public async Task <List <Endpoint> > ReadEndpoints(
AWSCredentials awsCredentials,
IAwsScanRules awsDoScan,
CancellationToken cancellationToken)
{
using (var amazonEc2Client = new AmazonEC2Client(awsCredentials, AmazonEc2Config))
{
var vpc = await amazonEc2Client.DescribeVpcsAsync(CreateDescribeVpcsRequest(awsDoScan),
cancellationToken)
.ConfigureAwait(false);
var vpcIds = vpc.Vpcs.Select(x => x.VpcId).ToList();
var vpcEndpointList = await amazonEc2Client
.DescribeVpcEndpointsAsync(new DescribeVpcEndpointsRequest(), cancellationToken)
.ConfigureAwait(false);
var result = vpcEndpointList.VpcEndpoints
.Where(x => vpcIds.Contains(x.VpcId))
.Select(x => new Endpoint(x))
.ToList();
foreach (var endpoint in result)
{
var describeNetworkInterfacesResponse = await amazonEc2Client.DescribeNetworkInterfacesAsync(
new DescribeNetworkInterfacesRequest
{
NetworkInterfaceIds = endpoint.VpcEndpoint.NetworkInterfaceIds
},
cancellationToken).ConfigureAwait(false);
endpoint.NetworkInterfaces = describeNetworkInterfacesResponse.NetworkInterfaces;
}
return(result);
}
}
/// <summary>
/// Reads the VPC for cacheing DNS-Records to overrides public IPAddresses
/// like SQS.[zone].amazonaws.com to 10.10.10.10
/// </summary>
/// <param name="awsCredentials">AwsCredintials for read the VPC</param>
/// <param name="awsScanRules">Rules for Scaning</param>
/// <param name="cancellationToken">Task Cancellation Toke</param>
/// <returns>only a Task</returns>
private async Task ReadVpcAsync(AWSCredentials awsCredentials, IAwsScanRules awsScanRules,
CancellationToken cancellationToken)
{
try
{
var result = new List <DnsRecordBase>();
var endpoints = await _awsVpcReader.ReadEndpoints(awsCredentials, awsScanRules, cancellationToken)
.ConfigureAwait(false);
foreach (AwsAdapterBase adapter in _awsAdapter)
{
var adapterResult = await adapter
.GetAdapterResultAsync(awsCredentials, endpoints, cancellationToken)
.ConfigureAwait(false);
result.AddRange(adapterResult.DnsRecords);
_proxyBypassList.AddRange(adapterResult.ProxyBypassList);
}
var groupedResult = (from record in result
group record by record.Name.ToString()
into newRecords
orderby newRecords.Key
select newRecords).ToList();
foreach (var dnsRecordBases in groupedResult)
{
var dnsQuestion = new DnsQuestion(DomainName.Parse(dnsRecordBases.Key), RecordType.A,
RecordClass.INet);
StoreInCache(dnsQuestion, dnsRecordBases.ToList());
}
}
catch (AmazonEC2Exception aee)
{
if (aee.ErrorCode == "UnauthorizedOperation")
{
_logger.LogError(aee, "AWS ErrorCode=[{0}] ==> {1}", aee.ErrorCode, aee.Message);
}
else
{
throw;
}
}
catch (Exception e)
{
_logger.LogCritical(e, e.Message);
throw;
}
}
private DescribeVpcsRequest CreateDescribeVpcsRequest(IAwsScanRules awsDoScan)
{
if (awsDoScan.ScanVpcIds != null && awsDoScan.ScanVpcIds.Any())
{
var vpcIds = string.Join(", ", awsDoScan.ScanVpcIds);
Logger.LogInformation("Read AWS VPC: [{0}]", vpcIds);
return(new DescribeVpcsRequest
{
VpcIds = awsDoScan.ScanVpcIds
});
}
Logger.LogInformation("Read AWS VPC: [no definitions, read all!]");
return(new DescribeVpcsRequest());
}
private async Task DoScanAsync(DnsQuestion dnsQuestion,
CancellationToken cancellationToken,
IAwsScanRules awsDoScan,
List <DnsRecordBase> result)
{
if (awsDoScan.DoScan)
{
AwsClient?.Dispose();
AwsClient = (TClient)Activator.CreateInstance(typeof(TClient), awsDoScan.AwsCredentials,
AwsClientConfig);
var userAccountResult = await AwsResolveAsync(dnsQuestion, awsDoScan.ScanVpcIds, cancellationToken)
.ConfigureAwait(false);
result.AddRange(userAccountResult);
}
}
