From 91f5f14f0ecaecebca304cc40d8ae8ad6162f811 Mon Sep 17 00:00:00 2001
From: Seth Art <seth.art@datadoghq.com>
Date: Wed, 29 May 2024 10:07:02 -0400
Subject: [PATCH 1/2] Added RDS database instances back into output. I think
 it's ok to have both clusters and instances in the output

---
 aws/databases.go | 78 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)

diff --git a/aws/databases.go b/aws/databases.go
index 6ae877f..a1f782b 100644
--- a/aws/databases.go
+++ b/aws/databases.go
@@ -271,6 +271,15 @@ func (m *DatabasesModule) executeRdsCheck(r string, wg *sync.WaitGroup, semaphor
 		service:      "rds",
 		executor:     m.getRdsClustersPerRegion,
 	})
+	m.executeCheck(check{
+		region:       r,
+		wg:           wg,
+		semaphore:    semaphore,
+		dataReceiver: dataReceiver,
+		serviceMap:   servicemap,
+		service:      "rds",
+		executor:     m.getRdsInstancesPerRegion,
+	})
 }
 
 func (m *DatabasesModule) executeRedshiftCheck(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database, servicemap *awsservicemap.AwsServiceMap) {
@@ -395,6 +404,75 @@ func (m *DatabasesModule) getRdsClustersPerRegion(r string, wg *sync.WaitGroup,
 	}
 }
 
+func (m *DatabasesModule) getRdsInstancesPerRegion(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database) {
+	defer func() {
+		m.CommandCounter.Executing--
+		m.CommandCounter.Complete++
+		wg.Done()
+
+	}()
+	semaphore <- struct{}{}
+	defer func() {
+		<-semaphore
+	}()
+	m.CommandCounter.Pending--
+	m.CommandCounter.Executing++
+
+	DBInstances, err := sdk.CachedRDSDescribeDBInstances(m.RDSClient, aws.ToString(m.Caller.Account), r)
+
+	if err != nil {
+		m.modLog.Error(err.Error())
+		m.CommandCounter.Error++
+		return
+	}
+
+	for _, instance := range DBInstances {
+		var public string
+		var service string
+		var roles string
+		if instance.Endpoint == nil {
+			continue
+		}
+
+		name := aws.ToString(instance.DBInstanceIdentifier)
+		port := instance.Endpoint.Port
+		endpoint := aws.ToString(instance.Endpoint.Address)
+		engine := aws.ToString(instance.Engine)
+
+		if aws.ToBool(instance.PubliclyAccessible) {
+			public = "True"
+		} else {
+			public = "False"
+		}
+
+		if isNeptune(instance.Engine) {
+			service = "Neptune"
+		} else if isDocDB(instance.Engine) {
+			service = "DocsDB"
+		} else {
+			service = "RDS"
+		}
+
+		associatedRoles := instance.AssociatedRoles
+		for _, role := range associatedRoles {
+			roles = roles + aws.ToString(role.RoleArn) + " "
+		}
+
+		dataReceiver <- Database{
+			AWSService: service,
+			Region:     r,
+			Name:       name,
+			Engine:     engine,
+			Endpoint:   endpoint,
+			UserName:   aws.ToString(instance.MasterUsername),
+			Port:       aws.ToInt32(port),
+			Protocol:   aws.ToString(instance.Engine),
+			Public:     public,
+			Roles:      roles,
+		}
+	}
+}
+
 func (m *DatabasesModule) getRedshiftDatabasesPerRegion(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database) {
 	defer func() {
 		m.CommandCounter.Executing--

From 0b88bcac56d74f139fe114f24657f1d51e249d0e Mon Sep 17 00:00:00 2001
From: Seth Art <seth.art@datadoghq.com>
Date: Wed, 29 May 2024 11:30:49 -0400
Subject: [PATCH 2/2] Updated tests to make sure that RDS instances without
 clusters are checked for

---
 aws/databases_test.go | 9 +++++----
 aws/sdk/rds_mocks.go  | 8 ++++++++
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/aws/databases_test.go b/aws/databases_test.go
index 026d729..24425af 100644
--- a/aws/databases_test.go
+++ b/aws/databases_test.go
@@ -42,10 +42,11 @@ func TestDatabasesCommand(t *testing.T) {
 	}
 
 	expectedResults := []string{
-		"db1.cluster-123456789012.us-west-2.rds.amazonaws.com",
-		"db2.cluster-123456789012.us-west-2.rds.amazonaws.com",
-		"db3.cluster-123456789012.us-west-2.neptune.amazonaws.com",
-		"db4.cluster-123456789012.us-west-2.docdb.amazonaws.com",
+		"db1.cluster-123456789012.us-west-2.rds.amazonaws.com", // make sure it includes the Aurora clusters
+		"db2.cluster-123456789012.us-west-2.rds.amazonaws.com", // make sure it includes the Aurora clusters
+		"db3.cluster-123456789012.us-west-2.neptune.amazonaws.com", // make sure it includes the Neptune instances
+		"db4.cluster-123456789012.us-west-2.docdb.amazonaws.com", // make sure it includes the DocumentDB instances
+		"db1-instances-1.blah.us-west-2.rds.amazonaws.com", // make sure it includes the RDS instances
 	}
 
 	for _, expected := range expectedResults {
diff --git a/aws/sdk/rds_mocks.go b/aws/sdk/rds_mocks.go
index b6ec344..3829a85 100644
--- a/aws/sdk/rds_mocks.go
+++ b/aws/sdk/rds_mocks.go
@@ -21,6 +21,10 @@ func (m *MockedRDSClient) DescribeDBInstances(ctx context.Context, input *rds.De
 				EngineVersion:        aws.String("13.3"),
 				InstanceCreateTime:   aws.Time(time.Now()),
 				MasterUsername:       aws.String("postgres"),
+				Endpoint: &rdsTypes.Endpoint{
+					Address: aws.String("db1-instances-1.blah.us-west-2.rds.amazonaws.com"),
+					Port:    aws.Int32(5432),
+				},
 			},
 			{
 				DBInstanceIdentifier: aws.String("db2"),
@@ -28,6 +32,10 @@ func (m *MockedRDSClient) DescribeDBInstances(ctx context.Context, input *rds.De
 				EngineVersion:        aws.String("13.3"),
 				InstanceCreateTime:   aws.Time(time.Now()),
 				MasterUsername:       aws.String("postgres"),
+				Endpoint: &rdsTypes.Endpoint{
+					Address: aws.String("db2-instances-1.blah.us-west-2.rds.amazonaws.com"),
+					Port:    aws.Int32(5432),
+				},
 			},
 		},
 	}, nil