cartography 0.110.0rc2__py3-none-any.whl → 0.111.0__py3-none-any.whl

cartography/models/keycloak/realm.py

@@ -0,0 +1,173 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+
+
+@dataclass(frozen=True)
+class KeycloakRealmNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    # We need to index realm name as Keycloak use this slug instead of ID in all queries
+    name: PropertyRef = PropertyRef("realm", extra_index=True)
+    display_name: PropertyRef = PropertyRef("displayName")
+    enabled: PropertyRef = PropertyRef("enabled")
+    not_before: PropertyRef = PropertyRef("notBefore")
+    default_signature_algorithm: PropertyRef = PropertyRef("defaultSignatureAlgorithm")
+    revoke_refresh_token: PropertyRef = PropertyRef("revokeRefreshToken")
+    refresh_token_max_reuse: PropertyRef = PropertyRef("refreshTokenMaxReuse")
+    access_token_lifespan: PropertyRef = PropertyRef("accessTokenLifespan")
+    access_token_lifespan_for_implicit_flow: PropertyRef = PropertyRef(
+        "accessTokenLifespanForImplicitFlow"
+    )
+    sso_session_idle_timeout: PropertyRef = PropertyRef("ssoSessionIdleTimeout")
+    sso_session_max_lifespan: PropertyRef = PropertyRef("ssoSessionMaxLifespan")
+    sso_session_idle_timeout_remember_me: PropertyRef = PropertyRef(
+        "ssoSessionIdleTimeoutRememberMe"
+    )
+    sso_session_max_lifespan_remember_me: PropertyRef = PropertyRef(
+        "ssoSessionMaxLifespanRememberMe"
+    )
+    offline_session_idle_timeout: PropertyRef = PropertyRef("offlineSessionIdleTimeout")
+    offline_session_max_lifespan_enabled: PropertyRef = PropertyRef(
+        "offlineSessionMaxLifespanEnabled"
+    )
+    offline_session_max_lifespan: PropertyRef = PropertyRef("offlineSessionMaxLifespan")
+    client_session_idle_timeout: PropertyRef = PropertyRef("clientSessionIdleTimeout")
+    client_session_max_lifespan: PropertyRef = PropertyRef("clientSessionMaxLifespan")
+    client_offline_session_idle_timeout: PropertyRef = PropertyRef(
+        "clientOfflineSessionIdleTimeout"
+    )
+    client_offline_session_max_lifespan: PropertyRef = PropertyRef(
+        "clientOfflineSessionMaxLifespan"
+    )
+    access_code_lifespan: PropertyRef = PropertyRef("accessCodeLifespan")
+    access_code_lifespan_user_action: PropertyRef = PropertyRef(
+        "accessCodeLifespanUserAction"
+    )
+    access_code_lifespan_login: PropertyRef = PropertyRef("accessCodeLifespanLogin")
+    action_token_generated_by_admin_lifespan: PropertyRef = PropertyRef(
+        "actionTokenGeneratedByAdminLifespan"
+    )
+    action_token_generated_by_user_lifespan: PropertyRef = PropertyRef(
+        "actionTokenGeneratedByUserLifespan"
+    )
+    oauth2_device_code_lifespan: PropertyRef = PropertyRef("oauth2DeviceCodeLifespan")
+    oauth2_device_polling_interval: PropertyRef = PropertyRef(
+        "oauth2DevicePollingInterval"
+    )
+    ssl_required: PropertyRef = PropertyRef("sslRequired")
+    password_credential_grant_allowed: PropertyRef = PropertyRef(
+        "passwordCredentialGrantAllowed"
+    )
+    registration_allowed: PropertyRef = PropertyRef("registrationAllowed")
+    registration_email_as_username: PropertyRef = PropertyRef(
+        "registrationEmailAsUsername"
+    )
+    remember_me: PropertyRef = PropertyRef("rememberMe")
+    verify_email: PropertyRef = PropertyRef("verifyEmail")
+    login_with_email_allowed: PropertyRef = PropertyRef("loginWithEmailAllowed")
+    duplicate_emails_allowed: PropertyRef = PropertyRef("duplicateEmailsAllowed")
+    reset_password_allowed: PropertyRef = PropertyRef("resetPasswordAllowed")
+    edit_username_allowed: PropertyRef = PropertyRef("editUsernameAllowed")
+    user_cache_enabled: PropertyRef = PropertyRef("userCacheEnabled")
+    realm_cache_enabled: PropertyRef = PropertyRef("realmCacheEnabled")
+    brute_force_protected: PropertyRef = PropertyRef("bruteForceProtected")
+    permanent_lockout: PropertyRef = PropertyRef("permanentLockout")
+    max_temporary_lockouts: PropertyRef = PropertyRef("maxTemporaryLockouts")
+    max_failure_wait_seconds: PropertyRef = PropertyRef("maxFailureWaitSeconds")
+    minimum_quick_login_wait_seconds: PropertyRef = PropertyRef(
+        "minimumQuickLoginWaitSeconds"
+    )
+    wait_increment_seconds: PropertyRef = PropertyRef("waitIncrementSeconds")
+    quick_login_check_milli_seconds: PropertyRef = PropertyRef(
+        "quickLoginCheckMilliSeconds"
+    )
+    max_delta_time_seconds: PropertyRef = PropertyRef("maxDeltaTimeSeconds")
+    failure_factor: PropertyRef = PropertyRef("failureFactor")
+    events_enabled: PropertyRef = PropertyRef("eventsEnabled")
+    events_expiration: PropertyRef = PropertyRef("eventsExpiration")
+    admin_events_enabled: PropertyRef = PropertyRef("adminEventsEnabled")
+    admin_events_details_enabled: PropertyRef = PropertyRef("adminEventsDetailsEnabled")
+    internationalization_enabled: PropertyRef = PropertyRef(
+        "internationalizationEnabled"
+    )
+    default_locale: PropertyRef = PropertyRef("defaultLocale")
+    password_policy: PropertyRef = PropertyRef("passwordPolicy")
+    otp_policy_type: PropertyRef = PropertyRef("otpPolicyType")
+    otp_policy_algorithm: PropertyRef = PropertyRef("otpPolicyAlgorithm")
+    otp_policy_initial_counter: PropertyRef = PropertyRef("otpPolicyInitialCounter")
+    otp_policy_digits: PropertyRef = PropertyRef("otpPolicyDigits")
+    otp_policy_look_ahead_window: PropertyRef = PropertyRef("otpPolicyLookAheadWindow")
+    otp_policy_period: PropertyRef = PropertyRef("otpPolicyPeriod")
+    otp_policy_code_reusable: PropertyRef = PropertyRef("otpPolicyCodeReusable")
+    web_authn_policy_rp_entity_name: PropertyRef = PropertyRef(
+        "webAuthnPolicyRpEntityName"
+    )
+    web_authn_policy_rp_id: PropertyRef = PropertyRef("webAuthnPolicyRpId")
+    web_authn_policy_attestation_conveyance_preference: PropertyRef = PropertyRef(
+        "webAuthnPolicyAttestationConveyancePreference"
+    )
+    web_authn_policy_authenticator_attachment: PropertyRef = PropertyRef(
+        "webAuthnPolicyAuthenticatorAttachment"
+    )
+    web_authn_policy_require_resident_key: PropertyRef = PropertyRef(
+        "webAuthnPolicyRequireResidentKey"
+    )
+    web_authn_policy_user_verification_requirement: PropertyRef = PropertyRef(
+        "webAuthnPolicyUserVerificationRequirement"
+    )
+    web_authn_policy_create_timeout: PropertyRef = PropertyRef(
+        "webAuthnPolicyCreateTimeout"
+    )
+    web_authn_policy_avoid_same_authenticator_register: PropertyRef = PropertyRef(
+        "webAuthnPolicyAvoidSameAuthenticatorRegister"
+    )
+    web_authn_policy_passwordless_rp_entity_name: PropertyRef = PropertyRef(
+        "webAuthnPolicyPasswordlessRpEntityName"
+    )
+    web_authn_policy_passwordless_rp_id: PropertyRef = PropertyRef(
+        "webAuthnPolicyPasswordlessRpId"
+    )
+    web_authn_policy_passwordless_attestation_conveyance_preference: PropertyRef = (
+        PropertyRef("webAuthnPolicyPasswordlessAttestationConveyancePreference")
+    )
+    web_authn_policy_passwordless_authenticator_attachment: PropertyRef = PropertyRef(
+        "webAuthnPolicyPasswordlessAuthenticatorAttachment"
+    )
+    web_authn_policy_passwordless_require_resident_key: PropertyRef = PropertyRef(
+        "webAuthnPolicyPasswordlessRequireResidentKey"
+    )
+    web_authn_policy_passwordless_user_verification_requirement: PropertyRef = (
+        PropertyRef("webAuthnPolicyPasswordlessUserVerificationRequirement")
+    )
+    web_authn_policy_passwordless_create_timeout: PropertyRef = PropertyRef(
+        "webAuthnPolicyPasswordlessCreateTimeout"
+    )
+    web_authn_policy_passwordless_avoid_same_authenticator_register: PropertyRef = (
+        PropertyRef("webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister")
+    )
+    keycloak_version: PropertyRef = PropertyRef("keycloakVersion")
+    user_managed_access_allowed: PropertyRef = PropertyRef("userManagedAccessAllowed")
+    organizations_enabled: PropertyRef = PropertyRef("organizationsEnabled")
+    verifiable_credentials_enabled: PropertyRef = PropertyRef(
+        "verifiableCredentialsEnabled"
+    )
+    admin_permissions_enabled: PropertyRef = PropertyRef("adminPermissionsEnabled")
+    social: PropertyRef = PropertyRef("social")
+    update_profile_on_initial_social_login: PropertyRef = PropertyRef(
+        "updateProfileOnInitialSocialLogin"
+    )
+    o_auth2_device_code_lifespan: PropertyRef = PropertyRef("oAuth2DeviceCodeLifespan")
+    o_auth2_device_polling_interval: PropertyRef = PropertyRef(
+        "oAuth2DevicePollingInterval"
+    )
+    bruteForceStrategy: PropertyRef = PropertyRef("bruteForceStrategy")
+    default_role_id: PropertyRef = PropertyRef("defaultRole.id")
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KeycloakRealmSchema(CartographyNodeSchema):
+    label: str = "KeycloakRealm"
+    properties: KeycloakRealmNodeProperties = KeycloakRealmNodeProperties()

cartography/models/keycloak/role.py

@@ -0,0 +1,126 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class KeycloakRoleNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    name: PropertyRef = PropertyRef("name", extra_index=True)
+    description: PropertyRef = PropertyRef("description")
+    scope_param_required: PropertyRef = PropertyRef("scopeParamRequired")
+    composite: PropertyRef = PropertyRef("composite")
+    client_role: PropertyRef = PropertyRef("clientRole")
+    container_id: PropertyRef = PropertyRef("containerId")
+    # We need to store the realm name because role are often referenced by name
+    # and not by id, so we need to be able to find the role by name (that is not unique across realms)
+    realm: PropertyRef = PropertyRef("REALM", set_in_kwargs=True, extra_index=True)
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KeycloakRoleToRealmRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakRole)<-[:RESOURCE]-(:KeycloakRealm)
+class KeycloakRoleToRealmRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakRealm"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"name": PropertyRef("REALM", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: KeycloakRoleToRealmRelProperties = KeycloakRoleToRealmRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakRoleToClientRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakRole)<-[:DEFINES]->(:KeycloakClient)
+class KeycloakRoleToClientRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakClient"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("containerId")},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "DEFINES"
+    properties: KeycloakRoleToClientRelProperties = KeycloakRoleToClientRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakRoleToRoleRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakRole)-[:INCLUDES]->(:KeycloakRole)
+class KeycloakRoleToRoleRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakRole"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("_composite_roles", one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "INCLUDES"
+    properties: KeycloakRoleToRoleRelProperties = KeycloakRoleToRoleRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakRoleToScopeRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakRole)-[:GRANTS]->(:KeycloakScope)
+class KeycloakRoleToScopeRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakScope"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("_scope_ids", one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.OUTWARD
+    rel_label: str = "GRANTS"
+    properties: KeycloakRoleToScopeRelProperties = KeycloakRoleToScopeRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakRoleToUserRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakRole)<-[:ASSUME_ROLE]-(:KeycloakUser)
+class KeycloakRoleToUserRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakUser"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("_direct_members", one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "ASSUME_ROLE"
+    properties: KeycloakRoleToUserRelProperties = KeycloakRoleToUserRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakRoleSchema(CartographyNodeSchema):
+    label: str = "KeycloakRole"
+    properties: KeycloakRoleNodeProperties = KeycloakRoleNodeProperties()
+    sub_resource_relationship: KeycloakRoleToRealmRel = KeycloakRoleToRealmRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [
+            KeycloakRoleToClientRel(),
+            KeycloakRoleToRoleRel(),
+            KeycloakRoleToScopeRel(),
+            KeycloakRoleToUserRel(),
+        ],
+    )

cartography/models/keycloak/scope.py

@@ -0,0 +1,73 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import OtherRelationships
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class KeycloakScopeNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    name: PropertyRef = PropertyRef("name", extra_index=True)
+    description: PropertyRef = PropertyRef("description")
+    protocol: PropertyRef = PropertyRef("protocol")
+    include_in_token_scope: PropertyRef = PropertyRef(
+        "attributes.include.in.token.scope",
+    )
+    display_on_consent_screen: PropertyRef = PropertyRef(
+        "attributes.display.on.consent.screen",
+    )
+    # We need to store the realm name because scope are often referenced by name
+    # and not by id, so we need to be able to find the scope by name (that is not unique across realms)
+    realm: PropertyRef = PropertyRef("REALM", set_in_kwargs=True, extra_index=True)
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KeycloakScopeToRealmRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakScope)<-[:RESOURCE]-(:KeycloakRealm)
+class KeycloakScopeToRealmRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakRealm"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"name": PropertyRef("REALM", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: KeycloakScopeToRealmRelProperties = KeycloakScopeToRealmRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakScopeToRoleRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakScope)<-[:GRANTS]-(:KeycloakRole)
+class KeycloakScopeToRoleRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakRole"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"id": PropertyRef("_role_ids", one_to_many=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "GRANTS"
+    properties: KeycloakScopeToRoleRelProperties = KeycloakScopeToRoleRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakScopeSchema(CartographyNodeSchema):
+    label: str = "KeycloakScope"
+    properties: KeycloakScopeNodeProperties = KeycloakScopeNodeProperties()
+    sub_resource_relationship: KeycloakScopeToRealmRel = KeycloakScopeToRealmRel()
+    other_relationships: OtherRelationships = OtherRelationships(
+        [KeycloakScopeToRoleRel()],
+    )

cartography/models/keycloak/user.py

@@ -0,0 +1,51 @@
+from dataclasses import dataclass
+
+from cartography.models.core.common import PropertyRef
+from cartography.models.core.nodes import CartographyNodeProperties
+from cartography.models.core.nodes import CartographyNodeSchema
+from cartography.models.core.relationships import CartographyRelProperties
+from cartography.models.core.relationships import CartographyRelSchema
+from cartography.models.core.relationships import LinkDirection
+from cartography.models.core.relationships import make_target_node_matcher
+from cartography.models.core.relationships import TargetNodeMatcher
+
+
+@dataclass(frozen=True)
+class KeycloakUserNodeProperties(CartographyNodeProperties):
+    id: PropertyRef = PropertyRef("id")
+    username: PropertyRef = PropertyRef("username")
+    first_name: PropertyRef = PropertyRef("firstName")
+    last_name: PropertyRef = PropertyRef("lastName")
+    email: PropertyRef = PropertyRef("email")
+    email_verified: PropertyRef = PropertyRef("emailVerified")
+    origin: PropertyRef = PropertyRef("origin")
+    created_timestamp: PropertyRef = PropertyRef("createdTimestamp")
+    enabled: PropertyRef = PropertyRef("enabled")
+    totp: PropertyRef = PropertyRef("totp")
+    service_account_client_id: PropertyRef = PropertyRef("serviceAccountClientId")
+    not_before: PropertyRef = PropertyRef("notBefore")
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+class KeycloakUserToRealmRelProperties(CartographyRelProperties):
+    lastupdated: PropertyRef = PropertyRef("LASTUPDATED", set_in_kwargs=True)
+
+
+@dataclass(frozen=True)
+# (:KeycloakUser)<-[:RESOURCE]-(:KeycloakRealm)
+class KeycloakUserToRealmRel(CartographyRelSchema):
+    target_node_label: str = "KeycloakRealm"
+    target_node_matcher: TargetNodeMatcher = make_target_node_matcher(
+        {"name": PropertyRef("REALM", set_in_kwargs=True)},
+    )
+    direction: LinkDirection = LinkDirection.INWARD
+    rel_label: str = "RESOURCE"
+    properties: KeycloakUserToRealmRelProperties = KeycloakUserToRealmRelProperties()
+
+
+@dataclass(frozen=True)
+class KeycloakUserSchema(CartographyNodeSchema):
+    label: str = "KeycloakUser"
+    properties: KeycloakUserNodeProperties = KeycloakUserNodeProperties()
+    sub_resource_relationship: KeycloakUserToRealmRel = KeycloakUserToRealmRel()

cartography/models/tailscale/device.py

@@ -28,6 +28,7 @@ class TailscaleDeviceNodeProperties(CartographyNodeProperties):
     authorized: PropertyRef = PropertyRef("authorized")
     is_external: PropertyRef = PropertyRef("isExternal")
     node_key: PropertyRef = PropertyRef("nodeKey")
+    addresses: PropertyRef = PropertyRef("addresses")
     blocks_incoming_connections: PropertyRef = PropertyRef("blocksIncomingConnections")
     client_connectivity_endpoints: PropertyRef = PropertyRef(
         "clientConnectivity.endpoints"

cartography/sync.py

@@ -31,6 +31,7 @@ import cartography.intel.github
 import cartography.intel.gsuite
 import cartography.intel.jamf
 import cartography.intel.kandji
+import cartography.intel.keycloak
 import cartography.intel.kubernetes
 import cartography.intel.lastpass
 import cartography.intel.oci
@@ -70,6 +71,7 @@ TOP_LEVEL_MODULES = OrderedDict(
         "github": cartography.intel.github.start_github_ingestion,
         "digitalocean": cartography.intel.digitalocean.start_digitalocean_ingestion,
         "kandji": cartography.intel.kandji.start_kandji_ingestion,
+        "keycloak": cartography.intel.keycloak.start_keycloak_ingestion,
         "kubernetes": cartography.intel.kubernetes.start_k8s_ingestion,
         "lastpass": cartography.intel.lastpass.start_lastpass_ingestion,
         "bigfix": cartography.intel.bigfix.start_bigfix_ingestion,

cartography/util.py

@@ -25,6 +25,7 @@ import backoff
 import boto3
 import botocore
 import neo4j
+from botocore.exceptions import EndpointConnectionError
 
 from cartography.graph.job import GraphJob
 from cartography.graph.statement import get_job_shortname
@@ -309,6 +310,13 @@ def aws_handle_regions(func: AWSGetFunc) -> AWSGetFunc:
                 return []
             else:
                 raise
+        except EndpointConnectionError:
+            logger.warning(
+                "Encountered an EndpointConnectionError. This means that the AWS "
+                "resource is not available in this region. Skipping.",
+                exc_info=True,
+            )
+            return []
 
     return cast(AWSGetFunc, inner_function)
 

{cartography-0.110.0rc2.dist-info → cartography-0.111.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cartography
-Version: 0.110.0rc2
+Version: 0.111.0
 Summary: Explore assets and their relationships across your technical infrastructure.
 Maintainer: Cartography Contributors
 License: apache2
@@ -93,6 +93,7 @@ You can learn more about the story behind Cartography in our [presentation at BS
 - [Google Cloud Platform](https://cartography-cncf.github.io/cartography/modules/gcp/index.html) - Cloud Resource Manager, Compute, DNS, Storage, Google Kubernetes Engine
 - [Google GSuite](https://cartography-cncf.github.io/cartography/modules/gsuite/index.html) - users, groups
 - [Kandji](https://cartography-cncf.github.io/cartography/modules/kandji/index.html) - Devices
+- [Keycloak](https://cartography-cncf.github.io/cartography/modules/keycloak/index.html) - Realms, Users, Groups, Roles, Scopes, Clients, IdentityProviders, Authentication Flows, Authentication Executions, Organizations, Organization Domains
 - [Kubernetes](https://cartography-cncf.github.io/cartography/modules/kubernetes/index.html) - Cluster, Namespace, Service, Pod, Container, ServiceAccount, Role, RoleBinding, ClusterRole, ClusterRoleBinding
 - [Lastpass](https://cartography-cncf.github.io/cartography/modules/lastpass/index.html) - users
 - [Microsoft Azure](https://cartography-cncf.github.io/cartography/modules/azure/index.html) -  CosmosDB, SQL, Storage, Virtual Machine