Skip to main content

rusticity_term/cloudtrail/
events.rs

1use crate::common::translate_column;
2use crate::common::{ColumnId, UTC_TIMESTAMP_WIDTH};
3use std::collections::HashMap;
4
5pub fn init(i18n: &mut HashMap<String, String>) {
6    for col in CloudTrailEventColumn::all() {
7        i18n.entry(col.id().to_string())
8            .or_insert_with(|| col.default_name().to_string());
9    }
10}
11
12#[derive(Debug, Clone)]
13pub struct CloudTrailEvent {
14    pub event_time: String,
15    pub event_name: String,
16    pub username: String,
17    pub event_source: String,
18    pub resource_type: String,
19    pub resource_name: String,
20    pub read_only: String,
21    pub aws_region: String,
22    pub event_id: String,
23    pub access_key_id: String,
24    pub source_ip_address: String,
25    pub error_code: String,
26    pub request_id: String,
27    pub event_type: String,
28    pub cloud_trail_event_json: String,
29}
30
31#[derive(Debug, Clone, Copy, PartialEq)]
32pub enum CloudTrailEventColumn {
33    EventName,
34    EventTime,
35    Username,
36    EventSource,
37    ResourceType,
38    ResourceName,
39    ReadOnly,
40    AwsRegion,
41    EventId,
42    AccessKeyId,
43    SourceIpAddress,
44    ErrorCode,
45    RequestId,
46    EventType,
47}
48
49impl CloudTrailEventColumn {
50    const ID_EVENT_NAME: &'static str = "column.cloudtrail.event.event_name";
51    const ID_EVENT_TIME: &'static str = "column.cloudtrail.event.event_time";
52    const ID_USERNAME: &'static str = "column.cloudtrail.event.username";
53    const ID_EVENT_SOURCE: &'static str = "column.cloudtrail.event.event_source";
54    const ID_RESOURCE_TYPE: &'static str = "column.cloudtrail.event.resource_type";
55    const ID_RESOURCE_NAME: &'static str = "column.cloudtrail.event.resource_name";
56    const ID_READ_ONLY: &'static str = "column.cloudtrail.event.read_only";
57    const ID_AWS_REGION: &'static str = "column.cloudtrail.event.aws_region";
58    const ID_EVENT_ID: &'static str = "column.cloudtrail.event.event_id";
59    const ID_ACCESS_KEY_ID: &'static str = "column.cloudtrail.event.access_key_id";
60    const ID_SOURCE_IP_ADDRESS: &'static str = "column.cloudtrail.event.source_ip_address";
61    const ID_ERROR_CODE: &'static str = "column.cloudtrail.event.error_code";
62    const ID_REQUEST_ID: &'static str = "column.cloudtrail.event.request_id";
63    const ID_EVENT_TYPE: &'static str = "column.cloudtrail.event.event_type";
64
65    pub const fn id(&self) -> &'static str {
66        match self {
67            CloudTrailEventColumn::EventName => Self::ID_EVENT_NAME,
68            CloudTrailEventColumn::EventTime => Self::ID_EVENT_TIME,
69            CloudTrailEventColumn::Username => Self::ID_USERNAME,
70            CloudTrailEventColumn::EventSource => Self::ID_EVENT_SOURCE,
71            CloudTrailEventColumn::ResourceType => Self::ID_RESOURCE_TYPE,
72            CloudTrailEventColumn::ResourceName => Self::ID_RESOURCE_NAME,
73            CloudTrailEventColumn::ReadOnly => Self::ID_READ_ONLY,
74            CloudTrailEventColumn::AwsRegion => Self::ID_AWS_REGION,
75            CloudTrailEventColumn::EventId => Self::ID_EVENT_ID,
76            CloudTrailEventColumn::AccessKeyId => Self::ID_ACCESS_KEY_ID,
77            CloudTrailEventColumn::SourceIpAddress => Self::ID_SOURCE_IP_ADDRESS,
78            CloudTrailEventColumn::ErrorCode => Self::ID_ERROR_CODE,
79            CloudTrailEventColumn::RequestId => Self::ID_REQUEST_ID,
80            CloudTrailEventColumn::EventType => Self::ID_EVENT_TYPE,
81        }
82    }
83
84    pub const fn default_name(&self) -> &'static str {
85        match self {
86            CloudTrailEventColumn::EventName => "Event name",
87            CloudTrailEventColumn::EventTime => "Event time",
88            CloudTrailEventColumn::Username => "User name",
89            CloudTrailEventColumn::EventSource => "Event source",
90            CloudTrailEventColumn::ResourceType => "Resource type",
91            CloudTrailEventColumn::ResourceName => "Resource name",
92            CloudTrailEventColumn::ReadOnly => "Read-only",
93            CloudTrailEventColumn::AwsRegion => "AWS region",
94            CloudTrailEventColumn::EventId => "Event ID",
95            CloudTrailEventColumn::AccessKeyId => "AWS access key",
96            CloudTrailEventColumn::SourceIpAddress => "Source IP address",
97            CloudTrailEventColumn::ErrorCode => "Error code",
98            CloudTrailEventColumn::RequestId => "Request ID",
99            CloudTrailEventColumn::EventType => "Event type",
100        }
101    }
102
103    pub fn name(&self) -> String {
104        translate_column(self.id(), self.default_name())
105    }
106
107    pub fn width(&self) -> u16 {
108        match self {
109            CloudTrailEventColumn::EventName => 35,
110            CloudTrailEventColumn::EventTime => UTC_TIMESTAMP_WIDTH,
111            CloudTrailEventColumn::Username => 25,
112            CloudTrailEventColumn::EventSource => 30,
113            CloudTrailEventColumn::ResourceType => 25,
114            CloudTrailEventColumn::ResourceName => 40,
115            CloudTrailEventColumn::ReadOnly => 12,
116            CloudTrailEventColumn::AwsRegion => 15,
117            CloudTrailEventColumn::EventId => 40,
118            CloudTrailEventColumn::AccessKeyId => 25,
119            CloudTrailEventColumn::SourceIpAddress => 18,
120            CloudTrailEventColumn::ErrorCode => 20,
121            CloudTrailEventColumn::RequestId => 40,
122            CloudTrailEventColumn::EventType => 20,
123        }
124    }
125
126    pub fn from_id(id: &str) -> Option<Self> {
127        match id {
128            Self::ID_EVENT_NAME => Some(CloudTrailEventColumn::EventName),
129            Self::ID_EVENT_TIME => Some(CloudTrailEventColumn::EventTime),
130            Self::ID_USERNAME => Some(CloudTrailEventColumn::Username),
131            Self::ID_EVENT_SOURCE => Some(CloudTrailEventColumn::EventSource),
132            Self::ID_RESOURCE_TYPE => Some(CloudTrailEventColumn::ResourceType),
133            Self::ID_RESOURCE_NAME => Some(CloudTrailEventColumn::ResourceName),
134            Self::ID_READ_ONLY => Some(CloudTrailEventColumn::ReadOnly),
135            Self::ID_AWS_REGION => Some(CloudTrailEventColumn::AwsRegion),
136            Self::ID_EVENT_ID => Some(CloudTrailEventColumn::EventId),
137            Self::ID_ACCESS_KEY_ID => Some(CloudTrailEventColumn::AccessKeyId),
138            Self::ID_SOURCE_IP_ADDRESS => Some(CloudTrailEventColumn::SourceIpAddress),
139            Self::ID_ERROR_CODE => Some(CloudTrailEventColumn::ErrorCode),
140            Self::ID_REQUEST_ID => Some(CloudTrailEventColumn::RequestId),
141            Self::ID_EVENT_TYPE => Some(CloudTrailEventColumn::EventType),
142            _ => None,
143        }
144    }
145
146    pub fn all() -> [CloudTrailEventColumn; 14] {
147        [
148            CloudTrailEventColumn::EventName,
149            CloudTrailEventColumn::EventTime,
150            CloudTrailEventColumn::Username,
151            CloudTrailEventColumn::EventSource,
152            CloudTrailEventColumn::ResourceType,
153            CloudTrailEventColumn::ResourceName,
154            CloudTrailEventColumn::ReadOnly,
155            CloudTrailEventColumn::AwsRegion,
156            CloudTrailEventColumn::EventId,
157            CloudTrailEventColumn::AccessKeyId,
158            CloudTrailEventColumn::SourceIpAddress,
159            CloudTrailEventColumn::ErrorCode,
160            CloudTrailEventColumn::RequestId,
161            CloudTrailEventColumn::EventType,
162        ]
163    }
164
165    pub fn ids() -> Vec<ColumnId> {
166        Self::all().iter().map(|c| c.id()).collect()
167    }
168}
169
170#[cfg(test)]
171mod tests {
172    use super::*;
173
174    #[test]
175    fn test_column_ids_have_correct_prefix() {
176        for col in CloudTrailEventColumn::all() {
177            assert!(
178                col.id().starts_with("column.cloudtrail.event."),
179                "CloudTrailEventColumn ID '{}' should start with 'column.cloudtrail.event.'",
180                col.id()
181            );
182        }
183    }
184}