add support for redshift (#456)

Andrew Ellison · web-flow · commit 1ec0f1624b20 · 2023-05-03T14:03:45.000-05:00
diff --git a/README.md b/README.md
@@ -456,6 +456,9 @@ The following resources support the Config file:
 - CloudWatch Alarms
     - Resource type: `cloudwatch-alarm`
     - Config key: `CloudWatchAlarm`
+- Redshift
+  - Resource type: `redshift`
+  - Config key: `Redshift`
 
 
 
@@ -591,6 +594,7 @@ To find out what we options are supported in the config file today, consult this
 | config-recorders              | none  | ✅           | none | none       |
 | config-rules                  | none  | ✅           | none | none       |
 | cloudwatch-alarm              | none  | ✅           | none | none       |
+| redshift                      | none  | ✅           | none | none       |
 | ... (more to come)            | none  | none         | none | none       |
 
 
diff --git a/aws/aws.go b/aws/aws.go
@@ -1376,6 +1376,33 @@ func GetAllResources(targetRegions []string, excludeAfter time.Time, resourceTyp
 		}
 		// End Kinesis Streams
 
+		// Redshift Clusters
+		redshiftClusters := RedshiftClusters{}
+		if IsNukeable(redshiftClusters.ResourceName(), resourceTypes) {
+			start := time.Now()
+			clusters, err := getAllRedshiftClusters(cloudNukeSession, region, excludeAfter, configObj)
+			if err != nil {
+				ge := report.GeneralError{
+					Error:        err,
+					Description:  "Unable to retrieve redshift clusters",
+					ResourceType: redshiftClusters.ResourceName(),
+				}
+				report.RecordError(ge)
+			}
+			telemetry.TrackEvent(commonTelemetry.EventContext{
+				EventName: "Done Listing Redshift Clusters",
+			}, map[string]interface{}{
+				"region":      region,
+				"recordCount": len(clusters),
+				"actionTime":  time.Since(start).Seconds(),
+			})
+			if len(clusters) > 0 {
+				redshiftClusters.ClusterIdentifiers = awsgo.StringValueSlice(clusters)
+				resourcesInRegion.Resources = append(resourcesInRegion.Resources, redshiftClusters)
+			}
+		}
+		// End Redshift Clusters
+
 		// API Gateways (v1)
 		apiGateways := ApiGateway{}
 		if IsNukeable(apiGateways.ResourceName(), resourceTypes) {
@@ -1847,6 +1874,7 @@ func ListResourceTypes() []string {
 		MacieMember{}.ResourceName(),
 		SageMakerNotebookInstances{}.ResourceName(),
 		KinesisStreams{}.ResourceName(),
+		RedshiftClusters{}.ResourceName(),
 		ApiGateway{}.ResourceName(),
 		ApiGatewayV2{}.ResourceName(),
 		ElasticFileSystem{}.ResourceName(),
diff --git a/aws/elasticache.go b/aws/elasticache.go
@@ -272,8 +272,8 @@ func shouldIncludeElasticacheParameterGroup(paramGroup *elasticache.CacheParamet
 
 	return config.ShouldInclude(
 		aws.StringValue(paramGroup.CacheParameterGroupName),
-                configObj.ElasticacheParameterGroup.IncludeRule.NamesRegExp,
-		configObj.ElasticacheParameterGroup.ExcludeRule.NamesRegExp,
+		configObj.ElasticacheParameterGroups.IncludeRule.NamesRegExp,
+		configObj.ElasticacheParameterGroups.ExcludeRule.NamesRegExp,
 	)
 }
 
@@ -338,8 +338,8 @@ func shouldIncludeElasticacheSubnetGroup(subnetGroup *elasticache.CacheSubnetGro
 
 	return config.ShouldInclude(
 		aws.StringValue(subnetGroup.CacheSubnetGroupName),
-		configObj.ElasticacheSubnetGroup.IncludeRule.NamesRegExp,
-		configObj.ElasticacheSubnetGroup.ExcludeRule.NamesRegExp,
+		configObj.ElasticacheSubnetGroups.IncludeRule.NamesRegExp,
+		configObj.ElasticacheSubnetGroups.ExcludeRule.NamesRegExp,
 	)
 }
 
diff --git a/aws/redshift.go b/aws/redshift.go
@@ -0,0 +1,93 @@
+package aws
+
+import (
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/redshift"
+	"github.com/gruntwork-io/cloud-nuke/config"
+	"github.com/gruntwork-io/cloud-nuke/logging"
+	"github.com/gruntwork-io/cloud-nuke/report"
+	"github.com/gruntwork-io/cloud-nuke/telemetry"
+	"github.com/gruntwork-io/go-commons/errors"
+	commonTelemetry "github.com/gruntwork-io/go-commons/telemetry"
+	"time"
+)
+
+func getAllRedshiftClusters(session *session.Session, region string, excludeAfter time.Time, configObj config.Config) ([]*string, error) {
+	svc := redshift.New(session)
+	var clusterIds []*string
+	err := svc.DescribeClustersPages(
+		&redshift.DescribeClustersInput{},
+		func(page *redshift.DescribeClustersOutput, lastPage bool) bool {
+			for _, cluster := range page.Clusters {
+				if shouldIncludeRedshiftCluster(cluster, excludeAfter, configObj) {
+					clusterIds = append(clusterIds, cluster.ClusterIdentifier)
+				}
+			}
+			return !lastPage
+		},
+	)
+	return clusterIds, errors.WithStackTrace(err)
+}
+
+func shouldIncludeRedshiftCluster(cluster *redshift.Cluster, excludeAfter time.Time, configObj config.Config) bool {
+	if cluster == nil {
+		return false
+	}
+	if excludeAfter.Before(*cluster.ClusterCreateTime) {
+		return false
+	}
+	return config.ShouldInclude(
+		aws.StringValue(cluster.ClusterIdentifier),
+		configObj.Redshift.IncludeRule.NamesRegExp,
+		configObj.Redshift.ExcludeRule.NamesRegExp,
+	)
+}
+
+func nukeAllRedshiftClusters(session *session.Session, identifiers []*string) error {
+	svc := redshift.New(session)
+	if len(identifiers) == 0 {
+		logging.Logger.Debugf("No Redshift Clusters to nuke in region %s", *session.Config.Region)
+		return nil
+	}
+	logging.Logger.Debugf("Deleting all Redshift Clusters in region %s", *session.Config.Region)
+	deletedIds := []*string{}
+	for _, id := range identifiers {
+		_, err := svc.DeleteCluster(&redshift.DeleteClusterInput{ClusterIdentifier: id, SkipFinalClusterSnapshot: aws.Bool(true)})
+		if err != nil {
+			telemetry.TrackEvent(commonTelemetry.EventContext{
+				EventName: "Error Nuking RedshiftCluster",
+			}, map[string]interface{}{
+				"region": *session.Config.Region,
+			})
+			logging.Logger.Errorf("[Failed] %s: %s", *id, err)
+		} else {
+			deletedIds = append(deletedIds, id)
+			logging.Logger.Debugf("Deleted Redshift Cluster: %s", aws.StringValue(id))
+		}
+	}
+
+	if len(deletedIds) > 0 {
+		for _, id := range deletedIds {
+			err := svc.WaitUntilClusterDeleted(&redshift.DescribeClustersInput{ClusterIdentifier: id})
+			// Record status of this resource
+			e := report.Entry{
+				Identifier:   aws.StringValue(id),
+				ResourceType: "Redshift Cluster",
+				Error:        err,
+			}
+			report.Record(e)
+			if err != nil {
+				telemetry.TrackEvent(commonTelemetry.EventContext{
+					EventName: "Error Nuking Redshift Cluster",
+				}, map[string]interface{}{
+					"region": *session.Config.Region,
+				})
+				logging.Logger.Errorf("[Failed] %s", err)
+				return errors.WithStackTrace(err)
+			}
+		}
+	}
+	logging.Logger.Debugf("[OK] %d Redshift Cluster(s) deleted in %s", len(deletedIds), *session.Config.Region)
+	return nil
+}
diff --git a/aws/redshift_test.go b/aws/redshift_test.go
@@ -0,0 +1,68 @@
+package aws
+
+import (
+	"github.com/aws/aws-sdk-go/aws"
+	awsSession "github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/redshift"
+	"github.com/gruntwork-io/cloud-nuke/config"
+	"github.com/gruntwork-io/cloud-nuke/telemetry"
+	"github.com/gruntwork-io/cloud-nuke/util"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"strings"
+	"testing"
+	"time"
+)
+
+func TestNukeRedshiftClusters(t *testing.T) {
+	telemetry.InitTelemetry("cloud-nuke", "", "")
+	t.Parallel()
+	region, err := getRandomRegion()
+	require.NoError(t, err)
+
+	session, err := awsSession.NewSession(&aws.Config{
+		Region: aws.String(region),
+	})
+	require.NoError(t, err)
+
+	svc := redshift.New(session)
+
+	clusterName := "test-" + strings.ToLower(util.UniqueID())
+
+	//create cluster
+	_, err = svc.CreateCluster(
+		&redshift.CreateClusterInput{
+			ClusterIdentifier:  aws.String(clusterName),
+			MasterUsername:     aws.String("grunty"),
+			MasterUserPassword: aws.String("Gruntysecurepassword1"),
+			NodeType:           aws.String("dc2.large"),
+			NumberOfNodes:      aws.Int64(2),
+		},
+	)
+	require.NoError(t, err)
+	err = svc.WaitUntilClusterAvailable(&redshift.DescribeClustersInput{
+		ClusterIdentifier: aws.String(clusterName),
+	})
+	require.NoError(t, err)
+	defer svc.DeleteCluster(&redshift.DeleteClusterInput{ClusterIdentifier: aws.String(clusterName)})
+
+	//Sleep for a minute for consistency in aws
+	sleepTime, err := time.ParseDuration("1m")
+	time.Sleep(sleepTime)
+
+	//test list clusters
+	clusters, err := getAllRedshiftClusters(session, region, time.Now().Add(1*time.Hour), config.Config{})
+	require.NoError(t, err)
+
+	//Ensure our cluster exists
+	assert.Contains(t, aws.StringValueSlice(clusters), clusterName)
+
+	//nuke cluster
+	err = nukeAllRedshiftClusters(session, aws.StringSlice([]string{clusterName}))
+	require.NoError(t, err)
+
+	//check that the cluster no longer exists
+	clusters, err = getAllRedshiftClusters(session, region, time.Now().Add(1*time.Hour), config.Config{})
+	require.NoError(t, err)
+	assert.NotContains(t, aws.StringValueSlice(clusters), aws.StringSlice([]string{clusterName}))
+}
diff --git a/aws/redshift_types.go b/aws/redshift_types.go
@@ -0,0 +1,34 @@
+package aws
+
+import (
+	awsgo "github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/gruntwork-io/go-commons/errors"
+)
+
+type RedshiftClusters struct {
+	ClusterIdentifiers []string
+}
+
+func (cluster RedshiftClusters) ResourceName() string {
+	return "redshift"
+}
+
+// ResourceIdentifiers - The instance names of the rds db instances
+func (cluster RedshiftClusters) ResourceIdentifiers() []string {
+	return cluster.ClusterIdentifiers
+}
+
+func (cluster RedshiftClusters) MaxBatchSize() int {
+	// Tentative batch size to ensure AWS doesn't throttle
+	return 49
+}
+
+// Nuke - nuke 'em all!!!
+func (cluster RedshiftClusters) Nuke(session *session.Session, identifiers []string) error {
+	if err := nukeAllRedshiftClusters(session, awsgo.StringSlice(identifiers)); err != nil {
+		return errors.WithStackTrace(err)
+	}
+
+	return nil
+}
diff --git a/config/config.go b/config/config.go
@@ -53,6 +53,7 @@ type Config struct {
 	ConfigServiceRule          ResourceType `yaml:"ConfigServiceRule"`
 	ConfigServiceRecorder      ResourceType `yaml:"ConfigServiceRecorder"`
 	CloudWatchAlarm            ResourceType `yaml:"CloudWatchAlarm"`
+	Redshift                   ResourceType `yaml:"Redshift"`
 }
 
 type ResourceType struct {
diff --git a/config/config_test.go b/config/config_test.go
@@ -54,6 +54,7 @@ func emptyConfig() *Config {
 		ResourceType{FilterRule{}, FilterRule{}},
 		ResourceType{FilterRule{}, FilterRule{}},
 		ResourceType{FilterRule{}, FilterRule{}},
+		ResourceType{FilterRule{}, FilterRule{}},
 	}
 }
 

Original file line number	Diff line number	Diff line change
`@@ -272,8 +272,8 @@ func shouldIncludeElasticacheParameterGroup(paramGroup *elasticache.CacheParamet`
`272`	`272`
`273`	`273`	`return config.ShouldInclude(`
`274`	`274`	`aws.StringValue(paramGroup.CacheParameterGroupName),`
`275`		`- configObj.ElasticacheParameterGroup.IncludeRule.NamesRegExp,`
`276`		`- configObj.ElasticacheParameterGroup.ExcludeRule.NamesRegExp,`
	`275`	`+ configObj.ElasticacheParameterGroups.IncludeRule.NamesRegExp,`
	`276`	`+ configObj.ElasticacheParameterGroups.ExcludeRule.NamesRegExp,`
`277`	`277`	`)`
`278`	`278`	`}`
`279`	`279`
`@@ -338,8 +338,8 @@ func shouldIncludeElasticacheSubnetGroup(subnetGroup *elasticache.CacheSubnetGro`
`338`	`338`
`339`	`339`	`return config.ShouldInclude(`
`340`	`340`	`aws.StringValue(subnetGroup.CacheSubnetGroupName),`
`341`		`- configObj.ElasticacheSubnetGroup.IncludeRule.NamesRegExp,`
`342`		`- configObj.ElasticacheSubnetGroup.ExcludeRule.NamesRegExp,`
	`341`	`+ configObj.ElasticacheSubnetGroups.IncludeRule.NamesRegExp,`
	`342`	`+ configObj.ElasticacheSubnetGroups.ExcludeRule.NamesRegExp,`
`343`	`343`	`)`
`344`	`344`	`}`
`345`	`345`
Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,7 @@ type Config struct {`
`53`	`53`	ConfigServiceRule ResourceType `yaml:"ConfigServiceRule"`
`54`	`54`	ConfigServiceRecorder ResourceType `yaml:"ConfigServiceRecorder"`
`55`	`55`	CloudWatchAlarm ResourceType `yaml:"CloudWatchAlarm"`
	`56`	+ Redshift ResourceType `yaml:"Redshift"`
`56`	`57`	`}`
`57`	`58`
`58`	`59`	`type ResourceType struct {`
Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,7 @@ func emptyConfig() *Config {`
`54`	`54`	`ResourceType{FilterRule{}, FilterRule{}},`
`55`	`55`	`ResourceType{FilterRule{}, FilterRule{}},`
`56`	`56`	`ResourceType{FilterRule{}, FilterRule{}},`
	`57`	`+ ResourceType{FilterRule{}, FilterRule{}},`
`57`	`58`	`}`
`58`	`59`	`}`
`59`	`60`