I am trying to write a query where a DNS CNAME record points to a non-existent resource(S3 bucket in my case). The idea is to collect all the distinct S3 bucket names as a list. Then pick up the cname records which have value pointing to a bucket name. If the CNAME value is pointing to a bucket name which is not in our list, then return the result.
An example record of this would be:
test.random-domain.link. 300 IN CNAME s3.us-east-2.amazonaws.com/non-existent-bucket.link/index.html.
My query is matching with every other S3 bucket that exists in my account and I am not able to write it in a way that it should only return true when the corresponding bucket defined in the CNAME is non-existent.
Can anyone help me modify my query for the appropriate result?
CodePudding user response:
Try this:
MATCH (A:AWSAccount)-[R1:RESOURCE]->(C:S3Bucket) WHERE A.id = "{ACCNTID}"
WITH A, collect(DISTINCT C.name) as existingBuckets
MATCH (A)-[R2:RESOURCE]->(B:AWSDNSRecord) WHERE B.type = 'CNAME' and left(B.value, 2) = 's3'
WITH A, existingBuckets, B, split(B.value, '/')[1] AS bucketPointedByDNS
WHERE NOT bucketPointedByDNS IN existingBuckets
RETURN A, B