PyPI - cartography - Versions diffs - 0.104.0rc2__py3-none-any.whl → 0.123.0__py3-none-any.whl - Mend

cartography 0.104.0rc2py3-none-any.whl → 0.123.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (642) hide show

cartography/_version.py +16 -3
cartography/cli.py +466 -5
cartography/client/aws/__init__.py +19 -0
cartography/client/aws/ecr.py +51 -0
cartography/client/core/tx.py +357 -8
cartography/config.py +153 -0
cartography/data/azure_permission_relationships.yaml +20 -0
cartography/data/gcp_permission_relationships.yaml +21 -0
cartography/data/indexes.cypher +0 -186
cartography/data/jobs/analysis/aws_ec2_keypair_analysis.json +2 -2
cartography/data/jobs/analysis/keycloak_inheritance.json +30 -0
cartography/data/jobs/cleanup/gcp_compute_vpc_cleanup.json +0 -12
cartography/data/jobs/cleanup/github_repos_cleanup.json +2 -0
cartography/driftdetect/cli.py +3 -2
cartography/graph/cleanupbuilder.py +198 -41
cartography/graph/job.py +54 -6
cartography/graph/querybuilder.py +528 -27
cartography/graph/statement.py +5 -1
cartography/intel/airbyte/__init__.py +105 -0
cartography/intel/airbyte/connections.py +120 -0
cartography/intel/airbyte/destinations.py +81 -0
cartography/intel/airbyte/organizations.py +59 -0
cartography/intel/airbyte/sources.py +78 -0
cartography/intel/airbyte/tags.py +64 -0
cartography/intel/airbyte/users.py +106 -0
cartography/intel/airbyte/util.py +122 -0
cartography/intel/airbyte/workspaces.py +63 -0
cartography/intel/aws/__init__.py +24 -9
cartography/intel/aws/acm.py +124 -0
cartography/intel/aws/apigateway.py +253 -22
cartography/intel/aws/apigatewayv2.py +116 -0
cartography/intel/aws/cloudtrail.py +17 -39
cartography/intel/aws/cloudtrail_management_events.py +962 -0
cartography/intel/aws/cloudwatch.py +150 -4
cartography/intel/aws/codebuild.py +132 -0
cartography/intel/aws/cognito.py +201 -0
cartography/intel/aws/config.py +7 -3
cartography/intel/aws/ec2/elastic_ip_addresses.py +3 -1
cartography/intel/aws/ec2/instances.py +25 -1
cartography/intel/aws/ec2/internet_gateways.py +4 -2
cartography/intel/aws/ec2/load_balancer_v2s.py +11 -5
cartography/intel/aws/ec2/network_interfaces.py +5 -1
cartography/intel/aws/ec2/reserved_instances.py +3 -1
cartography/intel/aws/ec2/security_groups.py +140 -122
cartography/intel/aws/ec2/snapshots.py +47 -84
cartography/intel/aws/ec2/subnets.py +37 -63
cartography/intel/aws/ec2/tgw.py +11 -5
cartography/intel/aws/ec2/volumes.py +1 -1
cartography/intel/aws/ec2/vpc.py +140 -124
cartography/intel/aws/ec2/vpc_peerings.py +262 -125
cartography/intel/aws/ecr.py +269 -98
cartography/intel/aws/ecr_image_layers.py +923 -0
cartography/intel/aws/ecs.py +251 -380
cartography/intel/aws/efs.py +179 -11
cartography/intel/aws/elasticache.py +102 -79
cartography/intel/aws/elasticsearch.py +13 -4
cartography/intel/aws/eventbridge.py +164 -0
cartography/intel/aws/glue.py +181 -0
cartography/intel/aws/guardduty.py +443 -0
cartography/intel/aws/iam.py +750 -493
cartography/intel/aws/identitycenter.py +605 -83
cartography/intel/aws/inspector.py +221 -105
cartography/intel/aws/kms.py +173 -201
cartography/intel/aws/lambda_function.py +272 -189
cartography/intel/aws/organizations.py +10 -9
cartography/intel/aws/permission_relationships.py +10 -20
cartography/intel/aws/rds.py +337 -446
cartography/intel/aws/redshift.py +9 -4
cartography/intel/aws/resourcegroupstaggingapi.py +78 -19
cartography/intel/aws/resources.py +18 -0
cartography/intel/aws/route53.py +386 -332
cartography/intel/aws/s3.py +322 -14
cartography/intel/aws/secretsmanager.py +81 -49
cartography/intel/aws/securityhub.py +3 -1
cartography/intel/aws/sns.py +62 -2
cartography/intel/aws/sqs.py +36 -90
cartography/intel/aws/ssm.py +3 -5
cartography/intel/azure/__init__.py +202 -48
cartography/intel/azure/aks.py +175 -0
cartography/intel/azure/app_service.py +105 -0
cartography/intel/azure/compute.py +59 -112
cartography/intel/azure/container_instances.py +95 -0
cartography/intel/azure/cosmosdb.py +222 -361
cartography/intel/azure/data_factory.py +85 -0
cartography/intel/azure/data_factory_dataset.py +128 -0
cartography/intel/azure/data_factory_linked_service.py +119 -0
cartography/intel/azure/data_factory_pipeline.py +142 -0
cartography/intel/azure/data_lake.py +124 -0
cartography/intel/azure/event_grid.py +94 -0
cartography/intel/azure/functions.py +124 -0
cartography/intel/azure/load_balancers.py +263 -0
cartography/intel/azure/logic_apps.py +101 -0
cartography/intel/azure/monitor.py +105 -0
cartography/intel/azure/network.py +467 -0
cartography/intel/azure/permission_relationships.py +466 -0
cartography/intel/azure/rbac.py +309 -0
cartography/intel/azure/resource_groups.py +82 -0
cartography/intel/azure/security_center.py +106 -0
cartography/intel/azure/sql.py +145 -292
cartography/intel/azure/storage.py +185 -262
cartography/intel/azure/subscription.py +21 -43
cartography/intel/azure/tenant.py +39 -30
cartography/intel/azure/util/common.py +13 -0
cartography/intel/azure/util/credentials.py +49 -174
cartography/intel/azure/util/tag.py +41 -0
cartography/intel/create_indexes.py +2 -1
cartography/intel/crowdstrike/spotlight.py +5 -2
cartography/intel/dns.py +5 -2
cartography/intel/entra/__init__.py +100 -1
cartography/intel/entra/app_role_assignments.py +284 -0
cartography/intel/entra/applications.py +182 -0
cartography/intel/entra/federation/__init__.py +0 -0
cartography/intel/entra/federation/aws_identity_center.py +77 -0
cartography/intel/entra/groups.py +198 -0
cartography/intel/entra/ou.py +48 -24
cartography/intel/entra/service_principals.py +217 -0
cartography/intel/entra/users.py +105 -57
cartography/intel/gcp/__init__.py +334 -396
cartography/intel/gcp/bigtable_app_profile.py +101 -0
cartography/intel/gcp/bigtable_backup.py +91 -0
cartography/intel/gcp/bigtable_cluster.py +93 -0
cartography/intel/gcp/bigtable_instance.py +86 -0
cartography/intel/gcp/bigtable_table.py +87 -0
cartography/intel/gcp/cai.py +292 -0
cartography/intel/gcp/clients.py +112 -0
cartography/intel/gcp/compute.py +128 -119
cartography/intel/gcp/crm/__init__.py +0 -0
cartography/intel/gcp/crm/folders.py +114 -0
cartography/intel/gcp/crm/orgs.py +70 -0
cartography/intel/gcp/crm/projects.py +120 -0
cartography/intel/gcp/dns.py +83 -169
cartography/intel/gcp/gke.py +72 -113
cartography/intel/gcp/iam.py +111 -91
cartography/intel/gcp/permission_relationships.py +394 -0
cartography/intel/gcp/policy_bindings.py +225 -0
cartography/intel/gcp/storage.py +75 -159
cartography/intel/github/__init__.py +62 -25
cartography/intel/github/commits.py +423 -0
cartography/intel/github/repos.py +463 -85
cartography/intel/github/teams.py +3 -3
cartography/intel/github/users.py +5 -0
cartography/intel/github/util.py +12 -0
cartography/intel/googleworkspace/__init__.py +193 -0
cartography/intel/googleworkspace/devices.py +254 -0
cartography/intel/googleworkspace/groups.py +568 -0
cartography/intel/googleworkspace/oauth_apps.py +259 -0
cartography/intel/googleworkspace/tenant.py +85 -0
cartography/intel/googleworkspace/users.py +138 -0
cartography/intel/gsuite/__init__.py +17 -9
cartography/intel/gsuite/groups.py +291 -0
cartography/intel/gsuite/users.py +142 -0
cartography/intel/jamf/computers.py +7 -1
cartography/intel/keycloak/__init__.py +153 -0
cartography/intel/keycloak/authenticationexecutions.py +322 -0
cartography/intel/keycloak/authenticationflows.py +77 -0
cartography/intel/keycloak/clients.py +187 -0
cartography/intel/keycloak/groups.py +126 -0
cartography/intel/keycloak/identityproviders.py +94 -0
cartography/intel/keycloak/organizations.py +163 -0
cartography/intel/keycloak/realms.py +61 -0
cartography/intel/keycloak/roles.py +202 -0
cartography/intel/keycloak/scopes.py +73 -0
cartography/intel/keycloak/users.py +70 -0
cartography/intel/keycloak/util.py +47 -0
cartography/intel/kubernetes/__init__.py +60 -14
cartography/intel/kubernetes/clusters.py +86 -0
cartography/intel/kubernetes/eks.py +402 -0
cartography/intel/kubernetes/namespaces.py +59 -57
cartography/intel/kubernetes/pods.py +168 -75
cartography/intel/kubernetes/rbac.py +597 -0
cartography/intel/kubernetes/secrets.py +95 -45
cartography/intel/kubernetes/services.py +131 -67
cartography/intel/kubernetes/util.py +142 -14
cartography/intel/oci/iam.py +23 -9
cartography/intel/oci/organizations.py +3 -1
cartography/intel/oci/utils.py +28 -5
cartography/intel/okta/applications.py +15 -5
cartography/intel/okta/awssaml.py +14 -10
cartography/intel/okta/factors.py +3 -1
cartography/intel/okta/groups.py +5 -2
cartography/intel/okta/organization.py +3 -1
cartography/intel/okta/origins.py +3 -1
cartography/intel/okta/roles.py +5 -2
cartography/intel/okta/users.py +10 -2
cartography/intel/ontology/__init__.py +44 -0
cartography/intel/ontology/devices.py +54 -0
cartography/intel/ontology/users.py +54 -0
cartography/intel/ontology/utils.py +176 -0
cartography/intel/pagerduty/escalation_policies.py +13 -6
cartography/intel/pagerduty/schedules.py +9 -4
cartography/intel/pagerduty/services.py +7 -3
cartography/intel/pagerduty/teams.py +5 -2
cartography/intel/pagerduty/users.py +3 -1
cartography/intel/pagerduty/vendors.py +3 -1
cartography/intel/scaleway/__init__.py +127 -0
cartography/intel/scaleway/iam/__init__.py +0 -0
cartography/intel/scaleway/iam/apikeys.py +71 -0
cartography/intel/scaleway/iam/applications.py +71 -0
cartography/intel/scaleway/iam/groups.py +71 -0
cartography/intel/scaleway/iam/users.py +71 -0
cartography/intel/scaleway/instances/__init__.py +0 -0
cartography/intel/scaleway/instances/flexibleips.py +86 -0
cartography/intel/scaleway/instances/instances.py +92 -0
cartography/intel/scaleway/projects.py +79 -0
cartography/intel/scaleway/storage/__init__.py +0 -0
cartography/intel/scaleway/storage/snapshots.py +86 -0
cartography/intel/scaleway/storage/volumes.py +84 -0
cartography/intel/scaleway/utils.py +37 -0
cartography/intel/sentinelone/__init__.py +75 -0
cartography/intel/sentinelone/account.py +140 -0
cartography/intel/sentinelone/agent.py +139 -0
cartography/intel/sentinelone/api.py +124 -0
cartography/intel/sentinelone/application.py +248 -0
cartography/intel/sentinelone/cve.py +119 -0
cartography/intel/sentinelone/utils.py +28 -0
cartography/intel/slack/__init__.py +78 -0
cartography/intel/slack/channels.py +80 -0
cartography/intel/slack/groups.py +90 -0
cartography/intel/slack/teams.py +65 -0
cartography/intel/slack/users.py +57 -0
cartography/intel/slack/utils.py +29 -0
cartography/intel/spacelift/__init__.py +161 -0
cartography/intel/spacelift/account.py +73 -0
cartography/intel/spacelift/ec2_ownership.py +280 -0
cartography/intel/spacelift/runs.py +463 -0
cartography/intel/spacelift/spaces.py +112 -0
cartography/intel/spacelift/stacks.py +119 -0
cartography/intel/spacelift/util.py +122 -0
cartography/intel/spacelift/workerpools.py +131 -0
cartography/intel/spacelift/workers.py +128 -0
cartography/intel/trivy/__init__.py +272 -0
cartography/intel/trivy/scanner.py +386 -0
cartography/models/airbyte/__init__.py +0 -0
cartography/models/airbyte/connection.py +138 -0
cartography/models/airbyte/destination.py +75 -0
cartography/models/airbyte/organization.py +19 -0
cartography/models/airbyte/source.py +75 -0
cartography/models/airbyte/stream.py +74 -0
cartography/models/airbyte/tag.py +69 -0
cartography/models/airbyte/user.py +115 -0
cartography/models/airbyte/workspace.py +46 -0
cartography/models/anthropic/apikey.py +4 -0
cartography/models/anthropic/user.py +4 -0
cartography/models/aws/acm/__init__.py +0 -0
cartography/models/aws/acm/certificate.py +75 -0
cartography/models/aws/apigateway/__init__.py +0 -0
cartography/models/aws/apigateway/apigatewaydeployment.py +74 -0
cartography/models/aws/apigateway/apigatewayintegration.py +79 -0
cartography/models/aws/apigateway/apigatewaymethod.py +74 -0
cartography/models/aws/apigatewayv2/__init__.py +0 -0
cartography/models/aws/apigatewayv2/apigatewayv2.py +53 -0
cartography/models/aws/cloudtrail/management_events.py +153 -0
cartography/models/aws/cloudtrail/trail.py +45 -0
cartography/models/aws/cloudwatch/log_metric_filter.py +79 -0
cartography/models/aws/cloudwatch/metric_alarm.py +53 -0
cartography/models/aws/codebuild/__init__.py +0 -0
cartography/models/aws/codebuild/project.py +49 -0
cartography/models/aws/cognito/__init__.py +0 -0
cartography/models/aws/cognito/identity_pool.py +70 -0
cartography/models/aws/cognito/user_pool.py +47 -0
cartography/models/aws/dynamodb/tables.py +2 -0
cartography/models/aws/ec2/instances.py +25 -1
cartography/models/aws/ec2/networkinterfaces.py +4 -0
cartography/models/aws/ec2/security_group_rules.py +109 -0
cartography/models/aws/ec2/security_groups.py +90 -0
cartography/models/aws/ec2/snapshots.py +58 -0
cartography/models/aws/ec2/subnet_instance.py +2 -0
cartography/models/aws/ec2/subnet_networkinterface.py +2 -0
cartography/models/aws/ec2/subnets.py +65 -0
cartography/models/aws/ec2/volumes.py +20 -0
cartography/models/aws/ec2/vpc.py +46 -0
cartography/models/aws/ec2/vpc_cidr.py +102 -0
cartography/models/aws/ec2/vpc_peering.py +157 -0
cartography/models/aws/ecr/__init__.py +0 -0
cartography/models/aws/ecr/image.py +146 -0
cartography/models/aws/ecr/image_layer.py +107 -0
cartography/models/aws/ecr/repository.py +72 -0
cartography/models/aws/ecr/repository_image.py +95 -0
cartography/models/aws/ecs/__init__.py +0 -0
cartography/models/aws/ecs/clusters.py +64 -0
cartography/models/aws/ecs/container_definitions.py +93 -0
cartography/models/aws/ecs/container_instances.py +84 -0
cartography/models/aws/ecs/containers.py +101 -0
cartography/models/aws/ecs/services.py +134 -0
cartography/models/aws/ecs/task_definitions.py +135 -0
cartography/models/aws/ecs/tasks.py +134 -0
cartography/models/aws/efs/access_point.py +77 -0
cartography/models/aws/efs/file_system.py +60 -0
cartography/models/aws/efs/mount_target.py +29 -2
cartography/models/aws/elasticache/__init__.py +0 -0
cartography/models/aws/elasticache/cluster.py +65 -0
cartography/models/aws/elasticache/topic.py +67 -0
cartography/models/aws/eventbridge/__init__.py +0 -0
cartography/models/aws/eventbridge/rule.py +77 -0
cartography/models/aws/eventbridge/target.py +71 -0
cartography/models/aws/glue/__init__.py +0 -0
cartography/models/aws/glue/connection.py +51 -0
cartography/models/aws/glue/job.py +69 -0
cartography/models/aws/guardduty/__init__.py +1 -0
cartography/models/aws/guardduty/detectors.py +50 -0
cartography/models/aws/guardduty/findings.py +121 -0
cartography/models/aws/iam/access_key.py +103 -0
cartography/models/aws/iam/account_role.py +24 -0
cartography/models/aws/iam/federated_principal.py +60 -0
cartography/models/aws/iam/group.py +60 -0
cartography/models/aws/iam/group_membership.py +27 -0
cartography/models/aws/iam/inline_policy.py +78 -0
cartography/models/aws/iam/managed_policy.py +51 -0
cartography/models/aws/iam/policy_statement.py +57 -0
cartography/models/aws/iam/role.py +83 -0
cartography/models/aws/iam/root_principal.py +52 -0
cartography/models/aws/iam/service_principal.py +30 -0
cartography/models/aws/iam/sts_assumerole_allow.py +38 -0
cartography/models/aws/iam/user.py +59 -0
cartography/models/aws/identitycenter/awsidentitycenter.py +1 -0
cartography/models/aws/identitycenter/awspermissionset.py +70 -0
cartography/models/aws/identitycenter/awssogroup.py +70 -0
cartography/models/aws/identitycenter/awsssouser.py +49 -9
cartography/models/aws/inspector/findings.py +37 -0
cartography/models/aws/inspector/packages.py +1 -31
cartography/models/aws/kms/__init__.py +0 -0
cartography/models/aws/kms/aliases.py +86 -0
cartography/models/aws/kms/grants.py +65 -0
cartography/models/aws/kms/keys.py +88 -0
cartography/models/aws/lambda_function/__init__.py +0 -0
cartography/models/aws/lambda_function/alias.py +74 -0
cartography/models/aws/lambda_function/event_source_mapping.py +88 -0
cartography/models/aws/lambda_function/lambda_function.py +91 -0
cartography/models/aws/lambda_function/layer.py +72 -0
cartography/models/aws/rds/__init__.py +0 -0
cartography/models/aws/rds/cluster.py +91 -0
cartography/models/aws/rds/event_subscription.py +146 -0
cartography/models/aws/rds/instance.py +156 -0
cartography/models/aws/rds/snapshot.py +108 -0
cartography/models/aws/rds/subnet_group.py +101 -0
cartography/models/aws/route53/__init__.py +0 -0
cartography/models/aws/route53/dnsrecord.py +235 -0
cartography/models/aws/route53/nameserver.py +63 -0
cartography/models/aws/route53/subzone.py +40 -0
cartography/models/aws/route53/zone.py +47 -0
cartography/models/aws/s3/notification.py +24 -0
cartography/models/aws/secretsmanager/secret.py +106 -0
cartography/models/aws/secretsmanager/secret_version.py +0 -2
cartography/models/aws/sns/topic_subscription.py +74 -0
cartography/models/aws/sqs/__init__.py +0 -0
cartography/models/aws/sqs/queue.py +89 -0
cartography/models/azure/__init__.py +0 -0
cartography/models/azure/aks_cluster.py +54 -0
cartography/models/azure/aks_nodepool.py +54 -0
cartography/models/azure/app_service.py +59 -0
cartography/models/azure/container_instance.py +57 -0
cartography/models/azure/cosmosdb/__init__.py +0 -0
cartography/models/azure/cosmosdb/account.py +77 -0
cartography/models/azure/cosmosdb/accountfailoverpolicy.py +77 -0
cartography/models/azure/cosmosdb/cassandrakeyspace.py +82 -0
cartography/models/azure/cosmosdb/cassandratable.py +81 -0
cartography/models/azure/cosmosdb/corspolicy.py +74 -0
cartography/models/azure/cosmosdb/dblocation.py +120 -0
cartography/models/azure/cosmosdb/mongodbcollection.py +82 -0
cartography/models/azure/cosmosdb/mongodbdatabase.py +78 -0
cartography/models/azure/cosmosdb/privateendpointconnection.py +81 -0
cartography/models/azure/cosmosdb/sqlcontainer.py +88 -0
cartography/models/azure/cosmosdb/sqldatabase.py +78 -0
cartography/models/azure/cosmosdb/tableresource.py +76 -0
cartography/models/azure/cosmosdb/virtualnetworkrule.py +78 -0
cartography/models/azure/data_factory/__init__.py +0 -0
cartography/models/azure/data_factory/data_factory.py +51 -0
cartography/models/azure/data_factory/data_factory_dataset.py +94 -0
cartography/models/azure/data_factory/data_factory_linked_service.py +78 -0
cartography/models/azure/data_factory/data_factory_pipeline.py +93 -0
cartography/models/azure/data_lake_filesystem.py +51 -0
cartography/models/azure/event_grid_topic.py +57 -0
cartography/models/azure/function_app.py +59 -0
cartography/models/azure/load_balancer/__init__.py +0 -0
cartography/models/azure/load_balancer/load_balancer.py +49 -0
cartography/models/azure/load_balancer/load_balancer_backend_pool.py +73 -0
cartography/models/azure/load_balancer/load_balancer_frontend_ip.py +75 -0
cartography/models/azure/load_balancer/load_balancer_inbound_nat_rule.py +78 -0
cartography/models/azure/load_balancer/load_balancer_rule.py +108 -0
cartography/models/azure/logic_apps.py +56 -0
cartography/models/azure/monitor.py +54 -0
cartography/models/azure/network_interface.py +112 -0
cartography/models/azure/network_security_group.py +50 -0
cartography/models/azure/permission_relationships.py +60 -0
cartography/models/azure/principal.py +41 -0
cartography/models/azure/public_ip_address.py +50 -0
cartography/models/azure/rbac.py +268 -0
cartography/models/azure/resource_groups.py +52 -0
cartography/models/azure/security_center.py +50 -0
cartography/models/azure/sql/__init__.py +0 -0
cartography/models/azure/sql/databasethreatdetectionpolicy.py +85 -0
cartography/models/azure/sql/elasticpool.py +77 -0
cartography/models/azure/sql/failovergroup.py +73 -0
cartography/models/azure/sql/recoverabledatabase.py +75 -0
cartography/models/azure/sql/replicationlink.py +81 -0
cartography/models/azure/sql/restorabledroppeddatabase.py +82 -0
cartography/models/azure/sql/restorepoint.py +74 -0
cartography/models/azure/sql/serveradadministrator.py +74 -0
cartography/models/azure/sql/serverdnsalias.py +71 -0
cartography/models/azure/sql/sqldatabase.py +85 -0
cartography/models/azure/sql/sqlserver.py +50 -0
cartography/models/azure/sql/transparentdataencryption.py +76 -0
cartography/models/azure/storage/__init__.py +0 -0
cartography/models/azure/storage/account.py +59 -0
cartography/models/azure/storage/blobcontainer.py +85 -0
cartography/models/azure/storage/blobservice.py +71 -0
cartography/models/azure/storage/fileservice.py +71 -0
cartography/models/azure/storage/fileshare.py +82 -0
cartography/models/azure/storage/queue.py +71 -0
cartography/models/azure/storage/queueservice.py +73 -0
cartography/models/azure/storage/table.py +72 -0
cartography/models/azure/storage/tableservice.py +73 -0
cartography/models/azure/subnet.py +101 -0
cartography/models/azure/subscription.py +47 -0
cartography/models/azure/tags/__init__.py +0 -0
cartography/models/azure/tags/storage_tag.py +40 -0
cartography/models/azure/tags/tag.py +37 -0
cartography/models/azure/tenant.py +17 -0
cartography/models/azure/virtual_network.py +49 -0
cartography/models/azure/vm/__init__.py +0 -0
cartography/models/azure/vm/datadisk.py +80 -0
cartography/models/azure/vm/disk.py +55 -0
cartography/models/azure/vm/snapshot.py +56 -0
cartography/models/azure/vm/virtualmachine.py +59 -0
cartography/models/bigfix/bigfix_computer.py +1 -1
cartography/models/cloudflare/member.py +4 -0
cartography/models/core/common.py +1 -0
cartography/models/core/nodes.py +15 -2
cartography/models/core/relationships.py +44 -0
cartography/models/crowdstrike/hosts.py +1 -1
cartography/models/digitalocean/droplet.py +2 -0
cartography/models/duo/endpoint.py +1 -1
cartography/models/duo/phone.py +2 -2
cartography/models/duo/user.py +4 -0
cartography/models/entra/app_role_assignment.py +115 -0
cartography/models/entra/application.py +49 -0
cartography/models/entra/entra_user_to_aws_sso.py +41 -0
cartography/models/entra/group.py +117 -0
cartography/models/entra/service_principal.py +104 -0
cartography/models/entra/user.py +42 -51
cartography/models/gcp/__init__.py +0 -0
cartography/models/gcp/bigtable/__init__.py +0 -0
cartography/models/gcp/bigtable/app_profile.py +94 -0
cartography/models/gcp/bigtable/backup.py +91 -0
cartography/models/gcp/bigtable/cluster.py +73 -0
cartography/models/gcp/bigtable/instance.py +52 -0
cartography/models/gcp/bigtable/table.py +69 -0
cartography/models/gcp/compute/__init__.py +0 -0
cartography/models/gcp/compute/subnet.py +74 -0
cartography/models/gcp/compute/vpc.py +50 -0
cartography/models/gcp/crm/__init__.py +0 -0
cartography/models/gcp/crm/folders.py +98 -0
cartography/models/gcp/crm/organizations.py +21 -0
cartography/models/gcp/crm/projects.py +100 -0
cartography/models/gcp/dns.py +109 -0
cartography/models/gcp/gke.py +69 -0
cartography/models/gcp/iam.py +3 -0
cartography/models/gcp/permission_relationships.py +61 -0
cartography/models/gcp/policy_bindings.py +93 -0
cartography/models/gcp/storage/__init__.py +0 -0
cartography/models/gcp/storage/bucket.py +119 -0
cartography/models/github/commits.py +63 -0
cartography/models/github/dependencies.py +73 -0
cartography/models/github/manifests.py +49 -0
cartography/models/github/users.py +10 -0
cartography/models/googleworkspace/__init__.py +0 -0
cartography/models/googleworkspace/device.py +132 -0
cartography/models/googleworkspace/group.py +382 -0
cartography/models/googleworkspace/oauth_app.py +124 -0
cartography/models/googleworkspace/tenant.py +30 -0
cartography/models/googleworkspace/user.py +113 -0
cartography/models/gsuite/__init__.py +0 -0
cartography/models/gsuite/group.py +218 -0
cartography/models/gsuite/tenant.py +29 -0
cartography/models/gsuite/user.py +107 -0
cartography/models/kandji/device.py +1 -2
cartography/models/keycloak/__init__.py +0 -0
cartography/models/keycloak/authenticationexecution.py +160 -0
cartography/models/keycloak/authenticationflow.py +54 -0
cartography/models/keycloak/client.py +179 -0
cartography/models/keycloak/group.py +101 -0
cartography/models/keycloak/identityprovider.py +89 -0
cartography/models/keycloak/organization.py +116 -0
cartography/models/keycloak/organizationdomain.py +73 -0
cartography/models/keycloak/realm.py +173 -0
cartography/models/keycloak/role.py +126 -0
cartography/models/keycloak/scope.py +73 -0
cartography/models/keycloak/user.py +55 -0
cartography/models/kubernetes/__init__.py +0 -0
cartography/models/kubernetes/clusterrolebindings.py +138 -0
cartography/models/kubernetes/clusterroles.py +52 -0
cartography/models/kubernetes/clusters.py +26 -0
cartography/models/kubernetes/containers.py +133 -0
cartography/models/kubernetes/groups.py +107 -0
cartography/models/kubernetes/namespaces.py +51 -0
cartography/models/kubernetes/oidc.py +51 -0
cartography/models/kubernetes/pods.py +80 -0
cartography/models/kubernetes/rolebindings.py +159 -0
cartography/models/kubernetes/roles.py +76 -0
cartography/models/kubernetes/secrets.py +79 -0
cartography/models/kubernetes/serviceaccounts.py +77 -0
cartography/models/kubernetes/services.py +108 -0
cartography/models/kubernetes/users.py +105 -0
cartography/models/lastpass/user.py +4 -0
cartography/models/ontology/__init__.py +0 -0
cartography/models/ontology/device.py +137 -0
cartography/models/ontology/mapping/__init__.py +76 -0
cartography/models/ontology/mapping/data/__init__.py +0 -0
cartography/models/ontology/mapping/data/apikeys.py +93 -0
cartography/models/ontology/mapping/data/computeinstance.py +95 -0
cartography/models/ontology/mapping/data/containers.py +88 -0
cartography/models/ontology/mapping/data/databases.py +182 -0
cartography/models/ontology/mapping/data/devices.py +194 -0
cartography/models/ontology/mapping/data/thirdpartyapps.py +140 -0
cartography/models/ontology/mapping/data/useraccounts.py +416 -0
cartography/models/ontology/mapping/data/users.py +63 -0
cartography/models/ontology/mapping/specs.py +85 -0
cartography/models/ontology/user.py +51 -0
cartography/models/openai/adminapikey.py +4 -0
cartography/models/openai/apikey.py +4 -0
cartography/models/openai/user.py +4 -0
cartography/models/scaleway/__init__.py +0 -0
cartography/models/scaleway/iam/__init__.py +0 -0
cartography/models/scaleway/iam/apikey.py +100 -0
cartography/models/scaleway/iam/application.py +52 -0
cartography/models/scaleway/iam/group.py +95 -0
cartography/models/scaleway/iam/user.py +64 -0
cartography/models/scaleway/instance/__init__.py +0 -0
cartography/models/scaleway/instance/flexibleip.py +52 -0
cartography/models/scaleway/instance/instance.py +120 -0
cartography/models/scaleway/organization.py +19 -0
cartography/models/scaleway/project.py +48 -0
cartography/models/scaleway/storage/__init__.py +0 -0
cartography/models/scaleway/storage/snapshot.py +78 -0
cartography/models/scaleway/storage/volume.py +51 -0
cartography/models/sentinelone/__init__.py +1 -0
cartography/models/sentinelone/account.py +40 -0
cartography/models/sentinelone/agent.py +50 -0
cartography/models/sentinelone/application.py +44 -0
cartography/models/sentinelone/application_version.py +96 -0
cartography/models/sentinelone/cve.py +73 -0
cartography/models/slack/__init__.py +0 -0
cartography/models/slack/channels.py +92 -0
cartography/models/slack/group.py +129 -0
cartography/models/slack/team.py +22 -0
cartography/models/slack/user.py +62 -0
cartography/models/snipeit/asset.py +2 -0
cartography/models/snipeit/user.py +4 -0
cartography/models/spacelift/__init__.py +0 -0
cartography/models/spacelift/cloudtrailevent.py +120 -0
cartography/models/spacelift/run.py +162 -0
cartography/models/spacelift/space.py +131 -0
cartography/models/spacelift/spaceliftaccount.py +31 -0
cartography/models/spacelift/spaceliftgitcommit.py +157 -0
cartography/models/spacelift/stack.py +96 -0
cartography/models/spacelift/user.py +63 -0
cartography/models/spacelift/worker.py +97 -0
cartography/models/spacelift/workerpool.py +90 -0
cartography/models/tailscale/device.py +2 -1
cartography/models/tailscale/user.py +6 -1
cartography/models/trivy/__init__.py +0 -0
cartography/models/trivy/findings.py +66 -0
cartography/models/trivy/fix.py +66 -0
cartography/models/trivy/package.py +71 -0
cartography/rules/README.md +1 -0
cartography/rules/__init__.py +0 -0
cartography/rules/cli.py +261 -0
cartography/rules/data/__init__.py +0 -0
cartography/rules/data/rules/__init__.py +46 -0
cartography/rules/data/rules/cloud_security_product_deactivated.py +49 -0
cartography/rules/data/rules/compute_instance_exposed.py +51 -0
cartography/rules/data/rules/database_instance_exposed.py +53 -0
cartography/rules/data/rules/delegation_boundary_modifiable.py +90 -0
cartography/rules/data/rules/identity_administration_privileges.py +100 -0
cartography/rules/data/rules/inactive_user_active_accounts.py +48 -0
cartography/rules/data/rules/malicious_npm_dependencies_shai_hulud.py +2222 -0
cartography/rules/data/rules/mfa_missing.py +46 -0
cartography/rules/data/rules/object_storage_public.py +100 -0
cartography/rules/data/rules/policy_administration_privileges.py +104 -0
cartography/rules/data/rules/unmanaged_accounts.py +43 -0
cartography/rules/data/rules/workload_identity_admin_capabilities.py +193 -0
cartography/rules/formatters.py +108 -0
cartography/rules/runners.py +216 -0
cartography/rules/spec/__init__.py +0 -0
cartography/rules/spec/model.py +267 -0
cartography/rules/spec/result.py +38 -0
cartography/sync.py +25 -5
cartography/util.py +101 -31
{cartography-0.104.0rc2.dist-info → cartography-0.123.0.dist-info}/METADATA +61 -22
cartography-0.123.0.dist-info/RECORD +856 -0
{cartography-0.104.0rc2.dist-info → cartography-0.123.0.dist-info}/entry_points.txt +1 -0
cartography/data/jobs/cleanup/aws_dns_cleanup.json +0 -65
cartography/data/jobs/cleanup/aws_import_account_access_key_cleanup.json +0 -17
cartography/data/jobs/cleanup/aws_import_ec2_security_groupinfo_cleanup.json +0 -24
cartography/data/jobs/cleanup/aws_import_groups_cleanup.json +0 -13
cartography/data/jobs/cleanup/aws_import_identity_center_cleanup.json +0 -16
cartography/data/jobs/cleanup/aws_import_lambda_cleanup.json +0 -50
cartography/data/jobs/cleanup/aws_import_principals_cleanup.json +0 -30
cartography/data/jobs/cleanup/aws_import_rds_clusters_cleanup.json +0 -23
cartography/data/jobs/cleanup/aws_import_rds_instances_cleanup.json +0 -47
cartography/data/jobs/cleanup/aws_import_rds_snapshots_cleanup.json +0 -23
cartography/data/jobs/cleanup/aws_import_roles_cleanup.json +0 -13
cartography/data/jobs/cleanup/aws_import_secrets_cleanup.json +0 -8
cartography/data/jobs/cleanup/aws_import_snapshots_cleanup.json +0 -30
cartography/data/jobs/cleanup/aws_import_users_cleanup.json +0 -8
cartography/data/jobs/cleanup/aws_import_vpc_cleanup.json +0 -23
cartography/data/jobs/cleanup/aws_import_vpc_peering_cleanup.json +0 -45
cartography/data/jobs/cleanup/aws_kms_details.json +0 -10
cartography/data/jobs/cleanup/azure_cosmosdb_cassandra_keyspace_cleanup.json +0 -25
cartography/data/jobs/cleanup/azure_cosmosdb_cors_details.json +0 -15
cartography/data/jobs/cleanup/azure_cosmosdb_mongodb_database_cleanup.json +0 -25
cartography/data/jobs/cleanup/azure_cosmosdb_sql_database_cleanup.json +0 -25
cartography/data/jobs/cleanup/azure_cosmosdb_table_resources_cleanup.json +0 -15
cartography/data/jobs/cleanup/azure_database_account_cleanup.json +0 -85
cartography/data/jobs/cleanup/azure_import_disks_cleanup.json +0 -15
cartography/data/jobs/cleanup/azure_import_snapshots_cleanup.json +0 -15
cartography/data/jobs/cleanup/azure_import_virtual_machines_cleanup.json +0 -25
cartography/data/jobs/cleanup/azure_sql_server_cleanup.json +0 -125
cartography/data/jobs/cleanup/azure_storage_account_cleanup.json +0 -95
cartography/data/jobs/cleanup/azure_subscriptions_cleanup.json +0 -14
cartography/data/jobs/cleanup/azure_tenant_cleanup.json +0 -9
cartography/data/jobs/cleanup/gcp_compute_vpc_subnet_cleanup.json +0 -35
cartography/data/jobs/cleanup/gcp_crm_folder_cleanup.json +0 -23
cartography/data/jobs/cleanup/gcp_crm_organization_cleanup.json +0 -17
cartography/data/jobs/cleanup/gcp_crm_project_cleanup.json +0 -23
cartography/data/jobs/cleanup/gcp_dns_cleanup.json +0 -29
cartography/data/jobs/cleanup/gcp_gke_cluster_cleanup.json +0 -17
cartography/data/jobs/cleanup/gcp_storage_bucket_cleanup.json +0 -29
cartography/data/jobs/cleanup/gsuite_ingest_groups_cleanup.json +0 -23
cartography/data/jobs/cleanup/gsuite_ingest_users_cleanup.json +0 -11
cartography/data/jobs/cleanup/kubernetes_import_cleanup.json +0 -70
cartography/intel/gcp/crm.py +0 -355
cartography/intel/gsuite/api.py +0 -342
cartography-0.104.0rc2.dist-info/RECORD +0 -455
/cartography/data/jobs/{analysis → scoped_analysis}/aws_s3acl_analysis.json +0 -0
/cartography/models/aws/{apigateway.py → apigateway/apigateway.py} +0 -0
/cartography/models/aws/{apigatewaycertificate.py → apigateway/apigatewaycertificate.py} +0 -0
/cartography/models/aws/{apigatewayresource.py → apigateway/apigatewayresource.py} +0 -0
/cartography/models/aws/{apigatewaystage.py → apigateway/apigatewaystage.py} +0 -0
{cartography-0.104.0rc2.dist-info → cartography-0.123.0.dist-info}/WHEEL +0 -0
{cartography-0.104.0rc2.dist-info → cartography-0.123.0.dist-info}/licenses/LICENSE +0 -0
{cartography-0.104.0rc2.dist-info → cartography-0.123.0.dist-info}/top_level.txt +0 -0

cartography/util.py CHANGED Viewed

@@ -5,6 +5,7 @@ from functools import partial
 from functools import wraps
 from importlib.resources import open_binary
 from importlib.resources import read_text
+from itertools import islice
 from string import Template
 from typing import Any
 from typing import Awaitable
@@ -24,6 +25,8 @@ import backoff
 import boto3
 import botocore
 import neo4j
+from botocore.exceptions import EndpointConnectionError
+from botocore.parsers import ResponseParserError
 from cartography.graph.job import GraphJob
 from cartography.graph.statement import get_job_shortname
@@ -33,10 +36,27 @@ from cartography.stats import ScopedStatsClient
 logger = logging.getLogger(__name__)
+def is_service_control_policy_explicit_deny(
+    error: botocore.exceptions.ClientError,
+) -> bool:
+    """Return True if the ClientError was caused by an explicit service control policy deny."""
+    error_code = error.response.get("Error", {}).get("Code")
+    if error_code not in {"AccessDenied", "AccessDeniedException"}:
+        return False
+    message = error.response.get("Error", {}).get("Message")
+    if not message:
+        return False
+    lowered = message.lower()
+    return "explicit deny" in lowered and "service control policy" in lowered
 STATUS_SUCCESS = 0
 STATUS_FAILURE = 1
 STATUS_KEYBOARD_INTERRUPT = 130
 DEFAULT_BATCH_SIZE = 1000
+DEFAULT_MAX_PAGES = 10000
 def run_analysis_job(
@@ -150,6 +170,9 @@ def merge_module_sync_metadata(
     :param synced_type: The sub-module's type
     :param update_tag: Timestamp used to determine data freshness
     """
+    # Import here to avoid circular import with cartography.client.core.tx
+    from cartography.client.core.tx import run_write_query
     template = Template(
         """
         MERGE (n:ModuleSyncMetadata{id:'${group_type}_${group_id}_${synced_type}'})
@@ -161,7 +184,8 @@ def merge_module_sync_metadata(
             n.lastupdated=$UPDATE_TAG
     """,
     )
-    neo4j_session.run(
+    run_write_query(
+        neo4j_session,
         template.safe_substitute(
             group_type=group_type,
             group_id=group_id,
@@ -208,26 +232,28 @@ def aws_paginate(
     client: boto3.client,
     method_name: str,
     object_name: str,
+    max_pages: int | None = DEFAULT_MAX_PAGES,
     **kwargs: Any,
-) -> List[Dict]:
+) -> Iterable[Dict]:
     """
     Helper method for boilerplate boto3 pagination
     The **kwargs will be forwarded to the paginator
     """
     paginator = client.get_paginator(method_name)
-    items = []
-    i = 0
     for i, page in enumerate(paginator.paginate(**kwargs), start=1):
         if i % 100 == 0:
             logger.info(f"fetching page number {i}")
         if object_name in page:
-            items.extend(page[object_name])
+            items = page[object_name]
+            yield from items
         else:
             logger.warning(
                 f"""aws_paginate: Key "{object_name}" is not present, check if this is a typo.
 If not, then the AWS datatype somehow does not have this key.""",
             )
-    return items
+        if max_pages is not None and i >= max_pages:
+            logger.warning(f"Reached max batch size of {max_pages} pages")
+            break
 AWSGetFunc = TypeVar("AWSGetFunc", bound=Callable[..., Iterable])
@@ -241,15 +267,46 @@ AWSGetFunc = TypeVar("AWSGetFunc", bound=Callable[..., Iterable])
 def backoff_handler(details: Dict) -> None:
     """
-    Handler that will be executed on exception by backoff mechanism
+    Handler that will be executed on exception by backoff mechanism.
+    The backoff library may provide partial details (e.g. ``wait`` can be ``None`` when a
+    retry is triggered immediately). Format the message defensively so logging never raises.
     """
+    wait = details.get("wait")
+    if isinstance(wait, (int, float)):
+        wait_display = f"{wait:0.1f}"
+    elif wait is None:
+        wait_display = "unknown"
+    else:
+        wait_display = str(wait)
+    tries = details.get("tries")
+    tries_display = str(tries) if tries is not None else "unknown"
+    target = details.get("target", "<unknown>")
     logger.warning(
-        "Backing off {wait:0.1f} seconds after {tries} tries. Calling function {target}".format(
-            **details,
-        ),
+        "Backing off %s seconds after %s tries. Calling function %s",
+        wait_display,
+        tries_display,
+        target,
     )
+# Error codes that indicate a service is unavailable in a region or blocked by policies
+AWS_REGION_ACCESS_DENIED_ERROR_CODES = [
+    "AccessDenied",
+    "AccessDeniedException",
+    "AuthFailure",
+    "AuthorizationError",
+    "AuthorizationErrorException",
+    "InvalidClientTokenId",
+    "UnauthorizedOperation",
+    "UnrecognizedClientException",
+    "InternalServerErrorException",
+]
 # TODO Move this to cartography.intel.aws.util.common
 def aws_handle_regions(func: AWSGetFunc) -> AWSGetFunc:
     """
@@ -261,15 +318,6 @@ def aws_handle_regions(func: AWSGetFunc) -> AWSGetFunc:
     This should be used on `get_` functions that normally return a list of items.
     """
-    ERROR_CODES = [
-        "AccessDenied",
-        "AccessDeniedException",
-        "AuthFailure",
-        "InvalidClientTokenId",
-        "UnauthorizedOperation",
-        "UnrecognizedClientException",
-        "InternalServerErrorException",
-    ]
     @wraps(func)
     # fix for AWS TooManyRequestsException
@@ -279,7 +327,7 @@ def aws_handle_regions(func: AWSGetFunc) -> AWSGetFunc:
     # https://github.com/cartography-cncf/cartography/issues/25
     @backoff.on_exception(
         backoff.expo,
-        botocore.exceptions.ClientError,
+        (botocore.exceptions.ClientError, ResponseParserError),
         max_time=600,
         on_backoff=backoff_handler,
     )
@@ -287,17 +335,38 @@ def aws_handle_regions(func: AWSGetFunc) -> AWSGetFunc:
         try:
             return func(*args, **kwargs)
         except botocore.exceptions.ClientError as e:
+            error_code = e.response.get("Error", {}).get("Code")
+            if error_code == "InvalidToken":
+                raise RuntimeError(
+                    "AWS returned an InvalidToken error. Configure regional STS endpoints by "
+                    "setting environment variable AWS_STS_REGIONAL_ENDPOINTS=regional or adding "
+                    "'sts_regional_endpoints = regional' to your AWS config file."
+                ) from e
             # The account is not authorized to use this service in this region
             # so we can continue without raising an exception
-            if e.response["Error"]["Code"] in ERROR_CODES:
-                logger.warning(
-                    "{} in this region. Skipping...".format(
-                        e.response["Error"]["Message"],
-                    ),
-                )
+            if error_code in AWS_REGION_ACCESS_DENIED_ERROR_CODES:
+                error_message = e.response.get("Error", {}).get("Message")
+                if is_service_control_policy_explicit_deny(e):
+                    logger.warning(
+                        "Service control policy denied access while calling %s: %s",
+                        func.__name__,
+                        error_message,
+                    )
+                else:
+                    logger.warning(
+                        "{} in this region. Skipping...".format(
+                            error_message,
+                        ),
+                    )
                 return []
             else:
                 raise
+        except EndpointConnectionError:
+            logger.warning(
+                "Encountered an EndpointConnectionError. This means that the AWS "
+                "resource is not available in this region. Skipping.",
+            )
+            return []
     return cast(AWSGetFunc, inner_function)
@@ -353,17 +422,18 @@ def camel_to_snake(name: str) -> str:
     return re.sub(r"(?<!^)(?=[A-Z])", "_", name).lower()
-def batch(items: Iterable, size: int = DEFAULT_BATCH_SIZE) -> List[List]:
+def batch(items: Iterable, size: int = DEFAULT_BATCH_SIZE) -> Iterable[List[Any]]:
     """
-    Takes an Iterable of items and returns a list of lists of the same items,
+    Takes an Iterable of items and returns a Generator of lists of the same items,
      batched into chunks of the provided `size`.
     Use:
     x = [1,2,3,4,5,6,7,8]
-    batch(x, size=3) -> [[1, 2, 3], [4, 5, 6], [7, 8]]
+    batch(x, size=3) -> Iterator yielding [1, 2, 3], [4, 5, 6], [7, 8]
     """
-    items = list(items)
-    return [items[i : i + size] for i in range(0, len(items), size)]
+    it = iter(items)
+    while chunk := list(islice(it, size)):
+        yield chunk
 def is_throttling_exception(exc: Exception) -> bool:

{cartography-0.104.0rc2.dist-info → cartography-0.123.0.dist-info}/METADATA RENAMED Viewed

@@ -1,9 +1,9 @@
 Metadata-Version: 2.4
 Name: cartography
-Version: 0.104.0rc2
+Version: 0.123.0
 Summary: Explore assets and their relationships across your technical infrastructure.
 Maintainer: Cartography Contributors
-License: apache2
+License-Expression: Apache-2.0
 Project-URL: Homepage, https://cartography-cncf.github.io/cartography
 Project-URL: Documentation, https://cartography-cncf.github.io/cartography
 Project-URL: Repository, https://github.com/cartography-cncf/cartography
@@ -11,7 +11,6 @@ Project-URL: Issues, https://github.com/cartography-cncf/cartography/issues
 Project-URL: Changelog, https://github.com/cartography-cncf/cartography/releases
 Classifier: Development Status :: 4 - Beta
 Classifier: Intended Audience :: Developers
-Classifier: License :: OSI Approved :: Apache Software License
 Classifier: Natural Language :: English
 Classifier: Programming Language :: Python
 Classifier: Programming Language :: Python :: 3
@@ -24,9 +23,11 @@ Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: backoff>=2.1.2
 Requires-Dist: boto3>=1.15.1
+Requires-Dist: aioboto3>=13.0.0
+Requires-Dist: httpx>=0.24.0
 Requires-Dist: botocore>=1.18.1
 Requires-Dist: dnspython>=1.15.0
-Requires-Dist: neo4j>=4.4.4
+Requires-Dist: neo4j<6.0.0,>=5.28.2
 Requires-Dist: policyuniverse>=1.1.0.0
 Requires-Dist: google-api-python-client>=1.7.8
 Requires-Dist: google-auth>=2.37.0
@@ -41,11 +42,21 @@ Requires-Dist: python-digitalocean>=1.16.0
 Requires-Dist: adal>=1.2.4
 Requires-Dist: azure-cli-core>=2.26.0
 Requires-Dist: azure-mgmt-compute>=5.0.0
+Requires-Dist: azure-mgmt-containerinstance>=10.0.0
 Requires-Dist: azure-mgmt-resource>=10.2.0
 Requires-Dist: azure-mgmt-cosmosdb>=6.0.0
+Requires-Dist: azure-mgmt-web>=7.0.0
+Requires-Dist: azure-mgmt-eventgrid>=10.0.0
+Requires-Dist: azure-mgmt-logic>=10.0.0
+Requires-Dist: azure-mgmt-datafactory>=8.0.0
+Requires-Dist: azure-mgmt-containerservice>=30.0.0
+Requires-Dist: azure-mgmt-network>=25.0.0
+Requires-Dist: azure-mgmt-security>=5.0.0
+Requires-Dist: azure-mgmt-monitor>=3.0.0
 Requires-Dist: msrestazure>=0.6.4
 Requires-Dist: azure-mgmt-storage>=16.0.0
 Requires-Dist: azure-mgmt-sql<=1.0.0
+Requires-Dist: azure-mgmt-authorization>=0.60.0
 Requires-Dist: azure-identity>=1.5.0
 Requires-Dist: msgraph-sdk
 Requires-Dist: kubernetes>=22.6.0
@@ -55,6 +66,12 @@ Requires-Dist: python-dateutil
 Requires-Dist: xmltodict
 Requires-Dist: duo-client
 Requires-Dist: cloudflare<5.0.0,>=4.1.0
+Requires-Dist: scaleway>=2.10.0
+Requires-Dist: google-cloud-resource-manager>=1.14.2
+Requires-Dist: google-cloud-asset>=1.0.0
+Requires-Dist: types-aiobotocore-ecr
+Requires-Dist: typer>=0.9.0
+Requires-Dist: slack-sdk>=3.37.0
 Dynamic: license-file
 ![Cartography](docs/root/images/logo-horizontal.png)
@@ -80,28 +97,35 @@ You can learn more about the story behind Cartography in our [presentation at BS
 ## Supported platforms
-- [Amazon Web Services](https://cartography-cncf.github.io/cartography/modules/aws/index.html) - API Gateway, CloudWatch, Config, EC2, ECS, ECR, Elasticsearch, Elastic Kubernetes Service (EKS), DynamoDB, IAM, Inspector, KMS, Lambda, RDS, Redshift, Route53, S3, Secrets Manager(Secret Versions), Security Hub, SQS, SSM, STS, Tags
-- [Google Cloud Platform](https://cartography-cncf.github.io/cartography/modules/gcp/index.html) - Cloud Resource Manager, Compute, DNS, Storage, Google Kubernetes Engine
-- [Google GSuite](https://cartography-cncf.github.io/cartography/modules/gsuite/index.html) - users, groups
-- [Oracle Cloud Infrastructure](https://cartography-cncf.github.io/cartography/modules/oci/index.html) - IAM
-- [Okta](https://cartography-cncf.github.io/cartography/modules/okta/index.html) - users, groups, organizations, roles, applications, factors, trusted origins, reply URIs
-- [GitHub](https://cartography-cncf.github.io/cartography/modules/github/index.html) - repos, branches, users, teams
-- [DigitalOcean](https://cartography-cncf.github.io/cartography/modules/digitalocean/index.html)
-- [Microsoft Azure](https://cartography-cncf.github.io/cartography/modules/azure/index.html) -  CosmosDB, SQL, Storage, Virtual Machine
-- [Microsoft Entra ID](https://cartography-cncf.github.io/cartography/modules/entra/index.html) -  Users
-- [Kubernetes](https://cartography-cncf.github.io/cartography/modules/kubernetes/index.html) - Cluster, Namespace, Service, Pod, Container
-- [PagerDuty](https://cartography-cncf.github.io/cartography/modules/pagerduty/index.html) - Users, teams, services, schedules, escalation policies, integrations, vendors
-- [Crowdstrike Falcon](https://cartography-cncf.github.io/cartography/modules/crowdstrike/index.html) - Hosts, Spotlight vulnerabilities, CVEs
-- [NIST CVE](https://cartography-cncf.github.io/cartography/modules/cve/index.html) - Common Vulnerabilities and Exposures (CVE) data from NIST database
-- [Lastpass](https://cartography-cncf.github.io/cartography/modules/lastpass/index.html) - users
+- [Airbyte](https://cartography-cncf.github.io/cartography/modules/airbyte/index.html) - Organization, Workspace, User, Source, Destination, Connection, Tag, Stream
+- [Amazon Web Services](https://cartography-cncf.github.io/cartography/modules/aws/index.html) - ACM, API Gateway, CloudWatch, CodeBuild, Config, Cognito, EC2, ECS, ECR (including multi-arch images, image layers, and attestations), EFS, Elasticsearch, Elastic Kubernetes Service (EKS), DynamoDB, Glue,  GuardDuty, IAM, Inspector, KMS, Lambda, RDS, Redshift, Route53, S3, Secrets Manager(Secret Versions), Security Hub, SNS, SQS, SSM, STS, Tags
+- [Anthropic](https://cartography-cncf.github.io/cartography/modules/anthropic/index.html) - Organization, ApiKey, User, Workspace
 - [BigFix](https://cartography-cncf.github.io/cartography/modules/bigfix/index.html) - Computers
+- [Cloudflare](https://cartography-cncf.github.io/cartography/modules/cloudflare/index.html) - Account, Role, Member, Zone, DNSRecord
+- [Crowdstrike Falcon](https://cartography-cncf.github.io/cartography/modules/crowdstrike/index.html) - Hosts, Spotlight vulnerabilities, CVEs
+- [DigitalOcean](https://cartography-cncf.github.io/cartography/modules/digitalocean/index.html)
 - [Duo](https://cartography-cncf.github.io/cartography/modules/duo/index.html) - Users, Groups, Endpoints
+- [GitHub](https://cartography-cncf.github.io/cartography/modules/github/index.html) - repos, branches, users, teams, dependency graph manifests, dependencies
+- [Google Cloud Platform](https://cartography-cncf.github.io/cartography/modules/gcp/index.html) - Bigtable, Cloud Resource Manager, Compute, DNS, Storage, Google Kubernetes Engine
+- [Google GSuite](https://cartography-cncf.github.io/cartography/modules/gsuite/index.html) - users, groups (deprecated - use Google Workspace instead)
+- [Google Workspace](https://cartography-cncf.github.io/cartography/modules/googleworkspace/index.html) - users, groups, devices, OAuth apps
 - [Kandji](https://cartography-cncf.github.io/cartography/modules/kandji/index.html) - Devices
+- [Keycloak](https://cartography-cncf.github.io/cartography/modules/keycloak/index.html) - Realms, Users, Groups, Roles, Scopes, Clients, IdentityProviders, Authentication Flows, Authentication Executions, Organizations, Organization Domains
+- [Kubernetes](https://cartography-cncf.github.io/cartography/modules/kubernetes/index.html) - Cluster, Namespace, Service, Pod, Container, ServiceAccount, Role, RoleBinding, ClusterRole, ClusterRoleBinding, OIDCProvider
+- [Lastpass](https://cartography-cncf.github.io/cartography/modules/lastpass/index.html) - users
+- [Microsoft Azure](https://cartography-cncf.github.io/cartography/modules/azure/index.html) - App Service, Container Instance, CosmosDB, Data Factory, Event Grid, Functions, Azure Kubernetes Service (AKS), Load Balancer, Logic Apps, Resource Group, SQL, Storage, Virtual Machine, Virtual Networks
+- [Microsoft Entra ID](https://cartography-cncf.github.io/cartography/modules/entra/index.html) -  Users, Groups, Applications, OUs, App Roles, federation to AWS Identity Center
+- [NIST CVE](https://cartography-cncf.github.io/cartography/modules/cve/index.html) - Common Vulnerabilities and Exposures (CVE) data from NIST database
+- [Okta](https://cartography-cncf.github.io/cartography/modules/okta/index.html) - users, groups, organizations, roles, applications, factors, trusted origins, reply URIs, federation to AWS roles, federation to AWS Identity Center
+- [OpenAI](https://cartography-cncf.github.io/cartography/modules/openai/index.html) - Organization, AdminApiKey, User, Project, ServiceAccount, ApiKey
+- [Oracle Cloud Infrastructure](https://cartography-cncf.github.io/cartography/modules/oci/index.html) - IAM
+- [PagerDuty](https://cartography-cncf.github.io/cartography/modules/pagerduty/index.html) - Users, teams, services, schedules, escalation policies, integrations, vendors
+- [Scaleway](https://cartography-cncf.github.io/cartography/modules/scaleway/index.html) - Projects, IAM, Local Storage, Instances
+- [SentinelOne](https://cartography-cncf.github.io/cartography/modules/sentinelone/index.html) - Accounts, Agents, Applications, Application Versions, CVEs
+- [Slack](https://cartography-cncf.github.io/cartography/modules/slack/index.html) - Teams, Users, UserGroups, Channels
 - [SnipeIT](https://cartography-cncf.github.io/cartography/modules/snipeit/index.html) - Users, Assets
 - [Tailscale](https://cartography-cncf.github.io/cartography/modules/tailscale/index.html) - Tailnet, Users, Devices, Groups, Tags, PostureIntegrations
-- [Cloudflare](https://cartography-cncf.github.io/cartography/modules/cloudflare/index.html) - Account, Role, Member, Zone, DNSRecord
-- [OpenAI](https://cartography-cncf.github.io/cartography/modules/openai/index.html) - Organization, AdminApiKey, User, Project, ServiceAccount, ApiKey
-- [Anthropic](https://cartography-cncf.github.io/cartography/modules/anthropic/index.html) - Organization, ApiKey, User, Workspace
+- [Trivy Scanner](https://cartography-cncf.github.io/cartography/modules/trivy/index.html) - AWS ECR Images
 ## Philosophy
@@ -137,6 +161,17 @@ When you are ready to try it in production, read [here](https://cartography-cncf
 ## Usage
+### Running rules
+You can check your environment against common security frameworks using the `cartography-rules` command.
+```bash
+cartography-rules run all
+```
+See [the rules docs](https://cartography-cncf.github.io/cartography/usage/rules.html) for more detail.
 ### Querying the database directly
 ![poweruser.png](docs/root/images/poweruser.png)
@@ -147,6 +182,10 @@ Now that data is in the graph, you can quickly start with our [querying tutorial
 Directly querying Neo4j is already very useful as a sort of "swiss army knife" for security data problems, but you can also build applications and data pipelines around Cartography. View this doc on [applications](https://cartography-cncf.github.io/cartography/usage/applications.html).
+## Docs
+See [here](https://cartography-cncf.github.io/cartography/)
 ## Community
 - Hang out with us on Slack: Join the CNCF Slack workspace [here](https://communityinviter.com/apps/cloud-native/cncf), and then join the `#cartography` channel.
@@ -162,7 +201,7 @@ This project is licensed under the [Apache 2.0 License](LICENSE).
 Thank you for considering contributing to Cartography!
 ### Code of conduct
-All contributors and participants of this project must follow the  [CNCF code of conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).
+All contributors and participants of this project must follow the [CNCF code of conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).
 ### Bug reports and feature requests and discussions
 Submit a GitHub issue to report a bug or request a new feature. If we decide that the issue needs more discussion - usually because the scope is too large or we need to make careful decision - we will convert the issue to a [GitHub Discussion](https://github.com/cartography-cncf/cartography/discussions).

cartography 0.104.0rc2__py3-none-any.whl → 0.123.0__py3-none-any.whl

cartography 0.104.0rc2py3-none-any.whl → 0.123.0py3-none-any.whl