gruntwork-io
diff --git a/‎aws/resource_registry.go‎
Lines changed: 30 additions & 30 deletions b/‎aws/resource_registry.go‎
Lines changed: 30 additions & 30 deletions
diff --git a/‎aws/resources/acm.go‎
Lines changed: 51 additions & 49 deletions b/‎aws/resources/acm.go‎
Lines changed: 51 additions & 49 deletions
@@ -53,77 +53,77 @@ func getRegisteredRegionalResources() []AwsResource {
 	// instances before deleting the VPC.
 	return []AwsResource{
 		resources.NewAccessAnalyzer(),
-		&resources.ACM{},
-		&resources.ACMPCA{},
-		&resources.AMIs{},
+		resources.NewACM(),
+		resources.NewACMPCA(),
+		resources.NewAMIs(),
 		&resources.ApiGateway{},
 		&resources.ApiGatewayV2{},
 		&resources.ASGroups{},
-		&resources.AppRunnerService{},
-		&resources.BackupVault{},
-		&resources.ManagedPrometheus{},
-		&resources.Grafana{},
+		resources.NewAppRunnerService(),
+		resources.NewBackupVault(),
+		resources.NewManagedPrometheus(),
+		resources.NewGrafana(),
 		resources.NewEventBridgeSchedule(),
 		&resources.EventBridgeScheduleGroup{},
-		&resources.EventBridgeArchive{},
+		resources.NewEventBridgeArchive(),
 		&resources.EventBridgeRule{},
 		&resources.EventBridge{},
-		&resources.CloudtrailTrail{},
+		resources.NewCloudtrailTrail(),
 		&resources.CloudFormationStacks{},
-		&resources.CloudWatchAlarms{},
+		resources.NewCloudWatchAlarms(),
 		resources.NewCloudWatchDashboards(),
 		resources.NewCloudWatchLogGroups(),
 		&resources.CloudMapServices{},
 		&resources.CloudMapNamespaces{},
 		&resources.CodeDeployApplications{},
-		&resources.ConfigServiceRecorders{},
+		resources.NewConfigServiceRecorders(),
 		&resources.ConfigServiceRule{},
-		&resources.DataSyncTask{},
-		&resources.DataSyncLocation{},
-		&resources.DynamoDB{},
+		resources.NewDataSyncTask(),
+		resources.NewDataSyncLocation(),
+		resources.NewDynamoDB(),
 		&resources.EBSVolumes{},
-		&resources.EBApplications{},
+		resources.NewEBApplications(),
 		&resources.EC2Instances{},
 		&resources.EC2DedicatedHosts{},
 		resources.NewEC2KeyPairs(),
 		resources.NewEC2PlacementGroups(),
 		&resources.TransitGateways{},
-		&resources.TransitGatewaysRouteTables{},
+		resources.NewTransitGatewaysRouteTables(),
 		// Note: nuking transitgateway vpc attachement before nuking the vpc since vpc could be associated with it.
-		&resources.TransitGatewayPeeringAttachment{},
+		resources.NewTransitGatewayPeeringAttachment(),
 		&resources.TransitGatewaysVpcAttachment{},
 		&resources.EC2Endpoints{},
-		&resources.ECR{},
+		resources.NewECR(),
 		&resources.ECSClusters{},
 		&resources.ECSServices{},
 		&resources.EgressOnlyInternetGateway{},
 		&resources.ElasticFileSystem{},
-		&resources.EIPAddresses{},
+		resources.NewEIPAddresses(),
 		&resources.EKSClusters{},
 		&resources.ElasticCacheServerless{},
 		&resources.Elasticaches{},
 		&resources.ElasticacheParameterGroups{},
 		&resources.ElasticacheSubnetGroups{},
 		&resources.LoadBalancers{},
 		&resources.LoadBalancersV2{},
-		&resources.GuardDuty{},
+		resources.NewGuardDuty(),
 		resources.NewKinesisFirehose(),
 		resources.NewKinesisStreams(),
 		&resources.KmsCustomerKeys{},
 		&resources.LambdaFunctions{},
 		&resources.LambdaLayers{},
 		resources.NewLaunchConfigs(),
-		&resources.LaunchTemplates{},
+		resources.NewLaunchTemplates(),
 		&resources.MacieMember{},
 		&resources.MSKCluster{},
-		&resources.NatGateways{},
+		resources.NewNatGateways(),
 		&resources.OpenSearchDomains{},
 		&resources.DBGlobalClusterMemberships{},
 		&resources.DBInstances{},
 		&resources.DBSubnetGroups{},
 		&resources.DBClusters{},
-		&resources.RdsProxy{},
-		&resources.RdsSnapshot{},
+		resources.NewRdsProxy(),
+		resources.NewRdsSnapshot(),
 		&resources.RdsParameterGroup{},
 		&resources.RedshiftClusters{},
 		&resources.RedshiftSnapshotCopyGrants{},
@@ -134,16 +134,16 @@ func getRegisteredRegionalResources() []AwsResource {
 		&resources.SageMakerNotebookInstances{},
 		&resources.SageMakerStudio{},
 		&resources.SageMakerEndpoint{},
-		&resources.SecretsManagerSecrets{},
+		resources.NewSecretsManagerSecrets(),
 		&resources.SecurityHub{},
-		&resources.SesConfigurationSet{},
+		resources.NewSesConfigurationSet(),
 		resources.NewSesEmailTemplates(),
-		&resources.SesIdentities{},
+		resources.NewSesIdentities(),
 		&resources.SesReceiptRule{},
 		&resources.SesReceiptFilter{},
-		&resources.Snapshots{},
-		&resources.SNSTopic{},
-		&resources.SqsQueue{},
+		resources.NewSnapshots(),
+		resources.NewSNSTopic(),
+		resources.NewSqsQueue(),
 		&resources.EC2IPAMs{},
 		&resources.EC2IpamScopes{},
 		&resources.EC2IPAMResourceDiscovery{},
 
@@ -4,83 +4,85 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/service/acm"
 	"github.com/aws/aws-sdk-go-v2/service/acm/types"
 	"github.com/gruntwork-io/cloud-nuke/config"
 	"github.com/gruntwork-io/cloud-nuke/logging"
-	"github.com/gruntwork-io/cloud-nuke/report"
-	"github.com/gruntwork-io/go-commons/errors"
+	"github.com/gruntwork-io/cloud-nuke/resource"
 )
 
-// Returns a list of strings of ACM ARNs
-func (a *ACM) getAll(c context.Context, configObj config.Config) ([]*string, error) {
+// ACMAPI defines the interface for ACM operations.
+type ACMAPI interface {
+	ListCertificates(ctx context.Context, params *acm.ListCertificatesInput, optFns ...func(*acm.Options)) (*acm.ListCertificatesOutput, error)
+	DeleteCertificate(ctx context.Context, params *acm.DeleteCertificateInput, optFns ...func(*acm.Options)) (*acm.DeleteCertificateOutput, error)
+}
+
+// NewACM creates a new ACM resource using the generic resource pattern.
+func NewACM() AwsResource {
+	return NewAwsResource(&resource.Resource[ACMAPI]{
+		ResourceTypeName: "acm",
+		BatchSize:        10,
+		InitClient: WrapAwsInitClient(func(r *resource.Resource[ACMAPI], cfg aws.Config) {
+			r.Scope.Region = cfg.Region
+			r.Client = acm.NewFromConfig(cfg)
+		}),
+		ConfigGetter: func(c config.Config) config.ResourceType {
+			return c.ACM
+		},
+		Lister: listACMCertificates,
+		Nuker:  resource.SimpleBatchDeleter(deleteACMCertificate),
+	})
+}
+
+// listACMCertificates retrieves all ACM certificates that match the config filters.
+func listACMCertificates(ctx context.Context, client ACMAPI, scope resource.Scope, cfg config.ResourceType) ([]*string, error) {
 	var acmArns []*string
-	paginator := acm.NewListCertificatesPaginator(a.Client, &acm.ListCertificatesInput{})
+	paginator := acm.NewListCertificatesPaginator(client, &acm.ListCertificatesInput{})
+
 	for paginator.HasMorePages() {
-		page, err := paginator.NextPage(c)
+		page, err := paginator.NextPage(ctx)
 		if err != nil {
-			return nil, errors.WithStackTrace(err)
+			return nil, err
 		}
 
 		for _, cert := range page.CertificateSummaryList {
-			logging.Debug(fmt.Sprintf("Found ACM %s with domain name %s", *cert.CertificateArn, *cert.DomainName))
-			if a.shouldInclude(cert, configObj) {
-				logging.Debug(fmt.Sprintf("Including ACM %s", *cert.CertificateArn))
+			logging.Debugf("Found ACM %s with domain name %s", *cert.CertificateArn, *cert.DomainName)
+			if shouldIncludeACMCertificate(cert, cfg) {
+				logging.Debugf("Including ACM %s", *cert.CertificateArn)
 				acmArns = append(acmArns, cert.CertificateArn)
 			} else {
-				logging.Debug(fmt.Sprintf("Skipping ACM %s", *cert.CertificateArn))
+				logging.Debugf("Skipping ACM %s", *cert.CertificateArn)
 			}
 		}
 	}
 
 	return acmArns, nil
 }
 
-func (a *ACM) shouldInclude(acm types.CertificateSummary, configObj config.Config) bool {
-	if acm.InUse != nil && *acm.InUse {
-		logging.Debug(fmt.Sprintf("ACM %s is in use", *acm.CertificateArn))
+// shouldIncludeACMCertificate determines if an ACM certificate should be included based on config filters.
+func shouldIncludeACMCertificate(cert types.CertificateSummary, cfg config.ResourceType) bool {
+	if cert.InUse != nil && *cert.InUse {
+		logging.Debugf("ACM %s is in use", *cert.CertificateArn)
 		return false
 	}
 
-	shouldInclude := configObj.ACM.ShouldInclude(config.ResourceValue{
-		Name: acm.DomainName,
-		Time: acm.CreatedAt,
+	shouldInclude := cfg.ShouldInclude(config.ResourceValue{
+		Name: cert.DomainName,
+		Time: cert.CreatedAt,
 	})
-	logging.Debug(fmt.Sprintf("shouldInclude result for ACM: %s w/ domain name: %s, time: %s, and config: %+v",
-		*acm.CertificateArn, *acm.DomainName, acm.CreatedAt, configObj.ACM))
+	logging.Debugf("shouldInclude result for ACM: %s w/ domain name: %s, time: %s, and config: %+v",
+		aws.ToString(cert.CertificateArn), aws.ToString(cert.DomainName), cert.CreatedAt, cfg)
 	return shouldInclude
 }
 
-// Deletes all ACMs
-func (a *ACM) nukeAll(arns []*string) error {
-	if len(arns) == 0 {
-		logging.Debugf("No ACMs to nuke in region %s", a.Region)
-		return nil
-	}
-
-	logging.Debugf("Deleting all ACMs in region %s", a.Region)
-	deletedCount := 0
-	for _, acmArn := range arns {
-		params := &acm.DeleteCertificateInput{
-			CertificateArn: acmArn,
-		}
-
-		_, err := a.Client.DeleteCertificate(a.Context, params)
-		if err != nil {
-			logging.Debugf("[Failed] %s", err)
-		} else {
-			deletedCount++
-			logging.Debugf("Deleted ACM: %s", *acmArn)
-		}
-
-		e := report.Entry{
-			Identifier:   *acmArn,
-			ResourceType: "ACM",
-			Error:        err,
-		}
-		report.Record(e)
+// deleteACMCertificate deletes a single ACM certificate.
+func deleteACMCertificate(ctx context.Context, client ACMAPI, arn *string) error {
+	_, err := client.DeleteCertificate(ctx, &acm.DeleteCertificateInput{
+		CertificateArn: arn,
+	})
+	if err != nil {
+		return fmt.Errorf("failed to delete ACM certificate %s: %w", aws.ToString(arn), err)
 	}
-
-	logging.Debugf("[OK] %d ACM(s) terminated in %s", deletedCount, a.Region)
 	return nil
 }