Merge pull request #4 from oreillymedia/CL-550

Cl 550 | Adjust cloudcontrol behavior in aws-nuke to properly handle ThrottlingExceptions
oreillymedia · Jun 2, 2023 · cfa9c9e · cfa9c9e
2 parents 0b661ad + 1c22311
commit cfa9c9e
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 5 deletions.
diff --git a/cmd/nuke.go b/cmd/nuke.go
@@ -63,6 +63,16 @@ func (n *Nuke) Run() error {
 		return err
 	}
 
+	if n.items.Count(ItemStateFailed) > 0 && n.items.Count(ItemStateNew) == 0 {
+		for _, item := range n.items {
+			if item.State != ItemStateFailed {
+				continue
+			}
+			logrus.Error(fmt.Sprintf("%s. %s.", item.Type, item.Reason))
+		}
+		return fmt.Errorf("failed")
+	}
+
 	if n.items.Count(ItemStateNew) == 0 {
 		fmt.Println("No resource to delete.")
 		return nil
@@ -249,9 +259,14 @@ func (n *Nuke) HandleQueue() {
 			n.HandleRemove(item)
 			item.Print()
 		case ItemStateFailed:
-			n.HandleRemove(item)
-			n.HandleWait(item, listCache)
-			item.Print()
+			// item.Resource will be nil if an exception was thrown while retrieving cloudControl
+			// resourceType's items (I.E resourceTypes lister()), however we still pass down the
+			// reason and state so we aren't ignoring these exceptions.
+			if item.Resource != nil {
+				n.HandleRemove(item)
+				n.HandleWait(item, listCache)
+				item.Print()
+			}
 		case ItemStatePending:
 			n.HandleWait(item, listCache)
 			item.State = ItemStateWaiting

diff --git a/cmd/scan.go b/cmd/scan.go
@@ -5,14 +5,15 @@ import (
 	"fmt"
 	"runtime/debug"
 
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/rebuy-de/aws-nuke/v2/pkg/awsutil"
 	"github.com/rebuy-de/aws-nuke/v2/pkg/util"
 	"github.com/rebuy-de/aws-nuke/v2/resources"
 	log "github.com/sirupsen/logrus"
 	"golang.org/x/sync/semaphore"
 )
 
-const ScannerParallelQueries = 2
+const ScannerParallelQueries = 16
 
 func Scan(region *Region, resourceTypes []string) <-chan *Item {
 	s := &scanner{
@@ -72,6 +73,20 @@ func (s *scanner) list(region *Region, resourceType string) {
 			return
 		}
 
+		awsErr, ok := err.(awserr.Error)
+		if ok && awsErr.Code() == "ThrottlingException" {
+			s.items <- &Item{
+				Region:   region,
+				Resource: nil,
+				State:    ItemStateFailed,
+				Reason:   err.Error(),
+				Type:     resourceType,
+			}
+			dump := util.Indent(fmt.Sprintf("%v", err), "    ")
+			log.Errorf("Listing %s failed:\n%s", resourceType, dump)
+			return
+		}
+
 		dump := util.Indent(fmt.Sprintf("%v", err), "    ")
 		log.Errorf("Listing %s failed:\n%s", resourceType, dump)
 		return

diff --git a/resources/cloudcontrol.go b/resources/cloudcontrol.go
@@ -37,9 +37,11 @@ func init() {
 	registerCloudControl("AWS::NetworkFirewall::RuleGroup")
 }
 
+const CloudControlAPiMaxRetries = 5
+
 func NewListCloudControlResource(typeName string) func(*session.Session) ([]Resource, error) {
 	return func(sess *session.Session) ([]Resource, error) {
-		svc := cloudcontrolapi.New(sess)
+		svc := cloudcontrolapi.New(sess, &aws.Config{MaxRetries: aws.Int(CloudControlAPiMaxRetries)})
 
 		params := &cloudcontrolapi.ListResourcesInput{
 			TypeName: aws.String(typeName),