exclude resource types which do not support list operation or require resource model properties

Author: Zee2413

src/resourceState/ListResourcesExclusionTypes.ts

@@ -0,0 +1,112 @@
+// Resource types which do not support List operation via Cloud Control API
+// source: https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/supported-resources.html
+export const NO_LIST_SUPPORT: ReadonlySet<string> = new Set([
+    'AWS::ACMPCA::Certificate',
+    'AWS::ACMPCA::CertificateAuthorityActivation',
+    'AWS::ACMPCA::Permission',
+    'AWS::ApiGateway::Account',
+    'AWS::ApiGateway::Method',
+    'AWS::AppStream::AppBlock',
+    'AWS::AppStream::Application',
+    'AWS::AppStream::ApplicationEntitlementAssociation',
+    'AWS::AppStream::ApplicationFleetAssociation',
+    'AWS::AppStream::Entitlement',
+    'AWS::AppSync::DomainNameApiAssociation',
+    'AWS::Bedrock::GuardrailVersion',
+    'AWS::CertificateManager::Account',
+    'AWS::CloudFormation::ModuleVersion',
+    'AWS::CloudFront::MonitoringSubscription',
+    'AWS::CloudTrail::ResourcePolicy',
+    'AWS::Cognito::LogDeliveryConfiguration',
+    'AWS::Cognito::ManagedLoginBranding',
+    'AWS::Cognito::UserPoolDomain',
+    'AWS::Cognito::UserPoolRiskConfigurationAttachment',
+    'AWS::Cognito::UserPoolUICustomizationAttachment',
+    'AWS::Cognito::UserPoolUserToGroupAttachment',
+    'AWS::Connect::Rule',
+    'AWS::Connect::UserHierarchyStructure',
+    'AWS::DataZone::FormType',
+    'AWS::EC2::GatewayRouteTableAssociation',
+    'AWS::EC2::VPCBlockPublicAccessOptions',
+    'AWS::ECS::PrimaryTaskSet',
+    'AWS::ECS::TaskSet',
+    'AWS::EMR::Step',
+    'AWS::EventSchemas::RegistryPolicy',
+    'AWS::Evidently::Experiment',
+    'AWS::Evidently::Feature',
+    'AWS::Evidently::Launch',
+    'AWS::Evidently::Project',
+    'AWS::IAM::GroupPolicy',
+    'AWS::IAM::RolePolicy',
+    'AWS::IAM::ServiceLinkedRole',
+    'AWS::IAM::UserPolicy',
+    'AWS::Inspector::ResourceGroup',
+    'AWS::Kinesis::ResourcePolicy',
+    'AWS::LakeFormation::PrincipalPermissions',
+    'AWS::LakeFormation::TagAssociation',
+    'AWS::MediaConnect::BridgeOutput',
+    'AWS::MediaConnect::BridgeSource',
+    'AWS::MediaPackageV2::ChannelPolicy',
+    'AWS::MediaPackageV2::OriginEndpointPolicy',
+    'AWS::MediaTailor::ChannelPolicy',
+    'AWS::NetworkFirewall::LoggingConfiguration',
+    'AWS::OpenSearchService::Domain',
+    'AWS::Panorama::PackageVersion',
+    'AWS::ResourceExplorer2::DefaultViewAssociation',
+    'AWS::S3ObjectLambda::AccessPointPolicy',
+    'AWS::S3Outposts::BucketPolicy',
+    'AWS::SageMaker::Device',
+    'AWS::SageMaker::DeviceFleet',
+    'AWS::ServiceCatalog::CloudFormationProvisionedProduct',
+    'AWS::SES::VdmAttributes',
+    'AWS::SNS::TopicInlinePolicy',
+    'AWS::SQS::QueueInlinePolicy',
+    'AWS::VpcLattice::AuthPolicy',
+    'AWS::VpcLattice::ResourcePolicy',
+    'AWS::WAFv2::WebACLAssociation',
+    'AWS::WorkSpaces::ConnectionAlias',
+]);
+
+// Resource types which require properties to be included in order to be listed
+// source: https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/resource-operations-list.html#resource-operations-list-containers
+export const REQUIRES_RESOURCE_MODEL: ReadonlySet<string> = new Set([
+    'AWS::ApiGateway::DocumentationVersion',
+    'AWS::ApiGateway::Step',
+    'AWS::CloudFormation::ResourceVersion',
+    'AWS::CustomerProfiles::Integration',
+    'AWS::CustomerProfiles::ObjectType',
+    'AWS::EC2::TransitGatewayMulticastGroupMember',
+    'AWS::EC2::TransitGatewayMulticastGroupSource',
+    'AWS::ECS::TaskSet',
+    'AWS::EKS::AddOn',
+    'AWS::EKS::FargateProfile',
+    'AWS::ElasticLoadBalancingV2::Listener',
+    'AWS::ElasticLoadBalancingV2::ListenerRule',
+    'AWS::Glue::Attach::SchemaVersion',
+    'AWS::Glue::Attach::SchemaVersionMetadata',
+    'AWS::IoTSiteWise::AccessPolicy',
+    'AWS::IoTSiteWise::Dashboard',
+    'AWS::IoTSiteWise::Project',
+    'AWS::Kendra::DataSource',
+    'AWS::Kendra::Faq',
+    'AWS::MediaConnect::FlowEntitlement',
+    'AWS::MediaConnect::FlowOutput',
+    'AWS::MediaConnect::FlowSource',
+    'AWS::MediaConnect::FlowVpcInterface',
+    'AWS::MediaPackage::Asset',
+    'AWS::MediaPackage::PackagingConfiguration',
+    'AWS::NetworkFirewall::LoggingConfiguration',
+    'AWS::QuickSight::Analysis',
+    'AWS::QuickSight::Dashboard',
+    'AWS::QuickSight::DataSet',
+    'AWS::QuickSight::DataSource',
+    'AWS::QuickSight::Template',
+    'AWS::QuickSight::Theme',
+    'AWS::RDS::DBProxyTargetGroup',
+    'AWS::S3Outposts::AccessPoint',
+    'AWS::S3Outposts::Bucket',
+    'AWS::SSO::Assignment',
+    'AWS::SSO::InstanceAccessControlAttributeConfiguration',
+    'AWS::SSO::PermissionSet',
+    'AWS::WAFv2::WebACL',
+]);

src/resourceState/ResourceStateManager.ts

@@ -9,6 +9,7 @@ import { LoggerFactory } from '../telemetry/LoggerFactory';
 import { ScopedTelemetry } from '../telemetry/ScopedTelemetry';
 import { Telemetry, Measure } from '../telemetry/TelemetryDecorator';
 import { Closeable } from '../utils/Closeable';
+import { NO_LIST_SUPPORT, REQUIRES_RESOURCE_MODEL } from './ListResourcesExclusionTypes';
 import { ListResourcesResult, RefreshResourcesResult } from './ResourceStateTypes';
 
 const log = LoggerFactory.getLogger('ResourceStateManager');
@@ -156,7 +157,8 @@ export class ResourceStateManager implements SettingsConfigurable, Closeable {
 
     public getResourceTypes(): string[] {
         const schemas = this.schemaRetriever.getDefault().schemas;
-        return [...schemas.keys()];
+        const allTypes = new Set(schemas.keys());
+        return [...allTypes].filter((type) => !NO_LIST_SUPPORT.has(type) && !REQUIRES_RESOURCE_MODEL.has(type));
     }
 
     private storeResourceState(typeName: ResourceType, id: ResourceId, state: ResourceState) {

tst/unit/resourceState/ResourceStateManager.test.ts

@@ -2,6 +2,7 @@ import { GetResourceCommandOutput, ResourceNotFoundException } from '@aws-sdk/cl
 import { DateTime } from 'luxon';
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
 import { ResourceStateManager } from '../../../src/resourceState/ResourceStateManager';
+import { CombinedSchemas } from '../../../src/schema/CombinedSchemas';
 import { CcapiService } from '../../../src/services/CcapiService';
 import { createMockSchemaRetriever } from '../../utils/MockServerComponents';
 
@@ -98,4 +99,46 @@ describe('ResourceStateManager', () => {
             expect(result).toBeUndefined();
         });
     });
+
+    describe('getResourceTypes()', () => {
+        it('should filter out resource types without list support', () => {
+            const mockSchemas: CombinedSchemas = {
+                schemas: new Map([
+                    ['AWS::S3::Bucket', {}],
+                    ['AWS::IAM::Role', {}],
+                    ['AWS::IAM::RolePolicy', {}],
+                ]),
+            } as CombinedSchemas;
+            const managerWithSchemas = new ResourceStateManager(
+                mockCcapiService,
+                createMockSchemaRetriever(mockSchemas),
+            );
+
+            const result = managerWithSchemas.getResourceTypes();
+
+            expect(result).toContain('AWS::S3::Bucket');
+            expect(result).toContain('AWS::IAM::Role');
+            expect(result).not.toContain('AWS::IAM::RolePolicy');
+        });
+
+        it('should filter out resource types requiring resource model properties', () => {
+            const mockSchemas: CombinedSchemas = {
+                schemas: new Map([
+                    ['AWS::S3::Bucket', {}],
+                    ['AWS::EKS::Cluster', {}],
+                    ['AWS::EKS::AddOn', {}],
+                ]),
+            } as CombinedSchemas;
+            const managerWithSchemas = new ResourceStateManager(
+                mockCcapiService,
+                createMockSchemaRetriever(mockSchemas),
+            );
+
+            const result = managerWithSchemas.getResourceTypes();
+
+            expect(result).toContain('AWS::S3::Bucket');
+            expect(result).toContain('AWS::EKS::Cluster');
+            expect(result).not.toContain('AWS::EKS::AddOn');
+        });
+    });
 });