PyPI - cartography - Versions diffs - 0.102.0rc1__py3-none-any.whl → 0.103.0__py3-none-any.whl - Mend

cartography 0.102.0rc1py3-none-any.whl → 0.103.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cartography might be problematic. Click here for more details.

Files changed (297) hide show

cartography/__main__.py +1 -2
cartography/_version.py +2 -2
cartography/cli.py +376 -249
cartography/client/core/tx.py +39 -18
cartography/config.py +28 -0
cartography/driftdetect/__main__.py +1 -2
cartography/driftdetect/add_shortcut.py +10 -2
cartography/driftdetect/cli.py +71 -75
cartography/driftdetect/detect_deviations.py +7 -3
cartography/driftdetect/get_states.py +20 -8
cartography/driftdetect/model.py +5 -5
cartography/driftdetect/serializers.py +8 -6
cartography/driftdetect/storage.py +2 -2
cartography/graph/cleanupbuilder.py +35 -15
cartography/graph/job.py +46 -17
cartography/graph/querybuilder.py +165 -80
cartography/graph/statement.py +35 -26
cartography/intel/analysis.py +4 -1
cartography/intel/aws/__init__.py +114 -55
cartography/intel/aws/apigateway.py +134 -63
cartography/intel/aws/cloudtrail.py +127 -0
cartography/intel/aws/cloudwatch.py +93 -0
cartography/intel/aws/config.py +56 -20
cartography/intel/aws/dynamodb.py +108 -40
cartography/intel/aws/ec2/__init__.py +2 -2
cartography/intel/aws/ec2/auto_scaling_groups.py +181 -78
cartography/intel/aws/ec2/elastic_ip_addresses.py +41 -13
cartography/intel/aws/ec2/images.py +49 -20
cartography/intel/aws/ec2/instances.py +234 -136
cartography/intel/aws/ec2/internet_gateways.py +40 -11
cartography/intel/aws/ec2/key_pairs.py +44 -20
cartography/intel/aws/ec2/launch_templates.py +101 -59
cartography/intel/aws/ec2/load_balancer_v2s.py +104 -39
cartography/intel/aws/ec2/load_balancers.py +82 -42
cartography/intel/aws/ec2/network_acls.py +89 -65
cartography/intel/aws/ec2/network_interfaces.py +146 -87
cartography/intel/aws/ec2/reserved_instances.py +45 -16
cartography/intel/aws/ec2/route_tables.py +327 -0
cartography/intel/aws/ec2/security_groups.py +71 -21
cartography/intel/aws/ec2/snapshots.py +61 -22
cartography/intel/aws/ec2/subnets.py +54 -18
cartography/intel/aws/ec2/tgw.py +100 -34
cartography/intel/aws/ec2/util.py +1 -1
cartography/intel/aws/ec2/volumes.py +69 -41
cartography/intel/aws/ec2/vpc.py +37 -12
cartography/intel/aws/ec2/vpc_peerings.py +83 -24
cartography/intel/aws/ecr.py +88 -32
cartography/intel/aws/ecs.py +83 -47
cartography/intel/aws/efs.py +93 -0
cartography/intel/aws/eks.py +55 -29
cartography/intel/aws/elasticache.py +42 -18
cartography/intel/aws/elasticsearch.py +57 -20
cartography/intel/aws/emr.py +61 -23
cartography/intel/aws/iam.py +401 -145
cartography/intel/aws/iam_instance_profiles.py +22 -22
cartography/intel/aws/identitycenter.py +71 -37
cartography/intel/aws/inspector.py +159 -89
cartography/intel/aws/kms.py +92 -38
cartography/intel/aws/lambda_function.py +103 -34
cartography/intel/aws/organizations.py +30 -10
cartography/intel/aws/permission_relationships.py +133 -51
cartography/intel/aws/rds.py +249 -85
cartography/intel/aws/redshift.py +107 -46
cartography/intel/aws/resourcegroupstaggingapi.py +120 -66
cartography/intel/aws/resources.py +57 -44
cartography/intel/aws/route53.py +108 -61
cartography/intel/aws/s3.py +168 -83
cartography/intel/aws/s3accountpublicaccessblock.py +157 -0
cartography/intel/aws/secretsmanager.py +24 -12
cartography/intel/aws/securityhub.py +20 -9
cartography/intel/aws/sns.py +166 -0
cartography/intel/aws/sqs.py +60 -28
cartography/intel/aws/ssm.py +70 -30
cartography/intel/aws/util/arns.py +7 -7
cartography/intel/aws/util/common.py +31 -4
cartography/intel/azure/__init__.py +78 -19
cartography/intel/azure/compute.py +101 -27
cartography/intel/azure/cosmosdb.py +496 -170
cartography/intel/azure/sql.py +296 -105
cartography/intel/azure/storage.py +322 -113
cartography/intel/azure/subscription.py +39 -23
cartography/intel/azure/tenant.py +13 -4
cartography/intel/azure/util/credentials.py +95 -55
cartography/intel/bigfix/__init__.py +2 -2
cartography/intel/bigfix/computers.py +93 -65
cartography/intel/cloudflare/__init__.py +74 -0
cartography/intel/cloudflare/accounts.py +57 -0
cartography/intel/cloudflare/dnsrecords.py +64 -0
cartography/intel/cloudflare/members.py +75 -0
cartography/intel/cloudflare/roles.py +65 -0
cartography/intel/cloudflare/zones.py +64 -0
cartography/intel/create_indexes.py +3 -2
cartography/intel/crowdstrike/__init__.py +11 -9
cartography/intel/crowdstrike/endpoints.py +5 -1
cartography/intel/crowdstrike/spotlight.py +8 -3
cartography/intel/cve/__init__.py +46 -13
cartography/intel/cve/feed.py +48 -12
cartography/intel/digitalocean/__init__.py +22 -13
cartography/intel/digitalocean/compute.py +75 -108
cartography/intel/digitalocean/management.py +44 -80
cartography/intel/digitalocean/platform.py +48 -43
cartography/intel/dns.py +36 -10
cartography/intel/duo/__init__.py +21 -16
cartography/intel/duo/api_host.py +14 -9
cartography/intel/duo/endpoints.py +50 -45
cartography/intel/duo/groups.py +18 -14
cartography/intel/duo/phones.py +37 -34
cartography/intel/duo/tokens.py +26 -23
cartography/intel/duo/users.py +54 -50
cartography/intel/duo/web_authn_credentials.py +30 -25
cartography/intel/entra/__init__.py +25 -7
cartography/intel/entra/ou.py +112 -0
cartography/intel/entra/users.py +69 -63
cartography/intel/gcp/__init__.py +185 -49
cartography/intel/gcp/compute.py +418 -231
cartography/intel/gcp/crm.py +96 -43
cartography/intel/gcp/dns.py +60 -19
cartography/intel/gcp/gke.py +72 -38
cartography/intel/gcp/iam.py +61 -41
cartography/intel/gcp/storage.py +84 -55
cartography/intel/github/__init__.py +13 -11
cartography/intel/github/repos.py +270 -137
cartography/intel/github/teams.py +170 -88
cartography/intel/github/users.py +70 -39
cartography/intel/github/util.py +36 -34
cartography/intel/gsuite/__init__.py +47 -26
cartography/intel/gsuite/api.py +73 -30
cartography/intel/jamf/__init__.py +19 -1
cartography/intel/jamf/computers.py +30 -7
cartography/intel/jamf/util.py +7 -2
cartography/intel/kandji/__init__.py +6 -3
cartography/intel/kandji/devices.py +14 -8
cartography/intel/kubernetes/namespaces.py +7 -4
cartography/intel/kubernetes/pods.py +7 -4
cartography/intel/kubernetes/services.py +8 -4
cartography/intel/lastpass/__init__.py +2 -2
cartography/intel/lastpass/users.py +23 -12
cartography/intel/oci/__init__.py +44 -11
cartography/intel/oci/iam.py +134 -38
cartography/intel/oci/organizations.py +13 -6
cartography/intel/oci/utils.py +43 -20
cartography/intel/okta/__init__.py +66 -15
cartography/intel/okta/applications.py +42 -20
cartography/intel/okta/awssaml.py +93 -33
cartography/intel/okta/factors.py +16 -4
cartography/intel/okta/groups.py +56 -29
cartography/intel/okta/organization.py +5 -1
cartography/intel/okta/origins.py +6 -2
cartography/intel/okta/roles.py +15 -5
cartography/intel/okta/users.py +20 -8
cartography/intel/okta/utils.py +6 -4
cartography/intel/openai/__init__.py +86 -0
cartography/intel/openai/adminapikeys.py +90 -0
cartography/intel/openai/apikeys.py +96 -0
cartography/intel/openai/projects.py +94 -0
cartography/intel/openai/serviceaccounts.py +82 -0
cartography/intel/openai/users.py +78 -0
cartography/intel/openai/util.py +29 -0
cartography/intel/pagerduty/__init__.py +8 -7
cartography/intel/pagerduty/escalation_policies.py +18 -6
cartography/intel/pagerduty/schedules.py +12 -4
cartography/intel/pagerduty/services.py +11 -4
cartography/intel/pagerduty/teams.py +8 -3
cartography/intel/pagerduty/users.py +3 -1
cartography/intel/pagerduty/vendors.py +3 -1
cartography/intel/semgrep/__init__.py +24 -6
cartography/intel/semgrep/dependencies.py +50 -28
cartography/intel/semgrep/deployment.py +3 -1
cartography/intel/semgrep/findings.py +42 -18
cartography/intel/snipeit/__init__.py +17 -3
cartography/intel/snipeit/asset.py +12 -6
cartography/intel/snipeit/user.py +8 -5
cartography/intel/snipeit/util.py +9 -4
cartography/intel/tailscale/__init__.py +77 -0
cartography/intel/tailscale/acls.py +146 -0
cartography/intel/tailscale/devices.py +127 -0
cartography/intel/tailscale/postureintegrations.py +81 -0
cartography/intel/tailscale/tailnets.py +76 -0
cartography/intel/tailscale/users.py +80 -0
cartography/intel/tailscale/utils.py +132 -0
cartography/models/aws/apigateway.py +21 -17
cartography/models/aws/apigatewaycertificate.py +28 -22
cartography/models/aws/apigatewayresource.py +28 -20
cartography/models/aws/apigatewaystage.py +33 -25
cartography/models/aws/cloudtrail/__init__.py +0 -0
cartography/models/aws/cloudtrail/trail.py +61 -0
cartography/models/aws/cloudwatch/__init__.py +0 -0
cartography/models/aws/cloudwatch/loggroup.py +52 -0
cartography/models/aws/dynamodb/gsi.py +30 -22
cartography/models/aws/dynamodb/tables.py +25 -17
cartography/models/aws/ec2/auto_scaling_groups.py +102 -82
cartography/models/aws/ec2/images.py +36 -34
cartography/models/aws/ec2/instances.py +51 -45
cartography/models/aws/ec2/keypair.py +21 -16
cartography/models/aws/ec2/keypair_instance.py +28 -21
cartography/models/aws/ec2/launch_configurations.py +30 -26
cartography/models/aws/ec2/launch_template_versions.py +48 -38
cartography/models/aws/ec2/launch_templates.py +21 -17
cartography/models/aws/ec2/load_balancer_listeners.py +27 -23
cartography/models/aws/ec2/load_balancers.py +47 -37
cartography/models/aws/ec2/network_acl_rules.py +38 -30
cartography/models/aws/ec2/network_acls.py +38 -29
cartography/models/aws/ec2/networkinterface_instance.py +52 -39
cartography/models/aws/ec2/networkinterfaces.py +53 -37
cartography/models/aws/ec2/privateip_networkinterface.py +32 -22
cartography/models/aws/ec2/reservations.py +18 -14
cartography/models/aws/ec2/route_table_associations.py +97 -0
cartography/models/aws/ec2/route_tables.py +128 -0
cartography/models/aws/ec2/routes.py +85 -0
cartography/models/aws/ec2/securitygroup_instance.py +29 -20
cartography/models/aws/ec2/securitygroup_networkinterface.py +24 -15
cartography/models/aws/ec2/subnet_instance.py +24 -19
cartography/models/aws/ec2/subnet_networkinterface.py +40 -31
cartography/models/aws/ec2/volumes.py +47 -40
cartography/models/aws/efs/__init__.py +0 -0
cartography/models/aws/efs/mount_target.py +52 -0
cartography/models/aws/eks/clusters.py +23 -21
cartography/models/aws/emr.py +32 -30
cartography/models/aws/iam/instanceprofile.py +33 -24
cartography/models/aws/identitycenter/awsidentitycenter.py +18 -14
cartography/models/aws/identitycenter/awspermissionset.py +37 -29
cartography/models/aws/identitycenter/awsssouser.py +23 -21
cartography/models/aws/inspector/findings.py +77 -65
cartography/models/aws/inspector/packages.py +35 -29
cartography/models/aws/s3/__init__.py +0 -0
cartography/models/aws/s3/account_public_access_block.py +51 -0
cartography/models/aws/sns/__init__.py +0 -0
cartography/models/aws/sns/topic.py +50 -0
cartography/models/aws/ssm/instance_information.py +51 -39
cartography/models/aws/ssm/instance_patch.py +32 -26
cartography/models/bigfix/bigfix_computer.py +42 -38
cartography/models/bigfix/bigfix_root.py +3 -3
cartography/models/cloudflare/__init__.py +0 -0
cartography/models/cloudflare/account.py +25 -0
cartography/models/cloudflare/dnsrecord.py +55 -0
cartography/models/cloudflare/member.py +82 -0
cartography/models/cloudflare/role.py +44 -0
cartography/models/cloudflare/zone.py +59 -0
cartography/models/core/common.py +12 -10
cartography/models/core/nodes.py +5 -2
cartography/models/core/relationships.py +14 -6
cartography/models/crowdstrike/hosts.py +37 -35
cartography/models/cve/cve.py +34 -32
cartography/models/cve/cve_feed.py +6 -6
cartography/models/digitalocean/__init__.py +0 -0
cartography/models/digitalocean/account.py +21 -0
cartography/models/digitalocean/droplet.py +56 -0
cartography/models/digitalocean/project.py +48 -0
cartography/models/duo/api_host.py +3 -3
cartography/models/duo/endpoint.py +43 -41
cartography/models/duo/group.py +14 -14
cartography/models/duo/phone.py +27 -27
cartography/models/duo/token.py +16 -16
cartography/models/duo/user.py +46 -44
cartography/models/duo/web_authn_credential.py +27 -19
cartography/models/entra/ou.py +48 -0
cartography/models/entra/tenant.py +24 -18
cartography/models/entra/user.py +64 -48
cartography/models/gcp/iam.py +23 -23
cartography/models/github/orgs.py +5 -4
cartography/models/github/teams.py +37 -31
cartography/models/github/users.py +34 -23
cartography/models/kandji/device.py +22 -16
cartography/models/kandji/tenant.py +6 -4
cartography/models/lastpass/tenant.py +3 -3
cartography/models/lastpass/user.py +32 -28
cartography/models/openai/__init__.py +0 -0
cartography/models/openai/adminapikey.py +90 -0
cartography/models/openai/apikey.py +84 -0
cartography/models/openai/organization.py +17 -0
cartography/models/openai/project.py +70 -0
cartography/models/openai/serviceaccount.py +50 -0
cartography/models/openai/user.py +49 -0
cartography/models/semgrep/dependencies.py +36 -24
cartography/models/semgrep/deployment.py +5 -5
cartography/models/semgrep/findings.py +58 -42
cartography/models/semgrep/locations.py +27 -21
cartography/models/snipeit/asset.py +30 -21
cartography/models/snipeit/tenant.py +6 -4
cartography/models/snipeit/user.py +19 -12
cartography/models/tailscale/__init__.py +0 -0
cartography/models/tailscale/device.py +95 -0
cartography/models/tailscale/group.py +86 -0
cartography/models/tailscale/postureintegration.py +58 -0
cartography/models/tailscale/tag.py +102 -0
cartography/models/tailscale/tailnet.py +29 -0
cartography/models/tailscale/user.py +52 -0
cartography/stats.py +3 -3
cartography/sync.py +113 -31
cartography/util.py +84 -62
{cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/METADATA +8 -15
cartography-0.103.0.dist-info/RECORD +442 -0
{cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/WHEEL +1 -1
cartography-0.102.0rc1.dist-info/RECORD +0 -377
{cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/entry_points.txt +0 -0
{cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/licenses/LICENSE +0 -0
{cartography-0.102.0rc1.dist-info → cartography-0.103.0.dist-info}/top_level.txt +0 -0

cartography/intel/tailscale/users.py ADDED Viewed

@@ -0,0 +1,80 @@
+import logging
+from typing import Any
+from typing import Dict
+from typing import List
+import neo4j
+import requests
+from cartography.client.core.tx import load
+from cartography.graph.job import GraphJob
+from cartography.models.tailscale.user import TailscaleUserSchema
+from cartography.util import timeit
+logger = logging.getLogger(__name__)
+# Connect and read timeouts of 60 seconds each; see https://requests.readthedocs.io/en/master/user/advanced/#timeouts
+_TIMEOUT = (60, 60)
+@timeit
+def sync(
+    neo4j_session: neo4j.Session,
+    api_session: requests.Session,
+    common_job_parameters: Dict[str, Any],
+    org: str,
+) -> List[Dict]:
+    users = get(
+        api_session,
+        common_job_parameters["BASE_URL"],
+        org,
+    )
+    load_users(
+        neo4j_session,
+        users,
+        org,
+        common_job_parameters["UPDATE_TAG"],
+    )
+    cleanup(neo4j_session, common_job_parameters)
+    return users
+@timeit
+def get(
+    api_session: requests.Session,
+    base_url: str,
+    org: str,
+) -> List[Dict[str, Any]]:
+    results: List[Dict[str, Any]] = []
+    req = api_session.get(
+        f"{base_url}/tailnet/{org}/users",
+        timeout=_TIMEOUT,
+    )
+    req.raise_for_status()
+    results = req.json()["users"]
+    return results
+@timeit
+def load_users(
+    neo4j_session: neo4j.Session,
+    data: List[Dict[str, Any]],
+    org: str,
+    update_tag: int,
+) -> None:
+    logger.info(f"Loading {len(data)} Tailscale Users to the graph")
+    load(
+        neo4j_session,
+        TailscaleUserSchema(),
+        data,
+        lastupdated=update_tag,
+        org=org,
+    )
+@timeit
+def cleanup(
+    neo4j_session: neo4j.Session, common_job_parameters: Dict[str, Any]
+) -> None:
+    GraphJob.from_node_schema(TailscaleUserSchema(), common_job_parameters).run(
+        neo4j_session
+    )

cartography/intel/tailscale/utils.py ADDED Viewed

@@ -0,0 +1,132 @@
+import json
+import re
+from typing import Any
+from typing import Dict
+from typing import List
+class ACLParser:
+    """ACLParser is a class that parses Tailscale ACLs to extract data.
+    It removes comments and trailing commas from the ACL string
+    and converts it to a JSON object. It then provides methods
+    to extract groups and tags from the ACL.
+    The ACL string is expected to be in a format similar to JSON,
+    but with some Tailscale-specific syntax. The parser handles
+    single-line comments (//) and multi-line comments (/* */)
+    and removes trailing commas from the JSON-like structure.
+    The parser also handles Tailscale-specific syntax for groups
+    and tags, which may include user and group identifiers.
+    The parser is initialized with a raw ACL string, which is
+    processed to remove comments and trailing commas.
+    Args:
+        raw_acl (str): The raw ACL string to be parsed.
+    Attributes:
+        data (dict): The parsed JSON object representing the ACL.
+    """
+    RE_SINGLE_LINE_COMMENT = re.compile(r'("(?:(?=(\\?))\2.)*?")|(?:\/{2,}.*)')
+    RE_MULTI_LINE_COMMENT = re.compile(
+        r'("(?:(?=(\\?))\2.)*?")|(?:\/\*(?:(?!\*\/).)+\*\/)', flags=re.M | re.DOTALL
+    )
+    RE_TRAILING_COMMA = re.compile(r",(?=\s*?[\}\]])")
+    def __init__(self, raw_acl: str) -> None:
+        # Tailscale ACL use comments and trailing commas
+        # that are not valid JSON
+        filtered_json_string = self.RE_SINGLE_LINE_COMMENT.sub(r"\1", raw_acl)
+        filtered_json_string = self.RE_MULTI_LINE_COMMENT.sub(
+            r"\1", filtered_json_string
+        )
+        filtered_json_string = self.RE_TRAILING_COMMA.sub("", filtered_json_string)
+        self.data = json.loads(filtered_json_string)
+    def get_groups(self) -> List[Dict[str, Any]]:
+        """
+        Get all groups from the ACL
+        :return: list of groups
+        """
+        result: List[Dict[str, Any]] = []
+        groups = self.data.get("groups", {})
+        for group_id, members in groups.items():
+            group_name = group_id.split(":")[-1]
+            users_members = []
+            sub_groups = []
+            domain_members = []
+            for member in members:
+                if member.startswith("group:") or member.startswith("autogroup:"):
+                    sub_groups.append(member)
+                elif member.startswith("user:*@"):
+                    domain_members.append(member[7:])
+                elif member.startswith("user:"):
+                    users_members.append(member[5:])
+                else:
+                    users_members.append(member)
+            result.append(
+                {
+                    "id": group_id,
+                    "name": group_name,
+                    "members": users_members,
+                    "sub_groups": sub_groups,
+                    "domain_members": domain_members,
+                }
+            )
+        return result
+    def get_tags(self) -> List[Dict[str, Any]]:
+        """
+        Get all tags from the ACL
+        :return: list of tags
+        """
+        result: List[Dict[str, Any]] = []
+        for tag, owners in self.data.get("tagOwners", {}).items():
+            tag_name = tag.split(":")[-1]
+            user_owners = []
+            group_owners = []
+            domain_owners = []
+            for owner in owners:
+                if owner.startswith("group:") or owner.startswith("autogroup:"):
+                    group_owners.append(owner)
+                elif owner.startswith("user:*@"):
+                    domain_owners.append(owner[7:])
+                elif owner.startswith("user:"):
+                    user_owners.append(owner[5:])
+                else:
+                    user_owners.append(owner)
+            result.append(
+                {
+                    "id": tag,
+                    "name": tag_name,
+                    "owners": user_owners,
+                    "group_owners": group_owners,
+                    "domain_owners": domain_owners,
+                }
+            )
+        return result
+def role_to_group(role: str) -> list[str]:
+    """Convert Tailscale role to group
+    This function is used to convert Tailscale role to autogroup
+    group. The autogroup is used to manage the access control
+    in Tailscale.
+    Args:
+        role (str): The role of the user in Tailscale. (eg: owner, admin, member, etc)
+    Returns:
+        list[str]: The list of autogroup that the user belongs to. (eg: autogroup:admin, autogroup:member, etc)
+    """
+    result: list[str] = []
+    result.append(f"autogroup:{role}")
+    if role == "owner":
+        result.append("autogroup:admin")
+        result.append("autogroup:member")
+    elif role in ("admin", "auditor", "billing-admin", "it-admin", "network-admin"):
+        result.append("autogroup:member")
+    return result

cartography/models/aws/apigateway.py CHANGED Viewed

@@ -12,36 +12,40 @@ from cartography.models.core.relationships import TargetNodeMatcher
 @dataclass(frozen=True)
 class APIGatewayRestAPINodeProperties(CartographyNodeProperties):
-    id: PropertyRef = PropertyRef('id', extra_index=True)
-    createddate: PropertyRef = PropertyRef('createdDate')
-    version: PropertyRef = PropertyRef('version')
-    minimumcompressionsize: PropertyRef = PropertyRef('minimumCompressionSize')
-    disableexecuteapiendpoint: PropertyRef = PropertyRef('disableExecuteApiEndpoint')
-    region: PropertyRef = PropertyRef('region', set_in_kwargs=True)
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
-    anonymous_access: PropertyRef = PropertyRef('anonymous_access')
-    anonymous_actions: PropertyRef = PropertyRef('anonymous_actions')
+    id: PropertyRef = PropertyRef("id", extra_index=True)
+    createddate: PropertyRef = PropertyRef("createdDate")
+    version: PropertyRef = PropertyRef("version")
+    minimumcompressionsize: PropertyRef = PropertyRef("minimumCompressionSize")
+    disableexecuteapiendpoint: PropertyRef = PropertyRef("disableExecuteApiEndpoint")
+    region: PropertyRef = PropertyRef("region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    anonymous_access: PropertyRef = PropertyRef("anonymous_access")
+    anonymous_actions: PropertyRef = PropertyRef("anonymous_actions")
 @dataclass(frozen=True)
-class APIGatewayRestAPIToAwsAccountRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class APIGatewayRestAPIToAWSAccountRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayRestAPI)<-[:RESOURCE]-(:AWSAccount)
-class APIGatewayRestAPIToAWSAccount(CartographyRelSchema):
-    target_node_label: str = 'AWSAccount'
+class APIGatewayRestAPIToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "RESOURCE"
-    properties: APIGatewayRestAPIToAwsAccountRelProperties = APIGatewayRestAPIToAwsAccountRelProperties()
+    properties: APIGatewayRestAPIToAWSAccountRelRelProperties = (
+        APIGatewayRestAPIToAWSAccountRelRelProperties()
+    )
 @dataclass(frozen=True)
 class APIGatewayRestAPISchema(CartographyNodeSchema):
-    label: str = 'APIGatewayRestAPI'
+    label: str = "APIGatewayRestAPI"
     properties: APIGatewayRestAPINodeProperties = APIGatewayRestAPINodeProperties()
-    sub_resource_relationship: APIGatewayRestAPIToAWSAccount = APIGatewayRestAPIToAWSAccount()
+    sub_resource_relationship: APIGatewayRestAPIToAWSAccountRel = (
+        APIGatewayRestAPIToAWSAccountRel()
+    )

cartography/models/aws/apigatewaycertificate.py CHANGED Viewed

@@ -13,54 +13,60 @@ from cartography.models.core.relationships import TargetNodeMatcher
 @dataclass(frozen=True)
 class APIGatewayClientCertificateNodeProperties(CartographyNodeProperties):
-    id: PropertyRef = PropertyRef('clientCertificateId')
-    createddate: PropertyRef = PropertyRef('createdDate')
-    expirationdate: PropertyRef = PropertyRef('expirationDate')
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    id: PropertyRef = PropertyRef("clientCertificateId")
+    createddate: PropertyRef = PropertyRef("createdDate")
+    expirationdate: PropertyRef = PropertyRef("expirationDate")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
-class APIGatewayClientCertificateToStageRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class APIGatewayClientCertificateToStageRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
-class CertToStageRelProps(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class CertToStageRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayStage)-[:HAS_CERTIFICATE]->(:APIGatewayClientCertificate)
-class APIGatewayClientCertificateToStage(CartographyRelSchema):
-    target_node_label: str = 'APIGatewayStage'
+class APIGatewayClientCertificateToStageRel(CartographyRelSchema):
+    target_node_label: str = "APIGatewayStage"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('stageArn')},
+        {"id": PropertyRef("stageArn")},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "HAS_CERTIFICATE"
-    properties: CertToStageRelProps = CertToStageRelProps()
+    properties: CertToStageRelProperties = CertToStageRelProperties()
 @dataclass(frozen=True)
-class CertToAccountRelProps(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class CertToAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayClientCertificate)<-[:RESOURCE]-(:AWSAccount)
-class APIGatewayClientCertificateToAWSAccount(CartographyRelSchema):
-    target_node_label: str = 'AWSAccount'
+class APIGatewayClientCertificateToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "RESOURCE"
-    properties: CertToAccountRelProps = CertToAccountRelProps()
+    properties: CertToAccountRelProperties = CertToAccountRelProperties()
 @dataclass(frozen=True)
 class APIGatewayClientCertificateSchema(CartographyNodeSchema):
-    label: str = 'APIGatewayClientCertificate'
-    properties: APIGatewayClientCertificateNodeProperties = APIGatewayClientCertificateNodeProperties()
-    sub_resource_relationship: APIGatewayClientCertificateToAWSAccount = APIGatewayClientCertificateToAWSAccount()
-    other_relationships: OtherRelationships = OtherRelationships([APIGatewayClientCertificateToStage()])
+    label: str = "APIGatewayClientCertificate"
+    properties: APIGatewayClientCertificateNodeProperties = (
+        APIGatewayClientCertificateNodeProperties()
+    )
+    sub_resource_relationship: APIGatewayClientCertificateToAWSAccountRel = (
+        APIGatewayClientCertificateToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [APIGatewayClientCertificateToStageRel()],
+    )

cartography/models/aws/apigatewayresource.py CHANGED Viewed

@@ -13,50 +13,58 @@ from cartography.models.core.relationships import TargetNodeMatcher
 @dataclass(frozen=True)
 class APIGatewayResourceNodeProperties(CartographyNodeProperties):
-    id: PropertyRef = PropertyRef('id')
-    path: PropertyRef = PropertyRef('path')
-    pathpart: PropertyRef = PropertyRef('pathPart')
-    parentid: PropertyRef = PropertyRef('parentId')
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    id: PropertyRef = PropertyRef("id")
+    path: PropertyRef = PropertyRef("path")
+    pathpart: PropertyRef = PropertyRef("pathPart")
+    parentid: PropertyRef = PropertyRef("parentId")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
-class APIGatewayResourceToRestAPIRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class APIGatewayResourceToRestAPIRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayResource)<-[:RESOURCE]-(:APIGatewayRestAPI)
-class APIGatewayResourceToRestAPI(CartographyRelSchema):
-    target_node_label: str = 'APIGatewayRestAPI'
+class APIGatewayResourceToRestAPIRel(CartographyRelSchema):
+    target_node_label: str = "APIGatewayRestAPI"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('apiId')},
+        {"id": PropertyRef("apiId")},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "RESOURCE"
-    properties: APIGatewayResourceToRestAPIRelProperties = APIGatewayResourceToRestAPIRelProperties()
+    properties: APIGatewayResourceToRestAPIRelRelProperties = (
+        APIGatewayResourceToRestAPIRelRelProperties()
+    )
 @dataclass(frozen=True)
-class APIGatewayResourceToAwsAccountRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class APIGatewayResourceToAWSAccountRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayResource)<-[:RESOURCE]-(:AWSAccount)
-class APIGatewayResourceToAWSAccount(CartographyRelSchema):
-    target_node_label: str = 'AWSAccount'
+class APIGatewayResourceToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "RESOURCE"
-    properties: APIGatewayResourceToAwsAccountRelProperties = APIGatewayResourceToAwsAccountRelProperties()
+    properties: APIGatewayResourceToAWSAccountRelRelProperties = (
+        APIGatewayResourceToAWSAccountRelRelProperties()
+    )
 @dataclass(frozen=True)
 class APIGatewayResourceSchema(CartographyNodeSchema):
-    label: str = 'APIGatewayResource'
+    label: str = "APIGatewayResource"
     properties: APIGatewayResourceNodeProperties = APIGatewayResourceNodeProperties()
-    sub_resource_relationship: APIGatewayResourceToAWSAccount = APIGatewayResourceToAWSAccount()
-    other_relationships: OtherRelationships = OtherRelationships([APIGatewayResourceToRestAPI()])
+    sub_resource_relationship: APIGatewayResourceToAWSAccountRel = (
+        APIGatewayResourceToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [APIGatewayResourceToRestAPIRel()],
+    )

cartography/models/aws/apigatewaystage.py CHANGED Viewed

@@ -13,55 +13,63 @@ from cartography.models.core.relationships import TargetNodeMatcher
 @dataclass(frozen=True)
 class APIGatewayStageNodeProperties(CartographyNodeProperties):
-    id: PropertyRef = PropertyRef('arn')
-    stagename: PropertyRef = PropertyRef('stageName')
-    createddate: PropertyRef = PropertyRef('createdDate')
-    deploymentid: PropertyRef = PropertyRef('deploymentId')
-    clientcertificateid: PropertyRef = PropertyRef('clientCertificateId')
-    cacheclusterenabled: PropertyRef = PropertyRef('cacheClusterEnabled')
-    cacheclusterstatus: PropertyRef = PropertyRef('cacheClusterStatus')
-    tracingenabled: PropertyRef = PropertyRef('tracingEnabled')
-    webaclarn: PropertyRef = PropertyRef('webAclArn')
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+    id: PropertyRef = PropertyRef("arn")
+    stagename: PropertyRef = PropertyRef("stageName")
+    createddate: PropertyRef = PropertyRef("createdDate")
+    deploymentid: PropertyRef = PropertyRef("deploymentId")
+    clientcertificateid: PropertyRef = PropertyRef("clientCertificateId")
+    cacheclusterenabled: PropertyRef = PropertyRef("cacheClusterEnabled")
+    cacheclusterstatus: PropertyRef = PropertyRef("cacheClusterStatus")
+    tracingenabled: PropertyRef = PropertyRef("tracingEnabled")
+    webaclarn: PropertyRef = PropertyRef("webAclArn")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
-class APIGatewayStageToRestAPIRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class APIGatewayStageToRestAPIRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayStage)<-[:ASSOCIATED_WITH]-(:APIGatewayRestAPI)
-class APIGatewayStageToRestAPI(CartographyRelSchema):
-    target_node_label: str = 'APIGatewayRestAPI'
+class APIGatewayStageToRestAPIRel(CartographyRelSchema):
+    target_node_label: str = "APIGatewayRestAPI"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('apiId')},
+        {"id": PropertyRef("apiId")},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "ASSOCIATED_WITH"
-    properties: APIGatewayStageToRestAPIRelProperties = APIGatewayStageToRestAPIRelProperties()
+    properties: APIGatewayStageToRestAPIRelRelProperties = (
+        APIGatewayStageToRestAPIRelRelProperties()
+    )
 @dataclass(frozen=True)
-class APIGatewayStageToAwsAccountRelProperties(CartographyRelProperties):
-    lastupdated: PropertyRef = PropertyRef('lastupdated', set_in_kwargs=True)
+class APIGatewayStageToAWSAccountRelRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
 @dataclass(frozen=True)
 # (:APIGatewayStage)<-[:RESOURCE]-(:AWSAccount)
-class APIGatewayStageToAWSAccount(CartographyRelSchema):
-    target_node_label: str = 'AWSAccount'
+class APIGatewayStageToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
-        {'id': PropertyRef('AWS_ID', set_in_kwargs=True)},
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
     )
     direction: LinkDirection = LinkDirection.INWARD
     rel_label: str = "RESOURCE"
-    properties: APIGatewayStageToAwsAccountRelProperties = APIGatewayStageToAwsAccountRelProperties()
+    properties: APIGatewayStageToAWSAccountRelRelProperties = (
+        APIGatewayStageToAWSAccountRelRelProperties()
+    )
 @dataclass(frozen=True)
 class APIGatewayStageSchema(CartographyNodeSchema):
-    label: str = 'APIGatewayStage'
+    label: str = "APIGatewayStage"
     properties: APIGatewayStageNodeProperties = APIGatewayStageNodeProperties()
-    sub_resource_relationship: APIGatewayStageToAWSAccount = APIGatewayStageToAWSAccount()
-    other_relationships: OtherRelationships = OtherRelationships([APIGatewayStageToRestAPI()])
+    sub_resource_relationship: APIGatewayStageToAWSAccountRel = (
+        APIGatewayStageToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [APIGatewayStageToRestAPIRel()],
+    )

cartography/models/aws/cloudtrail/__init__.py ADDED Viewed

File without changes

cartography/models/aws/cloudtrail/trail.py ADDED Viewed

@@ -0,0 +1,61 @@
+from dataclasses import dataclass
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+@dataclass(frozen=True)
+class CloudTrailTrailNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("TrailARN")
+    arn: PropertyRef = PropertyRef("TrailARN")
+    name: PropertyRef = PropertyRef("Name")
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    cloudwatch_logs_log_group_arn: PropertyRef = PropertyRef(
+        "CloudWatchLogsLogGroupArn"
+    )
+    cloudwatch_logs_role_arn: PropertyRef = PropertyRef("CloudWatchLogsRoleArn")
+    has_custom_event_selectors: PropertyRef = PropertyRef("HasCustomEventSelectors")
+    has_insight_selectors: PropertyRef = PropertyRef("HasInsightSelectors")
+    home_region: PropertyRef = PropertyRef("HomeRegion")
+    include_global_service_events: PropertyRef = PropertyRef(
+        "IncludeGlobalServiceEvents"
+    )
+    is_multi_region_trail: PropertyRef = PropertyRef("IsMultiRegionTrail")
+    is_organization_trail: PropertyRef = PropertyRef("IsOrganizationTrail")
+    kms_key_id: PropertyRef = PropertyRef("KmsKeyId")
+    log_file_validation_enabled: PropertyRef = PropertyRef("LogFileValidationEnabled")
+    s3_bucket_name: PropertyRef = PropertyRef("S3BucketName")
+    s3_key_prefix: PropertyRef = PropertyRef("S3KeyPrefix")
+    sns_topic_arn: PropertyRef = PropertyRef("SnsTopicARN")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudTrailTrailToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudTrailToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: CloudTrailTrailToAwsAccountRelProperties = (
+        CloudTrailTrailToAwsAccountRelProperties()
+    )
+@dataclass(frozen=True)
+class CloudTrailTrailSchema(CartographyNodeSchema):
+    label: str = "CloudTrailTrail"
+    properties: CloudTrailTrailNodeProperties = CloudTrailTrailNodeProperties()
+    sub_resource_relationship: CloudTrailToAWSAccountRel = CloudTrailToAWSAccountRel()

cartography/models/aws/cloudwatch/__init__.py ADDED Viewed

File without changes

cartography/models/aws/cloudwatch/loggroup.py ADDED Viewed

@@ -0,0 +1,52 @@
+from dataclasses import dataclass
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+@dataclass(frozen=True)
+class CloudWatchLogGroupNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("logGroupArn")
+    arn: PropertyRef = PropertyRef("logGroupArn", extra_index=True)
+    creation_time: PropertyRef = PropertyRef("creationTime")
+    data_protection_status: PropertyRef = PropertyRef("dataProtectionStatus")
+    inherited_properties: PropertyRef = PropertyRef("inheritedProperties")
+    kms_key_id: PropertyRef = PropertyRef("kmsKeyId")
+    log_group_arn: PropertyRef = PropertyRef("logGroupArn")
+    log_group_class: PropertyRef = PropertyRef("logGroupClass")
+    log_group_name: PropertyRef = PropertyRef("logGroupName")
+    metric_filter_count: PropertyRef = PropertyRef("metricFilterCount")
+    retention_in_days: PropertyRef = PropertyRef("retentionInDays")
+    stored_bytes: PropertyRef = PropertyRef("storedBytes")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudWatchLogGroupToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+@dataclass(frozen=True)
+class CloudWatchToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: CloudWatchLogGroupToAwsAccountRelProperties = (
+        CloudWatchLogGroupToAwsAccountRelProperties()
+    )
+@dataclass(frozen=True)
+class CloudWatchLogGroupSchema(CartographyNodeSchema):
+    label: str = "CloudWatchLogGroup"
+    properties: CloudWatchLogGroupNodeProperties = CloudWatchLogGroupNodeProperties()
+    sub_resource_relationship: CloudWatchToAWSAccountRel = CloudWatchToAWSAccountRel()

cartography 0.102.0rc1__py3-none-any.whl → 0.103.0__py3-none-any.whl

Potentially problematic release.

cartography 0.102.0rc1py3-none-any.whl → 0.103.0py3-none-any.whl