package software.amazon.controltower.enabledcontrol;
import com.amazonaws.services.controltower.AWSControlTower;
import com.amazonaws.services.controltower.model.AccessDeniedException;
import com.amazonaws.services.controltower.model.EnabledControlSummary;
import com.amazonaws.services.controltower.model.ListEnabledControlsRequest;
import com.amazonaws.services.controltower.model.ListEnabledControlsResult;
import com.amazonaws.services.controltower.model.ResourceNotFoundException;
import com.amazonaws.services.controltower.model.ThrottlingException;
import com.amazonaws.services.controltower.model.ValidationException;
import software.amazon.cloudformation.exceptions.CfnAccessDeniedException;
import software.amazon.cloudformation.exceptions.CfnInternalFailureException;
import software.amazon.cloudformation.exceptions.CfnInvalidRequestException;
import software.amazon.cloudformation.exceptions.CfnNetworkFailureException;
import software.amazon.cloudformation.exceptions.CfnNotFoundException;
import software.amazon.cloudformation.exceptions.CfnThrottlingException;
import software.amazon.cloudformation.proxy.AmazonWebServicesClientProxy;
import software.amazon.cloudformation.proxy.HandlerErrorCode;
import software.amazon.cloudformation.proxy.Logger;
import software.amazon.cloudformation.proxy.OperationStatus;
import software.amazon.cloudformation.proxy.ProgressEvent;
import software.amazon.cloudformation.proxy.ResourceHandlerRequest;
import java.util.Optional;
import static software.amazon.controltower.enabledcontrol.HandlerUtils.logException;
public class ReadHandler extends BaseHandler<CallbackContext> {
private final AWSControlTower controlTowerClient;
private AmazonWebServicesClientProxy clientProxy;
private Logger logger;
public static final int MAX_RESULTS = 40;
public ReadHandler() {
controlTowerClient = ClientBuilder.getStandardClient(logger);
}
public ReadHandler(AWSControlTower awsControlTower) {
controlTowerClient = awsControlTower;
}
@Override
public ProgressEvent<ResourceModel, CallbackContext> handleRequest(
final AmazonWebServicesClientProxy proxy,
final ResourceHandlerRequest<ResourceModel> request,
final CallbackContext callbackContext,
final Logger logger) {
final ResourceModel model = request.getDesiredResourceState();
this.logger = logger;
clientProxy = proxy;
try {
String nextToken = null;
String controlIdentifier = model.getControlIdentifier();
do {
final ListEnabledControlsRequest listEnabledControlsRequest = new ListEnabledControlsRequest()
.withTargetIdentifier(model.getTargetIdentifier())
.withMaxResults(MAX_RESULTS)
.withNextToken(nextToken);
final ListEnabledControlsResult listEnabledControlsResult = clientProxy.injectCredentialsAndInvoke(
listEnabledControlsRequest, controlTowerClient::listEnabledControls);
nextToken = listEnabledControlsResult.getNextToken();
Optional<EnabledControlSummary> controlSummaryOptional = listEnabledControlsResult.getEnabledControls().stream()
.filter(controlSummary -> controlSummary.getControlIdentifier().equals(controlIdentifier))
.findAny();
if (controlSummaryOptional.isPresent()) {
return ProgressEvent.<ResourceModel, CallbackContext>builder()
.resourceModel(model)
.status(OperationStatus.SUCCESS)
.build();
}
} while (nextToken != null);
} catch (AccessDeniedException e) {
throw new CfnAccessDeniedException(e);
} catch (ThrottlingException e) {
throw new CfnThrottlingException(e);
} catch (ValidationException e) {
throw new CfnInvalidRequestException(e);
} catch (ResourceNotFoundException e) {
throw new CfnNotFoundException(e);
} catch (Throwable e) {
if (e.getMessage().contains("HttpTimeoutException")) {
throw new CfnNetworkFailureException(e);
}
logException(e, this.logger);
throw new CfnInternalFailureException(e);
}
return ProgressEvent.<ResourceModel, CallbackContext>builder()
.resourceModel(model)
.status(OperationStatus.FAILED)
.errorCode(HandlerErrorCode.NotFound)
.build();
}
}