  "backup:ListBackupVaults",
						Error:       err,
						Timestamp:   time.Now(),
					},
				}
			}

			vaults, ok := output.([]bkVault)
			if !ok {
				utils.HandleAWSError(debug, "backup:ListBackupVaults", fmt.Errorf("unexpected output type %T", output))
				return results
			}

			for _, v := range vaults {
				results = append(results, types.ScanResult{
					ServiceName:  "Backup",
					MethodName:   "backup:ListBackupVaults",
					ResourceType: "backup-vault",
					ResourceName: v.Name,
					Details: map[string]interface{}{
						"Name":               v.Name,
						"Arn":                v.Arn,
						"RecoveryPointCount": v.RecoveryPointCount,
						"EncryptionKeyArn":   v.EncryptionKeyArn,
						"CreationDate":       v.CreationDate,
						"Locked":             v.Locked,
						"Region":             v.Region,
					},
					Timestamp: time.Now(),
				})

				utils.PrintResult(debug, "", "backup:ListBackupVaults",
					fmt.Sprintf("Backup Vault: %s (Recovery Points: %d, Locked: %v, Region: %s)", utils.ColorizeItem(v.Name), v.RecoveryPointCount, v.Locked, v.Region), nil)
			}
			return results
		},
		ModuleName: types.DefaultModuleName,
	},
	{
		Name: "backup:ListBackupPlans",
		Call: func(ctx context.Context, sess *session.Session) (interface{}, error) {
			var allPlans []bkPlan
			var lastErr error

			for _, region := range types.Regions {
				svc := backup.New(sess, &aws.Config{Region: aws.String(region)})
				var nextToken *string
				for {
					input := &backup.ListBackupPlansInput{
						MaxResults: aws.Int64(1000),
					}
					if nextToken != nil {
						input.NextToken = nextToken
					}
					output, err := svc.ListBackupPlansWithContext(ctx, input)
					if err != nil {
						lastErr = err
						utils.HandleAWSError(false, "backup:ListBackupPlans", err)
						break
					}

					for _, p := range output.BackupPlansList {
						name := ""
						if p.BackupPlanName != nil {
							name = *p.BackupPlanName
						}

						planId := ""
						if p.BackupPlanId != nil {
							planId = *p.BackupPlanId
						}

						arn := ""
						if p.BackupPlanArn != nil {
							arn = *p.BackupPlanArn
						}

						creationDate := ""
						if p.CreationDate != nil {
							creationDate = p.CreationDate.Format(time.RFC3339)
						}

						lastExecutionDate := ""
						if p.LastExecutionDate != nil {
							lastExecutionDate = p.LastExecutionDate.Format(time.RFC3339)
						}

						versionId := ""
						if p.VersionId != nil {
							versionId = *p.VersionId
						}

						allPlans = append(allPlans, bkPlan{
							Name:              name,
							PlanId:            planId,
							Arn:               arn,
							CreationDate:      creationDate,
							LastExecutionDate: lastExecutionDate,
							VersionId:         versionId,
							Region:            region,
						})
					}

					if output.NextToken == nil {
						break
					}
					nextToken = output.NextToken
				}
			}

			if len(allPlans) == 0 && lastErr != nil {
				return nil, lastErr
			}
			return allPlans, nil
		},
		Process: func(output interface{}, err error, debug bool) []types.ScanResult {
			var results []types.ScanResult

			if err != nil {
				utils.HandleAWSError(debug, "backup:ListBackupPlans", err)
				return []types.ScanResult{
					{
						ServiceName: "Backup",
						MethodName:  "backup:ListBackupPlans",
						Error:       err,
						Timestamp:   time.Now(),
					},
				}
			}

			plans, ok := output.([]bkPlan)
			if !ok {
				utils.HandleAWSError(debug, "backup:ListBackupPlans", fmt.Errorf("unexpected output type %T", output))
				return results
			}

			for _, p := range plans {
				results = append(results, types.ScanResult{
					ServiceName:  "Backup",
					MethodName:   "backup:ListBackupPlans",
					ResourceType: "backup-plan",
					ResourceName: p.Name,
					Details: map[string]interface{}{
						"Name":              p.Name,
						"PlanId":            p.PlanId,
						"Arn":               p.Arn,
						"CreationDate":      p.CreationDate,
						"LastExecutionDate": p.LastExecutionDate,
						"VersionId":         p.VersionId,
						"Region":            p.Region,
					},
					Timestamp: time.Now(),
				})

				utils.PrintResult(debug, "", "backup:ListBackupPlans",
					fmt.Sprintf("Backup Plan: %s (Last Execution: %s, Region: %s)", utils.ColorizeItem(p.Name), p.LastExecutionDate, p.Region), nil)
			}
			return results
		},
		ModuleName: types.DefaultModuleName,
	},
	{
		Name: "backup:ListRecoveryPointsByBackupVault",
		Call: func(ctx context.Context, sess *session.Session) (interface{}, error) {
			var allRecoveryPoints []bkRecoveryPoint
			var lastErr error

			for _, region := range types.Regions {
				svc := backup.New(sess, &aws.Config{Region: aws.String(region)})

				// Step 1: List all vaults in this region
				var vaultNames []string
				var vaultNextToken *string
				for {
					vaultInput := &backup.ListBackupVaultsInput{
						MaxResults: aws.Int64(1000),
					}
					if vaultNextToken != nil {
						vaultInput.NextToken = vaultNextToken
					}
					vaultOutput, err := svc.ListBackupVaultsWithContext(ctx, vaultInput)
					if err != nil {
						lastErr = err
						utils.HandleAWSError(false, "backup:ListRecoveryPointsByBackupVault", err)
						break
					}
					for _, v := range vaultOutput.BackupVaultList {
						if v.BackupVaultName != nil {
							vaultNames = append(vaultNames, *v.BackupVaultName)
						}
					}
					if vaultOutput.NextToken == nil {
						break
					}
					vaultNextToken = vaultOutput.NextToken
				}

				for _, vaultName := range vaultNames {
					var nextToken *string
					for {
						input := &backup.ListRecoveryPointsByBackupVaultInput{
							BackupVaultName: aws.String(vaultName),
							MaxResults:      aws.Int64(1000),
						}
						if nextToken != nil {
							input.NextToken = nextToken
						}
						output, err := svc.ListRecoveryPointsByBackupVaultWithContext(ctx, input)
						if err != nil {
							utils.HandleAWSError(false, "backup:ListRecoveryPointsByBackupVault", err)
							break
						}

						for _, rp := range output.RecoveryPoints {
							rpArn := ""
							if rp.RecoveryPointArn != nil {
								rpArn = *rp.RecoveryPointArn
							}

							rpVaultName := ""
							if rp.BackupVaultName != nil {
								rpVaultName = *rp.BackupVaultName
							}

							resourceArn := ""
							if rp.ResourceArn != nil {
								resourceArn = *rp.ResourceArn
							}

							resourceType := ""
							if rp.ResourceType != nil {
								resourceType = *rp.ResourceType
							}

							status := ""
							if rp.Status != nil {
								status = *rp.Status
							}

							creationDate := ""
							if rp.CreationDate != nil {
								creationDate = rp.CreationDate.Format(time.RFC3339)
							}

							var backupSize int64
							if rp.BackupSizeInBytes != nil {
								backupSize = *rp.BackupSizeInBytes
							}

							allRecoveryPoints = append(allRecoveryPoints, bkRecoveryPoint{
								RecoveryPointArn:  rpArn,
								VaultName:         rpVaultName,
								ResourceArn:       resourceArn,
								ResourceType:      resourceType,
								Status:            status,
								CreationDate:      creationDate,
								BackupSizeInBytes: backupSize,
								Region:            region,
							})
						}

						if output.NextToken == nil {
							break
						}
						nextToken = output.NextToken
					}
				}
			}

			if len(allRecoveryPoints) == 0 && lastErr != nil {
				return nil, lastErr
			}
			return allRecoveryPoints, nil
		},
		Process: func(output interface{}, err error, debug bool) []types.ScanResult {
			var results []types.ScanResult

			if err != nil {
				utils.HandleAWSError(debug, "backup:ListRecoveryPointsByBackupVault", err)
				return []types.ScanResult{
					{
						ServiceName: "Backup",
						MethodName:  "backup:ListRecoveryPointsByBackupVault",
						Error:       err,
						Timestamp:   time.Now(),
					},
				}
			}

			recoveryPoints, ok := output.([]bkRecoveryPoint)
			if !ok {
				utils.HandleAWSError(debug, "backup:ListRecoveryPointsByBackupVault", fmt.Errorf("unexpected output type %T", output))
				return results
			}

			for _, rp := range recoveryPoints {
				results = append(results, types.ScanResult{
					ServiceName:  "Backup",
					MethodName:   "backup:ListRecoveryPointsByBackupVault",
					ResourceType: "recovery-point",
					ResourceName: rp.RecoveryPointArn,
					Details: map[string]interface{}{
						"RecoveryPointArn":  rp.RecoveryPointArn,
						"VaultName":         rp.VaultName,
						"ResourceArn":       rp.ResourceArn,
						"ResourceType":      rp.ResourceType,
						"Status":            rp.Status,
						"CreationDate":      rp.CreationDate,
						"BackupSizeInBytes": rp.BackupSizeInBytes,
						"Region":            rp.Region,
					},
					Timestamp: time.Now(),
				})

				utils.PrintResult(debug, "", "backup:ListRecoveryPointsByBackupVault",
					fmt.Sprintf("Backup Recovery Point: %s (Vault: %s, Resource: %s, Status: %s, Region: %s)", utils.ColorizeItem(rp.RecoveryPointArn), rp.VaultName, rp.ResourceArn, rp.Status, rp.Region), nil)
			}
			return results
		},
		ModuleName: types.DefaultModuleName,
	},
	{
		Name: "backup:GetBackupVaultAccessPolicy",
		Call: func(ctx context.Context, sess *session.Session) (interface{}, error) {
			var allPolicies []bkVaultPolicy
			var lastErr error

			for _, region := range types.Regions {
				svc := backup.New(sess, &aws.Config{Region: aws.String(region)})

				// Step 1: List all vaults in this region
				var vaultNames []string
				var vaultNextToken *string
				for {
					vaultInput := &backup.ListBackupVaultsInput{
						MaxResults: aws.Int64(1000),
					}
					if vaultNextToken != nil {
						vaultInput.NextToken = vaultNextToken
					}
					vaultOutput, err := svc.ListBackupVaultsWithContext(ctx, vaultInput)
					if err != nil {
						lastErr = err
						utils.HandleAWSError(false, "backup:GetBackupVaultAccessPolicy", err)
						break
					}
					for _, v := range vaultOutput.BackupVaultList {
						if v.BackupVaultName != nil {
							vaultNames = append(vaultNames, *v.BackupVaultName)
						}
					}
					if vaultOutput.NextToken == nil {
						break
					}
					vaultNextToken = vaultOutput.NextToken
				}

				for _, vaultName := range vaultNames {
					output, err := svc.GetBackupVaultAccessPolicyWithContext(ctx, &backup.GetBackupVaultAccessPolicyInput{
						BackupVaultName: aws.String(vaultName),
					})
					if err != nil {
						if isResourceNotFound(err) {
							continue
						}
						utils.HandleAWSError(false, "backup:GetBackupVaultAccessPolicy", err)
						continue
					}

					vaultArn := ""
					if output.BackupVaultArn != nil {
						vaultArn = *output.BackupVaultArn
					}

					policy := ""
					if output.Policy != nil {
						policy = *output.Policy
					}

					allPolicies = append(allPolicies, bkVaultPolicy{
						VaultName: vaultName,
						VaultArn:  vaultArn,
						Policy:    policy,
						Region:    region,
					})
				}
			}

			if len(allPolicies) == 0 && lastErr != nil {
				return nil, lastErr
			}
			return allPolicies, nil
		},
		Process: func(output interface{}, err error, debug bool) []types.ScanResult {
			var results []types.ScanResult

			if err != nil {
				utils.HandleAWSError(debug, "backup:GetBackupVaultAccessPolicy", err)
				return []types.ScanResult{
					{
						ServiceName: "Backup",
						MethodName:  "backup:GetBackupVaultAccessPolicy",
						Error:       err,
						Timestamp:   time.Now(),
					},
				}
			}

			policies, ok := output.([]bkVaultPolicy)
			if !ok {
				utils.HandleAWSError(debug, "backup:GetBackupVaultAccessPolicy", fmt.Errorf("unexpected output type %T", output))
				return results
			}

			for _, p := range policies {
				results = append(results, types.ScanResult{
					ServiceName:  "Backup",
					MethodName:   "backup:GetBackupVaultAccessPolicy",
					ResourceType: "vault-access-policy",
					ResourceName: p.VaultName,
					Details: map[string]interface{}{
						"VaultName": p.VaultName,
						"VaultArn":  p.VaultArn,
						"Policy":    p.Policy,
						"Region":    p.Region,
					},
					Timestamp: time.Now(),
				})

				utils.PrintResult(debug, "", "backup:GetBackupVaultAccessPolicy",
					fmt.Sprintf("Backup Vault Access Policy: %s (Region: %s)", utils.ColorizeItem(p.VaultName), p.Region), nil)
			}
			return results
		},
		ModuleName: types.DefaultModuleName,
	},
}

Functions

This section is empty.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL