cartography 0.109.0rc1__py3-none-any.whl → 0.109.0rc2__py3-none-any.whl

cartography/models/aws/route53/dnsrecord.py

@@ -0,0 +1,214 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    name: PropertyRef = PropertyRef("name", extra_index=True)
+    type: PropertyRef = PropertyRef("type")
+    value: PropertyRef = PropertyRef("value")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToZoneRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToZoneRel(CartographyRelSchema):
+    target_node_label: str = "AWSDNSZone"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"zoneid": PropertyRef("zoneid")}
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "MEMBER_OF_DNS_ZONE"
+    properties: AWSDNSRecordToZoneRelProperties = AWSDNSRecordToZoneRelProperties()
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSDNSRecordToAWSAccountRelProperties = (
+        AWSDNSRecordToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToNameServerRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToNameServerRel(CartographyRelSchema):
+    target_node_label: str = "NameServer"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("servers", one_to_many=True),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToNameServerRelProperties = (
+        AWSDNSRecordToNameServerRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToEC2InstanceRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToEC2InstanceRel(CartographyRelSchema):
+    target_node_label: str = "EC2Instance"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "publicdnsname": PropertyRef("value"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToEC2InstanceRelProperties = (
+        AWSDNSRecordToEC2InstanceRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToLoadBalancerRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToLoadBalancerRel(CartographyRelSchema):
+    target_node_label: str = "LoadBalancer"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "dnsname": PropertyRef("value"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToLoadBalancerRelProperties = (
+        AWSDNSRecordToLoadBalancerRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToLoadBalancerV2RelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToLoadBalancerV2Rel(CartographyRelSchema):
+    target_node_label: str = "LoadBalancerV2"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "dnsname": PropertyRef("value"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToLoadBalancerV2RelProperties = (
+        AWSDNSRecordToLoadBalancerV2RelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToESDomainRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToESDomainRel(CartographyRelSchema):
+    target_node_label: str = "ESDomain"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "endpoint": PropertyRef("value"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToESDomainRelProperties = (
+        AWSDNSRecordToESDomainRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToDNSRecordRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToDNSRecordRel(CartographyRelSchema):
+    target_node_label: str = "AWSDNSRecord"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "name": PropertyRef("value"),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToDNSRecordRelProperties = (
+        AWSDNSRecordToDNSRecordRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToIpRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSRecordToIpRel(CartographyRelSchema):
+    target_node_label: str = "Ip"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "id": PropertyRef("ip_addresses", one_to_many=True),
+        }
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "DNS_POINTS_TO"
+    properties: AWSDNSRecordToIpRelProperties = AWSDNSRecordToIpRelProperties()
+
+
+class AWSDNSRecordSchema(CartographyNodeSchema):
+    label: str = "AWSDNSRecord"
+    properties: AWSDNSRecordNodeProperties = AWSDNSRecordNodeProperties()
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(["DNSRecord"])
+    sub_resource_relationship: AWSDNSRecordToAWSAccountRel = (
+        AWSDNSRecordToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            AWSDNSRecordToNameServerRel(),
+            AWSDNSRecordToEC2InstanceRel(),
+            AWSDNSRecordToLoadBalancerRel(),
+            AWSDNSRecordToLoadBalancerV2Rel(),
+            AWSDNSRecordToESDomainRel(),
+            AWSDNSRecordToDNSRecordRel(),
+            AWSDNSRecordToZoneRel(),
+            AWSDNSRecordToIpRel(),
+        ]
+    )

cartography/models/aws/route53/nameserver.py

@@ -0,0 +1,63 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class NameServerNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    name: PropertyRef = PropertyRef("id", extra_index=True)
+    zoneid: PropertyRef = PropertyRef("zoneid")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class NameServerToZoneRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class NameServerToZoneRel(CartographyRelSchema):
+    target_node_label: str = "AWSDNSZone"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"zoneid": PropertyRef("zoneid")}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "NAMESERVER"
+    properties: NameServerToZoneRelProperties = NameServerToZoneRelProperties()
+
+
+@dataclass(frozen=True)
+class NameServerToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class NameServerToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: NameServerToAWSAccountRelProperties = (
+        NameServerToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class NameServerSchema(CartographyNodeSchema):
+    label: str = "NameServer"
+    properties: NameServerNodeProperties = NameServerNodeProperties()
+    sub_resource_relationship: NameServerToAWSAccountRel = NameServerToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [NameServerToZoneRel()]
+    )

cartography/models/aws/route53/subzone.py

@@ -0,0 +1,40 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_source_node_matcher
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import SourceNodeMatcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSDNSZoneSubzoneRelProperties(CartographyRelProperties):
+    # Mandatory fields for MatchLinks
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    _sub_resource_label: PropertyRef = PropertyRef(
+        "_sub_resource_label", set_in_kwargs=True
+    )
+    _sub_resource_id: PropertyRef = PropertyRef("_sub_resource_id", set_in_kwargs=True)
+
+
+# MatchLink for creating SUBZONE relationships between DNS zones
+@dataclass(frozen=True)
+class AWSDNSZoneSubzoneMatchLink(CartographyRelSchema):
+    target_node_label: str = "AWSDNSZone"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {
+            "zoneid": PropertyRef("subzone_id"),
+        }
+    )
+    source_node_label: str = "AWSDNSZone"
+    source_node_matcher: SourceNodeMatcher = make_source_node_matcher(
+        {
+            "zoneid": PropertyRef("zone_id"),
+        }
+    )
+    properties: AWSDNSZoneSubzoneRelProperties = AWSDNSZoneSubzoneRelProperties()
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "SUBZONE"

cartography/models/aws/route53/zone.py

@@ -0,0 +1,47 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.nodes import ExtraNodeLabels
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSDNSZoneNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("zoneid")
+    zoneid: PropertyRef = PropertyRef("zoneid")
+    name: PropertyRef = PropertyRef("name", extra_index=True)
+    comment: PropertyRef = PropertyRef("comment")
+    privatezone: PropertyRef = PropertyRef("privatezone")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSZoneToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSDNSZoneToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)}
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSDNSZoneToAWSAccountRelProperties = (
+        AWSDNSZoneToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSDNSZoneSchema(CartographyNodeSchema):
+    label: str = "AWSDNSZone"
+    properties: AWSDNSZoneNodeProperties = AWSDNSZoneNodeProperties()
+    extra_node_labels: ExtraNodeLabels = ExtraNodeLabels(["DNSZone"])
+    sub_resource_relationship: AWSDNSZoneToAWSAccountRel = AWSDNSZoneToAWSAccountRel()

cartography/util.py

@@ -291,9 +291,16 @@ def aws_handle_regions(func: AWSGetFunc) -> AWSGetFunc:
         try:
             return func(*args, **kwargs)
         except botocore.exceptions.ClientError as e:
+            error_code = e.response.get("Error", {}).get("Code")
+            if error_code == "InvalidToken":
+                raise RuntimeError(
+                    "AWS returned an InvalidToken error. Configure regional STS endpoints by "
+                    "setting environment variable AWS_STS_REGIONAL_ENDPOINTS=regional or adding "
+                    "'sts_regional_endpoints = regional' to your AWS config file."
+                ) from e
             # The account is not authorized to use this service in this region
             # so we can continue without raising an exception
-            if e.response["Error"]["Code"] in ERROR_CODES:
+            if error_code in ERROR_CODES:
                 logger.warning(
                     "{} in this region. Skipping...".format(
                         e.response["Error"]["Message"],

{cartography-0.109.0rc1.dist-info → cartography-0.109.0rc2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cartography
-Version: 0.109.0rc1
+Version: 0.109.0rc2
 Summary: Explore assets and their relationships across your technical infrastructure.
 Maintainer: Cartography Contributors
 License: apache2
@@ -82,7 +82,7 @@ You can learn more about the story behind Cartography in our [presentation at BS
 
 ## Supported platforms
 - [Airbyte](https://cartography-cncf.github.io/cartography/modules/airbyte/index.html) - Organization, Workspace, User, Source, Destination, Connection, Tag, Stream
-- [Amazon Web Services](https://cartography-cncf.github.io/cartography/modules/aws/index.html) - ACM, API Gateway, CloudWatch, CodeBuild, Config, EC2, ECS, ECR, Elasticsearch, Elastic Kubernetes Service (EKS), DynamoDB, GuardDuty, IAM, Inspector, KMS, Lambda, RDS, Redshift, Route53, S3, Secrets Manager(Secret Versions), Security Hub, SQS, SSM, STS, Tags
+- [Amazon Web Services](https://cartography-cncf.github.io/cartography/modules/aws/index.html) - ACM, API Gateway, CloudWatch, CodeBuild, Config, EC2, ECS, ECR, EFS, Elasticsearch, Elastic Kubernetes Service (EKS), DynamoDB, Glue, GuardDuty, IAM, Inspector, KMS, Lambda, RDS, Redshift, Route53, S3, Secrets Manager(Secret Versions), Security Hub, SNS, SQS, SSM, STS, Tags
 - [Anthropic](https://cartography-cncf.github.io/cartography/modules/anthropic/index.html) - Organization, ApiKey, User, Workspace
 - [BigFix](https://cartography-cncf.github.io/cartography/modules/bigfix/index.html) - Computers
 - [Cloudflare](https://cartography-cncf.github.io/cartography/modules/cloudflare/index.html) - Account, Role, Member, Zone, DNSRecord

{cartography-0.109.0rc1.dist-info → cartography-0.109.0rc2.dist-info}/RECORD

@@ -1,12 +1,12 @@
 cartography/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/__main__.py,sha256=y5iqUrj4BmqZfjeDT-9balzpXeMARgHeIedRMRI1gr8,100
-cartography/_version.py,sha256=ThpDtvU85F19Feu0CxbU2VZVzCSAwa5MahvagaUWtuE,525
+cartography/_version.py,sha256=nimLevl7Lt41ABvOl3VLASk_dXzF0KzyiM-BgKu2SmU,525
 cartography/cli.py,sha256=qOu3nSIKWsuDbuPe5XrKBoAArFQKZP8jSjK8OtI69_E,46595
 cartography/config.py,sha256=q-fVcWJH9ida_cAII9RcOT0FUpFFify7W6NMvmC3kGk,16873
 cartography/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/stats.py,sha256=N95prYlSzY8U52VFgKIDgOWOawu5Mig4N7GcVp3binQ,4420
 cartography/sync.py,sha256=-WsU6tGUKpfxPRndm1QU_0HQyE20Q7fexQWRHWFrnQI,13867
-cartography/util.py,sha256=YYynw4hblAf7xglGzS7vuHTJXxf7u4WjAiLVM4MiOLU,15535
+cartography/util.py,sha256=DTFfVRN1cv3msm2heIjFkpH3NBJs00IolwzuUcJiDHo,15965
 cartography/client/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/client/aws/__init__.py,sha256=Zj7nX21QQELwPLZlpldm_22IiXZ1VFsEFQbWX_e4okU,558
 cartography/client/aws/ecr.py,sha256=04IXnuEAauyO5Mx9Wmt79WdUnYDhYsk2QSOnwE5_BeM,1664
@@ -14,7 +14,7 @@ cartography/client/aws/iam.py,sha256=dYsGikc36DEsSeR2XVOVFFUDwuU9yWj_EVkpgVYCFgM
 cartography/client/core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/client/core/tx.py,sha256=Xx6_a5u7PE5pyREuBL_J39ORcafqieFf4KdosaEv1c4,13530
 cartography/data/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-cartography/data/indexes.cypher,sha256=TiTedBNkvIg3FHcIcn-zqbDv2WiboxTAHZ-qACO8-Ys,23435
+cartography/data/indexes.cypher,sha256=R1UiBIAYqWGyZmwL0EPaaVWM2P64KKClSj0xPDF715s,22472
 cartography/data/permission_relationships.yaml,sha256=RuKGGc_3ZUQ7ag0MssB8k_zaonCkVM5E8I_svBWTmGc,969
 cartography/data/jobs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/data/jobs/analysis/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -30,7 +30,6 @@ cartography/data/jobs/analysis/gcp_gke_basic_auth.json,sha256=qLkrw1eZvV9ETtkIQN
 cartography/data/jobs/analysis/gsuite_human_link.json,sha256=ArWA51fNIeeXwYiroJbKnuqN8y-TLrndOq0ZdC9q5os,541
 cartography/data/jobs/cleanup/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/data/jobs/cleanup/aws_account_cleanup.json,sha256=DEB4h6Z4NSpYaLXECPhNk8HHbT0XNlqUA01pXIskBxc,473
-cartography/data/jobs/cleanup/aws_dns_cleanup.json,sha256=H5uMZV4tN6HcjTYwh2I1dENzNGqu2D2Rs2q-5CK5e0Y,3498
 cartography/data/jobs/cleanup/aws_import_account_access_key_cleanup.json,sha256=UCrAXf-8yQIoUa843VLLTpqrSpNa753c1cxzg32oqU0,737
 cartography/data/jobs/cleanup/aws_import_config_cleanup.json,sha256=VCAJjEnFcQUR16VxKdpsOkBJEnhMuLk-7Kgm_p9k1NM,754
 cartography/data/jobs/cleanup/aws_import_ec2_launch_configurations_cleanup.json,sha256=x9IIzb9Sr1353ygkA-qqUUbZS9XO2v3GzUHe-0J4Pw8,281
@@ -42,14 +41,9 @@ cartography/data/jobs/cleanup/aws_import_es_cleanup.json,sha256=VqRqiMcT0Ag0Qif2
 cartography/data/jobs/cleanup/aws_import_groups_cleanup.json,sha256=QSdWIpC_Ru4TFBm9I5mpI-ZHyusbzCzCePWN-yn8TQU,463
 cartography/data/jobs/cleanup/aws_import_groups_membership_cleanup.json,sha256=OSeasbv01pn47J1ib3yal_dAzbEOCZVJnldMqK0SAOQ,292
 cartography/data/jobs/cleanup/aws_import_groups_policy_cleanup.json,sha256=U_yKHAsjHoI9fiiTqGyhlMazgeZumlZwMO70CpJpuAM,309
-cartography/data/jobs/cleanup/aws_import_identity_center_cleanup.json,sha256=PSyerOlZkiLaWYFa3Hg1mqqX83FGwj36-p0BF1lR-Q8,650
 cartography/data/jobs/cleanup/aws_import_internet_gateways_cleanup.json,sha256=SHHrR9pX0V1r-RxwJggHGeFA7JVQAAK02D-n-vqOvdU,287
 cartography/data/jobs/cleanup/aws_import_kms_cleanup.json,sha256=NU9doXVk4UmAY59aYnld95Wc1b8DrfCbvJltUsATxko,1441
-cartography/data/jobs/cleanup/aws_import_lambda_cleanup.json,sha256=h219-cmOY19RjcGZiecM21HS52hw4S5EXFVAxIpyyTw,2267
 cartography/data/jobs/cleanup/aws_import_principals_cleanup.json,sha256=yrI1FISGTlgaUZXFSj7XUCNzRoLqkcavLur4Lw4zSmU,1363
-cartography/data/jobs/cleanup/aws_import_rds_clusters_cleanup.json,sha256=aHpM8qvN7TNTUJMQjOlv5-lxz0BzJl-tKIj_m5i_uqc,1166
-cartography/data/jobs/cleanup/aws_import_rds_instances_cleanup.json,sha256=vmulpaxqqzBYSTtS6lYzbm55ksYjCab3UeRI0l13ktY,2733
-cartography/data/jobs/cleanup/aws_import_rds_snapshots_cleanup.json,sha256=ckOaVSBL-7XLjc0_0sGKNWXj61oVQabj7ZEYG89HnfA,1171
 cartography/data/jobs/cleanup/aws_import_redshift_clusters_cleanup.json,sha256=TNQ93Z7pPchdBAp3WiuoZMeDWdr_WQ139HiDPl32WhE,1963
 cartography/data/jobs/cleanup/aws_import_reserved_instances_cleanup.json,sha256=P98o_cdNpso732eE-FjK4UYMp__--ZuedmiA3aXeQig,524
 cartography/data/jobs/cleanup/aws_import_roles_cleanup.json,sha256=z6M8to_4TcOx4TKVbtfu86gRQgbDfVlJmRn3voNXbaI,500
@@ -67,7 +61,6 @@ cartography/data/jobs/cleanup/aws_ingest_ec2_auto_scaling_groups_cleanup.json,sh
 cartography/data/jobs/cleanup/aws_ingest_load_balancers_cleanup.json,sha256=1vidNCrITt-_bxw5lsSzyqGsuyWiNhI6-bnuv5lMvRI,1729
 cartography/data/jobs/cleanup/aws_ingest_load_balancers_v2_cleanup.json,sha256=kIMc5YTkWDOLdHCOAHPb7Q8Oz9pP6GzGO9gjBo0ZhR0,1596
 cartography/data/jobs/cleanup/aws_ingest_subnets_cleanup.json,sha256=HtTXrA50PzBJ6LFnKZkO4hnnKxKqF6xUwqUrtFrp29Y,527
-cartography/data/jobs/cleanup/aws_kms_details.json,sha256=awluz0DhiAcdABiTYL9M8EUQz2FAuXVpu8lICRpTEnU,319
 cartography/data/jobs/cleanup/aws_post_ingestion_principals_cleanup.json,sha256=h3A6jNk7DGLFq6ob06-V9qzuYN-CltyHq_r2Gj8DqCI,266
 cartography/data/jobs/cleanup/aws_s3_details.json,sha256=-GEnBicRjLBNEDS2k2MzE2PUFbQ5WmxXUbYeVTvlJzQ,316
 cartography/data/jobs/cleanup/azure_cosmosdb_cassandra_keyspace_cleanup.json,sha256=_WIFvR-OGvG2q163NKsNXPqbDATz7rv7FLUTlWtnvK4,1358
@@ -166,20 +159,21 @@ cartography/intel/aws/eks.py,sha256=bPItyEj5q0nSDltJrr0S5MIrTPV0fK3xkqF6EV8fcqA,
 cartography/intel/aws/elasticache.py,sha256=ePTi-49Lbw94L6m7id5dUk1cG6FZRizFxojxKZBk8XY,5552
 cartography/intel/aws/elasticsearch.py,sha256=8X_Rp1zejkvXho0Zz_Cr4g-w9IpompdYRc-YS595Aso,8645
 cartography/intel/aws/emr.py,sha256=EJoKjHQP7-F_A1trUNU05Sb42yNR1i0C9VIpGcCfAXw,3662
+cartography/intel/aws/glue.py,sha256=-AQh1PIbWzi7y-uZbx2yaHnrEpMsENSBX-pGUFqc6xQ,3349
 cartography/intel/aws/guardduty.py,sha256=QpwWisz3TzbOxkRKNjByk4WWDCCMXr8jgNOgOdjQM5g,8532
 cartography/intel/aws/iam.py,sha256=bkyIzWw2OC4MHxuoCvTiZ5eEGEQhz2asiUgY_tkX2GY,34322
 cartography/intel/aws/iam_instance_profiles.py,sha256=QUyu30xid60BFaemp-q0y9FgNsHaIQyQnQ8gHUzWC4k,2211
-cartography/intel/aws/identitycenter.py,sha256=C2EOfwQO1zBjePAXtreUcJIy7RU__ior3liRT4SpGO8,9544
+cartography/intel/aws/identitycenter.py,sha256=Q1k1BuBmtA85s5tHGS7lvgGxQ-H-piIyiWgyevFL92U,11161
 cartography/intel/aws/inspector.py,sha256=G8a60uuFCuENvR2DNJ9VmWEJwG9UDENaC1buULvuSZc,12415
-cartography/intel/aws/kms.py,sha256=RtCxNG-Den-f4Il-NO3YL_-BFUmg1qFt4lNucue9SQM,12130
-cartography/intel/aws/lambda_function.py,sha256=cutCsMnvyJB8vKUP0fHORrhijw944cXSoLKOHYdi6SM,10389
+cartography/intel/aws/kms.py,sha256=cnWZtzI7hsaXAt4CpdddAVDqaPZvtoXCoJIdqapHAbA,10754
+cartography/intel/aws/lambda_function.py,sha256=3hpgqI1HOeywcP3xV-OcoCOxfyyqfyMaYeb46xdf8B4,9585
 cartography/intel/aws/organizations.py,sha256=m5qk60N6pe7iKLN-Rtfg9aYv7OozoloSkcsuePd-RGs,4680
 cartography/intel/aws/permission_relationships.py,sha256=LTmnHS6zk9hcdL548V5ka3Ey-6NsFjy1JYZTfRyB9Ys,15647
-cartography/intel/aws/rds.py,sha256=9TQsoUQAJXj3x7laqJp06N9TQIN9ARyRiImBW9lQKOI,26574
+cartography/intel/aws/rds.py,sha256=are2LsWe8tM4UkCaGVnXS7F-ZVawklpc9h4lsM-fpGY,16173
 cartography/intel/aws/redshift.py,sha256=FGcCzcnm1OOrbJvLqtR1DwWVn1pt4Y6_eKkTUERT7Ws,7108
 cartography/intel/aws/resourcegroupstaggingapi.py,sha256=TkMlUKLrRBWAyeUu-cHKce7TFkwBnWV_Im8DONgnLGU,12852
-cartography/intel/aws/resources.py,sha256=rr5TB5QiOymjoTR7Lr09HbdnCgycMGq52mC4CP7MhQo,4238
-cartography/intel/aws/route53.py,sha256=-AZDD4zVR5pQ_c1bx87UZuzbC0mDiI-YS_8llFMZkwI,14424
+cartography/intel/aws/resources.py,sha256=R4pDieVCbvvz_gAde606vnxFafKWjE2YfyE8-fv6R7o,4280
+cartography/intel/aws/route53.py,sha256=27ocRlNnxiXi7M7eYLUCVBNwaLyArX4CAExoOBxGl3Y,14294
 cartography/intel/aws/s3.py,sha256=Da_5NYvQ7MN1AIN7CK9XXlVZo0fPdNHkqBZY1JWnHH4,33598
 cartography/intel/aws/s3accountpublicaccessblock.py,sha256=XkqHnbj9ODRcc7Rbl4swi03qvw_T-7Bnx3BHpTmlxio,4688
 cartography/intel/aws/secretsmanager.py,sha256=xM6znqD0cKNJbAhO2Zg3svyO7YUOqPFbunhODAVXMgw,7777
@@ -432,17 +426,38 @@ cartography/models/aws/eks/clusters.py,sha256=OthI554MrYNSl-p6ArMJsSH43xKPRDSnEm
 cartography/models/aws/elasticache/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/elasticache/cluster.py,sha256=3tx3fL3FPSp4QX3pd42sV71t6kYRl-IfvU_56S7WmGo,3227
 cartography/models/aws/elasticache/topic.py,sha256=Rq-Hj6xo9xouRLw2NRNU1cmmVUlOP0ieRA8fT5GlZ2w,2757
+cartography/models/aws/glue/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cartography/models/aws/glue/connection.py,sha256=wG7mDMoYnmAHXrLfi52_1wPHF6VcrLOKfDmZaJJti1Q,2213
 cartography/models/aws/guardduty/__init__.py,sha256=ILQhP6R9RLgXzPKdmPzuGqhOgAXeIReUEyqKS-ZXS3k,19
 cartography/models/aws/guardduty/findings.py,sha256=LwUE1DbDyl9c3g5fUSZxsYKQ8U44wDS4Pps-QPMyr3Y,4184
 cartography/models/aws/iam/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/iam/instanceprofile.py,sha256=tlIkiCPX_9B9XPNAR0LcJAec8AbJq4dxgN8dgvEPXLs,2942
 cartography/models/aws/identitycenter/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/identitycenter/awsidentitycenter.py,sha256=-ybcEgdZjwF0RINR_iLpmf5EOjuXYbz_CtixP-yqV30,2038
-cartography/models/aws/identitycenter/awspermissionset.py,sha256=12kDKzsJQOHg6d9dlX98sM9gKXGMQh7FaxzlJov7Dgo,3651
+cartography/models/aws/identitycenter/awspermissionset.py,sha256=egFas3D4tkUZhaE2uQTwLihsVtJB8QBMlgBO5Px4UYs,5294
 cartography/models/aws/identitycenter/awsssouser.py,sha256=EWnyX5ev2aaK64YjKGuJSoknBF5b_kS5xc0kDf_0xfo,2886
 cartography/models/aws/inspector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/inspector/findings.py,sha256=ikm0vvjhGK_-BDt5VGyS4_0KwJsq81T6VgROq9HK2NE,8188
 cartography/models/aws/inspector/packages.py,sha256=IoJT7w6n8Vx3vGGJPWKDgJLRpioqtOS5iMYZLnX7thg,2113
+cartography/models/aws/kms/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cartography/models/aws/kms/aliases.py,sha256=dJizJxxPzsWuZGY77gPcX7OlPO5Y3nHOUJoqf0CNKos,2998
+cartography/models/aws/kms/grants.py,sha256=oBSRRgme3dVejgilkBPcdPsHhyNAxGyhyQuVQmAP0fc,2623
+cartography/models/aws/kms/keys.py,sha256=qfdc5wlN84j00Pjxq85GHQxLZ_asyNq2oD5Tj--MCZ4,3401
+cartography/models/aws/lambda_function/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cartography/models/aws/lambda_function/alias.py,sha256=4NSxgpxAIY1Zzx9ApH9v4Oli5czisRLDKKByaRWy2eQ,3023
+cartography/models/aws/lambda_function/event_source_mapping.py,sha256=nx4niDZ-cKwMmQrieqOgmThN-ITfF-o8AB6epKDvBfs,3997
+cartography/models/aws/lambda_function/lambda_function.py,sha256=YRwoVcfD8xpVPz2YJsgfA6Y0jEVF_PnJ0WFynMu6gXg,4027
+cartography/models/aws/lambda_function/layer.py,sha256=kKMxm5XkAIx-VBZZX3teA6Md-jByBBdFnSoebjqq3ik,2868
+cartography/models/aws/rds/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cartography/models/aws/rds/cluster.py,sha256=chxwnOU7hGOvlnyTtaHx0ZxqyJIXQJ1qWEv68ti_nqo,4330
+cartography/models/aws/rds/instance.py,sha256=B6vMGNDR9JhheJbnHGdrU0ZFyLorw55ZIsvlkkxjw6Q,6450
+cartography/models/aws/rds/snapshot.py,sha256=T_2kqvJW2iDjPSg2cr9amXZNTotE9Zm66GSCDteiNbQ,4821
+cartography/models/aws/rds/subnet_group.py,sha256=0tr68MYpWwRC-P23XLh-GecMQAfrQwLZ82LfdbcLsSc,3676
+cartography/models/aws/route53/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+cartography/models/aws/route53/dnsrecord.py,sha256=JNkK7S1B7rB-uag1LuLhe2Rkct5foJ2X_bmUzUZsbuo,7552
+cartography/models/aws/route53/nameserver.py,sha256=yKH3u_PDi7C-UQ69mNPiiFppsfiFC4nN0glouAGOoN8,2511
+cartography/models/aws/route53/subzone.py,sha256=g3k4RHm5YqH-AjIZynlF4sj64cBhkiZ2L2CwV23j_L4,1674
+cartography/models/aws/route53/zone.py,sha256=6yNSdZcmJZOzGjVG7HSC35P9fFKaxYTUp_O_Ptzt1Fk,2011
 cartography/models/aws/s3/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cartography/models/aws/s3/account_public_access_block.py,sha256=L6AS0OncfSOWHP4pOXshnJFDPwnWqywzUIeUppJcw-Q,2256
 cartography/models/aws/s3/notification.py,sha256=SF1VvCP_2WVh8K29d4ms8MUcg9AyO_MN8vCgzLFlGAs,1017
@@ -563,9 +578,9 @@ cartography/models/trivy/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZ
 cartography/models/trivy/findings.py,sha256=SgI_h1aRyR20uAHvuXIZ1T6r4IZJt6SVhxRaF2bTsm0,3085
 cartography/models/trivy/fix.py,sha256=ho9ENVl9HSXqyggyCwR6ilkOBKDxpQ7rGibo_j21NA4,2587
 cartography/models/trivy/package.py,sha256=IwO1RZZ-MFRtNbt8Cq6YFl6fdNJMFmULnJkkK8Q4rL4,2809
-cartography-0.109.0rc1.dist-info/licenses/LICENSE,sha256=kvLEBRYaQ1RvUni6y7Ti9uHeooqnjPoo6n_-0JO1ETc,11351
-cartography-0.109.0rc1.dist-info/METADATA,sha256=9FTYbotYU554ja61uz3NBql3-KAmXR65ulsDLpHYfkk,12914
-cartography-0.109.0rc1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-cartography-0.109.0rc1.dist-info/entry_points.txt,sha256=GVIAWD0o0_K077qMA_k1oZU4v-M0a8GLKGJR8tZ-qH8,112
-cartography-0.109.0rc1.dist-info/top_level.txt,sha256=BHqsNJQiI6Q72DeypC1IINQJE59SLhU4nllbQjgJi9g,12
-cartography-0.109.0rc1.dist-info/RECORD,,
+cartography-0.109.0rc2.dist-info/licenses/LICENSE,sha256=kvLEBRYaQ1RvUni6y7Ti9uHeooqnjPoo6n_-0JO1ETc,11351
+cartography-0.109.0rc2.dist-info/METADATA,sha256=x8x0Hg37Mn7ctpEhcGeHqxPkCZkB7CbuM-3xf3AJHvs,12930
+cartography-0.109.0rc2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+cartography-0.109.0rc2.dist-info/entry_points.txt,sha256=GVIAWD0o0_K077qMA_k1oZU4v-M0a8GLKGJR8tZ-qH8,112
+cartography-0.109.0rc2.dist-info/top_level.txt,sha256=BHqsNJQiI6Q72DeypC1IINQJE59SLhU4nllbQjgJi9g,12
+cartography-0.109.0rc2.dist-info/RECORD,,

cartography/data/jobs/cleanup/aws_dns_cleanup.json

@@ -1,65 +0,0 @@
-{
-  "statements": [
-    {
-      "query": "MATCH (n:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "cleanup AWS DNS Records linked to current account"
-    },
-    {
-      "query": "MATCH (n:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (n:NameServer)-[:NAMESERVER]->(:DNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE n.lastupdated <> $UPDATE_TAG WITH n LIMIT $LIMIT_SIZE DETACH DELETE (n)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSDNSRecord)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to other AWSDNSRecords within the current AWS account"
-    },
-    {
-      "query": "MATCH (:LoadBalancer)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to LoadBalancers within the current AWS account"
-    },
-    {
-      "query": "MATCH (:EC2Instance)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to EC2 Instances within the current AWS account"
-    },
-    {
-      "query": "MATCH (:NameServer)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100,
-      "__comment__": "Clean up AWSDNSRecords pointing to NameServers within the current AWS account"
-    },
-    {
-      "query": "MATCH (:AWSDNSZone)-[r:NAMESERVER]->(:NameServer)-[:NAMESERVER]->(:DNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSDNSZone)<-[r:SUBZONE]-(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:ESDomain)<-[r:DNS_POINTS_TO]-(:DNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:Ip)<-[r:DNS_POINTS_TO]-(:AWSDNSRecord)-[:MEMBER_OF_DNS_ZONE]->(:AWSDNSZone)<-[:RESOURCE]-(:AWSAccount{id: $AWS_ID}) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r)",
-      "iterative": true,
-      "iterationsize": 100
-    }
-  ],
-  "name": "cleanup AWS DNS"
-}

cartography/data/jobs/cleanup/aws_import_identity_center_cleanup.json

@@ -1,16 +0,0 @@
-{
-  "statements": [
-
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(:AWSSSOUser)<-[r:CAN_ASSUME_IDENTITY]-(:OktaUser) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r) RETURN COUNT(*) as TotalDeleted",
-      "iterative": true,
-      "iterationsize": 100
-    },
-    {
-      "query": "MATCH (:AWSAccount{id: $AWS_ID})-[:RESOURCE]->(:AWSRole)-[r:ALLOWED_BY]->(:AWSSSOUser) WHERE r.lastupdated <> $UPDATE_TAG WITH r LIMIT $LIMIT_SIZE DELETE (r) RETURN COUNT(*) as TotalDeleted",
-      "iterative": true,
-      "iterationsize": 100
-    }
-  ],
-  "name": "cleanup AWS Identity Center Instances and Related Data"
-}