cartography 0.101.1rc1__py3-none-any.whl → 0.102.0__py3-none-any.whl

cartography/intel/entra/users.py

@@ -0,0 +1,205 @@
+import logging
+from typing import Any
+
+import neo4j
+from azure.identity import ClientSecretCredential
+from msgraph import GraphServiceClient
+from msgraph.generated.models.organization import Organization
+from msgraph.generated.models.user import User
+
+from cartography.client.core.tx import load
+from cartography.graph.job import GraphJob
+from cartography.models.entra.tenant import EntraTenantSchema
+from cartography.models.entra.user import EntraUserSchema
+from cartography.util import timeit
+
+logger = logging.getLogger(__name__)
+
+
+@timeit
+async def get_tenant(client: GraphServiceClient) -> Organization:
+    """
+    Get tenant information from Microsoft Graph API
+    """
+    org = await client.organization.get()
+    return org.value[0]  # Get the first (and typically only) tenant
+
+
+@timeit
+async def get_users(client: GraphServiceClient) -> list[User]:
+    """
+    Get all users from Microsoft Graph API with pagination support
+    """
+    all_users: list[User] = []
+    request_configuration = client.users.UsersRequestBuilderGetRequestConfiguration(
+        query_parameters=client.users.UsersRequestBuilderGetQueryParameters(
+            # Request more items per page to reduce number of API calls
+            top=999,
+        ),
+    )
+
+    page = await client.users.get(request_configuration=request_configuration)
+    while page:
+        all_users.extend(page.value)
+        if not page.odata_next_link:
+            break
+        page = await client.users.with_url(page.odata_next_link).get()
+
+    return all_users
+
+
+@timeit
+def transform_users(users: list[User]) -> list[dict[str, Any]]:
+    """
+    Transform the API response into the format expected by our schema
+    """
+    result: list[dict[str, Any]] = []
+    for user in users:
+        transformed_user = {
+            'id': user.id,
+            'user_principal_name': user.user_principal_name,
+            'display_name': user.display_name,
+            'given_name': user.given_name,
+            'surname': user.surname,
+            'mail': user.mail,
+            'other_mails': user.other_mails,
+            'preferred_language': user.preferred_language,
+            'preferred_name': user.preferred_name,
+            'state': user.state,
+            'usage_location': user.usage_location,
+            'user_type': user.user_type,
+            'show_in_address_list': user.show_in_address_list,
+            'sign_in_sessions_valid_from_date_time': user.sign_in_sessions_valid_from_date_time,
+            'security_identifier': user.on_premises_security_identifier,
+            'account_enabled': user.account_enabled,
+            'age_group': user.age_group,
+            'business_phones': user.business_phones,
+            'city': user.city,
+            'company_name': user.company_name,
+            'consent_provided_for_minor': user.consent_provided_for_minor,
+            'country': user.country,
+            'created_date_time': user.created_date_time,
+            'creation_type': user.creation_type,
+            'deleted_date_time': user.deleted_date_time,
+            'department': user.department,
+            'employee_id': user.employee_id,
+            'employee_type': user.employee_type,
+            'external_user_state': user.external_user_state,
+            'external_user_state_change_date_time': user.external_user_state_change_date_time,
+            'hire_date': user.hire_date,
+            'is_management_restricted': user.is_management_restricted,
+            'is_resource_account': user.is_resource_account,
+            'job_title': user.job_title,
+            'last_password_change_date_time': user.last_password_change_date_time,
+            'mail_nickname': user.mail_nickname,
+            'office_location': user.office_location,
+            'on_premises_distinguished_name': user.on_premises_distinguished_name,
+            'on_premises_domain_name': user.on_premises_domain_name,
+            'on_premises_immutable_id': user.on_premises_immutable_id,
+            'on_premises_last_sync_date_time': user.on_premises_last_sync_date_time,
+            'on_premises_sam_account_name': user.on_premises_sam_account_name,
+            'on_premises_security_identifier': user.on_premises_security_identifier,
+            'on_premises_sync_enabled': user.on_premises_sync_enabled,
+            'on_premises_user_principal_name': user.on_premises_user_principal_name,
+        }
+        result.append(transformed_user)
+    return result
+
+
+@timeit
+def transform_tenant(tenant: Organization, tenant_id: str) -> dict[str, Any]:
+    """
+    Transform the tenant data into the format expected by our schema
+    """
+    return {
+        'id': tenant_id,
+        'created_date_time': tenant.created_date_time,
+        'default_usage_location': tenant.default_usage_location,
+        'deleted_date_time': tenant.deleted_date_time,
+        'display_name': tenant.display_name,
+        'marketing_notification_emails': tenant.marketing_notification_emails,
+        'mobile_device_management_authority': tenant.mobile_device_management_authority,
+        'on_premises_last_sync_date_time': tenant.on_premises_last_sync_date_time,
+        'on_premises_sync_enabled': tenant.on_premises_sync_enabled,
+        'partner_tenant_type': tenant.partner_tenant_type,
+        'postal_code': tenant.postal_code,
+        'preferred_language': tenant.preferred_language,
+        'state': tenant.state,
+        'street': tenant.street,
+        'tenant_type': tenant.tenant_type,
+    }
+
+
+@timeit
+def load_tenant(
+    neo4j_session: neo4j.Session,
+    tenant: dict[str, Any],
+    update_tag: int,
+) -> None:
+    load(
+        neo4j_session,
+        EntraTenantSchema(),
+        [tenant],
+        lastupdated=update_tag,
+    )
+
+
+@timeit
+def load_users(
+    neo4j_session: neo4j.Session,
+    users: list[dict[str, Any]],
+    tenant_id: str,
+    update_tag: int,
+) -> None:
+    logger.info(f"Loading {len(users)} Entra users")
+    load(
+        neo4j_session,
+        EntraUserSchema(),
+        users,
+        lastupdated=update_tag,
+        TENANT_ID=tenant_id,
+    )
+
+
+def cleanup(neo4j_session: neo4j.Session, common_job_parameters: dict[str, Any]) -> None:
+    GraphJob.from_node_schema(EntraUserSchema(), common_job_parameters).run(neo4j_session)
+
+
+@timeit
+async def sync_entra_users(
+    neo4j_session: neo4j.Session,
+    tenant_id: str,
+    client_id: str,
+    client_secret: str,
+    update_tag: int,
+    common_job_parameters: dict[str, Any],
+) -> None:
+    """
+    Sync Entra users and tenant information
+    :param neo4j_session: Neo4J session for database interface
+    :param tenant_id: Entra tenant ID
+    :param client_id: Entra application client ID
+    :param client_secret: Entra application client secret
+    :param update_tag: Timestamp used to determine data freshness
+    :param common_job_parameters: dict of other job parameters to carry to sub-jobs
+    :return: None
+    """
+    # Initialize Graph client
+    credential = ClientSecretCredential(
+        tenant_id=tenant_id,
+        client_id=client_id,
+        client_secret=client_secret,
+    )
+    client = GraphServiceClient(credential, scopes=['https://graph.microsoft.com/.default'])
+
+    # Get tenant information
+    tenant = await get_tenant(client)
+    users = await get_users(client)
+
+    transformed_users = transform_users(users)
+    transformed_tenant = transform_tenant(tenant, tenant_id)
+
+    load_tenant(neo4j_session, transformed_tenant, update_tag)
+    load_users(neo4j_session, transformed_users, tenant_id, update_tag)
+
+    cleanup(neo4j_session, common_job_parameters)

cartography/intel/kandji/devices.py

@@ -25,10 +25,34 @@ def get(kandji_base_uri: str, kandji_token: str) -> List[Dict[str, Any]]:
         'Authorization': f'Bearer {kandji_token}',
     }
 
+    offset = 0
+    limit = 300
+    params: dict[str, str | int] = {
+        "sort": "serial_number",
+        "limit": limit,
+        "offset": offset,
+    }
+
+    devices: List[Dict[str, Any]] = []
     session = Session()
-    req = session.get(api_endpoint, headers=headers, timeout=_TIMEOUT)
-    req.raise_for_status()
-    return req.json()
+    while True:
+        logger.debug("Kandji device offset: %s", offset)
+
+        params["offset"] = offset
+        response = session.get(api_endpoint, headers=headers, timeout=_TIMEOUT, params=params)
+        response.raise_for_status()
+
+        result = response.json()
+        # If no more result, we are done
+        if len(result) == 0:
+            break
+
+        devices.extend(result)
+
+        offset += limit
+
+    logger.debug("Kandji device count: %d", len(devices))
+    return devices
 
 
 @timeit

cartography/models/aws/ec2/load_balancer_listeners.py

@@ -0,0 +1,68 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class ELBListenerNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('id')
+    port: PropertyRef = PropertyRef('port')
+    protocol: PropertyRef = PropertyRef('protocol')
+    instance_port: PropertyRef = PropertyRef('instance_port')
+    instance_protocol: PropertyRef = PropertyRef('instance_protocol')
+    policy_names: PropertyRef = PropertyRef('policy_names')
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ELBListenerToLoadBalancerRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ELBListenerToLoadBalancer(CartographyRelSchema):
+    target_node_label: str = 'LoadBalancer'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('LoadBalancerId')},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "ELB_LISTENER"
+    properties: ELBListenerToLoadBalancerRelProperties = ELBListenerToLoadBalancerRelProperties()
+
+
+@dataclass(frozen=True)
+class ELBListenerToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ELBListenerToAWSAccount(CartographyRelSchema):
+    target_node_label: str = 'AWSAccount'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: ELBListenerToAWSAccountRelProperties = ELBListenerToAWSAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class ELBListenerSchema(CartographyNodeSchema):
+    label: str = 'ELBListener'
+    properties: ELBListenerNodeProperties = ELBListenerNodeProperties()
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(['Endpoint'])
+    sub_resource_relationship: ELBListenerToAWSAccount = ELBListenerToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            ELBListenerToLoadBalancer(),
+        ],
+    )

cartography/models/aws/ec2/load_balancers.py

@@ -0,0 +1,102 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class LoadBalancerNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('id')
+    name: PropertyRef = PropertyRef('name')
+    dnsname: PropertyRef = PropertyRef('dnsname', extra_index=True)
+    canonicalhostedzonename: PropertyRef = PropertyRef('canonicalhostedzonename')
+    canonicalhostedzonenameid: PropertyRef = PropertyRef('canonicalhostedzonenameid')
+    scheme: PropertyRef = PropertyRef('scheme')
+    region: PropertyRef = PropertyRef('Region', set_in_kwargs=True)
+    createdtime: PropertyRef = PropertyRef('createdtime')
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class LoadBalancerToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class LoadBalancerToAWSAccount(CartographyRelSchema):
+    target_node_label: str = 'AWSAccount'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: LoadBalancerToAWSAccountRelProperties = LoadBalancerToAWSAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class LoadBalancerToSecurityGroupRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class LoadBalancerToSourceSecurityGroup(CartographyRelSchema):
+    target_node_label: str = 'EC2SecurityGroup'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'name': PropertyRef('GROUP_NAME')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "SOURCE_SECURITY_GROUP"
+    properties: LoadBalancerToSecurityGroupRelProperties = LoadBalancerToSecurityGroupRelProperties()
+
+
+@dataclass(frozen=True)
+class LoadBalancerToEC2SecurityGroupRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class LoadBalancerToEC2SecurityGroup(CartographyRelSchema):
+    target_node_label: str = 'EC2SecurityGroup'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'groupid': PropertyRef('GROUP_IDS', one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "MEMBER_OF_EC2_SECURITY_GROUP"
+    properties: LoadBalancerToEC2SecurityGroupRelProperties = LoadBalancerToEC2SecurityGroupRelProperties()
+
+
+@dataclass(frozen=True)
+class LoadBalancerToEC2InstanceRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class LoadBalancerToEC2Instance(CartographyRelSchema):
+    target_node_label: str = 'EC2Instance'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'instanceid': PropertyRef('INSTANCE_IDS', one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "EXPOSE"
+    properties: LoadBalancerToEC2InstanceRelProperties = LoadBalancerToEC2InstanceRelProperties()
+
+
+@dataclass(frozen=True)
+class LoadBalancerSchema(CartographyNodeSchema):
+    label: str = 'LoadBalancer'
+    properties: LoadBalancerNodeProperties = LoadBalancerNodeProperties()
+    sub_resource_relationship: LoadBalancerToAWSAccount = LoadBalancerToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            LoadBalancerToSourceSecurityGroup(),
+            LoadBalancerToEC2SecurityGroup(),
+            LoadBalancerToEC2Instance(),
+        ],
+    )

cartography/models/aws/ec2/route_table_associations.py

@@ -0,0 +1,87 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef('id')
+    route_table_association_id: PropertyRef = PropertyRef('id', extra_index=True)
+    target: PropertyRef = PropertyRef('_target')
+    gateway_id: PropertyRef = PropertyRef('gateway_id')
+    main: PropertyRef = PropertyRef('main')
+    route_table_id: PropertyRef = PropertyRef('route_table_id')
+    subnet_id: PropertyRef = PropertyRef('subnet_id')
+    association_state: PropertyRef = PropertyRef('association_state')
+    association_state_message: PropertyRef = PropertyRef('association_state_message')
+    region: PropertyRef = PropertyRef('Region', set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationToAWSAccount(CartographyRelSchema):
+    target_node_label: str = 'AWSAccount'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: RouteTableAssociationToAwsAccountRelProperties = RouteTableAssociationToAwsAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationToSubnetRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationToSubnet(CartographyRelSchema):
+    target_node_label: str = 'EC2Subnet'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'subnetid': PropertyRef('subnet_id')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ASSOCIATED_SUBNET"
+    properties: RouteTableAssociationToSubnetRelProperties = RouteTableAssociationToSubnetRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationToIgwRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationToIgw(CartographyRelSchema):
+    target_node_label: str = 'AWSInternetGateway'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('gateway_id')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ASSOCIATED_IGW_FOR_INGRESS"
+    properties: RouteTableAssociationToIgwRelProperties = RouteTableAssociationToIgwRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableAssociationSchema(CartographyNodeSchema):
+    label: str = 'EC2RouteTableAssociation'
+    properties: RouteTableAssociationNodeProperties = RouteTableAssociationNodeProperties()
+    sub_resource_relationship: RouteTableAssociationToAWSAccount = RouteTableAssociationToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            RouteTableAssociationToSubnet(),
+            RouteTableAssociationToIgw(),
+        ],
+    )

cartography/models/aws/ec2/route_tables.py

@@ -0,0 +1,121 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class RouteTableNodeProperties(CartographyNodeProperties):
+    """
+    Schema describing a RouteTable.
+    """
+    id: PropertyRef = PropertyRef('id')
+    route_table_id: PropertyRef = PropertyRef('route_table_id', extra_index=True)
+    owner_id: PropertyRef = PropertyRef('owner_id')
+    vpc_id: PropertyRef = PropertyRef('VpcId')
+    region: PropertyRef = PropertyRef('Region', set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    main: PropertyRef = PropertyRef('main')
+
+
+@dataclass(frozen=True)
+class RouteTableToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableToAWSAccount(CartographyRelSchema):
+    target_node_label: str = 'AWSAccount'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: RouteTableToAwsAccountRelProperties = RouteTableToAwsAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableToVpcRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableToVpc(CartographyRelSchema):
+    target_node_label: str = 'AWSVpc'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('vpc_id')},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "MEMBER_OF_AWS_VPC"
+    properties: RouteTableToVpcRelProperties = RouteTableToVpcRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableToRouteRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableToRoute(CartographyRelSchema):
+    target_node_label: str = 'EC2Route'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('RouteIds', one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ROUTE"
+    properties: RouteTableToRouteRelProperties = RouteTableToRouteRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableToAssociationRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class RouteTableToAssociation(CartographyRelSchema):
+    target_node_label: str = 'EC2RouteTableAssociation'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('RouteTableAssociationIds', one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ASSOCIATION"
+    properties: RouteTableToAssociationRelProperties = RouteTableToAssociationRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableToVpnGatewayRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+
+
+# TODO implement AWSVpnGateways
+@dataclass(frozen=True)
+class RouteTableToVpnGateway(CartographyRelSchema):
+    target_node_label: str = 'AWSVpnGateway'
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {'id': PropertyRef('VpnGatewayIds', one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "CONNECTED_TO"
+    properties: RouteTableToVpnGatewayRelProperties = RouteTableToVpnGatewayRelProperties()
+
+
+@dataclass(frozen=True)
+class RouteTableSchema(CartographyNodeSchema):
+    label: str = 'EC2RouteTable'
+    properties: RouteTableNodeProperties = RouteTableNodeProperties()
+    sub_resource_relationship: RouteTableToAWSAccount = RouteTableToAWSAccount()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            RouteTableToVpc(),
+            RouteTableToRoute(),
+            RouteTableToAssociation(),
+            RouteTableToVpnGateway(),
+        ],
+    )