cartography 0.102.0rc1__py3-none-any.whl → 0.103.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of cartography might be problematic. Click here for more details.
- cartography/__main__.py +1 -2
- cartography/_version.py +2 -2
- cartography/cli.py +376 -249
- cartography/client/core/tx.py +39 -18
- cartography/config.py +28 -0
- cartography/driftdetect/__main__.py +1 -2
- cartography/driftdetect/add_shortcut.py +10 -2
- cartography/driftdetect/cli.py +71 -75
- cartography/driftdetect/detect_deviations.py +7 -3
- cartography/driftdetect/get_states.py +20 -8
- cartography/driftdetect/model.py +5 -5
- cartography/driftdetect/serializers.py +8 -6
- cartography/driftdetect/storage.py +2 -2
- cartography/graph/cleanupbuilder.py +35 -15
- cartography/graph/job.py +46 -17
- cartography/graph/querybuilder.py +165 -80
- cartography/graph/statement.py +35 -26
- cartography/intel/analysis.py +4 -1
- cartography/intel/aws/__init__.py +114 -55
- cartography/intel/aws/apigateway.py +134 -63
- cartography/intel/aws/cloudtrail.py +127 -0
- cartography/intel/aws/cloudwatch.py +93 -0
- cartography/intel/aws/config.py +56 -20
- cartography/intel/aws/dynamodb.py +108 -40
- cartography/intel/aws/ec2/__init__.py +2 -2
- cartography/intel/aws/ec2/auto_scaling_groups.py +181 -78
- cartography/intel/aws/ec2/elastic_ip_addresses.py +41 -13
- cartography/intel/aws/ec2/images.py +49 -20
- cartography/intel/aws/ec2/instances.py +234 -136
- cartography/intel/aws/ec2/internet_gateways.py +40 -11
- cartography/intel/aws/ec2/key_pairs.py +44 -20
- cartography/intel/aws/ec2/launch_templates.py +101 -59
- cartography/intel/aws/ec2/load_balancer_v2s.py +104 -39
- cartography/intel/aws/ec2/load_balancers.py +82 -42
- cartography/intel/aws/ec2/network_acls.py +89 -65
- cartography/intel/aws/ec2/network_interfaces.py +146 -87
- cartography/intel/aws/ec2/reserved_instances.py +45 -16
- cartography/intel/aws/ec2/route_tables.py +327 -0
- cartography/intel/aws/ec2/security_groups.py +71 -21
- cartography/intel/aws/ec2/snapshots.py +61 -22
- cartography/intel/aws/ec2/subnets.py +54 -18
- cartography/intel/aws/ec2/tgw.py +100 -34
- cartography/intel/aws/ec2/util.py +1 -1
- cartography/intel/aws/ec2/volumes.py +69 -41
- cartography/intel/aws/ec2/vpc.py +37 -12
- cartography/intel/aws/ec2/vpc_peerings.py +83 -24
- cartography/intel/aws/ecr.py +88 -32
- cartography/intel/aws/ecs.py +83 -47
- cartography/intel/aws/efs.py +93 -0
- cartography/intel/aws/eks.py +55 -29
- cartography/intel/aws/elasticache.py +42 -18
- cartography/intel/aws/elasticsearch.py +57 -20
- cartography/intel/aws/emr.py +61 -23
- cartography/intel/aws/iam.py +401 -145
- cartography/intel/aws/iam_instance_profiles.py +22 -22
- cartography/intel/aws/identitycenter.py +71 -37
- cartography/intel/aws/inspector.py +159 -89
- cartography/intel/aws/kms.py +92 -38
- cartography/intel/aws/lambda_function.py +103 -34
- cartography/intel/aws/organizations.py +30 -10
- cartography/intel/aws/permission_relationships.py +133 -51
- cartography/intel/aws/rds.py +249 -85
- cartography/intel/aws/redshift.py +107 -46
- cartography/intel/aws/resourcegroupstaggingapi.py +120 -66
- cartography/intel/aws/resources.py +57 -44
- cartography/intel/aws/route53.py +108 -61
- cartography/intel/aws/s3.py +168 -83
- cartography/intel/aws/s3accountpublicaccessblock.py +157 -0
- cartography/intel/aws/secretsmanager.py +24 -12
- cartography/intel/aws/securityhub.py +20 -9
- cartography/intel/aws/sns.py +166 -0
- cartography/intel/aws/sqs.py +60 -28
- cartography/intel/aws/ssm.py +70 -30
- cartography/intel/aws/util/arns.py +7 -7
- cartography/intel/aws/util/common.py +31 -4
- cartography/intel/azure/__init__.py +78 -19
- cartography/intel/azure/compute.py +101 -27
- cartography/intel/azure/cosmosdb.py +496 -170
- cartography/intel/azure/sql.py +296 -105
- cartography/intel/azure/storage.py +322 -113
- cartography/intel/azure/subscription.py +39 -23
- cartography/intel/azure/tenant.py +13 -4
- cartography/intel/azure/util/credentials.py +95 -55
- cartography/intel/bigfix/__init__.py +2 -2
- cartography/intel/bigfix/computers.py +93 -65
- cartography/intel/cloudflare/__init__.py +74 -0
- cartography/intel/cloudflare/accounts.py +57 -0
- cartography/intel/cloudflare/dnsrecords.py +64 -0
- cartography/intel/cloudflare/members.py +75 -0
- cartography/intel/cloudflare/roles.py +65 -0
- cartography/intel/cloudflare/zones.py +64 -0
- cartography/intel/create_indexes.py +3 -2
- cartography/intel/crowdstrike/__init__.py +11 -9
- cartography/intel/crowdstrike/endpoints.py +5 -1
- cartography/intel/crowdstrike/spotlight.py +8 -3
- cartography/intel/cve/__init__.py +46 -13
- cartography/intel/cve/feed.py +48 -12
- cartography/intel/digitalocean/__init__.py +22 -13
- cartography/intel/digitalocean/compute.py +75 -108
- cartography/intel/digitalocean/management.py +44 -80
- cartography/intel/digitalocean/platform.py +48 -43
- cartography/intel/dns.py +36 -10
- cartography/intel/duo/__init__.py +21 -16
- cartography/intel/duo/api_host.py +14 -9
- cartography/intel/duo/endpoints.py +50 -45
- cartography/intel/duo/groups.py +18 -14
- cartography/intel/duo/phones.py +37 -34
- cartography/intel/duo/tokens.py +26 -23
- cartography/intel/duo/users.py +54 -50
- cartography/intel/duo/web_authn_credentials.py +30 -25
- cartography/intel/entra/__init__.py +25 -7
- cartography/intel/entra/ou.py +112 -0
- cartography/intel/entra/users.py +69 -63
- cartography/intel/gcp/__init__.py +185 -49
- cartography/intel/gcp/compute.py +418 -231
- cartography/intel/gcp/crm.py +96 -43
- cartography/intel/gcp/dns.py +60 -19
- cartography/intel/gcp/gke.py +72 -38
- cartography/intel/gcp/iam.py +61 -41
- cartography/intel/gcp/storage.py +84 -55
- cartography/intel/github/__init__.py +13 -11
- cartography/intel/github/repos.py +270 -137
- cartography/intel/github/teams.py +170 -88
- cartography/intel/github/users.py +70 -39
- cartography/intel/github/util.py +36 -34
- cartography/intel/gsuite/__init__.py +47 -26
- cartography/intel/gsuite/api.py +73 -30
- cartography/intel/jamf/__init__.py +19 -1
- cartography/intel/jamf/computers.py +30 -7
- cartography/intel/jamf/util.py +7 -2
- cartography/intel/kandji/__init__.py +6 -3
- cartography/intel/kandji/devices.py +14 -8
- cartography/intel/kubernetes/namespaces.py +7 -4
- cartography/intel/kubernetes/pods.py +7 -4
- cartography/intel/kubernetes/services.py +8 -4
- cartography/intel/lastpass/__init__.py +2 -2
- cartography/intel/lastpass/users.py +23 -12
- cartography/intel/oci/__init__.py +44 -11
- cartography/intel/oci/iam.py +134 -38
- cartography/intel/oci/organizations.py +13 -6
- cartography/intel/oci/utils.py +43 -20
- cartography/intel/okta/__init__.py +66 -15
- cartography/intel/okta/applications.py +42 -20
- cartography/intel/okta/awssaml.py +93 -33
- cartography/intel/okta/factors.py +16 -4
- cartography/intel/okta/groups.py +56 -29
- cartography/intel/okta/organization.py +5 -1
- cartography/intel/okta/origins.py +6 -2
- cartography/intel/okta/roles.py +15 -5
- cartography/intel/okta/users.py +20 -8
- cartography/intel/okta/utils.py +6 -4
- cartography/intel/openai/__init__.py +86 -0
- cartography/intel/openai/adminapikeys.py +90 -0
- cartography/intel/openai/apikeys.py +96 -0
- cartography/intel/openai/projects.py +94 -0
- cartography/intel/openai/serviceaccounts.py +82 -0
- cartography/intel/openai/users.py +78 -0
- cartography/intel/openai/util.py +29 -0
- cartography/intel/pagerduty/__init__.py +8 -7
- cartography/intel/pagerduty/escalation_policies.py +18 -6
- cartography/intel/pagerduty/schedules.py +12 -4
- cartography/intel/pagerduty/services.py +11 -4
- cartography/intel/pagerduty/teams.py +8 -3
- cartography/intel/pagerduty/users.py +3 -1
- cartography/intel/pagerduty/vendors.py +3 -1
- cartography/intel/semgrep/__init__.py +24 -6
- cartography/intel/semgrep/dependencies.py +50 -28
- cartography/intel/semgrep/deployment.py +3 -1
- cartography/intel/semgrep/findings.py +42 -18
- cartography/intel/snipeit/__init__.py +17 -3
- cartography/intel/snipeit/asset.py +12 -6
- cartography/intel/snipeit/user.py +8 -5
- cartography/intel/snipeit/util.py +9 -4
- cartography/intel/tailscale/__init__.py +77 -0
- cartography/intel/tailscale/acls.py +146 -0
- cartography/intel/tailscale/devices.py +127 -0
- cartography/intel/tailscale/postureintegrations.py +81 -0
- cartography/intel/tailscale/tailnets.py +76 -0
- cartography/intel/tailscale/users.py +80 -0
- cartography/intel/tailscale/utils.py +132 -0
- cartography/models/aws/apigateway.py +21 -17
- cartography/models/aws/apigatewaycertificate.py +28 -22
- cartography/models/aws/apigatewayresource.py +28 -20
- cartography/models/aws/apigatewaystage.py +33 -25
- cartography/models/aws/cloudtrail/__init__.py +0 -0
- cartography/models/aws/cloudtrail/trail.py +61 -0
- cartography/models/aws/cloudwatch/__init__.py +0 -0
- cartography/models/aws/cloudwatch/loggroup.py +52 -0
- cartography/models/aws/dynamodb/gsi.py +30 -22
- cartography/models/aws/dynamodb/tables.py +25 -17
- cartography/models/aws/ec2/auto_scaling_groups.py +102 -82
- cartography/models/aws/ec2/images.py +36 -34
- cartography/models/aws/ec2/instances.py +51 -45
- cartography/models/aws/ec2/keypair.py +21 -16
- cartography/models/aws/ec2/keypair_instance.py +28 -21
- cartography/models/aws/ec2/launch_configurations.py +30 -26
- cartography/models/aws/ec2/launch_template_versions.py +48 -38
- cartography/models/aws/ec2/launch_templates.py +21 -17
- cartography/models/aws/ec2/load_balancer_listeners.py +27 -23
- cartography/models/aws/ec2/load_balancers.py +47 -37
- cartography/models/aws/ec2/network_acl_rules.py +38 -30
- cartography/models/aws/ec2/network_acls.py +38 -29
- cartography/models/aws/ec2/networkinterface_instance.py +52 -39
- cartography/models/aws/ec2/networkinterfaces.py +53 -37
- cartography/models/aws/ec2/privateip_networkinterface.py +32 -22
- cartography/models/aws/ec2/reservations.py +18 -14
- cartography/models/aws/ec2/route_table_associations.py +97 -0
- cartography/models/aws/ec2/route_tables.py +128 -0
- cartography/models/aws/ec2/routes.py +85 -0
- cartography/models/aws/ec2/securitygroup_instance.py +29 -20
- cartography/models/aws/ec2/securitygroup_networkinterface.py +24 -15
- cartography/models/aws/ec2/subnet_instance.py +24 -19
- cartography/models/aws/ec2/subnet_networkinterface.py +40 -31
- cartography/models/aws/ec2/volumes.py +47 -40
- cartography/models/aws/efs/__init__.py +0 -0
- cartography/models/aws/efs/mount_target.py +52 -0
- cartography/models/aws/eks/clusters.py +23 -21
- cartography/models/aws/emr.py +32 -30
- cartography/models/aws/iam/instanceprofile.py +33 -24
- cartography/models/aws/identitycenter/awsidentitycenter.py +18 -14
- cartography/models/aws/identitycenter/awspermissionset.py +37 -29
- cartography/models/aws/identitycenter/awsssouser.py +23 -21
- cartography/models/aws/inspector/findings.py +77 -65
- cartography/models/aws/inspector/packages.py +35 -29
- cartography/models/aws/s3/__init__.py +0 -0
- cartography/models/aws/s3/account_public_access_block.py +51 -0
- cartography/models/aws/sns/__init__.py +0 -0
- cartography/models/aws/sns/topic.py +50 -0
- cartography/models/aws/ssm/instance_information.py +51 -39
- cartography/models/aws/ssm/instance_patch.py +32 -26
- cartography/models/bigfix/bigfix_computer.py +42 -38
- cartography/models/bigfix/bigfix_root.py +3 -3
- cartography/models/cloudflare/__init__.py +0 -0
- cartography/models/cloudflare/account.py +25 -0
- cartography/models/cloudflare/dnsrecord.py +55 -0
- cartography/models/cloudflare/member.py +82 -0
- cartography/models/cloudflare/role.py +44 -0
- cartography/models/cloudflare/zone.py +59 -0
- cartography/models/core/common.py +12 -10
- cartography/models/core/nodes.py +5 -2
- cartography/models/core/relationships.py +14 -6
- cartography/models/crowdstrike/hosts.py +37 -35
- cartography/models/cve/cve.py +34 -32
- cartography/models/cve/cve_feed.py +6 -6
- cartography/models/digitalocean/__init__.py +0 -0
- cartography/models/digitalocean/account.py +21 -0
- cartography/models/digitalocean/droplet.py +56 -0
- cartography/models/digitalocean/project.py +48 -0
- cartography/models/duo/api_host.py +3 -3
- cartography/models/duo/endpoint.py +43 -41
- cartography/models/duo/group.py +14 -14
- cartography/models/duo/phone.py +27 -27
- cartography/models/duo/token.py +16 -16
- cartography/models/duo/user.py +46 -44
- cartography/models/duo/web_authn_credential.py +27 -19
- cartography/models/entra/ou.py +48 -0
- cartography/models/entra/tenant.py +24 -18
- cartography/models/entra/user.py +64 -48
- cartography/models/gcp/iam.py +23 -23
- cartography/models/github/orgs.py +5 -4
- cartography/models/github/teams.py +37 -31
- cartography/models/github/users.py +34 -23
- cartography/models/kandji/device.py +22 -16
- cartography/models/kandji/tenant.py +6 -4
- cartography/models/lastpass/tenant.py +3 -3
- cartography/models/lastpass/user.py +32 -28
- cartography/models/openai/__init__.py +0 -0
- cartography/models/openai/adminapikey.py +90 -0
- cartography/models/openai/apikey.py +84 -0
- cartography/models/openai/organization.py +17 -0
- cartography/models/openai/project.py +70 -0
- cartography/models/openai/serviceaccount.py +50 -0
- cartography/models/openai/user.py +49 -0
- cartography/models/semgrep/dependencies.py +36 -24
- cartography/models/semgrep/deployment.py +5 -5
- cartography/models/semgrep/findings.py +58 -42
- cartography/models/semgrep/locations.py +27 -21
- cartography/models/snipeit/asset.py +30 -21
- cartography/models/snipeit/tenant.py +6 -4
- cartography/models/snipeit/user.py +19 -12
- cartography/models/tailscale/__init__.py +0 -0
- cartography/models/tailscale/device.py +95 -0
- cartography/models/tailscale/group.py +86 -0
- cartography/models/tailscale/postureintegration.py +58 -0
- cartography/models/tailscale/tag.py +102 -0
- cartography/models/tailscale/tailnet.py +29 -0
- cartography/models/tailscale/user.py +52 -0
- cartography/stats.py +3 -3
- cartography/sync.py +113 -31
- cartography/util.py +84 -62
- {cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/METADATA +8 -15
- cartography-0.103.0.dist-info/RECORD +442 -0
- {cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/WHEEL +1 -1
- cartography-0.102.0rc1.dist-info/RECORD +0 -377
- {cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/entry_points.txt +0 -0
- {cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/licenses/LICENSE +0 -0
- {cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/top_level.txt +0 -0
|
@@ -5,6 +5,9 @@ from typing import Optional
|
|
|
5
5
|
|
|
6
6
|
import neo4j
|
|
7
7
|
|
|
8
|
+
from cartography.config import Config
|
|
9
|
+
from cartography.util import timeit
|
|
10
|
+
|
|
8
11
|
from . import compute
|
|
9
12
|
from . import cosmosdb
|
|
10
13
|
from . import sql
|
|
@@ -13,24 +16,52 @@ from . import subscription
|
|
|
13
16
|
from . import tenant
|
|
14
17
|
from .util.credentials import Authenticator
|
|
15
18
|
from .util.credentials import Credentials
|
|
16
|
-
from cartography.config import Config
|
|
17
|
-
from cartography.util import timeit
|
|
18
19
|
|
|
19
20
|
logger = logging.getLogger(__name__)
|
|
20
21
|
|
|
21
22
|
|
|
22
23
|
def _sync_one_subscription(
|
|
23
|
-
neo4j_session: neo4j.Session,
|
|
24
|
+
neo4j_session: neo4j.Session,
|
|
25
|
+
credentials: Credentials,
|
|
26
|
+
subscription_id: str,
|
|
27
|
+
update_tag: int,
|
|
24
28
|
common_job_parameters: Dict,
|
|
25
29
|
) -> None:
|
|
26
|
-
compute.sync(
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
+
compute.sync(
|
|
31
|
+
neo4j_session,
|
|
32
|
+
credentials.arm_credentials,
|
|
33
|
+
subscription_id,
|
|
34
|
+
update_tag,
|
|
35
|
+
common_job_parameters,
|
|
36
|
+
)
|
|
37
|
+
cosmosdb.sync(
|
|
38
|
+
neo4j_session,
|
|
39
|
+
credentials.arm_credentials,
|
|
40
|
+
subscription_id,
|
|
41
|
+
update_tag,
|
|
42
|
+
common_job_parameters,
|
|
43
|
+
)
|
|
44
|
+
sql.sync(
|
|
45
|
+
neo4j_session,
|
|
46
|
+
credentials.arm_credentials,
|
|
47
|
+
subscription_id,
|
|
48
|
+
update_tag,
|
|
49
|
+
common_job_parameters,
|
|
50
|
+
)
|
|
51
|
+
storage.sync(
|
|
52
|
+
neo4j_session,
|
|
53
|
+
credentials.arm_credentials,
|
|
54
|
+
subscription_id,
|
|
55
|
+
update_tag,
|
|
56
|
+
common_job_parameters,
|
|
57
|
+
)
|
|
30
58
|
|
|
31
59
|
|
|
32
60
|
def _sync_tenant(
|
|
33
|
-
neo4j_session: neo4j.Session,
|
|
61
|
+
neo4j_session: neo4j.Session,
|
|
62
|
+
tenant_id: str,
|
|
63
|
+
current_user: Optional[str],
|
|
64
|
+
update_tag: int,
|
|
34
65
|
common_job_parameters: Dict,
|
|
35
66
|
) -> None:
|
|
36
67
|
logger.info("Syncing Azure Tenant: %s", tenant_id)
|
|
@@ -38,18 +69,34 @@ def _sync_tenant(
|
|
|
38
69
|
|
|
39
70
|
|
|
40
71
|
def _sync_multiple_subscriptions(
|
|
41
|
-
neo4j_session: neo4j.Session,
|
|
42
|
-
|
|
72
|
+
neo4j_session: neo4j.Session,
|
|
73
|
+
credentials: Credentials,
|
|
74
|
+
tenant_id: str,
|
|
75
|
+
subscriptions: List[Dict],
|
|
76
|
+
update_tag: int,
|
|
77
|
+
common_job_parameters: Dict,
|
|
43
78
|
) -> None:
|
|
44
79
|
logger.info("Syncing Azure subscriptions")
|
|
45
80
|
|
|
46
|
-
subscription.sync(
|
|
81
|
+
subscription.sync(
|
|
82
|
+
neo4j_session,
|
|
83
|
+
tenant_id,
|
|
84
|
+
subscriptions,
|
|
85
|
+
update_tag,
|
|
86
|
+
common_job_parameters,
|
|
87
|
+
)
|
|
47
88
|
|
|
48
89
|
for sub in subscriptions:
|
|
49
|
-
logger.info("Syncing Azure Subscription with ID '%s'", sub[
|
|
50
|
-
common_job_parameters[
|
|
51
|
-
|
|
52
|
-
_sync_one_subscription(
|
|
90
|
+
logger.info("Syncing Azure Subscription with ID '%s'", sub["subscriptionId"])
|
|
91
|
+
common_job_parameters["AZURE_SUBSCRIPTION_ID"] = sub["subscriptionId"]
|
|
92
|
+
|
|
93
|
+
_sync_one_subscription(
|
|
94
|
+
neo4j_session,
|
|
95
|
+
credentials,
|
|
96
|
+
sub["subscriptionId"],
|
|
97
|
+
update_tag,
|
|
98
|
+
common_job_parameters,
|
|
99
|
+
)
|
|
53
100
|
|
|
54
101
|
del common_job_parameters["AZURE_SUBSCRIPTION_ID"]
|
|
55
102
|
|
|
@@ -64,7 +111,9 @@ def start_azure_ingestion(neo4j_session: neo4j.Session, config: Config) -> None:
|
|
|
64
111
|
try:
|
|
65
112
|
if config.azure_sp_auth:
|
|
66
113
|
credentials = Authenticator().authenticate_sp(
|
|
67
|
-
config.azure_tenant_id,
|
|
114
|
+
config.azure_tenant_id,
|
|
115
|
+
config.azure_client_id,
|
|
116
|
+
config.azure_client_secret,
|
|
68
117
|
)
|
|
69
118
|
else:
|
|
70
119
|
credentials = Authenticator().authenticate_cli()
|
|
@@ -80,7 +129,10 @@ def start_azure_ingestion(neo4j_session: neo4j.Session, config: Config) -> None:
|
|
|
80
129
|
return
|
|
81
130
|
|
|
82
131
|
_sync_tenant(
|
|
83
|
-
neo4j_session,
|
|
132
|
+
neo4j_session,
|
|
133
|
+
credentials.get_tenant_id(),
|
|
134
|
+
credentials.get_current_user(),
|
|
135
|
+
config.update_tag,
|
|
84
136
|
common_job_parameters,
|
|
85
137
|
)
|
|
86
138
|
|
|
@@ -88,7 +140,10 @@ def start_azure_ingestion(neo4j_session: neo4j.Session, config: Config) -> None:
|
|
|
88
140
|
subscriptions = subscription.get_all_azure_subscriptions(credentials)
|
|
89
141
|
|
|
90
142
|
else:
|
|
91
|
-
subscriptions = subscription.get_current_azure_subscription(
|
|
143
|
+
subscriptions = subscription.get_current_azure_subscription(
|
|
144
|
+
credentials,
|
|
145
|
+
credentials.subscription_id,
|
|
146
|
+
)
|
|
92
147
|
|
|
93
148
|
if not subscriptions:
|
|
94
149
|
logger.warning(
|
|
@@ -97,6 +152,10 @@ def start_azure_ingestion(neo4j_session: neo4j.Session, config: Config) -> None:
|
|
|
97
152
|
return
|
|
98
153
|
|
|
99
154
|
_sync_multiple_subscriptions(
|
|
100
|
-
neo4j_session,
|
|
155
|
+
neo4j_session,
|
|
156
|
+
credentials,
|
|
157
|
+
credentials.get_tenant_id(),
|
|
158
|
+
subscriptions,
|
|
159
|
+
config.update_tag,
|
|
101
160
|
common_job_parameters,
|
|
102
161
|
)
|
|
@@ -6,14 +6,18 @@ import neo4j
|
|
|
6
6
|
from azure.core.exceptions import HttpResponseError
|
|
7
7
|
from azure.mgmt.compute import ComputeManagementClient
|
|
8
8
|
|
|
9
|
-
from .util.credentials import Credentials
|
|
10
9
|
from cartography.util import run_cleanup_job
|
|
11
10
|
from cartography.util import timeit
|
|
12
11
|
|
|
12
|
+
from .util.credentials import Credentials
|
|
13
|
+
|
|
13
14
|
logger = logging.getLogger(__name__)
|
|
14
15
|
|
|
15
16
|
|
|
16
|
-
def get_client(
|
|
17
|
+
def get_client(
|
|
18
|
+
credentials: Credentials,
|
|
19
|
+
subscription_id: str,
|
|
20
|
+
) -> ComputeManagementClient:
|
|
17
21
|
client = ComputeManagementClient(credentials, subscription_id)
|
|
18
22
|
return client
|
|
19
23
|
|
|
@@ -24,8 +28,8 @@ def get_vm_list(credentials: Credentials, subscription_id: str) -> List[Dict]:
|
|
|
24
28
|
vm_list = list(map(lambda x: x.as_dict(), client.virtual_machines.list_all()))
|
|
25
29
|
|
|
26
30
|
for vm in vm_list:
|
|
27
|
-
x = vm[
|
|
28
|
-
vm[
|
|
31
|
+
x = vm["id"].split("/")
|
|
32
|
+
vm["resource_group"] = x[x.index("resourceGroups") + 1]
|
|
29
33
|
|
|
30
34
|
return vm_list
|
|
31
35
|
|
|
@@ -34,7 +38,12 @@ def get_vm_list(credentials: Credentials, subscription_id: str) -> List[Dict]:
|
|
|
34
38
|
return []
|
|
35
39
|
|
|
36
40
|
|
|
37
|
-
def load_vms(
|
|
41
|
+
def load_vms(
|
|
42
|
+
neo4j_session: neo4j.Session,
|
|
43
|
+
subscription_id: str,
|
|
44
|
+
vm_list: List[Dict],
|
|
45
|
+
update_tag: int,
|
|
46
|
+
) -> None:
|
|
38
47
|
ingest_vm = """
|
|
39
48
|
UNWIND $vms AS vm
|
|
40
49
|
MERGE (v:AzureVirtualMachine{id: vm.id})
|
|
@@ -62,11 +71,21 @@ def load_vms(neo4j_session: neo4j.Session, subscription_id: str, vm_list: List[D
|
|
|
62
71
|
)
|
|
63
72
|
|
|
64
73
|
for vm in vm_list:
|
|
65
|
-
if vm.get(
|
|
66
|
-
load_vm_data_disks(
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
74
|
+
if vm.get("storage_profile", {}).get("data_disks"):
|
|
75
|
+
load_vm_data_disks(
|
|
76
|
+
neo4j_session,
|
|
77
|
+
vm["id"],
|
|
78
|
+
vm["storage_profile"]["data_disks"],
|
|
79
|
+
update_tag,
|
|
80
|
+
)
|
|
81
|
+
|
|
82
|
+
|
|
83
|
+
def load_vm_data_disks(
|
|
84
|
+
neo4j_session: neo4j.Session,
|
|
85
|
+
vm_id: str,
|
|
86
|
+
data_disks: List[Dict],
|
|
87
|
+
update_tag: int,
|
|
88
|
+
) -> None:
|
|
70
89
|
ingest_data_disk = """
|
|
71
90
|
UNWIND $disks AS disk
|
|
72
91
|
MERGE (d:AzureDataDisk{id: disk.managed_disk.id})
|
|
@@ -92,8 +111,15 @@ def load_vm_data_disks(neo4j_session: neo4j.Session, vm_id: str, data_disks: Lis
|
|
|
92
111
|
)
|
|
93
112
|
|
|
94
113
|
|
|
95
|
-
def cleanup_virtual_machine(
|
|
96
|
-
|
|
114
|
+
def cleanup_virtual_machine(
|
|
115
|
+
neo4j_session: neo4j.Session,
|
|
116
|
+
common_job_parameters: Dict,
|
|
117
|
+
) -> None:
|
|
118
|
+
run_cleanup_job(
|
|
119
|
+
"azure_import_virtual_machines_cleanup.json",
|
|
120
|
+
neo4j_session,
|
|
121
|
+
common_job_parameters,
|
|
122
|
+
)
|
|
97
123
|
|
|
98
124
|
|
|
99
125
|
def get_disks(credentials: Credentials, subscription_id: str) -> List[Dict]:
|
|
@@ -102,8 +128,8 @@ def get_disks(credentials: Credentials, subscription_id: str) -> List[Dict]:
|
|
|
102
128
|
disk_list = list(map(lambda x: x.as_dict(), client.disks.list()))
|
|
103
129
|
|
|
104
130
|
for disk in disk_list:
|
|
105
|
-
x = disk[
|
|
106
|
-
disk[
|
|
131
|
+
x = disk["id"].split("/")
|
|
132
|
+
disk["resource_group"] = x[x.index("resourceGroups") + 1]
|
|
107
133
|
|
|
108
134
|
return disk_list
|
|
109
135
|
|
|
@@ -112,7 +138,12 @@ def get_disks(credentials: Credentials, subscription_id: str) -> List[Dict]:
|
|
|
112
138
|
return []
|
|
113
139
|
|
|
114
140
|
|
|
115
|
-
def load_disks(
|
|
141
|
+
def load_disks(
|
|
142
|
+
neo4j_session: neo4j.Session,
|
|
143
|
+
subscription_id: str,
|
|
144
|
+
disk_list: List[Dict],
|
|
145
|
+
update_tag: int,
|
|
146
|
+
) -> None:
|
|
116
147
|
ingest_disks = """
|
|
117
148
|
UNWIND $disks AS disk
|
|
118
149
|
MERGE (d:AzureDisk{id: disk.id})
|
|
@@ -140,7 +171,11 @@ def load_disks(neo4j_session: neo4j.Session, subscription_id: str, disk_list: Li
|
|
|
140
171
|
|
|
141
172
|
|
|
142
173
|
def cleanup_disks(neo4j_session: neo4j.Session, common_job_parameters: Dict) -> None:
|
|
143
|
-
run_cleanup_job(
|
|
174
|
+
run_cleanup_job(
|
|
175
|
+
"azure_import_disks_cleanup.json",
|
|
176
|
+
neo4j_session,
|
|
177
|
+
common_job_parameters,
|
|
178
|
+
)
|
|
144
179
|
|
|
145
180
|
|
|
146
181
|
def get_snapshots_list(credentials: Credentials, subscription_id: str) -> List[Dict]:
|
|
@@ -149,8 +184,8 @@ def get_snapshots_list(credentials: Credentials, subscription_id: str) -> List[D
|
|
|
149
184
|
snapshots = list(map(lambda x: x.as_dict(), client.snapshots.list()))
|
|
150
185
|
|
|
151
186
|
for snapshot in snapshots:
|
|
152
|
-
x = snapshot[
|
|
153
|
-
snapshot[
|
|
187
|
+
x = snapshot["id"].split("/")
|
|
188
|
+
snapshot["resource_group"] = x[x.index("resourceGroups") + 1]
|
|
154
189
|
|
|
155
190
|
return snapshots
|
|
156
191
|
|
|
@@ -159,7 +194,12 @@ def get_snapshots_list(credentials: Credentials, subscription_id: str) -> List[D
|
|
|
159
194
|
return []
|
|
160
195
|
|
|
161
196
|
|
|
162
|
-
def load_snapshots(
|
|
197
|
+
def load_snapshots(
|
|
198
|
+
neo4j_session: neo4j.Session,
|
|
199
|
+
subscription_id: str,
|
|
200
|
+
snapshots: List[Dict],
|
|
201
|
+
update_tag: int,
|
|
202
|
+
) -> None:
|
|
163
203
|
ingest_snapshots = """
|
|
164
204
|
UNWIND $snapshots as snapshot
|
|
165
205
|
MERGE (s:AzureSnapshot{id: snapshot.id})
|
|
@@ -186,11 +226,18 @@ def load_snapshots(neo4j_session: neo4j.Session, subscription_id: str, snapshots
|
|
|
186
226
|
|
|
187
227
|
|
|
188
228
|
def cleanup_snapshot(neo4j_session: neo4j.Session, common_job_parameters: Dict) -> None:
|
|
189
|
-
run_cleanup_job(
|
|
229
|
+
run_cleanup_job(
|
|
230
|
+
"azure_import_snapshots_cleanup.json",
|
|
231
|
+
neo4j_session,
|
|
232
|
+
common_job_parameters,
|
|
233
|
+
)
|
|
190
234
|
|
|
191
235
|
|
|
192
236
|
def sync_virtual_machine(
|
|
193
|
-
neo4j_session: neo4j.Session,
|
|
237
|
+
neo4j_session: neo4j.Session,
|
|
238
|
+
credentials: Credentials,
|
|
239
|
+
subscription_id: str,
|
|
240
|
+
update_tag: int,
|
|
194
241
|
common_job_parameters: Dict,
|
|
195
242
|
) -> None:
|
|
196
243
|
vm_list = get_vm_list(credentials, subscription_id)
|
|
@@ -199,7 +246,10 @@ def sync_virtual_machine(
|
|
|
199
246
|
|
|
200
247
|
|
|
201
248
|
def sync_disk(
|
|
202
|
-
neo4j_session: neo4j.Session,
|
|
249
|
+
neo4j_session: neo4j.Session,
|
|
250
|
+
credentials: Credentials,
|
|
251
|
+
subscription_id: str,
|
|
252
|
+
update_tag: int,
|
|
203
253
|
common_job_parameters: Dict,
|
|
204
254
|
) -> None:
|
|
205
255
|
disk_list = get_disks(credentials, subscription_id)
|
|
@@ -208,7 +258,10 @@ def sync_disk(
|
|
|
208
258
|
|
|
209
259
|
|
|
210
260
|
def sync_snapshot(
|
|
211
|
-
neo4j_session: neo4j.Session,
|
|
261
|
+
neo4j_session: neo4j.Session,
|
|
262
|
+
credentials: Credentials,
|
|
263
|
+
subscription_id: str,
|
|
264
|
+
update_tag: int,
|
|
212
265
|
common_job_parameters: Dict,
|
|
213
266
|
) -> None:
|
|
214
267
|
snapshots = get_snapshots_list(credentials, subscription_id)
|
|
@@ -218,11 +271,32 @@ def sync_snapshot(
|
|
|
218
271
|
|
|
219
272
|
@timeit
|
|
220
273
|
def sync(
|
|
221
|
-
neo4j_session: neo4j.Session,
|
|
274
|
+
neo4j_session: neo4j.Session,
|
|
275
|
+
credentials: Credentials,
|
|
276
|
+
subscription_id: str,
|
|
277
|
+
update_tag: int,
|
|
222
278
|
common_job_parameters: Dict,
|
|
223
279
|
) -> None:
|
|
224
280
|
logger.info("Syncing VM for subscription '%s'.", subscription_id)
|
|
225
281
|
|
|
226
|
-
sync_virtual_machine(
|
|
227
|
-
|
|
228
|
-
|
|
282
|
+
sync_virtual_machine(
|
|
283
|
+
neo4j_session,
|
|
284
|
+
credentials,
|
|
285
|
+
subscription_id,
|
|
286
|
+
update_tag,
|
|
287
|
+
common_job_parameters,
|
|
288
|
+
)
|
|
289
|
+
sync_disk(
|
|
290
|
+
neo4j_session,
|
|
291
|
+
credentials,
|
|
292
|
+
subscription_id,
|
|
293
|
+
update_tag,
|
|
294
|
+
common_job_parameters,
|
|
295
|
+
)
|
|
296
|
+
sync_snapshot(
|
|
297
|
+
neo4j_session,
|
|
298
|
+
credentials,
|
|
299
|
+
subscription_id,
|
|
300
|
+
update_tag,
|
|
301
|
+
common_job_parameters,
|
|
302
|
+
)
|