Merge pull request #482 from awslabs/get-supported-resources-programa…

…tically

Get supported resources via script

.github/get_config_supported_resources.py

@@ -0,0 +1,78 @@
+import argparse
+from selenium import webdriver
+from selenium.webdriver.common.keys import Keys
+from selenium.webdriver.common.by import By
+from selenium.webdriver.chrome.options import Options
+from selenium.common.exceptions import NoSuchElementException
+import json
+import logging
+from concurrent import futures
+from collections import Counter
+import os
+import time
+import re
+import yaml
+
+"""
+Summary
+This is a simple web scraper to list the resource types supported by AWS Config.
+
+It will write its output to supported_resource_types.yaml -- this should be moved to the rdk subfolder after validating.
+"""
+
+all_resources = ["ALL"] # Special string to support all resource types"]
+
+undocumented_but_supported = [
+ "AWS::EventSchemas::Registry",
+ "AWS::IoTTwinMaker::ComponentType",
+]
+
+all_resources += undocumented_but_supported
+
+url = "https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html"
+# Start the browser
+chrome_options = Options()
+chrome_options.add_argument("--headless=new")
+chrome_options.add_argument("--no-sandbox")
+chrome_options.add_experimental_option("excludeSwitches", ["enable-logging"])
+driver = webdriver.Chrome(
+ options=chrome_options,
+)
+
+# Open the login page
+driver.get(url)
+driver.implicitly_wait(2)
+
+# Iterate through every h2 header
+services = driver.find_elements(By.CLASS_NAME, "table-contents")
+
+# Walk through the table items
+for service in services:
+ if service.text == "":
+ continue
+ navigator = service
+ try:
+ # Find everything with a class of code and get its text
+ resources = navigator.find_elements(By.CLASS_NAME, "code")
+ except NoSuchElementException:
+ logging.info(f"No resources found for {service.text}")
+ continue
+ if len(resources) == 0:
+ logging.info(f"No resources found for {service.text}")
+ continue
+ # Assert that it matches "AWS::*"
+ for resource in resources:
+ if re.match(r"AWS::.*", resource.text):
+ # Remove any asterisks
+ resource_type = resource.text.replace("*", "")
+ # Add it to the output list
+ all_resources.append(resource_type)
+ logging.info(resource_type)
+
+driver.quit()
+
+# Return the output list, sorted
+yaml_output = {"supported_resources": sorted(list(set((all_resources))))}
+yaml_output_string = yaml.dump(yaml_output)
+with open("supported_resource_types.yaml", "w") as f:
+ f.write(yaml_output_string)

pyproject.toml

@@ -7,7 +7,7 @@
 # or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
 [tool.poetry]
 name = "rdk"
-version = "0.17.6"
+version = "0.17.7"
 description = "Rule Development Kit CLI for AWS Config"
 authors = [
  "AWS RDK Maintainers <[email protected]>",

rdk/__init__.py

@@ -6,4 +6,4 @@
 #
 # or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
 
-MY_VERSION = "0.17.6"
+MY_VERSION = "0.17.7"

rdk/rdklib_versions.yaml

@@ -3,19 +3,19 @@
 # Layers are published to each region, which is why some have more versions than others.
 # This file was automatically generated by update_rdklib_versions.py; check for accuracy before deploying.
 rdklib_layer_versions:
- ap-northeast-1: 23
- ap-northeast-2: 23
- ap-south-1: 23
- ap-southeast-1: 82
- ap-southeast-2: 21
- ca-central-1: 23
- eu-central-1: 22
- eu-north-1: 22
- eu-west-1: 23
- eu-west-2: 19
- eu-west-3: 23
- sa-east-1: 23
- us-east-1: 24
- us-east-2: 85
- us-west-1: 21
- us-west-2: 22
+ ap-northeast-1: 28
+ ap-northeast-2: 28
+ ap-south-1: 28
+ ap-southeast-1: 87
+ ap-southeast-2: 26
+ ca-central-1: 28
+ eu-central-1: 27
+ eu-north-1: 27
+ eu-west-1: 28
+ eu-west-2: 24
+ eu-west-3: 28
+ sa-east-1: 28
+ us-east-1: 29
+ us-east-2: 90
+ us-west-1: 26
+ us-west-2: 27

rdk/supported_resource_types.yaml

@@ -1,6 +1,8 @@
 supported_resources:
- - ALL # Special string to support all resource types
+ - ALL
  - AWS::ACM::Certificate
+ - AWS::ACMPCA::CertificateAuthority
+ - AWS::ACMPCA::CertificateAuthorityActivation
  - AWS::APS::RuleGroupsNamespace
  - AWS::AccessAnalyzer::Analyzer
  - AWS::AmazonMQ::Broker
@@ -14,14 +16,21 @@ supported_resources:
  - AWS::AppConfig::ConfigurationProfile
  - AWS::AppConfig::DeploymentStrategy
  - AWS::AppConfig::Environment
+ - AWS::AppConfig::HostedConfigurationVersion
  - AWS::AppFlow::Flow
  - AWS::AppIntegrations::EventIntegration
+ - AWS::AppMesh::GatewayRoute
+ - AWS::AppMesh::Mesh
  - AWS::AppMesh::Route
+ - AWS::AppMesh::VirtualGateway
  - AWS::AppMesh::VirtualNode
+ - AWS::AppMesh::VirtualRouter
  - AWS::AppMesh::VirtualService
+ - AWS::AppRunner::Service
  - AWS::AppRunner::VpcConnector
  - AWS::AppStream::Application
  - AWS::AppStream::DirectoryConfig
+ - AWS::AppStream::Fleet
  - AWS::AppStream::Stack
  - AWS::AppSync::GraphQLApi
  - AWS::Athena::DataCatalog
@@ -59,12 +68,19 @@ supported_resources:
  - AWS::CodeGuruProfiler::ProfilingGroup
  - AWS::CodeGuruReviewer::RepositoryAssociation
  - AWS::CodePipeline::Pipeline
+ - AWS::Cognito::UserPool
+ - AWS::Cognito::UserPoolClient
+ - AWS::Cognito::UserPoolGroup
  - AWS::Config::ConfigurationRecorder
  - AWS::Config::ConformancePackCompliance
  - AWS::Config::ResourceCompliance
+ - AWS::Connect::Instance
  - AWS::Connect::PhoneNumber
+ - AWS::Connect::QuickConnect
  - AWS::CustomerProfiles::Domain
+ - AWS::CustomerProfiles::ObjectType
  - AWS::DMS::Certificate
+ - AWS::DMS::Endpoint
  - AWS::DMS::EventSubscription
  - AWS::DMS::ReplicationInstance
  - AWS::DMS::ReplicationSubnetGroup
@@ -83,6 +99,9 @@ supported_resources:
  - AWS::DeviceFarm::Project
  - AWS::DeviceFarm::TestGridProject
  - AWS::DynamoDB::Table
+ - AWS::EC2::CapacityReservation
+ - AWS::EC2::CarrierGateway
+ - AWS::EC2::ClientVpnEndpoint
  - AWS::EC2::CustomerGateway
  - AWS::EC2::DHCPOptions
  - AWS::EC2::EC2Fleet
@@ -91,13 +110,16 @@ supported_resources:
  - AWS::EC2::FlowLog
  - AWS::EC2::Host
  - AWS::EC2::IPAM
+ - AWS::EC2::IPAMPool
  - AWS::EC2::IPAMScope
  - AWS::EC2::Instance
  - AWS::EC2::InternetGateway
  - AWS::EC2::LaunchTemplate
  - AWS::EC2::NatGateway
  - AWS::EC2::NetworkAcl
+ - AWS::EC2::NetworkInsightsAccessScope
  - AWS::EC2::NetworkInsightsAccessScopeAnalysis
+ - AWS::EC2::NetworkInsightsAnalysis
  - AWS::EC2::NetworkInsightsPath
  - AWS::EC2::NetworkInterface
  - AWS::EC2::PrefixList
@@ -112,6 +134,8 @@ supported_resources:
  - AWS::EC2::TrafficMirrorTarget
  - AWS::EC2::TransitGateway
  - AWS::EC2::TransitGatewayAttachment
+ - AWS::EC2::TransitGatewayConnect
+ - AWS::EC2::TransitGatewayMulticastDomain
  - AWS::EC2::TransitGatewayRouteTable
  - AWS::EC2::VPC
  - AWS::EC2::VPCEndpoint
@@ -124,6 +148,7 @@ supported_resources:
  - AWS::ECR::PullThroughCacheRule
  - AWS::ECR::RegistryPolicy
  - AWS::ECR::Repository
+ - AWS::ECS::CapacityProvider
  - AWS::ECS::Cluster
  - AWS::ECS::Service
  - AWS::ECS::TaskDefinition
@@ -141,7 +166,7 @@ supported_resources:
  - AWS::ElasticLoadBalancing::LoadBalancer
  - AWS::ElasticLoadBalancingV2::Listener
  - AWS::ElasticLoadBalancingV2::LoadBalancer
- - AWS::ElasticSearch::Domain
+ - AWS::Elasticsearch::Domain
  - AWS::EventSchemas::Discoverer
  - AWS::EventSchemas::Registry
  - AWS::EventSchemas::RegistryPolicy
@@ -167,15 +192,18 @@ supported_resources:
  - AWS::Glue::Classifier
  - AWS::Glue::Job
  - AWS::Glue::MLTransform
+ - AWS::Grafana::Workspace
  - AWS::GreengrassV2::ComponentVersion
  - AWS::GroundStation::Config
+ - AWS::GroundStation::DataflowEndpointGroup
  - AWS::GroundStation::MissionProfile
  - AWS::GuardDuty::Detector
  - AWS::GuardDuty::Filter
  - AWS::GuardDuty::IPSet
  - AWS::GuardDuty::ThreatIntelSet
  - AWS::HealthLake::FHIRDatastore
  - AWS::IAM::Group
+ - AWS::IAM::InstanceProfile
  - AWS::IAM::Policy
  - AWS::IAM::Role
  - AWS::IAM::SAMLProvider
@@ -187,10 +215,12 @@ supported_resources:
  - AWS::ImageBuilder::ContainerRecipe
  - AWS::ImageBuilder::DistributionConfiguration
  - AWS::ImageBuilder::ImagePipeline
+ - AWS::ImageBuilder::ImageRecipe
  - AWS::ImageBuilder::InfrastructureConfiguration
  - AWS::InspectorV2::Filter
  - AWS::IoT::AccountAuditConfiguration
  - AWS::IoT::Authorizer
+ - AWS::IoT::CACertificate
  - AWS::IoT::CustomMetric
  - AWS::IoT::Dimension
  - AWS::IoT::FleetMetric
@@ -216,26 +246,34 @@ supported_resources:
  - AWS::IoTTwinMaker::ComponentType
  - AWS::IoTTwinMaker::Entity
  - AWS::IoTTwinMaker::Scene
+ - AWS::IoTTwinMaker::SyncJob
  - AWS::IoTTwinMaker::Workspace
  - AWS::IoTWireless::FuotaTask
  - AWS::IoTWireless::MulticastGroup
  - AWS::IoTWireless::ServiceProfile
  - AWS::KMS::Alias
  - AWS::KMS::Key
+ - AWS::KafkaConnect::Connector
+ - AWS::Kendra::Index
  - AWS::Kinesis::Stream
  - AWS::Kinesis::StreamConsumer
  - AWS::KinesisAnalyticsV2::Application
  - AWS::KinesisFirehose::DeliveryStream
  - AWS::KinesisVideo::SignalingChannel
+ - AWS::KinesisVideo::Stream
+ - AWS::Lambda::Alias
+ - AWS::Lambda::CodeSigningConfig
  - AWS::Lambda::Function
  - AWS::Lex::Bot
  - AWS::Lex::BotAlias
  - AWS::Lightsail::Bucket
  - AWS::Lightsail::Certificate
  - AWS::Lightsail::Disk
  - AWS::Lightsail::StaticIp
+ - AWS::Logs::Destination
  - AWS::LookoutMetrics::Alert
  - AWS::LookoutVision::Project
+ - AWS::M2::Environment
  - AWS::MSK::BatchScramSecret
  - AWS::MSK::Cluster
  - AWS::MSK::Configuration
@@ -249,9 +287,12 @@ supported_resources:
  - AWS::NetworkFirewall::FirewallPolicy
  - AWS::NetworkFirewall::RuleGroup
  - AWS::NetworkFirewall::TLSInspectionConfiguration
+ - AWS::NetworkManager::ConnectPeer
+ - AWS::NetworkManager::CustomerGatewayAssociation
  - AWS::NetworkManager::Device
  - AWS::NetworkManager::GlobalNetwork
  - AWS::NetworkManager::Link
+ - AWS::NetworkManager::LinkAssociation
  - AWS::NetworkManager::Site
  - AWS::NetworkManager::TransitGatewayRegistration
  - AWS::OpenSearch::Domain
@@ -263,6 +304,7 @@ supported_resources:
  - AWS::Pinpoint::App
  - AWS::Pinpoint::ApplicationSettings
  - AWS::Pinpoint::Campaign
+ - AWS::Pinpoint::EmailChannel
  - AWS::Pinpoint::EmailTemplate
  - AWS::Pinpoint::EventStream
  - AWS::Pinpoint::InAppTemplate
@@ -276,16 +318,19 @@ supported_resources:
  - AWS::RDS::DBSubnetGroup
  - AWS::RDS::EventSubscription
  - AWS::RDS::GlobalCluster
+ - AWS::RDS::OptionGroup
  - AWS::RUM::AppMonitor
  - AWS::Redshift::Cluster
  - AWS::Redshift::ClusterParameterGroup
  - AWS::Redshift::ClusterSecurityGroup
  - AWS::Redshift::ClusterSnapshot
  - AWS::Redshift::ClusterSubnetGroup
+ - AWS::Redshift::EndpointAccess
  - AWS::Redshift::EventSubscription
  - AWS::Redshift::ScheduledAction
  - AWS::ResilienceHub::App
  - AWS::ResilienceHub::ResiliencyPolicy
+ - AWS::ResourceExplorer2::Index
  - AWS::RoboMaker::RobotApplication
  - AWS::RoboMaker::RobotApplicationVersion
  - AWS::RoboMaker::SimulationApplication
@@ -300,12 +345,14 @@ supported_resources:
  - AWS::Route53RecoveryReadiness::RecoveryGroup
  - AWS::Route53RecoveryReadiness::ResourceSet
  - AWS::Route53Resolver::FirewallDomainList
+ - AWS::Route53Resolver::FirewallRuleGroup
  - AWS::Route53Resolver::FirewallRuleGroupAssociation
  - AWS::Route53Resolver::ResolverEndpoint
  - AWS::Route53Resolver::ResolverQueryLoggingConfig
  - AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
  - AWS::Route53Resolver::ResolverRule
  - AWS::Route53Resolver::ResolverRuleAssociation
+ - AWS::S3::AccessPoint
  - AWS::S3::AccountPublicAccessBlock
  - AWS::S3::Bucket
  - AWS::S3::MultiRegionAccessPoint
@@ -318,6 +365,7 @@ supported_resources:
  - AWS::SNS::Topic
  - AWS::SQS::Queue
  - AWS::SSM::AssociationCompliance
+ - AWS::SSM::Document
  - AWS::SSM::FileData
  - AWS::SSM::ManagedInstanceInventory
  - AWS::SSM::PatchCompliance