cartography 0.109.0rc1__py3-none-any.whl → 0.110.0rc1__py3-none-any.whl

cartography/models/aws/identitycenter/awspermissionset.py

@@ -6,8 +6,10 @@ from cartography.models.core.nodes import CartographyNodeSchema
 from cartography.models.core.relationships import CartographyRelProperties
 from cartography.models.core.relationships import CartographyRelSchema
 from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_source_node_matcher
 from cartography.models.core.relationships import make_target_node_matcher
 from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import SourceNodeMatcher
 from cartography.models.core.relationships import TargetNodeMatcher
 
 
@@ -77,6 +79,48 @@ class AWSPermissionSetToAWSAccountRel(CartographyRelSchema):
     )
 
 
+@dataclass(frozen=True)
+class RoleAssignmentAllowedByRelProperties(CartographyRelProperties):
+    """
+    Properties for the ALLOWED_BY relationship between AWSRole and AWSSSOUser.
+    """
+
+    # Mandatory fields for MatchLinks
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+    _sub_resource_label: PropertyRef = PropertyRef(
+        "_sub_resource_label", set_in_kwargs=True
+    )
+    _sub_resource_id: PropertyRef = PropertyRef("_sub_resource_id", set_in_kwargs=True)
+
+    # Role assignment specific properties
+    permission_set_arn: PropertyRef = PropertyRef("PermissionSetArn")
+
+
+@dataclass(frozen=True)
+class RoleAssignmentAllowedByMatchLink(CartographyRelSchema):
+    """
+    MatchLink schema for ALLOWED_BY relationships from role assignments.
+    Creates relationships like: (AWSRole)-[:ALLOWED_BY]->(AWSSSOUser)
+    """
+
+    # MatchLink-specific fields for AWSRole as source
+    source_node_label: str = "AWSRole"
+    source_node_matcher: SourceNodeMatcher = make_source_node_matcher(
+        {"arn": PropertyRef("RoleArn")},
+    )
+
+    # Standard CartographyRelSchema fields for AWSSSOUser as target
+    target_node_label: str = "AWSSSOUser"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("UserId")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "ALLOWED_BY"
+    properties: RoleAssignmentAllowedByRelProperties = (
+        RoleAssignmentAllowedByRelProperties()
+    )
+
+
 @dataclass(frozen=True)
 class AWSPermissionSetSchema(CartographyNodeSchema):
     label: str = "AWSPermissionSet"

cartography/models/aws/kms/aliases.py

@@ -0,0 +1,86 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class KMSAliasNodeProperties(CartographyNodeProperties):
+    """
+    Properties for AWS KMS Alias
+    """
+
+    id: PropertyRef = PropertyRef("AliasArn")
+    arn: PropertyRef = PropertyRef("AliasArn", extra_index=True)
+    alias_name: PropertyRef = PropertyRef("AliasName", extra_index=True)
+    target_key_id: PropertyRef = PropertyRef("TargetKeyId")
+
+    # Date properties (will be converted to epoch timestamps)
+    creation_date: PropertyRef = PropertyRef("CreationDate")
+    last_updated_date: PropertyRef = PropertyRef("LastUpdatedDate")
+
+    # Standard cartography properties
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KMSAliasRelProperties(CartographyRelProperties):
+    """
+    Properties for relationships between KMS Alias and other nodes
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KMSAliasToAWSAccountRel(CartographyRelSchema):
+    """
+    Relationship between KMS Alias and AWS Account
+    """
+
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: KMSAliasRelProperties = KMSAliasRelProperties()
+
+
+@dataclass(frozen=True)
+class KMSAliasToKMSKeyRel(CartographyRelSchema):
+    """
+    Relationship between KMS Alias and its associated KMS Key
+    """
+
+    target_node_label: str = "KMSKey"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("TargetKeyId")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "KNOWN_AS"
+    properties: KMSAliasRelProperties = KMSAliasRelProperties()
+
+
+@dataclass(frozen=True)
+class KMSAliasSchema(CartographyNodeSchema):
+    """
+    Schema for AWS KMS Alias
+    """
+
+    label: str = "KMSAlias"
+    properties: KMSAliasNodeProperties = KMSAliasNodeProperties()
+    sub_resource_relationship: KMSAliasToAWSAccountRel = KMSAliasToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            KMSAliasToKMSKeyRel(),
+        ],
+    )

cartography/models/aws/kms/grants.py

@@ -0,0 +1,65 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class KMSGrantNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("GrantId")
+    grant_id: PropertyRef = PropertyRef("GrantId", extra_index=True)
+    name: PropertyRef = PropertyRef("Name")
+    grantee_principal: PropertyRef = PropertyRef("GranteePrincipal")
+    creation_date: PropertyRef = PropertyRef("CreationDate")
+    key_id: PropertyRef = PropertyRef("KeyId")
+    issuing_account: PropertyRef = PropertyRef("IssuingAccount")
+    operations: PropertyRef = PropertyRef("Operations")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KMSGrantRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KMSGrantToKMSKeyRel(CartographyRelSchema):
+    target_node_label: str = "KMSKey"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"arn": PropertyRef("KeyId")}
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "APPLIED_ON"
+    properties: KMSGrantRelProperties = KMSGrantRelProperties()
+
+
+@dataclass(frozen=True)
+class KMSGrantToAWSAccountRel(CartographyRelSchema):
+    """
+    Relationship between KMSGrant and AWS Account
+    """
+
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: KMSGrantRelProperties = KMSGrantRelProperties()
+
+
+@dataclass(frozen=True)
+class KMSGrantSchema(CartographyNodeSchema):
+    label: str = "KMSGrant"
+    properties: KMSGrantNodeProperties = KMSGrantNodeProperties()
+    sub_resource_relationship: KMSGrantToAWSAccountRel = KMSGrantToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [KMSGrantToKMSKeyRel()]
+    )

cartography/models/aws/kms/keys.py

@@ -0,0 +1,88 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class KMSKeyNodeProperties(CartographyNodeProperties):
+    """
+    Properties for AWS KMS Key
+    """
+
+    id: PropertyRef = PropertyRef("KeyId")
+    arn: PropertyRef = PropertyRef("Arn", extra_index=True)
+    key_id: PropertyRef = PropertyRef("KeyId", extra_index=True)
+    description: PropertyRef = PropertyRef("Description")
+
+    # Key configuration properties
+    enabled: PropertyRef = PropertyRef("Enabled")
+    key_state: PropertyRef = PropertyRef("KeyState")
+    key_usage: PropertyRef = PropertyRef("KeyUsage")
+    key_manager: PropertyRef = PropertyRef("KeyManager")
+    origin: PropertyRef = PropertyRef("Origin")
+
+    # Date properties (will be converted to epoch timestamps)
+    creation_date: PropertyRef = PropertyRef("CreationDate")
+    deletion_date: PropertyRef = PropertyRef("DeletionDate")
+    valid_to: PropertyRef = PropertyRef("ValidTo")
+
+    # Key store properties
+    custom_key_store_id: PropertyRef = PropertyRef("CustomKeyStoreId")
+    cloud_hsm_cluster_id: PropertyRef = PropertyRef("CloudHsmClusterId")
+    expiration_model: PropertyRef = PropertyRef("ExpirationModel")
+
+    # Key spec and algorithms
+    customer_master_key_spec: PropertyRef = PropertyRef("CustomerMasterKeySpec")
+    encryption_algorithms: PropertyRef = PropertyRef("EncryptionAlgorithms")
+    signing_algorithms: PropertyRef = PropertyRef("SigningAlgorithms")
+
+    # Policy analysis properties
+    anonymous_access: PropertyRef = PropertyRef("anonymous_access")
+    anonymous_actions: PropertyRef = PropertyRef("anonymous_actions")
+
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KMSKeyRelProperties(CartographyRelProperties):
+    """
+    Properties for relationships between KMSKey and other nodes
+    """
+
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KMSKeyToAWSAccountRel(CartographyRelSchema):
+    """
+    Relationship between KMSKey and AWS Account
+    """
+
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: KMSKeyRelProperties = KMSKeyRelProperties()
+
+
+@dataclass(frozen=True)
+class KMSKeySchema(CartographyNodeSchema):
+    """
+    Schema for AWS KMS Key
+    """
+
+    label: str = "KMSKey"
+    properties: KMSKeyNodeProperties = KMSKeyNodeProperties()
+    sub_resource_relationship: KMSKeyToAWSAccountRel = KMSKeyToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships([])

cartography/models/aws/lambda_function/alias.py

@@ -0,0 +1,74 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSLambdaFunctionAliasNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("AliasArn")
+    arn: PropertyRef = PropertyRef("AliasArn", extra_index=True)
+    aliasname: PropertyRef = PropertyRef("Name")
+    functionversion: PropertyRef = PropertyRef("FunctionVersion")
+    description: PropertyRef = PropertyRef("Description")
+    revisionid: PropertyRef = PropertyRef("RevisionId")
+    functionarn: PropertyRef = PropertyRef("FunctionArn")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaFunctionAliasToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+# Standard relationship: AWSLambda --[:KNOWN_AS]--> AWSLambdaFunctionAlias
+@dataclass(frozen=True)
+class AWSLambdaToAliasRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaToAliasRel(CartographyRelSchema):
+    target_node_label: str = "AWSLambda"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("FunctionArn")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "KNOWN_AS"
+    properties: AWSLambdaToAliasRelProperties = AWSLambdaToAliasRelProperties()
+
+
+@dataclass(frozen=True)
+class AWSLambdaFunctionAliasToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSLambdaFunctionAliasToAWSAccountRelProperties = (
+        AWSLambdaFunctionAliasToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSLambdaFunctionAliasSchema(CartographyNodeSchema):
+    label: str = "AWSLambdaFunctionAlias"
+    properties: AWSLambdaFunctionAliasNodeProperties = (
+        AWSLambdaFunctionAliasNodeProperties()
+    )
+    sub_resource_relationship: AWSLambdaFunctionAliasToAWSAccountRel = (
+        AWSLambdaFunctionAliasToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            AWSLambdaToAliasRel(),
+        ]
+    )

cartography/models/aws/lambda_function/event_source_mapping.py

@@ -0,0 +1,88 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSLambdaEventSourceMappingNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("UUID")
+    batchsize: PropertyRef = PropertyRef("BatchSize")
+    startingposition: PropertyRef = PropertyRef("StartingPosition")
+    startingpositiontimestamp: PropertyRef = PropertyRef("StartingPositionTimestamp")
+    parallelizationfactor: PropertyRef = PropertyRef("ParallelizationFactor")
+    maximumbatchingwindowinseconds: PropertyRef = PropertyRef(
+        "MaximumBatchingWindowInSeconds"
+    )
+    eventsourcearn: PropertyRef = PropertyRef("EventSourceArn")
+    lastmodified: PropertyRef = PropertyRef("LastModified")
+    lastprocessingresult: PropertyRef = PropertyRef("LastProcessingResult")
+    state: PropertyRef = PropertyRef("State")
+    maximumrecordage: PropertyRef = PropertyRef("MaximumRecordAgeInSeconds")
+    bisectbatchonfunctionerror: PropertyRef = PropertyRef("BisectBatchOnFunctionError")
+    maximumretryattempts: PropertyRef = PropertyRef("MaximumRetryAttempts")
+    tumblingwindowinseconds: PropertyRef = PropertyRef("TumblingWindowInSeconds")
+    functionarn: PropertyRef = PropertyRef("FunctionArn")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+# (:AWSLambda)-[:RESOURCE]->(:AWSLambdaEventSourceMapping)
+# Note:The RESOURCE rel here is not the same as sub-resource relationship. Should rename eventually
+@dataclass(frozen=True)
+class AWSLambdaToEventSourceMappingRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaToEventSourceMappingRel(CartographyRelSchema):
+    target_node_label: str = "AWSLambda"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("FunctionArn")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSLambdaToEventSourceMappingRelProperties = (
+        AWSLambdaToEventSourceMappingRelProperties()
+    )
+
+
+# Sub-resource relationship: (:AWSAccount)-[:RESOURCE]->(:AWSLambdaEventSourceMapping)
+@dataclass(frozen=True)
+class AWSLambdaEventSourceMappingToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaEventSourceMappingToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSLambdaEventSourceMappingToAWSAccountRelProperties = (
+        AWSLambdaEventSourceMappingToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSLambdaEventSourceMappingSchema(CartographyNodeSchema):
+    label: str = "AWSLambdaEventSourceMapping"
+    properties: AWSLambdaEventSourceMappingNodeProperties = (
+        AWSLambdaEventSourceMappingNodeProperties()
+    )
+    sub_resource_relationship: AWSLambdaEventSourceMappingToAWSAccountRel = (
+        AWSLambdaEventSourceMappingToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            AWSLambdaToEventSourceMappingRel(),
+        ]
+    )

cartography/models/aws/lambda_function/lambda_function.py

@@ -0,0 +1,89 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSLambdaNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("FunctionArn")
+    arn: PropertyRef = PropertyRef("FunctionArn", extra_index=True)
+    name: PropertyRef = PropertyRef("FunctionName")
+    modifieddate: PropertyRef = PropertyRef("LastModified")
+    runtime: PropertyRef = PropertyRef("Runtime")
+    description: PropertyRef = PropertyRef("Description")
+    timeout: PropertyRef = PropertyRef("Timeout")
+    memory: PropertyRef = PropertyRef("MemorySize")
+    codesize: PropertyRef = PropertyRef("CodeSize")
+    handler: PropertyRef = PropertyRef("Handler")
+    version: PropertyRef = PropertyRef("Version")
+    tracingconfigmode: PropertyRef = PropertyRef("TracingConfigMode")
+    revisionid: PropertyRef = PropertyRef("RevisionId")
+    state: PropertyRef = PropertyRef("State")
+    statereason: PropertyRef = PropertyRef("StateReason")
+    statereasoncode: PropertyRef = PropertyRef("StateReasonCode")
+    lastupdatestatus: PropertyRef = PropertyRef("LastUpdateStatus")
+    lastupdatestatusreason: PropertyRef = PropertyRef("LastUpdateStatusReason")
+    lastupdatestatusreasoncode: PropertyRef = PropertyRef("LastUpdateStatusReasonCode")
+    packagetype: PropertyRef = PropertyRef("PackageType")
+    signingprofileversionarn: PropertyRef = PropertyRef("SigningProfileVersionArn")
+    signingjobarn: PropertyRef = PropertyRef("SigningJobArn")
+    codesha256: PropertyRef = PropertyRef("CodeSha256")
+    architectures: PropertyRef = PropertyRef("Architectures")
+    masterarn: PropertyRef = PropertyRef("MasterArn")
+    kmskeyarn: PropertyRef = PropertyRef("KMSKeyArn")
+    region: PropertyRef = PropertyRef("Region", set_in_kwargs=True)
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSLambdaToAWSAccountRelProperties = (
+        AWSLambdaToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSLambdaToPrincipalRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaToPrincipalRel(CartographyRelSchema):
+    target_node_label: str = "AWSPrincipal"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"arn": PropertyRef("Role")},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "STS_ASSUMEROLE_ALLOW"
+    properties: AWSLambdaToPrincipalRelProperties = AWSLambdaToPrincipalRelProperties()
+
+
+@dataclass(frozen=True)
+class AWSLambdaSchema(CartographyNodeSchema):
+    label: str = "AWSLambda"
+    properties: AWSLambdaNodeProperties = AWSLambdaNodeProperties()
+    sub_resource_relationship: AWSLambdaToAWSAccountRel = AWSLambdaToAWSAccountRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            AWSLambdaToPrincipalRel(),
+        ],
+    )

cartography/models/aws/lambda_function/layer.py

@@ -0,0 +1,72 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class AWSLambdaLayerNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("Arn")
+    arn: PropertyRef = PropertyRef("Arn")
+    codesize: PropertyRef = PropertyRef("CodeSize")
+    signingprofileversionarn: PropertyRef = PropertyRef("SigningProfileVersionArn")
+    signingjobarn: PropertyRef = PropertyRef("SigningJobArn")
+    functionarn: PropertyRef = PropertyRef("FunctionArn")
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+# (:AWSLambda)-[:HAS]->(:AWSLambdaLayer)
+@dataclass(frozen=True)
+class AWSLambdaToLayerRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaToLayerRel(CartographyRelSchema):
+    target_node_label: str = "AWSLambda"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("FunctionArn")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "HAS"
+    properties: AWSLambdaToLayerRelProperties = AWSLambdaToLayerRelProperties()
+
+
+# (:AWSAccount)-[:RESOURCE]->(:AWSLambdaLayer)
+@dataclass(frozen=True)
+class AWSLambdaLayerToAWSAccountRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("lastupdated", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class AWSLambdaLayerToAWSAccountRel(CartographyRelSchema):
+    target_node_label: str = "AWSAccount"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("AWS_ID", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: AWSLambdaLayerToAWSAccountRelProperties = (
+        AWSLambdaLayerToAWSAccountRelProperties()
+    )
+
+
+@dataclass(frozen=True)
+class AWSLambdaLayerSchema(CartographyNodeSchema):
+    label: str = "AWSLambdaLayer"
+    properties: AWSLambdaLayerNodeProperties = AWSLambdaLayerNodeProperties()
+    sub_resource_relationship: AWSLambdaLayerToAWSAccountRel = (
+        AWSLambdaLayerToAWSAccountRel()
+    )
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            AWSLambdaToLayerRel(),
+        ]
+    )