From dc224fec16d9cd49f1ceb6a38201da55e0e1a910 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Sun, 22 Feb 2026 22:12:32 +0000 Subject: [PATCH] Update fields to support all enums Also expand waf and iam access analyzer functionality to support new options that didn't originally exist in the SDK Signed-off-by: Tim Smith --- providers/aws/resources/aws.lr | 10 ++++---- .../aws/resources/aws_iam_accessanalyzer.go | 2 +- providers/aws/resources/aws_waf.go | 3 +++ providers/oci/resources/oci.lr | 24 +++++++++---------- 4 files changed, 21 insertions(+), 18 deletions(-) diff --git a/providers/aws/resources/aws.lr b/providers/aws/resources/aws.lr index ce2fbca13c..05dc54e1dc 100644 --- a/providers/aws/resources/aws.lr +++ b/providers/aws/resources/aws.lr @@ -333,7 +333,7 @@ private aws.waf.rule @defaults("name") { private aws.waf.rule.action @defaults("action") { // Name of the rule this action belongs to ruleName string - // One of Block, Allow, Count, Captcha + // One of Block, Allow, Count, Captcha, Challenge action string // HTTP Response Code, only if the action is Block responseCode string @@ -1225,7 +1225,7 @@ private aws.iam.accessanalyzer.analyzer @defaults("name type region status") { name string // Status of the analyzer: ACTIVE, CREATING, DISABLED, or FAILED status string - // Type of analyzer: ACCOUNT or ORGANIZATION + // Type of analyzer: ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS, ORGANIZATION_UNUSED_ACCESS, ACCOUNT_INTERNAL_ACCESS, or ORGANIZATION_INTERNAL_ACCESS type string // Region where the analyzer exists region string @@ -2055,7 +2055,7 @@ private aws.ecs.taskDefinition @defaults("arn family revision") { family string // Revision number of the task definition revision int - // Status of the task definition (ACTIVE, INACTIVE) + // Status of the task definition (ACTIVE, INACTIVE, DELETE_IN_PROGRESS) status string // Network mode for the task (bridge, host, awsvpc, none) networkMode string @@ -2883,7 +2883,7 @@ private aws.drs.job @defaults("jobID type status") { type string // Job status (PENDING, STARTED, COMPLETED) status string - // How job was initiated (START_RECOVERY, START_DRILL, etc.) + // How job was initiated (START_RECOVERY, START_DRILL, FAILBACK, DIAGNOSTIC, TERMINATE_RECOVERY_INSTANCES, TARGET_ACCOUNT, CREATE_NETWORK_RECOVERY, UPDATE_NETWORK_RECOVERY, or ASSOCIATE_NETWORK_RECOVERY) initiatedBy string // Job creation timestamp createdAt time @@ -3093,7 +3093,7 @@ private aws.dynamodb.table @defaults("name region") { sizeBytes int // Latest stream for this table latestStreamArn string - // Current state of the table: CREATING, UPDATING, DELETING, ACTIVE, INACCESSIBLE_ENCRYPTION_CREDENTIALS, ARCHIVING, or ARCHIVED + // Current state of the table: CREATING, UPDATING, DELETING, ACTIVE, INACCESSIBLE_ENCRYPTION_CREDENTIALS, ARCHIVING, ARCHIVED, or REPLICATION_NOT_AUTHORIZED status string } diff --git a/providers/aws/resources/aws_iam_accessanalyzer.go b/providers/aws/resources/aws_iam_accessanalyzer.go index 5959206c08..facd1ed8f5 100644 --- a/providers/aws/resources/aws_iam_accessanalyzer.go +++ b/providers/aws/resources/aws_iam_accessanalyzer.go @@ -53,7 +53,7 @@ func (a *mqlAwsIamAccessAnalyzer) getAnalyzers(conn *connection.AwsConnection) [ res := []any{} // we need to iterate over all the analyzers types in the account - analyzerTypes := []aatypes.Type{aatypes.TypeAccount, aatypes.TypeOrganization, aatypes.TypeAccountUnusedAccess, aatypes.TypeOrganizationUnusedAccess} + analyzerTypes := []aatypes.Type{aatypes.TypeAccount, aatypes.TypeOrganization, aatypes.TypeAccountUnusedAccess, aatypes.TypeOrganizationUnusedAccess, aatypes.TypeAccountInternalAccess, aatypes.TypeOrganizationInternalAccess} for _, analyzerType := range analyzerTypes { ctx := context.Background() diff --git a/providers/aws/resources/aws_waf.go b/providers/aws/resources/aws_waf.go index 9a6fdfe29a..12e185f58c 100644 --- a/providers/aws/resources/aws_waf.go +++ b/providers/aws/resources/aws_waf.go @@ -413,6 +413,9 @@ func createActionResource(runtime *plugin.Runtime, ruleAction *waftypes.RuleActi if ruleAction.Captcha != nil { action = "captcha" } + if ruleAction.Challenge != nil { + action = "challenge" + } } mqlAction, err = CreateResource(runtime, "aws.waf.rule.action", map[string]*llx.RawData{ "ruleName": llx.StringDataPtr(ruleName), diff --git a/providers/oci/resources/oci.lr b/providers/oci/resources/oci.lr index e7ac52d07a..450b1c0486 100644 --- a/providers/oci/resources/oci.lr +++ b/providers/oci/resources/oci.lr @@ -32,7 +32,7 @@ private oci.region @defaults("id name") { name string // Whether this is the tenancy's home region isHomeRegion bool - // Region subscription status (e.g., READY, IN_PROGRESS) + // Region subscription status (READY, IN_PROGRESS) status string } @@ -46,7 +46,7 @@ private oci.compartment @defaults("id name") { description string // Compartment creation time created time - // Compartment lifecycle state (e.g., ACTIVE, DELETED) + // Compartment lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string } @@ -72,7 +72,7 @@ private oci.identity.user @defaults("name") { description string // User creation time created time - // User lifecycle state (e.g., ACTIVE, INACTIVE) + // User lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string // Whether multi-factor authentication is enabled mfaActivated bool @@ -110,7 +110,7 @@ private oci.identity.apiKey @defaults("fingerprint") { fingerprint string // API key creation time created time - // API key lifecycle state (e.g., ACTIVE, INACTIVE) + // API key lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string } @@ -122,7 +122,7 @@ private oci.identity.customerSecretKey @defaults("name") { name string // Key creation time created time - // Key lifecycle state (e.g., ACTIVE, INACTIVE) + // Key lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string } @@ -136,7 +136,7 @@ private oci.identity.authToken @defaults("description") { created time // Token expiration time expires time - // Token lifecycle state (e.g., ACTIVE, INACTIVE) + // Token lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string } @@ -152,7 +152,7 @@ private oci.identity.group @defaults("name") { description string // Group creation time created time - // Group lifecycle state (e.g., ACTIVE, INACTIVE) + // Group lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string // Free-form tags for resource management freeformTags map[string]string @@ -172,7 +172,7 @@ private oci.identity.policy @defaults("name description") { description string // Policy creation time created time - // Policy lifecycle state (e.g., ACTIVE, INACTIVE) + // Policy lifecycle state (CREATING, ACTIVE, INACTIVE, DELETING, DELETED) state string // Policy statements defining permissions statements []string @@ -202,7 +202,7 @@ private oci.compute.instance @defaults("name") { region oci.region // Instance creation time created time - // Instance lifecycle state (e.g., RUNNING, STOPPED, TERMINATED) + // Instance lifecycle state (MOVING, PROVISIONING, RUNNING, STARTING, STOPPING, STOPPED, CREATING_IMAGE, TERMINATING, TERMINATED) state string // Compute shape determining CPU and memory (e.g., VM.Standard2.1) shape string @@ -232,7 +232,7 @@ private oci.compute.image @defaults("name") { region oci.region // Image creation time created time - // Image lifecycle state (e.g., AVAILABLE, DISABLED, DELETED) + // Image lifecycle state (PROVISIONING, IMPORTING, AVAILABLE, EXPORTING, DISABLED, DELETED) state string // Compartment containing the image compartment oci.compartment @@ -266,7 +266,7 @@ private oci.network.vcn @defaults("name") { name string // VCN creation time created time - // VCN lifecycle state (e.g., AVAILABLE, TERMINATED) + // VCN lifecycle state (PROVISIONING, AVAILABLE, UPDATING, TERMINATING, TERMINATED) state string // Deprecated: Use cidrBlocks instead cidrBlock string @@ -298,7 +298,7 @@ private oci.network.securityList @defaults("name") { name string // Security list creation time created time - // Security list lifecycle state (e.g., AVAILABLE, TERMINATED) + // Security list lifecycle state (PROVISIONING, AVAILABLE, TERMINATING, TERMINATED) state string // Egress security rules for outbound traffic egressSecurityRules []dict