cartography 0.108.0rc2__py3-none-any.whl → 0.109.0rc2__py3-none-any.whl

cartography/data/jobs/cleanup/aws_dns_cleanup.json

@@ -1,65 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (n:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "cleanup AWS DNS Records linked to current account"
-    },
-    {
-      "query": "MATCH (n:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (n:NameServer)-[:NAMESERVER]->(:DNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSDNSRecord)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to other AWSDNSRecords within the current AWS account"
-    },
-    {
-      "query": "MATCH (:LoadBalancer)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to LoadBalancers within the current AWS account"
-    },
-    {
-      "query": "MATCH (:EC2Instance)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to EC2 Instances within the current AWS account"
-    },
-    {
-      "query": "MATCH (:NameServer)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to NameServers within the current AWS account"
-    },
-    {
-      "query": "MATCH (:AWSDNSZone)-[r:NAMESERVER]->(:NameServer)-[:NAMESERVER]->(:DNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSDNSZone)<-[r:SUBZONE]-(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:ESDomain)<-[r:DNS_POINTS_TO]-(:DNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:Ip)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    }
-  ],
-  "name": "cleanup AWS DNS"
-}

cartography/data/jobs/cleanup/aws_import_identity_center_cleanup.json

@@ -1,16 +0,0 @@
-{
-  "statements": [
-
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(:AWSSSOUser)<-[r:CAN_ASSUME_IDENTITY]-(:OktaUser) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r) RETURN COUNT(*) as TotalDeleted",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(:AWSRole)-[r:ALLOWED_BY]->(:AWSSSOUser) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r) RETURN COUNT(*) as TotalDeleted",
-      "iterative": true,
-      "iterationsize": 100
-    }
-  ],
-  "name": "cleanup AWS Identity Center Instances and Related Data"
-}

cartography/data/jobs/cleanup/aws_import_lambda_cleanup.json

@@ -1,50 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (n:AWSLambdaFunctionAlias)<-[:KNOWN_AS]-(:AWSLambda)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSLambdaFunctionAlias)<-[r:KNOWN_AS]-(:AWSLambda)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (n:AWSLambdaEventSourceMapping)<-[:RESOURCE]-(:AWSLambda)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSLambdaEventSourceMapping)<-[r:RESOURCE]-(:AWSLambda)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (n:AWSLambdaLayer)<-[:HAS]-(:AWSLambda)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSLambdaLayer)<-[r:HAS]-(:AWSLambda)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(:AWSLambda)-[r:STS_ASSUMEROLE_ALLOW]->(:AWSPrincipal) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE r",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(n:AWSLambda) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[r:RESOURCE]->(:AWSLambda) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    }
-  ],
-  "name": "cleanup AWSLambda"
-}

cartography/data/jobs/cleanup/aws_import_rds_clusters_cleanup.json

@@ -1,23 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (n:RDSCluster)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Delete RDS clusters that no longer exist and DETACH them from all nodes they were previously connected to."
-    },
-    {
-      "query": "MATCH (:RDSCluster)<-[r:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS cluster still exists but is no longer associated with its old AWS Account, delete the relationship between them."
-    },
-    {
-      "query": "MATCH (:RDSCluster)<-[r:IS_CLUSTER_MEMBER_OF]-(:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS instance still exists and is no longer a member of an RDS cluster, delete the relationship between them."
-    }
-  ],
-  "name": "cleanup RDSCluster"
-}

cartography/data/jobs/cleanup/aws_import_rds_instances_cleanup.json

@@ -1,47 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (sng:DBSubnetGroup)<-[:MEMBER_OF_DB_SUBNET_GROUP]-(:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE sng.lastupdated <> $UPDATE_TAG WITH sng LIMIT $LIMIT_SIZE DETACH DELETE (sng)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Delete DBSubnetGroups that no longer exist and DETACH them from their RDS instances."
-    },
-    {
-      "query": "MATCH (:DBSubnetGroup)<-[r:MEMBER_OF_DB_SUBNET_GROUP]-(:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Delete the link between orphaned DB Subnet Groups and their RDS Instances."
-    },
-    {
-      "query": "MATCH (:EC2Subnet)<-[r:RESOURCE]-(:DBSubnetGroup)<-[:MEMBER_OF_DB_SUBNET_GROUP]-(:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Delete the link between orphaned DB Subnet Groups and their EC2 Subnets."
-    },
-    {
-      "query": "MATCH (n:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Delete RDS instances that no longer exist and DETACH them from all nodes they were previously connected to."
-    },
-    {
-      "query": "MATCH (:RDSInstance)<-[r:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS instance still exists but is no longer associated with its old AWS Account, delete the relationship between them."
-    },
-    {
-      "query": "MATCH (:EC2SecurityGroup)<-[r:MEMBER_OF_EC2_SECURITY_GROUP]-(:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS instance still exists and is no longer a part of its old EC2SecurityGroup, delete the relationship between them."
-    },
-    {
-      "query": "MATCH (:RDSInstance)<-[r:IS_READ_REPLICA_OF]-(:RDSInstance)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS instance still exists and is no longer a read replica of another RDS instance, delete the relationship between them."
-    }
-  ],
-  "name": "cleanup RDSInstance"
-}

cartography/data/jobs/cleanup/aws_import_rds_snapshots_cleanup.json

@@ -1,23 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (n:RDSSnapshot)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Delete RDS snapshots that no longer exist and DETACH them from all nodes they were previously connected to."
-    },
-    {
-      "query": "MATCH (:RDSSnapshot)<-[r:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS snapshot still exists but is no longer associated with its old AWS Account, delete the relationship between them."
-    },
-    {
-      "query": "MATCH (:RDSInstance)<-[r:IS_SNAPSHOT_SOURCE]-(:RDSSnapshot)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "If an RDS snapshot still exists and is no longer a member of an RDS instance, delete the relationship between them."
-    }
-  ],
-  "name": "cleanup RDSSnapshot"
-}

cartography/data/jobs/cleanup/aws_import_secrets_cleanup.json

@@ -1,8 +0,0 @@
-{
-  "statements": [{
-    "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(s:SecretsManagerSecret) WHERE s.lastupdated <> $UPDATE_TAG WITH s LIMIT $LIMIT_SIZE DETACH DELETE (s)",
-    "iterative": true,
-    "iterationsize": 100
-  }],
-  "name": "cleanup SecretsManagerSecret"
-}

cartography/data/jobs/cleanup/aws_kms_details.json

@@ -1,10 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(s:KMSKey) WHERE s.anonymous_access IS NOT NULL\n WITH s LIMIT $LIMIT_SIZE\nREMOVE s.anonymous_access, s.anonymous_actions",
-      "iterative": true,
-      "iterationsize": 100
-    }
-  ],
-  "name": "AWS KMS Key Exposure Details"
-}