cartography 0.104.0rc3__py3-none-any.whl → 0.106.0__py3-none-any.whl

cartography/models/aws/efs/file_system.py

@@ -0,0 +1,60 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class EfsFileSystemNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("FileSystemId")
+    arn: PropertyRef = PropertyRef("FileSystemArn", extra_index=True)
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    owner_id: PropertyRef = PropertyRef("OwnerId")
+    creation_token: PropertyRef = PropertyRef("CreationToken")
+    creation_time: PropertyRef = PropertyRef("CreationTime")
+    lifecycle_state: PropertyRef = PropertyRef("LifeCycleState")
+    name: PropertyRef = PropertyRef("Name")
+    number_of_mount_targets: PropertyRef = PropertyRef("NumberOfMountTargets")
+    size_in_bytes_value: PropertyRef = PropertyRef("SizeInBytesValue")
+    size_in_bytes_timestamp: PropertyRef = PropertyRef("SizeInBytesTimestamp")
+    performance_mode: PropertyRef = PropertyRef("PerformanceMode")
+    encrypted: PropertyRef = PropertyRef("Encrypted")
+    kms_key_id: PropertyRef = PropertyRef("KmsKeyId")
+    throughput_mode: PropertyRef = PropertyRef("ThroughputMode")
+    availability_zone_name: PropertyRef = PropertyRef("AvailabilityZoneName")
+    availability_zone_id: PropertyRef = PropertyRef("AvailabilityZoneId")
+    file_system_protection: PropertyRef = PropertyRef("FileSystemProtection")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EfsFileSystemToAwsAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EfsFileSystemToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: EfsFileSystemToAwsAccountRelProperties = (
+        EfsFileSystemToAwsAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class EfsFileSystemSchema(CartographyNodeSchema):
+    label: str = "EfsFileSystem"
+    properties: EfsFileSystemNodeProperties = EfsFileSystemNodeProperties()
+    sub_resource_relationship: EfsFileSystemToAWSAccountRel = (
+        EfsFileSystemToAWSAccountRel()
+    )

cartography/models/aws/efs/mount_target.py

@@ -7,6 +7,7 @@ from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
 from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
 from cartography.models.core.relationships import TargetNodeMatcher
 
 
@@ -14,6 +15,7 @@ from cartography.models.core.relationships import TargetNodeMatcher
 class EfsMountTargetNodeProperties(CartographyNodeProperties):
     id: PropertyRef = PropertyRef("MountTargetId")
     arn: PropertyRef = PropertyRef("MountTargetId", extra_index=True)
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
     fileSystem_id: PropertyRef = PropertyRef("FileSystemId")
     lifecycle_state: PropertyRef = PropertyRef("LifeCycleState")
     mount_target_id: PropertyRef = PropertyRef("MountTargetId")
@@ -33,7 +35,7 @@ class EfsMountTargetToAwsAccountRelProperties(CartographyRelProperties):
 
 
 @dataclass(frozen=True)
-class EfsToAWSAccountRel(CartographyRelSchema):
+class EfsMountTargetToAWSAccountRel(CartographyRelSchema):
     target_node_label: str = "AWSAccount"
     target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
         {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
@@ -45,8 +47,33 @@ class EfsToAWSAccountRel(CartographyRelSchema):
     )
 
 
+@dataclass(frozen=True)
+class EfsMountTargetToEfsFileSystemRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EfsMountTargetToEfsFileSystemRel(CartographyRelSchema):
+    target_node_label: str = "EfsFileSystem"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("FileSystemId")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ATTACHED_TO"
+    properties: EfsMountTargetToEfsFileSystemRelProperties = (
+        EfsMountTargetToEfsFileSystemRelProperties()
+    )
+
+
 @dataclass(frozen=True)
 class EfsMountTargetSchema(CartographyNodeSchema):
     label: str = "EfsMountTarget"
     properties: EfsMountTargetNodeProperties = EfsMountTargetNodeProperties()
-    sub_resource_relationship: EfsToAWSAccountRel = EfsToAWSAccountRel()
+    sub_resource_relationship: EfsMountTargetToAWSAccountRel = (
+        EfsMountTargetToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            EfsMountTargetToEfsFileSystemRel(),
+        ]
+    )

cartography/models/aws/s3/notification.py

@@ -0,0 +1,24 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class S3BucketToSNSTopicRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class S3BucketToSNSTopicRel(CartographyRelSchema):
+    target_node_label: str = "SNSTopic"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"arn": PropertyRef("TopicArn")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "NOTIFIES"
+    properties: S3BucketToSNSTopicRelProperties = S3BucketToSNSTopicRelProperties()

cartography/models/aws/secretsmanager/secret_version.py

@@ -91,8 +91,6 @@ class SecretsManagerSecretVersionToKMSKeyRel(CartographyRelSchema):
     properties: SecretsManagerSecretVersionRelProperties = (
         SecretsManagerSecretVersionRelProperties()
     )
-    # Only create this relationship if KmsKeyId exists
-    conditional_match_property: str = "KmsKeyId"
 
 
 @dataclass(frozen=True)

cartography/models/aws/sqs/queue.py

@@ -0,0 +1,89 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class SQSQueueNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("QueueArn")
+    arn: PropertyRef = PropertyRef("QueueArn", extra_index=True)
+    name: PropertyRef = PropertyRef("name")
+    url: PropertyRef = PropertyRef("url")
+    created_timestamp: PropertyRef = PropertyRef("CreatedTimestamp")
+    delay_seconds: PropertyRef = PropertyRef("DelaySeconds")
+    last_modified_timestamp: PropertyRef = PropertyRef("LastModifiedTimestamp")
+    maximum_message_size: PropertyRef = PropertyRef("MaximumMessageSize")
+    message_retention_period: PropertyRef = PropertyRef("MessageRetentionPeriod")
+    policy: PropertyRef = PropertyRef("Policy")
+    receive_message_wait_time_seconds: PropertyRef = PropertyRef(
+        "ReceiveMessageWaitTimeSeconds"
+    )
+    redrive_policy_dead_letter_target_arn: PropertyRef = PropertyRef(
+        "redrive_policy_dead_letter_target_arn"
+    )
+    redrive_policy_max_receive_count: PropertyRef = PropertyRef(
+        "redrive_policy_max_receive_count"
+    )
+    visibility_timeout: PropertyRef = PropertyRef("VisibilityTimeout")
+    kms_master_key_id: PropertyRef = PropertyRef("KmsMasterKeyId")
+    kms_data_key_reuse_period_seconds: PropertyRef = PropertyRef(
+        "KmsDataKeyReusePeriodSeconds"
+    )
+    fifo_queue: PropertyRef = PropertyRef("FifoQueue")
+    content_based_deduplication: PropertyRef = PropertyRef("ContentBasedDeduplication")
+    deduplication_scope: PropertyRef = PropertyRef("DeduplicationScope")
+    fifo_throughput_limit: PropertyRef = PropertyRef("FifoThroughputLimit")
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class SQSQueueToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class SQSQueueToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: SQSQueueToAWSAccountRelProperties = SQSQueueToAWSAccountRelProperties()
+
+
+@dataclass(frozen=True)
+class SQSQueueToDeadLetterQueueRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class SQSQueueToDeadLetterQueueRel(CartographyRelSchema):
+    target_node_label: str = "SQSQueue"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("redrive_policy_dead_letter_target_arn")}
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "HAS_DEADLETTER_QUEUE"
+    properties: SQSQueueToDeadLetterQueueRelProperties = (
+        SQSQueueToDeadLetterQueueRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class SQSQueueSchema(CartographyNodeSchema):
+    label: str = "SQSQueue"
+    properties: SQSQueueNodeProperties = SQSQueueNodeProperties()
+    sub_resource_relationship: SQSQueueToAWSAccountRel = SQSQueueToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [SQSQueueToDeadLetterQueueRel()]
+    )

cartography/models/core/common.py

@@ -63,6 +63,7 @@ class PropertyRef:
             ```
             This means that as we create AWSInstanceProfile nodes, we will search for AWSRoles to attach to, and we do
             this by checking if each role's `arn` field is in the `Roles` list of the data dict.
+        Note that one_to_many has no effect on matchlinks.
         """
         self.name = name
         self.set_in_kwargs = set_in_kwargs

cartography/models/core/nodes.py

@@ -91,7 +91,7 @@ class CartographyNodeSchema(abc.ABC):
         """
         Optional.
         Allows subclasses to specify additional cartography relationships on the node.
-        :return: None if not overriden. Else return the node's OtherRelationships.
+        :return: None if not overridden. Else return the node's OtherRelationships.
         """
         return None
 
@@ -100,6 +100,19 @@ class CartographyNodeSchema(abc.ABC):
         """
         Optional.
         Allows specifying extra labels on the node.
-        :return: None if not overriden. Else return the ExtraNodeLabels specified on the node.
+        :return: None if not overridden. Else return the ExtraNodeLabels specified on the node.
         """
         return None
+
+    @property
+    def scoped_cleanup(self) -> bool:
+        """
+        Optional.
+        Allows specifying whether cleanups of this node must be scoped to the sub resource relationship.
+        If True (default), when we clean up nodes of this type, we will only delete stale nodes in the current sub
+        resource. This is how our AWS sync behaves.
+        If False, when we clean up node of this type, we will delete all stale nodes. This is designed for resource
+        types that don't have a "tenant"-like entity.
+        :return: True if not overridden. Else return the boolean value specified on the node.
+        """
+        return True

cartography/models/core/relationships.py

@@ -42,6 +42,11 @@ class CartographyRelProperties(abc.ABC):
     Abstract class that represents the properties on a CartographyRelSchema. This is intended to enforce that all
     subclasses will have a lastupdated field defined on their resulting relationships. These fields are assigned to the
     relationship in the `SET` clause.
+
+    If the CartographyRelSchema is used as a MatchLink, the following properties are required to be defined here:
+    - lastupdated: A PropertyRef to the update tag of the relationship.
+    - _sub_resource_label: A PropertyRef to the label of the sub-resource that the relationship is associated with.
+    - _sub_resource_id: A PropertyRef to the id of the sub-resource that the relationship is associated with.
     """
 
     lastupdated: PropertyRef = field(init=False)
@@ -90,6 +95,29 @@ def make_target_node_matcher(key_ref_dict: Dict[str, PropertyRef]) -> TargetNode
     return make_dataclass(TargetNodeMatcher.__name__, fields, frozen=True)()
 
 
+@dataclass(frozen=True)
+class SourceNodeMatcher:
+    """
+    Same as TargetNodeMatcher, but for the source node; see `make_source_node_matcher()`.
+    This object is used only for load_matchlinks() where we match on and connect existing nodes.
+    This has no effect on CartographyRelSchema objects that are included in CartographyNodeSchema.
+    """
+
+    pass
+
+
+def make_source_node_matcher(key_ref_dict: Dict[str, PropertyRef]) -> SourceNodeMatcher:
+    """
+    :param key_ref_dict: A Dict mapping keys present on the node to PropertyRef objects.
+    :return: A SourceNodeMatcher used for CartographyRelSchema to match with other nodes.
+    """
+    fields = [
+        (key, PropertyRef, field(default=prop_ref))
+        for key, prop_ref in key_ref_dict.items()
+    ]
+    return make_dataclass(SourceNodeMatcher.__name__, fields, frozen=True)()
+
+
 @dataclass(frozen=True)
 class CartographyRelSchema(abc.ABC):
     """
@@ -139,6 +167,22 @@ class CartographyRelSchema(abc.ABC):
         """
         pass
 
+    @property
+    def source_node_label(self) -> str | None:
+        """
+        :return: Optional. Only used for load_matchlinks(). The source node label to use for the relationship.
+        This does not affect CartographyRelSchema that are included in CartographyNodeSchema objects.
+        """
+        return None
+
+    @property
+    def source_node_matcher(self) -> SourceNodeMatcher | None:
+        """
+        :return: Optional. Only used for load_matchlinks(). A SourceNodeMatcher object used to find what node(s) to attach the relationship to.
+        This does not affect CartographyRelSchema that are included in CartographyNodeSchema objects.
+        """
+        return None
+
 
 @dataclass(frozen=True)
 class OtherRelationships:

cartography/models/entra/app_role_assignment.py

@@ -0,0 +1,115 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    app_role_id: PropertyRef = PropertyRef("app_role_id")
+    created_date_time: PropertyRef = PropertyRef("created_date_time")
+    principal_id: PropertyRef = PropertyRef("principal_id")
+    principal_display_name: PropertyRef = PropertyRef("principal_display_name")
+    principal_type: PropertyRef = PropertyRef("principal_type")
+    resource_display_name: PropertyRef = PropertyRef("resource_display_name")
+    resource_id: PropertyRef = PropertyRef("resource_id")
+    application_app_id: PropertyRef = PropertyRef("application_app_id")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToTenantRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToTenantRel(CartographyRelSchema):
+    target_node_label: str = "EntraTenant"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("TENANT_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: EntraAppRoleAssignmentToTenantRelProperties = (
+        EntraAppRoleAssignmentToTenantRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToApplicationRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToApplicationRel(CartographyRelSchema):
+    target_node_label: str = "EntraApplication"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"app_id": PropertyRef("application_app_id")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ASSIGNED_TO"
+    properties: EntraAppRoleAssignmentToApplicationRelProperties = (
+        EntraAppRoleAssignmentToApplicationRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToUserRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToUserRel(CartographyRelSchema):
+    target_node_label: str = "EntraUser"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("principal_id")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "HAS_APP_ROLE"
+    properties: EntraAppRoleAssignmentToUserRelProperties = (
+        EntraAppRoleAssignmentToUserRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToGroupRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentToGroupRel(CartographyRelSchema):
+    target_node_label: str = "EntraGroup"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("principal_id")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "HAS_APP_ROLE"
+    properties: EntraAppRoleAssignmentToGroupRelProperties = (
+        EntraAppRoleAssignmentToGroupRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class EntraAppRoleAssignmentSchema(CartographyNodeSchema):
+    label: str = "EntraAppRoleAssignment"
+    properties: EntraAppRoleAssignmentNodeProperties = (
+        EntraAppRoleAssignmentNodeProperties()
+    )
+    sub_resource_relationship: EntraAppRoleAssignmentToTenantRel = (
+        EntraAppRoleAssignmentToTenantRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            EntraAppRoleAssignmentToApplicationRel(),
+            EntraAppRoleAssignmentToUserRel(),
+            EntraAppRoleAssignmentToGroupRel(),
+        ],
+    )

cartography/models/entra/application.py

@@ -0,0 +1,47 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class EntraApplicationNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    app_id: PropertyRef = PropertyRef("app_id")
+    display_name: PropertyRef = PropertyRef("display_name")
+    publisher_domain: PropertyRef = PropertyRef("publisher_domain")
+    sign_in_audience: PropertyRef = PropertyRef("sign_in_audience")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraApplicationToTenantRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraApplicationToTenantRel(CartographyRelSchema):
+    target_node_label: str = "EntraTenant"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("TENANT_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: EntraApplicationToTenantRelProperties = (
+        EntraApplicationToTenantRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class EntraApplicationSchema(CartographyNodeSchema):
+    label: str = "EntraApplication"
+    properties: EntraApplicationNodeProperties = EntraApplicationNodeProperties()
+    sub_resource_relationship: EntraApplicationToTenantRel = (
+        EntraApplicationToTenantRel()
+    )

cartography/models/entra/group.py

@@ -0,0 +1,91 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class EntraGroupNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    display_name: PropertyRef = PropertyRef("display_name")
+    description: PropertyRef = PropertyRef("description")
+    mail: PropertyRef = PropertyRef("mail")
+    mail_nickname: PropertyRef = PropertyRef("mail_nickname")
+    mail_enabled: PropertyRef = PropertyRef("mail_enabled")
+    security_enabled: PropertyRef = PropertyRef("security_enabled")
+    group_types: PropertyRef = PropertyRef("group_types")
+    visibility: PropertyRef = PropertyRef("visibility")
+    is_assignable_to_role: PropertyRef = PropertyRef("is_assignable_to_role")
+    created_date_time: PropertyRef = PropertyRef("created_date_time")
+    deleted_date_time: PropertyRef = PropertyRef("deleted_date_time")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraGroupToTenantRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class EntraGroupToTenantRel(CartographyRelSchema):
+    target_node_label: str = "EntraTenant"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("TENANT_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: EntraGroupToTenantRelProperties = EntraGroupToTenantRelProperties()
+
+
+@dataclass(frozen=True)
+class EntraGroupToUserRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:EntraUser)-[:MEMBER_OF]->(:EntraGroup)
+class EntraGroupToUserRel(CartographyRelSchema):
+    target_node_label: str = "EntraUser"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("member_ids", one_to_many=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "MEMBER_OF"
+    properties: EntraGroupToUserRelProperties = EntraGroupToUserRelProperties()
+
+
+@dataclass(frozen=True)
+class EntraGroupToGroupRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:EntraGroup)-[:MEMBER_OF]->(:EntraGroup)
+class EntraGroupToGroupRel(CartographyRelSchema):
+    target_node_label: str = "EntraGroup"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("member_group_ids", one_to_many=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "MEMBER_OF"
+    properties: EntraGroupToGroupRelProperties = EntraGroupToGroupRelProperties()
+
+
+@dataclass(frozen=True)
+class EntraGroupSchema(CartographyNodeSchema):
+    label: str = "EntraGroup"
+    properties: EntraGroupNodeProperties = EntraGroupNodeProperties()
+    sub_resource_relationship: EntraGroupToTenantRel = EntraGroupToTenantRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            EntraGroupToGroupRel(),
+            EntraGroupToUserRel(),
+        ]
+    )