cartography 0.104.0rc3__py3-none-any.whl → 0.106.0rc1__py3-none-any.whl

cartography/intel/trivy/scanner.py

@@ -0,0 +1,363 @@
+import json
+import logging
+from typing import Any
+
+import boto3
+from neo4j import Session
+
+from cartography.client.core.tx import load
+from cartography.graph.job import GraphJob
+from cartography.models.trivy.findings import TrivyImageFindingSchema
+from cartography.models.trivy.fix import TrivyFixSchema
+from cartography.models.trivy.package import TrivyPackageSchema
+from cartography.stats import get_stats_client
+from cartography.util import timeit
+
+logger = logging.getLogger(__name__)
+stat_handler = get_stats_client(__name__)
+
+
+def _validate_packages(package_list: list[dict]) -> list[dict]:
+    """
+    Validates that each package has the required fields.
+    Returns only packages that have both InstalledVersion and PkgName.
+    """
+    validated_packages: list[dict] = []
+    for pkg in package_list:
+        if (
+            "InstalledVersion" in pkg
+            and pkg["InstalledVersion"]
+            and "PkgName" in pkg
+            and pkg["PkgName"]
+        ):
+            validated_packages.append(pkg)
+        else:
+            logger.warning(
+                "Package object does not have required fields `InstalledVersion` or `PkgName` - skipping."
+            )
+    return validated_packages
+
+
+def transform_scan_results(
+    results: list[dict], image_digest: str
+) -> tuple[list[dict], list[dict], list[dict]]:
+    """
+    Transform raw Trivy scan results into a format suitable for loading into Neo4j.
+    Returns a tuple of (findings_list, packages_list, fixes_list).
+    """
+    findings_list = []
+    packages_list = []
+    fixes_list = []
+
+    for scan_class in results:
+        # Sometimes a scan class will have no vulns and Trivy will leave the key undefined instead of showing [].
+        if "Vulnerabilities" in scan_class and scan_class["Vulnerabilities"]:
+            for result in scan_class["Vulnerabilities"]:
+                # Transform finding data
+                finding = {
+                    "id": f'TIF|{result["VulnerabilityID"]}',
+                    "VulnerabilityID": result["VulnerabilityID"],
+                    "cve_id": result["VulnerabilityID"],
+                    "Description": result.get("Description"),
+                    "LastModifiedDate": result.get("LastModifiedDate"),
+                    "PrimaryURL": result.get("PrimaryURL"),
+                    "PublishedDate": result.get("PublishedDate"),
+                    "Severity": result["Severity"],
+                    "SeveritySource": result.get("SeveritySource"),
+                    "Title": result.get("Title"),
+                    "nvd_v2_score": None,
+                    "nvd_v2_vector": None,
+                    "nvd_v3_score": None,
+                    "nvd_v3_vector": None,
+                    "redhat_v3_score": None,
+                    "redhat_v3_vector": None,
+                    "ubuntu_v3_score": None,
+                    "ubuntu_v3_vector": None,
+                    "Class": scan_class["Class"],
+                    "Type": scan_class["Type"],
+                    "ImageDigest": image_digest,  # For AFFECTS relationship
+                }
+
+                # Add CVSS scores if available
+                if "CVSS" in result:
+                    if "nvd" in result["CVSS"]:
+                        nvd = result["CVSS"]["nvd"]
+                        finding["nvd_v2_score"] = nvd.get("V2Score")
+                        finding["nvd_v2_vector"] = nvd.get("V2Vector")
+                        finding["nvd_v3_score"] = nvd.get("V3Score")
+                        finding["nvd_v3_vector"] = nvd.get("V3Vector")
+                    if "redhat" in result["CVSS"]:
+                        redhat = result["CVSS"]["redhat"]
+                        finding["redhat_v3_score"] = redhat.get("V3Score")
+                        finding["redhat_v3_vector"] = redhat.get("V3Vector")
+                    if "ubuntu" in result["CVSS"]:
+                        ubuntu = result["CVSS"]["ubuntu"]
+                        finding["ubuntu_v3_score"] = ubuntu.get("V3Score")
+                        finding["ubuntu_v3_vector"] = ubuntu.get("V3Vector")
+
+                findings_list.append(finding)
+
+                # Transform package data
+                package_id = f"{result['InstalledVersion']}|{result['PkgName']}"
+                packages_list.append(
+                    {
+                        "id": package_id,
+                        "InstalledVersion": result["InstalledVersion"],
+                        "PkgName": result["PkgName"],
+                        "Class": scan_class["Class"],
+                        "Type": scan_class["Type"],
+                        "ImageDigest": image_digest,  # For DEPLOYED relationship
+                        "FindingId": finding["id"],  # For AFFECTS relationship
+                    }
+                )
+
+                # Transform fix data if available
+                if result.get("FixedVersion") is not None:
+                    fixes_list.append(
+                        {
+                            "id": f"{result['FixedVersion']}|{result['PkgName']}",
+                            "FixedVersion": result["FixedVersion"],
+                            "PackageId": package_id,
+                            "FindingId": finding["id"],
+                        }
+                    )
+
+    # Validate packages before returning
+    packages_list = _validate_packages(packages_list)
+    return findings_list, packages_list, fixes_list
+
+
+@timeit
+def get_json_files_in_s3(
+    s3_bucket: str, s3_prefix: str, boto3_session: boto3.Session
+) -> set[str]:
+    """
+    List S3 objects in the S3 prefix.
+
+    Args:
+        s3_bucket: S3 bucket name containing scan results
+        s3_prefix: S3 prefix path containing scan results
+        boto3_session: boto3 session for dependency injection
+
+    Returns:
+        Set of S3 object keys for JSON files in the S3 prefix
+    """
+    s3_client = boto3_session.client("s3")
+
+    try:
+        # List objects in the S3 prefix
+        paginator = s3_client.get_paginator("list_objects_v2")
+        page_iterator = paginator.paginate(Bucket=s3_bucket, Prefix=s3_prefix)
+        results = set()
+
+        for page in page_iterator:
+            if "Contents" not in page:
+                continue
+
+            for obj in page["Contents"]:
+                object_key = obj["Key"]
+
+                # Skip non-JSON files
+                if not object_key.endswith(".json"):
+                    continue
+
+                # Skip files that don't start with our prefix
+                if not object_key.startswith(s3_prefix):
+                    continue
+
+                results.add(object_key)
+
+    except Exception as e:
+        logger.error(
+            f"Error listing S3 objects in bucket {s3_bucket} with prefix {s3_prefix}: {e}"
+        )
+        raise
+
+    logger.info(f"Found {len(results)} json files in s3://{s3_bucket}/{s3_prefix}")
+    return results
+
+
+@timeit
+def cleanup(neo4j_session: Session, common_job_parameters: dict[str, Any]) -> None:
+    """
+    Run cleanup jobs for Trivy nodes.
+    """
+    logger.info("Running Trivy cleanup")
+    GraphJob.from_node_schema(TrivyImageFindingSchema(), common_job_parameters).run(
+        neo4j_session
+    )
+    GraphJob.from_node_schema(TrivyPackageSchema(), common_job_parameters).run(
+        neo4j_session
+    )
+    GraphJob.from_node_schema(TrivyFixSchema(), common_job_parameters).run(
+        neo4j_session
+    )
+
+
+@timeit
+def load_scan_vulns(
+    neo4j_session: Session,
+    findings_list: list[dict[str, Any]],
+    update_tag: int,
+) -> None:
+    """
+    Load TrivyImageFinding nodes into Neo4j.
+    """
+    load(
+        neo4j_session,
+        TrivyImageFindingSchema(),
+        findings_list,
+        lastupdated=update_tag,
+    )
+
+
+@timeit
+def load_scan_packages(
+    neo4j_session: Session,
+    packages_list: list[dict[str, Any]],
+    update_tag: int,
+) -> None:
+    """
+    Load TrivyPackage nodes into Neo4j.
+    """
+    load(
+        neo4j_session,
+        TrivyPackageSchema(),
+        packages_list,
+        lastupdated=update_tag,
+    )
+
+
+@timeit
+def load_scan_fixes(
+    neo4j_session: Session,
+    fixes_list: list[dict[str, Any]],
+    update_tag: int,
+) -> None:
+    """
+    Load TrivyFix nodes into Neo4j.
+    """
+    load(
+        neo4j_session,
+        TrivyFixSchema(),
+        fixes_list,
+        lastupdated=update_tag,
+    )
+
+
+@timeit
+def read_scan_results_from_s3(
+    boto3_session: boto3.Session,
+    s3_bucket: str,
+    s3_object_key: str,
+    image_uri: str,
+) -> tuple[list[dict], str | None]:
+    """
+    Read and parse Trivy scan results from S3.
+
+    Args:
+        boto3_session: boto3 session for S3 operations
+        s3_bucket: S3 bucket containing scan results
+        s3_object_key: S3 object key for the scan results
+        image_uri: ECR image URI (for logging purposes)
+
+    Returns:
+        Tuple of (list of scan result dictionaries from the "Results" key, image digest)
+    """
+    s3_client = boto3_session.client("s3")
+
+    # Read JSON scan results from S3
+    logger.debug(f"Reading scan results from S3: s3://{s3_bucket}/{s3_object_key}")
+    response = s3_client.get_object(Bucket=s3_bucket, Key=s3_object_key)
+    scan_data_json = response["Body"].read().decode("utf-8")
+
+    # Parse JSON data
+    trivy_data = json.loads(scan_data_json)
+
+    # Extract results using the same logic as binary scanning
+    if "Results" in trivy_data and trivy_data["Results"]:
+        results = trivy_data["Results"]
+    else:
+        stat_handler.incr("image_scan_no_results_count")
+        logger.warning(
+            f"S3 scan data did not contain a `Results` key for URI = {image_uri}; continuing."
+        )
+        results = []
+
+    image_digest = None
+    if "Metadata" in trivy_data and trivy_data["Metadata"]:
+        repo_digests = trivy_data["Metadata"].get("RepoDigests", [])
+        if repo_digests:
+            # Sample input: 000000000000.dkr.ecr.us-east-1.amazonaws.com/test-repository@sha256:88016
+            # Sample output: sha256:88016
+            repo_digest = repo_digests[0]
+            if "@" in repo_digest:
+                image_digest = repo_digest.split("@")[1]
+
+    return results, image_digest
+
+
+@timeit
+def sync_single_image_from_s3(
+    neo4j_session: Session,
+    image_uri: str,
+    update_tag: int,
+    s3_bucket: str,
+    s3_object_key: str,
+    boto3_session: boto3.Session,
+) -> None:
+    """
+    Read Trivy scan results from S3 and sync to Neo4j.
+
+    Args:
+        neo4j_session: Neo4j session for database operations
+        image_uri: ECR image URI
+        update_tag: Update tag for tracking
+        s3_bucket: S3 bucket containing scan results
+        s3_object_key: S3 object key for this image's scan results
+        boto3_session: boto3 session for S3 operations
+    """
+    try:
+        # Read and parse scan results from S3
+        results, image_digest = read_scan_results_from_s3(
+            boto3_session,
+            s3_bucket,
+            s3_object_key,
+            image_uri,
+        )
+        if not image_digest:
+            logger.warning(f"No image digest found for {image_uri}; skipping over.")
+            return
+
+        # Transform all data in one pass using existing function
+        findings_list, packages_list, fixes_list = transform_scan_results(
+            results,
+            image_digest,
+        )
+
+        num_findings = len(findings_list)
+        stat_handler.incr("image_scan_cve_count", num_findings)
+
+        # Load the transformed data using existing functions
+        load_scan_vulns(
+            neo4j_session,
+            findings_list,
+            update_tag=update_tag,
+        )
+        load_scan_packages(
+            neo4j_session,
+            packages_list,
+            update_tag=update_tag,
+        )
+        load_scan_fixes(
+            neo4j_session,
+            fixes_list,
+            update_tag=update_tag,
+        )
+        stat_handler.incr("images_processed_count")
+
+    except Exception as e:
+        logger.error(
+            f"Failed to process S3 scan results for {image_uri} from {s3_object_key}: {e}"
+        )
+        raise

cartography/models/aws/acm/certificate.py

@@ -0,0 +1,75 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class ACMCertificateNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("Arn")
+    arn: PropertyRef = PropertyRef("Arn", extra_index=True)
+    domainname: PropertyRef = PropertyRef("DomainName")
+    type: PropertyRef = PropertyRef("Type")
+    status: PropertyRef = PropertyRef("Status")
+    key_algorithm: PropertyRef = PropertyRef("KeyAlgorithm")
+    signature_algorithm: PropertyRef = PropertyRef("SignatureAlgorithm")
+    not_before: PropertyRef = PropertyRef("NotBefore")
+    not_after: PropertyRef = PropertyRef("NotAfter")
+    in_use_by: PropertyRef = PropertyRef("InUseBy")
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ACMCertificateToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ACMCertificateToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: ACMCertificateToAWSAccountRelProperties = (
+        ACMCertificateToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class ACMCertificateToELBV2ListenerRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ACMCertificateToELBV2ListenerRel(CartographyRelSchema):
+    target_node_label: str = "ELBV2Listener"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("ELBV2ListenerArns", one_to_many=True)}
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "USED_BY"
+    properties: ACMCertificateToELBV2ListenerRelProperties = (
+        ACMCertificateToELBV2ListenerRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class ACMCertificateSchema(CartographyNodeSchema):
+    label: str = "ACMCertificate"
+    properties: ACMCertificateNodeProperties = ACMCertificateNodeProperties()
+    sub_resource_relationship: ACMCertificateToAWSAccountRel = (
+        ACMCertificateToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [ACMCertificateToELBV2ListenerRel()]
+    )

cartography/models/aws/cloudtrail/trail.py

@@ -7,6 +7,7 @@ from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
 from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
 from cartography.models.core.relationships import TargetNodeMatcher
 
 
@@ -54,8 +55,31 @@ class CloudTrailToAWSAccountRel(CartographyRelSchema):
     )
 
 
+@dataclass(frozen=True)
+class CloudTrailTrailToS3BucketRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class CloudTrailTrailToS3BucketRel(CartographyRelSchema):
+    target_node_label: str = "S3Bucket"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"name": PropertyRef("S3BucketName")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "LOGS_TO"
+    properties: CloudTrailTrailToS3BucketRelProperties = (
+        CloudTrailTrailToS3BucketRelProperties()
+    )
+
+
 @dataclass(frozen=True)
 class CloudTrailTrailSchema(CartographyNodeSchema):
     label: str = "CloudTrailTrail"
     properties: CloudTrailTrailNodeProperties = CloudTrailTrailNodeProperties()
     sub_resource_relationship: CloudTrailToAWSAccountRel = CloudTrailToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            CloudTrailTrailToS3BucketRel(),
+        ]
+    )

cartography/models/aws/ecs/clusters.py

@@ -0,0 +1,64 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class ECSClusterNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("clusterArn")
+    arn: PropertyRef = PropertyRef("clusterArn", extra_index=True)
+    name: PropertyRef = PropertyRef("clusterName")
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    status: PropertyRef = PropertyRef("status")
+    ecc_kms_key_id: PropertyRef = PropertyRef("ecc_kms_key_id")
+    ecc_logging: PropertyRef = PropertyRef("ecc_logging")
+    ecc_log_configuration_cloud_watch_log_group_name: PropertyRef = PropertyRef(
+        "ecc_log_configuration_cloud_watch_log_group_name"
+    )
+    ecc_log_configuration_cloud_watch_encryption_enabled: PropertyRef = PropertyRef(
+        "ecc_log_configuration_cloud_watch_encryption_enabled"
+    )
+    ecc_log_configuration_s3_bucket_name: PropertyRef = PropertyRef(
+        "ecc_log_configuration_s3_bucket_name"
+    )
+    ecc_log_configuration_s3_encryption_enabled: PropertyRef = PropertyRef(
+        "ecc_log_configuration_s3_encryption_enabled"
+    )
+    ecc_log_configuration_s3_key_prefix: PropertyRef = PropertyRef(
+        "ecc_log_configuration_s3_key_prefix"
+    )
+    capacity_providers: PropertyRef = PropertyRef("capacityProviders")
+    attachments_status: PropertyRef = PropertyRef("attachmentsStatus")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ECSClusterToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ECSClusterToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: ECSClusterToAWSAccountRelProperties = (
+        ECSClusterToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class ECSClusterSchema(CartographyNodeSchema):
+    label: str = "ECSCluster"
+    properties: ECSClusterNodeProperties = ECSClusterNodeProperties()
+    sub_resource_relationship: ECSClusterToAWSAccountRel = ECSClusterToAWSAccountRel()

cartography/models/aws/ecs/container_definitions.py

@@ -0,0 +1,93 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class ECSContainerDefinitionNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    task_definition_arn: PropertyRef = PropertyRef("_taskDefinitionArn")
+    name: PropertyRef = PropertyRef("name")
+    image: PropertyRef = PropertyRef("image")
+    cpu: PropertyRef = PropertyRef("cpu")
+    memory: PropertyRef = PropertyRef("memory")
+    memory_reservation: PropertyRef = PropertyRef("memoryReservation")
+    links: PropertyRef = PropertyRef("links")
+    essential: PropertyRef = PropertyRef("essential")
+    entry_point: PropertyRef = PropertyRef("entryPoint")
+    command: PropertyRef = PropertyRef("command")
+    start_timeout: PropertyRef = PropertyRef("startTimeout")
+    stop_timeout: PropertyRef = PropertyRef("stop_timeout")
+    hostname: PropertyRef = PropertyRef("hostname")
+    user: PropertyRef = PropertyRef("user")
+    working_directory: PropertyRef = PropertyRef("workingDirectory")
+    disable_networking: PropertyRef = PropertyRef("disableNetworking")
+    privileged: PropertyRef = PropertyRef("privileged")
+    readonly_root_filesystem: PropertyRef = PropertyRef("readonlyRootFilesystem")
+    dns_servers: PropertyRef = PropertyRef("dnsServers")
+    dns_search_domains: PropertyRef = PropertyRef("dnsSearchDomains")
+    docker_security_options: PropertyRef = PropertyRef("dockerSecurityOptions")
+    interactive: PropertyRef = PropertyRef("interactive")
+    pseudo_terminal: PropertyRef = PropertyRef("pseudoTerminal")
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ECSContainerDefinitionToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ECSContainerDefinitionToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: ECSContainerDefinitionToAWSAccountRelProperties = (
+        ECSContainerDefinitionToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class ECSContainerDefinitionToTaskDefinitionRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class ECSContainerDefinitionToTaskDefinitionRel(CartographyRelSchema):
+    target_node_label: str = "ECSTaskDefinition"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("_taskDefinitionArn")}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "HAS_CONTAINER_DEFINITION"
+    properties: ECSContainerDefinitionToTaskDefinitionRelProperties = (
+        ECSContainerDefinitionToTaskDefinitionRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class ECSContainerDefinitionSchema(CartographyNodeSchema):
+    label: str = "ECSContainerDefinition"
+    properties: ECSContainerDefinitionNodeProperties = (
+        ECSContainerDefinitionNodeProperties()
+    )
+    sub_resource_relationship: ECSContainerDefinitionToAWSAccountRel = (
+        ECSContainerDefinitionToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            ECSContainerDefinitionToTaskDefinitionRel(),
+        ]
+    )